041f79eb438265c3a9c43c07138e0b3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

041f79eb438265c3a9c43c07138e0b3f_JaffaCakes118
Size

8.5MB
MD5

041f79eb438265c3a9c43c07138e0b3f
SHA1

24498df100780b3657066757ddb4ae11f2c9bef1
SHA256

77b02f1b72be8f6223efee61089d98af67a5f39713d30fa65e8dd70f15fd0ca5
SHA512

7eed36a4e2647b33fdfad43fc02c65c205abb834759347e38fbc6691705872722fb39c3eb80a0f6dce9c29305f4da402387b49fd3267114b426d3efa6966e818
SSDEEP

196608:RFGSckvk7ZKLdZIksJXMu+ML5SxcsctOaMks:RFG1ZwLdHsmu+MkxKtObr

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/DefCamSetup.dll
unpack001/$PLUGINSDIR/GGExit.exe
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/Dance/ChatRoom/VcrMediaLib.dll
unpack001/Dance/MFC71u.dll
unpack001/Dance/Player/MFC71u.dll
unpack001/Dance/Player/gdiplus.dll
unpack001/Dance/Player/msvcp71.dll
unpack001/Dance/Player/msvcr71.dll
unpack001/Dance/gdiplus.dll
unpack001/Dance/msvcp71.dll
unpack001/Dance/msvcr71.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

041f79eb438265c3a9c43c07138e0b3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

5d:61:f5:2f:87:19:c8:13:24:48:b0:b6:97:4d:c6:3b:84:01:58:bd
Signer

Actual PE Digest

5d:61:f5:2f:87:19:c8:13:24:48:b0:b6:97:4d:c6:3b:84:01:58:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/DefCamSetup-English.ini
$PLUGINSDIR/DefCamSetup-Simpchinese.ini
$PLUGINSDIR/DefCamSetup-Tradchinese.ini
$PLUGINSDIR/DefCamSetup.dll
.dll windows:4 windows x86 arch:x86

0843fc35a546e4ff989f2c0b0f345e69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringA
FreeResource
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
lstrlenA
DeviceIoControl
GetFileAttributesA
GetProcAddress
LoadLibraryA
GetVersionExA
SetFileAttributesA
CreateDirectoryA
GetDriveTypeA
GetModuleFileNameA
GetModuleHandleA
ReadFile
WritePrivateProfileStringA
FindFirstFileA
FindNextFileA
FindClose
CloseHandle
FreeLibrary
CompareStringW
CompareStringA
FlushFileBuffers
GetTimeZoneInformation
GetSystemInfo
GetCurrentThreadId
GetLastError
RtlUnwind
ExitProcess
RaiseException
GetCommandLineA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapFree
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
GetCPInfo
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
SetFilePointer
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
GetLocaleInfoA
HeapSize
SetStdHandle
VirtualProtect
SetEnvironmentVariableA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFolderPathA

netapi32

Netbios

Exports

Exports

InitCameraSetup
SetMSNDefaultCamera
SetQQDefaultCamera
SetSinaShowDefaultCamera
SetSinaUCDefaultCamera

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GGExit.exe
.exe windows:4 windows x86 arch:x86

eedec5ce5c99c872622f21ddf098d820

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
OpenProcess
TerminateProcess
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
ExitProcess
GetModuleHandleA
GetStartupInfoW
GetVersionExA
HeapAlloc
HeapFree
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapReAlloc
GetCurrentProcess
HeapSize
WriteFile
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
InterlockedExchange
VirtualQuery
LoadLibraryA
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
GetLocaleInfoA

user32

GetWindowTextW
FindWindowW
IsWindow
GetWindowThreadProcessId
PostMessageW
EnumWindows

psapi

GetProcessImageFileNameW

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

a648aeaa164b592c1e8892a10400b5ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcatA
FindClose
FindNextFileA
MulDiv
GlobalFree
lstrcpynA
GlobalAlloc
lstrcmpiA
FindFirstFileA
lstrcpyA

user32

TranslateMessage
GetMessageA
IsDialogMessageA
PostMessageA
DispatchMessageA
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
CallWindowProcA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Dance/AudioCapture.dll
.dll windows:4 windows x86 arch:x86

762b13b876a54f52c249939b179810a4

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

bb:e8:d0:95:28:df:dd:cc:77:63:c3:a3:92:2c:2d:1c:df:db:f8:16
Signer

Actual PE Digest

bb:e8:d0:95:28:df:dd:cc:77:63:c3:a3:92:2c:2d:1c:df:db:f8:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GetLastError
SetEvent
ResetEvent
WaitForSingleObject
TerminateThread
CloseHandle
SetThreadPriority
CreateThread
CreateEventA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

winmm

waveOutWrite
waveOutGetNumDevs
waveOutOpen
waveOutUnprepareHeader
waveOutReset
waveInGetNumDevs
waveOutPrepareHeader
waveInReset
waveInStop
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInOpen
waveOutClose

msvcr71

__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_except_handler3
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
_purecall

Exports

Exports

CreateAudioCapture
DestroyAudioCapture
SetMainPath

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/AudioCodec1.dll
.dll windows:4 windows x86 arch:x86

f8410c3dce8c223672198bb8cd34c429

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

b4:fd:48:7d:01:bf:d6:d4:38:16:c6:24:56:1a:f7:76:82:14:58:b2
Signer

Actual PE Digest

b4:fd:48:7d:01:bf:d6:d4:38:16:c6:24:56:1a:f7:76:82:14:58:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
LoadLibraryA
HeapSize
FlushFileBuffers
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
CloseHandle
SetStdHandle
VirtualProtect
GetSystemInfo

Exports

Exports

Decode
DecoderClose
DecoderCreate
DecoderInit
Encode
EncoderClose
EncoderCreate
EncoderInit

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/AudioCodec2.dll
.dll windows:4 windows x86 arch:x86

f6b9b7f76f67521152057b9e22b48c89

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

b2:3c:91:c6:83:f4:27:7f:b8:4d:83:77:de:a4:49:9a:95:47:ac:71
Signer

Actual PE Digest

b2:3c:91:c6:83:f4:27:7f:b8:4d:83:77:de:a4:49:9a:95:47:ac:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SVNGuaGua\RtpStack\lame mp3\Lamedll\Release\lameDLL.pdb

Imports

msvcr71

rand
srand
time
memmove
??3@YAXPAX@Z
??2@YAPAXI@Z
_adj_fdiv_r
cos
_adj_fdiv_m64
log10
_adj_fdivr_m64
free
calloc
fclose
pow
_adj_fdiv_m32
malloc
exp
atan
sin
fabs
floor
fflush
vfprintf
_iob
log
sqrt
sprintf
abort
fscanf
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit

Exports

Exports

Decode
DecoderClose
DecoderInit
Encode
EncoderClose
EncoderInit

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/AudioCodec3.dll
.dll windows:4 windows x86 arch:x86

73b8553e8adb7e658ef50d0961c5b298

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:71:b9:64:bd:20:60:f6:fb:84:c5:70:3b:52:7f:bb:18:c5:ec:8c
Signer

Actual PE Digest

0d:71:b9:64:bd:20:60:f6:fb:84:c5:70:3b:52:7f:bb:18:c5:ec:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InterlockedExchange
VirtualQuery
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
VirtualProtect
GetSystemInfo
RaiseException

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ChatHall.exe
.exe windows:4 windows x86 arch:x86

1155bcea1fec2d35bba3d721ec9059e1

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

be:1b:c4:98:ac:cd:5e:80:3d:ab:f9:0d:b8:fa:28:8d:9a:82:ee:82
Signer

Actual PE Digest

be:1b:c4:98:ac:cd:5e:80:3d:ab:f9:0d:b8:fa:28:8d:9a:82:ee:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord2856
ord4480
ord4256
ord1785
ord4119
ord1386
ord6063
ord3922
ord4123
ord2366
ord1894
ord4112
ord4314
ord1176
ord2362
ord5864
ord3985
ord3927
ord3756
ord2121
ord745
ord557
ord1156
ord2651
ord5914
ord655
ord1434
ord4098
ord5966
ord5105
ord421
ord2365
ord1058
ord709
ord501
ord6161
ord1946
ord6140
ord894
ord3928
ord2444
ord1472
ord2893
ord5609
ord5829
ord6232
ord753
ord563
ord1006
ord1939
ord2155
ord1867
ord1871
ord1883
ord1476
ord1873
ord1864
ord3875
ord2261
ord4109
ord860
ord3435
ord4121
ord2918
ord651
ord416
ord5862
ord3873
ord2876
ord2364
ord3869
ord1555
ord5869
ord2860
ord2083
ord1632
ord1562
ord5911
ord1393
ord4232
ord6271
ord5210
ord5196
ord2952
ord3224
ord572
ord658
ord1921
ord1959
ord5851
ord589
ord330
ord6061
ord3635
ord354
ord605
ord6279
ord4574
ord723
ord531
ord1000
ord5455
ord5441
ord1960
ord1765
ord1784
ord730
ord5989
ord5987
ord1636
ord1577
ord2985
ord3298
ord6064
ord2486
ord2013
ord391
ord6173
ord6167
ord5398
ord1182
ord1178
ord3198
ord1920
ord5727
ord2255
ord4117
ord2870
ord3395
ord3995
ord5637
ord502
ord3793
ord1645
ord1589
ord2872
ord3877
ord3674
ord3581
ord754
ord3990
ord896
ord2461
ord1641
ord1585
ord4237
ord2086
ord1582
ord4234
ord2066
ord3666
ord3561
ord5984
ord6087
ord4585
ord4659
ord3345
ord1416
ord4929
ord2254
ord3734
ord4438
ord4437
ord4784
ord4198
ord4775
ord4974
ord4175
ord4770
ord4380
ord4395
ord4393
ord4375
ord4378
ord4373
ord4857
ord5956
ord3968
ord3338
ord1351
ord5170
ord4267
ord732
ord544
ord503
ord5972
ord758
ord567
ord3678
ord3590
ord1719
ord760
ord5710
ord5633
ord3174
ord530
ord722
ord3983
ord2225
ord4347
ord1192
ord1115
ord6002
ord5712
ord5711
ord5442
ord899
ord4126
ord1999
ord1293
ord4125
ord4668
ord4955
ord4501
ord4940
ord4643
ord4958
ord5047
ord4799
ord4704
ord4790
ord4371
ord4370
ord4788
ord4942
ord4510
ord4965
ord4474
ord4523
ord4964
ord4840
ord4495
ord4362
ord4433
ord5043
ord4553
ord4914
ord4513
ord4383
ord4165
ord4172
ord4581
ord5910
ord1610
ord5202
ord1553
ord2711
ord4358
ord4667
ord2413
ord2414
ord2415
ord2412
ord2411
ord3644
ord3471
ord4957
ord4281
ord410
ord648
ord4337
ord5147
ord4514
ord4194
ord2797
ord4879
ord4094
ord2085
ord3238
ord1274
ord4656
ord1220
ord2229
ord5272
ord3752
ord2713
ord2622
ord2368
ord5648
ord1087
ord3417
ord2077
ord1536
ord4226
ord587
ord6251
ord2252
ord1588
ord6044
ord777
ord3570
ord741
ord4755
ord3448
ord3157
ord620
ord5981
ord3497
ord2932
ord2340
ord3249
ord1571
ord5327
ord6293
ord5316
ord6282
ord3424
ord1922
ord1474
ord4092
ord1538
ord4228
ord591
ord6116
ord4882
ord3670
ord3577
ord748
ord3645
ord3483
ord2788
ord3396
ord2867
ord5742
ord2489
ord3482
ord1388
ord6262
ord1924
ord1475
ord4093
ord1561
ord4231
ord657
ord3400
ord3508
ord1027
ord5337
ord2297
ord1172
ord2250
ord5485
ord3043
ord3545
ord1634
ord1572
ord715
ord3133
ord6299
ord5558
ord629
ord584
ord1430
ord1425
ord317
ord5083
ord384
ord326
ord3560
ord1578
ord731
ord2871
ord3467
ord2081
ord1628
ord1549
ord4230
ord642
ord287
ord1202
ord783
ord1154
ord4042
ord4041
ord1591
ord4276
ord4716
ord3397
ord5199
ord4179
ord5067
ord1899
ord5148
ord4238
ord1392
ord3940
ord1608
ord1611
ord5908
ord1542
ord1661
ord1662
ord4884
ord4729
ord4206
ord5178
ord5630
ord347
ord1270
ord602
ord5715
ord5917
ord5397
ord5410
ord5584
ord5519
ord5643
ord5638
ord5723
ord6033
ord5884
ord6053
ord4155
ord6050
ord5604
ord6056
ord5607
ord2521
ord1271
ord3296
ord3155
ord1925
ord3204
ord2361
ord3433
ord2460
ord3824
ord1049
ord1096
ord774
ord2011
ord1118
ord2239
ord310
ord2313
ord2896
ord784
ord4079
ord578
ord6086
ord776
ord1155
ord2311
ord5524
ord1906
ord566
ord293
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562

msvcr71

?terminate@@YAXXZ
_ftime
_wtoi64
swscanf
_wfopen
fputwc
fclose
wcsncmp
wcsstr
swprintf
wcslen
__CxxFrameHandler
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
__dllonexit
_onexit
wcscat
wcscpy
wcsrchr
_waccess
rand
_wcsnicmp
_XcptFilter
_exit
_c_exit
memset
toupper
_mbclen
strncmp
vsprintf
printf
localtime
_endthreadex
_CIpow
isalnum
isspace
sprintf
strstr
strchr
fopen
fread
fseek
_snprintf
wcschr
_purecall
_resetstkoflw
iswdigit
wcscmp
_wtoi
fprintf
fwrite
strncpy
time
srand
wcsncpy
_wcsicmp
_wtol
atoi
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_controlfp
??1type_info@@UAE@XZ
memmove
_itow
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_except_handler3
_beginthreadex
free
malloc

kernel32

GetStartupInfoW
ExitProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleA
GlobalSize
GlobalReAlloc
GlobalFree
GetCurrentThreadId
lstrcatW
WinExec
lstrcpyW
GetWindowsDirectoryW
GetCurrentProcessId
GetModuleFileNameW
GetProcAddress
WideCharToMultiByte
CloseHandle
MapViewOfFile
OpenFileMappingW
OpenProcess
CreateFileMappingW
UnmapViewOfFile
WritePrivateProfileStringW
LoadLibraryW
GetLastError
GetPrivateProfileStringW
FreeLibrary
GetPrivateProfileIntW
CreateProcessW
MultiByteToWideChar
GetFileAttributesW
CreateDirectoryW
Sleep
SetEvent
ResetEvent
WaitForSingleObject
GlobalUnlock
GlobalLock
GlobalAlloc
CreateEventW
SizeofResource
LockResource
LoadResource
FindResourceW
ResumeThread
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetTempPathW
DeleteFileW
GetVersionExA
DeviceIoControl
CreateFileW
GetVersion
ReadFile
GetDriveTypeW
SetFileAttributesW
WriteFile
CreateEventA
lstrlenW
MulDiv

user32

SendMessageW
SetWindowsHookExW
MessageBoxW
GetWindowThreadProcessId
CallNextHookEx
EndPaint
BeginPaint
GetWindowTextW
InvalidateRect
IsWindowVisible
GetClassInfoW
UnregisterHotKey
RegisterHotKey
EnumWindows
DispatchMessageW
TranslateMessage
FindWindowExW
SetWindowRgn
PeekMessageW
ReleaseDC
GetDC
CopyRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
EnableWindow
LoadCursorW
GetParent
PostMessageW
SetTimer
KillTimer
WindowFromPoint
SetLayeredWindowAttributes
MoveWindow
IsWindow
GetCursorPos
GetWindowRect
GetDlgCtrlID
DrawIcon
EnableMenuItem
GetSubMenu
IsIconic
BringWindowToTop
GetClientRect
SetActiveWindow
SetForegroundWindow
GetForegroundWindow
LoadIconW
GetSystemMetrics
DestroyIcon
SetWindowPos
SwitchToThisWindow
SystemParametersInfoW
GetActiveWindow
GetClassNameW
FindWindowW
LoadImageW
LoadBitmapW
SetRect
SetWindowLongW
GetWindowLongW
GetKeyState
GetDesktopWindow
SetParent
GetFocus
PtInRect
InflateRect
IsRectEmpty
ScreenToClient
GetSysColor
SetCapture
FillRect
UnhookWindowsHookEx
CreateMenu
ModifyMenuW
InsertMenuW
LoadMenuW
GetMenuState
RegisterClassW
GetClassInfoExW
CreateWindowExW
SetPropW
CallWindowProcW
GetScrollInfo
RemovePropW
DestroyWindow
IntersectRect
GetPropW
FrameRect
GetWindowInfo
RedrawWindow
GetWindowDC
MessageBeep
GetMessagePos
DestroyCursor
DefWindowProcW
IsWindowEnabled
GetNextDlgGroupItem
EnumChildWindows
GetUpdateRect
GetMenu
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoW
AppendMenuW
CreatePopupMenu
GetMessageW
GetCapture
ShowWindow
UpdateWindow
ClientToScreen
OffsetRect
TrackMouseEvent
SetCursor
ReleaseCapture
GetSysColorBrush

gdi32

GetTextExtentPointW
CreatePatternBrush
OffsetRgn
CreateRectRgn
ExtCreateRegion
CombineRgn
CreateDCW
GdiFlush
ExcludeClipRect
CreateSolidBrush
GetStockObject
GetViewportOrgEx
SetTextColor
SetBkMode
DPtoLP
GetBitmapBits
CreateBitmap
CreateFontW
GetTextExtentPoint32W
CreateFontIndirectW
CreateDIBSection
SetStretchBltMode
StretchDIBits
GetObjectW
StretchBlt
SetDIBColorTable
DeleteDC
GetDeviceCaps
BitBlt
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgnIndirect
CreatePen
SelectObject
DeleteObject

msimg32

TransparentBlt

advapi32

RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegCreateKeyW
RegQueryValueW
RegCloseKey

shell32

ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
Shell_NotifyIconW

comctl32

ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_GetImageCount
ord17

shlwapi

PathFileExistsW
PathIsDirectoryW

ole32

CoCreateInstance
CoInitialize
CoCreateGuid
CreateStreamOnHGlobal

oleaut32

SysFreeString

gdiplus

GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipCloneBrush
GdipDrawString
GdipFillRectangleI
GdipSetStringFormatTrimming
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawImageRectRectI
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage
GdipAlloc
GdipLoadImageFromStreamICM
GdipDrawImageRectI
GdipCreateFromHDC
GdipFree
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipCreateBitmapFromStream
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSetImageAttributesColorKeys
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatHotkeyPrefix
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipMeasureString
GdipCreateBitmapFromHBITMAP
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipDrawRectangleI
GdipSetClipRectI
GdipSaveImageToStream
GdipDeleteBrush

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??7ios_base@std@@QBE_NXZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

psapi

GetProcessImageFileNameW

wininet

InternetGetCookieExW
InternetSetOptionW

ws2_32

gethostbyname
socket
connect
inet_addr
htons
WSAStartup
WSACleanup
inet_ntoa
send
closesocket
shutdown
recv

netapi32

Netbios

Sections

.text
Size: 556KB - Virtual size: 554KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Dance/ChatHall.ini
Dance/ChatRoom/ChatRoomClient.dll
.dll windows:4 windows x86 arch:x86

43219421f7e03ea7c5c5c1d9170eb26b

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

b6:20:c6:41:7a:88:04:46:a0:2c:a1:e1:cc:15:44:0c:d6:8f:69:bd
Signer

Actual PE Digest

b6:20:c6:41:7a:88:04:46:a0:2c:a1:e1:cc:15:44:0c:d6:8f:69:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetLocalTime
GetPrivateProfileStringW
CreateDirectoryW
GetPrivateProfileIntW
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetProcAddress
GetLastError
WritePrivateProfileStringW
GetModuleFileNameW
GetModuleHandleW
CloseHandle
CreateEventW
WaitForSingleObject
SetEvent
ResetEvent
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
DeviceIoControl
CreateFileW
GetVersionExW
GetVersion
ReadFile
GetDriveTypeW
SetFileAttributesW
WriteFile
InitializeCriticalSection
ExitProcess

user32

PostMessageW

shell32

SHGetSpecialFolderPathW

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??7ios_base@std@@QBE_NXZ
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Nomemory@std@@YAXXZ

msvcr71

strncmp
wcsncmp
??1exception@@UAE@XZ
??0exception@@QAE@XZ
wcsncpy
fclose
fputwc
_wfopen
_waccess
swprintf
wcscmp
_wtoi
wcscat
wcsrchr
_endthreadex
_beginthreadex
sprintf
strncpy
strstr
_mbclen
malloc
_callnewh
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
free
_initterm
_adjust_fdiv
__CppXcptFilter
??3@YAXPAX@Z
wcscpy
_wcsicmp
wcslen
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??_V@YAXPAX@Z
rand
srand
time
memmove
_ftime

ws2_32

send
recv
connect
WSAStartup
shutdown
WSAGetLastError
socket
htons
closesocket
WSACleanup

netapi32

Netbios

advapi32

RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW

ole32

CoCreateGuid

Exports

Exports

CreateVideoChat
ReleaseVideoChat
SetMainPath

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ChatRoom/ChatRoomUI.dll
.dll windows:4 windows x86 arch:x86

3ae1814a776a08fcba0e46f56a2a1c74

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

14:6b:16:6f:f7:d1:2f:05:a6:24:0b:71:24:a1:82:cc:d2:c3:30:00
Signer

Actual PE Digest

14:6b:16:6f:f7:d1:2f:05:a6:24:0b:71:24:a1:82:cc:d2:c3:30:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdiplus

GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyCount
GdipDrawRectangleI
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipCreateFontFamilyFromName
GdipGetImagePixelFormat
GdipDrawImageRectRectI
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage
GdipCloneBrush
GdipDeleteFontFamily
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFamilyName
GdipSetLinePresetBlend
GdipCreateLineBrushI
GdipSetSmoothingMode
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteGraphics
GdipDeleteBrush
GdipGetImageHeight
GdipGetImageWidth
GdipFree
GdipDrawImageRectI
GdipDrawImageI
GdiplusShutdown
GdipAlloc
GdipGetImagePaletteSize
GdipDeleteFont
GdipCreateFont
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateBitmapFromStream
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSetImageAttributesColorKeys
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatHotkeyPrefix
GdipSetStringFormatTrimming
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipDrawString
GdipMeasureString
GdipCreateBitmapFromHBITMAP
GdipSetPenMode
GdipSetClipRectI
GdipSaveImageToStream
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDisposeImage

mfc71u

ord3198
ord1270
ord1894
ord2077
ord1536
ord5911
ord1611
ord1608
ord3940
ord1393
ord4226
ord5148
ord1899
ord5067
ord6271
ord4179
ord5210
ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord2856
ord2985
ord4480
ord3158
ord572
ord587
ord753
ord4109
ord5829
ord602
ord347
ord5727
ord6251
ord1006
ord326
ord3995
ord4117
ord5637
ord502
ord2066
ord563
ord3756
ord2361
ord4026
ord3590
ord4238
ord2121
ord760
ord4347
ord709
ord5638
ord6031
ord501
ord2460
ord5987
ord1636
ord1577
ord3298
ord730
ord3990
ord5558
ord2362
ord4094
ord2085
ord3238
ord1946
ord1274
ord605
ord6140
ord1380
ord2857
ord1182
ord6064
ord5989
ord2486
ord2013
ord391
ord2611
ord3355
ord1220
ord2461
ord3644
ord3596
ord3471
ord1178
ord4126
ord1999
ord1293
ord4125
ord4668
ord4955
ord4501
ord4940
ord4643
ord4958
ord5047
ord4799
ord4704
ord4790
ord4957
ord4371
ord4370
ord4281
ord4942
ord4510
ord4965
ord4474
ord4523
ord4964
ord4840
ord4495
ord4362
ord4433
ord5043
ord4553
ord4914
ord3734
ord4438
ord4437
ord4784
ord4198
ord4775
ord4383
ord4974
ord4165
ord4172
ord4581
ord4770
ord4380
ord4395
ord4393
ord4375
ord4378
ord4373
ord4857
ord4854
ord3968
ord5910
ord1610
ord3338
ord1351
ord1553
ord2711
ord4267
ord648
ord2132
ord410
ord4292
ord4337
ord5147
ord2809
ord777
ord6173
ord6167
ord2261
ord2282
ord4879
ord4788
ord4194
ord4667
ord5202
ord6061
ord1472
ord1176
ord5711
ord2413
ord2414
ord2415
ord2412
ord2411
ord5609
ord2651
ord4656
ord4929
ord4098
ord4027
ord287
ord4078
ord745
ord557
ord4358
ord2229
ord5272
ord5398
ord1416
ord5633
ord2011
ord5178
ord4206
ord4729
ord4884
ord1662
ord1661
ord1542
ord5908
ord1392
ord5199
ord4256
ord1883
ord1871
ord1785
ord6232
ord4314
ord860
ord6063
ord5862
ord3873
ord2860
ord2876
ord3869
ord5869
ord6086
ord4119
ord5867
ord1156
ord3789
ord2364
ord5851
ord3875
ord589
ord330
ord1641
ord1585
ord4237
ord3599
ord3635
ord3435
ord3902
ord1605
ord354
ord4112
ord4574
ord3645
ord3483
ord2083
ord1632
ord1562
ord4232
ord658
ord578
ord2313
ord310
ord1096
ord2155
ord2867
ord6277
ord1765
ord1782
ord1784
ord5791
ord2893
ord3755
ord3157
ord1920
ord2255
ord4755
ord4074
ord629
ord1430
ord6284
ord5083
ord384
ord5319
ord5485
ord4019
ord6161
ord3922
ord620
ord1545
ord3189
ord5712
ord657
ord1772
ord3249
ord1388
ord6262
ord1924
ord1475
ord4093
ord2082
ord1561
ord4231
ord3223
ord3363
ord3351
ord5327
ord6293
ord5316
ord6282
ord3829
ord3281
ord1957
ord5636
ord2159
ord2648
ord3176
ord356
ord1870
ord3570
ord2086
ord1582
ord4234
ord741
ord4101
ord2260
ord2444
ord4100
ord588
ord328
ord6165
ord894
ord5414
ord5705
ord2010
ord333
ord3396
ord2788
ord2224
ord2151
ord2225
ord3497
ord2365
ord2932
ord2340
ord1571
ord3752
ord2713
ord3395
ord2622
ord2368
ord5648
ord1087
ord3417
ord2252
ord1588
ord6044
ord3983
ord3448
ord6116
ord5742
ord2489
ord5981
ord3670
ord3577
ord748
ord3568
ord1638
ord1580
ord739
ord3424
ord1922
ord1474
ord4092
ord1538
ord4228
ord591
ord774
ord3508
ord1027
ord5337
ord2297
ord1172
ord2250
ord3043
ord6299
ord584
ord1425
ord317
ord3296
ord3467
ord2081
ord1628
ord1549
ord4230
ord642
ord3560
ord1578
ord731
ord2871
ord3482
ord3400
ord2254
ord1202
ord783
ord784
ord1154
ord4042
ord4041
ord3678
ord1959
ord651
ord416
ord3824
ord1049
ord5524
ord1906
ord3927
ord776
ord314
ord283
ord1555
ord1118
ord2239
ord1058
ord1271
ord3155
ord1925
ord3204
ord2926
ord282
ord6111
ord1479
ord1079
ord2895
ord3390
ord899
ord896
ord280
ord1921
ord4562
ord265
ord266
ord2366
ord5209
ord762
ord764
ord566
ord757
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2984
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5226
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054

msvcr71

strncpy
_wtoi
wcschr
_wtol
_purecall
_ftime
__CppXcptFilter
_adjust_fdiv
_initterm
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
__security_error_handler
_beginthreadex
malloc
wcsncmp
wcsncpy
_waccess
wcsrchr
wcscat
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
free
fabs
memmove
iswdigit
_except_handler3
_wcsicmp
isalnum
isspace
wcscpy
swprintf
_itow
wcslen
_wfopen
fputwc
fclose
__CxxFrameHandler
memset
_localtime64
_wtoi64
wcscmp
rand
srand
time
_resetstkoflw
wcsstr
_time64
swscanf
wcstok
fgets
log10
wcstoul
fwrite
toupper

kernel32

CreateEventW
WaitForSingleObject
LeaveCriticalSection
FreeLibrary
GetFileAttributesW
SizeofResource
LoadResource
FindResourceW
ResumeThread
LocalFree
InterlockedDecrement
lstrlenW
lstrcpyW
MulDiv
InterlockedIncrement
GlobalSize
SetProcessWorkingSetSize
GetCurrentProcess
GetTickCount
lstrcatW
LoadLibraryExW
GetWindowsDirectoryW
WinExec
GetVersion
GetModuleHandleW
GetCurrentThreadId
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStructW
WritePrivateProfileStructW
GetPrivateProfileStringW
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
CreateDirectoryW
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CloseHandle
GetProcAddress
LoadLibraryW
GetVersionExA
SetEvent

user32

BeginPaint
EndPaint
GetClassInfoExW
CreateWindowExW
DestroyWindow
IntersectRect
GetWindowInfo
IsWindowEnabled
GetNextDlgGroupItem
GetDlgCtrlID
SetWindowPos
EnumChildWindows
GetMenu
GetMenuItemInfoW
MoveWindow
SetWindowsHookExW
GetMessagePos
SetPropW
CallNextHookEx
UnhookWindowsHookEx
RemovePropW
GetPropW
MessageBeep
DrawTextExW
FindWindowExW
GetFocus
CallWindowProcW
SetWindowLongW
ModifyMenuW
InsertMenuW
GetWindowDC
GetMenuState
GetMenuItemID
GetMenuItemCount
LoadIconW
IsZoomed
GetClassNameW
LoadBitmapW
DestroyCursor
LoadCursorW
LoadImageW
DestroyIcon
ReleaseDC
GetDC
EnumDisplaySettingsW
GetUpdateRect
CheckMenuItem
SystemParametersInfoW
CopyIcon
RegisterClassW
GetTopWindow
ChildWindowFromPointEx
ChildWindowFromPoint
SetParent
DefWindowProcW
GetScrollInfo
GetSystemMetrics
TrackMouseEvent
IsRectEmpty
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetLayeredWindowAttributes
KillTimer
SetTimer
IsWindowVisible
ScreenToClient
PtInRect
ReleaseCapture
SetCapture
GetCapture
DrawTextW
IsWindow
GetCursorPos
RedrawWindow
EnableMenuItem
AppendMenuW
CreatePopupMenu
MessageBoxW
GetSysColor
GetSubMenu
PostMessageW
SetCursor
GetWindowLongW
EnableWindow
GetParent
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SetWindowRgn
SendMessageW
FrameRect
FillRect
OffsetRect
InflateRect
CopyRect
SetRect
GetIconInfo
CreateIconIndirect

gdi32

CreatePatternBrush
GetTextExtentPointW
GetBitmapBits
CreateSolidBrush
Rectangle
CreateFontW
CreateDIBSection
ExtCreateRegion
CombineRgn
GetObjectW
OffsetRgn
SetPixel
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
GetTextExtentPoint32W
SetDIBColorTable
StretchBlt
SetStretchBltMode
CreatePen
CreateRectRgn
CreateDCW
GdiFlush
ExcludeClipRect
SetTextJustification
GetTextMetricsW
MoveToEx
GetDeviceCaps
CreateFontIndirectW
LineTo
TextOutW
SetBkMode
CreateCompatibleBitmap
StretchDIBits
Ellipse

msimg32

TransparentBlt
AlphaBlend

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent
ImageList_DrawEx
ImageList_AddMasked
ord17
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Draw

shlwapi

StrStrW
StrCpyW

ole32

CreateStreamOnHGlobal
CoUninitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitialize
OleRun
CoCreateInstance
OleSetContainedObject

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantCopy
VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
GetErrorInfo

msvcp71

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

winmm

mixerGetLineInfoW
mixerSetControlDetails
waveOutOpen
waveOutClose
mixerClose
mixerOpen
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetNumDevs
waveInOpen
mixerGetID
waveInClose
mixerGetControlDetailsW

ddraw

DirectDrawCreateEx

ws2_32

inet_ntoa
inet_addr

Exports

Exports

CreateRoomUI
DestroyRoomUI
SetMainPath

Sections

.text
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ChatRoom/Config.ini
Dance/ChatRoom/Skin/2010beta1ChatRoom.ggs
Dance/ChatRoom/Skin/Alarm.png
.png
Dance/ChatRoom/Skin/DefFace.bmp
Dance/ChatRoom/Skin/Thumbs.db
Dance/ChatRoom/Skin/VideoBack.bmp
Dance/ChatRoom/Skin/VideoBack2.bmp
Dance/ChatRoom/Skin/WndBack.bmp
Dance/ChatRoom/UIToolTip.dll
.dll windows:4 windows x86 arch:x86

04897ae99bc29616991912ca68521429

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

af:d2:d7:0e:54:f3:15:e3:9a:83:16:b9:2f:0d:b1:b3:ac:c2:61:92
Signer

Actual PE Digest

af:d2:d7:0e:54:f3:15:e3:9a:83:16:b9:2f:0d:b1:b3:ac:c2:61:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Svn\guagua\Skin\UIToolTip\DebugU\UIToolTip.pdb

Imports

mfc71ud

ord1180
ord1184
ord3271
ord3291
ord3275
ord3281
ord3279
ord3277
ord3294
ord3289
ord3273
ord3296
ord3284
ord3266
ord3268
ord3286
ord3002
ord2992
ord2064
ord8668
ord5280
ord8670
ord4655
ord6730
ord1864
ord6970
ord2222
ord2221
ord2152
ord6998
ord3999
ord6179
ord2894
ord1760
ord4642
ord891
ord668
ord4648
ord685
ord1559
ord1526
ord1431
ord328
ord1358
ord2580
ord5841
ord1182
ord7600
ord7366
ord4646
ord3640
ord832
ord573
ord7012
ord5582
ord8337
ord6725
ord8424
ord4771
ord8388
ord8389
ord5785
ord3187
ord8659
ord4664
ord5510
ord4971
ord3253
ord4020
ord3550
ord7766
ord3365
ord5633
ord1416
ord1178
ord1173
ord7050
ord7052
ord8194
ord2153
ord5961
ord6455
ord4775
ord2634
ord1802
ord2994
ord5856
ord8666
ord6841
ord2508
ord6946
ord5922
ord1917
ord5499
ord2176
ord2179
ord8120
ord5088
ord893
ord2022
ord4115
ord288
ord8463
ord2029
ord8547
ord1140
ord5087
ord8545
ord3111
ord5585
ord7547
ord1142
ord1145
ord5707
ord5703
ord7727
ord8553
ord3341
ord5755
ord1089
ord7458
ord7376
ord5468
ord4068
ord3110
ord5756
ord919
ord2933
ord921
ord3401
ord7359
ord289
ord5649
ord286
ord1406
ord299
ord673
ord270
ord267
ord901
ord3080
ord5311
ord888
ord908
ord662
ord686
ord906
ord329
ord1373
ord1448
ord1577
ord1579
ord1454
ord900
ord405
ord1535
ord1436
ord8500
ord1478
ord1571
ord1544
ord1546
ord1580
ord4638
ord7685
ord1757
ord2891
ord5940
ord6174
ord5506
ord3682
ord5142
ord5152
ord5151
ord3503
ord3684
ord3511
ord3975
ord3780
ord5990
ord3972
ord3803
ord3508
ord7553
ord7011
ord7046
ord6266
ord5503
ord7036
ord7034
ord4114
ord2522
ord5313
ord7276
ord8601
ord6873
ord1341
ord5287
ord7570
ord2644
ord2689
ord6009
ord8669
ord5279
ord8667
ord5613
ord5655
ord3693

msvcr71d

wcsstr
wcscpy
_wtoi
wcstoul
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
memmove
wcscmp
_purecall
free
__CxxFrameHandler
__dllonexit
_onexit
_except_handler3
??1type_info@@UAE@XZ
_free_dbg
_initterm
_malloc_dbg
_adjust_fdiv
__CppXcptFilter
__security_error_handler
?terminate@@YAXXZ
wcsncpy
rand
_CrtDbgReport
memcpy
_CRT_RTC_INIT
_gmtime64
wcslen
memcmp
realloc
_localtime64
_mktime64
_time64
_snwprintf
_vsnwprintf
_vsnprintf
_snprintf
memset

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
GetModuleFileNameA
GetProcessHeap
HeapAlloc
HeapFree
ExitProcess
GetCurrentProcessId
DebugBreak
RaiseException
DeleteCriticalSection
LocalAlloc
LocalFree
lstrcmpiW
MultiByteToWideChar
GetModuleHandleW
GetProcAddress
GetVersionExA
GetWindowsDirectoryW
LoadLibraryW
MulDiv
lstrcpyW
WideCharToMultiByte
lstrcatW
lstrlenW
WinExec
LoadLibraryExW
FreeLibrary
CreateFileW
WriteFile
CloseHandle
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetVersionExW
SetEvent
OpenEventA
lstrlenA
lstrcpyA
OutputDebugStringA
OutputDebugStringW
lstrcpynW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
UnmapViewOfFile
IsBadReadPtr
GetSystemInfo
MapViewOfFile
GetLastError
CreateFileMappingA
GetCurrentThread
GetVersion
OpenFileMappingA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
GetSystemTimeAsFileTime
LoadLibraryA
GetACP

user32

ReleaseDC
GetIconInfo
DestroyCursor
LoadImageW
LoadStringW
SystemParametersInfoW
SetCursor
SendMessageW
GetDC
LoadCursorW
GetWindowRect
GetWindowPlacement
CreateIconIndirect
FillRect
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
DefWindowProcW
GetClassInfoW
DestroyIcon
CopyIcon
GetSystemMetrics
IsWindow
GetCursorPos
ScreenToClient
IsWindowEnabled
ChildWindowFromPoint
GetParent
WindowFromPoint
ClientToScreen
GetClassNameW
GetWindowLongW
GetWindowTextW
GetMenuState
GetMenuItemID
GetMenuItemRect
GetMenuItemCount
EnumWindows
EnumChildWindows
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
UnionRect
SubtractRect
UnregisterClassA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
PeekMessageA
MsgWaitForMultipleObjects
FindWindowW
UnregisterClassW
GetSysColor

gdi32

CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
TextOutW
GetTextExtentPoint32W
SetTextJustification
GetDeviceCaps
LineTo
GetClipBox
GetObjectW
SelectClipRgn
FillRgn
OffsetRgn
CombineRgn
CreateRectRgn
CreatePolygonRgn
CreateRoundRectRgn
GetPixel
MoveToEx
CreatePen
GetTextMetricsW
SetBkColor
StretchBlt
CreateBitmap
CreateSolidBrush
CreateCompatibleBitmap
FrameRgn
SetTextColor
SetBkMode
GetDCOrgEx
CreateFontIndirectW

advapi32

OpenThreadToken
RevertToSelf
RegOpenKeyExW
RegQueryValueW
RegCloseKey
SetThreadToken

shell32

Shell_NotifyIconW
ShellExecuteW

comctl32

ImageList_AddMasked
ord17
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Create

oleaut32

SysFreeString

msvcp71d

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

ole32

CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject
CoReleaseMarshalData

Exports

Exports

CreateToolTipModule
ReleaseToolTipModule

Sections

.textbss
Size: - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ChatRoom/VcrMediaLib.dll
.dll windows:4 windows x86 arch:x86

88f0a5851aeb776bfe708c48f2849d2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
CreateMutexW
CloseHandle
OpenMutexW
Sleep
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
WideCharToMultiByte
DeleteCriticalSection
MultiByteToWideChar
CreateEventW
WaitForSingleObject
SetEvent
ResetEvent
GetModuleFileNameW
SetThreadPriority
GetTickCount
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetSystemInfo
InitializeCriticalSection
VirtualProtect
ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
LoadLibraryA
VirtualQuery
GetCurrentProcessId
InterlockedCompareExchange
WaitForMultipleObjects
InterlockedExchange
UnmapViewOfFile
ReleaseMutex
OpenProcess
MapViewOfFile
OpenFileMappingW
OpenEventW
RtlUnwind
RaiseException
ExitProcess
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetTimeZoneInformation
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo

ole32

CoInitialize
CoUninitialize

winmm

timeGetTime
waveInGetNumDevs

ws2_32

socket
WSAIoctl
bind
gethostname
closesocket
ntohs
inet_ntoa
htons
inet_addr
setsockopt
sendto
recvfrom
shutdown
WSACleanup
WSAStartup
gethostbyname

shell32

ShellExecuteW

Exports

Exports

CreateMediaLib
ReleaseMediaLib
SetMainPath

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ChatRoom/VolumeCtrl.dll
.dll windows:5 windows x86 arch:x86

9f214f5ff27e25a36acb6f280f58f6be

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

6f:21:cb:2a:6a:1d:2a:7a:4a:2b:48:ec:47:5d:80:3f:8e:79:72:27
Signer

Actual PE Digest

6f:21:cb:2a:6a:1d:2a:7a:4a:2b:48:ec:47:5d:80:3f:8e:79:72:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DebugBreak
FatalExit
OutputDebugStringW
MultiByteToWideChar
CompareStringW
CompareStringA
ReadFile
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
Sleep
HeapSize
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
CreateFileA
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA

user32

MessageBoxW
PostMessageW

ole32

CoCreateGuid
CoInitialize
PropVariantClear
CoTaskMemFree
CoUninitialize
CoCreateInstance

Exports

Exports

CreateVolumeForVista
ReleaseVolumeForVista

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ChatRoom/data/FlowerData.dat
Dance/ChatRoom/plug_folder_focus.bmp
Dance/ChatRoom/plug_folder_normal.bmp
Dance/ChatRoomUI.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

135cc4765d434b7922f2bb51b73648fc

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

ea:20:73:63:e8:9f:4c:aa:e0:5a:91:d1:f0:74:66:7b:59:cc:4c:79
Signer

Actual PE Digest

ea:20:73:63:e8:9f:4c:aa:e0:5a:91:d1:f0:74:66:7b:59:cc:4c:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Svn\guagua\ChatHall\ChatRoomOcx\ReleaseU\ChatRoomOcx.pdb

Imports

mfc71u

ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord2531
ord2725
ord2829
ord4301
ord2708
ord2856
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4480
ord4256
ord605
ord354
ord5199
ord4347
ord1894
ord764
ord6063
ord6061
ord6277
ord4574
ord3598
ord3596
ord3651
ord3514
ord6260
ord2905
ord6261
ord4308
ord5376
ord2851
ord2936
ord4475
ord4255
ord3269
ord476
ord2292
ord701
ord1948
ord1320
ord5452
ord963
ord4167
ord4550
ord4492
ord5515
ord1649
ord4731
ord4808
ord5856
ord1612
ord1415
ord5112
ord2503
ord3750
ord5055
ord4569
ord4571
ord2416
ord5483
ord3974
ord4525
ord4524
ord4636
ord4508
ord4789
ord4398
ord4368
ord4443
ord4873
ord4815
ord4820
ord4825
ord4521
ord4795
ord4794
ord4530
ord4529
ord4528
ord4506
ord4552
ord4913
ord4515
ord4500
ord5956
ord4650
ord4507
ord4490
ord4489
ord4952
ord4432
ord4199
ord4187
ord4182
ord4607
ord4609
ord4606
ord4239
ord4453
ord4894
ord4246
ord4877
ord4864
ord1988
ord2987
ord4389
ord2504
ord5911
ord1393
ord1897
ord6266
ord2532
ord2726
ord2830
ord4302
ord2841
ord2535
ord2639
ord3944
ord4477
ord5675
ord683
ord2148
ord3819
ord451
ord2550
ord4839
ord4340
ord4925
ord5210
ord4295
ord762
ord1079
ord2362
ord1088
ord314
ord1142
ord1127
ord2041
ord577
ord1220
ord2311
ord293
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord2238
ord3942
ord4562
ord5226
ord5209
ord5562
ord3823
ord2832
ord2984
ord3256
ord566
ord757
ord6248
ord1133
ord1145
ord3655
ord3531
ord4420
ord4534
ord4720
ord4897
ord4576
ord6267
ord5206
ord4273
ord2852
ord4478
ord479
ord1754
ord1129
ord703
ord1044
ord1591
ord4276
ord4716
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord1170
ord1200
ord1087
ord1162
ord581
ord3397
ord4179
ord6271
ord5067
ord1899
ord5148
ord4238
ord1392
ord3940
ord1608
ord1611
ord5908
ord1542
ord1661
ord1662
ord2011
ord4884
ord4729
ord4206
ord5178
ord3435
ord4180
ord3635
ord1043

msvcr71

__CxxFrameHandler
wcscpy
wcsncpy
wcslen
_wtoi64
wcscat
wcsrchr
memset
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
__security_error_handler
free
_except_handler3

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetSystemTimeAsFileTime
GetModuleFileNameW
SetCurrentDirectoryW
LoadLibraryW
GetProcAddress
LocalFree
GetVersionExA

user32

GetSystemMetrics
GetClientRect
FillRect
EnableWindow

gdi32

GetStockObject

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/DnsSession.dll
.dll windows:4 windows x86 arch:x86

12f99549c4d28bc4c6c2b472042bb19b

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

f3:c4:1f:5f:e7:9b:ca:63:5b:a6:a4:7d:44:3d:e3:23:33:98:d4:fe
Signer

Actual PE Digest

f3:c4:1f:5f:e7:9b:ca:63:5b:a6:a4:7d:44:3d:e3:23:33:98:d4:fe

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcpynW
Sleep
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
InterlockedDecrement
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
CreateEventW
WaitForSingleObject
SetEvent
ResetEvent
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetSystemInfo
VirtualProtect
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
CreateFileA
CreateFileW
SetFilePointer
FlushFileBuffers
SetStdHandle
VirtualQuery
InterlockedExchange
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
RtlUnwind
ExitProcess
RaiseException
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetVersionExA
HeapAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetModuleFileNameA
HeapFree
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
ReadFile
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetTimeZoneInformation
HeapReAlloc
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr

user32

IsWindow
PostMessageW

oleaut32

SysAllocStringByteLen

winmm

timeGetTime

ws2_32

bind
setsockopt
recvfrom
sendto
closesocket
htonl
WSAStartup
inet_ntoa
ntohs
gethostbyname
htons
inet_addr
socket
WSAGetLastError
shutdown
recv
send
connect
getsockname
WSACleanup

Exports

Exports

CreateCqsSession
CreateDnsIns
CreateOemConf
SetMainPath

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Downloader.exe
.exe windows:4 windows x86 arch:x86

792fbdd0b07d2bd1e86745ea6fb7ebd1

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

7d:8b:94:4b:75:af:88:88:95:50:04:1b:7c:6c:c3:17:20:23:4c:ad
Signer

Actual PE Digest

7d:8b:94:4b:75:af:88:88:95:50:04:1b:7c:6c:c3:17:20:23:4c:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord2856
ord4480
ord4256
ord416
ord1785
ord709
ord501
ord2155
ord4098
ord2311
ord5869
ord2860
ord762
ord2364
ord293
ord2159
ord3869
ord1555
ord5914
ord421
ord774
ord3781
ord5280
ord383
ord1472
ord655
ord5657
ord5913
ord1908
ord5105
ord3433
ord3204
ord1925
ord3155
ord1271
ord3296
ord1270
ord5633
ord2521
ord5607
ord6056
ord5604
ord6050
ord4155
ord6053
ord6033
ord5723
ord5638
ord5643
ord5519
ord5584
ord5410
ord5397
ord5917
ord5715
ord602
ord2255
ord5884
ord347
ord5630
ord2361
ord1920
ord2362
ord5862
ord3873
ord2081
ord1628
ord1549
ord5911
ord1393
ord6271
ord5210
ord5196
ord4230
ord6116
ord2788
ord3396
ord5727
ord2066
ord1632
ord1562
ord4232
ord899
ord5199
ord4117
ord5637
ord502
ord2876
ord5489
ord2697
ord3195
ord380
ord266
ord629
ord2897
ord1430
ord5083
ord384
ord265
ord3635
ord3435
ord6086
ord3752
ord4112
ord4109
ord2713
ord3395
ord4347
ord2365
ord2622
ord605
ord354
ord589
ord330
ord3756
ord5609
ord2651
ord2368
ord5648
ord1087
ord4574
ord3678
ord3417
ord870
ord2077
ord1536
ord4226
ord572
ord587
ord6251
ord1006
ord2252
ord1588
ord6044
ord563
ord753
ord3645
ord3483
ord658
ord2867
ord3983
ord5742
ord2489
ord2895
ord1959
ord3467
ord642
ord2121
ord3508
ord5337
ord1027
ord6299
ord5558
ord5327
ord6293
ord584
ord1425
ord317
ord2297
ord1172
ord2250
ord5316
ord6282
ord5485
ord3043
ord3590
ord5981
ord760
ord1156
ord287
ord1202
ord1182
ord1178
ord3249
ord783
ord784
ord1154
ord578
ord4042
ord4041
ord310
ord326
ord3927
ord2254
ord3198
ord3560
ord1578
ord731
ord4179
ord5067
ord1899
ord5148
ord4238
ord1392
ord3940
ord1608
ord1611
ord5908
ord1542
ord1661
ord1662
ord4884
ord1198
ord4729
ord4206
ord5178
ord1058
ord1894
ord4119
ord3824
ord1049
ord1118
ord2011
ord5524
ord1906
ord764
ord2926
ord282
ord1479
ord280
ord2461
ord776
ord5398
ord6161
ord1155
ord2239
ord651
ord757
ord566
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord2366
ord1079
ord3677
ord4535
ord283
ord3995
ord577

msvcr71

_ftime
__CxxFrameHandler
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_controlfp
wcstok
wcslen
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_waccess
_wcsicmp
wcscpy
_wtoi
malloc
fclose
fread
_wfopen
_cexit
_XcptFilter
_exit
_c_exit
_except_handler3
memset
_purecall
swprintf
toupper
_beginthreadex
memmove
free

kernel32

MulDiv
GlobalSize
GetModuleHandleA
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalAlloc
GlobalLock
GetModuleFileNameW
GetCommandLineW
DeleteFileW
CreateDirectoryW
SetEvent
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
WaitForSingleObject
CloseHandle
GetPrivateProfileStringW
GetPrivateProfileIntW
GetLastError
TerminateThread
Sleep
CreateEventW
CreateProcessW
GetExitCodeProcess
MultiByteToWideChar
GlobalFree
ExitProcess
GlobalUnlock
GetVersionExA
GlobalReAlloc

user32

GetCursorPos
KillTimer
GetFocus
InflateRect
RegisterClassW
FindWindowW
SetTimer
GetClassInfoW
SendMessageW
SetForegroundWindow
ShowWindow
DrawIcon
PostMessageW
IsIconic
GetClientRect
FlashWindow
LoadIconW
EnableWindow
GetSystemMetrics
GetClassNameW
IsWindow
EnumWindows
IsRectEmpty
CopyRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
InvalidateRect
MoveWindow
OffsetRect
ScreenToClient
GetWindowRect
GetParent
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
GetUpdateRect
GetActiveWindow
SystemParametersInfoW
ReleaseDC
GetDC
EnumChildWindows
SetWindowPos
ClientToScreen
GetDlgCtrlID
SetCursor
LoadCursorW
GetWindowLongW
GetNextDlgGroupItem
IsWindowEnabled
IsWindowVisible
ReleaseCapture
DefWindowProcW
PtInRect
SetCapture
GetClassInfoExW
CreateWindowExW
SetPropW
GetWindowInfo
GetScrollInfo
SetParent
RemovePropW
DestroyWindow
GetSysColor
GetPropW
FillRect
FrameRect
SetWindowLongW
CallWindowProcW
IntersectRect
SetWindowRgn
SetRect

gdi32

CreatePatternBrush
SetBkMode
SetTextColor
GetStockObject
CreateSolidBrush
CreateDCW
GetDeviceCaps
CreateFontIndirectW
OffsetRgn
GetObjectW
CreateDIBSection
ExtCreateRegion
CombineRgn
ExcludeClipRect
DeleteObject
DeleteDC
CreateRectRgn
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
GetMapMode
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPointW

shell32

ShellExecuteW

comctl32

ImageList_GetImageCount
ImageList_GetImageInfo
_TrackMouseEvent
ord17
ImageList_Draw

ole32

CreateStreamOnHGlobal

gdiplus

GdipSetClipRectI
GdipDrawRectangleI
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipCreateBitmapFromHBITMAP
GdipCloneBrush
GdipCreateFont
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipSetImageAttributesColorKeys
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipDrawImageRectRectI
GdipGetImageGraphicsContext
GdipFree
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageI
GdiplusStartup
GdiplusShutdown

