Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Overview
overview
7Static
static
301dba59ef2...fN.exe
windows7-x64
301dba59ef2...fN.exe
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3Core/Progr...aX.dll
windows7-x64
3Core/Progr...aX.dll
windows10-2004-x64
3Core/Program/KKV.exe
windows7-x64
3Core/Program/KKV.exe
windows10-2004-x64
3Core/Progr...er.dll
windows7-x64
7Core/Progr...er.dll
windows10-2004-x64
7Core/Progr...64.dll
windows7-x64
7Core/Progr...64.dll
windows10-2004-x64
7Core/Progr...eX.dll
windows7-x64
3Core/Progr...eX.dll
windows10-2004-x64
3Uninstall.exe
windows7-x64
7Uninstall.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
01dba59ef25dd088e488ef6395ab00c7478280a55dc825d93e4d1bdb8ae93a4fN.exe
Resource
win7-20240903-en
windows7-x64
2 signatures
120 seconds
Behavioral task
behavioral2
Sample
01dba59ef25dd088e488ef6395ab00c7478280a55dc825d93e4d1bdb8ae93a4fN.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
120 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
120 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
120 seconds
Behavioral task
behavioral5
Sample
Core/Program/DataX.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
120 seconds
Behavioral task
behavioral6
Sample
Core/Program/DataX.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
120 seconds
Behavioral task
behavioral7
Sample
Core/Program/KKV.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
120 seconds
Behavioral task
behavioral8
Sample
Core/Program/KKV.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
120 seconds
Behavioral task
behavioral9
Sample
Core/Program/KKVIconHandler.dll
Resource
win7-20240708-en
windows7-x64
4 signatures
120 seconds
Behavioral task
behavioral10
Sample
Core/Program/KKVIconHandler.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
120 seconds
Behavioral task
behavioral11
Sample
Core/Program/KKVIconHandler64.dll
Resource
win7-20240729-en
windows7-x64
3 signatures
120 seconds
Behavioral task
behavioral12
Sample
Core/Program/KKVIconHandler64.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
120 seconds
Behavioral task
behavioral13
Sample
Core/Program/KKVUpdateX.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
120 seconds
Behavioral task
behavioral14
Sample
Core/Program/KKVUpdateX.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
120 seconds
Behavioral task
behavioral15
Sample
Uninstall.exe
Resource
win7-20240903-en
windows7-x64
8 signatures
120 seconds
Behavioral task
behavioral16
Sample
Uninstall.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
7 signatures
120 seconds
Behavioral task
behavioral17
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
120 seconds
Behavioral task
behavioral18
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240910-en
windows10-2004-x64
3 signatures
120 seconds
General
-
Target
01dba59ef25dd088e488ef6395ab00c7478280a55dc825d93e4d1bdb8ae93a4fN
-
Size
2.6MB
-
MD5
0020f416bf90f5bbc794364248d0e2f0
-
SHA1
4899759735af52749ebf7f47bd8bb8e0bdc9b553
-
SHA256
01dba59ef25dd088e488ef6395ab00c7478280a55dc825d93e4d1bdb8ae93a4f
-
SHA512
d0071aec9d1dac76a2560dc996c1f4fc60e89ced7221061e3da2d2a24bd4860b8eef180dd6bfe6ba50e1daaac4747f5da4170b2fd96c311a3c0a55d9d6a643c7
-
SSDEEP
49152:6U6kkXw7OacqPYaTGQPrzUzD1navtl0m+9r2:6U6kkipT9PrzIpajjp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource 01dba59ef25dd088e488ef6395ab00c7478280a55dc825d93e4d1bdb8ae93a4fN unpack001/$PLUGINSDIR/System.dll unpack002/$PLUGINSDIR/System.dll
Files
-
01dba59ef25dd088e488ef6395ab00c7478280a55dc825d93e4d1bdb8ae93a4fN.exe windows:5 windows x86 arch:x86
bf95d1fc1d10de18b32654b123ad5e1f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW
user32
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation
advapi32
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 409KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 852KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:5 windows x86 arch:x86
6c41c5e4d44f55745b925cc4e42b7fab
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary
user32
wsprintfW
ole32
CLSIDFromString
StringFromGUID2
Exports
Exports
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 899B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 64B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 574B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-header.bmp
-
Core/Program/DataX.dll.dll regsvr32 windows:5 windows x86 arch:x86
677f2f72a153a3c376cbf064200e9fe5
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0c:ff:7b:32:9c:ff:7f:3b:8d:2d:54:2a:b2:58:26:baCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before18/09/2013, 00:00Not After23/06/2015, 23:59SubjectCN=ShenZhen Thunder Networking Technologies Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Operate,O=ShenZhen Thunder Networking Technologies Ltd.,L=Shenzhen,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:f3:e8:0e:63:b8:d1:30:3d:26:15:56:98:4b:6b:29:b6:f1:e6:78Signer
Actual PE Digest7b:f3:e8:0e:63:b8:d1:30:3d:26:15:56:98:4b:6b:29:b6:f1:e6:78Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
d:\work\xmp\DataX\trunk\bin\VC9\DataX.pdb
Imports
kernel32
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
EnterCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetSystemTimeAsFileTime
lstrlenW
GetModuleFileNameW
OutputDebugStringW
LoadLibraryExW
EnumResourceNamesW
FreeLibrary
LoadResource
LockResource
SizeofResource
QueryPerformanceCounter
FindResourceW
user32
CharNextW
ole32
CoCreateInstance
oleaut32
SysAllocString
SysFreeString
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
LoadTypeLi
SysStringLen
VarBstrCmp
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantInit
VariantCopy
SysAllocStringLen
atl90
ord58
ord61
ord23
ord31
ord32
ord68
ord56
ord49
ord64
ord15
shlwapi
PathRemoveFileSpecW
PathFileExistsW
msvcp90
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
msvcr90
__CppXcptFilter
_adjust_fdiv
_initterm_e
_initterm
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_amsg_exit
_encoded_null
??3@YAXPAX@Z
??_V@YAXPAX@Z
__CxxFrameHandler3
_CxxThrowException
wcscat
memcpy_s
_wtol
memcpy
memcmp
free
??2@YAPAXI@Z
_invalid_parameter_noinfo
wcscmp
_purecall
memset
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
_vscwprintf
vswprintf_s
wcsncpy_s
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Core/Program/KKV.exe.exe windows:5 windows x86 arch:x86
7896f2dee9c41a0ea58ad87e790d4ed1
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13/04/2011, 10:00Not After13/04/2019, 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:ba:68:7c:67:44:3a:0e:08:04:29:6c:b3:9a:71:c2:ecCertificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before17/09/2013, 01:17Not After18/09/2014, 01:17SubjectCN=ShenZhen Xunlei Networking Technologies Ltd.,OU=operate dept,O=ShenZhen Xunlei Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
a8:17:79:7b:26:c1:93:2e:0d:45:bb:de:a7:5f:09:16:4d:c8:7d:dfSigner
Actual PE Digesta8:17:79:7b:26:c1:93:2e:0d:45:bb:de:a7:5f:09:16:4d:c8:7d:dfDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
c:\svn\xmp\xmp5\app\KKVideo\trunk\Symbols\ProductRelease\KKV\KKV.pdb
Imports
kernel32
DeleteFileW
CloseHandle
FlushFileBuffers
WritePrivateProfileStringW
WriteFile
SetFilePointer
GetTempPathA
CreateDirectoryA
GetFileAttributesA
CreateDirectoryW
GetFileAttributesW
OutputDebugStringW
TlsGetValue
GetCurrentThreadId
GetLocalTime
TlsSetValue
FindFirstChangeNotificationW
FindClose
FindNextFileW
FindFirstFileW
WritePrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileStringA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GetPrivateProfileStringW
MoveFileW
CopyFileW
FindCloseChangeNotification
WaitForSingleObject
ReleaseMutex
InterlockedExchangeAdd
InitializeCriticalSection
ExitProcess
MapViewOfFile
CreateFileMappingW
CreateMutexW
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
TerminateProcess
VirtualQuery
LoadLibraryW
GetSystemInfo
FreeLibrary
UnmapViewOfFile
DeleteCriticalSection
TlsFree
GetProcAddress
GetCommandLineW
RaiseException
OpenProcess
GetModuleHandleW
CreateProcessW
GetTempPathW
CreateThread
SetCurrentDirectoryW
GetCurrentDirectoryW
DuplicateHandle
SetEvent
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
SetEnvironmentVariableW
FlushInstructionCache
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetVolumeInformationA
GetSystemDirectoryA
GetModuleFileNameA
IsBadCodePtr
lstrcatA
lstrcpyA
DeviceIoControl
GetCurrentProcess
CreateFileW
CreateFileA
SetPriorityClass
GetVersionExA
GetModuleFileNameW
GetLastError
InterlockedIncrement
SetLastError
lstrcmpiW
GetEnvironmentVariableW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
InterlockedExchange
InterlockedDecrement
TlsAlloc
Sleep
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InterlockedCompareExchange
user32
CharLowerBuffW
MessageBoxW
GetWindowLongW
SetWindowLongW
PeekMessageW
PostQuitMessage
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
DefWindowProcW
CharNextW
UnregisterClassA
DestroyWindow
CreateWindowExW
CallWindowProcW
LoadCursorW
GetClassInfoExW
RegisterClassExW
advapi32
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
shell32
CommandLineToArgvW
ord165
SHGetFolderPathW
SHGetSpecialFolderPathA
ole32
CoUninitialize
CoInitialize
CoTaskMemFree
StringFromIID
CoTaskMemRealloc
CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemAlloc
oleaut32
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VarBstrCmp
VarUI4FromStr
shlwapi
PathAppendW
PathAddBackslashW
PathFileExistsW
PathRemoveExtensionW
PathRemoveFileSpecW
StrStrIW
PathRemoveBackslashW
PathFindExtensionW
PathIsDirectoryW
PathFindFileNameW
comctl32
InitCommonControlsEx
msvcp90
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@0@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
iphlpapi
GetAdaptersInfo
msvcr90
_wsplitpath
wcsncpy
_snprintf
strstr
_invalid_parameter_noinfo
_wtoi
strncat
strncpy
wcstok
_wstat64i32
strtok
strncmp
malloc
free
_wtol
calloc
_recalloc
tolower
wcsncpy_s
memset
memcpy
__CxxFrameHandler3
_time64
sprintf
rand
srand
strlen
memcmp
_CxxThrowException
isprint
isspace
isalnum
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_snwprintf
memmove_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
_vsnwprintf
wcsstr
_wcsicmp
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
swprintf_s
??_V@YAXPAX@Z
??2@YAPAXI@Z
memcpy_s
??3@YAXPAX@Z
_itoa
Sections
.text Size: 132KB - Virtual size: 131KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Core/Program/KKVIconHandler.dll.dll regsvr32 windows:5 windows x86 arch:x86
9b29afc825b34ac57fd5574c478aaa24
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13/04/2011, 10:00Not After13/04/2019, 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:ba:68:7c:67:44:3a:0e:08:04:29:6c:b3:9a:71:c2:ecCertificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before17/09/2013, 01:17Not After18/09/2014, 01:17SubjectCN=ShenZhen Xunlei Networking Technologies Ltd.,OU=operate dept,O=ShenZhen Xunlei Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
a3:41:ec:47:eb:09:3e:6b:b7:dc:91:0c:a9:ff:cd:10:a3:26:89:bbSigner
Actual PE Digesta3:41:ec:47:eb:09:3e:6b:b7:dc:91:0c:a9:ff:cd:10:a3:26:89:bbDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\svn\xmp\xmp5\app\KKVideo\trunk\Symbols\ProductRelease\KKVIconHandler\KKVIconHandler.pdb
Imports
gdiplus
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectI
GdipCreateHICONFromBitmap
GdipDrawImageRectRectI
GdipSetSmoothingMode
GdipCreateFromHDC
GdipCloneImage
GdipDrawImageRect
GdipDrawImage
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapGetPixel
GdiplusStartup
kernel32
GetProcAddress
GetModuleHandleW
InterlockedExchangeAdd
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
GlobalFree
GlobalUnlock
MultiByteToWideChar
GetModuleFileNameW
CreateDirectoryA
GetFileAttributesA
CreateDirectoryW
GetFileAttributesW
FindClose
FindNextFileW
DeleteFileW
GetLastError
FindFirstFileW
OutputDebugStringW
GetCurrentThreadId
GlobalLock
GlobalAlloc
FlushFileBuffers
WritePrivateProfileStringW
SetFilePointer
WriteFile
GetTempPathA
CreateFileW
WritePrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
CopyFileW
MoveFileW
InitializeCriticalSection
MapViewOfFile
ReleaseMutex
CreateFileMappingW
WaitForSingleObject
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
FindCloseChangeNotification
WideCharToMultiByte
GetLocalTime
TlsGetValue
TlsAlloc
LoadLibraryW
GetSystemInfo
FreeLibrary
UnmapViewOfFile
InterlockedDecrement
TlsFree
DeleteCriticalSection
lstrlenW
OpenProcess
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
FlushInstructionCache
GetVersionExW
SetLastError
lstrlenA
FormatMessageW
LocalFree
Thread32Next
Thread32First
CreateToolhelp32Snapshot
lstrcmpiW
ExpandEnvironmentStringsW
lstrcmpW
lstrcpynA
Sleep
CreateProcessW
GetCommandLineW
GetTempPathW
LoadLibraryExW
InterlockedIncrement
SetThreadLocale
GetThreadLocale
DisableThreadLibraryCalls
MoveFileExW
RaiseException
GetCurrentThread
VirtualAlloc
VirtualFree
ResumeThread
GetThreadContext
SuspendThread
OpenThread
SetThreadPriority
GetThreadPriority
VirtualProtectEx
CloseHandle
GetTickCount
GetCurrentProcessId
CreateMutexW
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
HeapDestroy
HeapReAlloc
HeapSize
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
FindFirstChangeNotificationW
user32
UnregisterClassA
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
CharNextW
CharLowerBuffW
OffsetRect
UpdateLayeredWindow
ShowWindow
ReleaseDC
GetWindowDC
SetWindowPos
GetWindow
IsWindowVisible
CreatePopupMenu
DestroyMenu
AppendMenuW
TrackPopupMenu
EqualRect
CopyRect
RegisterWindowMessageW
GetClassNameW
GetParent
FindWindowExW
GetUpdateRgn
IsRectEmpty
GetWindowRect
GetCursorPos
FindWindowW
InvalidateRect
WindowFromPoint
MapWindowPoints
InflateRect
IsWindowUnicode
ClientToScreen
TrackMouseEvent
PtInRect
GetShellWindow
GetWindowThreadProcessId
CallWindowProcW
DestroyWindow
KillTimer
SetTimer
PostMessageW
SendMessageW
GetWindowLongW
SetRectEmpty
RegisterClassExW
DefWindowProcW
CreateWindowExW
wsprintfW
LoadCursorW
GetClassInfoExW
IsWindow
SetWindowLongW
MessageBoxW
GetSystemMetrics
gdi32
GetRegionData
DeleteObject
SelectObject
CreateDIBSection
GetRgnBox
CreateCompatibleDC
RectInRegion
SetRectRgn
GetObjectType
DeleteDC
CreateRectRgn
advapi32
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
shell32
ord680
SHCreateDirectoryExW
CommandLineToArgvW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathW
ord165
SHFileOperationW
ole32
CoInitialize
CoTaskMemFree
StringFromIID
DoDragDrop
OleDuplicateData
CoCreateInstance
CLSIDFromString
CoUninitialize
oleaut32
SafeArrayRedim
SafeArrayGetUBound
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayCreate
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VarBstrCat
VarBstrCmp
SafeArrayGetLBound
atl90
ord43
ord44
ord15
ord64
ord23
ord61
ord68
ord32
ord49
ord56
shlwapi
PathAppendW
PathFileExistsW
StrToIntExW
PathFindFileNameW
PathFindExtensionW
StrCmpNIW
StrStrIW
PathCanonicalizeW
ord12
PathRemoveFileSpecW
PathRemoveBackslashW
PathAddBackslashW
StrCpyNW
StrCmpIW
PathIsDirectoryW
PathCombineW
PathRelativePathToW
urlmon
URLDownloadToCacheFileW
msvcp90
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
msvcr90
_wstat64i32
_vsnwprintf
_vswprintf
memcpy_s
_purecall
swprintf_s
??_V@YAXPAX@Z
wcsnlen
memmove_s
wcsncpy_s
free
calloc
_recalloc
malloc
_itow
_time64
_wassert
memmove
__iob_func
fflush
??3@YAXPAX@Z
__CxxFrameHandler3
memset
_snwprintf
rand
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
srand
strstr
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
_wsplitpath
wcsncpy
memcpy
_wtoi
strncmp
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
strncpy
_snprintf
strtok
strncat
wcstok
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
printf
_wcsicmp
Exports
Exports
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KKVLaunchShell
LaunchKKVideoWithFix
ReRegisterServerDirect
RegisterServerDirect
UnRegisterServerDirect
Sections
.text Size: 360KB - Virtual size: 359KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 124KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 155KB - Virtual size: 165KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Core/Program/KKVIconHandler64.dll.dll regsvr32 windows:5 windows x64 arch:x64
29a31b32943843e156f38ea05905adb4
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13/04/2011, 10:00Not After13/04/2019, 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:ba:68:7c:67:44:3a:0e:08:04:29:6c:b3:9a:71:c2:ecCertificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before17/09/2013, 01:17Not After18/09/2014, 01:17SubjectCN=ShenZhen Xunlei Networking Technologies Ltd.,OU=operate dept,O=ShenZhen Xunlei Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
1b:de:c7:75:bf:14:0f:10:e5:c5:20:9e:cb:bf:41:3a:eb:de:80:beSigner
Actual PE Digest1b:de:c7:75:bf:14:0f:10:e5:c5:20:9e:cb:bf:41:3a:eb:de:80:beDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
c:\svn\xmp\xmp5\app\KKVideo\trunk\Symbols\ProductRelease\KKVIconHandler\x64\KKVIconHandler.pdb
Imports
gdiplus
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipBitmapGetPixel
GdipGetImageEncodersSize
GdipDrawImageRectI
GdipCreateHICONFromBitmap
GdipDrawImageRectRectI
GdipSetSmoothingMode
GdipCreateFromHDC
GdipCloneImage
GdipDrawImageRect
GdipDrawImage
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdiplusStartup
kernel32
LCMapStringA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
GetTickCount64
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualQuery
GlobalFree
GlobalUnlock
GetModuleFileNameW
CreateDirectoryA
GetFileAttributesA
CreateDirectoryW
GetFileAttributesW
CloseHandle
CreateMutexW
GetCurrentProcessId
GetTickCount
OutputDebugStringW
GetCurrentThreadId
WideCharToMultiByte
FindClose
FindNextFileW
GetLastError
DeleteFileW
FindFirstFileW
GlobalLock
GlobalAlloc
FlushFileBuffers
WritePrivateProfileStringW
WriteFile
SetFilePointer
GetTempPathA
CreateFileW
WritePrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileStringA
GetPrivateProfileStringW
CopyFileW
MoveFileW
FindCloseChangeNotification
WaitForSingleObject
FindFirstChangeNotificationW
GetLocalTime
TlsSetValue
TlsGetValue
FreeLibrary
ReleaseMutex
UnmapViewOfFile
TlsFree
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
MapViewOfFile
CreateFileMappingW
ExitProcess
TerminateProcess
GetCurrentProcess
TlsAlloc
LoadLibraryW
GetSystemInfo
OpenProcess
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenW
FlushInstructionCache
GetVersionExW
lstrlenA
SetLastError
LCMapStringW
LocalFree
Thread32Next
Thread32First
CreateToolhelp32Snapshot
lstrcmpiW
ExpandEnvironmentStringsW
lstrcmpW
lstrcpynA
Sleep
CreateProcessW
GetCommandLineW
GetTempPathW
LoadLibraryExW
SetThreadLocale
GetThreadLocale
DisableThreadLibraryCalls
MoveFileExW
VirtualAlloc
VirtualFree
GetCurrentThread
ResumeThread
GetThreadContext
SuspendThread
OpenThread
SetThreadPriority
GetThreadPriority
VirtualProtectEx
FlsFree
FlsGetValue
DecodePointer
EncodePointer
GetCommandLineA
FlsSetValue
DebugBreak
GetStdHandle
GetFileType
WriteConsoleW
GetSystemTimeAsFileTime
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwindEx
RtlLookupFunctionEntry
FlsAlloc
RtlPcToFileHeader
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
GetProcessHeap
HeapAlloc
HeapFree
InterlockedPushEntrySList
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
GetModuleFileNameA
HeapSetInformation
HeapCreate
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FormatMessageW
GetCPInfo
user32
TrackPopupMenu
AppendMenuW
DestroyMenu
CreatePopupMenu
IsWindowVisible
UnregisterClassA
SetWindowPos
GetWindowDC
ReleaseDC
ShowWindow
UpdateLayeredWindow
OffsetRect
CharLowerBuffW
CharNextW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetSystemMetrics
EqualRect
CopyRect
RegisterWindowMessageW
GetClassNameW
GetParent
FindWindowExW
GetUpdateRgn
IsRectEmpty
GetWindowRect
GetCursorPos
InvalidateRect
WindowFromPoint
MapWindowPoints
InflateRect
IsWindowUnicode
ClientToScreen
PtInRect
FindWindowW
GetShellWindow
GetWindowThreadProcessId
GetWindowLongPtrW
CallWindowProcW
DestroyWindow
KillTimer
SetTimer
PostMessageW
SendMessageW
SetRectEmpty
CreateWindowExW
SetWindowLongPtrW
RegisterClassExW
DefWindowProcW
wsprintfW
LoadCursorW
GetClassInfoExW
IsWindow
MessageBoxW
TrackMouseEvent
GetWindow
gdi32
GetObjectType
SetRectRgn
RectInRegion
GetRegionData
DeleteObject
SelectObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
CreateRectRgn
GetRgnBox
advapi32
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryInfoKeyW
shell32
SHCreateDirectoryExW
SHFileOperationW
ord165
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
ord680
SHGetSpecialFolderPathW
ole32
CoInitialize
CoTaskMemFree
DoDragDrop
OleDuplicateData
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CLSIDFromString
CoUninitialize
oleaut32
SysStringByteLen
SafeArrayCreate
SafeArrayRedim
SafeArrayDestroy
LoadTypeLi
SafeArrayUnlock
SafeArrayLock
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
VarBstrCat
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
RegisterTypeLi
VarUI4FromStr
UnRegisterTypeLi
shlwapi
PathIsDirectoryW
PathAppendW
PathRelativePathToW
PathFileExistsW
PathFindFileNameW
PathCombineW
StrCmpIW
StrCpyNW
PathAddBackslashW
PathRemoveBackslashW
PathRemoveFileSpecW
ord12
PathCanonicalizeW
StrStrIW
StrCmpNIW
PathFindExtensionW
StrToIntExW
urlmon
URLDownloadToCacheFileW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
KKVLaunchShell
LaunchKKVideoWithFix
ReRegisterServerDirect
RegisterServerDirect
UnRegisterServerDirect
Sections
.text Size: 509KB - Virtual size: 509KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 170KB - Virtual size: 169KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 186KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Core/Program/KKVUpdateX.dll.dll windows:5 windows x86 arch:x86
3c9c2150949680eb2e78c50b19ca2fdc
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13/04/2011, 10:00Not After13/04/2019, 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:ba:68:7c:67:44:3a:0e:08:04:29:6c:b3:9a:71:c2:ecCertificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before17/09/2013, 01:17Not After18/09/2014, 01:17SubjectCN=ShenZhen Xunlei Networking Technologies Ltd.,OU=operate dept,O=ShenZhen Xunlei Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
8b:31:81:2c:a4:db:e7:02:75:0e:d0:72:b1:84:08:a1:0e:41:d0:e9Signer
Actual PE Digest8b:31:81:2c:a4:db:e7:02:75:0e:d0:72:b1:84:08:a1:0e:41:d0:e9Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\svn\xmp\xmp5\app\KKVideo\trunk\Symbols\ProductRelease\KKVUpdateX\KKVUpdateX.pdb
Imports
urlmon
URLDownloadToFileW
URLDownloadToCacheFileW
shlwapi
PathRemoveFileSpecW
PathAddBackslashW
PathFileExistsW
PathAppendW
PathCanonicalizeW
PathFindFileNameW
setupapi
SetupIterateCabinetW
kernel32
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
ExitProcess
CreateMutexW
FindFirstFileW
FindFirstChangeNotificationW
SetFilePointer
TlsGetValue
MapViewOfFile
UnmapViewOfFile
VirtualQuery
FreeLibrary
CreateProcessW
MoveFileExW
InterlockedDecrement
GetCurrentProcess
CreateDirectoryW
GlobalLock
WaitForSingleObject
FindCloseChangeNotification
OutputDebugStringW
GetModuleHandleW
GetTickCount
GetPrivateProfileStringW
WriteFile
InitializeCriticalSection
TlsSetValue
OpenProcess
GlobalAlloc
WideCharToMultiByte
LoadLibraryW
Sleep
CopyFileW
GetVersionExW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
TerminateProcess
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
lstrlenW
WritePrivateProfileStringW
GlobalUnlock
FlushFileBuffers
GetTempPathW
GetPrivateProfileIntW
CreateDirectoryA
GetLastError
GetProcAddress
MoveFileW
EnterCriticalSection
GlobalFree
FindClose
GetPrivateProfileStringA
GetLocalTime
Process32FirstW
InterlockedExchangeAdd
WritePrivateProfileStringA
CreateFileMappingW
Module32FirstW
GetSystemInfo
Process32NextW
lstrcatW
FindNextFileW
CreateToolhelp32Snapshot
DeleteCriticalSection
GetCurrentThreadId
Module32NextW
ReleaseMutex
TlsAlloc
CloseHandle
DeleteFileW
GetPrivateProfileSectionW
GetTempPathA
TlsFree
lstrcpyW
ExpandEnvironmentStringsW
GetPrivateProfileSectionNamesW
GetCurrentProcessId
user32
FindWindowW
wsprintfW
SendMessageTimeoutW
IsWindow
FindWindowExW
MessageBoxW
advapi32
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
shell32
SHGetFolderPathW
ord165
ole32
CoUninitialize
CoInitialize
StringFromIID
CoTaskMemFree
oleaut32
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString
msvcp90
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
psapi
GetModuleFileNameExW
msvcr90
_wcsupr
wcstok
??2@YAPAXI@Z
swscanf
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__CxxFrameHandler3
memcpy
memset
_CxxThrowException
memcpy_s
_itow
_vsnwprintf
_wsplitpath
??_V@YAXPAX@Z
_recalloc
??3@YAXPAX@Z
_wcsicmp
strncat
wcsncpy_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
strncmp
_wtoi
_snwprintf
free
calloc
strstr
wcsncpy
_snprintf
_wstat64i32
_wcslwr
_vswprintf
strncpy
_invalid_parameter_noinfo
strtok
Exports
Exports
KKVLaunchShell
KKVTest
KKVUpdateXar
Sections
.text Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Uninstall.exe.exe windows:5 windows x86 arch:x86
bf95d1fc1d10de18b32654b123ad5e1f
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:2f:4e:e1:35:5cCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before13/04/2011, 10:00Not After13/04/2019, 10:00SubjectCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
11:21:ba:68:7c:67:44:3a:0e:08:04:29:6c:b3:9a:71:c2:ecCertificate
IssuerCN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BENot Before17/09/2013, 01:17Not After18/09/2014, 01:17SubjectCN=ShenZhen Xunlei Networking Technologies Ltd.,OU=operate dept,O=ShenZhen Xunlei Networking Technologies Ltd.,L=ShenZhen,ST=GuangDong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
88:37:a5:82:b9:55:ab:da:a2:19:df:42:b2:23:fb:42:52:0e:6d:cbSigner
Actual PE Digest88:37:a5:82:b9:55:ab:da:a2:19:df:42:b2:23:fb:42:52:0e:6d:cbDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW
user32
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation
advapi32
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 409KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 756KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:5 windows x86 arch:x86
6c41c5e4d44f55745b925cc4e42b7fab
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary
user32
wsprintfW
ole32
CLSIDFromString
StringFromGUID2
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 899B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 64B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 574B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-header.bmp
-
$TEMP/KKV/Uninstall_2.1.1.119/uninstall.exe.nsis
-
Xar/KKVideo/basecontrol.xar
-
Xar/KKVideo/main.xar
-
Xar/KKVideo/plugins/searchbarplugin.xar
-
Xar/KKVideo/push.xar