Actual PE Digest
Digest Algorithm
PE Digest Matches
false
Overview
overview
7Static
static
7ˮ䰴С...32.dll
windows7-x64
3ˮ䰴С...32.dll
windows10-2004-x64
3ˮ䰴С...32.dll
windows7-x64
3ˮ䰴С...32.dll
windows10-2004-x64
3ˮ䰴С...ll.dll
windows7-x64
3ˮ䰴С...ll.dll
windows10-2004-x64
3ˮ䰴С...nd.dll
windows7-x64
3ˮ䰴С...nd.dll
windows10-2004-x64
3ˮ䰴С...le.dll
windows7-x64
3ˮ䰴С...le.dll
windows10-2004-x64
3ˮ䰴С...ll.dll
windows7-x64
5ˮ䰴С...ll.dll
windows10-2004-x64
5ˮ䰴С...ow.dll
windows7-x64
3ˮ䰴С...ow.dll
windows10-2004-x64
3ˮ䰴С...gj.dll
windows7-x64
3ˮ䰴С...gj.dll
windows10-2004-x64
3ˮ䰴С...��.doc
windows7-x64
4ˮ䰴С...��.doc
windows10-2004-x64
1ˮ䰴С....6.exe
windows7-x64
3ˮ䰴С....6.exe
windows10-2004-x64
3ˮ䰴С...��.doc
windows7-x64
4ˮ䰴С...��.doc
windows10-2004-x64
1ˮ䰴С...��.url
windows7-x64
1ˮ䰴С...��.url
windows10-2004-x64
1ˮ䰴С...��.exe
windows7-x64
3ˮ䰴С...��.exe
windows10-2004-x64
3Behavioral task
behavioral1
Sample
ˮ䰴СV1.6/COMCTL32.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
ˮ䰴СV1.6/COMCTL32.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
ˮ䰴СV1.6/TABCTL32.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
ˮ䰴СV1.6/TABCTL32.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
ˮ䰴СV1.6/cfgdll.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
ˮ䰴СV1.6/cfgdll.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
ˮ䰴СV1.6/plugin/Bkgnd.dll
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
ˮ䰴СV1.6/plugin/Bkgnd.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral9
Sample
ˮ䰴СV1.6/plugin/File.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
ˮ䰴СV1.6/plugin/File.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral11
Sample
ˮ䰴СV1.6/plugin/RegDll.dll
Resource
win7-20240708-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral12
Sample
ˮ䰴СV1.6/plugin/RegDll.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral13
Sample
ˮ䰴СV1.6/plugin/Window.dll
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral14
Sample
ˮ䰴СV1.6/plugin/Window.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral15
Sample
ˮ䰴СV1.6/plugin/qsgj.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral16
Sample
ˮ䰴СV1.6/plugin/qsgj.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral17
Sample
ˮ䰴СV1.6/ʹ˵.doc
Resource
win7-20240903-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral18
Sample
ˮ䰴СV1.6/ʹ˵.doc
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral19
Sample
ˮ䰴СV1.6/ˮ䰴СV1.6.exe
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral20
Sample
ˮ䰴СV1.6/ˮ䰴СV1.6.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral21
Sample
ˮ䰴СV1.6/ע˵.doc
Resource
win7-20240903-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral22
Sample
ˮ䰴СV1.6/ע˵.doc
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral23
Sample
ˮ䰴СV1.6/鿴.url
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral24
Sample
ˮ䰴СV1.6/鿴.url
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral25
Sample
ˮ䰴СV1.6/治ʾ.exe
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral26
Sample
ˮ䰴СV1.6/治ʾ.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
0c4d4cbc8336a0c92f371f421024daa8_JaffaCakes118
-
Size
2.3MB
-
MD5
0c4d4cbc8336a0c92f371f421024daa8
-
SHA1
ac807b53c29910acac97dfe6dfd6bdf234da961b
-
SHA256
259919aedfa8ddafd05142c56619befe3f8e2c94beca10f410d751e72a6711bb
-
SHA512
219bee234395ba60ba2ca4c6b25ce2372d6eb7eccd072c3b295fdb2157223b4990734eb0c44931f7beefc64633fce909308699d4d5b8fac750c21192345de952
-
SSDEEP
49152:rZZvSuEH0pdia4XuE3MY+jvc5HmkGuJWn6csM/:iQidbMpeHmkGuan
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule static1/unpack001/ˮ䰴СV1.6/plugin/RegDll.DLL acprotect -
resource yara_rule static1/unpack001/ˮ䰴СV1.6/plugin/RegDll.DLL upx -
Unsigned PE 6 IoCs
Checks for missing Authenticode signature.
resource unpack001/ˮ䰴СV1.6/plugin/Bkgnd.DLL unpack001/ˮ䰴СV1.6/plugin/File.DLL unpack001/ˮ䰴СV1.6/plugin/RegDll.DLL unpack002/out.upx unpack001/ˮ䰴СV1.6/plugin/Window.DLL unpack001/ˮ䰴СV1.6/plugin/qsgj.DLL
Files
-
0c4d4cbc8336a0c92f371f421024daa8_JaffaCakes118.zip
-
ˮ䰴СV1.6/COMCTL32.ocx.dll regsvr32 windows:4 windows x86 arch:x86
c8cebbf034d8c6304701e5ec3fae70a4
Code Sign
Signer
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
comctl32
ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Add
ImageList_AddMasked
ord16
ord17
ImageList_Draw
ImageList_Create
ImageList_Destroy
ImageList_Remove
kernel32
lstrcmpA
GetProcAddress
GlobalSize
CloseHandle
GetFileSize
ReadFile
lstrcmpiA
IsDBCSLeadByte
lstrcmpiW
LockResource
FindResourceA
LoadResource
GetWindowsDirectoryA
GetLastError
GetLocaleInfoA
OpenFile
MultiByteToWideChar
lstrcatA
DisableThreadLibraryCalls
GetVersion
GetProcessHeap
GetDateFormatA
GetLocalTime
GetTimeFormatA
GetModuleFileNameA
GetCurrentThreadId
LoadLibraryA
GlobalUnlock
GlobalAlloc
GlobalLock
CompareStringA
GlobalFree
GetVersionExA
lstrlenA
lstrcpyA
IsBadReadPtr
HeapReAlloc
lstrcpynA
IsBadWritePtr
InterlockedDecrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
InterlockedIncrement
HeapAlloc
lstrlenW
LeaveCriticalSection
EnterCriticalSection
user32
IsWindowVisible
EndPaint
BeginPaint
MoveWindow
CharUpperA
IntersectRect
MessageBeep
SetCursor
EndDialog
RedrawWindow
GetMessagePos
CreateAcceleratorTableA
VkKeyScanA
PeekMessageA
PeekMessageW
SetWindowRgn
RegisterWindowMessageA
RegisterClipboardFormatA
SetCursorPos
OffsetRect
EqualRect
IsChild
GetWindowTextA
SetCapture
GetCursorPos
ScreenToClient
PostMessageA
DrawEdge
GetSysColor
wsprintfA
FillRect
InflateRect
DrawTextA
GetWindowRect
MapVirtualKeyA
DestroyWindow
CreateWindowExA
GetSysColorBrush
GetParent
GetAsyncKeyState
SetWindowLongA
TranslateMessage
DispatchMessageA
IsWindowEnabled
GetActiveWindow
CreateDialogIndirectParamA
IsDialogMessageA
GetNextDlgTabItem
GetWindow
CharNextA
SetParent
InvalidateRect
UpdateWindow
UnregisterClassA
MessageBoxA
SetWindowsHookExA
SetTimer
KillTimer
CheckRadioButton
CallNextHookEx
SetActiveWindow
DestroyIcon
SetFocus
DrawIcon
UnionRect
DialogBoxParamA
PtInRect
LoadCursorA
GetWindowDC
SetRect
IsRectEmpty
GetDC
ReleaseDC
GetClipboardFormatNameA
ClientToScreen
PostMessageW
FrameRect
GetClientRect
CallWindowProcA
GetKeyState
GetCapture
ReleaseCapture
GetClassInfoA
RegisterClassA
LoadIconA
GetSystemMetrics
CopyImage
MapDialogRect
GetWindowLongA
SetWindowPos
GetFocus
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
SendDlgItemMessageA
CheckDlgButton
LoadStringA
DefWindowProcA
SendMessageA
ShowWindow
WinHelpA
UnhookWindowsHookEx
ole32
CreateStreamOnHGlobal
RevokeDragDrop
CreateOleAdviseHolder
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
DoDragDrop
ReleaseStgMedium
OleLoadFromStream
OleSaveToStream
advapi32
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey
oleaut32
SafeArrayPutElement
SafeArrayGetElement
SafeArrayRedim
SafeArrayGetUBound
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantCopy
GetErrorInfo
OleCreateFontIndirect
CreateErrorInfo
SetErrorInfo
OleCreatePropertyFrame
LoadTypeLibEx
UnRegisterTypeLi
LoadRegTypeLi
RegisterTypeLi
OleLoadPicture
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
OleCreatePictureIndirect
VariantCopyInd
OleTranslateColor
VariantChangeType
SysFreeString
SysStringLen
VariantClear
SysAllocString
VariantInit
SafeArrayCopy
comdlg32
GetOpenFileNameA
gdi32
GetNearestColor
CreatePalette
LPtoDP
GetWindowExtEx
GetBitmapBits
TextOutA
CreateDIBitmap
RealizePalette
GetViewportExtEx
SelectPalette
GetPaletteEntries
GetDIBits
CopyEnhMetaFileA
CreateICA
CopyMetaFileA
StretchBlt
Rectangle
GetObjectA
SetBkColor
CreateDCA
CreateRectRgn
SetViewportOrgEx
SetWindowOrgEx
DeleteObject
SetWindowExtEx
SetMapMode
SetViewportExtEx
CreateSolidBrush
GetDeviceCaps
SelectObject
ExcludeClipRect
GetClipRgn
SelectClipRgn
GetClipBox
DeleteDC
CreateRectRgnIndirect
CreateCompatibleDC
PatBlt
CreateCompatibleBitmap
SetBkMode
SetTextColor
CreateBitmap
GetStockObject
GetTextExtentPoint32A
Exports
Exports
DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 332KB - Virtual size: 332KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 224KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/TABCTL32.OCX.dll regsvr32 windows:4 windows x86 arch:x86
e0cb36c66e5c120ef20ebc4f30366345
Code Sign
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before04/12/2003, 00:00Not After03/12/2008, 23:59SubjectCN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before10/01/1997, 07:00Not After31/12/2020, 07:00SubjectCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before10/12/2000, 08:00Not After12/11/2005, 08:00SubjectCN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
61:0e:7d:a7:00:00:00:00:00:48Certificate
IssuerCN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before25/10/2003, 05:59Not After25/01/2005, 06:09SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7Signer
Actual PE Digest07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
Imports
kernel32
GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCommandLineA
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcmpiA
lstrlenA
GlobalSize
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
lstrcpyA
EnterCriticalSection
GetProcessHeap
HeapReAlloc
lstrcmpA
InitializeCriticalSection
lstrcatA
user32
BeginPaint
GetClientRect
MoveWindow
IntersectRect
PtInRect
CreateWindowExA
SetWindowPos
SetFocus
SetWindowRgn
FillRect
CopyRect
DrawFocusRect
GetSysColor
IsWindowEnabled
GetWindowRect
GetWindowDC
DestroyWindow
GetWindowLongA
SetWindowLongA
CallWindowProcA
CharNextA
OffsetRect
SetRectEmpty
ShowWindow
IsDialogMessageA
ScreenToClient
GetClipboardFormatNameA
RegisterClipboardFormatA
MapWindowPoints
SetCursorPos
InvalidateRect
UnregisterClassA
ReleaseCapture
GetNextDlgTabItem
CreateDialogIndirectParamA
IsChild
SetParent
IsWindowVisible
WinHelpA
InflateRect
EndDialog
GetActiveWindow
DialogBoxParamA
GetCursorPos
IsIconic
GetParent
LockWindowUpdate
EqualRect
IsWindow
MessageBeep
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
wsprintfA
GetKeyState
DefWindowProcA
SetCursor
PeekMessageA
SendMessageA
GetFocus
GetDC
ReleaseDC
SetRect
IsCharAlphaNumericA
VkKeyScanA
CreateAcceleratorTableA
EnableWindow
LoadCursorA
RegisterClassA
DestroyAcceleratorTable
LoadStringA
GetWindow
GetSystemMetrics
EndPaint
ClientToScreen
ole32
ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
OleLoadFromStream
advapi32
RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
oleaut32
SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayUnaccessData
VariantCopyInd
SafeArrayAccessData
LoadTypeLibEx
UnRegisterTypeLi
VariantCopy
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
VariantInit
SysStringLen
VariantChangeType
GetErrorInfo
OleLoadPicture
OleTranslateColor
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
OleCreatePictureIndirect
OleCreateFontIndirect
VariantClear
SysFreeString
SysAllocString
gdi32
SetMapMode
GetWindowExtEx
GetViewportExtEx
LPtoDP
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetOutlineTextMetricsA
BitBlt
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateRectRgn
CreateFontIndirectA
GetObjectA
SelectClipRgn
CombineRgn
CreatePolygonRgn
SetBkMode
CreatePen
TextOutA
GetTextColor
LineTo
MoveToEx
GetTextExtentPoint32A
GetCharWidthA
GetCurrentPositionEx
SetTextAlign
GetStockObject
CreateSolidBrush
OffsetRgn
SetBrushOrgEx
UnrealizeObject
GetPaletteEntries
CreateRectRgnIndirect
CreateICA
Exports
Exports
DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 140KB - Virtual size: 136KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/cfgdll.dll.dll windows:4 windows x86 arch:x86
3d5f56d94d940d17985002ac8d7d1179
Code Sign
42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before25/04/2007, 00:00Not After09/07/2019, 18:40SubjectCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before09/07/1999, 18:31Not After09/07/2019, 18:40SubjectCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
03:b3:e8:07:89:fe:e6:ab:e9:3d:d9:72:81:7e:53:f8Certificate
IssuerCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USNot Before13/01/2010, 00:00Not After13/01/2011, 23:59SubjectCN=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,OU=Class 3 - for Microsoft Authenticode Signing,O=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,L=Fuzhou,ST=Fujian,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageDigitalSignature
43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before30/04/2007, 00:00Not After29/04/2012, 23:59SubjectCN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
CloseHandle
UnmapViewOfFile
GetCurrentProcessId
CreateEventA
PulseEvent
OpenEventA
WaitForSingleObject
CompareStringW
CompareStringA
RtlUnwind
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
user32
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PostMessageA
Sections
.text Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/plugin/Bkgnd.DLL.dll regsvr32 windows:4 windows x86 arch:x86
afd0c76cb946728fd0639bbc36336f6e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc42
ord561
ord815
ord5500
ord1132
ord1131
ord941
ord6354
ord823
ord860
ord535
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord2915
ord825
ord537
ord540
ord2818
ord4204
ord1601
ord800
ord743
ord446
ord2486
ord4226
ord4486
ord6375
ord4274
ord4003
ord4622
ord1223
ord290
ord2623
ord1206
ord614
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord939
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
msvcrt
__CxxFrameHandler
strtol
_ftol
sprintf
wcstombs
strchr
strrchr
free
sscanf
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
malloc
kernel32
LocalAlloc
LocalFree
Sleep
GlobalFree
IsDBCSLeadByte
IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA
user32
IsRectEmpty
GetWindowDC
GetWindowRect
ClientToScreen
GetDC
ReleaseDC
PostMessageA
MapVirtualKeyA
SendMessageA
GetGUIThreadInfo
GetWindowThreadProcessId
GetForegroundWindow
gdi32
RealizePalette
DeleteDC
DeleteObject
CreateDCA
CreateCompatibleDC
SelectPalette
SelectObject
BitBlt
GetObjectA
GetDIBits
GetStockObject
CreateCompatibleBitmap
advapi32
RegSetValueExA
RegCloseKey
RegOpenKeyA
ole32
StringFromCLSID
CoTaskMemFree
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Sections
.text Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/plugin/File.DLL.dll regsvr32 windows:4 windows x86 arch:x86
a10a0592e6925a16bb3205010b141edd
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc42
ord533
ord6407
ord2818
ord4278
ord536
ord858
ord535
ord2915
ord6662
ord5194
ord5465
ord924
ord939
ord1997
ord798
ord6354
ord941
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord354
ord5186
ord3318
ord1979
ord665
ord3790
ord6153
ord537
ord940
ord540
ord823
ord825
ord860
ord1601
ord800
ord743
ord446
ord2486
ord4226
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
msvcrt
_tzset
atoi
sscanf
__CxxFrameHandler
_mkdir
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
wcstombs
_timezone
strrchr
strchr
rename
kernel32
CloseHandle
CreateFileA
WriteFile
ReadFile
SetFilePointer
SystemTimeToFileTime
OpenFile
SetFileTime
MoveFileA
DeleteFileA
GetFileAttributesA
CopyFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
LocalFree
LocalAlloc
_lclose
comdlg32
GetOpenFileNameA
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA
advapi32
RegSetValueExA
RegCloseKey
RegOpenKeyA
ole32
StringFromCLSID
CoTaskMemFree
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Sections
.text Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/plugin/RegDll.DLL.dll regsvr32 windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Sections
UPX0 Size: - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 866B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/plugin/Window.DLL.dll regsvr32 windows:4 windows x86 arch:x86
893c7528170b94ff6bcdcb8bb8bf6e0d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc42
ord815
ord5500
ord1132
ord1131
ord941
ord6354
ord825
ord2915
ord537
ord535
ord823
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4003
ord4622
ord1223
ord290
ord2623
ord1206
ord860
ord539
ord540
ord2818
ord2764
ord4226
ord922
ord858
ord800
ord1601
ord743
ord446
ord2486
ord614
ord4424
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord939
ord859
ord1799
ord2982
ord3147
ord3259
msvcrt
sprintf
__CxxFrameHandler
_mbscmp
__dllonexit
free
malloc
sscanf
wcstombs
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
strchr
strrchr
kernel32
LocalAlloc
LocalFree
Sleep
IsDBCSLeadByte
IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentThreadId
CreateToolhelp32Snapshot
Module32First
CloseHandle
user32
SetWindowTextA
AttachThreadInput
GetGUIThreadInfo
GetClientRect
GetWindowThreadProcessId
SetWindowPos
GetWindowRect
MoveWindow
ShowWindow
PostMessageA
IsWindow
GetWindowLongA
EnumWindows
GetWindowTextA
GetCursorPos
WindowFromPoint
GetForegroundWindow
FindWindowExA
FindWindowA
MapVirtualKeyA
SendMessageA
GetClassNameA
SetForegroundWindow
advapi32
RegSetValueExA
RegCloseKey
RegOpenKeyA
ole32
StringFromCLSID
CoTaskMemFree
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Sections
.text Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/plugin/qsgj.DLL.dll regsvr32 windows:4 windows x86 arch:x86
b01f32151600a6bc583f8e261f7e1d49
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
msvbvm60
__vbaVarSub
__vbaVarTstGt
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaAptOffset
__vbaLenBstr
__vbaGosubReturn
__vbaStrVarMove
__vbaFreeVarList
__vbaVarIdiv
_adj_fdiv_m64
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
ord518
ord626
__vbaCopyBytes
__vbaForEachCollAd
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaVarTstLe
__vbaVarXor
__vbaAryDestruct
__vbaVarIndexLoadRefLock
__vbaVarForInit
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarIndexLoad
ord520
__vbaRefVarAry
__vbaVargVar
__vbaBoolVarNull
_CIsin
ord631
__vbaVargVarMove
__vbaVarCmpGt
ord632
__vbaChkstk
__vbaGosubFree
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaVarOr
__vbaVarLateMemSt
_adj_fpatan
__vbaFixstrConstruct
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaStrUI1
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord711
ord712
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
ord608
ord716
__vbaFPException
ord717
__vbaInStrVar
__vbaStrVarVal
__vbaUbound
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord573
ord681
__vbaFreeStrList
__vbaVarCmpLt
__vbaVarNot
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord101
__vbaVarSetVar
ord102
__vbaI4Var
ord103
__vbaVarCmpEq
ord104
ord105
__vbaAryLock
__vbaVarAdd
__vbaLateMemCall
__vbaStrToAnsi
__vbaStrComp
__vbaVarDup
__vbaVarMod
__vbaFpI4
__vbaVarCopy
__vbaVarTstGe
__vbaVarLateMemCallLd
ord617
__vbaRecDestructAnsi
__vbaLateMemCallLd
__vbaVarSetObjAddref
_CIatan
__vbaStrMove
__vbaStrVarCopy
ord619
_allmul
_CItan
__vbaNextEachCollAd
__vbaUI1Var
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 56KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/uservar.ini
-
ˮ䰴СV1.6/ʹ˵.doc.doc windows office2003
-
ˮ䰴СV1.6/ʹ˵.txt
-
ˮ䰴СV1.6/ˮ䰴СV1.6.exe.exe windows:4 windows x86 arch:x86
58adec749d9306ad4e94436543797071
Code Sign
42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before25/04/2007, 00:00Not After09/07/2019, 18:40SubjectCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before09/07/1999, 18:31Not After09/07/2019, 18:40SubjectCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
03:b3:e8:07:89:fe:e6:ab:e9:3d:d9:72:81:7e:53:f8Certificate
IssuerCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USNot Before13/01/2010, 00:00Not After13/01/2011, 23:59SubjectCN=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,OU=Class 3 - for Microsoft Authenticode Signing,O=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,L=Fuzhou,ST=Fujian,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageDigitalSignature
43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before30/04/2007, 00:00Not After29/04/2012, 23:59SubjectCN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord6061
ord5864
ord3596
ord640
ord6194
ord1640
ord323
ord2405
ord5785
ord1175
ord2096
ord2408
ord5860
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord1644
ord1146
ord5572
ord2919
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord491
ord1907
ord4258
ord489
ord768
ord283
ord4478
ord4267
ord2450
ord1908
ord4406
ord3729
ord1690
ord2528
ord5288
ord4439
ord2054
ord4431
ord771
ord804
ord4259
ord4284
ord4715
ord2370
ord6334
ord6877
ord1572
ord1199
ord2575
ord4396
ord3574
ord609
ord556
ord801
ord809
ord2122
ord2639
ord2862
ord3996
ord1168
ord3302
ord2817
ord2065
ord5829
ord3726
ord541
ord3716
ord790
ord2301
ord2358
ord6111
ord926
ord2642
ord3610
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord656
ord4299
ord859
ord5053
ord4774
ord5981
ord6270
ord613
ord289
ord6358
ord1088
ord4203
ord6449
ord2727
ord6467
ord2730
ord2729
ord1568
ord1180
ord6380
ord3698
ord765
ord2086
ord6283
ord6282
ord6153
ord5645
ord5583
ord6385
ord2393
ord3790
ord2784
ord4278
ord3089
ord2860
ord3797
ord1200
ord1158
ord6883
ord879
ord2740
ord882
ord2801
ord6143
ord1802
ord1934
ord1935
ord6662
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord4046
ord2145
ord2144
ord6225
ord5231
ord5247
ord2132
ord4601
ord2621
ord1205
ord1134
ord824
ord5435
ord1683
ord1673
ord2628
ord5980
ord2641
ord4122
ord6214
ord6196
ord4298
ord5948
ord3088
ord3875
ord3872
ord3871
ord6198
ord4286
ord4283
ord3137
ord3796
ord5719
ord6092
ord3524
ord4032
ord6095
ord4035
ord2549
ord2433
ord3353
ord3579
ord426
ord726
ord826
ord2820
ord498
ord755
ord470
ord5637
ord5849
ord3475
ord4287
ord2109
ord1008
ord6928
ord4476
ord284
ord6453
ord798
ord1997
ord6407
ord5194
ord533
ord4400
ord3630
ord3706
ord5786
ord2582
ord4402
ord3370
ord3640
ord693
ord682
ord4243
ord6907
ord5861
ord3998
ord6007
ord3286
ord6675
ord6888
ord2244
ord5571
ord4981
ord4499
ord1949
ord4034
ord5579
ord5736
ord5678
ord5794
ord5789
ord5873
ord6172
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord3619
ord1641
ord2614
ord5788
ord2567
ord2414
ord6215
ord6197
ord800
ord2764
ord539
ord5030
ord4242
ord2688
ord4275
ord3663
ord6055
ord4078
ord4277
ord5875
ord3626
ord3693
ord3573
ord3571
ord2859
ord5606
ord2863
ord4083
ord6142
ord2438
ord3654
ord2584
ord4220
ord1862
ord500
ord3701
ord772
ord1574
ord1099
ord1776
ord686
ord384
ord4160
ord2302
ord795
ord3721
ord6394
ord6383
ord5440
ord5450
ord2379
ord3301
ord6930
ord5710
ord4129
ord6927
ord2777
ord6569
ord4853
ord4710
ord3092
ord6242
ord6696
ord6905
ord3874
ord4234
ord324
ord542
ord3597
ord4425
ord5280
ord1775
ord6052
ord4998
ord4376
ord5265
ord353
ord6010
ord2514
ord802
ord641
ord2763
ord5683
ord6648
ord1768
ord537
ord6199
ord6880
ord465
ord857
ord535
ord4467
ord2135
ord366
ord2092
ord674
ord3402
ord3623
ord4427
ord5252
ord4436
ord1665
ord2649
ord5282
ord5237
ord4077
ord4151
ord4407
ord2878
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord1988
ord5953
ord3957
ord326
ord3361
ord2827
ord3138
ord683
ord2243
ord3226
ord3631
ord1233
ord6663
ord911
ord3435
ord4187
ord4185
ord909
ord3437
ord396
ord3937
ord698
ord696
ord394
ord2136
ord3005
ord3528
ord5278
ord5500
ord6354
ord462
ord1770
ord2726
ord817
ord565
ord5715
ord4699
ord5303
ord1948
ord1601
ord6462
ord743
ord446
ord4003
ord2486
ord4226
ord290
ord2623
ord614
ord1799
ord559
ord5610
ord5862
ord6144
ord812
ord2765
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord5103
ord5100
ord3059
ord2390
ord2723
ord5290
ord389
ord268
ord5207
ord1567
ord690
ord2107
ord3811
ord860
ord5216
ord3758
ord3408
ord3227
ord3054
ord3425
ord3880
ord551
ord2818
ord939
ord354
ord922
msvcrt
strlen
memset
strrchr
isupper
_pctype
_isctype
__mb_cur_max
toupper
??8type_info@@QBEHABV0@@Z
_setmbcp
_snprintf
mbstowcs
_wcslwr
wcsstr
isxdigit
printf
strncmp
_iob
fprintf
calloc
realloc
_strdup
_tempnam
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_mbsnbicmp
_mbspbrk
_ismbcspace
tolower
_mbschr
isspace
_mbstok
_mbsicmp
qsort
_stricmp
atoi
sscanf
__CxxFrameHandler
srand
time
_mbscmp
rand
_itoa
_strnicmp
fputc
fclose
fgetc
fseek
fopen
_getch
__set_app_type
fgets
free
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
_except_handler3
strncpy
fwrite
_splitpath
isprint
islower
isalnum
_mbsstr
strstr
strchr
isalpha
isdigit
sprintf
atol
_mbsnbcpy
_purecall
memmove
_ftol
wcslen
wcscpy
malloc
ftell
rewind
fread
kernel32
GetSystemInfo
VirtualQuery
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
VirtualFree
ReleaseMutex
IsDBCSLeadByte
ReadProcessMemory
OutputDebugStringA
GetCurrentThread
SuspendThread
OpenEventA
CreateMutexA
GlobalSize
CopyFileA
FormatMessageA
LocalAlloc
GetFileSize
ReadFile
GlobalFree
GetACP
VirtualProtect
LeaveCriticalSection
EnterCriticalSection
PulseEvent
GlobalReAlloc
GetStartupInfoA
OpenProcess
VirtualProtectEx
ResumeThread
MoveFileA
OpenMutexA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileAttributesA
SizeofResource
SetCurrentDirectoryA
MultiByteToWideChar
GetSystemDirectoryA
InterlockedDecrement
GetModuleFileNameA
GetTempFileNameA
GetProfileStringA
GetPrivateProfileStringA
WriteProfileStringA
CreateFileA
DeviceIoControl
GetProcAddress
CompareStringA
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcpynA
GetProcessHeap
HeapAlloc
HeapFree
CreateThread
GetExitCodeThread
GetLastError
CreateEventA
CloseHandle
Sleep
GetModuleHandleA
GetCurrentProcess
SetPriorityClass
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
GetVersionExA
CreateProcessA
WaitForSingleObject
GetTempPathA
CreateDirectoryA
DeleteFileA
IsBadReadPtr
SetFileAttributesA
MoveFileExA
GetTickCount
SetUnhandledExceptionFilter
Module32Next
Module32First
CreateToolhelp32Snapshot
SleepEx
TerminateThread
FileTimeToSystemTime
SetFilePointer
GetFileInformationByHandle
WriteFile
SystemTimeToFileTime
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
InterlockedCompareExchange
InterlockedExchange
LocalFree
DeleteCriticalSection
InitializeCriticalSection
TlsAlloc
SetEnvironmentVariableA
TlsSetValue
SetEvent
ResetEvent
Beep
IsDebuggerPresent
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentDirectoryA
GetFileAttributesExA
InterlockedIncrement
GetCurrentThreadId
WideCharToMultiByte
GetCurrentProcessId
user32
EmptyClipboard
SetClipboardData
CloseClipboard
GetCapture
CheckMenuItem
keybd_event
UnregisterHotKey
RegisterHotKey
SendInput
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetGUIThreadInfo
GetWindowThreadProcessId
UnregisterClassA
SetCursorPos
MapVirtualKeyA
OpenClipboard
GetAsyncKeyState
GetWindowDC
ShowScrollBar
DrawFrameControl
GetClassInfoA
DefWindowProcA
BringWindowToTop
LockWindowUpdate
UpdateWindow
GetFocus
IsRectEmpty
RegisterWindowMessageA
LoadStringA
EnumWindows
ShowWindow
PostThreadMessageA
RegisterClassA
GetForegroundWindow
EnumDisplaySettingsA
CreateWindowExA
GetMessageA
TranslateMessage
ClipCursor
DispatchMessageA
GetCursorPos
ScreenToClient
IsIconic
DrawIcon
LoadIconA
LoadMenuA
LoadCursorA
CopyIcon
PtInRect
ReleaseCapture
SetCapture
wsprintfA
SetForegroundWindow
SetActiveWindow
MessageBoxA
SetWindowTextA
LoadImageA
GetIconInfo
DrawStateA
FrameRect
InflateRect
OffsetRect
DrawFocusRect
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetNextDlgTabItem
IsMenu
GetWindowLongA
DestroyCursor
PostQuitMessage
GetDlgCtrlID
GrayStringA
TabbedTextOutA
GetSubMenu
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
SendMessageA
EnableWindow
IsWindow
GetParent
RedrawWindow
SystemParametersInfoA
SetWindowLongA
SetWindowPos
KillTimer
SetTimer
PostMessageA
GetDesktopWindow
IsWindowVisible
GetWindowRect
GetClientRect
gdi32
CreateCompatibleBitmap
GetTextExtentPoint32W
GetTextExtentPoint32A
Ellipse
DeleteObject
BitBlt
SelectObject
CreateDIBSection
SetPixel
CreateCompatibleDC
GetObjectA
PatBlt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Rectangle
Escape
GetStockObject
SetTextColor
SetBkColor
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
GetDeviceCaps
GetBkColor
GetPixel
SetDIBits
GetDIBits
CreateDCA
GetCurrentObject
DeleteDC
CreateRectRgn
CreateRectRgnIndirect
CreateBitmap
advapi32
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegQueryValueA
RegQueryValueExA
ControlService
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
DeleteService
OpenServiceA
StartServiceA
shell32
Shell_NotifyIconA
SHGetSpecialFolderPathA
ShellExecuteA
ShellExecuteExA
comctl32
ImageList_Draw
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_GetImageCount
ole32
ProgIDFromCLSID
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
CoTaskMemFree
CoInitializeEx
OleRun
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitialize
StringFromCLSID
oleaut32
SysFreeString
VariantClear
VariantInit
SysAllocString
VariantCopy
SafeArrayCreateVector
SafeArrayPutElement
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
LoadTypeLi
GetErrorInfo
urlmon
URLDownloadToFileA
shlwapi
SHDeleteKeyA
ws2_32
setsockopt
WSASocketA
WSAGetLastError
WSAWaitForMultipleEvents
WSAEventSelect
shutdown
WSARecv
WSAEnumNetworkEvents
htonl
closesocket
ntohs
ntohl
htons
gethostbyname
inet_ntoa
inet_addr
WSAConnect
WSASend
psapi
EnumProcessModules
rpcrt4
RpcStringFreeA
UuidToStringA
UuidCreate
imagehlp
MakeSureDirectoryPathExists
wininet
InternetSetOptionA
uxtheme
SetThemeAppProperties
winmm
timeGetTime
PlaySoundA
msvcp60
?what@runtime_error@std@@UBEPBDXZ
??1logic_error@std@@UAE@XZ
??0bad_exception@std@@QAE@ABV01@@Z
??1bad_exception@std@@UAE@XZ
??_7bad_exception@std@@6B@
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??_7runtime_error@std@@6B@
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xlen@std@@YAXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1locale@std@@QAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
?clear@ios_base@std@@QAEXH_N@Z
?_Stinit@?1??_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@23@@Z@4HA
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
??_7?$basic_ifstream@DU?$char_traits@D@std@@@std@@6B@
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
??0locale@std@@QAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_8?$basic_ifstream@DU?$char_traits@D@std@@@std@@7B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?what@logic_error@std@@UBEPBDXZ
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7logic_error@std@@6B@
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0runtime_error@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?_Doraise@runtime_error@std@@MBEXXZ
Exports
Exports
?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B
ANTLR3_TREE_ADAPTORDebugNew
ANTLR3_TREE_ADAPTORNew
QMScriptLexerNew
QMScriptLexerNewSSD
QMScriptParserNew
QMScriptParserNewSSD
antlr3ArboretumNew
antlr3BaseRecognizerNew
antlr3BaseTreeAdaptorInit
antlr3BaseTreeNew
antlr3BitsetCopy
antlr3BitsetList
antlr3BitsetLoad
antlr3BitsetNew
antlr3BitsetOf
antlr3BitsetSetAPI
antlr3CommonTokenDebugStreamSourceNew
antlr3CommonTokenNew
antlr3CommonTokenStreamNew
antlr3CommonTokenStreamSourceNew
antlr3CommonTreeNew
antlr3CommonTreeNewFromToken
antlr3EnumNew
antlr3ExceptionNew
antlr3Hash
antlr3HashTableNew
antlr3IntStreamNew
antlr3IntTrieNew
antlr3LexerNew
antlr3LexerNewStream
antlr3ListNew
antlr3MTExceptionNew
antlr3NewAsciiStringCopyStream
antlr3NewAsciiStringInPlaceStream
antlr3NewUCS2StringInPlaceStream
antlr3ParserNew
antlr3ParserNewStream
antlr3ParserNewStreamDbg
antlr3RecognitionExceptionNew
antlr3RewriteRuleNODEStreamNewAE
antlr3RewriteRuleNODEStreamNewAEE
antlr3RewriteRuleNODEStreamNewAEV
antlr3RewriteRuleSubtreeStreamNewAE
antlr3RewriteRuleSubtreeStreamNewAEE
antlr3RewriteRuleSubtreeStreamNewAEV
antlr3RewriteRuleTOKENStreamNewAE
antlr3RewriteRuleTOKENStreamNewAEE
antlr3RewriteRuleTOKENStreamNewAEV
antlr3SetCTAPI
antlr3SetTokenAPI
antlr3SetVectorApi
antlr3StackNew
antlr3StringFactoryNew
antlr3TokenFactoryNew
antlr3TokenStreamNew
antlr3TopoNew
antlr3UCS2StringFactoryNew
antlr3VectorFactoryNew
antlr3VectorNew
antlr3dfapredict
antlr3dfaspecialStateTransition
antlr3dfaspecialTransition
fillBufferExt
Sections
.text Size: 728KB - Virtual size: 724KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 328KB - Virtual size: 327KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 132KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024KB - Virtual size: 1020KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/ע˵.doc.doc windows office2003
-
ˮ䰴СV1.6/鿴.url.url
-
ˮ䰴СV1.6/治ʾ.exe.exe windows:4 windows x86 arch:x86
e30d9b57257e7e21d37f260bb4883beb
Code Sign
42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before25/04/2007, 00:00Not After09/07/2019, 18:40SubjectCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before09/07/1999, 18:31Not After09/07/2019, 18:40SubjectCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
03:b3:e8:07:89:fe:e6:ab:e9:3d:d9:72:81:7e:53:f8Certificate
IssuerCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USNot Before13/01/2010, 00:00Not After13/01/2011, 23:59SubjectCN=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,OU=Class 3 - for Microsoft Authenticode Signing,O=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,L=Fuzhou,ST=Fujian,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageDigitalSignature
43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before30/04/2007, 00:00Not After29/04/2012, 23:59SubjectCN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
_CIcos
_adj_fptan
__vbaVarMove
__vbaAryMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
ord525
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaStrCmp
__vbaPutOwner3
__vbaVarTstEq
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
__vbaVar2Vec
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaStrToAnsi
__vbaVarDup
ord616
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
Sections
.text Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 124KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ˮ䰴СV1.6/ƽⲹ.reg
-
ˮ䰴СV1.6/.txt