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

wininet

InternetSetOptionW

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Dance/EncWmv.dll
.dll windows:4 windows x86 arch:x86

5b3f9a2956f683d60eb5c773dd4ed6f4

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

91:0c:ee:d6:d4:10:29:cd:7f:31:30:6b:59:67:4b:67:1e:32:d1:c7
Signer

Actual PE Digest

91:0c:ee:d6:d4:10:29:cd:7f:31:30:6b:59:67:4b:67:1e:32:d1:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA

user32

LoadImageW

gdi32

CreateBitmap
DeleteDC
SelectObject
StretchDIBits
GetObjectW
DeleteObject
GetBitmapBits
CreateCompatibleDC

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

malloc
_purecall
??3@YAXPAX@Z
wcscmp
__CxxFrameHandler
memset
_callnewh
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
__security_error_handler
free
??_V@YAXPAX@Z
_except_handler3

wmvcore

WMCreateWriter
WMCreateProfileManager

msimg32

TransparentBlt
AlphaBlend

Exports

Exports

CreateWmvEncObj
DestroyEncWmvObj

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/EquipCenter.dll
.dll windows:4 windows x86 arch:x86

ce859cf275fa06a5f1665efaf5c3eedb

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

59:40:f7:5c:18:4f:55:b5:85:d5:cb:5a:14:9b:e0:7e:15:6e:d6:56
Signer

Actual PE Digest

59:40:f7:5c:18:4f:55:b5:85:d5:cb:5a:14:9b:e0:7e:15:6e:d6:56

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord6284
ord655
ord629
ord1430
ord383
ord5300
ord5105
ord421
ord313
ord2077
ord1536
ord5911
ord1611
ord1608
ord3940
ord1393
ord4226
ord5148
ord1899
ord5067
ord4179
ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord2856
ord4480
ord563
ord4109
ord1079
ord2366
ord1894
ord753
ord6251
ord1006
ord2361
ord5178
ord4206
ord4729
ord4884
ord2011
ord1662
ord1661
ord1542
ord5908
ord1392
ord4238
ord5199
ord4256
ord1871
ord1785
ord5803
ord4098
ord2657
ord5862
ord3873
ord3756
ord2860
ord2654
ord2155
ord5801
ord6063
ord2651
ord5867
ord5869
ord3869
ord1883
ord2656
ord5829
ord6232
ord651
ord416
ord3875
ord2460
ord5727
ord4314
ord3204
ord1925
ord3155
ord1271
ord1058
ord2461
ord3249
ord2364
ord5327
ord6293
ord5316
ord6282
ord1555
ord1921
ord3645
ord3483
ord1632
ord1562
ord4232
ord6271
ord5210
ord5196
ord658
ord2255
ord2867
ord1270
ord5633
ord4117
ord3995
ord5280
ord572
ord2788
ord5637
ord709
ord602
ord1920
ord347
ord501
ord1867
ord1876
ord741
ord3395
ord2086
ord1582
ord4234
ord2985
ord3311
ord2159
ord3678
ord3417
ord587
ord2252
ord1588
ord6044
ord4112
ord3635
ord3435
ord3752
ord2713
ord4347
ord2365
ord2622
ord605
ord354
ord589
ord330
ord5609
ord2368
ord5648
ord1087
ord4574
ord3570
ord3983
ord3198
ord4755
ord3448
ord3157
ord620
ord3568
ord1638
ord1580
ord739
ord6116
ord3396
ord5742
ord2489
ord2876
ord1959
ord3670
ord3577
ord1641
ord1585
ord4237
ord748
ord3508
ord5337
ord1027
ord6299
ord584
ord1425
ord317
ord5083
ord384
ord3296
ord2297
ord1172
ord2250
ord5485
ord3043
ord326
ord3590
ord5981
ord760
ord1156
ord3467
ord2081
ord1628
ord1549
ord4230
ord642
ord2871
ord2362
ord502
ord2066
ord287
ord2254
ord1202
ord1182
ord1178
ord783
ord784
ord1154
ord578
ord4042
ord4041
ord310
ord3560
ord1578
ord731
ord5913
ord5657
ord1472
ord5524
ord5558
ord5914
ord1189
ord1118
ord557
ord2260
ord745
ord772
ord900
ord777
ord894
ord899
ord6086
ord4119
ord5711
ord1176
ord6002
ord2444
ord897
ord2926
ord282
ord6111
ord2895
ord1479
ord774
ord896
ord265
ord581
ord1162
ord1200
ord1170
ord1168
ord1192
ord1115
ord371
ord1093
ord1199
ord1197
ord1033
ord315
ord765
ord266
ord762
ord293
ord314
ord3824
ord764
ord2121
ord776
ord283
ord2311
ord870
ord577
ord3927
ord280
ord2239
ord566
ord757
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord3677

msvcr71

_localtime64
strstr
free
_wtoi
memmove
_wtol
ceil
toupper
malloc
memset
_ftime
rand
srand
time
__dllonexit
_onexit
__security_error_handler
?terminate@@YAXXZ
??1type_info@@UAE@XZ
swprintf
_purecall
_except_handler3
fputwc
_wtoi64
wcscpy
_waccess
wcsncpy
fread
_wfopen
fseek
fwrite
_wrename
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strncpy
_CxxThrowException
vsprintf
printf
fopen
fprintf
fclose
localtime
wcslen
sprintf
_beginthreadex
_endthreadex
_wcsicmp
__CxxFrameHandler
_initterm
_adjust_fdiv
__CppXcptFilter

kernel32

LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
Sleep
CreateEventW
LoadLibraryW
GetProcAddress
FreeLibrary
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
WaitForSingleObject
SetEvent
ResetEvent
DeleteFileW
CreateDirectoryW
InterlockedExchangeAdd
CreateMutexW
ReleaseMutex
GetPrivateProfileStringW
WritePrivateProfileStringW
lstrlenW
lstrcpyW
lstrcatW
GetLastError
SetFileAttributesW
FindClose
FindFirstFileW
CreateThread
TerminateThread
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalAlloc
GlobalLock
MulDiv
LocalFree
GlobalSize

user32

GetWindowRect
PostMessageW
SendMessageW
IsWindow
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetCapture
SetCapture
GetParent
WindowFromPoint
EnableWindow
ReleaseCapture
LockWindowUpdate
SetWindowPos
LoadImageW
LoadBitmapW
GetDC
ScreenToClient
IsRectEmpty
ReleaseDC
GetDlgCtrlID
GetUpdateRect
SetCursor
LoadCursorW
GetWindowLongW
GetClassNameW
GetNextDlgGroupItem
IsWindowVisible
DefWindowProcW
MoveWindow
OffsetRect
GetMenuItemInfoW
GetMenuItemCount
CopyRect
GetMenuItemID
GetSubMenu
GetMenu
GetSystemMetrics
SystemParametersInfoW
EnumChildWindows
FillRect
SetWindowLongW
GetWindowDC
RedrawWindow
GetSysColor
GetWindowInfo
PtInRect
CallWindowProcW
SetRect
SetWindowRgn
IntersectRect
InflateRect
FrameRect
GetPropW
IsWindowEnabled
GetScrollInfo
LoadIconW
DestroyWindow
GetFocus
SetTimer
KillTimer
GetCursorPos
RegisterClassW
GetClassInfoExW
CreateWindowExW
SetPropW
SetParent
RemovePropW

gdi32

CreatePatternBrush
SetTextColor
CreateDCW
GetDeviceCaps
CreateFontIndirectW
OffsetRgn
CreateRectRgn
CreateDIBSection
ExtCreateRegion
CombineRgn
TextOutW
GetObjectW
ExcludeClipRect
CreateSolidBrush
SetBkMode
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetStockObject
GetTextExtentPointW

comctl32

ImageList_GetImageCount
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_AddMasked
ImageList_Draw

ole32

CreateStreamOnHGlobal

gdiplus

GdipSetStringFormatHotkeyPrefix
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipDeleteFont
GdipSetImageAttributesColorKeys
GdipCreateBitmapFromHBITMAP
GdipSetStringFormatTrimming
GdipGetImageWidth
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRectRectI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCloneImage
GdipCloneBrush
GdipCreateRegionPath
GdipFillRegion
GdiplusShutdown
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipCreateFont
GdipSetPenMode
GdipDrawRectangleI
GdipSetClipRectI
GdipSaveImageToStream
GdipDrawImageI
GdiplusStartup
GdipGetImageHeight
GdipDrawPath
GdipAddPathStringI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateTexture
GdipCreateBitmapFromResource
GdipDisposeImage
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteRegion
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipAlloc
GdipFree

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

wininet

InternetQueryDataAvailable

ws2_32

socket
connect
send
recv
gethostbyname
WSACleanup
WSAStartup
inet_addr
inet_ntoa
shutdown
closesocket
htons

Exports

Exports

CreateEquipCenter
DestroyEquipCenter
SetMainPath
SetResPath

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/FnncRoom/Config.ini
Dance/FnncRoom/plug_folder_focus.bmp
Dance/FnncRoom/plug_folder_normal.bmp
Dance/GameMediaLib.dll
.dll windows:4 windows x86 arch:x86

89dd1f67cbc9f7f926dedce3b1b30bcb

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

c5:d2:5e:cc:c1:b1:8d:98:e7:11:b5:5b:4d:c4:74:ae:d1:fe:25:c6
Signer

Actual PE Digest

c5:d2:5e:cc:c1:b1:8d:98:e7:11:b5:5b:4d:c4:74:ae:d1:fe:25:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\work\guagua\productu\GameMediaLib.pdb

Imports

kernel32

LoadLibraryW
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
CloseHandle
OpenMutexW
WideCharToMultiByte
GetProcAddress
MultiByteToWideChar
CreateEventW
WaitForSingleObject
SetEvent
ResetEvent
GetTickCount
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetSystemInfo
VirtualProtect
Sleep
ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
CreateFileA
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
RaiseException
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetVersionExA
HeapAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetModuleFileNameA
HeapFree
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetTimeZoneInformation
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA

ole32

CoInitialize
CoUninitialize

winmm

timeGetTime
waveOutGetNumDevs

ws2_32

setsockopt
closesocket
socket
WSAIoctl
bind
sendto
gethostbyname
htons
inet_addr
inet_ntoa
ntohs
shutdown
WSACleanup
recvfrom
WSAStartup
gethostname

Exports

Exports

CreateGameMediaLib
SetMainPath

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/ImageOle.dll
.dll regsvr32 windows:4 windows x86 arch:x86

18e201c66fb36f0c34f99d047daacbc0

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

d9:da:c3:10:c3:f0:5a:06:42:06:68:3e:54:28:b7:33:33:23:2c:2d
Signer

Actual PE Digest

d9:da:c3:10:c3:f0:5a:06:42:06:68:3e:54:28:b7:33:33:23:2c:2d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
DeleteCriticalSection
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrlenW
GlobalAlloc
GlobalLock
InterlockedDecrement
GetTickCount
InterlockedIncrement
MultiByteToWideChar
LocalAlloc
InterlockedExchange
RaiseException
WideCharToMultiByte
CloseHandle
GlobalUnlock
ReadFile
SetFilePointer
CreateFileA

user32

GetClassNameA
SetWindowPos
UnionRect
SetWindowLongA
SetFocus
IsChild
GetWindowTextA
GetParent
InvalidateRect
CharNextA
DefWindowProcA
IsWindow
GetKeyState
PtInRect
SetTimer
IsWindowVisible
GetDC
ReleaseDC
KillTimer
UpdateWindow
DestroyWindow
SendMessageA
WindowFromDC
GetFocus
ShowWindow
CreateWindowExA
RegisterClassExA
BeginPaint
GetClientRect
EndPaint
EqualRect
SetWindowRgn
OffsetRect
CallWindowProcA
IntersectRect
GetWindowLongA
GetClassInfoExA
LoadCursorA
wsprintfA

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
DeleteObject
SelectClipRgn
CreateRectRgn
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

CreateOleAdviseHolder
CoLoadLibrary
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleSaveToStream
WriteClassStm
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

SysStringLen
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VariantClear
OleCreatePropertyFrame
SysAllocString
SysFreeString

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

_purecall
realloc
??2@YAPAXI@Z
memcpy
free
__CxxFrameHandler
malloc
_onexit
strcat
strcpy
_mbsrchr
__dllonexit
memset
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
memcmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/MFC71u.dll
.dll windows:4 windows x86 arch:x86

b3fbf4599c17e9bc7ccae6518bf0f868

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc71u.pdb

Imports

msvcr71

__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
_itow
wcsncpy
wcscpy
_ltow
_ultow
iswdigit
ceil
wcsncmp
_wcsnicmp
_wsplitpath
_wfullpath
_wtol
__p___argc
__p___wargv
_beginthreadex
_endthreadex
_wcsdup
_expand
_wtoi
wcstod
wcstol
wcstoul
swscanf
abs
labs
_snwprintf
calloc
__CxxFrameHandler
_msize
_purecall
_localtime64
_mktime64
realloc
fflush
fseek
ftell
fgetws
fputws
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
abort
memcmp
_resetstkoflw
malloc
swprintf
_CxxThrowException
vsprintf
_vscprintf
_mbsrev
_mbslwr
_mbsupr
_mbscspn
_mbsspn
_mbspbrk
_mbsrchr
_mbschr
_mbsstr
_mbsicoll
_mbscoll
_mbsicmp
_mbscmp
_ismbcspace
_mbsinc
free
strlen
memmove
wcslen
memcpy
vswprintf
_vscwprintf
_wcsrev
_wcslwr
_wcsupr
wcscspn
wcsspn
wcspbrk
wcsrchr
wcschr
wcsstr
_wcsicoll
wcscoll
_wcsicmp
wcscmp
iswspace
_except_handler3
memset
strcpy
strcmp

kernel32

FindResourceExW
GetEnvironmentVariableW
MultiByteToWideChar
FormatMessageW
WideCharToMultiByte
FormatMessageA
GetEnvironmentVariableA
lstrcpynW
SetLastError
GetLastError
lstrlenW
lstrcmpA
lstrlenA
MoveFileW
DeleteFileW
GetStringTypeExW
lstrcmpiW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
CloseHandle
lstrcpyW
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
GetShortPathNameW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileTime
InterlockedDecrement
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
FindResourceW
TlsFree
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
GetVersionExA
GetModuleHandleW
lstrcmpW
lstrcatW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GlobalGetAtomNameW
GetVersion
GetModuleHandleA
MulDiv
GetProfileIntW
VirtualProtect
GlobalFlags
GetTempFileNameW
GetDiskFreeSpaceW
LocalUnlock
LocalLock
SearchPathW
GetTempPathW
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
GetCurrentThread
SetErrorMode
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
InterlockedIncrement
FindNextFileW
GetTickCount
CopyFileW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyA
GetSystemTime
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
LocalReAlloc

gdi32

ScaleWindowExtEx
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileW
CopyMetaFileW
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
StartDocW
GetPixel
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
EnumFontFamiliesExW
CreateDCW
BitBlt
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutW
DeleteMetaFile
CloseMetaFile
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
ExtTextOutW
GetTextExtentPoint32A
GetCurrentPositionEx
MoveToEx
CreateFontIndirectW
GetWindowExtEx
GetViewportExtEx
GetTextFaceW
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
CreateFontW
GetCharWidthW
DeleteObject
SelectObject
StretchDIBits
DeleteDC
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox

user32

PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetWindowLongW
CallWindowProcW
DefWindowProcW
SendMessageW
GetDlgCtrlID
SetWindowPlacement
RegisterClassW
GetClassInfoW
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetParent
AdjustWindowRectEx
GetSysColor
LoadIconW
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageW
GetMenu
GetClientRect
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
EnableWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
MessageBoxW
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
SendDlgItemMessageW
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
GetClassInfoExW
CallNextHookEx
SetWindowsHookExW
CreateWindowExW
GetCapture
WinHelpW
RegisterWindowMessageW
LoadAcceleratorsW
TranslateAcceleratorW
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
InvalidateRect
ReleaseCapture
SetCursor
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
DestroyMenu
LoadMenuW
GetWindow
ClientToScreen
SetCapture
WindowFromPoint
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageW
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
RedrawWindow
InflateRect
SetRect
SetTimer
KillTimer
ReleaseDC
GetDC
IsZoomed
IsRectEmpty
DeleteMenu
AppendMenuW
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextW
DrawTextExW
GrayStringW
UnionRect
GetKeyNameTextW
MapVirtualKeyW
LoadBitmapW
FillRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoW
SystemParametersInfoW
GetMenuStringW
GetSysColorBrush
SetWindowTextW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
MoveWindow
ScrollWindowEx
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
FindWindowW
DrawIcon
SetWindowRgn
IsClipboardFormatAvailable
MessageBeep
GetTabbedTextExtentW
RemoveMenu
ValidateRect
PostQuitMessage
ShowOwnedPopups
InsertMenuW
RegisterClipboardFormatW
SendNotifyMessageW
CopyAcceleratorTableW
InSendMessage
PostThreadMessageW
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextW
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
MsgWaitForMultipleObjects
UnhookWindowsHookEx
CharUpperW
GetSystemMetrics
wsprintfW
LoadCursorW
UnregisterClassW
OemToCharA
CharToOemA

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

Sections

.text
Size: 871KB - Virtual size: 870KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Mp4Maker.exe
.exe windows:4 windows x86 arch:x86

1f68c90cff8a30b4c0e3f92a4f23f231

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

e0:3c:b8:53:8f:bf:bc:26:6b:1a:a3:b1:7d:32:b3:7e:7e:12:57:9d
Signer

Actual PE Digest

e0:3c:b8:53:8f:bf:bc:26:6b:1a:a3:b1:7d:32:b3:7e:7e:12:57:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
LoadLibraryA
InterlockedExchange
VirtualQuery
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
VirtualProtect
GetSystemInfo
WaitForSingleObject
ResetEvent
WaitForMultipleObjects
SetEvent
UnmapViewOfFile
CloseHandle
TerminateThread
CreateThread
MapViewOfFile
OpenFileMappingA
OpenEventA
OpenProcess
lstrcpyA
RaiseException
SetStdHandle
SetFilePointer
FlushFileBuffers

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Dance/OemIcon.ico
Dance/Player/AudioCapture.dll
.dll windows:4 windows x86 arch:x86

762b13b876a54f52c249939b179810a4

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

bb:e8:d0:95:28:df:dd:cc:77:63:c3:a3:92:2c:2d:1c:df:db:f8:16
Signer

Actual PE Digest

bb:e8:d0:95:28:df:dd:cc:77:63:c3:a3:92:2c:2d:1c:df:db:f8:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
GetLastError
SetEvent
ResetEvent
WaitForSingleObject
TerminateThread
CloseHandle
SetThreadPriority
CreateThread
CreateEventA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

winmm

waveOutWrite
waveOutGetNumDevs
waveOutOpen
waveOutUnprepareHeader
waveOutReset
waveInGetNumDevs
waveOutPrepareHeader
waveInReset
waveInStop
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInOpen
waveOutClose

msvcr71

__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_except_handler3
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
_purecall

Exports

Exports

CreateAudioCapture
DestroyAudioCapture
SetMainPath

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/AudioCodec2.dll
.dll windows:4 windows x86 arch:x86

f6b9b7f76f67521152057b9e22b48c89

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

b2:3c:91:c6:83:f4:27:7f:b8:4d:83:77:de:a4:49:9a:95:47:ac:71
Signer

Actual PE Digest

b2:3c:91:c6:83:f4:27:7f:b8:4d:83:77:de:a4:49:9a:95:47:ac:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SVNGuaGua\RtpStack\lame mp3\Lamedll\Release\lameDLL.pdb

Imports

msvcr71

rand
srand
time
memmove
??3@YAXPAX@Z
??2@YAPAXI@Z
_adj_fdiv_r
cos
_adj_fdiv_m64
log10
_adj_fdivr_m64
free
calloc
fclose
pow
_adj_fdiv_m32
malloc
exp
atan
sin
fabs
floor
fflush
vfprintf
_iob
log
sqrt
sprintf
abort
fscanf
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit

Exports

Exports

Decode
DecoderClose
DecoderInit
Encode
EncoderClose
EncoderInit

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/CapSreen.dll
.dll windows:4 windows x86 arch:x86

efbe3f777bf973830c112bf43229f5b5

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

8c:34:0c:a9:2c:81:c0:8c:af:2b:40:a8:72:2a:46:a0:ad:f3:80:d0
Signer

Actual PE Digest

8c:34:0c:a9:2c:81:c0:8c:af:2b:40:a8:72:2a:46:a0:ad:f3:80:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord1955
ord1647
ord1646
ord1590
ord5196
ord2531
ord2725
ord2829
ord4301
ord2708
ord2856
ord2534
ord2640
ord2527
ord2985
ord3712
ord3713
ord3703
ord2638
ord3943
ord4480
ord4255
ord572
ord764
ord587
ord2076
ord3156
ord4010
ord5178
ord4206
ord4729
ord4884
ord2011
ord1662
ord1661
ord1542
ord5908
ord1392
ord4238
ord5199
ord4256
ord605
ord354
ord631
ord2271
ord386
ord6086
ord6089
ord6115
ord6061
ord6279
ord4112
ord4574
ord4347
ord1416
ord762
ord709
ord589
ord330
ord2254
ord501
ord314
ord2787
ord2785
ord4215
ord5171
ord727
ord2063
ord1079
ord3198
ord1271
ord1270
ord5633
ord870
ord2895
ord1058
ord2096
ord1502
ord5829
ord602
ord347
ord577
ord2311
ord776
ord283
ord5727
ord3692
ord3677
ord757
ord1049
ord3824
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2832
ord4475
ord3327
ord566
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord581
ord1162
ord1087
ord1200
ord1170
ord1168
ord1192
ord1115
ord371
ord1093
ord1199
ord1197
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord5148
ord4226
ord1393
ord3940
ord1608
ord1611
ord5911
ord1536
ord1894
ord4119
ord3155
ord2362
ord1925
ord3204
ord266
ord265
ord3435
ord1011
ord1033
ord315
ord765
ord3635

msvcr71

?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
__security_error_handler
free
_except_handler3
memset
wcslen
wcscmp
swprintf
wcscat
__CxxFrameHandler
wcsrchr
wcscpy
_ftime

kernel32

CreateDirectoryW
GetLastError
GetLocalTime
FindFirstFileW
FindClose
FreeLibrary
GetCurrentThreadId
GetModuleFileNameW
LoadLibraryW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
InterlockedExchange
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
GetVersionExA

user32

LoadCursorW
SetRect
SendMessageW
SetWindowPos
IsZoomed
ShowWindow
IsRectEmpty
GetDesktopWindow
GetWindowDC
GetDC
ReleaseDC
WindowFromPoint
GetDoubleClickTime
DestroyCursor
GetWindowThreadProcessId
AttachThreadInput
GetCursor
GetIconInfo
DrawIconEx
GetCursorPos
IsIconic
GetSystemMetrics
IntersectRect
EqualRect
PostMessageW
IsWindow
GetWindowRect
GetClassNameW
GetWindow
GetWindowTextW
GetWindowTextLengthW
IsWindowVisible
GetWindowLongW
GetParent
EnumWindows
GetClientRect
ScreenToClient
InvalidateRect
SetTimer
KillTimer
EnableWindow
SetLayeredWindowAttributes
SetWindowLongW

gdi32

CreateDCW
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreatePen
SetROP2
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
GetStockObject
DeleteDC
GetBitmapBits
Rectangle
GetDIBits
GetObjectW

comctl32

ord17

gdiplus

GdipSetStringFormatTrimming
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipDrawLineI
GdipDrawRectangleI
GdipFillRectangleI
GdipFillEllipseI
GdipDrawString
GdipMeasureString
GdipDrawImageRectI
GdipCloneBrush
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipCreateLineBrushFromRectI
GdipCreateSolidFill
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipAlloc
GdipFree
GdipCreateBitmapFromHBITMAP

ddraw

DirectDrawCreate

Exports

Exports

CreateCapSreenModule
ReleaseCapSreenModule

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/Config.ini
Dance/Player/DeskLrc/LyricPicture/A1.bmp
Dance/Player/DeskLrc/LyricPicture/A2.bmp
Dance/Player/DeskLrc/LyricPicture/B1.bmp
Dance/Player/DeskLrc/LyricPicture/B2.bmp
Dance/Player/DeskLrc/LyricPicture/C1.bmp
Dance/Player/DeskLrc/LyricPicture/C2.bmp
Dance/Player/DeskLrc/LyricPicture/D1.bmp
Dance/Player/DeskLrc/LyricPicture/D2.bmp
Dance/Player/DeskLrc/LyricPicture/E1.bmp
Dance/Player/DeskLrc/LyricPicture/E2.bmp
Dance/Player/DeskLrc/LyricPicture/F1.bmp
Dance/Player/DeskLrc/LyricPicture/F2.bmp
Dance/Player/DeskLrc/LyricPicture/G1.bmp
Dance/Player/DeskLrc/LyricPicture/G2.bmp
Dance/Player/DeskLrc/LyricShowSetting.ini
Dance/Player/EncWmv.dll
.dll windows:4 windows x86 arch:x86

