06d4a88d1229a80ce3710af9cecb97fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06d4a88d1229a80ce3710af9cecb97fd_JaffaCakes118
Size

11.3MB
MD5

06d4a88d1229a80ce3710af9cecb97fd
SHA1

f65460ca3ce31de30819d6be6f63146b7357054d
SHA256

37310b004ef289d49f03db0dd5b50d66899ab4ff9ffc4ee1458d6fcb613d86e8
SHA512

00fda95f308a8bedbe2a6813a4f2c7c9ca2c49005b02c248e9982012890a0251ae6722671b208513fdb6ccb3d1744775e1dd1989a032337e8e68efda296366f8
SSDEEP

196608:2EPBTPeryMdaHQoSBqSiQ4fbzGh4g1KbGxyt4B2ifgrEhQPnudnIVjMKmYDZ:7P9PspeAJiQGyh4rKxytoEgWPTMKb1

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/5.2.0.5374/sgutil.dll	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx
static1/unpack001/5.2.0.5374/sgutil.dll	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
06d4a88d1229a80ce3710af9cecb97fd_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack002/out.upx
unpack001/out.upx

Files

06d4a88d1229a80ce3710af9cecb97fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/HWSignature.dll
.dll windows:5 windows x86 arch:x86

02a9058c889f86b891a63b683ab98a79

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\Bin\SogouInput\HWSignature.pdb

Imports

ws2_32

WSAStartup

kernel32

DeleteCriticalSection
CreateFileA
HeapAlloc
HeapFree
GetProcessHeap
GetSystemDirectoryA
lstrcatA
CopyFileA
DeviceIoControl
CloseHandle
lstrcpyA
lstrlenA
GlobalAlloc
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
LocalAlloc
GetVersionExA
LocalFree
HeapReAlloc
GetTickCount
SetLastError
GlobalFree
FlushFileBuffers
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

user32

wsprintfA
IsCharAlphaNumericA

Exports

Exports

DLLGenHWID
GenHWID
GetDllVersionA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SetupLib.dll
.dll windows:5 windows x86 arch:x86

38dceb82fae7283ed5314e7a5a2dfc53

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\SetupLib.pdb

Imports

shlwapi

SHDeleteKeyW
StrToIntW
PathFileExistsW

wininet

InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetSetOptionW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

kernel32

GlobalFree
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetCurrentThreadId
CloseHandle
DeleteFileW
GetCurrentProcessId
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
EnterCriticalSection
RtlUnwind
GetTimeZoneInformation
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetLastError
GetLastError
RaiseException
FlushInstructionCache
MultiByteToWideChar
CreateFileW
ReadFile
LeaveCriticalSection
LoadLibraryW
WideCharToMultiByte
GetSystemDirectoryW
GlobalAlloc
GetModuleHandleA
OpenProcess
WriteFile
WaitForSingleObject
GetCurrentProcess
MoveFileExW
CreateProcessW
FreeLibrary
DebugBreak
OutputDebugStringW
lstrlenA
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
GetVersionExW
LocalFree
LocalAlloc
FindNextFileW
FindClose
GetProcAddress
lstrlenW
GetModuleHandleW
FindFirstFileW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameW
GetCurrentDirectoryA
GetCommandLineA
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetDriveTypeW
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
GetConsoleCP
ExitProcess
FileTimeToLocalFileTime
HeapSize
GetCommandLineW
GetTempPathW
SetFilePointer
FormatMessageW
CreateEventW
WaitForMultipleObjects
DuplicateHandle
CreateDirectoryW
Sleep
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FlushFileBuffers
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
InitializeCriticalSection
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc

user32

UnregisterClassA
GetSystemMetrics
LoadStringW
CopyRect
GetWindowTextLengthW
PostMessageW
KillTimer
GetParent
GetForegroundWindow
GetWindowTextW
GetDlgItem
SetWindowPos
EnableWindow
LoadCursorW
GetClassInfoExW
CharLowerW
LoadKeyboardLayoutW
RegisterClassExW
CreateWindowExW
MessageBoxW
EndPaint
SetTimer
GetWindowRect
CharNextW
FillRect
wvsprintfW
LoadImageW
BeginPaint
InvalidateRect
GetWindowLongW
SetWindowLongW
CallWindowProcW
DefWindowProcW

gdi32

DeleteDC
CreateCompatibleDC
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
DeleteObject
SelectObject

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegUnLoadKeyW
LookupAccountSidW
GetTokenInformation
RegQueryValueW
RegLoadKeyW
ConvertSidToStringSidW
AdjustTokenPrivileges
RegEnumKeyExW
RegFlushKey
RegEnumValueW
LookupPrivilegeValueW
LookupAccountNameW
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
OpenProcessToken
RegQueryValueExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
RegSetValueExW
RegOpenKeyExW

shell32

SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
SysStringLen
SysAllocString
SysFreeString

imm32

ImmInstallIMEW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

AlphaBlend

Exports

Exports

AddAccess
AddAccessExec
AddAccessOnReg
AddAccess_RX
AddIE7ElevationPolicy
AddSogouImeMgrSchTasks
CancelDelayDelDir
CheckAccess
CmpFile
DefaultBrowserIsIE
DelayDelFile
DelayDelReg
DownloadQuiet
FilterSid
GetHWID
GetPPName
ImageInstallingStart
InstallIME
InstalledIMEIsPre30b1
MonitorVerifyEdit
OpenPage
Ping
RemoveDir
RemoveIE7ElevationPolicy
RemoveSogouImeMgrSchTasks
SECheckOSInstalled
SetLowLabel
SetReadSecond
SetReboot
UninstallInstPath
UninstallReg
UninstallUsrReg
UpdateFireWall

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SogouPY.ime
.dll windows:5 windows x86 arch:x86

f9d4e8d7efe9a59840db84dabedc0e17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\sogouinput\SogouPy.pdb

Imports

msimg32

AlphaBlend
TransparentBlt
GradientFill

kernel32

SetThreadPriority
GetCurrentThread
GlobalAddAtomW
GlobalGetAtomNameW
OpenProcess
LCMapStringW
QueryPerformanceFrequency
OpenEventW
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
CreateThread
DeleteCriticalSection
CreateWaitableTimerW
OpenThread
InitializeCriticalSection
WaitForSingleObject
SetWaitableTimer
GetCurrentProcessId
Module32NextW
CreateToolhelp32Snapshot
Module32FirstW
MultiByteToWideChar
ResumeThread
CloseHandle
GetTickCount
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedCompareExchange
GetCurrentThreadId
GlobalFree
GlobalUnlock
GetQueuedCompletionStatus
SetEvent
TransactNamedPipe
InterlockedExchange
ResetEvent
CreateEventW
CreateIoCompletionPort
WaitNamedPipeW
CreateFileW
SetNamedPipeHandleState
CreateDirectoryW
GetModuleFileNameW
CreateProcessW
GetCurrentProcess
WriteFile
FormatMessageW
ExitThread
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
GetTempPathW
Process32FirstW
Process32NextW
FindFirstFileW
MoveFileExW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
GetTempFileNameW
CopyFileW
FileTimeToSystemTime
GetFileTime
TlsAlloc
TlsFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindResourceW
FreeLibrary
LoadResource
SizeofResource
LockResource
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
OpenWaitableTimerW
DeleteFileA
MulDiv
VirtualQuery
SetUnhandledExceptionFilter
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
CompareStringW
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
GlobalHandle
LoadLibraryExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryA
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetCommandLineA
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
Sleep
GlobalAlloc
TlsSetValue
GlobalLock
TlsGetValue
GetCommandLineW
WideCharToMultiByte
SetFilePointer

user32

wvsprintfW
CopyRect
ReleaseCapture
EqualRect
CreateWindowExW
OffsetRect
PtInRect
LoadCursorW
SetCapture
UpdateLayeredWindow
SetCursor
RedrawWindow
GetCursor
GetMonitorInfoW
MonitorFromPoint
SetMenuItemInfoW
SetMenuInfo
CreatePopupMenu
GetSysColor
AppendMenuW
SetMenuItemBitmaps
FillRect
LoadStringW
TrackPopupMenuEx
MenuItemFromPoint
GetMenuItemID
MapVirtualKeyW
DispatchMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
LoadBitmapW
EndDialog
GetDlgItem
InflateRect
DrawTextW
LoadImageW
BeginPaint
SetWindowPos
CallWindowProcW
TrackMouseEvent
GetClassInfoExW
PostQuitMessage
ScreenToClient
SetCursorPos
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
SetWindowRgn
CreateDialogParamW
DialogBoxParamW
SetScrollInfo
EnumWindows
PostThreadMessageW
GetMenuItemRect
PeekMessageW
DefWindowProcW
ClientToScreen
GetDC
ReleaseDC
GetCaretPos
SetCaretPos
GetKeyboardLayoutList
EndPaint
MoveWindow
SetTimer
UnregisterClassW
KillTimer
RegisterHotKey
DestroyWindow
InvalidateRect
IsWindowVisible
IsIconic
SetForegroundWindow
FindWindowW
SystemParametersInfoW
ShowWindow
GetSystemMetrics
SetWindowTextW
GetWindowThreadProcessId
RegisterWindowMessageW
SendMessageTimeoutW
CloseClipboard
GetWindowRect
IsClipboardFormatAvailable
CallNextHookEx
WindowFromPoint
GetClientRect
GetClipboardData
EmptyClipboard
GetCursorPos
SetWindowsHookExW
OpenClipboard
UnhookWindowsHookEx
SetClipboardData
GetWindow
keybd_event
SendInput
GetMessageExtraInfo
GetKeyState
GetFocus
GetParent
GetForegroundWindow
GetWindowTextW
GetClassNameW
GetDesktopWindow
GetWindowLongW
LoadIconW
GetMenuItemInfoW
GetMenuItemCount
IsWindow
GetMenuInfo
DestroyMenu
GetKeyboardState
MessageBoxW
SendMessageW
GetThreadDesktop
SetWindowLongW
PostMessageW
RegisterClassExW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
SetPixel
SetBkMode
SetTextColor
LineTo
BitBlt
MoveToEx
GetClipRgn
Rectangle
StretchBlt
CombineRgn
ExtCreateRegion
GetCharABCWidthsFloatW
CreateDIBSection
DeleteDC
SetBkColor
CreateCompatibleBitmap
GetTextExtentExPointW
CreateRectRgn
CreatePen
GetFontData
GetStockObject
CreateSolidBrush
CreateFontW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
OffsetRgn
SelectClipRgn
GetTextExtentPointW
GetTextExtentPoint32W

advapi32

InitializeSecurityDescriptor
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyW
AddAccessAllowedAceEx
RegSetValueExW
RegEnumValueW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
SetSecurityDescriptorDacl

imm32

ImmGetIMCCSize
ImmCreateIMCC
ImmReSizeIMCC
ImmCreateSoftKeyboard
ImmDestroySoftKeyboard
ImmShowSoftKeyboard
ImmUnlockIMCC
ImmLockIMC
ImmUnlockIMC
ImmLockIMCC
ImmDisableIME
ImmNotifyIME
ImmGetHotKey
ImmGenerateMessage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:5 windows x86 arch:x86

b1d9539c7cfd95718179dedb471b482f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
lstrcatW
lstrcpyW
MulDiv
GetModuleHandleW
lstrcmpW
GlobalFree
lstrcpynW
GlobalAlloc
FindNextFileW
lstrcmpiW
FindClose

user32

PostMessageW
CallWindowProcW
GetWindowLongW
IsDialogMessageW
CheckDlgButton
ShowWindow
LoadIconW
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextW
IsDlgButtonChecked
GetWindowTextW
GetDlgItem
wsprintfW
CreateDialogParamW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
SetWindowLongW
SendMessageW

gdi32

GetTextMetricsW
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/install0.bmp
$PLUGINSDIR/install1.bmp
$PLUGINSDIR/install2.bmp
$PLUGINSDIR/install3.bmp
$PLUGINSDIR/install4.bmp
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/$R1
.dll windows:5 windows x86 arch:x86

f9d4e8d7efe9a59840db84dabedc0e17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\sogouinput\SogouPy.pdb

Imports

msimg32

AlphaBlend
TransparentBlt
GradientFill

kernel32

SetThreadPriority
GetCurrentThread
GlobalAddAtomW
GlobalGetAtomNameW
OpenProcess
LCMapStringW
QueryPerformanceFrequency
OpenEventW
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
CreateThread
DeleteCriticalSection
CreateWaitableTimerW
OpenThread
InitializeCriticalSection
WaitForSingleObject
SetWaitableTimer
GetCurrentProcessId
Module32NextW
CreateToolhelp32Snapshot
Module32FirstW
MultiByteToWideChar
ResumeThread
CloseHandle
GetTickCount
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedCompareExchange
GetCurrentThreadId
GlobalFree
GlobalUnlock
GetQueuedCompletionStatus
SetEvent
TransactNamedPipe
InterlockedExchange
ResetEvent
CreateEventW
CreateIoCompletionPort
WaitNamedPipeW
CreateFileW
SetNamedPipeHandleState
CreateDirectoryW
GetModuleFileNameW
CreateProcessW
GetCurrentProcess
WriteFile
FormatMessageW
ExitThread
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
GetTempPathW
Process32FirstW
Process32NextW
FindFirstFileW
MoveFileExW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
GetTempFileNameW
CopyFileW
FileTimeToSystemTime
GetFileTime
TlsAlloc
TlsFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindResourceW
FreeLibrary
LoadResource
SizeofResource
LockResource
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
OpenWaitableTimerW
DeleteFileA
MulDiv
VirtualQuery
SetUnhandledExceptionFilter
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
CompareStringW
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
GlobalHandle
LoadLibraryExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryA
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetCommandLineA
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
Sleep
GlobalAlloc
TlsSetValue
GlobalLock
TlsGetValue
GetCommandLineW
WideCharToMultiByte
SetFilePointer

user32

wvsprintfW
CopyRect
ReleaseCapture
EqualRect
CreateWindowExW
OffsetRect
PtInRect
LoadCursorW
SetCapture
UpdateLayeredWindow
SetCursor
RedrawWindow
GetCursor
GetMonitorInfoW
MonitorFromPoint
SetMenuItemInfoW
SetMenuInfo
CreatePopupMenu
GetSysColor
AppendMenuW
SetMenuItemBitmaps
FillRect
LoadStringW
TrackPopupMenuEx
MenuItemFromPoint
GetMenuItemID
MapVirtualKeyW
DispatchMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
LoadBitmapW
EndDialog
GetDlgItem
InflateRect
DrawTextW
LoadImageW
BeginPaint
SetWindowPos
CallWindowProcW
TrackMouseEvent
GetClassInfoExW
PostQuitMessage
ScreenToClient
SetCursorPos
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
SetWindowRgn
CreateDialogParamW
DialogBoxParamW
SetScrollInfo
EnumWindows
PostThreadMessageW
GetMenuItemRect
PeekMessageW
DefWindowProcW
ClientToScreen
GetDC
ReleaseDC
GetCaretPos
SetCaretPos
GetKeyboardLayoutList
EndPaint
MoveWindow
SetTimer
UnregisterClassW
KillTimer
RegisterHotKey
DestroyWindow
InvalidateRect
IsWindowVisible
IsIconic
SetForegroundWindow
FindWindowW
SystemParametersInfoW
ShowWindow
GetSystemMetrics
SetWindowTextW
GetWindowThreadProcessId
RegisterWindowMessageW
SendMessageTimeoutW
CloseClipboard
GetWindowRect
IsClipboardFormatAvailable
CallNextHookEx
WindowFromPoint
GetClientRect
GetClipboardData
EmptyClipboard
GetCursorPos
SetWindowsHookExW
OpenClipboard
UnhookWindowsHookEx
SetClipboardData
GetWindow
keybd_event
SendInput
GetMessageExtraInfo
GetKeyState
GetFocus
GetParent
GetForegroundWindow
GetWindowTextW
GetClassNameW
GetDesktopWindow
GetWindowLongW
LoadIconW
GetMenuItemInfoW
GetMenuItemCount
IsWindow
GetMenuInfo
DestroyMenu
GetKeyboardState
MessageBoxW
SendMessageW
GetThreadDesktop
SetWindowLongW
PostMessageW
RegisterClassExW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
SetPixel
SetBkMode
SetTextColor
LineTo
BitBlt
MoveToEx
GetClipRgn
Rectangle
StretchBlt
CombineRgn
ExtCreateRegion
GetCharABCWidthsFloatW
CreateDIBSection
DeleteDC
SetBkColor
CreateCompatibleBitmap
GetTextExtentExPointW
CreateRectRgn
CreatePen
GetFontData
GetStockObject
CreateSolidBrush
CreateFontW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
OffsetRgn
SelectClipRgn
GetTextExtentPointW
GetTextExtentPoint32W

advapi32

InitializeSecurityDescriptor
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyW
AddAccessAllowedAceEx
RegSetValueExW
RegEnumValueW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
SetSecurityDescriptorDacl

imm32

ImmGetIMCCSize
ImmCreateIMCC
ImmReSizeIMCC
ImmCreateSoftKeyboard
ImmDestroySoftKeyboard
ImmShowSoftKeyboard
ImmUnlockIMCC
ImmLockIMC
ImmUnlockIMC
ImmLockIMCC
ImmDisableIME
ImmNotifyIME
ImmGetHotKey
ImmGenerateMessage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SogouPY.ime
.dll windows:5 windows x86 arch:x86

f9d4e8d7efe9a59840db84dabedc0e17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\sogouinput\SogouPy.pdb

Imports

msimg32

AlphaBlend
TransparentBlt
GradientFill

kernel32

SetThreadPriority
GetCurrentThread
GlobalAddAtomW
GlobalGetAtomNameW
OpenProcess
LCMapStringW
QueryPerformanceFrequency
OpenEventW
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
CreateThread
DeleteCriticalSection
CreateWaitableTimerW
OpenThread
InitializeCriticalSection
WaitForSingleObject
SetWaitableTimer
GetCurrentProcessId
Module32NextW
CreateToolhelp32Snapshot
Module32FirstW
MultiByteToWideChar
ResumeThread
CloseHandle
GetTickCount
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedCompareExchange
GetCurrentThreadId
GlobalFree
GlobalUnlock
GetQueuedCompletionStatus
SetEvent
TransactNamedPipe
InterlockedExchange
ResetEvent
CreateEventW
CreateIoCompletionPort
WaitNamedPipeW
CreateFileW
SetNamedPipeHandleState
CreateDirectoryW
GetModuleFileNameW
CreateProcessW
GetCurrentProcess
WriteFile
FormatMessageW
ExitThread
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
GetTempPathW
Process32FirstW
Process32NextW
FindFirstFileW
MoveFileExW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
GetTempFileNameW
CopyFileW
FileTimeToSystemTime
GetFileTime
TlsAlloc
TlsFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindResourceW
FreeLibrary
LoadResource
SizeofResource
LockResource
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
OpenWaitableTimerW
DeleteFileA
MulDiv
VirtualQuery
SetUnhandledExceptionFilter
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
CompareStringW
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
GlobalHandle
LoadLibraryExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryA
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetCommandLineA
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
Sleep
GlobalAlloc
TlsSetValue
GlobalLock
TlsGetValue
GetCommandLineW
WideCharToMultiByte
SetFilePointer

user32

wvsprintfW
CopyRect
ReleaseCapture
EqualRect
CreateWindowExW
OffsetRect
PtInRect
LoadCursorW
SetCapture
UpdateLayeredWindow
SetCursor
RedrawWindow
GetCursor
GetMonitorInfoW
MonitorFromPoint
SetMenuItemInfoW
SetMenuInfo
CreatePopupMenu
GetSysColor
AppendMenuW
SetMenuItemBitmaps
FillRect
LoadStringW
TrackPopupMenuEx
MenuItemFromPoint
GetMenuItemID
MapVirtualKeyW
DispatchMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
LoadBitmapW
EndDialog
GetDlgItem
InflateRect
DrawTextW
LoadImageW
BeginPaint
SetWindowPos
CallWindowProcW
TrackMouseEvent
GetClassInfoExW
PostQuitMessage
ScreenToClient
SetCursorPos
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
SetWindowRgn
CreateDialogParamW
DialogBoxParamW
SetScrollInfo
EnumWindows
PostThreadMessageW
GetMenuItemRect
PeekMessageW
DefWindowProcW
ClientToScreen
GetDC
ReleaseDC
GetCaretPos
SetCaretPos
GetKeyboardLayoutList
EndPaint
MoveWindow
SetTimer
UnregisterClassW
KillTimer
RegisterHotKey
DestroyWindow
InvalidateRect
IsWindowVisible
IsIconic
SetForegroundWindow
FindWindowW
SystemParametersInfoW
ShowWindow
GetSystemMetrics
SetWindowTextW
GetWindowThreadProcessId
RegisterWindowMessageW
SendMessageTimeoutW
CloseClipboard
GetWindowRect
IsClipboardFormatAvailable
CallNextHookEx
WindowFromPoint
GetClientRect
GetClipboardData
EmptyClipboard
GetCursorPos
SetWindowsHookExW
OpenClipboard
UnhookWindowsHookEx
SetClipboardData
GetWindow
keybd_event
SendInput
GetMessageExtraInfo
GetKeyState
GetFocus
GetParent
GetForegroundWindow
GetWindowTextW
GetClassNameW
GetDesktopWindow
GetWindowLongW
LoadIconW
GetMenuItemInfoW
GetMenuItemCount
IsWindow
GetMenuInfo
DestroyMenu
GetKeyboardState
MessageBoxW
SendMessageW
GetThreadDesktop
SetWindowLongW
PostMessageW
RegisterClassExW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
SetPixel
SetBkMode
SetTextColor
LineTo
BitBlt
MoveToEx
GetClipRgn
Rectangle
StretchBlt
CombineRgn
ExtCreateRegion
GetCharABCWidthsFloatW
CreateDIBSection
DeleteDC
SetBkColor
CreateCompatibleBitmap
GetTextExtentExPointW
CreateRectRgn
CreatePen
GetFontData
GetStockObject
CreateSolidBrush
CreateFontW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
OffsetRgn
SelectClipRgn
GetTextExtentPointW
GetTextExtentPoint32W

advapi32

InitializeSecurityDescriptor
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyW
AddAccessAllowedAceEx
RegSetValueExW
RegEnumValueW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
SetSecurityDescriptorDacl

imm32

ImmGetIMCCSize
ImmCreateIMCC
ImmReSizeIMCC
ImmCreateSoftKeyboard
ImmDestroySoftKeyboard
ImmShowSoftKeyboard
ImmUnlockIMCC
ImmLockIMC
ImmUnlockIMC
ImmLockIMCC
ImmDisableIME
ImmNotifyIME
ImmGetHotKey
ImmGenerateMessage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SogouPY.ime~
.dll windows:5 windows x86 arch:x86

f9d4e8d7efe9a59840db84dabedc0e17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\sogouinput\SogouPy.pdb

Imports

msimg32

AlphaBlend
TransparentBlt
GradientFill

kernel32

SetThreadPriority
GetCurrentThread
GlobalAddAtomW
GlobalGetAtomNameW
OpenProcess
LCMapStringW
QueryPerformanceFrequency
OpenEventW
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
CreateThread
DeleteCriticalSection
CreateWaitableTimerW
OpenThread
InitializeCriticalSection
WaitForSingleObject
SetWaitableTimer
GetCurrentProcessId
Module32NextW
CreateToolhelp32Snapshot
Module32FirstW
MultiByteToWideChar
ResumeThread
CloseHandle
GetTickCount
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedCompareExchange
GetCurrentThreadId
GlobalFree
GlobalUnlock
GetQueuedCompletionStatus
SetEvent
TransactNamedPipe
InterlockedExchange
ResetEvent
CreateEventW
CreateIoCompletionPort
WaitNamedPipeW
CreateFileW
SetNamedPipeHandleState
CreateDirectoryW
GetModuleFileNameW
CreateProcessW
GetCurrentProcess
WriteFile
FormatMessageW
ExitThread
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
GetTempPathW
Process32FirstW
Process32NextW
FindFirstFileW
MoveFileExW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
GetTempFileNameW
CopyFileW
FileTimeToSystemTime
GetFileTime
TlsAlloc
TlsFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindResourceW
FreeLibrary
LoadResource
SizeofResource
LockResource
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
OpenWaitableTimerW
DeleteFileA
MulDiv
VirtualQuery
SetUnhandledExceptionFilter
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
CompareStringW
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
GlobalHandle
LoadLibraryExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryA
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetCommandLineA
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
Sleep
GlobalAlloc
TlsSetValue
GlobalLock
TlsGetValue
GetCommandLineW
WideCharToMultiByte
SetFilePointer

user32

wvsprintfW
CopyRect
ReleaseCapture
EqualRect
CreateWindowExW
OffsetRect
PtInRect
LoadCursorW
SetCapture
UpdateLayeredWindow
SetCursor
RedrawWindow
GetCursor
GetMonitorInfoW
MonitorFromPoint
SetMenuItemInfoW
SetMenuInfo
CreatePopupMenu
GetSysColor
AppendMenuW
SetMenuItemBitmaps
FillRect
LoadStringW
TrackPopupMenuEx
MenuItemFromPoint
GetMenuItemID
MapVirtualKeyW
DispatchMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
LoadBitmapW
EndDialog
GetDlgItem
InflateRect
DrawTextW
LoadImageW
BeginPaint
SetWindowPos
CallWindowProcW
TrackMouseEvent
GetClassInfoExW
PostQuitMessage
ScreenToClient
SetCursorPos
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
SetWindowRgn
CreateDialogParamW
DialogBoxParamW
SetScrollInfo
EnumWindows
PostThreadMessageW
GetMenuItemRect
PeekMessageW
DefWindowProcW
ClientToScreen
GetDC
ReleaseDC
GetCaretPos
SetCaretPos
GetKeyboardLayoutList
EndPaint
MoveWindow
SetTimer
UnregisterClassW
KillTimer
RegisterHotKey
DestroyWindow
InvalidateRect
IsWindowVisible
IsIconic
SetForegroundWindow
FindWindowW
SystemParametersInfoW
ShowWindow
GetSystemMetrics
SetWindowTextW
GetWindowThreadProcessId
RegisterWindowMessageW
SendMessageTimeoutW
CloseClipboard
GetWindowRect
IsClipboardFormatAvailable
CallNextHookEx
WindowFromPoint
GetClientRect
GetClipboardData
EmptyClipboard
GetCursorPos
SetWindowsHookExW
OpenClipboard
UnhookWindowsHookEx
SetClipboardData
GetWindow
keybd_event
SendInput
GetMessageExtraInfo
GetKeyState
GetFocus
GetParent
GetForegroundWindow
GetWindowTextW
GetClassNameW
GetDesktopWindow
GetWindowLongW
LoadIconW
GetMenuItemInfoW
GetMenuItemCount
IsWindow
GetMenuInfo
DestroyMenu
GetKeyboardState
MessageBoxW
SendMessageW
GetThreadDesktop
SetWindowLongW
PostMessageW
RegisterClassExW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
SetPixel
SetBkMode
SetTextColor
LineTo
BitBlt
MoveToEx
GetClipRgn
Rectangle
StretchBlt
CombineRgn
ExtCreateRegion
GetCharABCWidthsFloatW
CreateDIBSection
DeleteDC
SetBkColor
CreateCompatibleBitmap
GetTextExtentExPointW
CreateRectRgn
CreatePen
GetFontData
GetStockObject
CreateSolidBrush
CreateFontW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
OffsetRgn
SelectClipRgn
GetTextExtentPointW
GetTextExtentPoint32W

advapi32

InitializeSecurityDescriptor
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyW
AddAccessAllowedAceEx
RegSetValueExW
RegEnumValueW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
SetSecurityDescriptorDacl

imm32

ImmGetIMCCSize
ImmCreateIMCC
ImmReSizeIMCC
ImmCreateSoftKeyboard
ImmDestroySoftKeyboard
ImmShowSoftKeyboard
ImmUnlockIMCC
ImmLockIMC
ImmUnlockIMC
ImmLockIMCC
ImmDisableIME
ImmNotifyIME
ImmGetHotKey
ImmGenerateMessage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/SogouPy.ime
.dll windows:5 windows x86 arch:x86

f9d4e8d7efe9a59840db84dabedc0e17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\sogouinput\SogouPy.pdb

Imports

msimg32

AlphaBlend
TransparentBlt
GradientFill

kernel32

SetThreadPriority
GetCurrentThread
GlobalAddAtomW
GlobalGetAtomNameW
OpenProcess
LCMapStringW
QueryPerformanceFrequency
OpenEventW
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
CreateThread
DeleteCriticalSection
CreateWaitableTimerW
OpenThread
InitializeCriticalSection
WaitForSingleObject
SetWaitableTimer
GetCurrentProcessId
Module32NextW
CreateToolhelp32Snapshot
Module32FirstW
MultiByteToWideChar
ResumeThread
CloseHandle
GetTickCount
EnterCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedCompareExchange
GetCurrentThreadId
GlobalFree
GlobalUnlock
GetQueuedCompletionStatus
SetEvent
TransactNamedPipe
InterlockedExchange
ResetEvent
CreateEventW
CreateIoCompletionPort
WaitNamedPipeW
CreateFileW
SetNamedPipeHandleState
CreateDirectoryW
GetModuleFileNameW
CreateProcessW
GetCurrentProcess
WriteFile
FormatMessageW
ExitThread
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
GetTempPathW
Process32FirstW
Process32NextW
FindFirstFileW
MoveFileExW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
GetTempFileNameW
CopyFileW
FileTimeToSystemTime
GetFileTime
TlsAlloc
TlsFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindResourceW
FreeLibrary
LoadResource
SizeofResource
LockResource
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
OpenWaitableTimerW
DeleteFileA
MulDiv
VirtualQuery
SetUnhandledExceptionFilter
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
CompareStringW
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
GlobalHandle
LoadLibraryExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryA
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetCommandLineA
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
Sleep
GlobalAlloc
TlsSetValue
GlobalLock
TlsGetValue
GetCommandLineW
WideCharToMultiByte
SetFilePointer

user32

wvsprintfW
CopyRect
ReleaseCapture
EqualRect
CreateWindowExW
OffsetRect
PtInRect
LoadCursorW
SetCapture
UpdateLayeredWindow
SetCursor
RedrawWindow
GetCursor
GetMonitorInfoW
MonitorFromPoint
SetMenuItemInfoW
SetMenuInfo
CreatePopupMenu
GetSysColor
AppendMenuW
SetMenuItemBitmaps
FillRect
LoadStringW
TrackPopupMenuEx
MenuItemFromPoint
GetMenuItemID
MapVirtualKeyW
DispatchMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
LoadBitmapW
EndDialog
GetDlgItem
InflateRect
DrawTextW
LoadImageW
BeginPaint
SetWindowPos
CallWindowProcW
TrackMouseEvent
GetClassInfoExW
PostQuitMessage
ScreenToClient
SetCursorPos
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
SetWindowRgn
CreateDialogParamW
DialogBoxParamW
SetScrollInfo
EnumWindows
PostThreadMessageW
GetMenuItemRect
PeekMessageW
DefWindowProcW
ClientToScreen
GetDC
ReleaseDC
GetCaretPos
SetCaretPos
GetKeyboardLayoutList
EndPaint
MoveWindow
SetTimer
UnregisterClassW
KillTimer
RegisterHotKey
DestroyWindow
InvalidateRect
IsWindowVisible
IsIconic
SetForegroundWindow
FindWindowW
SystemParametersInfoW
ShowWindow
GetSystemMetrics
SetWindowTextW
GetWindowThreadProcessId
RegisterWindowMessageW
SendMessageTimeoutW
CloseClipboard
GetWindowRect
IsClipboardFormatAvailable
CallNextHookEx
WindowFromPoint
GetClientRect
GetClipboardData
EmptyClipboard
GetCursorPos
SetWindowsHookExW
OpenClipboard
UnhookWindowsHookEx
SetClipboardData
GetWindow
keybd_event
SendInput
GetMessageExtraInfo
GetKeyState
GetFocus
GetParent
GetForegroundWindow
GetWindowTextW
GetClassNameW
GetDesktopWindow
GetWindowLongW
LoadIconW
GetMenuItemInfoW
GetMenuItemCount
IsWindow
GetMenuInfo
DestroyMenu
GetKeyboardState
MessageBoxW
SendMessageW
GetThreadDesktop
SetWindowLongW
PostMessageW
RegisterClassExW

gdi32

DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
SetPixel
SetBkMode
SetTextColor
LineTo
BitBlt
MoveToEx
GetClipRgn
Rectangle
StretchBlt
CombineRgn
ExtCreateRegion
GetCharABCWidthsFloatW
CreateDIBSection
DeleteDC
SetBkColor
CreateCompatibleBitmap
GetTextExtentExPointW
CreateRectRgn
CreatePen
GetFontData
GetStockObject
CreateSolidBrush
CreateFontW
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
OffsetRgn
SelectClipRgn
GetTextExtentPointW
GetTextExtentPoint32W

advapi32

InitializeSecurityDescriptor
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyW
AddAccessAllowedAceEx
RegSetValueExW
RegEnumValueW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
SetSecurityDescriptorDacl

imm32

ImmGetIMCCSize
ImmCreateIMCC
ImmReSizeIMCC
ImmCreateSoftKeyboard
ImmDestroySoftKeyboard
ImmShowSoftKeyboard
ImmUnlockIMCC
ImmLockIMC
ImmUnlockIMC
ImmLockIMCC
ImmDisableIME
ImmNotifyIME
ImmGetHotKey
ImmGenerateMessage

Exports

Exports

ImeConfigure
ImeConversionList
ImeDestroy
ImeEnumRegisterWord
ImeEscape
ImeGetRegisterWordStyle
ImeInquire
ImeProcessKey
ImeRegisterWord
ImeSelect
ImeSetActiveContext
ImeSetCompositionString
ImeToAsciiEx
ImeUnregisterWord
NotifyIME

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_2_/ExtensionManager.exe
.exe windows:5 windows x86 arch:x86

d8f48afe9d9afe29e630c4fc8c2c2ba4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\sogouinput\ExtensionManager.pdb

Imports

kernel32

CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
Sleep
InterlockedCompareExchange
lstrcpyW
MulDiv
GetCurrentThreadId
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
SetEnvironmentVariableA
FlushInstructionCache
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
InitializeCriticalSection
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
SetEndOfFile
GetConsoleMode
GetConsoleCP
SetStdHandle
GetModuleHandleA
LCMapStringW
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameW
QueryPerformanceCounter
GetStartupInfoA
SetHandleCount
RaiseException
GetEnvironmentStringsW
LockResource
FreeEnvironmentStringsW
LoadResource
FreeLibrary
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
FindResourceW
GetACP
GetCPInfo
HeapSize
GetModuleFileNameA
GetStdHandle
ExitProcess
InitializeCriticalSectionAndSpinCount
GetCommandLineW
LoadLibraryW
GetTempPathW
CloseHandle
GetCurrentProcessId
GetTempFileNameW
CreateProcessW
MoveFileExW
CreateDirectoryW
WaitForSingleObject
GlobalAlloc
FileTimeToSystemTime
CreateFileW
GlobalFree
DeleteFileW
SetFileAttributesW
SetFilePointer
WriteFile
FormatMessageW
ExitThread
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
WideCharToMultiByte
FindFirstFileW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
GetTickCount
CompareStringW
GlobalLock
GlobalUnlock
GlobalReAlloc
CreateFileA
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
ResumeThread
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
GetDriveTypeA
GetFileType
TerminateProcess
IsDebuggerPresent
HeapCreate

user32

DispatchMessageW
DefWindowProcW
SendMessageW
SetDlgItemTextW
InvalidateRect
UnregisterClassA
PostMessageW
DialogBoxParamW
EndDialog
GetScrollInfo
SetScrollPos
ScrollWindow
ShowScrollBar
SetScrollInfo
GetScrollPos
MapVirtualKeyW
SetTimer
GetWindowDC
DrawTextW
KillTimer
GetParent
GetFocus
AdjustWindowRectEx
GetMenu
SystemParametersInfoW
GetForegroundWindow
MonitorFromRect
GetMonitorInfoW
CloseWindow
SetLayeredWindowAttributes
GetCursorPos
IntersectRect
PtInRect
BeginPaint
SetFocus
SubtractRect
MonitorFromPoint
SetCursor
EndPaint
SetWindowRgn
LoadImageW
GetDesktopWindow
SetRect
DrawIcon
InflateRect
OffsetRect
GetWindowTextW
SetClassLongW
GetSysColor
SetWindowPos
IsWindow
IsWindowVisible
UpdateWindow
EnableWindow
DestroyIcon
CopyRect
GetWindowRect
FillRect
LoadCursorW
GetClientRect
GetClassInfoExW
IsDialogMessageW
RegisterClassExW
LoadIconW
CreateWindowExW
MoveWindow
GetDC
GetWindowLongW
ReleaseDC
GetSystemMetrics
SetWindowTextW
CallWindowProcW
DestroyWindow
GetMessageW
PostQuitMessage
CharNextW
SetForegroundWindow
CallNextHookEx
FindWindowW
TranslateMessage
PeekMessageW
GetDlgItem
SetWindowLongW
ShowWindow
CreateDialogParamW
SetWindowsHookExW
MessageBoxW

gdi32

CreateDIBSection
GetObjectW
CreateCompatibleDC
DeleteObject
DeleteDC
GetTextMetricsW
GetStockObject
CreateSolidBrush
RoundRect
CreatePen
GetTextExtentExPointW
DPtoLP
SetBkMode
GetDeviceCaps
CreateFontIndirectW
SelectObject
ExtCreateRegion
SelectClipRgn
StretchBlt
CombineRgn
OffsetRgn
CreateRectRgn
BitBlt
CreateCompatibleBitmap
BeginPath
MoveToEx
LineTo
AngleArc
SaveDC
EndPath
FillPath
RestoreDC
Rectangle
SetViewportOrgEx
SetTextColor
TextOutW

advapi32

OpenProcessToken
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired

shell32

SHGetSpecialFolderPathW
ShellExecuteW
ExtractIconW
SHGetFolderPathW

ole32

OleSetContainedObject
OleCreate
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoTaskMemRealloc
CoCreateInstance

oleaut32

VariantClear
VarUI4FromStr
VariantInit
SysAllocString

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

msimg32

GradientFill
TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent
InitCommonControlsEx

wininet

InternetOpenW
InternetSetOptionW
HttpQueryInfoW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 567KB - Virtual size: 566KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$_2_/HWSignature.dll
.dll windows:5 windows x86 arch:x86

02a9058c889f86b891a63b683ab98a79

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\Bin\SogouInput\HWSignature.pdb

Imports

ws2_32

WSAStartup

kernel32

DeleteCriticalSection
CreateFileA
HeapAlloc
HeapFree
GetProcessHeap
GetSystemDirectoryA
lstrcatA
CopyFileA
DeviceIoControl
CloseHandle
lstrcpyA
lstrlenA
GlobalAlloc
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
LocalAlloc
GetVersionExA
LocalFree
HeapReAlloc
GetTickCount
SetLastError
GlobalFree
FlushFileBuffers
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

user32

wsprintfA
IsCharAlphaNumericA

Exports

Exports

DLLGenHWID
GenHWID
GetDllVersionA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_2_/ZipLib.dll
.dll windows:5 windows x86 arch:x86

3a66351d63cefec54e84e7d49764aa2e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
GetTempPathA
DeleteFileA
CreateFileA
lstrcpynA
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetProcessHeap
GetDriveTypeA
InitializeCriticalSection
GetVolumeInformationA
LeaveCriticalSection
InterlockedExchange
EnterCriticalSection
CreateMutexA
ReleaseMutex
CloseHandle
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
RemoveDirectoryW
FileTimeToLocalFileTime
GetVersion
FindNextFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
lstrlenA
lstrcmpiA
DosDateTimeToFileTime
SetVolumeLabelA
SetFilePointer
GetLocaleInfoA
SetEndOfFile
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
LocalFileTimeToFileTime
lstrcpyA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FindClose
GetLastError
GetTempPathW
MultiByteToWideChar
CopyFileW
WideCharToMultiByte
CreateDirectoryW
MoveFileExW
FindFirstFileW
RemoveDirectoryA
CreateDirectoryA
GetFileTime
TerminateProcess
SetEnvironmentVariableW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
MoveFileA
SetStdHandle
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
RaiseException
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ReadFile
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW

user32

OemToCharA
CharToOemA

advapi32

GetSecurityDescriptorGroup
IsValidSecurityDescriptor
GetSecurityDescriptorSacl
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
IsValidAcl
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
OpenProcessToken
GetSecurityDescriptorDacl

Exports

Exports

FreeUnzipBuf
GetDllVersionA
PrepareUnzipFile
SetZipLevel
UnZip
UnZip2
UnZipEx
UnZipEx2
UnZipFile
ZipFolder
ZipFolderEx

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/HWSignature.dll
.dll windows:5 windows x86 arch:x86

02a9058c889f86b891a63b683ab98a79

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\Bin\SogouInput\HWSignature.pdb

Imports

ws2_32

WSAStartup

kernel32

DeleteCriticalSection
CreateFileA
HeapAlloc
HeapFree
GetProcessHeap
GetSystemDirectoryA
lstrcatA
CopyFileA
DeviceIoControl
CloseHandle
lstrcpyA
lstrlenA
GlobalAlloc
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
LocalAlloc
GetVersionExA
LocalFree
HeapReAlloc
GetTickCount
SetLastError
GlobalFree
FlushFileBuffers
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

user32

wsprintfA
IsCharAlphaNumericA

Exports

Exports

DLLGenHWID
GenHWID
GetDllVersionA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/ImeUtil.exe
.exe windows:5 windows x86 arch:x86

f07b4b3f0c8390daa0c87f965ecc2081

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\ImeUtil.pdb

Imports

kernel32

QueryPerformanceFrequency
WaitNamedPipeW
FindResourceW
LoadResource
SizeofResource
LockResource
SetFilePointer
WriteFile
GlobalAlloc
FormatMessageW
GetModuleFileNameW
CreateFileW
ExitThread
GetLastError
SetLastError
GlobalFree
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
WideCharToMultiByte
MultiByteToWideChar
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
LoadLibraryW
GetTempPathW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcessId
InterlockedIncrement
InterlockedCompareExchange
SystemTimeToFileTime
MoveFileExW
WaitForSingleObject
SetFileTime
GetExitCodeProcess
FileTimeToSystemTime
InitializeCriticalSection
DeleteFileW
SetFileAttributesW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
GetSystemDirectoryW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
ReadFile
FlushFileBuffers
DeleteFileA
GetTickCount
FreeLibrary
GetLogicalDriveStringsW
OpenProcess
QueryDosDeviceW
GetWindowsDirectoryW
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalHandle
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
SetEvent
ResetEvent
HeapAlloc
HeapFree
GetProcessHeap
LoadLibraryExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
GetTimeZoneInformation
HeapReAlloc
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
GetDriveTypeA
FindFirstFileA
GetFileType
RaiseException
GetCPInfo
Module32NextW
GetOEMCP
IsValidCodePage
HeapSize
ExitProcess
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetModuleHandleA
GetFullPathNameA
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEndOfFile
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenEventW
GetSystemTimeAsFileTime
CreateDirectoryW
GetCurrentProcess
GetSystemInfo
GetProcAddress
GetModuleHandleW
CloseHandle
GetCurrentThreadId
CopyFileW
Sleep
CreateProcessW
Module32FirstW
GetFileTime
GetACP

user32

InflateRect
DrawTextW
LoadImageW
GetDesktopWindow
InvalidateRect
GetClientRect
CreateDialogParamW
CheckDlgButton
EndDialog
DialogBoxParamW
MonitorFromRect
EnableWindow
CloseWindow
AdjustWindowRectEx
SetLayeredWindowAttributes
SetFocus
LoadStringW
UnloadKeyboardLayout
GetMessageW
PostQuitMessage
KillTimer
LoadCursorW
PtInRect
TranslateMessage
EndPaint
SetWindowPos
DispatchMessageW
wvsprintfW
WindowFromPoint
GetWindowThreadProcessId
GetSystemMetrics
MessageBoxW
SetCursor
SetWindowRgn
MonitorFromPoint
FillRect
SetCapture
SubtractRect
BeginPaint
ScreenToClient
GetAsyncKeyState
EnumThreadWindows
DefWindowProcW
SendMessageW
CreateWindowExW
SetWindowLongW
GetClassNameW
GetWindowLongW
RegisterClassExW
FindWindowW
GetParent
IntersectRect
RedrawWindow
GetCursorPos
SetForegroundWindow
PostMessageW
keybd_event
DestroyWindow
ShowWindow
GetCursor
ReleaseCapture
SetWindowTextW
IsDlgButtonChecked
GetDlgItem
GetDC
GetWindowRect
GetForegroundWindow
LoadKeyboardLayoutW
SystemParametersInfoW
IsWindowVisible
GetMonitorInfoW
MoveWindow
OffsetRect
SetRect
SetCursorPos
UpdateLayeredWindow
GetKeyboardLayoutList
SetTimer
ReleaseDC

gdi32

CreateFontIndirectW
SetTextColor
SelectClipRgn
CreateCompatibleDC
GetTextExtentPointW
SelectObject
DeleteDC
SetBkMode
CreateDIBSection
CreateCompatibleBitmap
GetObjectW
GetTextExtentExPointW
CreateSolidBrush
RestoreDC
FillPath
EndPath
SaveDC
AngleArc
CreateRectRgn
CreatePen
GetFontData
MoveToEx
BitBlt
LineTo
StretchBlt
CombineRgn
ExtCreateRegion
GetPixel
BeginPath
GetStockObject
DeleteObject
RoundRect
SetViewportOrgEx
GetTextExtentPoint32W
GetTextMetricsW
GetCharABCWidthsFloatW
OffsetRgn
Rectangle

comdlg32

GetSaveFileNameW

advapi32

RegOpenKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegFlushKey
LookupAccountSidW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegEnumValueW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
OpenProcessToken
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegQueryValueW
RegEnumKeyW

ole32

CoInitializeEx
OleSetContainedObject
OleCreate
CoInitializeSecurity
CoUninitialize
CoCreateInstance
OleInitialize

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msimg32

TransparentBlt
GradientFill
AlphaBlend

wininet

InternetSetOptionW
InternetOpenW
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetCloseHandle

shlwapi

SHDeleteKeyW

psapi

GetModuleFileNameExW

shell32

ShellExecuteW
ShellExecuteExW
SHFileOperationW
SHGetSpecialFolderPathW
SHGetFolderPathW

comctl32

InitCommonControlsEx

Sections

.text
Size: 1015KB - Virtual size: 1015KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/PinyinUp.exe
.exe windows:5 windows x86 arch:x86

77196bb87cd27d8973fcde5acca98117

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\PinyinUp.pdb

Imports

wininet

InternetOpenUrlW
InternetSetOptionW
InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetConnectW
InternetReadFile
InternetQueryDataAvailable
InternetOpenW
InternetSetCookieW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
StrCSpnW
StrCmpIW
StrToIntW
StrStrIW

ws2_32

htons
getsockopt
getpeername
setsockopt
connect
socket
inet_addr
htonl
getservbyname
gethostbyaddr
getservbyport
bind
sendto
recvfrom
accept
listen
WSASocketW
select
ioctlsocket
inet_ntoa
gethostname
ntohl
WSAAddressToStringA
WSASend
WSAStringToAddressA
WSARecv
WSAStartup
gethostbyname
ntohs
getsockname
send
recv
WSAGetLastError
closesocket
WSACleanup
WSAIoctl
WSARecvFrom
WSASendTo
WSASetLastError
__WSAFDIsSet

kernel32

SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleFileNameW
lstrcpynA
SetEvent
InitializeCriticalSection
LeaveCriticalSection
lstrcpynW
FlushInstructionCache
RaiseException
InterlockedExchange
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
ResumeThread
UnmapViewOfFile
WaitForSingleObject
ReadFile
DeleteFileW
GetTempFileNameW
GetExitCodeProcess
GlobalMemoryStatusEx
GetTimeZoneInformation
TerminateThread
MoveFileW
ResetEvent
CreateEventW
WaitForMultipleObjects
SuspendThread
FindResourceW
LoadResource
LoadLibraryExW
SizeofResource
lstrcmpiW
OpenFileMappingW
CopyFileW
SetFileAttributesW
GetFileAttributesExW
SetEnvironmentVariableA
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
FreeLibrary
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
SetStdHandle
GetFullPathNameA
GetCurrentDirectoryA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
HeapCreate
GetCPInfo
LCMapStringA
GetFileInformationByHandle
FindFirstFileA
GetDriveTypeA
RtlUnwind
GetDriveTypeW
FileTimeToLocalFileTime
GetStartupInfoW
ExitProcess
GetFullPathNameW
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
CompareStringW
GetVersion
HeapFree
GetProcessHeap
HeapAlloc
DeviceIoControl
SetEndOfFile
lstrcpyW
FindNextFileW
GetSystemInfo
CreateFileMappingW
FindClose
SetLastError
GetTempPathW
CreateFileW
Sleep
WriteFile
MapViewOfFileEx
SetFilePointer
FindFirstFileW
QueryPerformanceFrequency
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
InterlockedIncrement
LocalFree
DebugBreak
CloseHandle
GetProcAddress
lstrlenW
LoadLibraryW
GetModuleHandleW
OutputDebugStringW
GetCurrentProcess
InterlockedDecrement
lstrlenA
CreateMutexW
GetCommandLineW
GetSystemDirectoryW
GetLocalTime
GetLastError
GetVersionExW
CreateMutexA
SetWaitableTimer
SetFilePointerEx
QueueUserAPC
TlsSetValue
TlsGetValue
GetModuleHandleA
ReleaseSemaphore
GetSystemTimeAsFileTime
CreateSemaphoreA
CreateEventA
InterlockedExchangeAdd
PostQueuedCompletionStatus
TlsAlloc
TlsFree
FormatMessageA
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
PeekNamedPipe
GetSystemDirectoryA
CreateWaitableTimerA
LoadLibraryA
SleepEx
IsDebuggerPresent
WriteConsoleA
lstrcatW
VirtualQuery
GetTickCount
LocalAlloc
ReleaseMutex
OpenMutexW
OpenEventW
RemoveDirectoryW
InitializeCriticalSectionAndSpinCount
MapViewOfFile
CreateThread
DuplicateHandle
ExitThread
FormatMessageW
GetFileTime
FileTimeToSystemTime
GetFileAttributesW
MoveFileExW
SystemTimeToFileTime
CreateProcessW
FlushFileBuffers
GetFileSize
CreateDirectoryW
WaitNamedPipeW
CreateIoCompletionPort
InterlockedCompareExchange
GetQueuedCompletionStatus
LCMapStringW

user32

GetSystemMetrics
MessageBoxW
LoadStringW
wvsprintfW
CharNextW
SendMessageW
SendMessageTimeoutW
FindWindowW
CopyRect
DefWindowProcW
GetMonitorInfoW
SetMenuItemInfoW
DestroyIcon
DestroyMenu
MapWindowPoints
SetMenuDefaultItem
CreateWindowExW
RemoveMenu
IsWindow
GetMenuItemCount
LoadBitmapW
CreatePopupMenu
ShowWindow
SetWindowPos
EndDialog
UnregisterClassA
CallWindowProcW
SubtractRect
MessageBeep
LoadCursorW
DialogBoxParamW
LoadIconW
LoadStringA
KillTimer
DrawIcon
GetClientRect
SetFocus
GetMenuItemInfoW
BeginPaint
PtInRect
SetWindowLongW
PeekMessageW
SetClassLongW
GetWindowTextW
AppendMenuW
GetWindowLongW
InvalidateRect
IntersectRect
TrackPopupMenuEx
GetClassInfoExW
RegisterClassExW
SetWindowTextW
GetDlgItem
GetWindowTextLengthW
GetParent
DestroyWindow
GetMessageW
LoadImageW
wsprintfW
GetDC
TranslateMessage
LoadAcceleratorsW
LoadMenuW
ReleaseDC
DrawTextW
DispatchMessageW
EndPaint
SetCursor
TranslateAcceleratorW
SetTimer
GetWindowRect
MonitorFromPoint
PostQuitMessage
PostMessageW

gdi32

CreatePen
SelectObject
CreateSolidBrush
GetTextMetricsW
MoveToEx
LineTo
SetTextColor
CreateFontIndirectW
SetBkMode
DeleteObject

advapi32

AllocateAndInitializeSid
RegOpenKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
RegCloseKey
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
GetTokenInformation
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
FreeSid
EqualSid
LookupAccountSidW
RegQueryValueExW

shell32

SHFileOperationW
ShellExecuteW
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr
VariantInit
SysStringLen
SysFreeString
SysAllocString

hwsignature

GenHWID

imm32

ImmDisableIME

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

mswsock

AcceptEx
GetAcceptExSockaddrs

wldap32

ord200
ord35
ord32
ord30
ord46
ord41
ord27
ord301
ord33
ord26
ord50
ord60
ord143
ord211
ord22
ord79

Exports

Exports

??0?$enable_shared_from_this@Vtorrent@libtorrent@@@boost@@IAE@ABV01@@Z
??0?$enable_shared_from_this@Vtorrent@libtorrent@@@boost@@IAE@XZ
??0?$intrusive_ptr_base@Utimeout_handler@libtorrent@@@libtorrent@@QAE@ABU01@@Z
??0?$intrusive_ptr_base@Utimeout_handler@libtorrent@@@libtorrent@@QAE@XZ
??0?$intrusive_ptr_base@Vpeer_connection@libtorrent@@@libtorrent@@QAE@ABU01@@Z
??0?$intrusive_ptr_base@Vpeer_connection@libtorrent@@@libtorrent@@QAE@XZ
??0?$intrusive_ptr_base@Vpiece_manager@libtorrent@@@libtorrent@@QAE@ABU01@@Z
??0?$intrusive_ptr_base@Vpiece_manager@libtorrent@@@libtorrent@@QAE@XZ
??0?$intrusive_ptr_base@Vtorrent_info@libtorrent@@@libtorrent@@QAE@ABU01@@Z
??0?$intrusive_ptr_base@Vtorrent_info@libtorrent@@@libtorrent@@QAE@XZ
??0alert@libtorrent@@QAE@ABV01@@Z
??0alert@libtorrent@@QAE@XZ
??0alert_manager@libtorrent@@QAE@XZ
??0announce_entry@libtorrent@@QAE@ABU01@@Z
??0announce_entry@libtorrent@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0big_number@libtorrent@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0big_number@libtorrent@@QAE@PBD@Z
??0big_number@libtorrent@@QAE@XZ
??0bitfield@libtorrent@@QAE@ABU01@@Z
??0bitfield@libtorrent@@QAE@H@Z
??0bitfield@libtorrent@@QAE@H_N@Z
??0bitfield@libtorrent@@QAE@PBDH@Z
??0bitfield@libtorrent@@QAE@XZ
??0block_downloading_alert@libtorrent@@QAE@ABU01@@Z
??0block_downloading_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@PBDHH@Z
??0block_finished_alert@libtorrent@@QAE@ABU01@@Z
??0block_finished_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@HH@Z
??0block_info@libtorrent@@QAE@ABU01@@Z
??0block_info@libtorrent@@QAE@XZ
??0block_timeout_alert@libtorrent@@QAE@ABU01@@Z
??0block_timeout_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@HH@Z
??0broadcast_socket@libtorrent@@QAE@AAVio_service@asio@boost@@ABV?$basic_endpoint@Vudp@ip@asio@boost@@@ip@34@ABV?$function@$$A6AXABV?$basic_endpoint@Vudp@ip@asio@boost@@@ip@asio@boost@@PADH@Z@4@_N@Z
??0broadcast_socket@libtorrent@@QAE@ABV01@@Z
??0bt_peer_connection@libtorrent@@QAE@AAUsession_impl@aux@1@V?$shared_ptr@V?$variant_stream@V?$basic_stream_socket@Vtcp@ip@asio@boost@@V?$stream_socket_service@Vtcp@ip@asio@boost@@@34@@asio@boost@@Vsocks5_stream@libtorrent@@Vsocks4_stream@5@Vhttp_stream@5@Uvoid_@mpl@3@@libtorrent@@@boost@@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@5@PAUpeer@policy@1@@Z
??0bt_peer_connection@libtorrent@@QAE@AAUsession_impl@aux@1@V?$weak_ptr@Vtorrent@libtorrent@@@boost@@V?$shared_ptr@V?$variant_stream@V?$basic_stream_socket@Vtcp@ip@asio@boost@@V?$stream_socket_service@Vtcp@ip@asio@boost@@@34@@asio@boost@@Vsocks5_stream@libtorrent@@Vsocks4_stream@5@Vhttp_stream@5@Uvoid_@mpl@3@@libtorrent@@@5@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@5@PAUpeer@policy@1@@Z
??0dht_reply_alert@libtorrent@@QAE@ABU01@@Z
??0dht_reply_alert@libtorrent@@QAE@ABUtorrent_handle@1@H@Z
??0disk_buffer_holder@libtorrent@@QAE@AAUdisk_io_thread@1@PAD@Z
??0disk_buffer_holder@libtorrent@@QAE@AAUsession_impl@aux@1@PAD@Z
??0duplicate_torrent@libtorrent@@QAE@ABU01@@Z
??0duplicate_torrent@libtorrent@@QAE@XZ
??0entry@libtorrent@@QAE@ABV01@@Z
??0entry@libtorrent@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0entry@libtorrent@@QAE@ABV?$list@Ventry@libtorrent@@V?$allocator@Ventry@libtorrent@@@std@@@std@@@Z
??0entry@libtorrent@@QAE@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Ventry@libtorrent@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Ventry@libtorrent@@@std@@@2@@std@@@Z
??0entry@libtorrent@@QAE@AB_J@Z
??0entry@libtorrent@@QAE@W4data_type@01@@Z
??0entry@libtorrent@@QAE@XZ
??0external_ip_alert@libtorrent@@QAE@ABU01@@Z
??0external_ip_alert@libtorrent@@QAE@ABVaddress@ip@asio@boost@@@Z
??0fastresume_rejected_alert@libtorrent@@QAE@ABU01@@Z
??0fastresume_rejected_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0file@libtorrent@@QAE@ABV?$basic_path@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Upath_traits@filesystem@boost@@@filesystem@boost@@Vopen_mode@01@AAVerror_code@system@4@@Z
??0file@libtorrent@@QAE@XZ
??0file_allocation_failed@libtorrent@@QAE@ABU01@@Z
??0file_allocation_failed@libtorrent@@QAE@PBD@Z
??0file_entry@libtorrent@@QAE@ABU01@@Z
??0file_entry@libtorrent@@QAE@XZ
??0file_error_alert@libtorrent@@QAE@ABU01@@Z
??0file_error_alert@libtorrent@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUtorrent_handle@1@0@Z
??0file_pool@libtorrent@@QAE@H@Z
??0file_rename_failed_alert@libtorrent@@QAE@ABU01@@Z
??0file_rename_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??0file_renamed_alert@libtorrent@@QAE@ABU01@@Z
??0file_renamed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??0file_storage@libtorrent@@QAE@ABV01@@Z
??0file_storage@libtorrent@@QAE@XZ
??0hash_failed_alert@libtorrent@@QAE@ABU01@@Z
??0hash_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@H@Z
??0http_tracker_connection@libtorrent@@QAE@AAVio_service@asio@boost@@AAVconnection_queue@1@AAVtracker_manager@1@ABUtracker_request@1@Vaddress@ip@34@V?$weak_ptr@Urequest_callback@libtorrent@@@4@ABUsession_settings@1@ABUproxy_settings@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0invalid_encoding@libtorrent@@QAE@ABU01@@Z
??0invalid_encoding@libtorrent@@QAE@XZ
??0invalid_handle@libtorrent@@QAE@ABU01@@Z
??0invalid_handle@libtorrent@@QAE@XZ
??0invalid_request_alert@libtorrent@@QAE@ABU01@@Z
??0invalid_request_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@ABUpeer_request@1@@Z
??0invalid_torrent_file@libtorrent@@QAE@ABU01@@Z
??0invalid_torrent_file@libtorrent@@QAE@XZ
??0ip_filter@libtorrent@@QAE@ABV01@@Z
??0ip_filter@libtorrent@@QAE@XZ
??0lazy_entry@libtorrent@@QAE@XZ
??0libtorrent_exception@libtorrent@@QAE@ABU01@@Z
??0libtorrent_exception@libtorrent@@QAE@ABVerror_code@system@boost@@@Z
??0listen_failed_alert@libtorrent@@QAE@ABU01@@Z
??0listen_failed_alert@libtorrent@@QAE@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVerror_code@system@5@@Z
??0listen_succeeded_alert@libtorrent@@QAE@ABU01@@Z
??0listen_succeeded_alert@libtorrent@@QAE@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@@Z
??0metadata_failed_alert@libtorrent@@QAE@ABU01@@Z
??0metadata_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0metadata_received_alert@libtorrent@@QAE@ABU01@@Z
??0metadata_received_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0partial_hash@libtorrent@@QAE@XZ
??0partial_piece_info@libtorrent@@QAE@ABU01@@Z
??0partial_piece_info@libtorrent@@QAE@XZ
??0peer_alert@libtorrent@@QAE@ABU01@@Z
??0peer_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@@Z
??0peer_ban_alert@libtorrent@@QAE@ABU01@@Z
??0peer_ban_alert@libtorrent@@QAE@Utorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@@Z
??0peer_blocked_alert@libtorrent@@QAE@ABU01@@Z
??0peer_blocked_alert@libtorrent@@QAE@ABVaddress@ip@asio@boost@@@Z
??0peer_connect_alert@libtorrent@@QAE@ABU01@@Z
??0peer_connect_alert@libtorrent@@QAE@Utorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@@Z
??0peer_connection@libtorrent@@QAE@AAUsession_impl@aux@1@V?$shared_ptr@V?$variant_stream@V?$basic_stream_socket@Vtcp@ip@asio@boost@@V?$stream_socket_service@Vtcp@ip@asio@boost@@@34@@asio@boost@@Vsocks5_stream@libtorrent@@Vsocks4_stream@5@Vhttp_stream@5@Uvoid_@mpl@3@@libtorrent@@@boost@@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@5@PAUpeer@policy@1@@Z
??0peer_connection@libtorrent@@QAE@AAUsession_impl@aux@1@V?$weak_ptr@Vtorrent@libtorrent@@@boost@@V?$shared_ptr@V?$variant_stream@V?$basic_stream_socket@Vtcp@ip@asio@boost@@V?$stream_socket_service@Vtcp@ip@asio@boost@@@34@@asio@boost@@Vsocks5_stream@libtorrent@@Vsocks4_stream@5@Vhttp_stream@5@Uvoid_@mpl@3@@libtorrent@@@5@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@5@PAUpeer@policy@1@@Z
??0peer_disconnected_alert@libtorrent@@QAE@ABU01@@Z
??0peer_disconnected_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0peer_entry@libtorrent@@QAE@ABU01@@Z
??0peer_entry@libtorrent@@QAE@XZ
??0peer_error_alert@libtorrent@@QAE@ABU01@@Z
??0peer_error_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0peer_info@libtorrent@@QAE@ABU01@@Z
??0peer_info@libtorrent@@QAE@XZ
??0peer_list_entry@libtorrent@@QAE@ABU01@@Z
??0peer_list_entry@libtorrent@@QAE@XZ
??0peer_snubbed_alert@libtorrent@@QAE@ABU01@@Z
??0peer_snubbed_alert@libtorrent@@QAE@Utorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@@Z
??0peer_unsnubbed_alert@libtorrent@@QAE@ABU01@@Z
??0peer_unsnubbed_alert@libtorrent@@QAE@Utorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@@Z
??0performance_alert@libtorrent@@QAE@ABU01@@Z
??0performance_alert@libtorrent@@QAE@ABUtorrent_handle@1@W4performance_warning_t@01@@Z
??0piece_block@libtorrent@@QAE@HH@Z
??0piece_finished_alert@libtorrent@@QAE@ABU01@@Z
??0piece_finished_alert@libtorrent@@QAE@ABUtorrent_handle@1@H@Z
??0piece_manager@libtorrent@@QAE@ABV?$shared_ptr@X@boost@@V?$intrusive_ptr@$$CBVtorrent_info@libtorrent@@@3@ABV?$basic_path@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Upath_traits@filesystem@boost@@@filesystem@3@AAUfile_pool@1@AAUdisk_io_thread@1@A6APAUstorage_interface@1@ABVfile_storage@1@23@ZW4storage_mode_t@1@@Z
??0piece_picker@libtorrent@@QAE@ABV01@@Z
??0piece_picker@libtorrent@@QAE@XZ
??0policy@libtorrent@@QAE@ABV01@@Z
??0policy@libtorrent@@QAE@PAVtorrent@1@@Z
??0port_filter@libtorrent@@QAE@ABV01@@Z
??0port_filter@libtorrent@@QAE@XZ
??0portmap_alert@libtorrent@@QAE@ABU01@@Z
??0portmap_alert@libtorrent@@QAE@HHH@Z
??0portmap_error_alert@libtorrent@@QAE@ABU01@@Z
??0portmap_error_alert@libtorrent@@QAE@HHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0proxy_settings@libtorrent@@QAE@ABU01@@Z
??0proxy_settings@libtorrent@@QAE@XZ
??0request_callback@libtorrent@@QAE@ABU01@@Z
??0request_callback@libtorrent@@QAE@XZ
??0request_dropped_alert@libtorrent@@QAE@ABU01@@Z
??0request_dropped_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@HH@Z
??0save_resume_data_alert@libtorrent@@QAE@ABU01@@Z
??0save_resume_data_alert@libtorrent@@QAE@ABV?$shared_ptr@Ventry@libtorrent@@@boost@@ABUtorrent_handle@1@@Z
??0save_resume_data_failed_alert@libtorrent@@QAE@ABU01@@Z
??0save_resume_data_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0scrape_failed_alert@libtorrent@@QAE@ABU01@@Z
??0scrape_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
??0scrape_reply_alert@libtorrent@@QAE@ABU01@@Z
??0scrape_reply_alert@libtorrent@@QAE@ABUtorrent_handle@1@HHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0session@libtorrent@@QAE@ABUfingerprint@1@H@Z
??0session@libtorrent@@QAE@ABUfingerprint@1@U?$pair@HH@std@@PBDH@Z
??0session_proxy@libtorrent@@AAE@V?$shared_ptr@Usession_impl@aux@libtorrent@@@boost@@@Z
??0session_proxy@libtorrent@@AAE@V?$shared_ptr@Vsession_impl@aux@libtorrent@@@boost@@@Z
??0session_proxy@libtorrent@@QAE@ABV01@@Z
??0session_proxy@libtorrent@@QAE@XZ
??0session_settings@libtorrent@@QAE@ABU01@@Z
??0session_settings@libtorrent@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0stat@libtorrent@@QAE@XZ
??0stat_channel@libtorrent@@QAE@XZ
??0state_changed_alert@libtorrent@@QAE@ABU01@@Z
??0state_changed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABW4state_t@torrent_status@1@@Z
??0storage_interface@libtorrent@@QAE@ABU01@@Z
??0storage_interface@libtorrent@@QAE@XZ
??0storage_moved_alert@libtorrent@@QAE@ABU01@@Z
??0storage_moved_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0storage_moved_failed_alert@libtorrent@@QAE@ABU01@@Z
??0storage_moved_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABVerror_code@system@boost@@@Z
??0timeout_handler@libtorrent@@QAE@AAVio_service@asio@boost@@@Z
??0torrent@libtorrent@@QAE@AAUsession_impl@aux@1@PBDABVbig_number@1@1ABV?$basic_path@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Upath_traits@filesystem@boost@@@filesystem@boost@@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@7@W4storage_mode_t@1@HA6APAUstorage_interface@1@ABVfile_storage@1@3AAUfile_pool@1@@Z_NPAV?$vector@DV?$allocator@D@std@@@std@@H9@Z
??0torrent@libtorrent@@QAE@AAUsession_impl@aux@1@V?$intrusive_ptr@Vtorrent_info@libtorrent@@@boost@@ABV?$basic_path@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Upath_traits@filesystem@boost@@@filesystem@5@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@5@W4storage_mode_t@1@HA6APAUstorage_interface@1@ABVfile_storage@1@2AAUfile_pool@1@@Z_NPAV?$vector@DV?$allocator@D@std@@@std@@H8@Z
??0torrent_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0torrent_checked_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_checked_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0torrent_delete_failed_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_delete_failed_alert@libtorrent@@QAE@ABUtorrent_handle@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0torrent_deleted_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_deleted_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0torrent_finished_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_finished_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0torrent_handle@libtorrent@@AAE@ABV?$weak_ptr@Vtorrent@libtorrent@@@boost@@@Z
??0torrent_handle@libtorrent@@QAE@ABU01@@Z
??0torrent_handle@libtorrent@@QAE@XZ
??0torrent_info@libtorrent@@QAE@ABUlazy_entry@1@@Z
??0torrent_info@libtorrent@@QAE@ABV01@@Z
??0torrent_info@libtorrent@@QAE@ABV?$basic_path@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Upath_traits@filesystem@boost@@@filesystem@boost@@@Z
??0torrent_info@libtorrent@@QAE@ABVbig_number@1@@Z
??0torrent_info@libtorrent@@QAE@PBDH@Z
??0torrent_paused_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_paused_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0torrent_resumed_alert@libtorrent@@QAE@ABU01@@Z
??0torrent_resumed_alert@libtorrent@@QAE@ABUtorrent_handle@1@@Z
??0torrent_status@libtorrent@@QAE@ABU01@@Z
??0torrent_status@libtorrent@@QAE@XZ
??0tracker_alert@libtorrent@@QAE@ABU01@@Z
??0tracker_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0tracker_announce_alert@libtorrent@@QAE@ABU01@@Z
??0tracker_announce_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??0tracker_connection@libtorrent@@QAE@AAVtracker_manager@1@ABUtracker_request@1@AAVio_service@asio@boost@@Vaddress@ip@56@V?$weak_ptr@Urequest_callback@libtorrent@@@6@@Z
??0tracker_error_alert@libtorrent@@QAE@ABU01@@Z
??0tracker_error_alert@libtorrent@@QAE@ABUtorrent_handle@1@HHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
??0tracker_manager@libtorrent@@QAE@ABUsession_settings@1@ABUproxy_settings@1@@Z
??0tracker_reply_alert@libtorrent@@QAE@ABU01@@Z
??0tracker_reply_alert@libtorrent@@QAE@ABUtorrent_handle@1@HABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0tracker_request@libtorrent@@QAE@ABU01@@Z
??0tracker_request@libtorrent@@QAE@XZ
??0tracker_warning_alert@libtorrent@@QAE@ABU01@@Z
??0tracker_warning_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
??0type_error@libtorrent@@QAE@ABU01@@Z
??0type_error@libtorrent@@QAE@PBD@Z
??0udp_error_alert@libtorrent@@QAE@ABU01@@Z
??0udp_error_alert@libtorrent@@QAE@ABV?$basic_endpoint@Vudp@ip@asio@boost@@@ip@asio@boost@@ABVerror_code@system@5@@Z
??0unhandled_alert@libtorrent@@QAE@ABU01@@Z
??0unhandled_alert@libtorrent@@QAE@XZ
??0unwanted_block_alert@libtorrent@@QAE@ABU01@@Z
??0unwanted_block_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@boost@@ABVbig_number@1@HH@Z
??0url_seed_alert@libtorrent@@QAE@ABU01@@Z
??0url_seed_alert@libtorrent@@QAE@ABUtorrent_handle@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
??0web_peer_connection@libtorrent@@QAE@AAUsession_impl@aux@1@V?$weak_ptr@Vtorrent@libtorrent@@@boost@@V?$shared_ptr@V?$variant_stream@V?$basic_stream_socket@Vtcp@ip@asio@boost@@V?$stream_socket_service@Vtcp@ip@asio@boost@@@34@@asio@boost@@Vsocks5_stream@libtorrent@@Vsocks4_stream@5@Vhttp_stream@5@Uvoid_@mpl@3@@libtorrent@@@5@ABV?$basic_endpoint@Vtcp@ip@asio@boost@@@ip@asio@5@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAUpeer@policy@1@@Z
??1?$enable_shared_from_this@Vtorrent@libtorrent@@@boost@@IAE@XZ
??1alert@libtorrent@@UAE@XZ
??1alert_manager@libtorrent@@QAE@XZ
??1announce_entry@libtorrent@@QAE@XZ
??1bitfield@libtorrent@@QAE@XZ
??1block_downloading_alert@libtorrent@@UAE@XZ
??1block_finished_alert@libtorrent@@UAE@XZ
??1block_timeout_alert@libtorrent@@UAE@XZ
??1broadcast_socket@libtorrent@@QAE@XZ
??1bt_peer_connection@libtorrent@@UAE@XZ
??1dht_reply_alert@libtorrent@@UAE@XZ
??1disk_buffer_holder@libtorrent@@QAE@XZ
??1duplicate_torrent@libtorrent@@UAE@XZ
??1entry@libtorrent@@QAE@XZ
??1external_ip_alert@libtorrent@@UAE@XZ
??1fastresume_rejected_alert@libtorrent@@UAE@XZ
??1file@libtorrent@@QAE@XZ
??1file_allocation_failed@libtorrent@@UAE@XZ
??1file_entry@libtorrent@@QAE@XZ
??1file_error_alert@libtorrent@@UAE@XZ
??1file_pool@libtorrent@@QAE@XZ
??1file_rename_failed_alert@libtorrent@@UAE@XZ
??1file_renamed_alert@libtorrent@@UAE@XZ
??1file_storage@libtorrent@@QAE@XZ
??1hash_failed_alert@libtorrent@@UAE@XZ
??1http_tracker_connection@libtorrent@@UAE@XZ
??1invalid_encoding@libtorrent@@UAE@XZ
??1invalid_handle@libtorrent@@UAE@XZ
??1invalid_request_alert@libtorrent@@UAE@XZ
??1invalid_torrent_file@libtorrent@@UAE@XZ
??1ip_filter@libtorrent@@QAE@XZ
??1lazy_entry@libtorrent@@QAE@XZ
??1libtorrent_exception@libtorrent@@UAE@XZ
??1listen_failed_alert@libtorrent@@UAE@XZ
??1listen_succeeded_alert@libtorrent@@UAE@XZ
??1metadata_failed_alert@libtorrent@@UAE@XZ
??1metadata_received_alert@libtorrent@@UAE@XZ
??1peer_alert@libtorrent@@UAE@XZ
??1peer_ban_alert@libtorrent@@UAE@XZ
??1peer_blocked_alert@libtorrent@@UAE@XZ
??1peer_connect_alert@libtorrent@@UAE@XZ
??1peer_connection@libtorrent@@UAE@XZ
??1peer_disconnected_alert@libtorrent@@UAE@XZ
??1peer_entry@libtorrent@@QAE@XZ
??1peer_error_alert@libtorrent@@UAE@XZ
??1peer_info@libtorrent@@QAE@XZ
??1peer_snubbed_alert@libtorrent@@UAE@XZ
??1peer_unsnubbed_alert@libtorrent@@UAE@XZ
??1performance_alert@libtorrent@@UAE@XZ
??1piece_finished_alert@libtorrent@@UAE@XZ
??1piece_manager@libtorrent@@QAE@XZ
??1piece_picker@libtorrent@@QAE@XZ
??1policy@libtorrent@@QAE@XZ
??1port_filter@libtorrent@@QAE@XZ
??1portmap_alert@libtorrent@@UAE@XZ
??1portmap_error_alert@libtorrent@@UAE@XZ
??1proxy_settings@libtorrent@@QAE@XZ
??1request_callback@libtorrent@@UAE@XZ
??1request_dropped_alert@libtorrent@@UAE@XZ
??1save_resume_data_alert@libtorrent@@UAE@XZ
??1save_resume_data_failed_alert@libtorrent@@UAE@XZ
??1scrape_failed_alert@libtorrent@@UAE@XZ
??1scrape_reply_alert@libtorrent@@UAE@XZ
??1session@libtorrent@@QAE@XZ
??1session_proxy@libtorrent@@QAE@XZ
??1session_settings@libtorrent@@QAE@XZ
??1state_changed_alert@libtorrent@@UAE@XZ
??1storage_interface@libtorrent@@UAE@XZ
??1storage_moved_alert@libtorrent@@UAE@XZ
??1storage_moved_failed_alert@libtorrent@@UAE@XZ
??1timeout_handler@libtorrent@@UAE@XZ
??1torrent@libtorrent@@UAE@XZ
??1torrent_alert@libtorrent@@UAE@XZ
??1torrent_checked_alert@libtorrent@@UAE@XZ
??1torrent_delete_failed_alert@libtorrent@@UAE@XZ
??1torrent_deleted_alert@libtorrent@@UAE@XZ
??1torrent_finished_alert@libtorrent@@UAE@XZ
??1torrent_handle@libtorrent@@QAE@XZ
??1torrent_info@libtorrent@@QAE@XZ
??1torrent_paused_alert@libtorrent@@UAE@XZ
??1torrent_resumed_alert@libtorrent@@UAE@XZ
??1torrent_status@libtorrent@@QAE@XZ
??1tracker_alert@libtorrent@@UAE@XZ
??1tracker_announce_alert@libtorrent@@UAE@XZ
??1tracker_connection@libtorrent@@UAE@XZ
??1tracker_error_alert@libtorrent@@UAE@XZ
??1tracker_manager@libtorrent@@QAE@XZ
??1tracker_reply_alert@libtorrent@@UAE@XZ
??1tracker_request@libtorrent@@QAE@XZ
??1tracker_warning_alert@libtorrent@@UAE@XZ
??1type_error@libtorrent@@UAE@XZ
??1udp_error_alert@libtorrent@@UAE@XZ
??1unhandled_alert@libtorrent@@UAE@XZ
??1unwanted_block_alert@libtorrent@@UAE@XZ
??1url_seed_alert@libtorrent@@UAE@XZ
??1web_peer_connection@libtorrent@@UAE@XZ
??4?$enable_shared_from_this@Vtorrent@libtorrent@@@boost@@IAEAAV01@ABV01@@Z
??4?$intrusive_ptr_base@Utimeout_handler@libtorrent@@@libtorrent@@QAEAAU01@ABU01@@Z
??4?$intrusive_ptr_base@Vpeer_connection@libtorrent@@@libtorrent@@QAEAAU01@ABU01@@Z
??4?$intrusive_ptr_base@Vpiece_manager@libtorrent@@@libtorrent@@QAEAAU01@ABU01@@Z
??4?$intrusive_ptr_base@Vtorrent_info@libtorrent@@@libtorrent@@QAEAAU01@ABU01@@Z
??4SHA_CTX@@QAEAAU0@ABU0@@Z
??4alert@libtorrent@@QAEAAV01@ABV01@@Z
??4announce_entry@libtorrent@@QAEAAU01@ABU01@@Z
??4big_number@libtorrent@@QAEAAV01@ABV01@@Z
??4bitfield@libtorrent@@QAEAAU01@ABU01@@Z
??4block_downloading_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4block_finished_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4block_info@libtorrent@@QAEAAU01@ABU01@@Z
??4block_timeout_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4broadcast_socket@libtorrent@@QAEAAV01@ABV01@@Z
??4dht_reply_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4duplicate_torrent@libtorrent@@QAEAAU01@ABU01@@Z
??4entry@libtorrent@@QAEXABV01@@Z
??4entry@libtorrent@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??4entry@libtorrent@@QAEXABV?$list@Ventry@libtorrent@@V?$allocator@Ventry@libtorrent@@@std@@@std@@@Z
??4entry@libtorrent@@QAEXABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Ventry@libtorrent@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Ventry@libtorrent@@@std@@@2@@std@@@Z
??4entry@libtorrent@@QAEXAB_J@Z
??4external_ip_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4fastresume_rejected_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4file_allocation_failed@libtorrent@@QAEAAU01@ABU01@@Z
??4file_entry@libtorrent@@QAEAAU01@ABU01@@Z
??4file_error_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4file_rename_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4file_renamed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4file_slice@libtorrent@@QAEAAU01@ABU01@@Z
??4file_storage@libtorrent@@QAEAAV01@ABV01@@Z
??4hash_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4invalid_encoding@libtorrent@@QAEAAU01@ABU01@@Z
??4invalid_handle@libtorrent@@QAEAAU01@ABU01@@Z
??4invalid_request_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4invalid_torrent_file@libtorrent@@QAEAAU01@ABU01@@Z
??4ip_filter@libtorrent@@QAEAAV01@ABV01@@Z
??4lazy_entry@libtorrent@@QAEAAU01@ABU01@@Z
??4libtorrent_exception@libtorrent@@QAEAAU01@ABU01@@Z
??4listen_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4listen_succeeded_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4metadata_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4metadata_received_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4partial_hash@libtorrent@@QAEAAU01@ABU01@@Z
??4partial_piece_info@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_ban_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_blocked_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_connect_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_disconnected_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_entry@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_error_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_info@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_list_entry@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_request@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_snubbed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4peer_unsnubbed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4performance_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4piece_block@libtorrent@@QAEAAU01@ABU01@@Z
??4piece_block_progress@libtorrent@@QAEAAU01@ABU01@@Z
??4piece_finished_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4piece_picker@libtorrent@@QAEAAV01@ABV01@@Z
??4policy@libtorrent@@QAEAAV01@ABV01@@Z
??4port_filter@libtorrent@@QAEAAV01@ABV01@@Z
??4portmap_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4portmap_error_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4proxy_settings@libtorrent@@QAEAAU01@ABU01@@Z
??4request_callback@libtorrent@@QAEAAU01@ABU01@@Z
??4request_dropped_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4save_resume_data_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4save_resume_data_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4scrape_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4scrape_reply_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4session_proxy@libtorrent@@QAEAAV01@ABV01@@Z
??4session_settings@libtorrent@@QAEAAU01@ABU01@@Z
??4session_status@libtorrent@@QAEAAU01@ABU01@@Z
??4stat@libtorrent@@QAEAAV01@ABV01@@Z
??4stat_channel@libtorrent@@QAEAAV01@ABV01@@Z
??4state_changed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4storage_interface@libtorrent@@QAEAAU01@ABU01@@Z
??4storage_moved_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4storage_moved_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_checked_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_delete_failed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_deleted_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_finished_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_handle@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_info@libtorrent@@QAEAAV01@ABV01@@Z
??4torrent_paused_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_resumed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4torrent_status@libtorrent@@QAEAAU01@ABU01@@Z
??4tracker_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4tracker_announce_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4tracker_error_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4tracker_reply_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4tracker_request@libtorrent@@QAEAAU01@ABU01@@Z
??4tracker_warning_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4type_error@libtorrent@@QAEAAU01@ABU01@@Z
??4udp_error_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4unhandled_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4unwanted_block_alert@libtorrent@@QAEAAU01@ABU01@@Z
??4url_seed_alert@libtorrent@@QAEAAU01@ABU01@@Z
??6libtorrent@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AAV12@ABUlazy_entry@0@@Z
??8big_number@libtorrent@@QBE_NABV01@@Z
??8entry@libtorrent@@QBE_NABV01@@Z
??8peer_entry@libtorrent@@QBE_NABU01@@Z
??8peer_request@libtorrent@@QBE_NABU01@@Z
??8piece_block@libtorrent@@QBE_NABU01@@Z
??8torrent_handle@libtorrent@@QBE_NABU01@@Z
??9big_number@libtorrent@@QBE_NABV01@@Z
??9piece_block@libtorrent@@QBE_NABU01@@Z
??9torrent_handle@libtorrent@@QBE_NABU01@@Z
??Abig_number@libtorrent@@QAEAAEH@Z
??Abig_number@libtorrent@@QBEABEH@Z
??Abitfield@libtorrent@@QBE_NH@Z
??Aentry@libtorrent@@QAEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??Aentry@libtorrent@@QAEAAV01@PBD@Z
??Aentry@libtorrent@@QBEABV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??Aentry@libtorrent@@QBEABV01@PBD@Z
??Bdisk_buffer_holder@libtorrent@@QBEP801@AEPADXZXZ
??Mbig_number@libtorrent@@QBE_NABV01@@Z
??Mpeer_entry@libtorrent@@QBE_NABU01@@Z
??Mpiece_block@libtorrent@@QBE_NABU01@@Z
??Mtorrent_handle@libtorrent@@QBE_NABU01@@Z
??Sbig_number@libtorrent@@QAE?AV01@XZ
??Ystat@libtorrent@@QAEXABV01@@Z
??Ystat_channel@libtorrent@@QAEXABV01@@Z
??_4big_number@libtorrent@@QAEAAV01@ABV01@@Z
??_5big_number@libtorrent@@QAEAAV01@ABV01@@Z
??_6big_number@libtorrent@@QAEAAV01@ABV01@@Z
??_7alert@libtorrent@@6B@
??_7block_downloading_alert@libtorrent@@6B@
??_7block_finished_alert@libtorrent@@6B@
??_7block_timeout_alert@libtorrent@@6B@
??_7bt_peer_connection@libtorrent@@6B@
??_7dht_reply_alert@libtorrent@@6B@
??_7duplicate_torrent@libtorrent@@6B@
??_7external_ip_alert@libtorrent@@6B@
??_7fastresume_rejected_alert@libtorrent@@6B@
??_7file_allocation_failed@libtorrent@@6B@
??_7file_error_alert@libtorrent@@6B@
??_7file_rename_failed_alert@libtorrent@@6B@
??_7file_renamed_alert@libtorrent@@6B@
??_7hash_failed_alert@libtorrent@@6B@
??_7http_tracker_connection@libtorrent@@6B@
??_7invalid_encoding@libtorrent@@6B@
??_7invalid_handle@libtorrent@@6B@
??_7invalid_request_alert@libtorrent@@6B@
??_7invalid_torrent_file@libtorrent@@6B@
??_7libtorrent_exception@libtorrent@@6B@
??_7listen_failed_alert@libtorrent@@6B@
??_7listen_succeeded_alert@libtorrent@@6B@
??_7metadata_failed_alert@libtorrent@@6B@
??_7metadata_received_alert@libtorrent@@6B@
??_7peer_alert@libtorrent@@6B@
??_7peer_ban_alert@libtorrent@@6B@
??_7peer_blocked_alert@libtorrent@@6B@
??_7peer_connect_alert@libtorrent@@6B@
??_7peer_connection@libtorrent@@6B@
??_7peer_disconnected_alert@libtorrent@@6B@
??_7peer_error_alert@libtorrent@@6B@
??_7peer_snubbed_alert@libtorrent@@6B@
??_7peer_unsnubbed_alert@libtorrent@@6B@
??_7performance_alert@libtorrent@@6B@
??_7piece_finished_alert@libtorrent@@6B@
??_7portmap_alert@libtorrent@@6B@
??_7portmap_error_alert@libtorrent@@6B@
??_7request_callback@libtorrent@@6B@
??_7request_dropped_alert@libtorrent@@6B@
??_7save_resume_data_alert@libtorrent@@6B@
??_7save_resume_data_failed_alert@libtorrent@@6B@
??_7scrape_failed_alert@libtorrent@@6B@
??_7scrape_reply_alert@libtorrent@@6B@
??_7state_changed_alert@libtorrent@@6B@
??_7storage_interface@libtorrent@@6B@
??_7storage_moved_alert@libtorrent@@6B@
??_7storage_moved_failed_alert@libtorrent@@6B@
??_7timeout_handler@libtorrent@@6B@
??_7torrent@libtorrent@@6B@
??_7torrent_alert@libtorrent@@6B@
??_7torrent_checked_alert@libtorrent@@6B@
??_7torrent_delete_failed_alert@libtorrent@@6B@
??_7torrent_deleted_alert@libtorrent@@6B@
??_7torrent_finished_alert@libtorrent@@6B@
??_7torrent_paused_alert@libtorrent@@6B@

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 451KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/QuickInput.exe
.exe windows:5 windows x86 arch:x86

7b91fec81ef793f14f7d86c067b8a25c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\QuickInput.pdb

Imports

kernel32

FindResourceW
LoadResource
SizeofResource
QueryPerformanceCounter
QueryPerformanceFrequency
LCMapStringW
WaitForSingleObject
InterlockedCompareExchange
CreateEventW
WideCharToMultiByte
CreateDirectoryW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
CreateMutexW
OpenMutexW
ReleaseMutex
GetCommandLineW
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
GetTempPathW
GetCurrentProcessId
InterlockedIncrement
CreateProcessW
MoveFileExW
FileTimeToSystemTime
GlobalFree
CloseHandle
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
SetFilePointer
FormatMessageW
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
OpenEventW
FindFirstFileW
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
MultiByteToWideChar
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetDriveTypeA
FindFirstFileA
GetFileType
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
FreeLibrary
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
GetLastError
GlobalUnlock
CreateFileW
Sleep
LoadLibraryW
GlobalAlloc
OpenProcess
WriteFile
GlobalLock
GlobalSize
LockResource

user32

GetMonitorInfoW
GetCursor
RedrawWindow
IntersectRect
SetRect
GetAsyncKeyState
SubtractRect
MonitorFromPoint
SetWindowRgn
UpdateLayeredWindow
CreateDialogParamW
EndDialog
DialogBoxParamW
DrawTextW
KillTimer
LoadCursorW
InflateRect
RegisterClassExW
CreateWindowExW
IsWindowVisible
DefWindowProcW
wvsprintfW
MessageBoxW
GetSystemMetrics
SetClassLongW
TrackMouseEvent
EnableWindow
ShowWindow
FindWindowW
PostMessageW
CallWindowProcW
SetCursor
EndPaint
DestroyWindow
IsWindowEnabled
BeginPaint
GetScrollInfo
SystemParametersInfoW
SetScrollInfo
SetCursorPos
ClientToScreen
CloseClipboard
SendInput
SetCapture
EnumClipboardFormats
GetClipboardData
GetWindowTextW
EmptyClipboard
OpenClipboard
ReleaseCapture
SetClipboardData
SetWindowTextW
GetWindowThreadProcessId
GetCursorPos
SetForegroundWindow
GetParent
GetForegroundWindow
SetFocus
OffsetRect
GetWindowLongW
SetWindowLongW
SetWindowPos
FillRect
InvalidateRect
GetWindowRect
GetClientRect
GetDC
ReleaseDC
GetWindowTextLengthW
GetClassNameW
IsWindow
GetWindow
MoveWindow
SendMessageW
GetDlgItem
GetDesktopWindow
LoadBitmapW
PtInRect
LoadImageW
IsIconic
SetTimer

gdi32

CombineRgn
StretchBlt
MoveToEx
GetPixel
BitBlt
LineTo
DeleteDC
CreateDIBSection
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentExPointW
CreateRectRgn
SetTextColor
OffsetRgn
GetTextExtentPoint32W
GetTextMetricsW
GetCharABCWidthsFloatW
ExtCreateRegion
SetBkColor
GetStockObject
CreateSolidBrush
CreatePen
Rectangle
SelectObject
DeleteObject
GetObjectW
SetBkMode
CreateFontIndirectW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

TransparentBlt
AlphaBlend
GradientFill

advapi32

RegEnumValueW
GetTokenInformation
LookupAccountSidW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
RegCloseKey
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
OpenProcessToken
RegQueryInfoKeyW

shell32

SHGetFolderPathW
ShellExecuteW

comctl32

InitCommonControlsEx

Sections

.text
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/Resource.dll
.dll windows:5 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/SGTool.exe
.exe windows:5 windows x86 arch:x86

e78a76c32cd6e817afcdc43a7639b442

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\SGTool.pdb

Imports

imm32

ImmGetContext
ImmReleaseContext
ImmSetHotKey
ImmGetHotKey
ImmAssociateContext
ImmDestroyContext
ImmInstallIMEW
ImmGetIMEFileNameW
ImmDisableIME

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Create

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

wininet

InternetCloseHandle
InternetOpenUrlW
InternetSetOptionW
InternetReadFile
InternetOpenW

kernel32

WideCharToMultiByte
GlobalLock
GlobalUnlock
SetLastError
FlushInstructionCache
lstrlenA
OutputDebugStringW
DebugBreak
SetEnvironmentVariableA
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetVersionExW
GetFullPathNameA
GetDateFormatA
GetTimeFormatA
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
SetHandleCount
GetConsoleMode
GetConsoleCP
GetModuleHandleA
HeapSize
GetModuleFileNameA
GetStdHandle
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
FindFirstFileA
GetDriveTypeA
GetTimeZoneInformation
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetDriveTypeW
FileTimeToLocalFileTime
GetStartupInfoW
GetSystemTimeAsFileTime
ExitProcess
HeapReAlloc
UnhandledExceptionFilter
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
FindFirstFileW
FindNextFileW
CreateThread
WaitForSingleObject
SetEvent
ResetEvent
GetTickCount
GetSystemDefaultLangID
QueryPerformanceFrequency
QueryPerformanceCounter
CreateFileW
GetFileSize
LoadLibraryW
GetCurrentThreadId
GetSystemDirectoryW
GlobalAlloc
GlobalFree
OpenProcess
TerminateProcess
GetCurrentProcessId
Process32FirstW
Process32NextW
GetCurrentProcess
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
GetTempPathW
GetCommandLineW
LocalFree
OpenEventW
CloseHandle
CreateEventW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
HeapAlloc
GetProcessHeap
HeapFree
GetEnvironmentVariableW
EnumSystemLocalesW
GetLocaleInfoW
ExpandEnvironmentStringsW
GlobalHandle
GetWindowsDirectoryA
OpenFileMappingA
CreateFileMappingA
CreateFileA
GlobalReAlloc
CompareStringW
lstrcpyW
IsDebuggerPresent
lstrcatW
GetLocalTime
SetUnhandledExceptionFilter
VirtualQuery
GetWindowsDirectoryW
QueryDosDeviceW
GetLogicalDriveStringsW
DeleteFileA
FlushFileBuffers
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetStdHandle
ReadFile
LockResource
LCMapStringW
InterlockedCompareExchange
InterlockedExchange
WaitNamedPipeW
CreateDirectoryW
SetFilePointer
CreateProcessW
WriteFile
FormatMessageW
WaitForMultipleObjects
DuplicateHandle
FindClose
LocalAlloc
InitializeCriticalSectionAndSpinCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetTempFileNameW
MoveFileExW
Sleep
CopyFileW
FileTimeToSystemTime
GetFileTime
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex

user32

MessageBoxW
SetWindowsHookExW
SetCapture
ClientToScreen
ReleaseCapture
GetForegroundWindow
GetKeyState
CallNextHookEx
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
keybd_event
GetDlgItemInt
UnhookWindowsHookEx
CreateDialogParamW
PeekMessageW
LoadImageW
FindWindowExW
wvsprintfW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
IsWindow
IsDlgButtonChecked
InflateRect
OffsetRect
KillTimer
GetParent
IsWindowVisible
AdjustWindowRectEx
GetSystemMetrics
MoveWindow
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
EnableWindow
PostMessageW
ScreenToClient
GetWindow
GetClassNameW
GetWindowDC
TrackMouseEvent
GetFocus
GetWindowRect
SetWindowPos
ScrollWindow
GetDC
ReleaseDC
GetWindowLongW
GetWindowTextLengthW
SetWindowTextW
CallWindowProcW
GetClientRect
GetWindowTextW
IsWindowEnabled
FindWindowW
IsIconic
SetForegroundWindow
SetCursor
GetCursorPos
DrawFrameControl
SystemParametersInfoW
LoadStringW
GetWindowThreadProcessId
WindowFromPoint
RedrawWindow
PtInRect
GetCursor
MonitorFromPoint
UpdateLayeredWindow
GetDesktopWindow
FillRect
SetRect
SetCursorPos
IntersectRect
GetAsyncKeyState
SubtractRect
SetWindowRgn
CheckDlgButton
SetScrollInfo
GetScrollInfo
CopyRect
UnregisterClassA
LoadCursorW
DefWindowProcW
BeginPaint
EndPaint
ShowWindow
CreateWindowExW
VkKeyScanW
SetWindowLongW
InvalidateRect
PostQuitMessage
DrawTextW
DestroyWindow
UnloadKeyboardLayout
LoadKeyboardLayoutW
GetKeyboardLayoutList
DialogBoxParamW
GetDlgItem
EndDialog
GetSystemMenu
RemoveMenu
LoadIconW
SetTimer
SetFocus
SendMessageW
CharNextW

gdi32

GetCharABCWidthsFloatW
GetClipRgn
GetTextMetricsW
CreateCompatibleBitmap
CreateFontW
BitBlt
MoveToEx
LineTo
CreateCompatibleDC
CreateDIBSection
CreateSolidBrush
GetTextExtentPoint32W
SetBkMode
PolyBezier
SelectObject
CreatePen
GetStockObject
RoundRect
SetBkColor
SetTextColor
DeleteObject
Rectangle
CreateFontIndirectW
RestoreDC
OffsetViewportOrgEx
IntersectClipRect
SaveDC
GetObjectW
CreateRectRgn
StretchBlt
ExtCreateRegion
CombineRgn
SelectClipRgn
GetTextExtentExPointW
GetFontData
GetPixel
OffsetRgn
DeleteDC

advapi32

RegQueryInfoKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
AddAccessAllowedAceEx
RegEnumKeyExW
RegQueryValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
LookupAccountSidW
GetTokenInformation
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
OpenProcessToken
RegQueryValueExW
RegFlushKey
CreateProcessAsUserW
DuplicateTokenEx
RegCreateKeyW
RegLoadKeyW
RegOpenKeyW
RegUnLoadKeyW
RegEnumValueW
RegEnumKeyW
LookupAccountNameW
ConvertSidToStringSidW

shell32

ShellExecuteW
CommandLineToArgvW
ExtractIconW
SHFileOperationW
SHGetFolderPathW
Shell_NotifyIconW
SHGetSpecialFolderPathW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msimg32

AlphaBlend
TransparentBlt
GradientFill

shlwapi

SHDeleteKeyW

psapi

GetModuleFileNameExW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 422KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/ScdMaker.exe
.exe windows:5 windows x86 arch:x86

67dfc563e4f7d0c4f43771deafae0c43

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\ScdMaker.pdb

Imports

imm32

ImmDisableIME

kernel32

CreateDirectoryW
SetFilePointer
CreateProcessW
GetCurrentProcess
WriteFile
FormatMessageW
GetModuleFileNameW
SetLastError
WaitForMultipleObjects
GetCurrentThreadId
DuplicateHandle
LocalFree
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
CreateMutexW
OpenMutexW
ReleaseMutex
GetCommandLineW
GetModuleHandleW
LoadLibraryW
GetTempPathW
GetProcAddress
GetCurrentProcessId
InterlockedIncrement
MoveFileExW
Sleep
FileTimeToSystemTime
SetFileAttributesW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetSystemDirectoryW
RemoveDirectoryW
GetFileSize
ReadFile
FlushFileBuffers
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
IsDebuggerPresent
lstrcpyW
InitializeCriticalSection
FileTimeToLocalFileTime
GetDriveTypeW
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetTimeZoneInformation
GetCPInfo
RaiseException
LCMapStringA
GetStringTypeW
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetModuleHandleA
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GetLocaleInfoW
CreateFileA
SetEndOfFile
GetProcessHeap
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileW
CloseHandle
CreateEventW
InterlockedExchange
InterlockedCompareExchange
WaitForSingleObject
LCMapStringW
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
DeleteFileW
GetLastError
MultiByteToWideChar
CopyFileW
lstrcatW

user32

MessageBoxW
GetSystemMetrics
wvsprintfW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

advapi32

RegQueryValueExW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW

shell32

SHGetFolderPathW

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/ScdReg.exe
.exe windows:5 windows x86 arch:x86

a842bc6f9b8786704a29538f64a80fff

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\ScdReg.pdb

Imports

imm32

ImmDisableIME

wininet

InternetSetOptionW
InternetCloseHandle
InternetOpenUrlW
InternetOpenW

kernel32

GetDriveTypeA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetProcessHeap
CreateFileA
InitializeCriticalSection
GetSystemDefaultLangID
GetCommandLineW
lstrlenA
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
lstrlenW
FindNextFileW
FindClose
FindFirstFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTempPathW
DebugBreak
GetStringTypeW
LocalFree
GetStringTypeA
GetLocaleInfoA
QueryPerformanceCounter
QueryPerformanceFrequency
LCMapStringW
WaitForSingleObject
InterlockedCompareExchange
GetLastError
CreateEventW
CloseHandle
CreateFileW
WideCharToMultiByte
CreateDirectoryW
CreateProcessW
MoveFileExW
Sleep
CopyFileW
GetExitCodeProcess
FileTimeToSystemTime
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
SetFilePointer
GetCurrentProcess
WriteFile
FormatMessageW
GetModuleFileNameW
SetLastError
WaitForMultipleObjects
DuplicateHandle
CreateThread
MultiByteToWideChar
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
GetSystemDirectoryW
RemoveDirectoryW
FreeLibrary
GetTickCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
RaiseException
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
LoadLibraryA

user32

GetWindowDC
wvsprintfW
DrawTextW
GetFocus
DialogBoxParamW
GetSystemMetrics
CreateWindowExW
GetParent
CharNextW
IsWindowEnabled
GetClientRect
BeginPaint
GetDC
GetWindowRect
GetWindowLongW
InvalidateRect
ReleaseDC
ScrollWindow
SetWindowLongW
EndDialog
SetWindowPos
LoadStringW
CheckDlgButton
IsDlgButtonChecked
MessageBoxW
SendMessageW
CallWindowProcW
DefWindowProcW
EndPaint
TrackMouseEvent
GetWindowTextW

gdi32

SelectObject
GetStockObject
CreatePen
Rectangle
GetTextExtentPoint32W
SetTextColor
CreateFontIndirectW
SetBkMode
DeleteObject
GetObjectW
CreateSolidBrush

advapi32

OpenProcessToken
GetSidLengthRequired
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
GetSecurityDescriptorSacl
GetTokenInformation
LookupAccountSidW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
BuildExplicitAccessWithNameW
SetEntriesInAclW

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
SHFileOperationW
ShellExecuteExW

hwsignature

GenHWID

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

InitCommonControlsEx

msimg32

GradientFill

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/SeFastInstall.exe
.exe windows:4 windows x86 arch:x86

c0d57ecc800f41ae26efe3c6fdf09a55

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\Bin\Release\sewin.pdb

Imports

kernel32

DeleteCriticalSection
InterlockedDecrement
lstrcmpW
GlobalUnlock
GlobalLock
GetCurrentThreadId
CreateThread
CreateProcessW
CloseHandle
WaitForSingleObject
LoadLibraryExW
FindResourceW
FreeLibrary
LoadResource
GetModuleHandleW
MoveFileW
DeleteFileW
CreateFileMappingW
CreateDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
InterlockedExchangeAdd
GetFileSize
MoveFileExW
ResumeThread
SuspendThread
AllocConsole
SizeofResource
RaiseException
SetEnvironmentVariableA
CompareStringW
CompareStringA
InterlockedIncrement
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
IsValidCodePage
GetOEMCP
GetStdHandle
GetLocalTime
HeapDestroy
MulDiv
FlushInstructionCache
GetCurrentProcess
GetProcAddress
lstrcmpiW
LoadLibraryW
EnterCriticalSection
OutputDebugStringA
InitializeCriticalSection
GetModuleFileNameW
SetEndOfFile
lstrlenW
LeaveCriticalSection
SetLastError
GlobalAlloc
FindNextFileW
FindFirstFileW
SystemTimeToFileTime
GetLastError
WideCharToMultiByte
SetFilePointer
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetTimeZoneInformation
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalFree
HeapReAlloc
CopyFileA
lstrcatA
GetSystemDirectoryA
CreateFileA
lstrcpyA
DeviceIoControl
GetVersionExA
LocalAlloc
LoadLibraryA
lstrlenA
QueueUserWorkItem
SetEvent
CreateEventW
LocalFree
GetModuleFileNameA
VirtualQuery
SetFileAttributesW
GetFileAttributesW
HeapFree
GetProcessHeap
HeapAlloc
ReadFile
WriteFile
GetTickCount
CreateFileW
Sleep
HeapCreate
MultiByteToWideChar

user32

GetWindowLongW
SetWindowPos
ClientToScreen
MapWindowPoints
UnregisterClassA
IsCharAlphaNumericA
wsprintfA
PostThreadMessageW
RedrawWindow
SendMessageW
PostQuitMessage
GetClientRect
RegisterClassExW
DestroyWindow
LoadCursorW
CharNextW
SystemParametersInfoW
InvalidateRgn
GetClassInfoExW
CreateAcceleratorTableW
SetWindowTextW
InvalidateRect
GetDesktopWindow
PostMessageW
DefWindowProcW
ScreenToClient
GetForegroundWindow
SetWindowLongW
CallWindowProcW
ShowWindow
IsChild
MoveWindow
GetSysColor
BeginPaint
GetFocus
LoadImageW
ReleaseDC
GetSystemMetrics
DispatchMessageW
GetDlgItem
GetDC
TranslateMessage
GetWindowTextW
GetMessageW
PeekMessageW
ReleaseCapture
GetParent
IsWindow
EndPaint
SetCapture
SetFocus
RegisterWindowMessageW
KillTimer
GetWindowRect
GetWindow
FillRect
CreateWindowExW
GetWindowTextLengthW
SetTimer
DestroyAcceleratorTable
GetClassNameW

gdi32

SelectObject
CreateCompatibleDC
CreateSolidBrush
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GetObjectW
CreateCompatibleBitmap

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExW
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA

shell32

SHCreateDirectoryExW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

OleLockRunning
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
OleUninitialize
CLSIDFromString
CoTaskMemRealloc
CLSIDFromProgID
CoTaskMemFree
StringFromGUID2
CoGetClassObject
CoUninitialize
CoInitialize

oleaut32

OleCreateFontIndirect
VarUI4FromStr
VariantInit
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysStringByteLen

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

connect
inet_addr
WSAStartup
closesocket
socket
ntohs
sendto
select
getsockname
listen
accept
ioctlsocket
__WSAFDIsSet
WSACleanup
bind
htons
inet_ntoa
gethostbyname
WSAGetLastError
recv
send
shutdown

wininet

HttpSendRequestA
InternetCloseHandle
HttpOpenRequestW
InternetConnectW
InternetOpenA
HttpQueryInfoA
InternetCrackUrlA
InternetReadFile
InternetOpenUrlA
InternetSetOptionW
InternetOpenW
InternetQueryDataAvailable
InternetSetOptionA
InternetQueryOptionA
InternetConnectA
HttpOpenRequestA
InternetGetCookieA

shlwapi

PathAppendW
PathFileExistsW
SHGetValueW
SHSetValueW
SHGetValueA
SHDeleteValueW

comctl32

InitCommonControlsEx

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/SkinReg.exe
.exe windows:5 windows x86 arch:x86

e3230c6c8709cf5ac30d94d77c75b70d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\SkinReg.pdb

Imports

kernel32

GetDriveTypeA
SetEnvironmentVariableA
CompareStringW
CreateFileA
CompareStringA
GetLastError
WriteConsoleW
GetSystemDefaultLangID
GetConsoleOutputCP
SetFilePointer
VirtualQuery
CreateProcessW
SetUnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleW
WriteFile
LoadLibraryW
FormatMessageW
GetModuleFileNameW
CreateFileW
GetProcAddress
GetLocalTime
lstrcatW
IsDebuggerPresent
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
CreateDirectoryW
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
GetTempPathW
InterlockedIncrement
InterlockedCompareExchange
WideCharToMultiByte
MultiByteToWideChar
MoveFileExW
WaitForSingleObject
Sleep
CopyFileW
GetExitCodeProcess
FileTimeToSystemTime
GetFileTime
DeleteFileW
SetFileAttributesW
CreateEventW
WaitForMultipleObjects
DuplicateHandle
LocalFree
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryW
RemoveDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
GetFileSize
ReadFile
FlushFileBuffers
DeleteFileA
HeapFree
HeapAlloc
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
RtlUnwind
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetModuleHandleA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
FreeLibrary
LoadLibraryA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA

user32

GetWindowRect
GetWindowDC
DrawTextW
SetForegroundWindow
GetFocus
DialogBoxParamW
GetParent
TrackMouseEvent
IsWindowEnabled
GetClientRect
BeginPaint
GetForegroundWindow
DestroyWindow
GetWindowLongW
GetWindowTextW
ReleaseDC
ScrollWindow
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
IsDlgButtonChecked
CreateWindowExW
MessageBoxW
SendMessageW
CallWindowProcW
DefWindowProcW
SystemParametersInfoW
GetSystemMetrics
wvsprintfW
InvalidateRect
EndPaint
GetDC

gdi32

SetTextColor
GetObjectW
GetTextExtentPoint32W
CreateSolidBrush
GetStockObject
CreatePen
Rectangle
SelectObject
DeleteObject
SetBkMode
CreateFontIndirectW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

InitCommonControlsEx

msimg32

GradientFill

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW

shell32

ShellExecuteExW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/SogouCloud.exe
.exe windows:5 windows x86 arch:x86

34b2a3cc38fe315dbb33b7f5c8d27d80

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\SogouCloud.pdb

Imports

imm32

ImmDisableIME

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ws2_32

send
WSAStartup
WSACleanup
gethostbyaddr
closesocket
WSASetLastError
getservbyname
socket
recv
getservbyport
setsockopt
ntohs
gethostbyname
connect
inet_ntoa
htons
WSAGetLastError
htonl
inet_addr

kernel32

CreateFileMappingW
OpenFileMappingW
CloseHandle
GetCommandLineW
GetCurrentProcess
GetModuleHandleW
LoadLibraryW
GetModuleFileNameW
GetTempPathW
GetProcAddress
GetCurrentProcessId
InterlockedIncrement
SetFilePointer
CreateProcessW
WriteFile
FormatMessageW
ExitThread
SetLastError
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
DuplicateHandle
LocalFree
CreateThread
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
Sleep
OpenEventW
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
CreateMutexW
WaitForSingleObject
OpenMutexW
ReleaseMutex
MoveFileExW
CreateDirectoryW
FileTimeToSystemTime
DeleteFileW
SetFileAttributesW
WideCharToMultiByte
MultiByteToWideChar
GetSystemDirectoryW
RemoveDirectoryW
GetLastError
ReadFile
FlushFileBuffers
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
SetEvent
ConnectNamedPipe
CreateNamedPipeW
InterlockedExchange
GetOverlappedResult
DisconnectNamedPipe
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
GetFullPathNameW
GetCurrentDirectoryA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileW
UnmapViewOfFile
MapViewOfFile
GetFileSize

user32

wvsprintfW
GetSystemMetrics

advapi32

OpenProcessToken
LookupAccountSidW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetTokenInformation
AddAccessAllowedAceEx

shell32

SHGetFolderPathW

wininet

InternetGetConnectedState

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/SogouTSF.dll
.dll regsvr32 windows:5 windows x86 arch:x86

e17e7d48a2766708ae271ae8943badf6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\SogouTSF.pdb

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
GetModuleFileNameA
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
HeapAlloc
RaiseException
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

advapi32

RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW

ole32

CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/UserPage.exe
.exe windows:5 windows x86 arch:x86

a9894b65c66ecf6fddc8a4551b659af3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\UserPage.pdb

Imports

imm32

ImmGetContext
ImmSetConversionStatus
ImmDisableIME

kernel32

Module32FirstW
Module32NextW
FindResourceW
LoadResource
SizeofResource
GetCurrentThreadId
GetLastError
CreateEventW
Sleep
CreateThread
CloseHandle
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
GetModuleFileNameW
InitializeCriticalSection
SetEnvironmentVariableA
WriteConsoleW
CompareStringA
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetLocaleInfoW
GetProcessHeap
SetEndOfFile
SetStdHandle
GetFullPathNameA
GetConsoleMode
GetConsoleCP
GetModuleHandleA
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameW
GetConsoleOutputCP
GetStartupInfoA
SetHandleCount
CompareStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
QueryPerformanceCounter
QueryPerformanceFrequency
LCMapStringW
WaitForSingleObject
InterlockedCompareExchange
InterlockedExchange
CreateFileW
WideCharToMultiByte
CreateDirectoryW
SetFilePointer
CreateProcessW
GetCurrentProcess
WriteFile
GlobalAlloc
FormatMessageW
ExitThread
SetLastError
GlobalFree
WaitForMultipleObjects
DuplicateHandle
LocalFree
GetFileSize
ReadFile
FlushFileBuffers
SetFileAttributesW
MoveFileExW
CopyFileW
FileTimeToSystemTime
GetFileTime
DeleteFileW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
GetProcAddress
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
GetTempPathW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetCurrentProcessId
InterlockedIncrement
OpenEventW
CreateMutexW
OpenMutexW
ReleaseMutex
GetSystemDirectoryW
RemoveDirectoryW
InterlockedDecrement
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalHandle
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
ExitProcess
ResumeThread
GetSystemTimeAsFileTime
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetTimeZoneInformation
GetDriveTypeA
FindFirstFileA
GetFileType
RaiseException
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
LockResource

user32

ReleaseCapture
SendMessageW
GetDlgCtrlID
SetWindowTextW
GetCursorPos
SetWindowLongW
GetClassNameW
GetWindowLongW
OffsetRect
GetClientRect
MoveWindow
IsDialogMessageW
GetKeyboardLayoutList
ActivateKeyboardLayout
IsIconic
LoadStringW
GetSystemMetrics
wvsprintfW
SetClassLongW
DrawFocusRect
TrackMouseEvent
DefWindowProcW
IsWindowVisible
RegisterClassExW
BeginPaint
KillTimer
EndPaint
CallWindowProcW
PtInRect
GetMonitorInfoW
GetCursor
SetCursorPos
SetRect
GetAsyncKeyState
SubtractRect
MonitorFromPoint
UpdateLayeredWindow
DestroyWindow
LoadImageW
LoadBitmapW
GetDesktopWindow
CreateDialogParamW
CheckDlgButton
DialogBoxParamW
SetForegroundWindow
SetCapture
TranslateMessage
FindWindowW
DispatchMessageW
GetParent
CreateWindowExW
SetCursor
LoadCursorW
PostMessageW
IsWindowEnabled
IsDlgButtonChecked
EnableWindow
SetTimer
TrackPopupMenu
FillRect
DrawTextW
GetDC
InflateRect
IntersectRect
InvalidateRect
AppendMenuW
ReleaseDC
SetWindowPos
CreatePopupMenu
SetMenuInfo
MessageBoxW
GetDlgItemTextW
DestroyMenu
SetMenuItemInfoW
GetWindowTextW
SetDlgItemTextW
PostQuitMessage
GetDlgItem
EndDialog
ShowWindow
RedrawWindow
GetMessageW
PeekMessageW
PostThreadMessageW
SetWindowRgn
GetWindowRect

gdi32

SetTextColor
GetObjectW
CreateCompatibleDC
DeleteDC
CreatePen
Rectangle
CreateCompatibleBitmap
SetBkMode
DeleteObject
GetDeviceCaps
CreateFontIndirectW
LineTo
BitBlt
MoveToEx
GetTextExtentPoint32W
SelectObject
CreateRoundRectRgn
GetTextMetricsW
GetCharABCWidthsFloatW
ExtCreateRegion
OffsetRgn
StretchBlt
CreateDIBSection
SelectClipRgn
GetTextExtentExPointW
CreateRectRgn
CombineRgn
GetPixel
SetBkColor
GetStockObject
CreateSolidBrush

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetSetOptionW
HttpQueryInfoW
InternetCloseHandle
HttpOpenRequestW
HttpSendRequestW
InternetConnectW
InternetCanonicalizeUrlW

comctl32

InitCommonControlsEx

msimg32

TransparentBlt
AlphaBlend
GradientFill

advapi32

GetTokenInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueW
LookupAccountSidW
AddAccessAllowedAceEx
OpenProcessToken
RegSetValueExW
RegCloseKey

shell32

ShellExecuteW
SHGetFolderPathW

Sections

.text
Size: 815KB - Virtual size: 814KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/ZipLib.dll
.dll windows:5 windows x86 arch:x86

3a66351d63cefec54e84e7d49764aa2e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
GetTempPathA
DeleteFileA
CreateFileA
lstrcpynA
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetProcessHeap
GetDriveTypeA
InitializeCriticalSection
GetVolumeInformationA
LeaveCriticalSection
InterlockedExchange
EnterCriticalSection
CreateMutexA
ReleaseMutex
CloseHandle
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
RemoveDirectoryW
FileTimeToLocalFileTime
GetVersion
FindNextFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
lstrlenA
lstrcmpiA
DosDateTimeToFileTime
SetVolumeLabelA
SetFilePointer
GetLocaleInfoA
SetEndOfFile
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
LocalFileTimeToFileTime
lstrcpyA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FindClose
GetLastError
GetTempPathW
MultiByteToWideChar
CopyFileW
WideCharToMultiByte
CreateDirectoryW
MoveFileExW
FindFirstFileW
RemoveDirectoryA
CreateDirectoryA
GetFileTime
TerminateProcess
SetEnvironmentVariableW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
MoveFileA
SetStdHandle
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
RaiseException
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ReadFile
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW

user32

OemToCharA
CharToOemA

advapi32

GetSecurityDescriptorGroup
IsValidSecurityDescriptor
GetSecurityDescriptorSacl
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
IsValidAcl
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
OpenProcessToken
GetSecurityDescriptorDacl

Exports

Exports

FreeUnzipBuf
GetDllVersionA
PrepareUnzipFile
SetZipLevel
UnZip
UnZip2
UnZipEx
UnZipEx2
UnZipFile
ZipFolder
ZipFolderEx

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/ZipLib64.dll
.dll windows:5 windows x64 arch:x64

f5a5d1a4c00c70e0643a04f3887fbffb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileW
GetTempPathA
DeleteFileA
CreateFileA
lstrcpynA
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetProcessHeap
GetDriveTypeA
InitializeCriticalSection
GetVolumeInformationA
LeaveCriticalSection
EnterCriticalSection
CreateMutexA
ReleaseMutex
CloseHandle
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
RemoveDirectoryW
FileTimeToLocalFileTime
GetVersion
FindNextFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
lstrlenA
lstrcmpiA
DosDateTimeToFileTime
SetVolumeLabelA
SetFilePointer
GetLocaleInfoA
SetEndOfFile
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
LocalFileTimeToFileTime
lstrcpyA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FindClose
GetLastError
GetTempPathW
MultiByteToWideChar
CopyFileW
WideCharToMultiByte
CreateDirectoryW
MoveFileExW
FindFirstFileW
RemoveDirectoryA
CreateDirectoryA
GetFileTime
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
SetEnvironmentVariableW
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
MoveFileA
SetStdHandle
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ReadFile
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW

user32

OemToCharA
CharToOemA

advapi32

GetSecurityDescriptorGroup
IsValidSecurityDescriptor
GetSecurityDescriptorSacl
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
IsValidAcl
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
OpenProcessToken
GetSecurityDescriptorDacl

Exports

Exports

FreeUnzipBuf
GetDllVersionA
PrepareUnzipFile
SetZipLevel
UnZip
UnZip2
UnZipEx
UnZipEx2
UnZipFile
ZipFolder
ZipFolderEx

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/config.exe
.exe windows:5 windows x86 arch:x86

b358a780885213866b662f6078afa44b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\config.pdb

Imports

imm32

ImmGetHotKey
ImmAssociateContext
ImmNotifyIME
ImmReleaseContext
ImmSetHotKey
ImmGetContext

msimg32

GradientFill
TransparentBlt
AlphaBlend

comctl32

ImageList_LoadImageW
InitCommonControlsEx
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Create

kernel32

GetFullPathNameW
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryA
GetDateFormatA
GetCurrentDirectoryA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetModuleFileNameW
CompareStringW
OpenEventW
GetExitCodeProcess
GetTickCount
CloseHandle
OpenFileMappingW
CreateFileMappingW
GetLocalTime
GetLastError
CreateFileW
Sleep
GetTimeFormatA
HeapSize
WriteFile
WaitForSingleObject
GetCurrentProcess
GetModuleFileNameA
GetStdHandle
VirtualAlloc
UnmapViewOfFile
VirtualFree
HeapCreate
IsValidCodePage
GetOEMCP
MapViewOfFile
FindFirstFileW
GetSystemDefaultLangID
CompareStringA
QueryPerformanceCounter
QueryPerformanceFrequency
LCMapStringW
WideCharToMultiByte
InterlockedCompareExchange
SetEvent
InterlockedExchange
CreateEventW
CreateDirectoryW
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedIncrement
GetTempFileNameW
CreateProcessW
MoveFileExW
GlobalAlloc
CopyFileW
FileTimeToSystemTime
GlobalFree
GetFileTime
GetCurrentThreadId
DeleteFileW
SetFileAttributesW
SetFilePointer
FormatMessageW
ExitThread
SetLastError
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryW
FindClose
RemoveDirectoryW
FindNextFileW
GetCommandLineW
GetModuleHandleW
LoadLibraryW
GetTempPathW
GetProcAddress
GetCurrentProcessId
InterlockedDecrement
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
DeleteFileA
VirtualQuery
SetUnhandledExceptionFilter
lstrcatW
IsDebuggerPresent
lstrcpyW
InitializeCriticalSection
FindResourceW
LoadResource
SizeofResource
LockResource
GlobalLock
GlobalUnlock
GlobalReAlloc
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
GlobalHandle
FreeLibrary
LoadLibraryExW
ExpandEnvironmentStringsW
GetLocaleInfoW
EnumSystemLocalesW
GetEnvironmentVariableW
HeapFree
HeapAlloc
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
ExitProcess
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetFileType
RaiseException
GetCPInfo
LCMapStringA
GetStringTypeW
GetACP

user32

GetDlgCtrlID
CopyRect
CheckRadioButton
CheckDlgButton
IsDlgButtonChecked
CreateWindowExW
GetAsyncKeyState
SetTimer
KillTimer
GetWindowDC
GetClassNameW
SetForegroundWindow
DialogBoxParamW
EndPaint
DestroyWindow
SetCursor
ScreenToClient
SystemParametersInfoW
wvsprintfW
GetWindowThreadProcessId
GetPropW
RegisterClassExW
SetPropW
GetClassInfoExW
PostQuitMessage
RemovePropW
GetTopWindow
GetDCEx
DialogBoxIndirectParamW
InflateRect
LoadImageW
LoadBitmapW
GetDesktopWindow
SetRect
UpdateLayeredWindow
GetMonitorInfoW
GetCursor
RedrawWindow
SetCursorPos
IntersectRect
SubtractRect
MonitorFromPoint
SetWindowRgn
IsIconic
VkKeyScanW
GetKeyboardLayoutList
LoadStringW
LoadKeyboardLayoutW
UnloadKeyboardLayout
GetWindowRect
FillRect
SetCapture
PostMessageW
DrawTextW
GetFocus
GetParent
TrackMouseEvent
LoadCursorW
IsWindowEnabled
FindWindowW
GetClientRect
SetFocus
SetRectEmpty
BeginPaint
PtInRect
GetDC
GetCapture
DrawFocusRect
LoadIconW
OffsetRect
InvalidateRect
GetWindowLongW
GetWindowTextW
ReleaseDC
GetDlgItem
ScrollWindow
SetWindowLongW
EndDialog
GetSysColor
SetWindowPos
GetCursorPos
ShowWindow
CreateDialogParamW
IsWindow
MessageBoxW
ReleaseCapture
GetSystemMetrics
IsWindowVisible
SendMessageW
EnableWindow
SetWindowTextW
CallWindowProcW
DefWindowProcW
GetWindow
MoveWindow
ClientToScreen
GetWindowTextLengthW
SetDlgItemTextW
GetDlgItemTextW
SetScrollInfo
GetScrollInfo
SetScrollRange

gdi32

EnumFontFamiliesExW
LineTo
CreateFontW
DeleteDC
GetDeviceCaps
MoveToEx
StretchBlt
GetStockObject
CreatePen
GetObjectW
Rectangle
SelectObject
DeleteObject
SetBkMode
CreateFontIndirectW
SetTextColor
OffsetRgn
GetCharABCWidthsFloatW
CombineRgn
ExtCreateRegion
GetClipRgn
CreateDIBSection
CreateRectRgn
GetFontData
GetPixel
CreateCompatibleBitmap
SelectClipRgn
CreateRectRgnIndirect
ExtSelectClipRgn
GetTextMetricsW
GetTextExtentExPointW
BitBlt
RoundRect
CreateCompatibleDC
TextOutW
GetTextExtentPoint32W
SetBkColor
CreateSolidBrush

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

shell32

SHFileOperationW
ExtractIconW
SHGetSpecialFolderPathW
SHGetFolderPathW
ShellExecuteW

hwsignature

GenHWID

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

StrStrIW
SHDeleteKeyW

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
SetEntriesInAclW
GetSidLengthRequired
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
OpenProcessToken
GetTokenInformation
RegOpenKeyW
LookupAccountSidW
RegEnumKeyW
RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegFlushKey
RegSetValueExW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
SetSecurityInfo

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 198KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/crashrpt.exe
.exe windows:4 windows x86 arch:x86

9f38f2de4b5d67cc87c34c984b4c2485

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmDisableIME

mfc42

ord4627
ord4424
ord3610
ord800
ord654
ord656
ord641
ord860
ord1146
ord1168
ord540
ord341
ord567
ord324
ord825
ord2302
ord4710
ord2818
ord6199
ord537
ord858
ord4129
ord5683
ord941
ord4853
ord1200
ord3873
ord4376
ord6880
ord2379
ord5572
ord2915
ord4275
ord3721
ord3619
ord795
ord283
ord823
ord3663
ord4080
ord2414
ord1641
ord2860
ord755
ord5678
ord3797
ord3874
ord5789
ord5787
ord5875
ord5873
ord6172
ord5736
ord470
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord3079
ord3825
ord3831
ord3830
ord3402
ord2976
ord1576
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3597
ord4425
ord5280
ord1775
ord6052
ord2514
ord4998
ord5265
ord4234
ord3626

msvcrt

_exit
_onexit
__dllonexit
__p___argc
__p___argv
atoi
malloc
_XcptFilter
rand
sprintf
_mbsrchr
fopen
fclose
fgetws
_setmbcp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
free
_controlfp
memset
__CxxFrameHandler
_EH_prolog
strcpy
wcsncmp
rewind
fwrite
_mbslwr
_mbsstr
_mbsnbcpy
strlen
strcat

kernel32

ReadFile
Sleep
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
CreateFileA
GetModuleHandleA
GetStartupInfoA
GetFileSize
CloseHandle
GetModuleFileNameA
CreateDirectoryA
CopyFileA
GetProcAddress
LoadLibraryA
DeleteFileA
FreeLibrary
GetWindowsDirectoryA

user32

FillRect
RedrawWindow
GetSystemMetrics
DrawIcon
GetSysColor
EnableWindow
LoadCursorA
CopyIcon
GetMessagePos
ScreenToClient
GetWindowRect
PtInRect
SetCursor
ShowWindow
SendMessageA
LoadIconA
DestroyCursor
SetTimer
GetClientRect

gdi32

GetStockObject
GetObjectA
CreateFontIndirectA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA
ExtractIconA

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

wininet

HttpOpenRequestA
InternetConnectA
InternetSetOptionA
InternetOpenA
HttpQueryInfoA
InternetOpenUrlA
InternetReadFile
HttpSendRequestA
HttpEndRequestA
InternetCloseHandle
HttpAddRequestHeadersA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/install64.exe
.exe windows:5 windows x64 arch:x64

e6a9f4b2ee4fdafd8599a669ae7433b8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

imm32

ImmInstallIMEW
ImmGetIMEFileNameW
ImmDisableIME

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

kernel32

GetCurrentProcess
GetCommandLineW
DeleteCriticalSection
lstrcmpiW
EnterCriticalSection
GetProcAddress
GetLastError
RaiseException
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
LoadResource
FreeLibrary
FindResourceW
GetSystemDirectoryW
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
LocalFree
InitializeCriticalSection
SetFilePointer
RtlCaptureContext
VirtualQuery
CreateProcessW
SetUnhandledExceptionFilter
RtlVirtualUnwind
WriteFile
LoadLibraryW
FormatMessageW
CreateFileW
RtlLookupFunctionEntry
GetLocalTime
lstrcatW
IsDebuggerPresent
GetCurrentThreadId
GetCurrentProcessId
lstrcpyW
GetTempPathW
ExitThread
SetLastError
CreateEventW
WaitForMultipleObjects
DuplicateHandle
CreateThread
FindFirstFileW
MoveFileExW
FindClose
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
CreateDirectoryW
WaitForSingleObject
Sleep
CopyFileW
FileTimeToSystemTime
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
GetLocaleInfoW
EnumSystemLocalesW
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwindEx
HeapSetInformation
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
RtlPcToFileHeader
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetTimeZoneInformation
LoadLibraryA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
SetStdHandle

user32

SendMessageW
GetClientRect
SetWindowTextW
GetDlgItem
LoadIconW
SetWindowLongPtrW
CreateDialogParamW
EndDialog
BeginPaint
GetWindowLongPtrW
LoadStringW
DestroyWindow
EndPaint
wvsprintfW
GetSystemMetrics
CharNextW
DialogBoxParamW
UnloadKeyboardLayout
LoadKeyboardLayoutW
MessageBoxW
GetKeyboardLayoutList

advapi32

RegDeleteKeyW
RegCreateKeyExW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
GetTokenInformation
LookupAccountSidW
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegUnLoadKeyW
RegLoadKeyW
ConvertSidToStringSidW
AdjustTokenPrivileges
RegFlushKey
RegEnumValueW
LookupPrivilegeValueW
LookupAccountNameW
RegOpenKeyW
RegQueryValueExW
RegEnumKeyW
RegCreateKeyW
OpenProcessToken
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
RegQueryInfoKeyW

shell32

ExtractIconW
CommandLineToArgvW
SHFileOperationW
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon

Sections

.text
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/sgim_annex.bin
5.2.0.5374/sgutil.dll
.dll windows:5 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

RunSohuNewsDirectly
StartPopupServer

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 681KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 630KB - Virtual size: 629KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 981KB - Virtual size: 981KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
5.2.0.5374/sogoupinyintray.exe
.exe windows:5 windows x86 arch:x86

26ed2e28378fe2de2d08be17e9e74bae

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\sogoupinyintray.pdb

Imports

kernel32

CopyFileW
FileTimeToSystemTime
GetFileTime
DeleteFileW
SetFileAttributesW
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
GetSystemDirectoryW
RemoveDirectoryW
GetFileSize
ReadFile
FlushFileBuffers
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
FreeLibrary
CompareStringW
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalHandle
CreateFileA
CreateFileMappingA
OpenFileMappingA
GetWindowsDirectoryA
FindResourceW
MoveFileExW
SizeofResource
LockResource
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoW
GetSystemTimeAsFileTime
ResumeThread
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
GetDriveTypeA
FindFirstFileA
GetFileType
HeapSize
GetStdHandle
GetModuleFileNameA
LoadLibraryA
HeapCreate
VirtualFree
VirtualAlloc
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetFullPathNameA
SetStdHandle
SetEndOfFile
GetProcessHeap
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
GetTempFileNameW
GetModuleHandleW
InterlockedIncrement
GetCurrentProcessId
GetProcAddress
GetTempPathW
LoadLibraryW
GetCommandLineW
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
OpenEventW
Sleep
CreateThread
LocalFree
DuplicateHandle
GetCurrentThreadId
WaitForMultipleObjects
GlobalFree
SetLastError
ExitThread
GetModuleFileNameW
FormatMessageW
GlobalAlloc
WriteFile
GetCurrentProcess
CreateProcessW
SetFilePointer
CreateDirectoryW
WideCharToMultiByte
CreateFileW
CloseHandle
CreateEventW
GetLastError
InterlockedExchange
SetEvent
InterlockedCompareExchange
WaitForSingleObject
LCMapStringW
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
LoadResource

user32

GetClientRect
CreateDialogParamW
DialogBoxParamW
GetClassNameW
EnumWindows
ClientToScreen
SetScrollInfo
PostThreadMessageW
CopyRect
PtInRect
GetAsyncKeyState
SetRect
IntersectRect
SetCursorPos
RedrawWindow
GetCursor
ReleaseCapture
GetMonitorInfoW
MoveWindow
DrawTextW
LoadCursorW
InflateRect
IsWindowVisible
IsIconic
FindWindowW
UpdateLayeredWindow
SetTimer
KillTimer
GetDC
ReleaseDC
DestroyWindow
GetDlgItem
EndDialog
LoadBitmapW
IsWindow
SendMessageW
SetWindowTextW
MsgWaitForMultipleObjectsEx
GetMenuItemInfoW
LoadStringW
FillRect
SetMenuItemBitmaps
AppendMenuW
GetSysColor
SetMenuInfo
SetMenuItemInfoW
MapVirtualKeyW
GetMenuItemID
MenuItemFromPoint
GetMenuItemRect
TrackPopupMenuEx
SetWindowLongW
SetWindowPos
CreatePopupMenu
GetMenuItemCount
DestroyMenu
wvsprintfW
GetWindowRect
GetWindowLongW
GetSystemMetrics
MessageBoxW
GetParent
TrackMouseEvent
DispatchMessageW
DefWindowProcW
CreateWindowExW
PeekMessageW
CallWindowProcW
LoadImageW
OffsetRect
GetDesktopWindow
SetCursor
RegisterClassExW
TranslateMessage
BeginPaint
SetForegroundWindow
SetWindowRgn
MonitorFromPoint
SetCapture
SubtractRect
ShowWindow
GetCursorPos
LoadIconW
EndPaint
RegisterWindowMessageW
PostQuitMessage
ScreenToClient
PostMessageW

shell32

SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderPathW
Shell_NotifyIconW

imm32

ImmDisableIME

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

msimg32

GradientFill
TransparentBlt
AlphaBlend

gdi32

CreateFontIndirectW
SetTextColor
GetStockObject
DeleteDC
CombineRgn
LineTo
BitBlt
MoveToEx
Rectangle
StretchBlt
GetFontData
GetTextExtentExPointW
CreateCompatibleBitmap
SelectClipRgn
SetBkMode
GetClipRgn
OffsetRgn
ExtCreateRegion
GetCharABCWidthsFloatW
GetTextMetricsW
GetTextExtentPoint32W
CreateRectRgn
CreatePen
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
GetPixel
CreateSolidBrush

advapi32

InitializeAcl
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAceEx
LookupAccountSidW
GetTokenInformation
OpenProcessToken
SetEntriesInAclW
RegOpenKeyW
RegQueryValueW
SetSecurityInfo
RegCloseKey
RegOpenKeyExW
RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW

comctl32

InitCommonControlsEx

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5.2.0.5374/sysmodel.bin
5.2.0.5374/userNetSchedule.exe
.exe windows:5 windows x86 arch:x86

7274c8e660c0bb3846718eb19cf46a17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

10/07/2009, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sogoupy_R_5_2\PinyinDev\bin\SogouInput\userNetSchedule.pdb

Imports

kernel32

Module32FirstW
Sleep
GetLastError
CopyFileW
CloseHandle
GetProcAddress
GetModuleHandleW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
QueryPerformanceCounter
QueryPerformanceFrequency
LCMapStringW
WaitForSingleObject
InterlockedCompareExchange
CreateEventW
WaitNamedPipeW
CreateFileW
WideCharToMultiByte
CreateDirectoryW
DeleteFileW
GetFileSize
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
SetLastError
SetFileAttributesW
GetTempFileNameW
CreateProcessW
MoveFileExW
FileTimeToSystemTime
GetCurrentThreadId
GetCurrentProcess
FormatMessageW
GetModuleFileNameW
WaitForMultipleObjects
DuplicateHandle
LocalFree
CreateThread
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CreateMutexW
OpenMutexW
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
InterlockedIncrement
FindFirstFileW
FindClose
LocalAlloc
FindNextFileW
SetPriorityClass
OpenProcess
GetCurrentProcessId
GetCommandLineW
LoadLibraryW
GetTempPathW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenEventW
InterlockedDecrement
GetSystemDirectoryW
RemoveDirectoryW
FreeLibrary
DeleteFileA
GetTickCount
VirtualQuery
SetUnhandledExceptionFilter
GetLocalTime
lstrcatW
IsDebuggerPresent
lstrcpyW
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
GetStartupInfoW
FileTimeToLocalFileTime
GetDriveTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetTimeZoneInformation
RaiseException
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
LCMapStringA
GetFullPathNameW
GetCurrentDirectoryA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
Module32NextW

user32

wvsprintfW
CreateWindowExW
DestroyWindow
LoadIconW
GetSystemMetrics

shell32

Shell_NotifyIconW
SHFileOperationW
SHGetFolderPathW
ShellExecuteW

imm32

ImmDisableIME

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetSetOptionW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetQueryOptionW
HttpSendRequestExW
InternetConnectW
InternetWriteFile
HttpSendRequestW
HttpOpenRequestW
InternetGetConnectedState
HttpAddRequestHeadersW
HttpEndRequestW
HttpQueryInfoW

advapi32

RegOpenKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
GetNamedSecurityInfoW
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
RegCreateKeyExW
RegCloseKey
AddAccessAllowedAceEx
RegQueryValueExW
GetSidLengthRequired
LookupAccountSidW
GetTokenInformation
OpenProcessToken
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 868KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.4MB

UPX1 Size: 20KB - Virtual size: 20KB

.rsrc Size: 142KB - Virtual size: 144KB

02a9058c889f86b891a63b683ab98a79

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

38dceb82fae7283ed5314e7a5a2dfc53

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

UPX0
Size: - Virtual size: 1.4MB

UPX1
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 142KB - Virtual size: 144KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 14KB - Virtual size: 13KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

72:d3:ce:02:eb:71:f7:99:ec:b5:f8:bb:79:66:28:a6
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 424KB - Virtual size: 423KB

.data
Size: 60KB - Virtual size: 105KB

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 110KB - Virtual size: 109KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB