0a5639ebeca1022961263ad892c83557_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a5639ebeca1022961263ad892c83557_JaffaCakes118
Size

3.2MB
MD5

0a5639ebeca1022961263ad892c83557
SHA1

e0765c04e7972a77124003cb3ce7329d99d11703
SHA256

263f09469b3d0c130aa86d2210be5068677062ec89206d02c6ce83a00d32cedf
SHA512

4d540ad0ccb02bb2adbb37b8c085332f2363fedd0e16cc5320465fa1e78fcbb4e4a5ef15c2e67dcaa71144dda82487883636f9f5b609064c3b3452c284245a23
SSDEEP

98304:Kj66Tdx+8vMRxqqj3cx3WhwzayFSIf3TT:Kj6A+8vMie0HP

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/l2half/ALAudio.dll
unpack001/l2half/D3DDrv.dll
unpack001/l2half/DSETUP.dll
unpack001/l2half/DefOpenAL32.dll
unpack001/l2half/encvag.dll

Files

0a5639ebeca1022961263ad892c83557_JaffaCakes118
.rar
l2half/ALAudio.dll
.dll windows:4 windows x86 arch:x86

7234f3af159626ae720e7976ae912c5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

core

??1FArray@@QAE@XZ
?Remove@FArray@@QAEXHHH@Z
?Rename@UObject@@UAEXPBGPAV1@@Z
?OnEvent@UObject@@UAEXABVFString@@0@Z
?ConditionalDestroy@UObject@@QAEHXZ
?ClearL2Game@UObject@@UAEXXZ
?IsPendingKill@UObject@@UAEHXZ
?Empty@FArray@@QAEXHH@Z
?StaticAllocateObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@11@Z
?LanguageChange@UObject@@UAEXXZ
??0FName@@QAE@PBGW4EFindName@@@Z
?Add@FArray@@QAEHHH@Z
?Register@UObject@@UAEXXZ
?ScriptConsoleExec@UObject@@UAEHPBGAAVFOutputDevice@@PAV1@@Z
?GError@@3PAVFOutputDeviceError@@A
?CallFunction@UObject@@UAEXAAUFFrame@@QAXPAVUFunction@@@Z
?InitExecution@UObject@@UAEXXZ
?GotoLabel@UObject@@UAEHVFName@@@Z
?GotoState@UObject@@UAE?AW4EGotoState@@VFName@@@Z
?PostLoad@UObject@@UAEXXZ
?Modify@UObject@@UAEXXZ
?ProcessRemoteFunction@UObject@@UAEHPAVUFunction@@PAXPAUFFrame@@@Z
?ProcessState@UObject@@UAEXM@Z
?ProcessDelegate@UObject@@UAEXVFName@@PAUFScriptDelegate@@PAX2@Z
?ProcessEvent@UObject@@UAEXPAVUFunction@@PAX1@Z
??1FString@@QAE@XZ
?Release@UObject@@UAGKXZ
??4FString@@QAEAAV0@ABV0@@Z
?AddRef@UObject@@UAGKXZ
?QueryInterface@UObject@@UAGKABVFGuid@@PAPAX@Z
??1FCriticalSection@@QAE@XZ
??0FString@@QAE@ABV0@@Z
?appFailAssert@@YAXPBD0H@Z
?GMalloc@@3PAVFMalloc@@A
?Tick@USubsystem@@UAEXM@Z
??0FArray@@IAE@HH@Z
?IsLoaded@UObject@@UAEHXZ
?NetDirty@UObject@@UAEXPAVUProperty@@@Z
??3UIntProperty@@SAXPAXPAVUObject@@PBGK@Z
?Unlock@FCriticalSection@@QAEXXZ
??3UIntProperty@@SAXPAX@Z
?Lock@FCriticalSection@@QAEXXZ
?GCountryCode@@3PAGA
?GConfig@@3PAVFConfigCache@@A
??0FCriticalSection@@QAE@XZ
??KFVector@@QBE?AV0@M@Z
??2UIntProperty@@SAPAXIPAVUObject@@PBGK@Z
?appStrcpy@@YAPAGPAGPBG@Z
??9FString@@QBEHPBG@Z
?GLog@@3PAVFOutputDevice@@A
??1UClass@@UAE@XZ
?Printf@FString@@SA?AV1@PBGZZ
?GetID@UProperty@@UBEEXZ
?Port@UProperty@@UBEHXZ
?appSecondsQPC@@YANXZ
?DestroyValue@UProperty@@UBEXPAX@Z
?ParseCommand@@YAHPAPBGPBG@Z
?CopyCompleteValue@UProperty@@UBEXPAX0PAVUObject@@@Z
??HFString@@QAE?AV0@ABV0@@Z
?appFreeDllHandle@@YAXPAX@Z
?appStrfind@@YAPBGPBG0@Z
??0UFloatProperty@@QAE@W4ECppProperty@@HPBGK@Z
?GIsNative@@3HA
?ExportText@UProperty@@UBEHHAAVFString@@PAE1H@Z
?appGetDllHandle@@YAPAXPBG@Z
??1UFloatProperty@@UAE@XZ
?IsValid@UObject@@QAEHXZ
??0FVector@@QAE@XZ
?GetPathName@UObject@@QBEPBGPAV1@PAG@Z
?ExportCpp@UProperty@@UBEXAAVFOutputDevice@@HHHH@Z
??DFString@@QBEPBGXZ
??3UFloatProperty@@SAXPAXPAVUObject@@PBGK@Z
?appFromAnsi@@YAPBGPBDPAG@Z
?GetFullName@UObject@@QBEPBGPAG@Z
?Empty@FString@@QAEXXZ
?PrivateStaticClass@UObject@@0VUClass@@A
??3UFloatProperty@@SAXPAX@Z
?CopyCompleteValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
?CleanupDestroyed@UProperty@@UBEXPAE@Z
?GetTransientPackage@UObject@@SAPAVUPackage@@XZ
?CopySingleValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
?Serialize@UProperty@@UAEXAAVFArchive@@@Z
??4FString@@QAEAAV0@PBG@Z
?Logf2@FOutputDevice@@QAAXPBGZZ
??2UFloatProperty@@SAPAXIPAVUObject@@PBGK@Z
?ImportText@UFloatProperty@@UBEPBGPBGPAEHH@Z
?StaticLoadObject@UObject@@SAPAV1@PAVUClass@@PAV1@PBG2KPAVUPackageMap@@@Z
?Logf2@FOutputDevice@@QAAXW4EName@@PBGZZ
?ExportTextItem@UFloatProperty@@UBEXAAVFString@@PAE1H@Z
??0FString@@QAE@PBG@Z
?StaticFindObject@UObject@@SAPAV1@PAVUClass@@PAV1@PBGH@Z
?Logf@FOutputDevice@@QAAXPBGZZ
??0UClass@@QAE@W4ENativeConstructor@@KKPAV0@1VFGuid@@PBG33KP6AXPAX@ZP8UObject@@AEXXZ@Z
?ExportCppItem@UFloatProperty@@UBEXAAVFOutputDevice@@H@Z
??0UBoolProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0FString@@QAE@XZ
?NetSerializeItem@UFloatProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?CopySingleValue@UBoolProperty@@UBEXPAX0PAVUObject@@@Z
?GFileStream@@3PAVFFileStream@@A
?SerializeItem@UFloatProperty@@UBEXAAVFArchive@@PAXH@Z
?DestroyStream@FFileStream@@QAEXHH@Z
?PostEditChange@UObject@@UAEXXZ
?ImportText@UBoolProperty@@UBEPBGPBGPAEHH@Z
??1UBoolProperty@@UAE@XZ
?Identical@UFloatProperty@@UBEHPBX0@Z
?appSqrt@@YANN@Z
?CopyCompleteValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?QueryStream@FFileStream@@QAEHHAAH@Z
?ShutdownAfterError@UObject@@UAEXXZ
?GAudioDefaultRadius@@3MA
?ExportTextItem@UBoolProperty@@UBEXAAVFString@@PAE1H@Z
?GObjObjects@UObject@@1V?$TArray@PAVUObject@@@@A
?Link@UFloatProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?CopySingleValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?RequestChunks@FFileStream@@QAEXHHPAX@Z
?ExportCppItem@UBoolProperty@@UBEXAAVFOutputDevice@@H@Z
??3UBoolProperty@@SAXPAXPAVUObject@@PBGK@Z
?ImportText@UIntProperty@@UBEPBGPBGPAEHH@Z
?appGetDllExport@@YAPAXPAXPBG@Z
?CreateStream@FFileStream@@QAEHPBGHHPAXW4EFileStreamType@@1@Z
?NetSerializeItem@UBoolProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
??3UBoolProperty@@SAXPAX@Z
?Serialize@UObject@@UAEXAAVFArchive@@@Z
?ExportTextItem@UIntProperty@@UBEXAAVFString@@PAE1H@Z
?StaticConfigName@UObject@@SAPBGXZ
?SerializeItem@UBoolProperty@@UBEXAAVFArchive@@PAXH@Z
?Normalize@FVector@@QAEHXZ
?Destroy@UObject@@UAEXXZ
?ExportCppItem@UIntProperty@@UBEXAAVFOutputDevice@@H@Z
?Identical@UBoolProperty@@UBEHPBX0@Z
??2UBoolProperty@@SAPAXIPAVUObject@@PBGK@Z
?GetPropertiesSize@UField@@UAEHXZ
?appUnwindf@@YAXPBGZZ
?NetSerializeItem@UIntProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?AddZeroed@FArray@@QAEHHH@Z
?Link@UBoolProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?Size@FVector@@QBEMXZ
?GetOwnerClass@UField@@UAEPAVUClass@@XZ
?appStrcmp@@YAHPBG0@Z
?SerializeItem@UIntProperty@@UBEXAAVFArchive@@PAXH@Z
?Serialize@UBoolProperty@@UAEXAAVFArchive@@@Z
?Bind@UField@@UAEXXZ
?appAtof@@YAMPBG@Z
?Identical@UIntProperty@@UBEHPBX0@Z
?GAudioMaxRadiusMultiplier@@3MA
??0UIntProperty@@QAE@W4ECppProperty@@HPBGK@Z
?MergeBools@UField@@UAEHXZ
?Link@UIntProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?GL2ReplayMode@@3HA
?AddCppProperty@UField@@UAEXPAVUProperty@@@Z
?GLanguageType@@3HA
?GIsEditor@@3HA
?appRand@@YAHXZ
??1UIntProperty@@UAE@XZ
?Register@UField@@UAEXXZ
?appMemset@@YAXPAXHH@Z
?PostLoad@UField@@UAEXXZ

engine

??4UAudioSubsystem@@QAEAAV0@ABV0@@Z
??0UAudioSubsystem@@QAE@ABV0@@Z
?CleanUp@UAudioSubsystem@@UAEXXZ
??1UAudioSubsystem@@UAE@XZ
?GetDuration@USound@@UAEMXZ
??0USound@@QAE@PBGH@Z
?PostLoad@USound@@UAEXXZ
??1USound@@UAE@XZ
?Destroy@USound@@UAEXXZ
?PrivateStaticClass@ALineagePlayerController@@0VUClass@@A
?IsSoundNight@UL2NEnvManager@@QAEHXZ
?Serialize@USound@@UAEXAAVFArchive@@@Z
?IsSoundDay@UL2NEnvManager@@QAEHXZ
?PS2Convert@USound@@UAEXXZ
??3USound@@SAXPAXPAVUObject@@PBGK@Z
??3USound@@SAXPAX@Z
?ReadWaveInfo@FWaveModInfo@@QAEHAAV?$TArray@E@@@Z
??2USound@@SAPAXIPAVUObject@@PBGK@Z
?L2GetPhysicsVolume@ALevelInfo@@QAEPAVAPhysicsVolume@@VFVector@@PAVAActor@@H@Z
?GStats@@3VFStats@@A
?GetZonePlayState@UAmbientSoundObject@@QAEHXZ
?PointRegion@UModel@@QBE?AUFPointRegion@@PAVAZoneInfo@@VFVector@@@Z
?Audio@USound@@2PAVUAudioSubsystem@@A
?PrivateStaticClass@UAmbientSoundObject@@0VUClass@@A
?PrivateStaticClass@UMasterLevel@@0VUClass@@A
?GetCurZoneRenderState@AZoneInfo@@QAEHXZ
?PrivateStaticClass@UAudioSubsystem@@0VUClass@@A
?PrivateStaticClass@USound@@0VUClass@@A
??0UAudioSubsystem@@IAE@XZ
?IsSaveState@FL2ReplayManager@@QAEHXZ
?AddMusicName@FL2ReplayManager@@QAEXABVFString@@H@Z
?RegisterStats@FStats@@QAEHW4EStatsType@@W4EStatsDataType@@VFString@@2W4EStatsUnit@@@Z
?IsPlayedUntilEnd@USound@@QAEHXZ

vorbisfile

ov_pcm_total
ov_info
ov_time_total

kernel32

GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
VirtualAlloc
WriteFile
LoadLibraryA
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException

Exports

Exports

??0UALAudioSubsystem@@QAE@ABV0@@Z
??0UALAudioSubsystem@@QAE@XZ
??1UALAudioSubsystem@@UAE@XZ
??2UALAudioSubsystem@@SAPAXIPAVUObject@@PBGK@Z
??2UALAudioSubsystem@@SAPAXIPAW4EInternal@@@Z
??3UALAudioSubsystem@@SAXPAX@Z
??3UALAudioSubsystem@@SAXPAXPAVUObject@@@Z
??3UALAudioSubsystem@@SAXPAXPAVUObject@@PBG@Z
??3UALAudioSubsystem@@SAXPAXPAVUObject@@PBGK@Z
??3UALAudioSubsystem@@SAXPAXPAW4EInternal@@@Z
??4UALAudioSubsystem@@QAEAAV0@ABV0@@Z
??_7UALAudioSubsystem@@6BFExec@@@
??_7UALAudioSubsystem@@6BUObject@@@
?ChangeVoiceChatter@UALAudioSubsystem@@UAEXKKH@Z
?CheckSoundResource@UALAudioSubsystem@@UAEHPAVUSound@@@Z
?ControllMusicResource@UALAudioSubsystem@@UAEXM@Z
?Destroy@UALAudioSubsystem@@UAEXXZ
?EnterVoiceChat@UALAudioSubsystem@@UAEXXZ
?Exec@UALAudioSubsystem@@UAEHPBGAAVFOutputDevice@@@Z
?FindExt@UALAudioSubsystem@@QAEHPBG@Z
?FindProc@UALAudioSubsystem@@QAEXAAPAXPAD1AAHH@Z
?FindProcs@UALAudioSubsystem@@QAEXH@Z
?GEmptySoundSlot@UALAudioSubsystem@@2V?$TArray@H@@A
?GSoundObject@UALAudioSubsystem@@2V?$TArray@PAVUSound@@@@A
?GetMusicVolume@UALAudioSubsystem@@UAEMXZ
?GetNewStream@UALAudioSubsystem@@QAEHXZ
?GetOggVoiceVolume@UALAudioSubsystem@@UAEMXZ
?GetSoundVolume@UALAudioSubsystem@@UAEMXZ
?GetViewport@UALAudioSubsystem@@UAEPAVUViewport@@XZ
?GetWavVoiceVolume@UALAudioSubsystem@@UAEMXZ
?Init@UALAudioSubsystem@@UAEHXZ
?InternalConstructor@UALAudioSubsystem@@SAXPAX@Z
?IsMusicPlaying@UALAudioSubsystem@@UAEHXZ
?IsOggVoicePlaying@UALAudioSubsystem@@UAEHXZ
?IsPlaying@UALAudioSubsystem@@UAEHPAVAActor@@PAVUSound@@@Z
?IsPlayingInZone@UALAudioSubsystem@@AAE_NPAVULevel@@PAVUAmbientSoundObject@@@Z
?IsUseZoneState@UALAudioSubsystem@@AAE_NPAVULevel@@PAVUAmbientSoundObject@@@Z
?IsVaild@UALAudioSubsystem@@UAEHXZ
?IsValidGetStream@UALAudioSubsystem@@UAEHXZ
?IsVoiceEnd@UALAudioSubsystem@@UAEHXZ
?IsWavVoicePlaying@UALAudioSubsystem@@UAEHXZ
?LeaveVoiceChat@UALAudioSubsystem@@UAEXXZ
?LowQualitySound@UALAudioSubsystem@@UAEHXZ
?NoteDestroy@UALAudioSubsystem@@UAEXPAVAActor@@@Z
?NoteDestroy@UALAudioSubsystem@@UAEXPAVULevelObject@@@Z
?PlayMusic@UALAudioSubsystem@@UAEHABVFString@@MHHMHH@Z
?PlayPrevMusic@UALAudioSubsystem@@UAEXMHHMH@Z
?PlaySoundW@UALAudioSubsystem@@UAEHPAVAActor@@HPAVUSound@@VFVector@@MMMHMMH@Z
?PlaySoundW@UALAudioSubsystem@@UAEHPAVAActor@@HPAVUSound@@VFVector@@MMMHMMMMMH@Z
?PlaySoundW@UALAudioSubsystem@@UAEHPAVUSound@@PAVULevelObject@@HVFVector@@MMMHMMH@Z
?PlayVoice@UALAudioSubsystem@@UAEHVFString@@MHHH@Z
?PostEditChange@UALAudioSubsystem@@UAEXXZ
?PrivateStaticClass@UALAudioSubsystem@@0VUClass@@A
?RegisterSound@UALAudioSubsystem@@UAEXPAVUSound@@@Z
?SeeIfAnyNewAmbientSoundsNeedToBeStarted@UALAudioSubsystem@@QAEXHPAVULevel@@ABVFVector@@HN@Z
?Serialize@UALAudioSubsystem@@UAEXAAVFArchive@@@Z
?SetI3DL2Listener@UALAudioSubsystem@@QAEXPAVUI3DL2Listener@@@Z
?SetMusicVolume@UALAudioSubsystem@@UAEXHMM@Z
?SetMusicVolume@UALAudioSubsystem@@UAEXM@Z
?SetOggVoiceVolume@UALAudioSubsystem@@UAEXM@Z
?SetSoundVolume@UALAudioSubsystem@@UAEXM@Z
?SetViewport@UALAudioSubsystem@@UAEXPAVUViewport@@@Z
?SetVolumes@UALAudioSubsystem@@QAEXXZ
?SetWavVoiceVolume@UALAudioSubsystem@@UAEXM@Z
?ShutdownAfterError@UALAudioSubsystem@@UAEXXZ
?SoundPriority@UALAudioSubsystem@@QAEMPAVUViewport@@VFVector@@MMH@Z
?StaticClass@UALAudioSubsystem@@SAPAVUClass@@XZ
?StaticConstructor@UALAudioSubsystem@@QAEXXZ
?StopAllMusic@UALAudioSubsystem@@UAEHMH@Z
?StopAllVoice@UALAudioSubsystem@@UAEHMH@Z
?StopMusic@UALAudioSubsystem@@UAEHHMH@Z
?StopSound@UALAudioSubsystem@@QAEXHM@Z
?StopSound@UALAudioSubsystem@@UAEHPAVAActor@@PAVUSound@@M@Z
?StopSound@UALAudioSubsystem@@UAEHPAVUSound@@PAVULevelObject@@M@Z
?UnregisterSound@UALAudioSubsystem@@UAEXPAVUSound@@@Z
?Update@UALAudioSubsystem@@UAEXPAVFSceneNode@@@Z
?UpdateAllPlayingAmbientSounds@UALAudioSubsystem@@QAEXABVFVector@@HPAVUEngine@@@Z
?UpdateAmbientSounds@UALAudioSubsystem@@QAEXAAV?$TArray@UALAmbient@@@@PAVUAmbientSoundObject@@PAVULevel@@AAVFVector@@@Z
?UpdateAmbientSounds@UALAudioSubsystem@@QAEXAAV?$TArray@UALAmbient@@@@PAVULevel@@ABVFVector@@H@Z
?UpdateIfSourceHasActor@UALAudioSubsystem@@QAEXHAAVFVector@@ABV2@@Z
?UpdateIfSourceHasLevelObject@UALAudioSubsystem@@QAEXH@Z
?UpdateStreamingSounds@UALAudioSubsystem@@QAEXH@Z
?alError@UALAudioSubsystem@@QAEHPAGH@Z
GPackage
_DllMain@12
autoclassUALAudioSubsystem

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
l2half/ALAudio.int
l2half/ActionName-e.dat
l2half/AdditionalEffect.dat
l2half/CastleName-e.dat
l2half/Charcreategrp.dat
l2half/Chargrp.dat
l2half/ClassInfo-e.dat
l2half/Cloak.int
l2half/CommandName-e.dat
l2half/Core.dll
.dll windows:4 windows x86 arch:x86

78c79f9b9cbfe33211f74c63007ca9af

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

44:e7:9d:6c:c8:65:3f:d7:be:4d:f0:eb:b7:dd:b7:dc
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

23/12/2009, 00:00

Not After

21/02/2012, 23:59

Subject

CN=NCsoft Corp.,OU=System Operation Team,O=NCsoft Corp.,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

vorbisfile

ov_clear
ov_time_seek
ov_read
ov_open2

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

iphlpapi

GetAdaptersInfo

kernel32

SetEndOfFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentThreadId
SetThreadPriority
CreateThread
CreateEventW
InterlockedIncrement
WaitForSingleObject
InterlockedExchange
SetEvent
TerminateThread
MultiByteToWideChar
LoadLibraryW
GetVersionExA
Sleep
SetConsoleCtrlHandler
FreeLibrary
CloseHandle
FormatMessageW
GetLastError
GetProcAddress
CreateProcessW
GetVersionExW
FormatMessageA
LeaveCriticalSection
CompareStringA
DebugBreak
GetExitCodeProcess
GetSystemInfo
GetCurrentProcess
EnterCriticalSection
CreateProcessA
GetModuleFileNameA
ExitProcess
GetComputerNameA
QueryPerformanceCounter
ReadFile
InitializeCriticalSection
GetModuleFileNameW
GetLocalTime
GlobalAlloc
CreateFileW
CreateFileA
LoadLibraryA
WideCharToMultiByte
GlobalMemoryStatus
GetComputerNameW
ExitThread
QueryPerformanceFrequency
GetProcessWorkingSetSize
DeleteCriticalSection
GetStringTypeW
GetStringTypeA
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
CompareStringW
LoadLibraryExW
SetEnvironmentVariableA
SetStdHandle
GetCurrentProcessId
GetTickCount
VirtualFree
HeapCreate
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetDriveTypeW
FindFirstFileW
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
HeapSize
TerminateProcess
IsDebuggerPresent
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
RaiseException
GetFullPathNameA
GetCurrentDirectoryA
RtlUnwind
GetFullPathNameW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy

user32

MessageBoxW
EmptyClipboard
PostQuitMessage
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
GetActiveWindow

shell32

ShellExecuteW
ShellExecuteA

ole32

CoCreateGuid

vcomp

omp_get_thread_num
omp_in_parallel

Exports

Exports

??0?$TArray@G@@QAE@ABV0@@Z
??0?$TArray@G@@QAE@H@Z
??0?$TArray@G@@QAE@W4ENoInit@@@Z
??0?$TArray@G@@QAE@XZ
??0?$TSingleton@VL2Configuration@@@@IAE@XZ
??0?$TSingleton@VL2Configuration@@@@QAE@ABV0@@Z
??0?$TSingleton@VL2ThreadUtil@@@@IAE@XZ
??0?$TSingleton@VL2ThreadUtil@@@@QAE@ABV0@@Z
??0FArchive@@QAE@ABV0@@Z
??0FArchive@@QAE@XZ
??0FArray@@IAE@HH@Z
??0FArray@@QAE@W4ENoInit@@@Z
??0FArray@@QAE@XZ
??0FBitReader@@QAE@ABU0@@Z
??0FBitReader@@QAE@PAEH@Z
??0FBitWriter@@QAE@ABU0@@Z
??0FBitWriter@@QAE@H@Z
??0FBitWriterMark@@QAE@AAUFBitWriter@@@Z
??0FBitWriterMark@@QAE@XZ
??0FBlowFish@@QAE@XZ
??0FBox@@QAE@ABVFVector@@0@Z
??0FBox@@QAE@H@Z
??0FBox@@QAE@PBVFVector@@H@Z
??0FBox@@QAE@XZ
??0FCoords@@QAE@ABVFVector@@000@Z
??0FCoords@@QAE@ABVFVector@@@Z
??0FCoords@@QAE@XZ
??0FCriticalSection@@QAE@XZ
??0FDependency@@QAE@PAVUClass@@H@Z
??0FDependency@@QAE@XZ
??0FFileStream@@AAE@XZ
??0FFrame@@QAE@ABU0@@Z
??0FFrame@@QAE@PAVUObject@@@Z
??0FFrame@@QAE@PAVUObject@@PAVUStruct@@HPAX@Z
??0FGenerationInfo@@QAE@HH@Z
??0FGlobalMath@@QAE@XZ
??0FINT64@@QAE@H@Z
??0FINT64@@QAE@HH@Z
??0FINT64@@QAE@XZ
??0FINT64@@QAE@_J@Z
??0FInterpCurve@@QAE@ABV0@@Z
??0FInterpCurve@@QAE@XZ
??0FLabelEntry@@QAE@VFName@@H@Z
??0FMatrix@@QAE@ABVFVector@@ABVFQuat@@@Z
??0FMatrix@@QAE@VFPlane@@000@Z
??0FMatrix@@QAE@XZ
??0FMemCache@@QAE@XZ
??0FMemMark@@QAE@AAVFMemStack@@@Z
??0FMemMark@@QAE@XZ
??0FMemStack@@QAE@XZ
??0FMemStackStats@@QAE@XZ
??0FName@@QAE@PBGW4EFindName@@@Z
??0FName@@QAE@W4EName@@@Z
??0FName@@QAE@XZ
??0FOutputDevice@@QAE@ABV0@@Z
??0FOutputDevice@@QAE@XZ
??0FPackageFileSummary@@QAE@ABU0@@Z
??0FPackageFileSummary@@QAE@XZ
??0FPackageInfo@@QAE@ABV0@@Z
??0FPackageInfo@@QAE@PAVULinkerLoad@@@Z
??0FParamMap@@QAE@ABV0@@Z
??0FParamMap@@QAE@XZ
??0FQuat@@QAE@ABVFMatrix@@@Z
??0FQuat@@QAE@MMMM@Z
??0FQuat@@QAE@XZ
??0FRotator@@QAE@ABVFQuat@@@Z
??0FRotator@@QAE@HHH@Z
??0FRotator@@QAE@XZ
??0FSingletonBase@@IAE@XZ
??0FSingletonBase@@QAE@ABV0@@Z
??0FSphere@@QAE@ABV0@@Z
??0FSphere@@QAE@ABVFVector@@M@Z
??0FSphere@@QAE@H@Z
??0FSphere@@QAE@PBVFVector@@H@Z
??0FSphere@@QAE@XZ
??0FString@@AAE@HPBG@Z
??0FString@@QAE@ABV0@@Z
??0FString@@QAE@CH@Z
??0FString@@QAE@EH@Z
??0FString@@QAE@FH@Z
??0FString@@QAE@GH@Z
??0FString@@QAE@HH@Z
??0FString@@QAE@KH@Z
??0FString@@QAE@MHHH@Z
??0FString@@QAE@NHHH@Z
??0FString@@QAE@PBD@Z
??0FString@@QAE@PBG@Z
??0FString@@QAE@W4ENoInit@@@Z
??0FString@@QAE@XZ
??0FVariance@@QAE@ABV0@@Z
??0FVariance@@QAE@ABVFString@@@Z
??0FVariance@@QAE@H@Z
??0FVariance@@QAE@M@Z
??0FVariance@@QAE@PBG@Z
??0FVariance@@QAE@_J@Z
??0FVector@@QAE@M@Z
??0FVector@@QAE@MMM@Z
??0FVector@@QAE@XZ
??0L2Configuration@@AAE@XZ
??0L2Configuration@@QAE@ABV0@@Z
??0L2ParamStack@@QAE@AAV0@@Z
??0L2ParamStack@@QAE@H@Z
??0L2ThreadBase@@QAE@ABV0@@Z
??0L2ThreadBase@@QAE@PAG@Z
??0L2ThreadStats@@QAE@XZ
??0L2ThreadUtil@@QAE@ABV0@@Z
??0L2ThreadUtil@@QAE@XZ
??0UArrayProperty@@QAE@ABV0@@Z
??0UArrayProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UArrayProperty@@QAE@XZ
??0UBoolProperty@@QAE@ABV0@@Z
??0UBoolProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UBoolProperty@@QAE@XZ
??0UByteProperty@@QAE@ABV0@@Z
??0UByteProperty@@QAE@W4ECppProperty@@HPBGKPAVUEnum@@@Z
??0UByteProperty@@QAE@XZ
??0UClass@@QAE@ABV0@@Z
??0UClass@@QAE@PAV0@@Z
??0UClass@@QAE@W4ENativeConstructor@@KKPAV0@1VFGuid@@PBG33KP6AXPAX@ZP8UObject@@AEXXZ@Z
??0UClass@@QAE@W4EStaticConstructor@@KKVFGuid@@PBG22KP6AXPAX@ZP8UObject@@AEXXZ@Z
??0UClass@@QAE@XZ
??0UClassProperty@@QAE@ABV0@@Z
??0UClassProperty@@QAE@W4ECppProperty@@HPBGKPAVUClass@@@Z
??0UClassProperty@@QAE@XZ
??0UCommandlet@@QAE@ABV0@@Z
??0UCommandlet@@QAE@XZ
??0UConst@@IAE@XZ
??0UConst@@QAE@ABV0@@Z
??0UConst@@QAE@PAV0@PBG@Z
??0UDelegateProperty@@QAE@ABV0@@Z
??0UDelegateProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UDelegateProperty@@QAE@XZ
??0UEnum@@IAE@XZ
??0UEnum@@QAE@ABV0@@Z
??0UEnum@@QAE@PAV0@@Z
??0UExporter@@QAE@ABV0@@Z
??0UExporter@@QAE@XZ
??0UFactory@@QAE@ABV0@@Z
??0UFactory@@QAE@XZ
??0UField@@IAE@XZ
??0UField@@QAE@ABV0@@Z
??0UField@@QAE@PAV0@@Z
??0UField@@QAE@W4ENativeConstructor@@PAVUClass@@PBG2KPAV0@@Z
??0UField@@QAE@W4EStaticConstructor@@PBG1K@Z
??0UFixedArrayProperty@@QAE@ABV0@@Z
??0UFixedArrayProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UFixedArrayProperty@@QAE@XZ
??0UFloatProperty@@QAE@ABV0@@Z
??0UFloatProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UFloatProperty@@QAE@XZ
??0UFunction@@IAE@XZ
??0UFunction@@QAE@ABV0@@Z
??0UFunction@@QAE@PAV0@@Z
??0UIntProperty@@QAE@ABV0@@Z
??0UIntProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UIntProperty@@QAE@XZ
??0ULanguage@@IAE@XZ
??0ULanguage@@QAE@ABV0@@Z
??0ULinker@@IAE@XZ
??0ULinker@@QAE@ABV0@@Z
??0ULinker@@QAE@PAVUObject@@@Z
??0ULinker@@QAE@PAVUObject@@PBG@Z
??0UMapProperty@@QAE@ABV0@@Z
??0UMapProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UMapProperty@@QAE@XZ
??0UNameProperty@@QAE@ABV0@@Z
??0UNameProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UNameProperty@@QAE@XZ
??0UObject@@QAE@ABV0@@Z
??0UObject@@QAE@W4EInPlaceConstructor@@PAVUClass@@PAV0@VFName@@K@Z
??0UObject@@QAE@W4ENativeConstructor@@PAVUClass@@PBG2K@Z
??0UObject@@QAE@W4EStaticConstructor@@PBG1K@Z
??0UObject@@QAE@XZ
??0UObjectExporterT3D@@QAE@ABV0@@Z
??0UObjectExporterT3D@@QAE@XZ
??0UObjectProperty@@QAE@ABV0@@Z
??0UObjectProperty@@QAE@W4ECppProperty@@HPBGKPAVUClass@@@Z
??0UObjectProperty@@QAE@XZ
??0UPackage@@QAE@ABV0@@Z
??0UPackage@@QAE@XZ
??0UPackageMap@@QAE@ABV0@@Z
??0UPackageMap@@QAE@XZ
??0UParamStack@@IAE@XZ
??0UParamStack@@QAE@ABV0@@Z
??0UProperty@@QAE@ABV0@@Z
??0UProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UProperty@@QAE@XZ
??0UState@@IAE@XZ
??0UState@@QAE@ABV0@@Z
??0UState@@QAE@PAV0@@Z
??0UState@@QAE@W4ENativeConstructor@@HPBG1KPAV0@@Z
??0UState@@QAE@W4EStaticConstructor@@HPBG1K@Z
??0UStrProperty@@QAE@ABV0@@Z
??0UStrProperty@@QAE@W4ECppProperty@@HPBGK@Z
??0UStrProperty@@QAE@XZ
??0UStruct@@IAE@XZ
??0UStruct@@QAE@ABV0@@Z
??0UStruct@@QAE@PAV0@@Z
??0UStruct@@QAE@W4ENativeConstructor@@HPBG1KPAV0@@Z
??0UStruct@@QAE@W4EStaticConstructor@@HPBG1K@Z
??0UStructProperty@@QAE@ABV0@@Z
??0UStructProperty@@QAE@W4ECppProperty@@HPBGKPAVUStruct@@@Z
??0UStructProperty@@QAE@XZ
??0USubsystem@@IAE@XZ
??0USubsystem@@QAE@ABV0@@Z
??0UTextBuffer@@QAE@ABV0@@Z
??0UTextBuffer@@QAE@PBG@Z
??0UTextBufferFactory@@QAE@ABV0@@Z
??0UTextBufferFactory@@QAE@XZ
??1?$TArray@G@@QAE@XZ
??1?$TSingleton@VL2Configuration@@@@MAE@XZ
??1?$TSingleton@VL2ThreadUtil@@@@MAE@XZ
??1FArchive@@UAE@XZ
??1FArray@@QAE@XZ
??1FBitReader@@UAE@XZ
??1FBitWriter@@UAE@XZ
??1FCriticalSection@@QAE@XZ
??1FFileStream@@AAE@XZ
??1FInterpCurve@@QAE@XZ
??1FMatrix@@QAE@XZ
??1FMemStack@@QAE@XZ
??1FMemStackFrame@@QAE@XZ
??1FPackageFileSummary@@QAE@XZ
??1FPackageInfo@@QAE@XZ
??1FParamMap@@QAE@XZ
??1FSingletonBase@@MAE@XZ
??1FString@@QAE@XZ
??1FVariance@@QAE@XZ
??1L2Configuration@@UAE@XZ
??1L2ParamStack@@QAE@XZ
??1L2ThreadBase@@UAE@XZ
??1L2ThreadUtil@@UAE@XZ
??1UArrayProperty@@UAE@XZ
??1UBoolProperty@@UAE@XZ
??1UByteProperty@@UAE@XZ
??1UClass@@UAE@XZ
??1UClassProperty@@UAE@XZ
??1UCommandlet@@UAE@XZ
??1UConst@@UAE@XZ
??1UDelegateProperty@@UAE@XZ
??1UEnum@@UAE@XZ
??1UExporter@@UAE@XZ
??1UFactory@@UAE@XZ
??1UField@@UAE@XZ
??1UFixedArrayProperty@@UAE@XZ
??1UFloatProperty@@UAE@XZ
??1UFunction@@UAE@XZ
??1UIntProperty@@UAE@XZ
??1ULanguage@@UAE@XZ
??1ULinker@@UAE@XZ
??1UMapProperty@@UAE@XZ
??1UNameProperty@@UAE@XZ
??1UObject@@UAE@XZ
??1UObjectExporterT3D@@UAE@XZ
??1UObjectProperty@@UAE@XZ
??1UPackage@@UAE@XZ
??1UPackageMap@@UAE@XZ
??1UParamStack@@UAE@XZ
??1UProperty@@UAE@XZ
??1UState@@UAE@XZ
??1UStrProperty@@UAE@XZ
??1UStruct@@UAE@XZ
??1UStructProperty@@UAE@XZ
??1USubsystem@@UAE@XZ
??1UTextBuffer@@UAE@XZ
??1UTextBufferFactory@@UAE@XZ
??2UArrayProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UArrayProperty@@SAPAXIPAW4EInternal@@@Z
??2UBoolProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UBoolProperty@@SAPAXIPAW4EInternal@@@Z
??2UByteProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UByteProperty@@SAPAXIPAW4EInternal@@@Z
??2UClass@@SAPAXIPAVUObject@@PBGK@Z
??2UClass@@SAPAXIPAW4EInternal@@@Z
??2UClassProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UClassProperty@@SAPAXIPAW4EInternal@@@Z
??2UCommandlet@@SAPAXIPAVUObject@@PBGK@Z
??2UCommandlet@@SAPAXIPAW4EInternal@@@Z
??2UConst@@SAPAXIPAVUObject@@PBGK@Z
??2UConst@@SAPAXIPAW4EInternal@@@Z
??2UDelegateProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UDelegateProperty@@SAPAXIPAW4EInternal@@@Z
??2UEnum@@SAPAXIPAVUObject@@PBGK@Z
??2UEnum@@SAPAXIPAW4EInternal@@@Z
??2UExporter@@SAPAXIPAVUObject@@PBGK@Z
??2UExporter@@SAPAXIPAW4EInternal@@@Z
??2UFactory@@SAPAXIPAVUObject@@PBGK@Z
??2UFactory@@SAPAXIPAW4EInternal@@@Z
??2UField@@SAPAXIPAVUObject@@PBGK@Z
??2UField@@SAPAXIPAW4EInternal@@@Z
??2UFixedArrayProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UFixedArrayProperty@@SAPAXIPAW4EInternal@@@Z
??2UFloatProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UFloatProperty@@SAPAXIPAW4EInternal@@@Z
??2UFunction@@SAPAXIPAVUObject@@PBGK@Z
??2UFunction@@SAPAXIPAW4EInternal@@@Z
??2UIntProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UIntProperty@@SAPAXIPAW4EInternal@@@Z
??2ULanguage@@SAPAXIPAVUObject@@PBGK@Z
??2ULanguage@@SAPAXIPAW4EInternal@@@Z
??2ULinker@@SAPAXIPAVUObject@@PBGK@Z
??2ULinker@@SAPAXIPAW4EInternal@@@Z
??2UMapProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UMapProperty@@SAPAXIPAW4EInternal@@@Z
??2UNameProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UNameProperty@@SAPAXIPAW4EInternal@@@Z
??2UObject@@SAPAXIPAV0@PBGK@Z
??2UObject@@SAPAXIPAW4EInternal@@@Z
??2UObjectExporterT3D@@SAPAXIPAVUObject@@PBGK@Z
??2UObjectExporterT3D@@SAPAXIPAW4EInternal@@@Z
??2UObjectProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UObjectProperty@@SAPAXIPAW4EInternal@@@Z
??2UPackage@@SAPAXIPAVUObject@@PBGK@Z
??2UPackage@@SAPAXIPAW4EInternal@@@Z
??2UPackageMap@@SAPAXIPAVUObject@@PBGK@Z
??2UPackageMap@@SAPAXIPAW4EInternal@@@Z
??2UParamStack@@SAPAXIPAVUObject@@PBGK@Z
??2UParamStack@@SAPAXIPAW4EInternal@@@Z
??2UProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UProperty@@SAPAXIPAW4EInternal@@@Z
??2UState@@SAPAXIPAVUObject@@PBGK@Z
??2UState@@SAPAXIPAW4EInternal@@@Z
??2UStrProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UStrProperty@@SAPAXIPAW4EInternal@@@Z
??2UStruct@@SAPAXIPAVUObject@@PBGK@Z
??2UStruct@@SAPAXIPAW4EInternal@@@Z
??2UStructProperty@@SAPAXIPAVUObject@@PBGK@Z
??2UStructProperty@@SAPAXIPAW4EInternal@@@Z
??2USubsystem@@SAPAXIPAVUObject@@PBGK@Z
??2USubsystem@@SAPAXIPAW4EInternal@@@Z
??2UTextBuffer@@SAPAXIPAVUObject@@PBGK@Z
??2UTextBuffer@@SAPAXIPAW4EInternal@@@Z
??2UTextBufferFactory@@SAPAXIPAVUObject@@PBGK@Z
??2UTextBufferFactory@@SAPAXIPAW4EInternal@@@Z
??3UArrayProperty@@SAXPAX@Z
??3UArrayProperty@@SAXPAXPAVUObject@@@Z
??3UArrayProperty@@SAXPAXPAVUObject@@PBG@Z
??3UArrayProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UArrayProperty@@SAXPAXPAW4EInternal@@@Z
??3UBoolProperty@@SAXPAX@Z
??3UBoolProperty@@SAXPAXPAVUObject@@@Z
??3UBoolProperty@@SAXPAXPAVUObject@@PBG@Z
??3UBoolProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UBoolProperty@@SAXPAXPAW4EInternal@@@Z
??3UByteProperty@@SAXPAX@Z
??3UByteProperty@@SAXPAXPAVUObject@@@Z
??3UByteProperty@@SAXPAXPAVUObject@@PBG@Z
??3UByteProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UByteProperty@@SAXPAXPAW4EInternal@@@Z
??3UClass@@SAXPAX@Z
??3UClass@@SAXPAXPAVUObject@@@Z
??3UClass@@SAXPAXPAVUObject@@PBG@Z
??3UClass@@SAXPAXPAVUObject@@PBGK@Z
??3UClass@@SAXPAXPAW4EInternal@@@Z
??3UClassProperty@@SAXPAX@Z
??3UClassProperty@@SAXPAXPAVUObject@@@Z
??3UClassProperty@@SAXPAXPAVUObject@@PBG@Z
??3UClassProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UClassProperty@@SAXPAXPAW4EInternal@@@Z
??3UCommandlet@@SAXPAX@Z
??3UCommandlet@@SAXPAXPAVUObject@@@Z
??3UCommandlet@@SAXPAXPAVUObject@@PBG@Z
??3UCommandlet@@SAXPAXPAVUObject@@PBGK@Z
??3UCommandlet@@SAXPAXPAW4EInternal@@@Z
??3UConst@@SAXPAX@Z
??3UConst@@SAXPAXPAVUObject@@@Z
??3UConst@@SAXPAXPAVUObject@@PBG@Z
??3UConst@@SAXPAXPAVUObject@@PBGK@Z
??3UConst@@SAXPAXPAW4EInternal@@@Z
??3UDelegateProperty@@SAXPAX@Z
??3UDelegateProperty@@SAXPAXPAVUObject@@@Z
??3UDelegateProperty@@SAXPAXPAVUObject@@PBG@Z
??3UDelegateProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UDelegateProperty@@SAXPAXPAW4EInternal@@@Z
??3UEnum@@SAXPAX@Z
??3UEnum@@SAXPAXPAVUObject@@@Z
??3UEnum@@SAXPAXPAVUObject@@PBG@Z
??3UEnum@@SAXPAXPAVUObject@@PBGK@Z
??3UEnum@@SAXPAXPAW4EInternal@@@Z
??3UExporter@@SAXPAX@Z
??3UExporter@@SAXPAXPAVUObject@@@Z
??3UExporter@@SAXPAXPAVUObject@@PBG@Z
??3UExporter@@SAXPAXPAVUObject@@PBGK@Z
??3UExporter@@SAXPAXPAW4EInternal@@@Z
??3UFactory@@SAXPAX@Z
??3UFactory@@SAXPAXPAVUObject@@@Z
??3UFactory@@SAXPAXPAVUObject@@PBG@Z
??3UFactory@@SAXPAXPAVUObject@@PBGK@Z
??3UFactory@@SAXPAXPAW4EInternal@@@Z
??3UField@@SAXPAX@Z
??3UField@@SAXPAXPAVUObject@@@Z
??3UField@@SAXPAXPAVUObject@@PBG@Z
??3UField@@SAXPAXPAVUObject@@PBGK@Z
??3UField@@SAXPAXPAW4EInternal@@@Z
??3UFixedArrayProperty@@SAXPAX@Z
??3UFixedArrayProperty@@SAXPAXPAVUObject@@@Z
??3UFixedArrayProperty@@SAXPAXPAVUObject@@PBG@Z
??3UFixedArrayProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UFixedArrayProperty@@SAXPAXPAW4EInternal@@@Z
??3UFloatProperty@@SAXPAX@Z
??3UFloatProperty@@SAXPAXPAVUObject@@@Z
??3UFloatProperty@@SAXPAXPAVUObject@@PBG@Z
??3UFloatProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UFloatProperty@@SAXPAXPAW4EInternal@@@Z
??3UFunction@@SAXPAX@Z
??3UFunction@@SAXPAXPAVUObject@@@Z
??3UFunction@@SAXPAXPAVUObject@@PBG@Z
??3UFunction@@SAXPAXPAVUObject@@PBGK@Z
??3UFunction@@SAXPAXPAW4EInternal@@@Z
??3UIntProperty@@SAXPAX@Z
??3UIntProperty@@SAXPAXPAVUObject@@@Z
??3UIntProperty@@SAXPAXPAVUObject@@PBG@Z
??3UIntProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UIntProperty@@SAXPAXPAW4EInternal@@@Z
??3ULanguage@@SAXPAX@Z
??3ULanguage@@SAXPAXPAVUObject@@@Z
??3ULanguage@@SAXPAXPAVUObject@@PBG@Z
??3ULanguage@@SAXPAXPAVUObject@@PBGK@Z
??3ULanguage@@SAXPAXPAW4EInternal@@@Z
??3ULinker@@SAXPAX@Z
??3ULinker@@SAXPAXPAVUObject@@@Z
??3ULinker@@SAXPAXPAVUObject@@PBG@Z
??3ULinker@@SAXPAXPAVUObject@@PBGK@Z
??3ULinker@@SAXPAXPAW4EInternal@@@Z
??3UMapProperty@@SAXPAX@Z
??3UMapProperty@@SAXPAXPAVUObject@@@Z
??3UMapProperty@@SAXPAXPAVUObject@@PBG@Z
??3UMapProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UMapProperty@@SAXPAXPAW4EInternal@@@Z
??3UNameProperty@@SAXPAX@Z
??3UNameProperty@@SAXPAXPAVUObject@@@Z
??3UNameProperty@@SAXPAXPAVUObject@@PBG@Z
??3UNameProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UNameProperty@@SAXPAXPAW4EInternal@@@Z
??3UObject@@SAXPAX@Z
??3UObject@@SAXPAXPAV0@@Z
??3UObject@@SAXPAXPAV0@PBG@Z
??3UObject@@SAXPAXPAV0@PBGK@Z
??3UObject@@SAXPAXPAW4EInternal@@@Z
??3UObjectExporterT3D@@SAXPAX@Z
??3UObjectExporterT3D@@SAXPAXPAVUObject@@@Z
??3UObjectExporterT3D@@SAXPAXPAVUObject@@PBG@Z
??3UObjectExporterT3D@@SAXPAXPAVUObject@@PBGK@Z
??3UObjectExporterT3D@@SAXPAXPAW4EInternal@@@Z
??3UObjectProperty@@SAXPAX@Z
??3UObjectProperty@@SAXPAXPAVUObject@@@Z
??3UObjectProperty@@SAXPAXPAVUObject@@PBG@Z
??3UObjectProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UObjectProperty@@SAXPAXPAW4EInternal@@@Z
??3UPackage@@SAXPAX@Z
??3UPackage@@SAXPAXPAVUObject@@@Z
??3UPackage@@SAXPAXPAVUObject@@PBG@Z
??3UPackage@@SAXPAXPAVUObject@@PBGK@Z
??3UPackage@@SAXPAXPAW4EInternal@@@Z
??3UPackageMap@@SAXPAX@Z
??3UPackageMap@@SAXPAXPAVUObject@@@Z
??3UPackageMap@@SAXPAXPAVUObject@@PBG@Z
??3UPackageMap@@SAXPAXPAVUObject@@PBGK@Z
??3UPackageMap@@SAXPAXPAW4EInternal@@@Z
??3UParamStack@@SAXPAX@Z
??3UParamStack@@SAXPAXPAVUObject@@@Z
??3UParamStack@@SAXPAXPAVUObject@@PBG@Z
??3UParamStack@@SAXPAXPAVUObject@@PBGK@Z
??3UParamStack@@SAXPAXPAW4EInternal@@@Z
??3UProperty@@SAXPAX@Z
??3UProperty@@SAXPAXPAVUObject@@@Z
??3UProperty@@SAXPAXPAVUObject@@PBG@Z
??3UProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UProperty@@SAXPAXPAW4EInternal@@@Z
??3UState@@SAXPAX@Z
??3UState@@SAXPAXPAVUObject@@@Z
??3UState@@SAXPAXPAVUObject@@PBG@Z
??3UState@@SAXPAXPAVUObject@@PBGK@Z
??3UState@@SAXPAXPAW4EInternal@@@Z
??3UStrProperty@@SAXPAX@Z
??3UStrProperty@@SAXPAXPAVUObject@@@Z
??3UStrProperty@@SAXPAXPAVUObject@@PBG@Z
??3UStrProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UStrProperty@@SAXPAXPAW4EInternal@@@Z
??3UStruct@@SAXPAX@Z
??3UStruct@@SAXPAXPAVUObject@@@Z
??3UStruct@@SAXPAXPAVUObject@@PBG@Z
??3UStruct@@SAXPAXPAVUObject@@PBGK@Z
??3UStruct@@SAXPAXPAW4EInternal@@@Z
??3UStructProperty@@SAXPAX@Z
??3UStructProperty@@SAXPAXPAVUObject@@@Z
??3UStructProperty@@SAXPAXPAVUObject@@PBG@Z
??3UStructProperty@@SAXPAXPAVUObject@@PBGK@Z
??3UStructProperty@@SAXPAXPAW4EInternal@@@Z
??3USubsystem@@SAXPAX@Z
??3USubsystem@@SAXPAXPAVUObject@@@Z
??3USubsystem@@SAXPAXPAVUObject@@PBG@Z
??3USubsystem@@SAXPAXPAVUObject@@PBGK@Z
??3USubsystem@@SAXPAXPAW4EInternal@@@Z
??3UTextBuffer@@SAXPAX@Z
??3UTextBuffer@@SAXPAXPAVUObject@@@Z
??3UTextBuffer@@SAXPAXPAVUObject@@PBG@Z
??3UTextBuffer@@SAXPAXPAVUObject@@PBGK@Z
??3UTextBuffer@@SAXPAXPAW4EInternal@@@Z
??3UTextBufferFactory@@SAXPAX@Z

Sections

.text
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 342KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
l2half/Core.int
l2half/Core.u
l2half/CreditFont.gly
l2half/Creditgrp-e.dat
l2half/D3DDrv.dll
.dll windows:4 windows x86 arch:x86

7b2be962421024771c5523b6347610e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

d3d9

Direct3DCreate9

ddraw

DirectDrawCreateEx

core

?DynamicReloadCheck@UCommandlet@@UAEHH@Z
??YFString@@QAEAAV0@ABV0@@Z
?appUnwindf@@YAXPBGZZ
??1FString@@QAE@XZ
?GMalloc@@3PAVFMalloc@@A
??4FString@@QAEAAV0@ABV0@@Z
?GSEKScreenY@@3HA
?GSEKScreenX@@3HA
??0FString@@QAE@PBG@Z
??YFString@@QAEAAV0@PBG@Z
??DFString@@QBEPBGXZ
?appItoa@@YAPAGH@Z
?Printf@FString@@SA?AV1@PBGZZ
??4FString@@QAEAAV0@PBG@Z
?GetObj@?$TSingleton@VL2Configuration@@@@SAAAVL2Configuration@@XZ
?Logf@FOutputDevice@@QAAXPBGZZ
?Add@FArray@@QAEHHH@Z
?GWarn@@3PAVFFeedbackContext@@A
?winToUNICODE@@YAPAGPAGPBDH@Z
?winGetSizeUNICODE@@YAHPBD@Z
?appFailAssert@@YAXPBD0H@Z
?Remove@FArray@@QAEXHHH@Z
??8FString@@QBEHABV0@@Z
?winGetSizeANSI@@YAHPBG@Z
?GL2HDREffectType@@3HA
?GConfig@@3PAVFConfigCache@@A
??0FString@@QAE@ABV0@@Z
??0FString@@QAE@XZ
??0FArray@@IAE@HH@Z
?GError@@3PAVFOutputDeviceError@@A
??1FArray@@QAE@XZ
?GIsUCC@@3HA
?Logf@FOutputDevice@@QAAXW4EName@@PBGZZ
?winToANSI@@YAPADPADPBGH@Z
?appFromAnsi@@YAPBGPBDPAG@Z
?ByteOrderSerialize@FArchive@@QAEAAV1@PAXH@Z
??8FString@@QBEHPBG@Z
?GCRCTable@@3PAKA
?GLog@@3PAVFOutputDevice@@A
?Logf2@FOutputDevice@@QAAXPBGZZ
?Logf2@FOutputDevice@@QAAXW4EName@@PBGZZ
?appLoadFileToString@@YAHAAVFString@@PBGPAVFFileManager@@@Z
??0FSingletonBase@@IAE@XZ
??1FSingletonBase@@MAE@XZ
??6@YAAAVFArchive@@AAV0@AAVFString@@@Z
?GFileManager@@3PAVFFileManager@@A
??6@YAAAVFArchive@@AAV0@AAVFCompactIndex@@@Z
?GNull@@3PAVFOutputDevice@@A
?Realloc@FArray@@IAEXH@Z
?CountBytes@FArray@@QAEXAAVFArchive@@H@Z
?appFloor@@YAHM@Z
?ProcessState@UObject@@UAEXM@Z
?Identity@FMatrix@@2V1@A
?ProcessDelegate@UObject@@UAEXVFName@@PAUFScriptDelegate@@PAX2@Z
?ProcessEvent@UObject@@UAEXPAVUFunction@@PAX1@Z
??0FSphere@@QAE@ABV0@@Z
?Release@UObject@@UAGKXZ
?AddRef@UObject@@UAGKXZ
?QueryInterface@UObject@@UAGKABVFGuid@@PAPAX@Z
?Tick@USubsystem@@UAEXM@Z
?NetDirty@UObject@@UAEXPAVUProperty@@@Z
?OnEvent@UObject@@UAEXABVFString@@0@Z
?ClearL2Game@UObject@@UAEXXZ
?IsLoaded@UObject@@UAEHXZ
?IsPendingKill@UObject@@UAEHXZ
?Rename@UObject@@UAEXPBGPAV1@@Z
?ConditionalDestroy@UObject@@QAEHXZ
??1FMatrix@@QAE@XZ
?StaticAllocateObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@11@Z
?LanguageChange@UObject@@UAEXXZ
?Register@UObject@@UAEXXZ
?ScriptConsoleExec@UObject@@UAEHPBGAAVFOutputDevice@@PAV1@@Z
?CallFunction@UObject@@UAEXAAUFFrame@@QAXPAVUFunction@@@Z
?PostEditChange@UObject@@UAEXXZ
?ShutdownAfterError@UObject@@UAEXXZ
?InitExecution@UObject@@UAEXXZ
?GotoLabel@UObject@@UAEHVFName@@@Z
?GotoState@UObject@@UAE?AW4EGotoState@@VFName@@@Z
?Serialize@UObject@@UAEXAAVFArchive@@@Z
??0FName@@QAE@PBGW4EFindName@@@Z
?PostLoad@UObject@@UAEXXZ
?Modify@UObject@@UAEXXZ
?ProcessRemoteFunction@UObject@@UAEHPAVUFunction@@PAXPAUFFrame@@@Z
?appStrcmp@@YAHPBG0@Z
?GSecondsPerCycle@@3NA
?GLanguageType@@3HA
?appSprintf@@YAHPAGPBGZZ
??9FString@@QBEHPBG@Z
?Empty@FString@@QAEXXZ
?GetPathName@UObject@@QBEPBGPAV1@PAG@Z
?appSecondsQPC@@YANXZ
?Coords@FMatrix@@QAE?AVFCoords@@XZ
?GMakeCacheIDIndex@@3_KA
?Normalize@FVector@@QAEHXZ
??8FMatrix@@QBEHAAV0@@Z
?SafeNormal@FVector@@QBE?AV1@XZ
??KFVector@@QBE?AV0@M@Z
?GetTransientPackage@UObject@@SAPAVUPackage@@XZ
?StaticConstructObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@1@Z
?Register@UField@@UAEXXZ
??1UBoolProperty@@UAE@XZ
?GL2Shader@@3HA
?GMachineVideo@@3PAGA
?ParseParam@@YAHPBG0@Z
??2UFloatProperty@@SAPAXIPAVUObject@@PBGK@Z
?Serialize@UProperty@@UAEXAAVFArchive@@@Z
?appCmdLine@@YAPBGXZ
??3UFloatProperty@@SAXPAXPAVUObject@@PBGK@Z
?PostLoad@UField@@UAEXXZ
?GIsRequestingExit@@3HA
?GL2UseTrilinear@@3HA
??0UFloatProperty@@QAE@W4ECppProperty@@HPBGK@Z
?GetID@UProperty@@UBEEXZ
??3UFloatProperty@@SAXPAX@Z
?appRound@@YAHM@Z
?Port@UProperty@@UBEHXZ
?appPow@@YANNN@Z
?DestroyValue@UProperty@@UBEXPAX@Z
??2UIntProperty@@SAPAXIPAVUObject@@PBGK@Z
?CopyCompleteValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
??3UIntProperty@@SAXPAXPAVUObject@@PBGK@Z
?CopySingleValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
??0UIntProperty@@QAE@W4ECppProperty@@HPBGK@Z
?ExportText@UProperty@@UBEHHAAVFString@@PAE1H@Z
?CopyCompleteValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?ParseCommand@@YAHPAPBGPBG@Z
?ImportText@UFloatProperty@@UBEPBGPBGPAEHH@Z
?CopySingleValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?ExportTextItem@UFloatProperty@@UBEXAAVFString@@PAE1H@Z
?appAtoi@@YAHPBG@Z
?ImportText@UIntProperty@@UBEPBGPBGPAEHH@Z
??2UBoolProperty@@SAPAXIPAVUObject@@PBGK@Z
?NetSerializeItem@UFloatProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
??1UFloatProperty@@UAE@XZ
?NEAR_CLIPPING_PLANE@@3MA
?ExportTextItem@UIntProperty@@UBEXAAVFString@@PAE1H@Z
?SerializeItem@UFloatProperty@@UBEXAAVFArchive@@PAXH@Z
?appAtof@@YAMPBG@Z
?NetSerializeItem@UIntProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?GL2Antialiasing@@3HA
??3UBoolProperty@@SAXPAXPAVUObject@@PBGK@Z
?ExportCppItem@UFloatProperty@@UBEXAAVFOutputDevice@@H@Z
?Parse@@YAHPBG0AAK@Z
?SerializeItem@UIntProperty@@UBEXAAVFArchive@@PAXH@Z
??0UBoolProperty@@QAE@W4ECppProperty@@HPBGK@Z
?ExportCpp@UProperty@@UBEXAAVFOutputDevice@@HHHH@Z
?Parse@@YAHPBG0AAH@Z
?ExportCppItem@UIntProperty@@UBEXAAVFOutputDevice@@H@Z
?CopyCompleteValue@UProperty@@UBEXPAX0PAVUObject@@@Z
?Identical@UFloatProperty@@UBEHPBX0@Z
?Identical@UIntProperty@@UBEHPBX0@Z
?CopySingleValue@UBoolProperty@@UBEXPAX0PAVUObject@@@Z
?Link@UFloatProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?Link@UIntProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?Destroy@UObject@@UAEXXZ
?ImportText@UBoolProperty@@UBEPBGPBGPAEHH@Z
?CleanupDestroyed@UProperty@@UBEXPAE@Z
??3UIntProperty@@SAXPAX@Z
?appSleep@@YAXM@Z
??1UClass@@UAE@XZ
?ExportTextItem@UBoolProperty@@UBEXAAVFString@@PAE1H@Z
?GetPropertiesSize@UField@@UAEHXZ
?GL2NVPerfHUD@@3HA
?NetSerializeItem@UBoolProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?GetOwnerClass@UField@@UAEPAVUClass@@XZ
??1UIntProperty@@UAE@XZ
?SerializeItem@UBoolProperty@@UBEXAAVFArchive@@PAXH@Z
?Bind@UField@@UAEXXZ
?appMemset@@YAXPAXHH@Z
??0UClass@@QAE@W4ENativeConstructor@@KKPAV0@1VFGuid@@PBG33KP6AXPAX@ZP8UObject@@AEXXZ@Z
?ExportCppItem@UBoolProperty@@UBEXAAVFOutputDevice@@H@Z
?MergeBools@UField@@UAEHXZ
?Identical@UBoolProperty@@UBEHPBX0@Z
?AddCppProperty@UField@@UAEXPAVUProperty@@@Z
?StaticConfigName@UObject@@SAPBGXZ
?GL2EnableStaticMeshShadow@@3HA
?Link@UBoolProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?GIsEditor@@3HA
?Serialize@UBoolProperty@@UAEXAAVFArchive@@@Z
?PrivateStaticClass@UObject@@0VUClass@@A
??3UBoolProperty@@SAXPAX@Z
??0FSphere@@QAE@XZ
?GetName@UObject@@QBEPBGXZ
?appCos@@YANN@Z
?GetFullName@UObject@@QBEPBGPAG@Z
?GetDefaultObject@UClass@@QAEPAVUObject@@XZ
?Size@FVector@@QBEMXZ
??0FSphere@@QAE@H@Z
?appMemcmp@@YAHPBX0H@Z
?AddZeroed@FArray@@QAEHHH@Z
?PrivateStaticClass@UCommandlet@@0VUClass@@A
??0UCommandlet@@QAE@XZ
??1UCommandlet@@UAE@XZ

engine

?GStats@@3VFStats@@A
??0FVertexShaderFunction@@QAE@W4EVSFCommon@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFCommon@@@Z
?GetShaderFunctionValue@FShaderFunction@@QBEHXZ
??0FPixelShaderFunction@@QAE@W4EPSFEmitter@@@Z
??0FVertexShaderFunction@@QAE@W4EVSFEmitter@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFGaussianFilter@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFBloom@@@Z
?GEngineStats@@3VFEngineStats@@A
??0FShaderCode@@QAE@XZ
??1FShaderCode@@QAE@XZ
??6@YAAAVFArchive@@AAV0@AAPAVFShaderCode@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFShadowMap@@@Z
??0FVertexShaderFunction@@QAE@W4EVSFShadowMap@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFSSAO@@@Z
??0FVertexShaderFunction@@QAE@W4EVSFVertexLight@@@Z
??1URenderDevice@@UAE@XZ
??0URenderDevice@@QAE@ABV0@@Z
??4?$TArray@E@@QAEAAV0@ABV0@@Z
??1?$TArray@E@@QAE@XZ
??0?$TArray@E@@QAE@ABV0@@Z
??4URenderDevice@@QAEAAV0@ABV0@@Z
?CompileShader@URenderDevice@@UAEHABVFString@@PAV?$TArray@K@@AAV2@@Z
?ClearCompiledShaders@URenderDevice@@UAEXXZ
?GetStage@FShaderProperty@@QAE?AV?$TSmartPtr@VFMaterialStageProperty@@@@H@Z
?AddTexModifier@FShaderProperty@@QAEXHABVFString@@@Z
??1FMaterialStageProperty@@QAE@XZ
?GetBumpRawData@UUnderWaterShader@@QAEPAEXZ
?PrivateStaticClass@UFadeColor@@0VUClass@@A
?PrivateStaticClass@UTexture@@0VUClass@@A
?PrivateStaticClass@UShader@@0VUClass@@A
?GetRefractionBkTex@FPlayerSceneNode@@SAPAVFAuxRenderTarget@@PAVUViewport@@@Z
?PrivateStaticClass@UBitmapMaterial@@0VUClass@@A
?PrivateStaticClass@UModifier@@0VUClass@@A
??1FRenderResource@@UAE@XZ
?PrivateStaticClass@UTexModifier@@0VUClass@@A
?PrivateStaticClass@UFinalBlend@@0VUClass@@A
?GetCacheId@FRenderResource@@UAE_KXZ
?PrivateStaticClass@UComplementModifier@@0VUClass@@A
?PrivateStaticClass@UL2ColorModifier@@0VUClass@@A
?PrivateStaticClass@UColorVariationMaterial@@0VUClass@@A
?PrivateStaticClass@UVertexColor@@0VUClass@@A
?PrivateStaticClass@UTexMatrix@@0VUClass@@A
?PrivateStaticClass@UConstantMaterial@@0VUClass@@A
?GGlobalTempObjects@@3PAVUGlobalTempObjects@@A
?PrivateStaticClass@UColorModifier@@0VUClass@@A
?PrivateStaticClass@UOpacityModifier@@0VUClass@@A
?PrivateStaticClass@UCombiner@@0VUClass@@A
??_7FRenderResource@@6B@
?RefreshBumpRawData@UBumpShader@@QAEXXZ
?PrivateStaticClass@URenderDevice@@0VUClass@@A
?SetRes@URenderDevice@@UAEHPAVUViewport@@HHHHHH@Z
?ClearFallbacks@UMaterial@@SAXXZ
??0URenderDevice@@QAE@XZ
?Empty@?$TArray@E@@QAEXH@Z
?Add@?$TArray@E@@QAEHH@Z
?RefreshAll@UViewport@@SAXXZ
?RegisterStats@FStats@@QAEHW4EStatsType@@W4EStatsDataType@@VFString@@2W4EStatsUnit@@@Z
??0?$TArray@E@@QAE@XZ
?Clear@FShaderProperty@@QAEXXZ
?PrivateStaticClass@UWaterMaterial@@0VUClass@@A
?SetStageCount@FShaderProperty@@QAEXH@Z
?GetStageCount@FShaderProperty@@QBEHXZ
?PrivateStaticClass@UProxyBitmapMaterial@@0VUClass@@A
??0FVertexShaderFunction@@QAE@XZ
?PrivateStaticClass@UConstantColor@@0VUClass@@A
?GetShaderMaterial@UMaterial@@QAEPAVUBitmapMaterial@@H@Z
?PrivateStaticClass@URenderedMaterial@@0VUClass@@A
??0FPixelShaderFunction@@QAE@XZ
?GetTexModifierMatrix@FMaterialStageProperty@@QAEHMAAVFMatrix@@@Z
?GetDirection@FNPawnLight@@QAE?AVFVector@@XZ
?PauseRender@UDepthEffect@@QAEHPAVFRenderInterface@@@Z
?GetPosition@FNPawnLight@@QAE?AVFVector@@XZ
?PrivateStaticClass@UBumpShader@@0VUClass@@A
?PrivateStaticClass@UUnderWaterShader@@0VUClass@@A
?Remove@?$TArray@E@@QAEXHH@Z
?ResumeRender@UDepthEffect@@QAEXPAVFRenderInterface@@@Z
?GetObj@?$TSingleton@VUDepthEffect@@@@SAAAVUDepthEffect@@XZ
?PrivateStaticClass@UProjectorMaterial@@0VUClass@@A
?GetLightColor@FDynamicLight@@QAE?AVFPlane@@W4ELightColorType@@@Z
?PrivateStaticClass@UMaterial@@0VUClass@@A
?PrivateStaticClass@UTerrainMaterial@@0VUClass@@A
?SetMaterial@FShaderProperty@@QAEXHPAVUBitmapMaterial@@@Z
?PrivateStaticClass@UParticleMaterial@@0VUClass@@A
?__Client@UTexture@@2PAVUClient@@A
?GL2GameData@@3VFL2GameData@@A
?ConvertDXT@UTexture@@QAE?AW4ETextureFormat@@HHHPAPAE@Z
??0FPixelShaderFunction@@QAE@W4EPSFVertexLight@@@Z

kernel32

CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
WriteFile
HeapAlloc
GetProcessHeap
HeapFree
CreateFileMappingA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
GetFileSize
MapViewOfFile
GetLastError
OutputDebugStringA
VirtualAlloc
VirtualFree
MultiByteToWideChar
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcmpiA
WideCharToMultiByte
GetFullPathNameA
LeaveCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
Sleep
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
IsProcessorFeaturePresent
GetSystemInfo
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
GetCommandLineA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapReAlloc
LCMapStringA
LCMapStringW
VirtualQuery
SetFilePointer
GetConsoleCP
GetConsoleMode

user32

MessageBoxW
GetClientRect
GetDC
GetDesktopWindow
ClientToScreen
GetSystemMetrics

gdi32

DeleteObject
SetDeviceGammaRamp
GetDeviceCaps

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

??0UD3DRenderDevice@@QAE@ABV0@@Z
??0UD3DRenderDevice@@QAE@XZ
??1UD3DRenderDevice@@UAE@XZ
??2UD3DRenderDevice@@SAPAXIPAVUObject@@PBGK@Z
??2UD3DRenderDevice@@SAPAXIPAW4EInternal@@@Z
??3UD3DRenderDevice@@SAXPAX@Z
??3UD3DRenderDevice@@SAXPAXPAVUObject@@@Z
??3UD3DRenderDevice@@SAXPAXPAVUObject@@PBG@Z
??3UD3DRenderDevice@@SAXPAXPAVUObject@@PBGK@Z
??3UD3DRenderDevice@@SAXPAXPAW4EInternal@@@Z
??4UD3DRenderDevice@@QAEAAV0@ABV0@@Z
??_7UD3DRenderDevice@@6BFExec@@@
??_7UD3DRenderDevice@@6BUObject@@@
?CheckCachedResource@UD3DRenderDevice@@QAEXXZ
?ClearVertexDeclarationList@UD3DRenderDevice@@QAEXXZ
?CreatePixelShader@UD3DRenderDevice@@QBEPAUIDirect3DPixelShader9@@ABVFShaderCode@@@Z
?CreateVertexDeclaration@UD3DRenderDevice@@QAEPAUIDirect3DVertexDeclaration9@@AAUFShaderDeclaration@@@Z
?CreateVertexShader@UD3DRenderDevice@@QBEPAUIDirect3DVertexShader9@@ABVFShaderCode@@@Z
?DeleteAllTexture@UD3DRenderDevice@@UAEXXZ
?Destroy@UD3DRenderDevice@@EAEXXZ
?DiscardUnusedResource@UD3DRenderDevice@@QAEXPBVFD3DResource@@@Z
?Exec@UD3DRenderDevice@@UAEHPBGAAVFOutputDevice@@@Z
?Exit@UD3DRenderDevice@@UAEXXZ
?Flush@UD3DRenderDevice@@UAEXXZ
?FlushResource@UD3DRenderDevice@@UAEX_K@Z
?GetBackBufferHeight@UD3DRenderDevice@@UBEHXZ
?GetBackBufferWidth@UD3DRenderDevice@@UBEHXZ
?GetCachedResource@UD3DRenderDevice@@QAEPAVFD3DResource@@_K@Z
?GetCreateTextureBytes@UD3DRenderDevice@@UAEKXZ
?GetCurrentRenderTargetBitDepth@UD3DRenderDevice@@QBEHXZ
?GetMultiSample@UD3DRenderDevice@@UAEHXZ
?GetRefreshRate@UD3DRenderDevice@@UAEHHHHHPAH@Z
?GetRenderCaps@UD3DRenderDevice@@UAEPAUFRenderCaps@@XZ
?GetRenderInterface@UD3DRenderDevice@@UAEPAVFRenderInterface@@XZ
?GetRes@UD3DRenderDevice@@UAEHHPAH00@Z
?GetResParams@UD3DRenderDevice@@UAEHAAH0000@Z
?GetShaderVersion@UD3DRenderDevice@@UAEXAAH0@Z
?HoldBackBuffer@UD3DRenderDevice@@UAEXXZ
?Init@UD3DRenderDevice@@UAEHXZ
?InternalConstructor@UD3DRenderDevice@@SAXPAX@Z
?IsUseTrilinear@UD3DRenderDevice@@UAEHXZ
?LoadCompiledShader@UD3DRenderDevice@@QAEXXZ
?Lock@UD3DRenderDevice@@UAEPAVFRenderInterface@@PAVUViewport@@PAEPAH@Z
?Present@UD3DRenderDevice@@UAEXPAVUViewport@@@Z
?PrivateStaticClass@UD3DRenderDevice@@0VUClass@@A
?ReadPixels@UD3DRenderDevice@@UAEXPAVUViewport@@PAVFColor@@@Z
?ResetDevice@UD3DRenderDevice@@QAEXXZ
?ResetShaders@UD3DRenderDevice@@UAEXXZ
?ResourceCached@UD3DRenderDevice@@UAEH_K@Z
?RestoreGamma@UD3DRenderDevice@@UAEXXZ
?SetEmulationMode@UD3DRenderDevice@@UAEXW4EHardwareEmulationMode@@@Z
?SetRenderTarget@UD3DRenderDevice@@QAEJHQAUIDirect3DSurface9@@@Z
?SetRes@UD3DRenderDevice@@UAEHPAVUViewport@@HHHHHH@Z
?SetUseTrilinear@UD3DRenderDevice@@UAEXH@Z
?StaticClass@UD3DRenderDevice@@SAPAVUClass@@XZ
?StaticConstructor@UD3DRenderDevice@@QAEXXZ
?SupportsTextureFormat@UD3DRenderDevice@@UAEHW4ETextureFormat@@@Z
?UnSetRes@UD3DRenderDevice@@QAEHPBGJH@Z
?Unlock@UD3DRenderDevice@@UAEXPAVFRenderInterface@@@Z
?UpdateGamma@UD3DRenderDevice@@UAEXPAVUViewport@@@Z
?m_pRenDev@UD3DRenderDevice@@2PAV1@A
GPackage
_DllMain@12
autoclassUD3DRenderDevice
autoclassUShaderCommandlet

Sections

.text
Size: 927KB - Virtual size: 927KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
l2half/D3DDrv.int
l2half/DSETUP.dll
.dll windows:5 windows x86 arch:x86

4fe4cbe3f1eef29244a0a0b01016c849

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW

Exports

Exports

DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetEULAA
DirectXSetupGetEULAW
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupShowEULA
DirectXSetupW
DirectXUnRegisterApplication

Sections

Size: 54KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xkfoyryi
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uuuqertc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
l2half/DefOpenAL32.dll
.dll windows:4 windows x86 arch:x86

bc81b622121c4235a8858ecacac0371b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\ghiebert\My Documents\prog\openal\OpenAL-Windows\Router\Release\OpenAL32.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveInGetNumDevs
waveOutGetNumDevs
waveInGetDevCapsA
waveOutMessage
waveOutGetDevCapsA

kernel32

IsDebuggerPresent
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetModuleHandleA
FindClose
GetLastError
FindNextFileA
FreeLibrary
GetProcAddress
LoadLibraryA
FindFirstFileA
GetSystemDirectoryA
GetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
IsBadReadPtr
HeapSize
GetConsoleMode
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetFilePointer
GetConsoleCP

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Exports

Exports

alBuffer3f
alBuffer3i
alBufferData
alBufferf
alBufferfv
alBufferi
alBufferiv
alDeleteBuffers
alDeleteSources
alDisable
alDistanceModel
alDopplerFactor
alDopplerVelocity
alEnable
alGenBuffers
alGenSources
alGetBoolean
alGetBooleanv
alGetBuffer3f
alGetBuffer3i
alGetBufferf
alGetBufferfv
alGetBufferi
alGetBufferiv
alGetDouble
alGetDoublev
alGetEnumValue
alGetError
alGetFloat
alGetFloatv
alGetInteger
alGetIntegerv
alGetListener3f
alGetListener3i
alGetListenerf
alGetListenerfv
alGetListeneri
alGetListeneriv
alGetProcAddress
alGetSource3f
alGetSource3i
alGetSourcef
alGetSourcefv
alGetSourcei
alGetSourceiv
alGetString
alIsBuffer
alIsEnabled
alIsExtensionPresent
alIsSource
alListener3f
alListener3i
alListenerf
alListenerfv
alListeneri
alListeneriv
alSource3f
alSource3i
alSourcePause
alSourcePausev
alSourcePlay
alSourcePlayv
alSourceQueueBuffers
alSourceRewind
alSourceRewindv
alSourceStop
alSourceStopv
alSourceUnqueueBuffers
alSourcef
alSourcefv
alSourcei
alSourceiv
alSpeedOfSound
alcCaptureCloseDevice
alcCaptureOpenDevice
alcCaptureSamples
alcCaptureStart
alcCaptureStop
alcCloseDevice
alcCreateContext
alcDestroyContext
alcGetContextsDevice
alcGetCurrentContext
alcGetEnumValue
alcGetError
alcGetIntegerv
alcGetProcAddress
alcGetString
alcIsExtensionPresent
alcMakeContextCurrent
alcOpenDevice
alcProcessContext
alcSuspendContext

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
l2half/Editor.u
l2half/armorgrp.dat
l2half/bighead.int
l2half/britemgrp.dat
l2half/chatfilter.ini
l2half/encvag.dll
.dll windows:4 windows x86 arch:x86

a268499ce7d6f3e663f7366ce8d74977

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapSize
HeapReAlloc
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
SetHandleCount
ExitProcess
WritePrivateProfileStringA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
HeapFree
TerminateProcess
GetCommandLineA
RtlUnwind
GetModuleHandleA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersionExA
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
GetProcAddress
FindClose
LoadLibraryA
FreeLibrary
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
GetProcessVersion
GetLastError
SetLastError
LocalFree
SetUnhandledExceptionFilter
GetCurrentThreadId
LocalAlloc
GlobalFlags
MulDiv
GetVersion
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrlenA
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
LCMapStringA
LCMapStringW
VirtualAlloc
GlobalAlloc
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalLock
CloseHandle

user32

MapWindowPoints
SetScrollInfo
ScrollWindow
ScreenToClient
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
SetActiveWindow
ShowScrollBar
SystemParametersInfoA
UpdateWindow
LoadIconA
GetSystemMetrics
LoadCursorA
GetSysColorBrush
LoadStringA
CharUpperA
DestroyMenu
WindowFromPoint
EndDialog
FindWindowA
InvalidateRect
GetSysColor
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IsIconic
BringWindowToTop
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetFocus
IsWindowEnabled
ShowWindow
SetScrollPos
SetWindowLongA
GetScrollPos
SetScrollRange
GetDlgItem
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetDesktopWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
EnableWindow
SetCursor
ShowOwnedPopups
SendMessageA
PostMessageA
PostQuitMessage
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
GetMenu
SetWindowPos
GrayStringA

gdi32

DeleteObject
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateBitmap
GetDeviceCaps
RectVisible
TextOutA
PtVisible
Escape
GetObjectA
ExtTextOutA
DeleteDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish

comctl32

ImageList_Destroy
ord17

Exports

Exports

EncVag
EncVagFin
EncVagInit

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7234f3af159626ae720e7976ae912c5f

Headers

File Characteristics

Imports

core

engine

vorbisfile

kernel32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 9KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 504B

.reloc Size: 11KB - Virtual size: 10KB

78c79f9b9cbfe33211f74c63007ca9af

Code Sign

01Certificate

44:e7:9d:6c:c8:65:3f:d7:be:4d:f0:eb:b7:dd:b7:dcCertificate

Extended Key Usages

0aCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

vorbisfile

winmm

iphlpapi

kernel32

user32

shell32

ole32

vcomp

Exports

Exports

Sections

.text Size: 537KB - Virtual size: 536KB

.rdata Size: 342KB - Virtual size: 341KB

.data Size: 23KB - Virtual size: 2.4MB

.rsrc Size: 1024B - Virtual size: 4KB

7b2be962421024771c5523b6347610e5

Headers

File Characteristics

Imports

winmm

d3d9

ddraw

core

engine

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 927KB - Virtual size: 927KB

.rdata Size: 327KB - Virtual size: 327KB

.data Size: 57KB - Virtual size: 591KB

.rsrc Size: 512B - Virtual size: 432B

.reloc Size: 65KB - Virtual size: 64KB

4fe4cbe3f1eef29244a0a0b01016c849

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

Size: 54KB - Virtual size: 120KB

.rsrc Size: 512B - Virtual size: 448B

.idata Size: 512B - Virtual size: 4KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 9KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 504B

.reloc
Size: 11KB - Virtual size: 10KB

01
Certificate

44:e7:9d:6c:c8:65:3f:d7:be:4d:f0:eb:b7:dd:b7:dc
Certificate

0a
Certificate

.text
Size: 537KB - Virtual size: 536KB

.rdata
Size: 342KB - Virtual size: 341KB

.data
Size: 23KB - Virtual size: 2.4MB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 927KB - Virtual size: 927KB

.rdata
Size: 327KB - Virtual size: 327KB

.data
Size: 57KB - Virtual size: 591KB

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 65KB - Virtual size: 64KB

.rsrc
Size: 512B - Virtual size: 448B

.idata
Size: 512B - Virtual size: 4KB

xkfoyryi
Size: 1.1MB - Virtual size: 1.1MB

uuuqertc
Size: 1024B - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 29KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 15KB - Virtual size: 15KB