5b3f9a2956f683d60eb5c773dd4ed6f4

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

91:0c:ee:d6:d4:10:29:cd:7f:31:30:6b:59:67:4b:67:1e:32:d1:c7
Signer

Actual PE Digest

91:0c:ee:d6:d4:10:29:cd:7f:31:30:6b:59:67:4b:67:1e:32:d1:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA

user32

LoadImageW

gdi32

CreateBitmap
DeleteDC
SelectObject
StretchDIBits
GetObjectW
DeleteObject
GetBitmapBits
CreateCompatibleDC

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

malloc
_purecall
??3@YAXPAX@Z
wcscmp
__CxxFrameHandler
memset
_callnewh
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
__security_error_handler
free
??_V@YAXPAX@Z
_except_handler3

wmvcore

WMCreateWriter
WMCreateProfileManager

msimg32

TransparentBlt
AlphaBlend

Exports

Exports

CreateWmvEncObj
DestroyEncWmvObj

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/Filter/Antique.bmp
Dance/Player/Filter/Carmine.bmp
Dance/Player/Filter/Cinerous.bmp
Dance/Player/Filter/DbSidMirror.bmp
Dance/Player/Filter/DisBlue.bmp
Dance/Player/Filter/DisGreen.bmp
Dance/Player/Filter/GrayScale.bmp
Dance/Player/Filter/Inverse.bmp
Dance/Player/Filter/Lilac.bmp
Dance/Player/GGPlayer.exe
.exe windows:4 windows x86 arch:x86

3206fb77aa2988924024b169c418b9c7

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

c2:39:d8:c0:6e:ac:a6:c8:2e:7d:21:66:ce:b3:02:21:b4:a6:5c:f9
Signer

Actual PE Digest

c2:39:d8:c0:6e:ac:a6:c8:2e:7d:21:66:ce:b3:02:21:b4:a6:5c:f9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

processcs

CreateProCSServer
ReleasProCSServer

mediacenter

GetVideoProcessor
CreateVolumCtrl
ReleaseVolumCtrl
ReleaseMusicMgr
GetServerAgent
CreateMusicMgr
CreateMediaCenter
ReleaseMediaCenter
GetCaptureMgr

mfc71u

ord6271
ord4714
ord5196
ord718
ord563
ord516
ord753
ord1006
ord1939
ord2651
ord2311
ord293
ord5727
ord4312
ord709
ord501
ord1086
ord1894
ord1403
ord4558
ord2648
ord3134
ord5207
ord5965
ord6115
ord4574
ord280
ord5398
ord2460
ord776
ord265
ord591
ord741
ord4314
ord4119
ord2086
ord1582
ord5911
ord1393
ord4234
ord5210
ord2985
ord4255
ord3311
ord572
ord1922
ord1474
ord4092
ord2080
ord1538
ord4228
ord3165
ord605
ord2155
ord4109
ord2010
ord333
ord4388
ord602
ord1957
ord1270
ord347
ord3635
ord3435
ord762
ord3204
ord1925
ord2362
ord3198
ord1271
ord1220
ord4347
ord1637
ord1579
ord4112
ord354
ord4535
ord3677
ord757
ord3990
ord2282
ord6165
ord1479
ord282
ord2926
ord1472
ord2366
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2832
ord4475
ord3327
ord566
ord2239
ord1906
ord5524
ord1155
ord5558
ord2261
ord1118
ord774
ord2461
ord5971
ord1049
ord3824
ord5803
ord2365
ord6140
ord3983
ord5485
ord6279
ord6277
ord6059
ord1416
ord5493
ord3752
ord1058
ord3176
ord5609
ord631
ord2271
ord386
ord6161
ord3678
ord899
ord2361
ord2121
ord2255
ord3395
ord3756
ord6251
ord4074
ord2260
ord1431
ord2745
ord2898
ord3925
ord2742
ord2279
ord620
ord1545
ord3189
ord4730
ord416
ord2860
ord3051
ord5862
ord3873
ord630
ord3082
ord2012
ord3050
ord385
ord2867
ord5869
ord2876
ord2364
ord5867
ord3869
ord1555
ord3032
ord2749
ord1632
ord1562
ord4232
ord3789
ord1883
ord6232
ord3155
ord2083
ord2952
ord3224
ord658
ord2489
ord5742
ord5851
ord1959
ord3396
ord4123
ord3281
ord3157
ord896
ord2893
ord1096
ord3644
ord3471
ord4126
ord1999
ord1293
ord4125
ord4955
ord4501
ord4940
ord4643
ord4958
ord5047
ord4799
ord4704
ord4790
ord4957
ord4371
ord4370
ord4788
ord4942
ord4510
ord4965
ord4474
ord4523
ord4964
ord4840
ord4495
ord4362
ord4433
ord5043
ord4553
ord4914
ord4514
ord4513
ord3734
ord4438
ord4437
ord4784
ord4198
ord4775
ord4383
ord4974
ord4165
ord4172
ord4581
ord4770
ord4380
ord4395
ord4393
ord4375
ord4378
ord4373
ord4857
ord4854
ord3968
ord5910
ord1610
ord5147
ord5202
ord3338
ord1351
ord5162
ord1553
ord2711
ord4267
ord648
ord410
ord4358
ord4667
ord4668
ord2413
ord2414
ord2415
ord2412
ord2411
ord4194
ord4929
ord4121
ord3645
ord3483
ord5633
ord3995
ord4117
ord5637
ord2788
ord5981
ord3342
ord1765
ord5053
ord6160
ord2151
ord2077
ord1536
ord4226
ord3158
ord587
ord5914
ord777
ord655
ord5280
ord5105
ord421
ord4207
ord4184
ord4838
ord4861
ord4611
ord4791
ord5064
ord5066
ord5065
ord3546
ord3661
ord4882
ord283
ord577
ord6063
ord6061
ord1386
ord6086
ord5829
ord330
ord589
ord266
ord764
ord1079
ord1785
ord4256
ord4480
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2856
ord2708
ord581
ord1162
ord1087
ord1200
ord314
ord4301
ord2829
ord2725
ord2531
ord1590
ord1646
ord1647
ord1955
ord5171
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5199
ord4179
ord5067
ord1899
ord5148
ord4238
ord1392
ord3940
ord1608
ord1611
ord5908
ord1542
ord1661
ord1662
ord2011
ord4884
ord4729
ord4206
ord5178
ord315
ord765
ord651
ord1198

msvcr71

fseek
_localtime64
_time64
_wtof
memmove
_wcsnicmp
iswdigit
_endthreadex
sprintf
localtime
fprintf
fopen
printf
vsprintf
_atoi64
atoi
_snprintf
isspace
tolower
isalpha
isalnum
strncmp
strchr
memset
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
ftell
fread
fwrite
_waccess
_wrename
_beginthreadex
malloc
wcsstr
wcscat
wcstok
_wtol
div
wcscmp
_wtoi
_wcsicmp
wcschr
wcsncpy
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_purecall
wcsrchr
wcscpy
swprintf
wcslen
_wfopen
fputwc
fclose
_CxxThrowException
_onexit
__security_error_handler
_controlfp
??0exception@@QAE@ABV0@@Z
_except_handler3
free
__CxxFrameHandler
_ftime
_stricmp

kernel32

WinExec
lstrlenW
lstrcatW
SetEvent
ResetEvent
CloseHandle
WaitForSingleObject
LockResource
CreateEventW
ResumeThread
SetFileAttributesW
FindCloseChangeNotification
WaitForMultipleObjects
FindNextChangeNotification
FindFirstChangeNotificationW
EnterCriticalSection
TerminateThread
CreateThread
GetPrivateProfileSectionNamesW
lstrcpyW
Sleep
LocalFree
LocalAlloc
GetModuleHandleA
GetStartupInfoW
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetWindowsDirectoryW
CreateDirectoryW
LeaveCriticalSection
CopyFileW
DeleteFileW
GetFileAttributesW
GetLastError
GetLocalTime
FindFirstFileW
FindClose
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadResource
SizeofResource
FindResourceW
WritePrivateProfileStringW
GetModuleFileNameW
GetModuleHandleW
MulDiv
WideCharToMultiByte
GetPrivateProfileStringW
GetProcAddress
LoadLibraryW
GetPrivateProfileIntW
GetVersionExA
lstrcmpiW
FreeLibrary

user32

ShowWindow
SetForegroundWindow
PostMessageW
IsRectEmpty
FindWindowW
InvalidateRect
SetWindowTextW
GetDlgItem
OffsetRect
RedrawWindow
IsWindowVisible
IsWindow
DrawIcon
CheckMenuItem
GetMenuItemID
GetClassInfoW
GetSubMenu
IsIconic
GetCursorPos
SetMenuDefaultItem
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetTimer
SetActiveWindow
EnumThreadWindows
SetCursor
LoadCursorW
LoadIconW
RegisterHotKey
UnregisterHotKey
CopyIcon
PtInRect
InflateRect
GetParent
GetMessagePos
GetSysColor
SetWindowLongW
MessageBeep
wsprintfW
MessageBoxW
SetCapture
ReleaseCapture
EnableMenuItem
CheckMenuRadioItem
SystemParametersInfoW
GetKeyState
SetParent
MoveWindow
CopyRect
FillRect
AdjustWindowRectEx
LoadBitmapW
SetRect
GetFocus
GetScrollPos
SetScrollPos
SetScrollRange
CloseWindow
EnumDisplaySettingsW
ClientToScreen
GetWindowRect
ScreenToClient
SetWindowPos
GetDC
GetSystemMetrics
ReleaseDC
SendMessageW
EnableWindow
GetClientRect
GetWindowLongW
KillTimer

gdi32

StretchDIBits
SetBkMode
SetTextColor
TextOutW
GetBitmapBits
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
Rectangle
CreateBitmap
CreatePen
CreateSolidBrush
CreateDCW
GetDeviceCaps
DeleteDC
GetTextExtentPoint32W
CreateFontW
DeleteObject
GetObjectW
CreateFontIndirectW
GetStockObject
SelectObject

msimg32

AlphaBlend
TransparentBlt

advapi32

RegQueryValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteW
DragFinish
DragAcceptFiles
DragQueryFileW
SHBrowseForFolderW

comctl32

_TrackMouseEvent
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ord17

shlwapi

PathFileExistsW
PathIsDirectoryW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
SysFreeString

gdiplus

GdipDrawImageI
GdipCreateBitmapFromResource
GdipGetFamilyName
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyCount
GdipFillRectangle
GdipDrawImageRectRectI
GdipDrawRectangle
GdipDrawLineI
GdipSetPixelOffsetMode
GdipDeletePen
GdipCreatePen1
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdiplusStartup
GdiplusShutdown
GdipGraphicsClear
GdipSetInterpolationMode
GdipBitmapSetResolution
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFile
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipDrawImageRectI
GdipFillEllipseI
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCloneImage
GdipCloneBrush
GdipImageGetFrameDimensionsCount
GdipCreateStringFormat
GdipMeasureString
GdipDrawString
GdipCreateFromHDC
GdipSetStringFormatTrimming
GdipCreateSolidFill
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteBrush
GdipAlloc
GdipFree
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipDeleteStringFormat

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

uictrls

?DrawItem@CUIListCtrl@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
??0CUIListCtrl@@QAE@XZ
?PreSubclassWindow@CUIListCtrl@@MAEXXZ
?OnMouseMove@CUIListCtrl@@IAEXIVCPoint@@@Z
?SetAllColumnCursor@CUIListCtrl@@QAEXPAUHICON__@@@Z
?PreSubclassWindow@CUIDialog@@MAEXXZ
??1CUIListCtrl@@UAE@XZ
?WindowProc@CUIListCtrl@@MAEJIIJ@Z
?SetDrawTypeID@CUIListCtrl@@QAEXJI@Z
?Init@CUIListCtrl@@QAEHXZ
?UseHotItemView@CUIListCtrl@@QAEXH@Z
?InitMenuIconImgLists@CUIResMenu@@QAEXPAIIIII@Z
?SetDrawTypeID@CUIPlayProgressCtrl@@QAEXJJH@Z
?SetDrawTypeID@CUIStatic@@QAEXJJ@Z
?SetIsSetPosEnable@CUIPlayProgressCtrl@@QAEXH@Z
??0CUIPlayProgressCtrl@@QAE@XZ
?ChangeColor@@YA?AVColor@Gdiplus@@K@Z
?SetDrawTypeID@CUIScrollBar@@QAEXJI@Z
?AutoHideThumb@CUIScrollBar@@QAEXH@Z
?SetThumbMinSize@CUIScrollBar@@QAEXH@Z
??0CUIScrollBar@@QAE@XZ
??1CUIScrollBar@@UAE@XZ
?GetItemCount@CDrawerMgr@@QAEHXZ
?GetItemID@CDrawerItem@@QAEIXZ
?GetItemData@CDrawerItem@@QAEKXZ
?RemoveAll@CDrawerItem@@QAEXXZ
?SetItemData@CDrawerItem@@QAEXK@Z
?OnSize@CUIStatic@@QAEXIHH@Z
?GetThisMessageMap@CUIStatic@@KGPBUAFX_MSGMAP@@XZ
?GetThisClass@CUIStatic@@SGPAUCRuntimeClass@@XZ
?WindowProc@CUIStatic@@MAEJIIJ@Z
?PreSubclassWindow@CUIStatic@@MAEXXZ
?ImageFromIDResource@@YAHIPB_WAAPAVBitmap@Gdiplus@@@Z
?NoActiveAll@CDrawerMgr@@QAEXH@Z
??0CDrawerMgr@@QAE@XZ
??1CDrawerMgr@@UAE@XZ
?GetWindowRect@CUIListCtrl@@QAEXPAUtagRECT@@@Z
?RedrawAllItem@CDrawerMgr@@QAEXXZ
?UseDividerDbClick@CUIListCtrl@@QAEHH@Z
?SetColumnCursor@CUIListCtrl@@QAEXIPAUHICON__@@@Z
?Init@CDrawerMgr@@QAEHPAVCWnd@@ABVCRect@@ABVCSize@@PAUHWND__@@IH@Z
?SetIsHandCur@CDrawerMgr@@QAEXH@Z
?DeleteItem@CDrawerItem@@QAEXH@Z
?AddItem@CDrawerMgr@@QAEHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@IJJ@Z
?Click@CDrawerItem@@QAEXXZ
?GetItem@CDrawerMgr@@QAEPAVCDrawerItem@@H@Z
?GetItemCount@CDrawerItem@@QAEHXZ
?GetItem@CDrawerItem@@QAEPAV1@H@Z
?AddItem@CDrawerItem@@QAEHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@IJJ@Z
?FreshItemList@CDrawerMgr@@QAEXXZ
?OnLvnItemchanged@CUIListCtrl@@IAEHPAUtagNMHDR@@PAJ@Z
?OnLButtonDown@CUIListCtrl@@IAEXIVCPoint@@@Z
?GetThisMessageMap@CUIListCtrl@@KGPBUAFX_MSGMAP@@XZ
??0CUIStatic@@QAE@XZ
??1CUIPlayProgressCtrl@@UAE@XZ
??1CUIStatic@@UAE@XZ
?GetRuntimeClass@CUIDialog@@UBEPAUCRuntimeClass@@XZ
?SetRange@CUIPlayProgressCtrl@@QAEXHH@Z
?SetRC@CUIPlayProgressCtrl@@QAEXABVCRect@@000@Z
?OnSysCommand@CUIDialog@@IAEXIJ@Z
?SetWindowTextW@CUIDialog@@QAEXPB_W@Z
??0CUIResMenu@@QAE@XZ
?InstallHook@CUSMenuWndHook@@SAXXZ
?SetDrawTypeID@CUIResMenu@@QAEXJJ@Z
?LoadMenuW@CUIResMenu@@QAEHI@Z
?UnInstallHook@CUSMenuWndHook@@SAXXZ
??1CUIResMenu@@UAE@XZ
?SetDLPos@CUIPlayProgressCtrl@@QAEXH@Z
?SetPlayPos@CUIPlayProgressCtrl@@QAEXH@Z
?SetPos@CUIPlayProgressCtrl@@QAEXH@Z
?OnSize@CUIDialog@@IAEXIHH@Z
?LoadSkin@@YAHJPB_W@Z
?GetRuntimeClass@CUISliderCtrl@@UBEPAUCRuntimeClass@@XZ
?GetMessageMap@CUISliderCtrl@@MBEPBUAFX_MSGMAP@@XZ
?PreSubclassWindow@CUISliderCtrl@@MAEXXZ
?SetIsHandCur@CUIButton@@QAEXH@Z
?SetDrawTypeID@CUIComboBox@@QAEXJJ@Z
?SetBorderColor@CUIComboBox@@QAEXKK@Z
?SetHasTick@CUISliderCtrl@@QAEXH@Z
?SetDrawTypeID@CUISliderCtrl@@QAEXJJ@Z
?SetTooltipText@CUIButton@@QAEXPB_WHHH@Z
??0CUIRadioButton@@QAE@XZ
??0CUIComboBox@@QAE@XZ
??0CUICheckBox@@QAE@XZ
??0CUISliderCtrl@@QAE@XZ
??1CUIRadioButton@@UAE@XZ
??1CUIComboBox@@UAE@XZ
??1CUICheckBox@@UAE@XZ
??1CUISliderCtrl@@UAE@XZ
?GetThisMessageMap@CUIDialog@@KGPBUAFX_MSGMAP@@XZ
?GetThisClass@CUIDialog@@SGPAUCRuntimeClass@@XZ
?OnActivate@CUIDialog@@IAEXIPAVCWnd@@H@Z
?OnPaint@CUIDialog@@IAEXXZ
?OnInitDialog@CUIDialog@@MAEHXZ
?GetClientRect@CUIListCtrl@@QAEXPAUtagRECT@@@Z
?OnDestroy@CUIDialog@@IAEXXZ
?DoDataExchange@CUIDialog@@MAEXPAVCDataExchange@@@Z
??0CUIDialog@@QAE@IPAVCWnd@@@Z
??0CUIButton@@QAE@XZ
?SetDrawTypeID@CUIDialog@@QAEXJJJ@Z
?SetDrawTypeID@CUIButton@@QAEXJJ@Z
??1CUIDialog@@UAE@XZ
??1CUIButton@@UAE@XZ
?WindowProc@CUIDialog@@MAEJIIJ@Z
?DrawDialogToDB@CUIDialog@@MAEXPAVCDC@@ABVCRect@@H@Z
?SetDragFullWindow@CUIDialog@@MAEXH@Z
?DrawUIDialogFrameAndBk@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawUIDialogIcon@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@H@Z
?DrawUIDialogCaption@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?PreDrawDBToDC@CUIDialog@@MAEXAAJAAH@Z
?GetThisClass@CUIListCtrl@@SGPAUCRuntimeClass@@XZ

ddraw

DirectDrawCreate

wininet

InternetQueryDataAvailable

Sections

.text
Size: 416KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 824KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Dance/Player/LyricEditor.dll
.dll windows:4 windows x86 arch:x86

c56c68f30b59f656fe074877412c70bb

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

9b:d1:16:9a:c0:64:cf:78:cc:0d:6e:7d:71:7f:a3:01:43:b0:52:75
Signer

Actual PE Digest

9b:d1:16:9a:c0:64:cf:78:cc:0d:6e:7d:71:7f:a3:01:43:b0:52:75

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mediacenter

GetServerAgent

mfc71u

ord2638
ord3943
ord4475
ord4255
ord3327
ord566
ord764
ord266
ord577
ord283
ord5178
ord4884
ord2011
ord1662
ord1661
ord1542
ord5908
ord1611
ord1608
ord3940
ord1392
ord4238
ord5148
ord1899
ord5067
ord4179
ord5199
ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord2856
ord4480
ord4256
ord293
ord1785
ord1765
ord1883
ord2155
ord2651
ord3927
ord6232
ord4314
ord6063
ord870
ord3990
ord2895
ord1472
ord2366
ord1894
ord2121
ord5398
ord2461
ord4098
ord5803
ord5485
ord280
ord2656
ord899
ord776
ord709
ord2311
ord501
ord736
ord6086
ord1479
ord6111
ord282
ord2926
ord1079
ord4119
ord1637
ord1579
ord5911
ord1393
ord6271
ord3703
ord2527
ord2985
ord3306
ord572
ord6061
ord5965
ord5609
ord6278
ord5829
ord5616
ord3756
ord2648
ord3134
ord4558
ord896
ord3641
ord3459
ord732
ord5200
ord762
ord3204
ord1925
ord2362
ord3198
ord1271
ord1545
ord3189
ord620
ord3734
ord4438
ord4437
ord4784
ord4198
ord4775
ord4974
ord4165
ord4172
ord4770
ord4380
ord4395
ord4393
ord4375
ord4378
ord4373
ord4857
ord4854
ord3968
ord5910
ord3338
ord1351
ord5170
ord1547
ord4267
ord393
ord2413
ord2414
ord2415
ord2412
ord2411
ord5984
ord4581
ord3345
ord6087
ord5636
ord326
ord4206
ord774
ord3390
ord3635
ord3435
ord4729
ord354
ord605
ord4574
ord2254
ord589
ord330
ord3678
ord3590
ord760
ord1058
ord5558
ord5524
ord860
ord894
ord772
ord744
ord1443
ord6306
ord6166
ord5091
ord556
ord2444
ord1220
ord6172
ord2261
ord265
ord4101
ord2460
ord314
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord3713
ord5210
ord3712
ord581
ord1162
ord1087
ord1200
ord1170
ord1168
ord1192
ord1115
ord371
ord1093
ord1199
ord1197
ord1033
ord315
ord765
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord3824
ord1118
ord757
ord3677
ord5196

msvcr71

wcschr
__CxxFrameHandler
_except_handler3
free
??0exception@@QAE@ABV0@@Z
_CxxThrowException
wcsncpy
wcslen
wcstok
wcscat
wcsrchr
swprintf
??1exception@@UAE@XZ
??0exception@@QAE@XZ
sqrt
fclose
fread
ftell
fseek
_wfopen
memmove
_wcsicmp
_wsetlocale
_wtoi
strstr
strncmp
rand
srand
time
strncpy
_mbclen
_wtol
wcscpy
memset
__dllonexit
_onexit
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_initterm
malloc
_adjust_fdiv
__CppXcptFilter

kernel32

WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
LocalFree
LocalAlloc
MultiByteToWideChar
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
GetModuleFileNameW
GetCurrentThreadId
InitializeCriticalSection
ExitProcess
GetModuleHandleW
DeleteCriticalSection

user32

SetCapture
LoadCursorW
SetCursor
ReleaseCapture
RedrawWindow
GetWindowLongW
SetWindowLongW
GetDC
FillRect
ReleaseDC
GetUpdateRect
IsRectEmpty
SetFocus
LoadAcceleratorsW
LockWindowUpdate
TranslateAcceleratorW
SetWindowsHookExW
SendMessageW
SetParent
GetWindowRect
OffsetRect
CallNextHookEx
UnhookWindowsHookEx
EnableWindow
GetParent
KillTimer
SetTimer
GetClientRect
UpdateLayeredWindow

gdi32

CreateDCW
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
PatBlt
GetObjectW
CreateFontIndirectW
GetStockObject
CreateCompatibleDC

shell32

ShellExecuteW

oleaut32

SysFreeString

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDeleteBrush
GdipFree
GdipCreatePen1
GdipDeletePen
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateSolidFill
GdipCreateLineBrushI
GdipSetStringFormatTrimming
GdipCreateFromHDC
GdipDrawRectangleI
GdipFillRectangleI
GdipDrawString
GdipAlloc
GdipCloneBrush
GdipDisposeImage
GdipCreateBitmapFromResource
GdipDrawImageI
GdipCloneImage
GdipSetPenDashStyle
GdipDrawLineI
GdipCreateBitmapFromScan0
GdipCreateFromHWND
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRectI
GdipCreatePath
GdipDeletePath
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipAddPathRectangleI
GdipCreatePathGradientFromPath
GdipMeasureString

msvcp71

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??7ios_base@std@@QBE_NXZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
?getline@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_WH@Z
??Bios_base@std@@QBEPAXXZ
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

uictrls

?OnCreate@CUISheet@@QAEHPAUtagCREATESTRUCTW@@@Z
?GetPageCount@CUISheet@@QBEIXZ
?SetActivePage@CUISheet@@QAEHI@Z
??0CUISheet@@QAE@IPAVCWnd@@@Z
?Help@CUISheet@@QAEHXZ
?Exit@CUISheet@@QAEHXZ
?Finish@CUISheet@@QAEHXZ
?IsEnd@CUISheet@@QAEHXZ
?StepBack@CUISheet@@QAEHXZ
?IsBegin@CUISheet@@QAEHXZ
?DoDataExchange@CUISheet@@MAEXPAVCDataExchange@@@Z
??1CUISheet@@UAE@XZ
?GetThisMessageMap@CUIPage@@KGPBUAFX_MSGMAP@@XZ
?GetThisClass@CUIPage@@SGPAUCRuntimeClass@@XZ
?ExcludeDlgItemRect@UICommonFunction@@YAXPAUHWND__@@PAUHDC__@@PAUtagRECT@@H@Z
?DrawDBToDC@CUIDialog@@IAEXPAVCDC@@ABVCRect@@@Z
?StepNext@CUISheet@@QAEHXZ
?OnSetActive@CUIPage@@UAEHXZ
?SetDrawTypeID@CUIDialog@@QAEXJJJ@Z
?SetDrawTypeID@CUIButton@@QAEXJJ@Z
?OnInitDialog@CUIDialog@@MAEHXZ
?GetThisClass@CUISheet@@SGPAUCRuntimeClass@@XZ
?AddPage@CUISheet@@QAEHPAVCUIPage@@I@Z
?SetSheetSize@CUISheet@@QAEXHH@Z
?SetPagePos@CUISheet@@QAEXHHHH@Z
?OnPaint@CUIDialog@@IAEXXZ
?OnStepNext@CUIPage@@UAEHXZ
?GetStringPXSize@@YA?AVCSize@@ABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBVFont@Gdiplus@@PBVStringFormat@5@@Z
?ImageFromIDResource@@YAHIPB_WAAPAVBitmap@Gdiplus@@@Z
?Draw9Cells@@YAXPAUHDC__@@PAVBitmap@Gdiplus@@ABVCRect@@2ABUtagRECT@@K@Z
?GetThisMessageMap@CUIDialog@@KGPBUAFX_MSGMAP@@XZ
?GetThisClass@CUIDialog@@SGPAUCRuntimeClass@@XZ
?SetDLPos@CUIPlayProgressCtrl@@QAEXH@Z
?SetDrawTypeID@CUIPlayProgressCtrl@@QAEXJJH@Z
?SetIsSetPosEnable@CUIPlayProgressCtrl@@QAEXH@Z
?OnSize@CUIDialog@@IAEXIHH@Z
?SetRC@CUIPlayProgressCtrl@@QAEXABVCRect@@000@Z
?OnDestroy@CUIDialog@@IAEXXZ
?SetRange@CUIPlayProgressCtrl@@QAEXHH@Z
?SetPlayPos@CUIPlayProgressCtrl@@QAEXH@Z
?DoDataExchange@CUIDialog@@MAEXPAVCDataExchange@@@Z
??0CUIDialog@@QAE@IPAVCWnd@@@Z
??0CUIPlayProgressCtrl@@QAE@XZ
?GetThisMessageMap@CUISheet@@KGPBUAFX_MSGMAP@@XZ
??1CUIPlayProgressCtrl@@UAE@XZ
?OnHelp@CUIPage@@UAEHXZ
??1CUIButton@@UAE@XZ
?DoDataExchange@CUIPage@@MAEXPAVCDataExchange@@@Z
??0CUIPage@@QAE@IPAVCWnd@@@Z
??0CUIButton@@QAE@XZ
??1CUIPage@@UAE@XZ
?PreSubclassWindow@CUIDialog@@MAEXXZ
?WindowProc@CUIDialog@@MAEJIIJ@Z
?OnExit@CUIPage@@UAEHXZ
?OnFinish@CUIPage@@UAEHXZ
?OnStepBack@CUIPage@@UAEHXZ
?OnKillActive@CUIPage@@UAEHXZ
?PreDrawDBToDC@CUIDialog@@MAEXAAJAAH@Z
?DrawUIDialogCaption@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DrawUIDialogIcon@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@H@Z
?DrawUIDialogFrameAndBk@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?SetDragFullWindow@CUIDialog@@MAEXH@Z
?DrawDialogToDB@CUIDialog@@MAEXPAVCDC@@ABVCRect@@H@Z
?OnCancel@CUIPage@@MAEXXZ
?OnOK@CUIPage@@MAEXXZ
??1CUIDialog@@UAE@XZ

lyricshow

ReleaseLyricShowMgr
CreateLyricShowMgr

Exports

Exports

OpenLyricEditorWnd

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/LyricShow.dll
.dll windows:4 windows x86 arch:x86

23316f12dca3053fff2d0bdce224fe38

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

94:45:44:75:fc:cc:27:90:65:de:97:39:cb:82:e4:68:b7:37:f6:05
Signer

Actual PE Digest

94:45:44:75:fc:cc:27:90:65:de:97:39:cb:82:e4:68:b7:37:f6:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3327
ord566
ord577
ord283
ord896
ord774
ord2311
ord293
ord266
ord265
ord280
ord1479
ord870
ord2895
ord6111
ord282
ord2926
ord1079
ord899
ord2444
ord894
ord772
ord744
ord2829
ord6306
ord5558
ord3927
ord5091
ord556
ord5485
ord6172
ord6166
ord2261
ord2121
ord776
ord3990
ord4101
ord5398
ord2460
ord777
ord314
ord1220
ord5524
ord581
ord1162
ord1087
ord1200
ord1170
ord1168
ord1192
ord1115
ord371
ord1093
ord1199
ord1197
ord1033
ord315
ord765
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord3677
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord762
ord764
ord3824
ord757
ord1443

msvcr71

__CppXcptFilter
_adjust_fdiv
malloc
_initterm
?terminate@@YAXXZ
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??1type_info@@UAE@XZ
_CxxThrowException
wcstombs
_wsetlocale
_wtoi
wcslen
memmove
??1exception@@UAE@XZ
??0exception@@QAE@XZ
wcscat
_mkdir
rand
srand
time
swprintf
_except_handler3
memset
wcsrchr
wcstok
wcsncpy
wcschr
fclose
fread
ftell
fseek
_wfopen
__security_error_handler
_onexit
__dllonexit
_wcsicmp
free

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
LocalFree
InitializeCriticalSection
ExitProcess
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
MultiByteToWideChar
IsDBCSLeadByte
LocalAlloc
QueryPerformanceCounter
GetVersionExA
GetModuleFileNameW

oleaut32

SysFreeString

gdiplus

GdipSetTextContrast
GdipCreateFromHDC
GdipCloneImage
GdipCloneBrush
GdipCreateFont
GdipCreateRegionPath
GdipMeasureString
GdipDrawString
GdipFillRegion
GdipGraphicsClear
GdipDrawPath
GdipSetWorldTransform
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipAddPathStringI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetPenColor
GdipCreateTexture
GdipCreateSolidFill
GdipCreateMatrix2
GdipSetImageAttributesColorMatrix
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteRegion
GdipDeletePath
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipDeleteMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetPenLineJoin
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipAlloc
GdipFree
GdipDrawImageRectRectI
GdipDrawImagePointRectI
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup

msvcp71

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
?getline@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_WH@Z
??Bios_base@std@@QBEPAXXZ
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

uictrls

?ChangeBmpSize@@YAXPAVBitmap@Gdiplus@@AAV12@II@Z
?ChangeColor@@YA?AVColor@Gdiplus@@K@Z
?SafeNewBitmap@@YAXAAPAVBitmap@Gdiplus@@II@Z
?CreateAColorBmp@@YAXAAVBitmap@Gdiplus@@ABK@Z
?SafeDeleteBitmap@@YAXAAPAVBitmap@Gdiplus@@@Z

Exports

Exports

CreateLyricShowMgr
ReleaseLyricShowMgr

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/MFC71u.dll
.dll windows:4 windows x86 arch:x86

b3fbf4599c17e9bc7ccae6518bf0f868

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc71u.pdb

Imports

msvcr71

__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
_itow
wcsncpy
wcscpy
_ltow
_ultow
iswdigit
ceil
wcsncmp
_wcsnicmp
_wsplitpath
_wfullpath
_wtol
__p___argc
__p___wargv
_beginthreadex
_endthreadex
_wcsdup
_expand
_wtoi
wcstod
wcstol
wcstoul
swscanf
abs
labs
_snwprintf
calloc
__CxxFrameHandler
_msize
_purecall
_localtime64
_mktime64
realloc
fflush
fseek
ftell
fgetws
fputws
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
abort
memcmp
_resetstkoflw
malloc
swprintf
_CxxThrowException
vsprintf
_vscprintf
_mbsrev
_mbslwr
_mbsupr
_mbscspn
_mbsspn
_mbspbrk
_mbsrchr
_mbschr
_mbsstr
_mbsicoll
_mbscoll
_mbsicmp
_mbscmp
_ismbcspace
_mbsinc
free
strlen
memmove
wcslen
memcpy
vswprintf
_vscwprintf
_wcsrev
_wcslwr
_wcsupr
wcscspn
wcsspn
wcspbrk
wcsrchr
wcschr
wcsstr
_wcsicoll
wcscoll
_wcsicmp
wcscmp
iswspace
_except_handler3
memset
strcpy
strcmp

kernel32

FindResourceExW
GetEnvironmentVariableW
MultiByteToWideChar
FormatMessageW
WideCharToMultiByte
FormatMessageA
GetEnvironmentVariableA
lstrcpynW
SetLastError
GetLastError
lstrlenW
lstrcmpA
lstrlenA
MoveFileW
DeleteFileW
GetStringTypeExW
lstrcmpiW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
CloseHandle
lstrcpyW
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
GetShortPathNameW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileTime
InterlockedDecrement
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
FindResourceW
TlsFree
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
GetVersionExA
GetModuleHandleW
lstrcmpW
lstrcatW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GlobalGetAtomNameW
GetVersion
GetModuleHandleA
MulDiv
GetProfileIntW
VirtualProtect
GlobalFlags
GetTempFileNameW
GetDiskFreeSpaceW
LocalUnlock
LocalLock
SearchPathW
GetTempPathW
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
GetCurrentThread
SetErrorMode
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
InterlockedIncrement
FindNextFileW
GetTickCount
CopyFileW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyA
GetSystemTime
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
LocalReAlloc

gdi32

ScaleWindowExtEx
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileW
CopyMetaFileW
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
StartDocW
GetPixel
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
EnumFontFamiliesExW
CreateDCW
BitBlt
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutW
DeleteMetaFile
CloseMetaFile
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
ExtTextOutW
GetTextExtentPoint32A
GetCurrentPositionEx
MoveToEx
CreateFontIndirectW
GetWindowExtEx
GetViewportExtEx
GetTextFaceW
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
CreateFontW
GetCharWidthW
DeleteObject
SelectObject
StretchDIBits
DeleteDC
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox

user32

PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
GetWindowLongW
CallWindowProcW
DefWindowProcW
SendMessageW
GetDlgCtrlID
SetWindowPlacement
RegisterClassW
GetClassInfoW
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetParent
AdjustWindowRectEx
GetSysColor
LoadIconW
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageW
GetMenu
GetClientRect
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
EnableWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
MessageBoxW
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
SendDlgItemMessageW
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
GetClassInfoExW
CallNextHookEx
SetWindowsHookExW
CreateWindowExW
GetCapture
WinHelpW
RegisterWindowMessageW
LoadAcceleratorsW
TranslateAcceleratorW
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
InvalidateRect
ReleaseCapture
SetCursor
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
DestroyMenu
LoadMenuW
GetWindow
ClientToScreen
SetCapture
WindowFromPoint
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageW
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
RedrawWindow
InflateRect
SetRect
SetTimer
KillTimer
ReleaseDC
GetDC
IsZoomed
IsRectEmpty
DeleteMenu
AppendMenuW
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextW
DrawTextExW
GrayStringW
UnionRect
GetKeyNameTextW
MapVirtualKeyW
LoadBitmapW
FillRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoW
SystemParametersInfoW
GetMenuStringW
GetSysColorBrush
SetWindowTextW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
MoveWindow
ScrollWindowEx
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
FindWindowW
DrawIcon
SetWindowRgn
IsClipboardFormatAvailable
MessageBeep
GetTabbedTextExtentW
RemoveMenu
ValidateRect
PostQuitMessage
ShowOwnedPopups
InsertMenuW
RegisterClipboardFormatW
SendNotifyMessageW
CopyAcceleratorTableW
InSendMessage
PostThreadMessageW
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextW
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
MsgWaitForMultipleObjects
UnhookWindowsHookEx
CharUpperW
GetSystemMetrics
wsprintfW
LoadCursorW
UnregisterClassW
OemToCharA
CharToOemA

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

Sections

.text
Size: 871KB - Virtual size: 870KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/MediaCenter.dll
.dll windows:4 windows x86 arch:x86

38605676ac52a020b3fca87cecba5d95

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

d2:89:59:f9:8c:1d:59:e8:58:f6:59:c8:4c:8a:81:01:4a:4a:cf:1b
Signer

Actual PE Digest

d2:89:59:f9:8c:1d:59:e8:58:f6:59:c8:4c:8a:81:01:4a:4a:cf:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord774
ord4112
ord4123
ord6086
ord776
ord1182
ord1178
ord265
ord266
ord2311
ord293
ord3644
ord3471
ord2366
ord4126
ord1999
ord1293
ord4125
ord4668
ord4955
ord4501
ord4940
ord4643
ord4958
ord5047
ord4799
ord4704
ord4790
ord4957
ord4371
ord4370
ord4281
ord4788
ord4942
ord4510
ord4965
ord4474
ord4523
ord4964
ord4840
ord4495
ord4362
ord4433
ord5043
ord4553
ord4914
ord4514
ord4513
ord3734
ord4438
ord4437
ord4784
ord4198
ord4775
ord4383
ord4974
ord4165
ord4172
ord4581
ord4770
ord4380
ord4395
ord4393
ord4375
ord4378
ord4373
ord4857
ord4854
ord3968
ord5910
ord1610
ord1393
ord5147
ord6271
ord5202
ord3338
ord1351
ord5162
ord1553
ord5196
ord2711
ord4267
ord648
ord410
ord2413
ord2414
ord2415
ord2412
ord2411
ord4194
ord4358
ord4667
ord5209
ord314
ord3677
ord4032
ord4008
ord6272
ord577
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5562
ord2832
ord4475
ord4255
ord3327
ord566
ord757
ord3824
ord1049
ord2239
ord280
ord1479
ord282
ord2926
ord6002
ord1176
ord5712
ord745
ord557
ord5711
ord894
ord777
ord900
ord772
ord2260
ord2444
ord287
ord1472
ord5398
ord2460
ord3990
ord5524
ord290
ord1189
ord5914
ord5558
ord629
ord1430
ord6284
ord383
ord655
ord5657
ord5913
ord5280
ord2121
ord5299
ord5105
ord421
ord313
ord2282
ord899
ord631
ord1431
ord2742
ord3925
ord2279
ord2271
ord386
ord5480
ord2461
ord6160
ord5485
ord283
ord4256
ord4480
ord3943
ord2638
ord3703
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord1170
ord1200
ord1079
ord1087
ord1162
ord581
ord3713
ord3712
ord2527
ord2640
ord2534
ord2856
ord2708
ord4301
ord2829
ord2725
ord2531
ord1590
ord1646
ord1647
ord1955
ord5171
ord764
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5199
ord4179
ord5067
ord1899
ord5148
ord4238
ord1392
ord3940
ord1608
ord1611
ord5908
ord1542
ord1661
ord1662
ord2011
ord4884
ord4729
ord4206
ord5178
ord1894
ord4119
ord762
ord3795

msvcr71

exp
pow
log
asin
atan
fabs
fputs
_wtol
_endthreadex
sprintf
localtime
fprintf
fopen
printf
vsprintf
wcsncpy
wcsncmp
wcsstr
_wcslwr
rand
time
sin
floor
cos
sqrt
_iob
fmod
_CxxThrowException
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
fwrite
fread
fflush
fseek
ftell
_wtoi
swscanf
_wtoi64
memmove
wcscat
_errno
_wcsicmp
wcstok
memset
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
__CppXcptFilter
__security_error_handler
_ftime
??1exception@@UAE@XZ
??0exception@@QAE@XZ
malloc
free
_resetstkoflw
_except_handler3
fclose
fputwc
_wfopen
wcslen
_purecall
strncpy
wcscpy
wcsrchr
swprintf
_beginthreadex
_waccess
wcscmp
srand

kernel32

LoadLibraryW
GetProcAddress
WritePrivateProfileStringW
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersionExW
InterlockedExchange
SetFileAttributesW
CreateDirectoryW
FindClose
GetModuleFileNameW
GetTickCount
ResetEvent
GetLastError
RemoveDirectoryW
TerminateThread
CreateThread
ReadFile
WriteFile
CreateFileW
lstrcpyW
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
FreeLibrary
SetEvent
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileSectionW
lstrlenW
CloseHandle
FindFirstFileW
Sleep
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
SetThreadPriority
GetVersion
CreateEventW
GetVersionExA
DeviceIoControl
GetDriveTypeW
GetTempPathW
DeleteFileW

user32

IsWindow
PostMessageW
SendMessageW
SystemParametersInfoW
GetParent
SetWindowLongW
SetTimer
KillTimer
EnableWindow

gdi32

CreateDIBSection
DeleteObject
GetObjectW
StretchBlt
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC
SetStretchBltMode

advapi32

RegCreateKeyW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comctl32

ord17

shlwapi

PathFileExistsW
PathIsDirectoryW

ole32

CoUninitialize
CoInitialize

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

gdiplus

GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipAlloc
GdipDrawImageI
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipFree
GdipGetImageGraphicsContext
GdipCloneImage

uictrls

?WindowProc@CUIDialog@@MAEJIIJ@Z
?PreSubclassWindow@CUIDialog@@MAEXXZ
??1CUIDialog@@UAE@XZ
??0CUIDialog@@QAE@IPAVCWnd@@@Z
?DoDataExchange@CUIDialog@@MAEXPAVCDataExchange@@@Z
?OnInitDialog@CUIDialog@@MAEHXZ
?SetDrawTypeID@CUIDialog@@QAEXJJJ@Z
?DrawDialogToDB@CUIDialog@@MAEXPAVCDC@@ABVCRect@@H@Z
?OnDestroy@CUIDialog@@IAEXXZ
?GetThisClass@CUIDialog@@SGPAUCRuntimeClass@@XZ
?GetThisMessageMap@CUIDialog@@KGPBUAFX_MSGMAP@@XZ
?SetWindowTextW@CUIDialog@@QAEXPB_W@Z
?DrawUIDialogCaption@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DrawUIDialogIcon@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@H@Z
?PreDrawDBToDC@CUIDialog@@MAEXAAJAAH@Z
?SetDragFullWindow@CUIDialog@@MAEXH@Z
?OnSize@CUIDialog@@IAEXIHH@Z
?DrawUIDialogFrameAndBk@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z

ddraw

DirectDrawCreate

winmm

timeKillEvent
mixerSetControlDetails
mixerGetControlDetailsW
waveInClose
mixerGetID
waveInOpen
mixerGetNumDevs
mixerGetLineControlsW
mixerGetLineInfoW
mixerGetDevCapsW
mixerOpen
mixerClose
waveOutClose
waveOutOpen
timeSetEvent

wininet

InternetGetCookieExW
InternetQueryDataAvailable

ws2_32

send
recv
shutdown
socket
htonl
bind
getsockname
WSAStartup
WSACleanup
closesocket
recvfrom
sendto
setsockopt
ntohs
inet_ntoa
gethostbyname
connect
inet_addr
htons

netapi32

Netbios

Exports

Exports

CreateMediaCenter
CreateMusicMgr
CreateVolumCtrl
GetCaptureMgr
GetServerAgent
GetVideoProcessor
PreTransWndMsg
ReleaseMediaCenter
ReleaseMusicMgr
ReleaseVolumCtrl

Sections

.text
Size: 348KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/MediaInfo.dll
.dll windows:4 windows x86 arch:x86

1fbb32f9ea28000cfb91d2e00189a22e

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

08:eb:9b:92:d7:ee:d0:14:bb:bb:ff:fb:fb:ed:65:68:8d:08:6d:9e
Signer

Actual PE Digest

08:eb:9b:92:d7:ee:d0:14:bb:bb:ff:fb:fb:ed:65:68:8d:08:6d:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetFullPathNameW
GetFullPathNameA
FindFirstFileW
GetFileAttributesA
GetFileAttributesW
FindFirstFileA
FindClose
FindNextFileA
FindNextFileW
Sleep
CloseHandle
ResumeThread
CreateThread
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
GetTimeZoneInformation
CreateFileW
GetLastError
GetFileTime
GetVersion
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

msvcp71

?_Nomemory@std@@YAXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI_W@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IABV12@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@V312@@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@V312@_W@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?setprecision@std@@YA?AU?$_Smanip@H@1@H@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

msvcr71

wcslen
_CxxThrowException
__CxxFrameHandler
??3@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
setlocale
memmove
tolower
??_V@YAXPAX@Z
memcpy
ceil
log
pow
_purecall
toupper
floor
gmtime
wcsncpy
?terminate@@YAXXZ
strncpy
free
malloc
_callnewh
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__security_error_handler

Exports

Exports

MediaInfoA_Close
MediaInfoA_Count_Get
MediaInfoA_Delete
MediaInfoA_Get
MediaInfoA_GetI
MediaInfoA_Inform
MediaInfoA_New
MediaInfoA_New_Quick
MediaInfoA_Open
MediaInfoA_Open_Buffer
MediaInfoA_Open_Buffer_Continue
MediaInfoA_Open_Buffer_Continue_GoTo_Get
MediaInfoA_Open_Buffer_Finalize
MediaInfoA_Open_Buffer_Init
MediaInfoA_Option
MediaInfoA_Save
MediaInfoA_Set
MediaInfoA_SetI
MediaInfoA_State_Get
MediaInfoListA_Close
MediaInfoListA_Count_Get
MediaInfoListA_Count_Get_Files
MediaInfoListA_Delete
MediaInfoListA_Get
MediaInfoListA_GetI
MediaInfoListA_Inform
MediaInfoListA_New
MediaInfoListA_New_Quick
MediaInfoListA_Open
MediaInfoListA_Open_Buffer
MediaInfoListA_Option
MediaInfoListA_Save
MediaInfoListA_Set
MediaInfoListA_SetI
MediaInfoListA_State_Get
MediaInfoList_Close
MediaInfoList_Count_Get
MediaInfoList_Count_Get_Files
MediaInfoList_Delete
MediaInfoList_Get
MediaInfoList_GetI
MediaInfoList_Inform
MediaInfoList_New
MediaInfoList_New_Quick
MediaInfoList_Open
MediaInfoList_Open_Buffer
MediaInfoList_Option
MediaInfoList_Save
MediaInfoList_Set
MediaInfoList_SetI
MediaInfoList_State_Get
MediaInfo_Close
MediaInfo_Count_Get
MediaInfo_Delete
MediaInfo_Get
MediaInfo_GetI
MediaInfo_Info_Version
MediaInfo_Inform
MediaInfo_New
MediaInfo_New_Quick
MediaInfo_Open
MediaInfo_Open_Buffer
MediaInfo_Open_Buffer_Continue
MediaInfo_Open_Buffer_Continue_GoTo_Get
MediaInfo_Open_Buffer_Finalize
MediaInfo_Open_Buffer_Init
MediaInfo_Option
MediaInfo_Save
MediaInfo_Set
MediaInfo_SetI
MediaInfo_State_Get

Sections

.text
Size: 692KB - Virtual size: 690KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/MediaPlayer.dll
.dll windows:4 windows x86 arch:x86

768fcac80e538bbeb294465edac66bd4

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

97:24:95:96:58:85:c1:b6:e2:1a:62:a0:31:be:03:5c:ab:94:c0:17
Signer

Actual PE Digest

97:24:95:96:58:85:c1:b6:e2:1a:62:a0:31:be:03:5c:ab:94:c0:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CloseHandle
WaitForSingleObject
SetEvent
ResetEvent
Sleep
lstrlenW
CreateThread
GetLastError
GetCurrentThread
GetThreadPriority
SetThreadPriority
GetProcAddress
lstrcmpW
WaitForMultipleObjects
InterlockedDecrement
InterlockedIncrement
lstrcpynW
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetVersionExA
FreeLibrary
LoadLibraryW
lstrcpyW
InterlockedExchange

user32

RegisterWindowMessageW
DispatchMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetQueueStatus
PeekMessageW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance

shlwapi

PathFileExistsW

msvcr71

_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_onexit
__dllonexit
__security_error_handler
memset
wcscpy
swprintf
_purecall
log10
__CxxFrameHandler
??2@YAPAXI@Z
_except_handler3
free
??_U@YAPAXI@Z
??3@YAXPAX@Z
??_V@YAXPAX@Z

ddraw

DirectDrawCreate

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime
timeKillEvent
timeSetEvent

Exports

Exports

CreateMediaPlayer
ReleaseMediaPlayer

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/PlayerOcx.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

4a6c012a014e4531e9105e80df545079

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

15:0b:20:e4:ba:22:3b:55:5f:4a:a3:64:67:ee:90:10:cc:ad:0d:fd
Signer

Actual PE Digest

15:0b:20:e4:ba:22:3b:55:5f:4a:a3:64:67:ee:90:10:cc:ad:0d:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord5209
ord5562
ord3823
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord2984
ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3256
ord566
ord757
ord1079
ord764
ord6248
ord1133
ord314
ord1145
ord3598
ord3596
ord3651
ord3514
ord6260
ord2905
ord6261
ord4308
ord5376
ord2851
ord2936
ord3269
ord476
ord701
ord1948
ord1320
ord5452
ord963
ord4167
ord4550
ord4492
ord5515
ord1649
ord4731
ord4808
ord5856
ord1612
ord1415
ord5112
ord2503
ord3750
ord5055
ord4569
ord4571
ord2416
ord2550
ord5483
ord3974
ord4525
ord4524
ord4636
ord4508
ord4789
ord4398
ord4368
ord4443
ord4873
ord4815
ord4820
ord4825
ord4521
ord4795
ord4794
ord4530
ord4529
ord4528
ord4506
ord4552
ord4913
ord4515
ord4500
ord4180
ord4650
ord4507
ord4490
ord4489
ord4952
ord4432
ord4199
ord4187
ord4182
ord4607
ord4609
ord4606
ord4239
ord4453
ord4894
ord4246
ord4877
ord4864
ord1988
ord2987
ord4389
ord2504
ord5226
ord1611
ord6272
ord3940
ord1393
ord4238
ord5148
ord1897
ord5067
ord6266
ord4179
ord5210
ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord2532
ord2726
ord2830
ord4302
ord2841
ord2535
ord2639
ord3944
ord4477
ord5675
ord683
ord3819
ord451
ord4839
ord762
ord2362
ord1088
ord1142
ord1127
ord2041
ord5892
ord3655
ord3531
ord4420
ord4534
ord4720
ord4897
ord5178
ord4206
ord4729
ord4884
ord4576
ord2011
ord1662
ord1661
ord1542
ord5908
ord1392
ord1899
ord6267
ord5206
ord4273
ord2852
ord4478
ord4256
ord479
ord1754
ord1129
ord703
ord1044
ord4562
ord3942
ord2238
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord5911
ord3795
ord1170
ord1200
ord1087
ord1162
ord4008
ord1608
ord4032
ord581
ord1043

msvcr71

__CxxFrameHandler
memset
_except_handler3
free
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
__security_error_handler
_onexit
__dllonexit

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
GetVersionExA
GetSystemTimeAsFileTime

user32

EnableWindow
FillRect

gdi32

Ellipse
GetStockObject

oleaut32

LoadRegTypeLi

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/ProcessCS.dll
.dll windows:4 windows x86 arch:x86

0c023da8453463660b5e4425bb44189b

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

63:40:14:81:55:11:3f:d2:ff:a1:6a:f1:60:65:8a:d8:64:39:fb:ee
Signer

Actual PE Digest

63:40:14:81:55:11:3f:d2:ff:a1:6a:f1:60:65:8a:d8:64:39:fb:ee

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnmapViewOfFile
CloseHandle
SetEvent
ReleaseMutex
GetCurrentProcessId
WaitForSingleObject
OpenMutexW
ResetEvent
WaitForMultipleObjects
OpenProcess
MapViewOfFile
OpenFileMappingW
OpenEventW
CreateEventW
InterlockedCompareExchange
InterlockedExchange
CreateFileMappingW
CreateMutexW
GetLastError
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

user32

PostMessageW

shell32

ShellExecuteW

msvcp71

??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?_Nomemory@std@@YAXXZ

msvcr71

??3@YAXPAX@Z
__CxxFrameHandler
wcscat
wcscpy
swprintf
??_V@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_beginthreadex
malloc
_callnewh
rand
srand
time
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
free
_initterm
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
_purecall

Exports

Exports

CreateProCSClient
CreateProCSServer
ReleasProCSClient
ReleasProCSServer

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/Slide.dll
.dll windows:4 windows x86 arch:x86

a4f24ee3dfb74bb0c708583e595625af

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

40:f6:78:5e:e8:e3:43:a0:f6:32:00:3a:25:69:4f:98:92:cd:47:72
Signer

Actual PE Digest

40:f6:78:5e:e8:e3:43:a0:f6:32:00:3a:25:69:4f:98:92:cd:47:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ddraw

DirectDrawCreate

gdiplus

GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipFillRectangleI
GdipDrawImageRectI
GdipAlloc
GdipCloneBrush
GdipGetImagePixelFormat
GdipLoadImageFromFile
GdipSaveImageToStream
GdipGetImageRawFormat
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageHeight
GdipCloneImage
GdipGetImageWidth
GdiplusStartup
GdipDisposeImage
GdipDeleteGraphics
GdipFree
GdipDeleteBrush
GdiplusShutdown

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
CreateDirectoryW
GetLastError
FindFirstFileW
FindNextFileW
DeleteFileW
FindClose
RemoveDirectoryW
GetTempPathW
WriteFile
CreateFileW
CreateThread
ResumeThread
Sleep
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection

user32

PostMessageW

ole32

CreateStreamOnHGlobal

msvcp71

?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??_D?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXXZ
??7ios_base@std@@QBE_NXZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

msvcr71

??_V@YAXPAX@Z
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
_except_handler3
__security_error_handler
??1type_info@@UAE@XZ
_callnewh
time
srand
_itow
swprintf
_wcsicmp
wcscmp
malloc
free
memmove
_wsetlocale
wcstombs
??3@YAXPAX@Z
__CxxFrameHandler
wcsncpy
_purecall
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_ftime
rand

Exports

Exports

CreateSlideMediaModule
ReleaseSlideMediaModule

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/UICtrls.dll
.dll windows:4 windows x86 arch:x86

921dc7e6324f21371d222d8e1277d3cc

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

bb:26:1b:aa:52:8e:a8:fc:17:95:4c:38:d8:d2:8d:82:30:6a:e8:19
Signer

Actual PE Digest

bb:26:1b:aa:52:8e:a8:fc:17:95:4c:38:d8:d2:8d:82:30:6a:e8:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord2856
ord4480
ord870
ord1472
ord2362
ord1545
ord4238
ord6271
ord5210
ord5196
ord2985
ord3189
ord572
ord620
ord6232
ord6063
ord3756
ord293
ord2282
ord774
ord3990
ord776
ord2895
ord5485
ord280
ord6160
ord899
ord5398
ord2460
ord2311
ord777
ord3204
ord1925
ord3198
ord1271
ord2361
ord2366
ord2086
ord1582
ord4234
ord2121
ord563
ord753
ord6061
ord3395
ord1416
ord1006
ord3927
ord6251
ord3678
ord3417
ord3158
ord587
ord4112
ord1588
ord709
ord501
ord2252
ord3424
ord1922
ord1474
ord4092
ord1538
ord4228
ord591
ord1079
ord2225
ord1959
ord2461
ord2893
ord6116
ord4314
ord2155
ord4882
ord3425
ord1627
ord1539
ord592
ord4109
ord2255
ord326
ord3983
ord3635
ord3435
ord3752
ord2713
ord4347
ord3155
ord1270
ord5633
ord2365
ord2622
ord5178
ord4206
ord4729
ord4884
ord2011
ord1662
ord1661
ord1542
ord5908
ord1392
ord5199
ord4256
ord605
ord354
ord589
ord602
ord1920
ord347
ord330
ord2651
ord2368
ord5648
ord1087
ord4574
ord3448
ord3157
ord3630
ord3458
ord4205
ord4728
ord2013
ord2832
ord390
ord3570
ord741
ord3467
ord2081
ord1628
ord927
ord4230
ord642
ord3482
ord1388
ord6262
ord1924
ord1475
ord4093
ord1561
ord4231
ord657
ord3400
ord3645
ord3483
ord2788
ord1632
ord1562
ord4232
ord658
ord2364
ord3396
ord2867
ord5742
ord2489
ord2876
ord3281
ord4094
ord2085
ord3238
ord1946
ord5727
ord5636
ord5637
ord3995
ord4117
ord1118
ord1274
ord2932
ord3590
ord760
ord3545
ord1634
ord1572
ord715
ord3133
ord3497
ord1058
ord651
ord416
ord1555
ord3560
ord1578
ord731
ord5981
ord1156
ord6278
ord3565
ord1637
ord1579
ord736
ord3134
ord3568
ord1638
ord1580
ord739
ord4755
ord3670
ord3577
ord1641
ord1585
ord4237
ord748
ord6282
ord1202
ord1182
ord1178
ord2297
ord1172
ord2250
ord3249
ord783
ord784
ord5316
ord1154
ord578
ord4042
ord4041
ord310
ord502
ord2066
ord287
ord1479
ord6111
ord282
ord2926
ord3043
ord5558
ord5524
ord2254
ord2871
ord3296
ord3508
ord1027
ord5337
ord2340
ord265
ord1571
ord5327
ord6293
ord6299
ord2260
ord314
ord629
ord584
ord1430
ord1425
ord317
ord5083
ord384
ord929
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord1170
ord1200
ord1162
ord581
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord4179
ord5067
ord1899
ord5148
ord4226
ord1393
ord3940
ord1608
ord1611
ord5911
ord1536
ord2077
ord5609
ord6086
ord1894
ord4119
ord266
ord566
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord1549
ord2534
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord3824
ord757
ord3677
ord283
ord577
ord762
ord391
ord764

msvcr71

_purecall
free
malloc
wcslen
toupper
wcsncpy
swprintf
_wcsicmp
wcsstr
memmove
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcscpy
wcscmp
memset
__CppXcptFilter
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
LocalAlloc
LocalFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
MulDiv
GlobalReAlloc
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
lstrcmpW
lstrcatW
lstrlenW
WinExec
lstrcpyW
WideCharToMultiByte
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
DeleteCriticalSection
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetSystemTimeAsFileTime

user32

EnableWindow
RedrawWindow
InvalidateRect
MoveWindow
SetCursor
GetWindowRect
IsRectEmpty
SendMessageW
LoadCursorW
PtInRect
InflateRect
GetClientRect
ScreenToClient
GetDC
ReleaseDC
SetTimer
KillTimer
GetParent
DestroyCursor
GetMessagePos
IsWindow
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
MessageBoxW
SetWindowRgn
TrackMouseEvent
SetRect
GetClassInfoExW
CallWindowProcW
RemovePropW
DestroyWindow
IntersectRect
GetScrollInfo
GetCursorPos
CreateMenu
CreatePopupMenu
InsertMenuW
LoadMenuW
GetMenuState
AppendMenuW
LoadBitmapW
DrawIcon
ModifyMenuW
SetCapture
GetWindowInfo
GetWindowDC
EnumChildWindows
GetSystemMetrics
GetActiveWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoW
OffsetRect
ShowWindow
GetFocus
RegisterClassW
FindWindowExW
CreateWindowExW
SetPropW
SetParent
SystemParametersInfoW
FillRect
DrawTextExW
FrameRect
LoadIconW
PostMessageW
CopyRect
GetPropW
BeginPaint
EndPaint
DefWindowProcW
ReleaseCapture
IsWindowVisible
GetNextDlgGroupItem
GetClassNameW
GetUpdateRect
SetWindowPos
GetWindowLongW
IsWindowEnabled
GetDlgCtrlID
ClientToScreen
MessageBeep
SetWindowLongW
GetSysColor

gdi32

ExcludeClipRect
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
TextOutW
CreatePatternBrush
GdiFlush
CombineRgn
ExtCreateRegion
CreateDIBSection
CreateRectRgn
OffsetRgn
GetDeviceCaps
CreateDCW
SelectObject
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
BitBlt
GetStockObject
GetTextExtentPoint32W
GetTextExtentPointW
CreateFontIndirectW
GetObjectW

advapi32

RegQueryValueW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

comctl32

_TrackMouseEvent
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Draw

ole32

CreateStreamOnHGlobal

gdiplus

GdipSetInterpolationMode
GdipSetStringFormatHotkeyPrefix
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipSaveImageToFile
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromResource
GdipSetPixelOffsetMode
GdipDrawImageI
GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipSetClipRectI
GdipSetPenMode
GdipSetImageAttributesColorKeys
GdipCreateBitmapFromHBITMAP
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCloneImage
GdipDrawImageRectRectI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneBrush
GdipAlloc
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipDrawRectangleI
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeletePen
GdipCreatePen1
GdipFree
GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatTrimming

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

??0CBrsWndRgnTool@@QAE@XZ
??0CDrawerItem@@QAE@XZ
??0CDrawerMgr@@QAE@ABV0@@Z
??0CDrawerMgr@@QAE@XZ
??0CHyperLink@@QAE@XZ
??0CItemInfo@@QAE@ABV0@@Z
??0CItemInfo@@QAE@XZ
??0CUIButton@@QAE@XZ
??0CUIButtonDraw@@QAE@XZ
??0CUICheckBox@@QAE@XZ
??0CUICheckboxDraw@@QAE@XZ
??0CUIComboBox@@QAE@XZ
??0CUIComboBoxDraw@@QAE@XZ
??0CUIComboBoxEx@@QAE@XZ
??0CUIDialog@@QAE@IPAVCWnd@@@Z
??0CUIDialogBkDraw@@QAE@XZ
??0CUIDialogDraw@@QAE@XZ
??0CUIDrawTypeInfo@@QAE@XZ
??0CUIEdit@@QAE@XZ
??0CUIEditDraw@@QAE@XZ
??0CUIFactory@@QAE@ABV0@@Z
??0CUIFactory@@QAE@XZ
??0CUIFactoryMgr@@QAE@ABV0@@Z
??0CUIFactoryMgr@@QAE@XZ
??0CUIFontDialog@@QAE@ABU_charformatw@@KPAVCDC@@PAVCWnd@@@Z
??0CUIFontDialog@@QAE@PAUtagLOGFONTW@@KPAVCDC@@PAVCWnd@@@Z
??0CUIFontInfo@@QAE@XZ
??0CUIGroupBox@@QAE@XZ
??0CUIGroupBoxDraw@@QAE@XZ
??0CUIHeaderCtrl@@QAE@XZ
??0CUIHeaderCtrlDraw@@QAE@XZ
??0CUIImgDraw@@QAE@XZ
??0CUIListBox@@QAE@XZ
??0CUIListBoxDraw@@QAE@XZ
??0CUIListCtrl@@QAE@XZ
??0CUIListCtrlDraw@@QAE@XZ
??0CUIMenu@@QAE@XZ
??0CUIMenuDraw@@QAE@XZ
??0CUIPage@@QAE@IPAVCWnd@@@Z
??0CUIPlayProgressCtrl@@QAE@XZ
??0CUIPlayProgressCtrlDraw@@QAE@XZ
??0CUIPositionInfo@@QAE@XZ
??0CUIProgressCtrl@@QAE@XZ
??0CUIProgressCtrlDraw@@QAE@XZ
??0CUIRadioButton@@QAE@XZ
??0CUIRadioButtonDraw@@QAE@XZ
??0CUIResMenu@@QAE@XZ
??0CUIResMenuDraw@@QAE@XZ
??0CUIScrollBar@@QAE@XZ
??0CUIScrollBarDraw@@QAE@XZ
??0CUIScrollWnd@@QAE@XZ
??0CUISheet@@QAE@IPAVCWnd@@@Z
??0CUISliderCtrl@@QAE@XZ
??0CUISliderCtrlDraw@@QAE@XZ
??0CUISpinButtonCtrl@@QAE@XZ
??0CUISpinButtonCtrlDraw@@QAE@XZ
??0CUIStatic@@QAE@XZ
??0CUIStaticDraw@@QAE@XZ
??0CUITabCtrl@@QAE@XZ
??0CUITabCtrlDraw@@QAE@XZ
??0CUSMenuWndHook@@QAE@PAUHWND__@@@Z
??0IUICtrlDraw@@QAE@XZ
??1CBrsWndRgnTool@@UAE@XZ
??1CDrawerItem@@UAE@XZ
??1CDrawerMgr@@UAE@XZ
??1CHyperLink@@UAE@XZ
??1CItemInfo@@UAE@XZ
??1CUIButton@@UAE@XZ
??1CUIButtonDraw@@UAE@XZ
??1CUICheckBox@@UAE@XZ
??1CUICheckboxDraw@@UAE@XZ
??1CUIComboBox@@UAE@XZ
??1CUIComboBoxDraw@@UAE@XZ
??1CUIComboBoxEx@@UAE@XZ
??1CUIDialog@@UAE@XZ
??1CUIDialogBkDraw@@UAE@XZ
??1CUIDialogDraw@@UAE@XZ
??1CUIDrawTypeInfo@@UAE@XZ
??1CUIEdit@@UAE@XZ
??1CUIEditDraw@@UAE@XZ
??1CUIFactory@@QAE@XZ
??1CUIFactoryMgr@@AAE@XZ
??1CUIFontDialog@@UAE@XZ
??1CUIFontInfo@@UAE@XZ
??1CUIGroupBox@@UAE@XZ
??1CUIGroupBoxDraw@@UAE@XZ
??1CUIHeaderCtrl@@UAE@XZ
??1CUIHeaderCtrlDraw@@UAE@XZ
??1CUIImgDraw@@UAE@XZ
??1CUIListBox@@UAE@XZ
??1CUIListBoxDraw@@UAE@XZ
??1CUIListCtrl@@UAE@XZ
??1CUIListCtrlDraw@@UAE@XZ
??1CUIMenu@@UAE@XZ
??1CUIMenuDraw@@UAE@XZ
??1CUIPage@@UAE@XZ
??1CUIPlayProgressCtrl@@UAE@XZ
??1CUIPlayProgressCtrlDraw@@UAE@XZ
??1CUIPositionInfo@@UAE@XZ
??1CUIProgressCtrl@@UAE@XZ
??1CUIProgressCtrlDraw@@UAE@XZ
??1CUIRadioButton@@UAE@XZ
??1CUIRadioButtonDraw@@UAE@XZ
??1CUIResMenu@@UAE@XZ
??1CUIResMenuDraw@@UAE@XZ
??1CUIScrollBar@@UAE@XZ
??1CUIScrollBarDraw@@UAE@XZ
??1CUIScrollWnd@@UAE@XZ
??1CUISheet@@UAE@XZ
??1CUISliderCtrl@@UAE@XZ
??1CUISliderCtrlDraw@@UAE@XZ
??1CUISpinButtonCtrl@@UAE@XZ
??1CUISpinButtonCtrlDraw@@UAE@XZ
??1CUIStatic@@UAE@XZ
??1CUIStaticDraw@@UAE@XZ
??1CUITabCtrl@@UAE@XZ
??1CUITabCtrlDraw@@UAE@XZ
??1CUSMenuWndHook@@QAE@XZ
??1IUICtrlDraw@@UAE@XZ
??4CDrawerMgr@@QAEAAV0@ABV0@@Z
??4CItemInfo@@QAEAAV0@ABV0@@Z
??4CUIFactory@@QAEAAV0@ABV0@@Z
??4CUIFactoryMgr@@QAEAAV0@ABV0@@Z
??_7CBrsWndRgnTool@@6B@
??_7CDrawerItem@@6B@
??_7CDrawerMgr@@6B@
??_7CHyperLink@@6B@
??_7CItemInfo@@6B@
??_7CUIButton@@6B@
??_7CUIButtonDraw@@6B@
??_7CUICheckBox@@6B@
??_7CUICheckboxDraw@@6B@
??_7CUIComboBox@@6B@
??_7CUIComboBoxDraw@@6B@
??_7CUIComboBoxEx@@6B@
??_7CUIDialog@@6B@
??_7CUIDialogBkDraw@@6B@
??_7CUIDialogDraw@@6B@
??_7CUIDrawTypeInfo@@6B@
??_7CUIEdit@@6B@
??_7CUIEditDraw@@6B@
??_7CUIFontDialog@@6B@
??_7CUIFontInfo@@6B@
??_7CUIGroupBox@@6B@
??_7CUIGroupBoxDraw@@6B@
??_7CUIHeaderCtrl@@6B@
??_7CUIHeaderCtrlDraw@@6B@
??_7CUIImgDraw@@6B@
??_7CUIListBox@@6B@
??_7CUIListBoxDraw@@6B@
??_7CUIListCtrl@@6B@
??_7CUIListCtrlDraw@@6B@
??_7CUIMenu@@6B@
??_7CUIMenuDraw@@6B@
??_7CUIPage@@6B@
??_7CUIPlayProgressCtrl@@6B@
??_7CUIPlayProgressCtrlDraw@@6B@
??_7CUIPositionInfo@@6B@
??_7CUIProgressCtrl@@6B@
??_7CUIProgressCtrlDraw@@6B@
??_7CUIRadioButton@@6B@
??_7CUIRadioButtonDraw@@6B@
??_7CUIResMenu@@6B@
??_7CUIResMenuDraw@@6B@
??_7CUIScrollBar@@6B@
??_7CUIScrollBarDraw@@6B@
??_7CUIScrollWnd@@6B@
??_7CUISheet@@6B@
??_7CUISliderCtrl@@6B@
??_7CUISliderCtrlDraw@@6B@
??_7CUISpinButtonCtrl@@6B@
??_7CUISpinButtonCtrlDraw@@6B@
??_7CUIStatic@@6B@
??_7CUIStaticDraw@@6B@
??_7CUITabCtrl@@6B@
??_7CUITabCtrlDraw@@6B@
??_7IUICtrlDraw@@6B@
??_FCUIFontDialog@@QAEXXZ
?ActivateTooltip@CUIButton@@AAEXH@Z
?AddCtrlDrawObject@CUIFactory@@QAEHPAVIUICtrlDraw@@@Z
?AddEditCtrl@CDrawerMgr@@AAEXXZ
?AddItem@CDrawerItem@@QAEHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@IJJ@Z
?AddItem@CDrawerMgr@@QAEHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@IJJ@Z
?AddPage@CUISheet@@QAEHPAVCUIPage@@I@Z
?AddRedrawRedrawItem@CUIListCtrl@@IAEXHI@Z
?AddUIFactory@CUIFactoryMgr@@QAEHJ@Z
?AddWndHook@CUSMenuWndHook@@SAPAV1@PAUHWND__@@@Z
?AdjustControl@CUIButton@@AAEXHH@Z
?AdjustControl@CUIComboBox@@AAEXHH@Z
?AutoHideThumb@CUIScrollBar@@QAEXH@Z
?BindingCtrl@CUIScrollWnd@@QAEHPAVCWnd@@III@Z
?BitmapAjustHSV@@YAHAAVBitmap@Gdiplus@@HHHVRect@2@@Z
?BitmapToHBitmap@@YAPAUHBITMAP__@@PAVBitmap@Gdiplus@@@Z
?BitmapToRegion@CBrsWndRgnTool@@IAEPAUHRGN__@@PAUHBITMAP__@@KK@Z
?CHARFORMATToCFont@@YAHPAUHDC__@@ABU_charformatw@@AAVCFont@@@Z
?CHARFORMATToFont@@YAHPAUHDC__@@ABU_charformatw@@AAVFont@Gdiplus@@@Z
?CalculateDrawRect@CUIPlayProgressCtrl@@AAEXXZ
?CalculateDrawRectByPoint@CUIPlayProgressCtrl@@AAEHAAUtagPOINT@@@Z
?CalculateNoClient@CUIScrollWnd@@AAEXPAUtagWINDOWINFO@@@Z
?CalculateSubCtrlRect@CUIScrollWnd@@AAEXPAUtagWINDOWINFO@@@Z
?ChangeBmpSize@@YAXPAVBitmap@Gdiplus@@AAV12@II@Z
?ChangeBound@CBrsWndRgnTool@@QAEXPAVCWnd@@@Z
?ChangeColor@@YA?AVColor@Gdiplus@@K@Z
?ChangeMenuStyle@CUIResMenu@@AAEXPAVCMenu@@PAUHMENU__@@@Z
?ChangeSkin@CUIFactory@@QAEXABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?Clear@CUIFactory@@QAEXXZ
?Clear@CUIFactoryMgr@@QAEXXZ
?Click@CDrawerItem@@QAEXXZ
?Collapse@CDrawerItem@@QAEXXZ
?ContainerCtrlWndProc@CUIComboBox@@KGJPAUHWND__@@IIJ@Z
?ContainerCtrlWndProc@CUIScrollWnd@@CGJPAUHWND__@@IIJ@Z
?Create@CUIEdit@@UAEHKABUtagRECT@@PAVCWnd@@I@Z
?CreateAColorBmp@@YAXAAVBitmap@Gdiplus@@ABK@Z
?CreateBsAndFont@CUIEdit@@AAEXXZ
?CreateObject@CUIButtonDraw@@SGPAVCObject@@XZ
?CreateObject@CUICheckboxDraw@@SGPAVCObject@@XZ
?CreateObject@CUIComboBoxDraw@@SGPAVCObject@@XZ
?CreateObject@CUIDialogBkDraw@@SGPAVCObject@@XZ
?CreateObject@CUIDialogDraw@@SGPAVCObject@@XZ
?CreateObject@CUIDrawTypeInfo@@SGPAVCObject@@XZ
?CreateObject@CUIEditDraw@@SGPAVCObject@@XZ
?CreateObject@CUIFontInfo@@SGPAVCObject@@XZ
?CreateObject@CUIGroupBoxDraw@@SGPAVCObject@@XZ
?CreateObject@CUIHeaderCtrlDraw@@SGPAVCObject@@XZ
?CreateObject@CUIImgDraw@@SGPAVCObject@@XZ
?CreateObject@CUIListBoxDraw@@SGPAVCObject@@XZ
?CreateObject@CUIListCtrlDraw@@SGPAVCObject@@XZ
?CreateObject@CUIMenuDraw@@SGPAVCObject@@XZ
?CreateObject@CUIPlayProgressCtrlDraw@@SGPAVCObject@@XZ
?CreateObject@CUIPositionInfo@@SGPAVCObject@@XZ
?CreateObject@CUIProgressCtrlDraw@@SGPAVCObject@@XZ
?CreateObject@CUIRadioButtonDraw@@SGPAVCObject@@XZ
?CreateObject@CUIResMenuDraw@@SGPAVCObject@@XZ
?CreateObject@CUIScrollBarDraw@@SGPAVCObject@@XZ
?CreateObject@CUISliderCtrlDraw@@SGPAVCObject@@XZ
?CreateObject@CUISpinButtonCtrlDraw@@SGPAVCObject@@XZ
?CreateObject@CUIStaticDraw@@SGPAVCObject@@XZ
?CreateObject@CUITabCtrlDraw@@SGPAVCObject@@XZ
?CreateRegion@CBrsWndRgnTool@@QAEXPAUHBITMAP__@@PAVCRgn@@AAVCSize@@PAUHINSTANCE__@@@Z
?CtlColor@CHyperLink@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CUIEdit@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CUIListBox@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CUIStatic@@QAEPAUHBRUSH__@@PAVCDC@@I@Z
?DealAcceleratorsKey@CUIDialog@@IAEKHPAUHMENU__@@H@Z
?DelUIFactory@CUIFactoryMgr@@QAEHJ@Z
?DeleteItem@CDrawerItem@@QAEXH@Z
?DeleteItem@CDrawerMgr@@QAEXH@Z
?DestroyWindow@CHyperLink@@UAEHXZ
?DoDataExchange@CUIDialog@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@CUIPage@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@CUISheet@@MAEXPAVCDataExchange@@@Z
?Draw9Cells@@YAXPAUHDC__@@PAVBitmap@Gdiplus@@ABVCRect@@2ABUtagRECT@@K@Z
?Draw9Cells@@YAXPAUHDC__@@PAVBitmap@Gdiplus@@ABVRect@3@2IIIIK@Z
?Draw@CUIButton@@AAEXPAUHDC__@@PAUtagRECT@@@Z
?Draw@CUIComboBox@@AAEXXZ
?Draw@CUIGroupBoxDraw@@QAEXPAVCDC@@ABVCRect@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCWnd@@W4ENUM_UIGROUPBOX_STYLE@1@@Z
?Draw@CUIPlayProgressCtrl@@AAEXXZ
?Draw@CUIProgressCtrl@@AAEXXZ
?Draw@CUIStatic@@AAEXXZ
?DrawAngle@CUIScrollBarDraw@@IAEXPAUHDC__@@VCRect@@I@Z
?DrawBackground@CUIStatic@@AAEXPAUtagRECT@@@Z
?DrawBg@CUIHeaderCtrlDraw@@IAEXPAUHDC__@@VCRect@@I@Z
?DrawBg@CUIListCtrlDraw@@IAEXPAUHDC__@@AAVCRect@@I@Z
?DrawBg@CUIScrollBarDraw@@IAEXPAUHDC__@@VCRect@@I@Z
?DrawBorder@CUIGroupBoxDraw@@IAEXPAVCDC@@AAVCRect@@W4ENUM_UIGROUPBOX_STYLE@1@@Z
?DrawBorder@CUIScrollWnd@@AAEXPAUHDC__@@PAUtagRECT@@@Z
?DrawBtnDown@CUISpinButtonCtrlDraw@@QAEXPAUHDC__@@VCRect@@HHH@Z
?DrawBtnUp@CUISpinButtonCtrlDraw@@QAEXPAUHDC__@@VCRect@@HHH@Z
?DrawCheckBox@CUIListCtrlDraw@@IAEXPAUHDC__@@AAVCRect@@I@Z
?DrawDBToDC@CUIDialog@@IAEXPAVCDC@@ABVCRect@@@Z
?DrawDBToDC@CUIFontDialog@@AAEXPAVCDC@@ABVCRect@@@Z
?DrawDialogToDB@CUIDialog@@MAEXPAVCDC@@ABVCRect@@H@Z
?DrawDialogToDB@CUIFontDialog@@AAEXPAVCDC@@ABVCRect@@@Z
?DrawDownArraw@CUIScrollBarDraw@@IAEXPAUHDC__@@VCRect@@I@Z
?DrawHSliderCtrl@CUISliderCtrlDraw@@QAEXPAUtagNMCUSTOMDRAWINFO@@PAJHH@Z
?DrawIcon@CUIResMenu@@QAEXPAUHDC__@@VCRect@@IHH@Z
?DrawItem@CUIComboBox@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIComboBoxEx@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIHeaderCtrlDraw@@QAEXPAUHDC__@@VCRect@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawItem@CUIListBox@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIListCtrl@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIMenu@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIResMenu@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIScrollBarDraw@@QAEXPAUHDC__@@IVCRect@@I@Z
?DrawItem@CUITabCtrl@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawMenuBk@CUIResMenuDraw@@AAEXPAUHDC__@@ABVCRect@@@Z
?DrawSubItem@CUIListCtrlDraw@@QAEXAAUsLisctCtrlItem@@@Z
?DrawTextW@CUIComboBoxEx@@AAEXPAUHDC__@@@Z
?DrawTextW@CUIHeaderCtrlDraw@@IAEXPAUHDC__@@VCRect@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawTextW@CUIListCtrlDraw@@IAEXPAUHDC__@@AAVCRect@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawThumb@CUIScrollBarDraw@@IAEXPAUHDC__@@VCRect@@I@Z
?DrawUIBKToChild@IUICtrlDraw@@IAEXPAUHDC__@@ABVCRect@@1@Z
?DrawUIButton@CUIButtonDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@HHPB_W@Z
?DrawUIButtonByDIS@CUIButtonDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@PB_W@Z
?DrawUIButtonByStatus@CUIButtonDraw@@AAEXABQAUtagDRAWITEMSTRUCT@@ABVCUIDrawTypeInfo@@ABVCUIFontInfo@@PB_W@Z
?DrawUICheckBoxByDIS@CUICheckboxDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@PB_W@Z
?DrawUICheckbox@CUICheckboxDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@PB_WHH@Z
?DrawUICheckboxByStatus@CUICheckboxDraw@@AAEXABQAUtagDRAWITEMSTRUCT@@ABVCUIDrawTypeInfo@@ABVCUIFontInfo@@PB_W@Z
?DrawUICtrlText@@YAXPAUHDC__@@PB_WABVCPoint@@PBU_charformatw@@KHH@Z
?DrawUICtrlText@@YAXPAUHDC__@@PB_WVCRect@@EEPBU_charformatw@@KHH@Z
?DrawUIDialog1@CUIDialogDraw@@AAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawUIDialog@CUIDialogDraw@@QAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawUIDialogBk@CUIDialogBkDraw@@QAEXPAUHDC__@@ABVCRect@@@Z
?DrawUIDialogCaption@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DrawUIDialogCaption@CUIDialogDraw@@QAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DrawUIDialogCaption@CUIFontDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DrawUIDialogFrame@CUIDialogDraw@@AAEXPAUHDC__@@ABVCRect@@ABVCUIDrawTypeInfo@@V3@@Z
?DrawUIDialogFrameAndBk@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawUIDialogFrameAndBk@CUIFontDialog@@MAEXPAUHDC__@@ABVCRect@@HABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?DrawUIDialogIcon@CUIDialog@@MAEXPAUHDC__@@ABVCRect@@H@Z
?DrawUIDialogIcon@CUIDialogDraw@@QAEXPAUHDC__@@ABVCRect@@H@Z
?DrawUIDialogIcon@CUIFontDialog@@MAEXPAUHDC__@@ABVCRect@@H@Z
?DrawUIEditBk@CUIEditDraw@@QAEXPAVCDC@@VCRect@@K@Z
?DrawUIEditBorder@CUIEditDraw@@QAEXPAVCDC@@VCRect@@KKPAUtagWINDOWINFO@@@Z
?DrawUIListBoxByStatus@CUIListBoxDraw@@QAEXPAUHDC__@@ABVCUIDrawTypeInfo@@ABVCUIFontInfo@@ABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAVCRect@@@Z
?DrawUIListBoxItem@CUIListBoxDraw@@QAEXPAUHDC__@@ABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAVCRect@@HH@Z
?DrawUIPlayProgressCtrl@CUIPlayProgressCtrlDraw@@QAEXPAUHDC__@@ABVCRect@@1111@Z
?DrawUIProgressCtrl@CUIProgressCtrlDraw@@QAEXPAUHDC__@@ABVCRect@@1@Z
?DrawUIRadioButton@CUIRadioButtonDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@PB_WHH@Z
?DrawUIRadioButtonByDIS@CUIRadioButtonDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@PB_W@Z
?DrawUIRadioButtonByStatus@CUIRadioButtonDraw@@AAEXABQAUtagDRAWITEMSTRUCT@@ABVCUIDrawTypeInfo@@ABVCUIFontInfo@@PB_W@Z
?DrawUIResMenu@CUIResMenuDraw@@QAEXABQAUtagDRAWITEMSTRUCT@@ABVCRect@@PAVCUIResMenu@@@Z
?DrawUITabCtrl@CUITabCtrlDraw@@QAEXPAUHDC__@@PAVCUITabCtrl@@@Z
?DrawUITabCtrlBk@CUITabCtrlDraw@@AAEXPAUHDC__@@ABVCRect@@@Z
?DrawUITabCtrlByStatus@CUITabCtrlDraw@@AAEXPAUHDC__@@ABVCUIDrawTypeInfo@@ABVCRect@@ABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DrawUpArraw@CUIScrollBarDraw@@IAEXPAUHDC__@@VCRect@@I@Z
?DrawVSliderCtrl@CUISliderCtrlDraw@@QAEXPAUtagNMCUSTOMDRAWINFO@@PAJHH@Z
?EnableItemDraw@CUIComboBox@@QAEXH@Z
?EnableSubclassList@CUIComboBox@@QAEXH@Z
?EnumProcSubClass@CUIFontDialog@@KGHPAUHWND__@@J@Z
?ExcludeDlgItemRect@UICommonFunction@@YAXPAUHWND__@@PAUHDC__@@PAUtagRECT@@H@Z
?Exit@CUISheet@@QAEHXZ
?Expand@CDrawerItem@@QAEXXZ
?FileNameFilter@CDrawerMgr@@AAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?Finish@CUISheet@@QAEHXZ
?FreshItemList@CDrawerMgr@@QAEXXZ
?Get4CornersHBMPs@CUIDialog@@QAEXXZ
?Get4CornersHBMPs@CUIFontDialog@@AAEXXZ
?GetAcceleratorKey@CUIResMenu@@AAEHPB_W@Z
?GetActiveIndex@CUISheet@@QBEIXZ
?GetActivePage@CUISheet@@QBEPAVCUIPage@@XZ
?GetAutoSize@CHyperLink@@QBEHXZ
?GetBkColorDisable@CUIEditDraw@@QAEKXZ
?GetBkColorNormal@CUIEditDraw@@QAEKXZ
?GetBkColorReadOnly@CUIEditDraw@@QAEKXZ
?GetBorderHeight@CUIListBox@@QAEHXZ
?GetBorderHeight@CUIScrollWnd@@QAEHXZ
?GetBorderWidth@CUIListBox@@QAEHXZ
?GetBorderWidth@CUIScrollWnd@@QAEHXZ
?GetBtnsCRect@CUIDialog@@AAEXXZ
?GetClientRect@CUIListCtrl@@QAEXPAUtagRECT@@@Z
?GetClientRectUIDlg@CUIDialog@@QBEXPAUtagRECT@@@Z
?GetCornersBmpFromDlgBmp@CUIDialog@@QAEXPBVBitmap@Gdiplus@@UtagRECT@@AAPAV23@@Z
?GetCornersHBMPFromDlgHBMP@CUIDialog@@QAEXPAUHBITMAP__@@UtagRECT@@AAVCBitmap@@@Z
?GetCornersHBMPFromDlgHBMP@CUIFontDialog@@AAEXPAUHBITMAP__@@UtagRECT@@AAVCBitmap@@@Z
?GetCtrlDrawObject@CUIFactory@@QAEPAVIUICtrlDraw@@W4eunm_Ctrl_Draw_Type@@J@Z
?GetCurrScrollInfo@CUIScrollBar@@QAEHPAUtagSCROLLINFO@@@Z
?GetCurrScrollWidth@CUIScrollBar@@QAEHXZ
?GetDLPos@CUIPlayProgressCtrl@@QAEHXZ
?GetDisableBorderColor@CUIEditDraw@@QAEKXZ
?GetDisableFont@CUIEditDraw@@QAEPBVCUIFontInfo@@XZ
?GetDrawDC@CUIListCtrl@@IAEPAUHDC__@@XZ
?GetDrawItemRect@CUIListCtrl@@IAEHHHIAAVCRect@@@Z
?GetDrawerMgr@CDrawerItem@@QAEPAVCDrawerMgr@@XZ
?GetEncoderClsid@@YAHPB_WPAU_GUID@@@Z
?GetHoverColour@CHyperLink@@QBEKXZ
?GetIconIndexByID@CUIResMenu@@QAEHI@Z
?GetIsHandCur@CDrawerMgr@@QAEHXZ
?GetItem@CDrawerItem@@QAEPAV1@H@Z
?GetItem@CDrawerMgr@@QAEPAVCDrawerItem@@H@Z
?GetItemCount@CDrawerItem@@QAEHXZ
?GetItemCount@CDrawerMgr@@QAEHXZ
?GetItemData@CDrawerItem@@QAEKXZ
?GetItemID@CDrawerItem@@QAEIXZ
?GetItemLevel@CDrawerItem@@QAEXAAH0@Z
?GetItemRectOnImg@CUIResMenuDraw@@AAEXABVCRect@@AAV2@@Z
?GetItemSize@CDrawerMgr@@QAE?AVCSize@@XZ
?GetItemState@CUIButton@@AAEHI@Z
?GetItemWidthAndHeight@CDrawerItem@@QAEXAAH0@Z
?GetLinkColour@CHyperLink@@QBEKXZ
?GetLinkCursor@CHyperLink@@QBEPAUHICON__@@XZ
?GetMenuItemHeight@CUIResMenu@@QAEIXZ
?GetMessageMap@CDrawerItem@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CHyperLink@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIComboBox@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIComboBoxEx@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIDialog@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIEdit@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIFontDialog@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIGroupBox@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIHeaderCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIListBox@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIListCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIPage@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIPlayProgressCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIProgressCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIScrollBar@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIScrollWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUISheet@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUISliderCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUISpinButtonCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIStatic@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUITabCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetNextDrawTypeID@IUICtrlDraw@@UAEIW4eunm_Ctrl_Draw_Type@@@Z
?GetNextImgResID@CUIImgDraw@@UAEIXZ
?GetNoHidingRect@UICommonFunction@@YAXPAUHWND__@@PAUtagRECT@@1H@Z
?GetNormalBorderColor@CUIEditDraw@@QAEKXZ
?GetNormalFont@CUIEditDraw@@QAEPBVCUIFontInfo@@XZ
?GetOffSet@CUIDialog@@QAE?AVCSize@@XZ
?GetPage@CUISheet@@QBEPAVCUIPage@@I@Z
?GetPageCount@CUISheet@@QBEIXZ
?GetParent@CUIListCtrl@@QAEPAVCWnd@@XZ
?GetParentWnd@CDrawerMgr@@QAEPAVCWnd@@XZ
?GetPlayPos@CUIPlayProgressCtrl@@QAEHXZ
?GetRange@CUIPlayProgressCtrl@@QAEHAAH0@Z
?GetReadOnlyBorderColor@CUIEditDraw@@QAEKXZ
?GetRegKey@CHyperLink@@IAEJPAUHKEY__@@PB_WPA_W@Z
?GetRuntimeClass@CUIButton@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIButtonDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUICheckBox@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUICheckboxDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIComboBox@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIComboBoxDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIComboBoxEx@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIDialog@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIDialogBkDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIDialogDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIDrawTypeInfo@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIEdit@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIEditDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIFontDialog@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIFontInfo@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIGroupBox@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIGroupBoxDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIHeaderCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIHeaderCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIImgDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIListBox@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIListBoxDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIListCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIListCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIMenuDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIPage@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIPlayProgressCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIPlayProgressCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIPositionInfo@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIProgressCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIProgressCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIRadioButton@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIRadioButtonDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIResMenu@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIResMenuDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIScrollBar@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIScrollBarDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIScrollWnd@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUISheet@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUISliderCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUISliderCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUISpinButtonCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUISpinButtonCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIStatic@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIStaticDraw@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUITabCtrl@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUITabCtrlDraw@@UBEPAUCRuntimeClass@@XZ
?GetScreenBitmap@CUSMenuWndHook@@QAEPAUHBITMAP__@@PBUtagRECT@@@Z
?GetStringPXSize@@YA?AVCSize@@ABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBVFont@Gdiplus@@PBVStringFormat@5@@Z
?GetThisClass@CUIButton@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIButtonDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUICheckBox@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUICheckboxDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIComboBox@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIComboBoxDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIComboBoxEx@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIDialog@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIDialogBkDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIDialogDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIDrawTypeInfo@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIEdit@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIEditDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIFontDialog@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIFontInfo@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIGroupBox@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIGroupBoxDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIHeaderCtrl@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIHeaderCtrlDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIImgDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIListBox@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIListBoxDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIListCtrl@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIListCtrlDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIMenuDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIPage@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIPlayProgressCtrl@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIPlayProgressCtrlDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIPositionInfo@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIProgressCtrl@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIProgressCtrlDraw@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIRadioButton@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CUIRadioButtonDraw@@SGPAUCRuntimeClass@@XZ

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/VRCamera$_5_.ax
.dll regsvr32 windows:4 windows x86 arch:x86

10798220f1cbe5d01a8c02e6c0b704b7

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

e8:5b:a9:27:ec:93:4b:b0:73:3d:8a:6f:72:3c:37:c1:1e:12:2b:a4
Signer

Actual PE Digest

e8:5b:a9:27:ec:93:4b:b0:73:3d:8a:6f:72:3c:37:c1:1e:12:2b:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

DisableThreadLibraryCalls
InterlockedIncrement
FreeLibrary
InterlockedDecrement
lstrcpynW
CloseHandle
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
GetCurrentThreadId
lstrlenW
GetModuleHandleW
InitializeCriticalSection
GetTickCount
CreateThread
GetSystemTimeAsFileTime
QueryPerformanceCounter
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
OpenEventW
OpenFileMappingW
MapViewOfFile
Sleep
GetModuleFileNameA
GetLastError
lstrlenA
MultiByteToWideChar
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
DeleteCriticalSection
OpenMutexW
InterlockedExchange
RaiseException
GetProcAddress
OpenProcess
ReleaseMutex
UnmapViewOfFile
InterlockedCompareExchange
GetCurrentProcessId

user32

LoadImageW
SetRectEmpty
wsprintfW

gdi32

StretchDIBits
SetStretchBltMode
StretchBlt
SelectObject
DeleteDC
CreateCompatibleDC
GetObjectW
DeleteObject
GetBitmapBits
CreateBitmap

advapi32

RegOpenKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoUninitialize

msvcp71

?_Nomemory@std@@YAXXZ
?_Xlen@_String_base@std@@QBEXXZ
?_Xran@_String_base@std@@QBEXXZ

gdiplus

GdiplusShutdown

msimg32

TransparentBlt
AlphaBlend

msvcr71

__CppXcptFilter
_adjust_fdiv
srand
rand
time
__security_error_handler
__CxxFrameHandler
??_V@YAXPAX@Z
free
_except_handler3
wcscpy
wcsrchr
??3@YAXPAX@Z
malloc
_CxxThrowException
memmove
wcslen
swprintf
wcscat
_purecall
_wtoi
memset
_callnewh
__dllonexit
_onexit
_initterm

ddraw

DirectDrawCreate

shell32

ShellExecuteW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/VRCamera.ax
.dll regsvr32 windows:4 windows x86 arch:x86

10798220f1cbe5d01a8c02e6c0b704b7

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

e8:5b:a9:27:ec:93:4b:b0:73:3d:8a:6f:72:3c:37:c1:1e:12:2b:a4
Signer

Actual PE Digest

e8:5b:a9:27:ec:93:4b:b0:73:3d:8a:6f:72:3c:37:c1:1e:12:2b:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

DisableThreadLibraryCalls
InterlockedIncrement
FreeLibrary
InterlockedDecrement
lstrcpynW
CloseHandle
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
GetCurrentThreadId
lstrlenW
GetModuleHandleW
InitializeCriticalSection
GetTickCount
CreateThread
GetSystemTimeAsFileTime
QueryPerformanceCounter
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
OpenEventW
OpenFileMappingW
MapViewOfFile
Sleep
GetModuleFileNameA
GetLastError
lstrlenA
MultiByteToWideChar
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
DeleteCriticalSection
OpenMutexW
InterlockedExchange
RaiseException
GetProcAddress
OpenProcess
ReleaseMutex
UnmapViewOfFile
InterlockedCompareExchange
GetCurrentProcessId

user32

LoadImageW
SetRectEmpty
wsprintfW

gdi32

StretchDIBits
SetStretchBltMode
StretchBlt
SelectObject
DeleteDC
CreateCompatibleDC
GetObjectW
DeleteObject
GetBitmapBits
CreateBitmap

advapi32

RegOpenKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoUninitialize

msvcp71

?_Nomemory@std@@YAXXZ
?_Xlen@_String_base@std@@QBEXXZ
?_Xran@_String_base@std@@QBEXXZ

gdiplus

GdiplusShutdown

msimg32

TransparentBlt
AlphaBlend

msvcr71

__CppXcptFilter
_adjust_fdiv
srand
rand
time
__security_error_handler
__CxxFrameHandler
??_V@YAXPAX@Z
free
_except_handler3
wcscpy
wcsrchr
??3@YAXPAX@Z
malloc
_CxxThrowException
memmove
wcslen
swprintf
wcscat
_purecall
_wtoi
memset
_callnewh
__dllonexit
_onexit
_initterm

ddraw

DirectDrawCreate

shell32

ShellExecuteW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/VideoCapture.dll
.dll windows:4 windows x86 arch:x86

e5b55b71f8f4a42958bcaad98abfdaf3

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:44:df:2d:d2:18:cb:26:83:67:fc:f8:50:08:b6:0d:3d:17:22:b6
Signer

Actual PE Digest

0b:44:df:2d:d2:18:cb:26:83:67:fc:f8:50:08:b6:0d:3d:17:22:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
FreeLibrary
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrcpynW
lstrcmpW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
ExitProcess

ole32

CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree
CoInitialize
CoCreateInstance

oleaut32

OleCreatePropertyFrame

msvcr71

_initterm
malloc
_adjust_fdiv
__CppXcptFilter
__security_error_handler
_onexit
__dllonexit
memset
swprintf
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??2@YAPAXI@Z
wcscmp
strstr
wcsncpy
__CxxFrameHandler
_except_handler3
free
??3@YAXPAX@Z

winmm

timeGetTime

Exports

Exports

CreateVideoCapture
DestroyVideoCapture

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/VideoEffect.dll
.dll windows:4 windows x86 arch:x86

fc4e7b5ec3969c5ccd25156519973d3e

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

6f:d5:05:1f:d1:da:83:2d:36:4f:33:87:70:8c:db:59:f3:03:53:31
Signer

Actual PE Digest

6f:d5:05:1f:d1:da:83:2d:36:4f:33:87:70:8c:db:59:f3:03:53:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ddraw

DirectDrawCreate

gdiplus

GdipDeleteBrush
GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipDrawString
GdipDrawImageRectI
GdipAlloc
GdipCloneBrush
GdipCloneImage
GdipLoadImageFromFile
GdipSaveImageToStream
GdipGetImageRawFormat
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdiplusShutdown
GdiplusStartup
GdipCloneFont
GdipMeasureString
GdipCreateFromHDC
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipCreateSolidFill
GdipGetPropertyItemSize

mfc71u

ord1182
ord283
ord6161
ord577
ord1079
ord1093
ord371
ord1168
ord762
ord764
ord266
ord265
ord1178

msvcr71

?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
__security_error_handler
_except_handler3
memset
pow
swprintf
wcsncpy
_mktime64
wcscpy
_purecall
memmove
_CxxThrowException
??0exception@@QAE@ABV0@@Z
wcscmp
??0exception@@QAE@XZ
??1exception@@UAE@XZ
malloc
free
__CxxFrameHandler
wcslen
wcsrchr

kernel32

GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetModuleHandleW
GetModuleFileNameW
GetSystemTime
GetFileAttributesW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep

user32

ReleaseDC
IsWindow
GetDC

shlwapi

PathFileExistsW

ole32

CreateStreamOnHGlobal

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

CreateFilterEffectIns
CreateVideoEffectIns
ReleaseFilterEffectIns
ReleaseVideoEffectIns

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/VolumeCtrl.dll
.dll windows:5 windows x86 arch:x86

9f214f5ff27e25a36acb6f280f58f6be

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

8b:18:34:45:ee:42:5a:86:09:e6:cc:63:ed:a2:4b:60:0c:40:89:c0
Signer

Actual PE Digest

8b:18:34:45:ee:42:5a:86:09:e6:cc:63:ed:a2:4b:60:0c:40:89:c0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DebugBreak
FatalExit
OutputDebugStringW
MultiByteToWideChar
CompareStringW
CompareStringA
ReadFile
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
Sleep
HeapSize
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
CreateFileA
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA

user32

MessageBoxW
PostMessageW

ole32

CoCreateGuid
CoInitialize
PropVariantClear
CoTaskMemFree
CoUninitialize
CoCreateInstance

Exports

Exports

CreateVolumeForVista
ReleaseVolumeForVista

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/data/IllWord.dat
Dance/Player/data/common.dat
Dance/Player/gdiplus.dll
.dll windows:5 windows x86 arch:x86

7941976a82dd7ff8b1a2ea069878fab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
RaiseException
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetSystemDefaultLCID
GetProcAddress
GetModuleHandleW
GetACP
GetVersionExA
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
SearchPathA
InterlockedIncrement
CreateSemaphoreA
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpyA
lstrcatA
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy
LoadLibraryA

user32

ReleaseDC
LoadBitmapW
LoadBitmapA
wsprintfW
SystemParametersInfoA
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
GetIconInfo
ClientToScreen
wvsprintfA
GetDCEx
GetWindowLongA
GetClassLongA

gdi32

GetNearestPaletteIndex
GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
GetViewportExtEx
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
SetDIBColorTable
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
PolyPolyline
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt
CreateBrushIndirect

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/msvcp71.dll
.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp71.pdb

Imports

msvcr71

setvbuf
fflush
ungetc
fgetc
fwrite
fputc
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
__iob_func
fopen
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
strtol
_errno
_Strftime
strcspn
strtoul
_strtoi64
_strtoui64
sprintf
abort
realloc
setlocale
_CxxThrowException
??0exception@@QAE@XZ
malloc
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__uncaught_exception
towlower
towupper
strcmp
__pctype_func
___lc_codepage_func
___lc_handle_func
_unlock
_lock
___setlc_active_func
___unguarded_readlc_active_add_func
_except_handler3
_local_unwind2
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
islower
__crtGetStringTypeW
__crtLCMapStringW
_callnewh
__crtCompareStringW
strtod
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
___mb_cur_max_func
??_V@YAXPAX@Z
??3@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove
??1exception@@UAE@XZ
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@_W@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/msvcr71.dll
.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr71.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPAGIPBGPAD@Z
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_purecall_handler
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Player/skin/DefaultSkinPlayer.ggs
Dance/Player/skin/PlayerBack.bmp
Dance/Player/skin/PlayerBack176.bmp
Dance/Player/skin/PlayerBack240.bmp
Dance/Player/skin/PlayerBack352.bmp
Dance/Player/skin/PlayerBack640.bmp
Dance/ResCenter.dll
.dll windows:4 windows x86 arch:x86

aeb7c69f39c12f94003f3a31a9bc7817

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

ee:52:31:fe:8d:b4:08:6e:31:7a:2b:2d:3e:d2:e6:2e:4a:93:b1:34
Signer

Actual PE Digest

ee:52:31:fe:8d:b4:08:6e:31:7a:2b:2d:3e:d2:e6:2e:4a:93:b1:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord577
ord870
ord2311
ord283
ord776
ord2121
ord3824
ord314
ord293
ord774
ord1189
ord5914
ord5558
ord2895
ord5524
ord1479
ord282
ord2926
ord1472
ord5657
ord5913
ord5280
ord266
ord6284
ord655
ord629
ord1430
ord265
ord383
ord5300
ord5105
ord421
ord3927
ord6111
ord897
ord2444
ord896
ord2261
ord6002
ord1176
ord5711
ord894
ord777
ord900
ord772
ord745
ord2260
ord557
ord1162
ord1087
ord1079
ord1200
ord1170
ord1168
ord1192
ord1115
ord371
ord1093
ord1199
ord581
ord1197
ord1033
ord315
ord765
ord280
ord2239
ord566
ord757
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord3677
ord762
ord313
ord764

msvcr71

malloc
_initterm
__security_error_handler
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
_except_handler3
memset
strncpy
vsprintf
printf
fopen
fprintf
localtime
_adjust_fdiv
_endthreadex
_purecall
wcslen
fputwc
_wtoi64
wcscmp
fread
_waccess
memmove
time
srand
_ftime
__CppXcptFilter
?terminate@@YAXXZ
sprintf
rand
wcsncpy
_wfopen
fseek
fclose
_wrename
wcscpy
_wtoi
_beginthreadex
_wcsicmp
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
fwrite

kernel32

SetFilePointer
DeleteFileW
CloseHandle
InterlockedExchangeAdd
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileSize
CreateFileW
CreateDirectoryW
CreateMutexW
ReleaseMutex
GetPrivateProfileStringW
WaitForSingleObject
WritePrivateProfileStringW
GetLastError
SetFileAttributesW
FindClose
FindFirstFileW
WideCharToMultiByte
MultiByteToWideChar
CreateEventW
SetEvent
ResetEvent
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
ReadFile

user32

PostMessageW

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

wininet

InternetQueryDataAvailable

ws2_32

recv
inet_ntoa
shutdown
WSAStartup
WSACleanup
closesocket
send
connect
socket
gethostbyname
htons
inet_addr

Exports

Exports

CreateResCenter
DestroyResCenter
SetMainPath
SetResPath

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/RtpStack.DLL
.dll windows:4 windows x86 arch:x86

784794bd29e6f793431c8af904f233f2

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:db:ec:99:17:4e:01:26:d6:ec:6c:90:e3:2d:ad:10:77:02:4f:64
Signer

Actual PE Digest

2e:db:ec:99:17:4e:01:26:d6:ec:6c:90:e3:2d:ad:10:77:02:4f:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
TerminateThread
WaitForSingleObject
Sleep
SetThreadPriority
CreateThread
WideCharToMultiByte
MultiByteToWideChar
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
GetTickCount
QueryPerformanceCounter
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
FlushFileBuffers
SetStdHandle
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
ResetEvent
WaitForMultipleObjects
SetEvent
IsBadReadPtr
UnmapViewOfFile
MapViewOfFile
lstrcpyA
CreateProcessA
CreateFileMappingA
GetCurrentProcessId
GetModuleFileNameA
CreateEventA
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
SetUnhandledExceptionFilter
GetTimeZoneInformation
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
SetFilePointer

ole32

CoCreateGuid

msacm32

acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmDriverClose
acmStreamClose
acmFormatEnumW
acmMetrics
acmDriverOpen
acmDriverDetailsW
acmStreamOpen
acmDriverEnum

msvfw32

ICSendMessage
ICClose
ICDecompress
ICCompress
ICOpen

winmm

waveOutReset
waveOutOpen
waveOutGetNumDevs
waveOutWrite
waveOutPrepareHeader
timeGetTime
waveOutUnprepareHeader
waveOutClose

Exports

Exports

CreateRtpStack
ReleaseRtpStack

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Skin/2010beta1DownLoader.ggs
Dance/Skin/2010beta1EquipCenterSkin.ggs
Dance/Skin/2010beta1Skin.ggs
Dance/Skin/2010beta1Skin_0.ggs
Dance/Skin/2010beta1UpdateSkin.ggs
Dance/Skin/Alarm.png
.png
Dance/Skin/DefFace.bmp
Dance/Skin/DefFace_16.bmp
Dance/Skin/Thumbs.db
Dance/Skin/VideoBack.bmp
Dance/Skin/WndBack.bmp
Dance/Skin/default_female.png
.png
Dance/Skin/default_male.png
.png
Dance/Skin/jilv.jpg
.jpg
Dance/Thumbs.db
Dance/UIToolTip.dll
.dll windows:4 windows x86 arch:x86

0b5fe4eb2b7be03512291391bd4a08c3

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

37:94:23:b2:32:ae:3a:92:17:f3:d2:d1:e6:23:de:90:e2:87:21:62
Signer

Actual PE Digest

37:94:23:b2:32:ae:3a:92:17:f3:d2:d1:e6:23:de:90:e2:87:21:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71u

ord4074
ord5414
ord5485
ord4078
ord5705
ord3678
ord3395
ord1079
ord4119
ord2361
ord2366
ord1894
ord2648
ord709
ord501
ord6086
ord2311
ord1183
ord1155
ord314
ord1955
ord6061
ord2863
ord3345
ord3946
ord3561
ord5210
ord5911
ord1611
ord1608
ord3940
ord1393
ord4238
ord5148
ord1899
ord5067
ord6271
ord4179
ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord3824
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord894
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1647
ord1646
ord1590
ord5196
ord2856
ord4480
ord3331
ord760
ord572
ord757
ord566
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord6165
ord2261
ord896
ord5558
ord762
ord1472
ord2926
ord282
ord6111
ord1479
ord3990
ord4100
ord6173
ord6167
ord2444
ord899
ord870
ord3927
ord2895
ord2260
ord4101
ord774
ord2121
ord776
ord2460
ord5398
ord283
ord4026
ord280
ord1058
ord577
ord293
ord266
ord265
ord764
ord2407
ord2239
ord3826
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord1170
ord1200
ord1087
ord1162
ord581
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord931
ord3677

msvcr71

?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
__security_error_handler
free
_except_handler3
wcstoul
_wtoi
wcsstr
memmove
_CxxThrowException
??0exception@@QAE@ABV0@@Z
wcscpy
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
rand
memset

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetVersionExA
lstrcatW
lstrlenW
WinExec
MulDiv
GetWindowsDirectoryW
LoadLibraryW
lstrcpyW
LoadLibraryExW
FreeLibrary
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

EnableWindow
GetWindowTextW
ClientToScreen
GetParent
ChildWindowFromPoint
IsWindowEnabled
DefWindowProcW
GetCursorPos
WindowFromPoint
KillTimer
SetTimer
ScreenToClient
SetWindowRgn
EqualRect
GetClassInfoW
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
GetWindowLongW
GetClassNameW
IsWindow
OffsetRect
GetWindowRect
GetSystemMetrics
GetSysColor
SetCursor
DestroyCursor
LoadCursorW
SendMessageW
LoadImageW
CopyIcon
DestroyIcon
FillRect
GetDC
CreateIconIndirect
ReleaseDC
GetIconInfo

gdi32

MoveToEx
OffsetRgn
CreateRoundRectRgn
CreateRectRgn
CreatePolygonRgn
CombineRgn
FillRgn
SelectClipRgn
FrameRgn
TextOutW
SetTextJustification
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreatePen
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBSection
GetObjectW
StretchBlt
CreateBitmap
CreateSolidBrush
LineTo

advapi32

RegCloseKey
RegQueryValueW
RegOpenKeyExW

shell32

ShellExecuteW

comctl32

ord17
ImageList_GetIcon
ImageList_GetImageCount

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

CreateToolTipModule
ReleaseToolTipModule

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/Update.exe
.exe windows:4 windows x86 arch:x86

32cb8f01aa228b2c29ac6ef82ff6b1de

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

34:36:45:08:62:18:6c:5f:77:ef:d2:d8:d7:9b:96:c7:10:08:64:8f
Signer

Actual PE Digest

34:36:45:08:62:18:6c:5f:77:ef:d2:d8:d7:9b:96:c7:10:08:64:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord2531
ord2725
ord2829
ord4301
ord2708
ord2856
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4480
ord4255
ord572
ord741
ord5727
ord3395
ord3756
ord4026
ord2648
ord5609
ord589
ord1416
ord5638
ord330
ord4535
ord3677
ord757
ord2239
ord1118
ord280
ord1479
ord282
ord2926
ord1182
ord1178
ord1079
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5319
ord5222
ord3942
ord2362
ord3796
ord5209
ord5562
ord2832
ord4475
ord3327
ord566
ord1906
ord5524
ord5971
ord1049
ord3824
ord6115
ord1785
ord1883
ord2365
ord1058
ord5178
ord4206
ord4729
ord4884
ord2011
ord1662
ord1661
ord1542
ord5908
ord1392
ord4238
ord5199
ord4256
ord6232
ord2155
ord2651
ord709
ord501
ord578
ord297
ord5399
ord2462
ord310
ord304
ord631
ord2271
ord386
ord1430
ord764
ord380
ord293
ord776
ord577
ord3195
ord2697
ord1925
ord3204
ord3570
ord3678
ord899
ord313
ord5621
ord2897
ord2311
ord265
ord6284
ord2299
ord266
ord1189
ord421
ord5105
ord1434
ord655
ord5280
ord5914
ord283
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord5148
ord4234
ord1393
ord3940
ord1608
ord1611
ord5911
ord1582
ord2086
ord2366
ord1271
ord5226
ord3198
ord4041
ord4042
ord1154
ord784
ord783
ord3249
ord1202
ord2254
ord384
ord5083
ord4562
ord629
ord287
ord2066
ord5220
ord5489
ord502
ord5637
ord4117
ord3995
ord326
ord3635
ord3435
ord6086
ord3752
ord4112
ord4109
ord2713
ord4347
ord3155
ord1270
ord5633
ord4119
ord2622
ord1894
ord605
ord354
ord602
ord1920
ord347
ord2361
ord2368
ord762
ord5648
ord1087
ord4574
ord6063
ord3983
ord4755
ord3417
ord870
ord2077
ord1536
ord4226
ord587
ord1588
ord6251
ord1006
ord2252
ord563
ord753
ord5398
ord2460
ord777
ord2895
ord2121
ord6061
ord3927
ord774
ord3508
ord5337
ord1027
ord6299
ord5558
ord5327
ord6293
ord584
ord1425
ord317
ord2255
ord3296
ord6111
ord2297
ord1172
ord2250
ord5316
ord6282
ord5485
ord3043
ord1198

msvcr71

_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__security_error_handler
_controlfp
_purecall
wcscpy
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
??1exception@@UAE@XZ
wcsstr
_wcsicmp
toupper
__set_app_type
__CxxFrameHandler
_wtoi
free
malloc
wcslen
_mktime64
_localtime64
wcsncpy
__p___argc
_time64
_i64tow
_XcptFilter
_exit
_c_exit
_except_handler3
memset
_wtof
wcsrchr
swprintf
strtok
atoi
atol
strncpy
strncmp
wcsncmp
wcscat
_wtoi64

kernel32

GetWindowsDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetStartupInfoW
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSection
CreateDirectoryW
DeleteFileW
MultiByteToWideChar
CreateMutexW
GetLastError
ReleaseMutex
GetPrivateProfileStringW
WritePrivateProfileStringW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
Sleep
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpyW
WideCharToMultiByte
WinExec
lstrlenW
lstrcatW
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalSize
GetVersionExA

user32

GetSystemMetrics
LoadIconW
GetClientRect
IsIconic
GetSystemMenu
AppendMenuW
DrawIcon
MessageBeep
EnableWindow
GetParent
InvalidateRect
GetWindowRect
SendMessageW
DrawFocusRect
InflateRect
SetRectEmpty
LoadCursorW
CopyIcon
SetCursor
MoveWindow
OffsetRect
ScreenToClient
GetMenuItemInfoW
GetMenuItemCount
CopyRect
IsRectEmpty
GetMenuItemID
GetSubMenu
GetMenu
GetUpdateRect
GetActiveWindow
SystemParametersInfoW
ReleaseDC
GetDC
EnumChildWindows
SetWindowPos
ClientToScreen
FillRect
GetDlgCtrlID
IsWindowEnabled
GetWindowLongW
GetClassNameW
GetNextDlgGroupItem
IsWindowVisible
ReleaseCapture
DefWindowProcW
IntersectRect
SetWindowRgn
SetRect
SetWindowLongW
IsWindow
GetMessagePos
DestroyCursor
KillTimer
SetTimer
PtInRect

gdi32

CreateFontIndirectW
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
CreateSolidBrush
GetTextExtentPoint32W
TextOutW
CombineRgn
ExtCreateRegion
CreateDIBSection
CreateRectRgn
OffsetRgn
ExcludeClipRect
GetDeviceCaps
CreateDCW
SetTextColor
SetBkMode
CreatePatternBrush
GetTextExtentPointW
GetStockObject

shell32

ShellExecuteW

comctl32

_TrackMouseEvent
ImageList_GetImageCount
ImageList_Draw
ord17

gdiplus

GdipDrawImageI
GdipSaveImageToStream
GdipSetClipRectI
GdipDrawRectangleI
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipCreateBitmapFromHBITMAP
GdipCloneBrush
GdipCreateFont
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipSetImageAttributesColorKeys
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipDrawImageRectRectI
GdipGetImageGraphicsContext
GdipFree
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown

advapi32

RegCloseKey
RegQueryValueW
RegOpenKeyExW

ole32

CreateStreamOnHGlobal

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Dance/VideoCapture.dll
.dll windows:4 windows x86 arch:x86

a8638fcc38ef377834e80577f30abd68

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

be:05:83:6c:5e:c2:ad:b6:89:31:55:bc:bf:e4:b6:15:4c:7a:a0:26
Signer

Actual PE Digest

be:05:83:6c:5e:c2:ad:b6:89:31:55:bc:bf:e4:b6:15:4c:7a:a0:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrlenW
lstrcpynW
lstrcmpW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
ExitProcess
GetVersionExA
FreeLibrary

ole32

CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree
CoInitialize
CoCreateInstance

oleaut32

OleCreatePropertyFrame

msvcr71

_adjust_fdiv
__CppXcptFilter
__security_error_handler
malloc
_initterm
_onexit
__dllonexit
memset
swprintf
??_U@YAPAXI@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscmp
strstr
wcsncpy
__CxxFrameHandler
_except_handler3
free
??_V@YAXPAX@Z

winmm

timeGetTime

Exports

Exports

CreateVideoCapture
DestroyVideoCapture

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/VideoCodec1.dll
.dll windows:4 windows x86 arch:x86

25a7dddc6585fb86545c4455570f7566

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

44:9f:fb:48:96:f4:90:e2:7c:e1:2f:5f:27:4a:2c:2f:ba:c4:98:4f
Signer

Actual PE Digest

44:9f:fb:48:96:f4:90:e2:7c:e1:2f:5f:27:4a:2c:2f:ba:c4:98:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetLastError
MoveFileA
GetModuleFileNameA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
CloseHandle
RaiseException
LoadLibraryA
ReadFile
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
InterlockedExchange
VirtualQuery
FlushFileBuffers
CreateFileA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
MultiByteToWideChar
VirtualProtect
GetSystemInfo
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
DeleteFileA

Exports

Exports

Mfi_Close
Mfi_Init
Mfi_InitYUV
Mfi_Interpolate_one_frame
decode_close
decoder_create
decoder_decode
encoder_close
encoder_create
encoder_encode
setframeinfo
setframequant

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/VideoDecode2.dll
.dll windows:4 windows x86 arch:x86

a4bacaf55e89f395e2a6d80f0fb45bfb

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

1c:ca:76:df:d4:47:d6:0a:31:10:df:01:dd:81:96:fe:e2:98:0b:a3
Signer

Actual PE Digest

1c:ca:76:df:d4:47:d6:0a:31:10:df:01:dd:81:96:fe:e2:98:0b:a3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
HeapReAlloc
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
InterlockedExchange
VirtualQuery
InitializeCriticalSection
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
HeapSize
SetStdHandle
ReadFile

Exports

Exports

decode_close
decoder_create
decoder_decode

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/VideoEncode2.dll
.dll windows:4 windows x86 arch:x86

3b43ecc47d73f03f9ca67aaf55bcbcc1

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

23/03/2010, 00:00

Not After

22/03/2012, 23:59

Subject

CN=北京八度互联科技有限公司,OU=Class 3 - for Microsoft Authenticode Signing,O=北京八度互联科技有限公司,L=海淀区,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

99:f7:54:8d:3c:47:aa:17:3c:d0:83:a5:0e:fb:a6:08:ba:6d:36:17
Signer

Actual PE Digest

99:f7:54:8d:3c:47:aa:17:3c:d0:83:a5:0e:fb:a6:08:ba:6d:36:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetProcessHeap
SetEndOfFile
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetCurrentThreadId
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
MoveFileA
GetModuleFileNameA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
CloseHandle
SetFilePointer
ReadFile
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CreateFileA
GetTickCount
GetCurrentProcessId
DeleteFileA

Exports

Exports

encoder_close
encoder_create
encoder_encode
encoder_open
encoder_setparam
setframeinfo

Sections

.text
Size: 420KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/WebGame/Category.bmp
Dance/WebGame/Config.ini
Dance/data/IllWord.dat
Dance/data/Update.dat
Dance/data/common.dat
Dance/gdiplus.dll
.dll windows:5 windows x86 arch:x86

7941976a82dd7ff8b1a2ea069878fab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
RaiseException
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetSystemDefaultLCID
GetProcAddress
GetModuleHandleW
GetACP
GetVersionExA
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
SearchPathA
InterlockedIncrement
CreateSemaphoreA
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpyA
lstrcatA
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy
LoadLibraryA

user32

ReleaseDC
LoadBitmapW
LoadBitmapA
wsprintfW
SystemParametersInfoA
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
GetIconInfo
ClientToScreen
wvsprintfA
GetDCEx
GetWindowLongA
GetClassLongA

gdi32

GetNearestPaletteIndex
GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
GetViewportExtEx
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
SetDIBColorTable
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
PolyPolyline
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt
CreateBrushIndirect

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/msvcp71.dll
.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp71.pdb

Imports

msvcr71

setvbuf
fflush
ungetc
fgetc
fwrite
fputc
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
__iob_func
fopen
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
strtol
_errno
_Strftime
strcspn
strtoul
_strtoi64
_strtoui64
sprintf
abort
realloc
setlocale
_CxxThrowException
??0exception@@QAE@XZ
malloc
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__uncaught_exception
towlower
towupper
strcmp
__pctype_func
___lc_codepage_func
___lc_handle_func
_unlock
_lock
___setlc_active_func
___unguarded_readlc_active_add_func
_except_handler3
_local_unwind2
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
islower
__crtGetStringTypeW
__crtLCMapStringW
_callnewh
__crtCompareStringW
strtod
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
___mb_cur_max_func
??_V@YAXPAX@Z
??3@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove
??1exception@@UAE@XZ
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@_W@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Dance/msvcr71.dll
.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr71.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPAGIPBGPAD@Z
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_purecall_handler
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst9.exe.nsis

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate

Extended Key Usages

Key Usages

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81Certificate

Extended Key Usages

Key Usages

5d:61:f5:2f:87:19:c8:13:24:48:b0:b6:97:4d:c6:3b:84:01:58:bdSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 32KB - Virtual size: 32KB

0843fc35a546e4ff989f2c0b0f345e69

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

netapi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 8KB - Virtual size: 6KB

eedec5ce5c99c872622f21ddf098d820

Headers

File Characteristics

Imports

kernel32

user32

psapi

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 4KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

5d:61:f5:2f:87:19:c8:13:24:48:b0:b6:97:4d:c6:3b:84:01:58:bd
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 32KB - Virtual size: 32KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 518B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

3c:6a:fe:fe:23:7d:81:37:b6:ab:b1:fc:51:88:db:81
Certificate

bb:e8:d0:95:28:df:dd:cc:77:63:c3:a3:92:2c:2d:1c:df:db:f8:16
Signer

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 1KB - Virtual size: 1KB

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate