D:\Works\MyProjects\UUPlayer\UUTV\Release\UUAP.pdb
Overview
overview
8Static
static
30ec885300e...18.exe
windows7-x64
30ec885300e...18.exe
windows10-2004-x64
3UUAP.exe
windows7-x64
3UUAP.exe
windows10-2004-x64
3UUBo_ActiveX.dll
windows7-x64
3UUBo_ActiveX.dll
windows10-2004-x64
3UUTV.exe
windows7-x64
3UUTV.exe
windows10-2004-x64
3partner/FI...26.exe
windows7-x64
3partner/FI...26.exe
windows10-2004-x64
3partner/Fu...48.exe
windows7-x64
6partner/Fu...48.exe
windows10-2004-x64
6partner/Ha...76.exe
windows7-x64
3partner/Ha...76.exe
windows10-2004-x64
3partner/IF...85.exe
windows7-x64
3partner/IF...85.exe
windows10-2004-x64
3partner/QI...14.exe
windows7-x64
8partner/QI...14.exe
windows10-2004-x64
8partner/fi...31.exe
windows7-x64
3partner/fi...31.exe
windows10-2004-x64
3partner/sh...09.exe
windows7-x64
6partner/sh...09.exe
windows10-2004-x64
6partner/si...54.exe
windows7-x64
3partner/si...54.exe
windows10-2004-x64
3player/NetAgent.dll
windows7-x64
3player/NetAgent.dll
windows10-2004-x64
3player/QvodNet.dll
windows7-x64
3player/QvodNet.dll
windows10-2004-x64
3player/Qvo...ia.dll
windows7-x64
3player/Qvo...ia.dll
windows10-2004-x64
3player/Qvo...al.exe
windows7-x64
player/Qvo...al.exe
windows10-2004-x64
Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
0ec885300e86aea81f4462e1653ea185_JaffaCakes118.exe
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
0ec885300e86aea81f4462e1653ea185_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
UUAP.exe
Resource
win7-20240708-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
UUAP.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral5
Sample
UUBo_ActiveX.dll
Resource
win7-20240729-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
UUBo_ActiveX.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
UUTV.exe
Resource
win7-20240704-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
UUTV.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
partner/FINSTALLERS_66_22926.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral10
Sample
partner/FINSTALLERS_66_22926.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral11
Sample
partner/FunLoader_C128248.exe
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral12
Sample
partner/FunLoader_C128248.exe
Resource
win10v2004-20240910-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral13
Sample
partner/HaoZipDown.206076.exe
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral14
Sample
partner/HaoZipDown.206076.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral15
Sample
partner/IFoxInstall_3.2.0.0-s-c203085.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral16
Sample
partner/IFoxInstall_3.2.0.0-s-c203085.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral17
Sample
partner/QIYILittle_02_14.exe
Resource
win7-20240903-en
windows7-x64
17 signatures
150 seconds
Behavioral task
behavioral18
Sample
partner/QIYILittle_02_14.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
20 signatures
150 seconds
Behavioral task
behavioral19
Sample
partner/filedown_239131.exe
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral20
Sample
partner/filedown_239131.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral21
Sample
partner/she1094809.exe
Resource
win7-20240903-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral22
Sample
partner/she1094809.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral23
Sample
partner/silentoi_39015028_54.exe
Resource
win7-20240708-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral24
Sample
partner/silentoi_39015028_54.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral25
Sample
player/NetAgent.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral26
Sample
player/NetAgent.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral27
Sample
player/QvodNet.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral28
Sample
player/QvodNet.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral29
Sample
player/QvodPlayMedia.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral30
Sample
player/QvodPlayMedia.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral31
Sample
player/QvodTerminal.exe
Resource
win7-20240729-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral32
Sample
player/QvodTerminal.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
0ec885300e86aea81f4462e1653ea185_JaffaCakes118
-
Size
2.5MB
-
MD5
0ec885300e86aea81f4462e1653ea185
-
SHA1
94873fca1e914a0f9e80d8fe212ef8c8909eb7ab
-
SHA256
a19993b2050530bfdfb86bbbe14a9d5b69b14be10e66b934dafb3999dec26f0c
-
SHA512
570769b4c7fd837879c73249a1ae5c58393dafece10dedc59ee1813f90d642bdddab13f39a9d65a7b310da655ba93027d08cf8de32d26926bb7c6b86575b19c8
-
SSDEEP
49152:gfZR3TvK+zMPu/12nYS1UNH6dVzucl1AsEqjzn7rY1XkG4tdjFAkfvx9uIU2:CZBvGq1qT1UNH6dRuO1JXvY0XdqXIU2
Score
3/10
Malware Config
Signatures
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource 0ec885300e86aea81f4462e1653ea185_JaffaCakes118 unpack001/UUAP.exe unpack001/UUBo_ActiveX.ocx unpack001/UUTV.exe unpack001/player/QvodTerminal.exe -
NSIS installer 2 IoCs
resource yara_rule sample nsis_installer_1 sample nsis_installer_2
Files
-
0ec885300e86aea81f4462e1653ea185_JaffaCakes118.exe windows:4 windows x86 arch:x86
099c0646ea7282d232219f8807883be0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA
user32
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 60KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-header.bmp
-
UUAP.exe.exe windows:5 windows x86 arch:x86
7a04eb326bb8d712caaa99f85d237637
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
SetEnvironmentVariableA
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
IsProcessorFeaturePresent
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
OutputDebugStringW
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
HeapReAlloc
RtlUnwind
DecodePointer
EncodePointer
HeapFree
VirtualQuery
GetSystemInfo
GetProcessHeap
HeapAlloc
GetStartupInfoW
HeapSetInformation
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetProfileIntW
SearchPathW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetFileSize
WriteConsoleW
CreateFileA
VirtualAlloc
GetConsoleMode
GetFileAttributesW
GetCurrentDirectoryW
GetSystemDirectoryW
GlobalGetAtomNameW
GlobalFlags
lstrlenA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
WaitForSingleObject
ResumeThread
SetThreadPriority
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
FileTimeToSystemTime
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
FreeResource
GetThreadLocale
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
WideCharToMultiByte
SetLastError
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
LoadLibraryW
ExitProcess
GetCommandLineW
WinExec
DeleteFileW
ExitThread
GetTempPathW
CreateThread
GetTickCount
TerminateThread
DeleteCriticalSection
lstrcmpiW
LockResource
GetProcAddress
GetLastError
RaiseException
MultiByteToWideChar
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
FreeLibrary
Sleep
lstrcmpW
GlobalFree
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GlobalUnlock
GlobalLock
GlobalAlloc
LoadResource
SizeofResource
FindResourceW
lstrcatW
CloseHandle
WriteFile
CreateFileW
lstrlenW
lstrcpyW
user32
UpdateLayeredWindow
UnionRect
SetCursorPos
DrawFrameControl
DrawEdge
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetMenuDefaultItem
GetNextDlgGroupItem
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
DrawStateW
EnumChildWindows
LockWindowUpdate
IsMenu
GetSystemMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
DeleteMenu
WaitMessage
WindowFromPoint
EnumDisplayMonitors
SetRectEmpty
CopyImage
DestroyMenu
GetMenuItemInfoW
RealChildWindowFromPoint
UnregisterClassW
RegisterClipboardFormatW
GetSysColorBrush
ShowOwnedPopups
GetMessageW
TranslateMessage
SetWindowContextHelpId
MapDialogRect
MessageBeep
IsZoomed
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
InflateRect
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetMenuDefaultItem
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
LoadMenuW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindowTextW
MoveWindow
SetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetDlgItem
GetDlgCtrlID
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetParent
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
ModifyMenuW
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
ReleaseCapture
SetFocus
GetFocus
SetCapture
InvalidateRgn
ReleaseDC
GetDC
EqualRect
DestroyCursor
GetWindowRgn
GetDoubleClickTime
CreateMenu
SubtractRect
SetWindowsHookExW
CopyIcon
IntersectRect
OffsetRect
SetRect
IsRectEmpty
CopyRect
IsWindowEnabled
IsWindowVisible
GetWindowLongW
IsWindow
CopyAcceleratorTableW
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
GetClassInfoW
FindWindowW
SetWindowPos
ShowWindow
SetWindowTextW
DrawIcon
IsIconic
CharNextW
SetLayeredWindowAttributes
SystemParametersInfoW
KillTimer
SetTimer
PtInRect
PostMessageW
LoadCursorW
SetCursor
InvalidateRect
SetWindowRgn
SendMessageW
GetClientRect
GetClassNameW
GetWindowRect
GetSystemMetrics
GetForegroundWindow
EnableWindow
wsprintfW
MessageBoxW
GetCursorPos
gdi32
CreatePen
CreateHatchBrush
CreateFontIndirectW
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
OffsetRgn
GetDIBits
RealizePalette
SetPixel
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
GetObjectType
EnumFontFamiliesExW
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SetLayout
SelectPalette
GetLayout
CreatePatternBrush
ExtSelectClipRgn
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
Rectangle
DeleteDC
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetRgnBox
CreateRectRgnIndirect
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetTextExtentPoint32W
CreateRoundRectRgn
CreateSolidBrush
GetDIBColorTable
StretchBlt
BitBlt
CreateCompatibleBitmap
CreateFontW
DeleteObject
CreateDIBSection
GetObjectW
CreateCompatibleDC
SetDIBColorTable
SelectObject
msimg32
AlphaBlend
TransparentBlt
comdlg32
GetFileTitleW
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
advapi32
RegEnumValueW
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
shell32
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
SHGetFileInfoW
ShellExecuteW
SHAppBarMessage
DragQueryFileW
comctl32
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
StrChrW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
StrStrW
PathRemoveFileSpecW
ole32
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoUninitialize
CoInitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoCreateGuid
CLSIDFromString
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
OleDuplicateData
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
OleLockRunning
DoDragDrop
OleGetClipboard
CoInitializeEx
OleCreateMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemRealloc
CoCreateInstance
CreateStreamOnHGlobal
CoGetClassObject
IsAccelerator
OleTranslateAccelerator
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
oleaut32
SysAllocString
VarBstrFromDate
VariantCopy
VariantInit
VariantChangeType
OleCreateFontIndirect
SysAllocStringLen
SafeArrayDestroy
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VarUI4FromStr
VariantClear
SysFreeString
oledlg
OleUIBusyW
gdiplus
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipDrawImageRectI
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
ws2_32
gethostbyname
WSAStartup
WSACleanup
wininet
InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
imm32
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 292KB - Virtual size: 291KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 41KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 169KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
UUBo_ActiveX.ocx.dll regsvr32 windows:5 windows x86 arch:x86
a7f665fcdc2cf670f60995e085c19dbd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\Works\MyProjects\UUPlayer\UUTV\Release\UUBo_ActiveX.pdb
Imports
kernel32
WriteConsoleW
GetConsoleCP
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
GetStringTypeW
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
GetStdHandle
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
SetStdHandle
OutputDebugStringW
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
HeapQueryInformation
HeapSize
RaiseException
CreateThread
ExitThread
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
DecodePointer
EncodePointer
VirtualProtect
SearchPathW
Sleep
GetTickCount
GetNumberFormatW
GetWindowsDirectoryW
GetProfileIntW
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
GetTempPathW
GetTempFileNameW
FindResourceExW
GetVersion
GlobalGetAtomNameW
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
ExitProcess
GetConsoleMode
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
DeleteFileW
GlobalFlags
GetSystemDirectoryW
GetCurrentDirectoryW
CopyFileW
GlobalSize
FormatMessageW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalFree
LocalAlloc
IsDBCSLeadByte
GetUserDefaultLCID
FreeResource
GlobalFindAtomW
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MulDiv
GlobalFree
GlobalUnlock
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
InterlockedIncrement
CompareStringW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameW
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
GetProcAddress
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
lstrlenW
lstrcpyW
SetEnvironmentVariableA
user32
SetMenuDefaultItem
WaitMessage
PostThreadMessageW
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
LoadImageW
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
GetDCEx
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawStateW
MessageBeep
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
IsZoomed
GetDialogBaseUnits
CopyImage
GetTabbedTextExtentW
GetMenuItemInfoW
IsIconic
CharUpperW
DestroyIcon
KillTimer
SetTimer
RealChildWindowFromPoint
GetSysColorBrush
SetLayeredWindowAttributes
EnumDisplayMonitors
DeleteMenu
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
UnregisterClassW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatW
SetRect
SetWindowRgn
IsRectEmpty
IntersectRect
CreateMenu
DestroyMenu
SetRectEmpty
LoadCursorW
SetCapture
IsClipboardFormatAvailable
ReleaseCapture
GetSystemMetrics
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
GetMenu
PtInRect
GetWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
GetWindowRgn
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CallWindowProcW
SetWindowPos
DestroyWindow
GetDesktopWindow
DestroyCursor
DrawIcon
MapDialogRect
SubtractRect
MapVirtualKeyExW
GetKeyNameTextW
SetWindowLongW
InvalidateRect
UpdateWindow
GetWindowRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
OffsetRect
InflateRect
DefWindowProcW
CopyRect
ShowWindow
DrawEdge
SetParent
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
PostMessageW
PostQuitMessage
EnableWindow
SendMessageW
FindWindowW
wsprintfW
FillRect
SystemParametersInfoW
gdi32
CreateRectRgnIndirect
CopyMetaFileW
CreateDCW
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
GetTextAlign
SetRectRgn
PatBlt
DPtoLP
EnumFontFamiliesExW
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Polygon
Rectangle
UnrealizeObject
CreatePalette
GetViewportOrgEx
CombineRgn
RealizePalette
GetSystemPaletteEntries
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SetViewportOrgEx
SelectObject
Escape
GetPaletteEntries
OffsetRgn
ExtTextOutW
CreateHatchBrush
CreateSolidBrush
CreatePen
OffsetViewportOrgEx
GetObjectType
SelectPalette
CreateCompatibleDC
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
GetNearestPaletteIndex
GetStockObject
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteDC
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
GetDeviceCaps
CreateBitmap
Ellipse
SetViewportExtEx
msimg32
AlphaBlend
TransparentBlt
comdlg32
GetFileTitleW
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
advapi32
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueW
RegSetValueW
RegEnumKeyW
RegOpenKeyW
RegEnumValueW
RegDeleteValueW
RegSetValueExW
shell32
SHAppBarMessage
ExtractIconW
SHGetFileInfoW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
comctl32
ImageList_GetIconSize
shlwapi
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW
ole32
OleLockRunning
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLoadFromStream
ReadClassStm
CreateStreamOnHGlobal
CoDisconnectObject
CoUninitialize
DoDragDrop
OleDuplicateData
ReadFmtUserTypeStg
ReleaseStgMedium
CreateDataAdviseHolder
OleSaveToStream
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateOleAdviseHolder
CreateDataCache
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoCreateGuid
CoCreateInstance
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoInitialize
oleaut32
LoadRegTypeLi
OleCreatePictureIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VariantCopy
OleLoadPicture
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
OleCreatePropertyFrame
SysStringLen
SysStringByteLen
LoadTypeLi
RegisterTypeLi
SysAllocString
SysFreeString
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
gdiplus
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateFromHDC
GdipGetImageGraphicsContext
imm32
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
winmm
PlaySoundW
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 285KB - Virtual size: 284KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 169KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
UUTV.exe.exe windows:5 windows x86 arch:x86
507c03127ecd13fdef6e46244505d37b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\Works\MyProjects\UUPlayer\UUTV\Release\UUTV.pdb
Imports
kernel32
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
IsValidLocale
WriteConsoleW
GetStringTypeW
EnumSystemLocalesA
GetLocaleInfoA
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
ExitThread
RtlUnwind
DecodePointer
EncodePointer
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
GetStartupInfoW
HeapSetInformation
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetProfileIntW
SearchPathW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetFileSize
GetCurrentDirectoryW
lstrlenA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
WaitForSingleObject
ResumeThread
SetThreadPriority
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
FileTimeToSystemTime
GetThreadLocale
ReleaseActCtx
CreateActCtxW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
WideCharToMultiByte
CopyFileW
GlobalSize
FormatMessageW
LocalFree
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
SetLastError
MulDiv
FreeResource
GetCurrentThreadId
WinExec
CreateMutexW
ExitProcess
DeleteFileW
HeapFree
TerminateThread
LoadLibraryW
CreateThread
GetTickCount
DeleteCriticalSection
lstrcmpiW
LockResource
GetProcAddress
RaiseException
MultiByteToWideChar
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
FreeLibrary
Sleep
GetPrivateProfileStringW
GetCommandLineW
GetSystemDirectoryW
CreateDirectoryW
GetFileAttributesW
GetProcessHeap
HeapAlloc
lstrcmpW
GetDiskFreeSpaceExW
GetVolumeInformationW
GetVersionExW
GetLastError
GetCurrentProcess
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LoadResource
SizeofResource
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FindClose
FindFirstFileW
lstrcatW
CloseHandle
WriteFile
CreateFileW
lstrcpyW
OutputDebugStringW
lstrlenW
InterlockedExchange
EnterCriticalSection
SetEnvironmentVariableA
LeaveCriticalSection
InterlockedCompareExchange
user32
TranslateMessage
SetWindowContextHelpId
MapDialogRect
MessageBeep
IsZoomed
PostQuitMessage
DestroyMenu
GetMenuItemInfoW
WindowFromPoint
InvalidateRgn
OffsetRect
SetRect
CopyAcceleratorTableW
IntersectRect
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
RedrawWindow
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
CopyRect
GetWindow
SubtractRect
GetMessageW
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetLastActivePopup
GetSysColor
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
FillRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetDesktopWindow
DrawIcon
IsIconic
GetWindowThreadProcessId
AttachThreadInput
SetWindowLongW
GetWindowLongW
LoadIconW
BringWindowToTop
GetWindowTextW
GetClassInfoW
ClientToScreen
DrawTextW
EnableMenuItem
CheckMenuItem
ModifyMenuW
FindWindowExW
CopyIcon
CharUpperBuffW
GetUpdateRect
FindWindowW
SetWindowPlacement
wsprintfW
EnableWindow
GetClientRect
SendMessageW
GetWindowRect
GetWindowPlacement
SendInput
ScreenToClient
GetCursorPos
SendMessageTimeoutW
RegisterWindowMessageW
EnumChildWindows
ShowWindow
IsWindowVisible
AppendMenuW
CreatePopupMenu
ReleaseCapture
SetCapture
CharNextW
GetParent
GetCursor
SetLayeredWindowAttributes
KillTimer
SetTimer
GetClassNameW
GetSystemMetrics
ShowOwnedPopups
RealChildWindowFromPoint
GetSysColorBrush
CopyImage
SetRectEmpty
EnumDisplayMonitors
GetKeyNameTextW
MapVirtualKeyW
RegisterClipboardFormatW
UnregisterClassW
WaitMessage
DeleteMenu
PostThreadMessageW
ToUnicodeEx
GetKeyboardLayout
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoW
ReleaseDC
GetDC
IsRectEmpty
MessageBoxW
PtInRect
PostMessageW
LoadCursorW
SetCursor
InvalidateRect
DestroyCursor
GetWindowRgn
GetDoubleClickTime
GetMenuState
CreateMenu
SetWindowRgn
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
GetKeyboardState
MapVirtualKeyExW
IsCharLowerW
SetMenuDefaultItem
UpdateLayeredWindow
UnionRect
SetCursorPos
DrawFrameControl
DrawEdge
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
GetMenuDefaultItem
GetNextDlgGroupItem
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
DrawStateW
LockWindowUpdate
IsMenu
GetSystemMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
InsertMenuItemW
TranslateAcceleratorW
SetClassLongW
SetParent
NotifyWinEvent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
LoadMenuW
CharUpperW
IsClipboardFormatAvailable
gdi32
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetObjectType
CreatePen
CreateHatchBrush
CopyMetaFileW
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
IntersectClipRect
GetMapMode
PatBlt
DPtoLP
GetRgnBox
GetBkColor
GetTextColor
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
OffsetRgn
SetPixel
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
Rectangle
EnumFontFamiliesExW
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
GetClipBox
ExcludeClipRect
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextExtentPoint32W
CreateDIBSection
SetDIBColorTable
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectW
GetDeviceCaps
CreateDCW
CreateRoundRectRgn
GetDIBColorTable
StretchBlt
SelectObject
DeleteDC
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CombineRgn
DeleteObject
CreateFontW
msimg32
AlphaBlend
TransparentBlt
comdlg32
GetFileTitleW
winspool.drv
DocumentPropertiesW
OpenPrinterW
ClosePrinter
advapi32
RegEnumKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegEnumValueW
RegQueryValueW
RegCreateKeyW
RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
shell32
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
DragAcceptFiles
Shell_NotifyIconW
DragQueryFileW
SHGetFileInfoW
SHAppBarMessage
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
comctl32
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
StrStrW
PathIsUNCW
ole32
CoInitialize
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
CoUninitialize
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleUninitialize
OleDuplicateData
ReleaseStgMedium
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
OleLockRunning
DoDragDrop
OleGetClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
oleaut32
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SafeArrayDestroy
OleCreateFontIndirect
VariantCopy
VariantInit
VarBstrFromDate
VariantChangeType
SysAllocStringLen
VarUI4FromStr
VariantClear
SysAllocString
SysFreeString
oledlg
OleUIBusyW
gdiplus
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipDrawImageRectI
oleacc
AccessibleObjectFromWindow
CreateStdAccessibleObject
ObjectFromLresult
LresultFromObject
wininet
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
iphlpapi
GetAdaptersInfo
ws2_32
send
closesocket
connect
htons
socket
inet_addr
WSACleanup
gethostbyname
WSAStartup
recv
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 328KB - Virtual size: 328KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 43KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 187KB - Virtual size: 186KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
icons/3gp.ico
-
icons/Daohang.ico
-
icons/Daohang_.ico
-
icons/Meinv.ico
-
icons/Taobao.ico
-
icons/avi.ico
-
icons/flv.ico
-
icons/mkv.ico
-
icons/mp3.ico
-
icons/mp4.ico
-
icons/mpg.ico
-
icons/rm.ico
-
icons/swf.ico
-
icons/wav.ico
-
icons/wma.ico
-
icons/wmv.ico
-
partner/FINSTALLERS_66_22926.exe.exe windows:4 windows x86 arch:x86
303a41f752da960ee9e3932fb89cb49c
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:bc:3a:51:b5:89:e5:af:43:29:1d:f8:4e:a4:c5:71Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before26-12-2011 00:00Not After25-12-2014 23:59SubjectCN=Beijing Kingsoft Security software Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing Kingsoft Security software Co.\,Ltd,L=beijing,ST=beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
11:bd:c6:d2:87:55:a5:88:b4:1c:bd:b5:d5:19:9c:02:e2:a5:60:7aSigner
Actual PE Digest11:bd:c6:d2:87:55:a5:88:b4:1c:bd:b5:d5:19:9c:02:e2:a5:60:7aDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
WriteFile
CreateFileA
Sleep
GetTickCount
DeleteFileA
GetModuleFileNameA
GetLastError
CreateDirectoryA
GetFileAttributesA
GetTempPathA
WaitForSingleObject
CreateProcessA
CreateMutexA
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoA
GetModuleHandleA
user32
LoadStringA
msvcp60
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPADII@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
ws2_32
setsockopt
closesocket
recv
WSAStartup
gethostbyname
htons
connect
getprotobyname
send
socket
msvcrt
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
sprintf
memcpy
strlen
_ltoa
strcat
__CxxFrameHandler
atoi
rename
__p___argv
__p___argc
_stricmp
wcslen
free
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
Sections
.text Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 620B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
partner/FunLoader_C128248.exe.exe windows:5 windows x86 arch:x86
18463743b5de2e4277dce9207f555ca4
Code Sign
0aCertificate
IssuerCN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6dNot Before06-08-2003 00:00Not After05-08-2013 23:59SubjectCN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZAExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
6c:54:c3:bd:23:b7:b9:94:98:2b:2d:a0:fa:1e:29:f7Certificate
IssuerCN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZANot Before14-07-2010 00:00Not After02-08-2012 23:59SubjectCN=Beijing Funshion Online Technologies Ltd.,OU=SECURE APPLICATION DEVELOPMENT,O=Beijing Funshion Online Technologies Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
0f:37:2c:d4:f1:51:2f:3b:01:a5:8c:6a:5f:4a:8f:a0:69:5f:fa:6bSigner
Actual PE Digest0f:37:2c:d4:f1:51:2f:3b:01:a5:8c:6a:5f:4a:8f:a0:69:5f:fa:6bDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
HttpQueryInfoW
InternetSetOptionA
HttpQueryInfoA
InternetOpenA
InternetGetConnectedState
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
kernel32
FormatMessageW
GetCurrentProcessId
LoadLibraryA
GetVersionExW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
GetCommandLineW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
LocalFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
HeapSetInformation
ExitProcess
MoveFileW
DecodePointer
EncodePointer
RtlUnwind
CreateThread
ExitThread
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
TlsAlloc
DeleteCriticalSection
SetEvent
GetTempPathW
OpenProcess
TerminateProcess
LoadLibraryW
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
FreeLibrary
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateEventW
GetModuleHandleW
GetProcAddress
Sleep
GetTickCount
GetModuleFileNameW
GetFileType
SetLastError
GetCurrentThreadId
GetThreadLocale
lstrcpynW
GetCurrentProcess
FlushInstructionCache
lstrlenW
LeaveCriticalSection
EnterCriticalSection
WriteFile
DeleteFileW
CreateFileW
GetLastError
MultiByteToWideChar
WaitForSingleObject
CloseHandle
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
GetConsoleMode
LCMapStringW
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetStartupInfoW
QueryPerformanceCounter
user32
SetMenuDefaultItem
IsMenu
DestroyMenu
SetTimer
LoadMenuW
GetSubMenu
MessageBoxW
GetSystemMetrics
LoadIconW
GetWindow
MonitorFromWindow
GetMonitorInfoW
DispatchMessageW
TranslateMessage
GetMessageW
TrackPopupMenu
GetCursorPos
RegisterWindowMessageW
MapWindowPoints
GetDlgItem
ShowWindow
SetWindowTextW
GetActiveWindow
InflateRect
EndDialog
PeekMessageW
CharNextW
DestroyWindow
RegisterClassExW
CreateWindowExW
UnregisterClassA
BringWindowToTop
GetCapture
ReleaseCapture
LoadImageW
OffsetRect
SetRectEmpty
PtInRect
CopyRect
LoadCursorW
GetClassInfoExW
SetWindowPos
IsWindow
SetWindowRgn
GetDC
ReleaseDC
GetDlgCtrlID
GetParent
SetCapture
IsWindowEnabled
KillTimer
InvalidateRect
GetWindowRect
MoveWindow
PostMessageW
SendMessageW
LoadBitmapW
DrawTextW
CallWindowProcW
GetWindowLongW
SetWindowLongW
EndPaint
BeginPaint
DefWindowProcW
GetClientRect
FillRect
SetForegroundWindow
CreateDialogParamW
gdi32
SetBrushOrgEx
SetBkColor
DPtoLP
CreatePatternBrush
ExtTextOutW
DeleteObject
DeleteDC
CreateCompatibleDC
SelectObject
SetBkMode
SetTextColor
MoveToEx
LineTo
Arc
BitBlt
StretchBlt
GetTextExtentPoint32W
CreateCompatibleBitmap
GetObjectW
CreateFontIndirectW
TextOutW
GetDeviceCaps
CreatePen
CreateRoundRectRgn
advapi32
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW
FreeSid
CheckTokenMembership
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
AllocateAndInitializeSid
shell32
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteExW
SHCreateDirectoryExW
ole32
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
oleaut32
VarUI4FromStr
shlwapi
PathFileExistsW
comctl32
ImageList_GetImageInfo
ImageList_Create
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
ImageList_GetImageCount
InitCommonControlsEx
msimg32
GradientFill
iphlpapi
GetAdaptersInfo
psapi
GetModuleFileNameExW
EnumProcessModules
Sections
.text Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
partner/HaoZipDown.206076.exe.exe windows:4 windows x86 arch:x86
1821d9c2d29a564f25d313dadc8f8abb
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate
IssuerCN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6dNot Before17-11-2006 00:00Not After30-12-2020 23:59SubjectCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USKey Usages
KeyUsageCertSign
KeyUsageCRLSign
22:f2:40:24:c2:80:0b:ad:37:11:bc:a7:be:4e:1f:7bCertificate
IssuerCN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=USNot Before20-06-2012 00:00Not After20-06-2014 23:59SubjectCN=上海瑞创网络科技股份有限公司,OU=Provided by TrustAsia,O=上海瑞创网络科技股份有限公司,L=上海,ST=上海,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate
IssuerCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
39:64:c1:a6:59:fa:75:0b:b3:22:06:25:eb:57:77:fa:79:c0:5f:5bSigner
Actual PE Digest39:64:c1:a6:59:fa:75:0b:b3:22:06:25:eb:57:77:fa:79:c0:5f:5bDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
InternetSetOptionW
InternetOpenW
kernel32
FlushInstructionCache
InitializeCriticalSection
SetLastError
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
LoadResource
SizeofResource
GetFileAttributesW
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
GetVersionExW
GetTempPathW
WriteFile
GetExitCodeProcess
CloseHandle
WaitForSingleObject
DeleteFileW
GetLongPathNameW
CreateFileW
GetTempFileNameW
GetTickCount
Sleep
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
WideCharToMultiByte
LCMapStringA
lstrlenW
GetOEMCP
GetCPInfo
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleA
HeapCreate
HeapDestroy
RtlUnwind
GetStartupInfoW
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetStringTypeA
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCurrentProcess
FreeLibrary
GetCurrentThreadId
lstrcmpiW
GetThreadLocale
GetLastError
GetModuleFileNameW
InterlockedDecrement
MultiByteToWideChar
LoadLibraryExW
FindResourceW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetLocaleInfoA
GetACP
InterlockedExchange
SetStdHandle
GetStringTypeW
GetVersionExA
IsValidCodePage
user32
UnregisterClassA
MapWindowPoints
GetWindow
BringWindowToTop
SystemParametersInfoW
GetWindowRect
SetWindowPos
SetWindowTextW
SetDlgItemTextW
PostQuitMessage
GetClientRect
GetDlgItem
MessageBoxW
GetParent
KillTimer
GetWindowLongW
CreateWindowExW
GetCursorPos
IsWindow
GetSystemMetrics
LoadMenuW
IsMenu
LoadCursorW
SetForegroundWindow
GetSubMenu
RegisterClassExW
SetMenuDefaultItem
TrackPopupMenu
CallWindowProcW
SetTimer
LoadImageW
PostMessageW
GetMenuDefaultItem
GetClassInfoExW
DestroyMenu
DestroyIcon
SendMessageW
RegisterWindowMessageW
PeekMessageW
GetDesktopWindow
GetMessageW
ShowWindow
DestroyWindow
CreateDialogParamW
DispatchMessageW
DefWindowProcW
SetWindowLongW
CharNextW
TranslateMessage
EnableWindow
gdi32
CreateFontIndirectW
DeleteObject
advapi32
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
shell32
ShellExecuteExW
Shell_NotifyIconW
ole32
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
oleaut32
VarUI4FromStr
comctl32
InitCommonControlsEx
Sections
.text Size: 81KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
partner/IFoxInstall_3.2.0.0-s-c203085.exe.exe windows:5 windows x86 arch:x86
10d9a345c838a5008adc7dfd61d0ad9c
Code Sign
47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before10-05-2010 00:00Not After10-05-2015 23:59SubjectCN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
0f:0b:42:02:b4:9e:33:59:b0:24:4e:e5:c0:06:99:d6Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before29-11-2011 00:00Not After28-11-2014 23:59SubjectCN=Beijing Sohu New Media Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=tv,O=Beijing Sohu New Media Information Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
de:88:38:98:bd:41:ff:55:0b:0f:04:c9:2b:78:b6:82:ff:24:c9:05Signer
Actual PE Digestde:88:38:98:bd:41:ff:55:0b:0f:04:c9:2b:78:b6:82:ff:24:c9:05Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\mycode\sohu\trunk-new\bin\release-static\IFoxOnlineInstall.pdb
Imports
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
kernel32
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetModuleHandleW
FreeLibrary
LoadLibraryW
GetCurrentProcess
FlushInstructionCache
SetLastError
GetCurrentThreadId
GetProcAddress
lstrcmpiW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetVersionExW
lstrcpyW
GetCurrentProcessId
lstrcmpW
CreateEventA
GetSystemTimeAsFileTime
Sleep
MulDiv
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
HeapCreate
GlobalFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ReadFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
GetConsoleMode
GetConsoleCP
WriteFile
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileAttributesW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetModuleFileNameA
RaiseException
WaitForSingleObject
TerminateProcess
GetCommandLineW
GlobalUnlock
GlobalLock
GlobalAlloc
CreateFileW
MultiByteToWideChar
lstrlenA
CreateMutexW
GetModuleHandleA
OpenMutexW
DeleteCriticalSection
SetEvent
LeaveCriticalSection
EnterCriticalSection
CreateThread
CreateEventW
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
GetLastError
CloseHandle
WaitForSingleObjectEx
CreateProcessW
CreateDirectoryW
GetTempPathW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetModuleFileNameW
GetTickCount
SetEndOfFile
CreateFileA
QueryPerformanceCounter
user32
MonitorFromPoint
DrawTextW
GetSubMenu
MapWindowPoints
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenuEx
GetWindowDC
RegisterWindowMessageW
WindowFromPoint
GetMessagePos
GetSysColor
FrameRect
GetSysColorBrush
FillRect
GetActiveWindow
GetWindowThreadProcessId
CharLowerW
IsWindowVisible
MessageBeep
UnhookWindowsHookEx
SetWindowsHookExW
IsMenu
GetMonitorInfoW
ModifyMenuW
GetMenuItemID
GetMenuItemCount
EnableMenuItem
CheckMenuItem
AppendMenuW
SetMenuInfo
DestroyMenu
CreatePopupMenu
CallNextHookEx
GetClassNameW
CallWindowProcW
SetScrollInfo
SetScrollRange
SetScrollPos
ClientToScreen
UpdateWindow
GetScrollPos
InflateRect
SetParent
UnregisterClassA
GetParent
IsClipboardFormatAvailable
SetFocus
GetClipboardData
GetDlgItem
TranslateAcceleratorW
EndPaint
BeginPaint
GetUpdateRect
KillTimer
SetTimer
GetMenuInfo
PostMessageW
SendMessageW
wsprintfW
OpenClipboard
CloseClipboard
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
IsChild
LoadImageW
ShowWindow
GetKeyState
GetDC
GetScrollRange
GetScrollInfo
ReleaseDC
PtInRect
SetCursor
LoadCursorW
OffsetRect
CopyRect
GetClientRect
GetDesktopWindow
IsWindow
SetWindowRgn
EnableWindow
GetWindowLongW
SetWindowLongW
GetWindowRect
SystemParametersInfoW
GetSystemMetrics
SetWindowPos
RedrawWindow
IsWindowEnabled
GetPropW
SetPropW
SetForegroundWindow
SetWindowTextW
SetLayeredWindowAttributes
IsIconic
MoveWindow
InvalidateRect
DefWindowProcW
SetCapture
ReleaseCapture
GetMessageW
GetCursorPos
ScreenToClient
RegisterClassExW
GetClassInfoExW
DestroyWindow
CreateWindowExW
SetRect
CharNextW
SetRectEmpty
ShowScrollBar
GetWindowTextW
GetWindowTextLengthW
GetFocus
EqualRect
gdi32
ExtTextOutW
SetBkColor
CreateSolidBrush
CreateCompatibleBitmap
SetViewportOrgEx
BitBlt
CreateCompatibleDC
SaveDC
SetBkMode
ExcludeClipRect
GetTextMetricsW
GetObjectW
CreateRoundRectRgn
SelectObject
DeleteObject
GetTextExtentPoint32W
CreateFontIndirectW
CreatePolygonRgn
CombineRgn
SetTextColor
RestoreDC
DeleteDC
advapi32
CryptHashData
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
CryptDestroyHash
CryptGetHashParam
CryptCreateHash
CryptAcquireContextW
CryptReleaseContext
RegCloseKey
RegQueryValueExW
RegOpenKeyW
shell32
ShellExecuteW
ole32
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
oleaut32
VarUI4FromStr
shlwapi
PathRemoveFileSpecW
wininet
InternetOpenW
InternetSetOptionW
InternetConnectW
InternetCloseHandle
InternetAttemptConnect
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetOpenUrlW
InternetQueryOptionW
ws2_32
gethostname
inet_addr
inet_ntoa
gethostbyname
iphlpapi
GetAdaptersInfo
gdiplus
GdipSetPenDashArray
GdipSetPenDashStyle
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipGetStringFormatAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatLineAlign
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipDeleteFont
GdipSetClipRectI
GdipSetImageAttributesWrapMode
GdipCreateImageAttributes
GdipDrawImageRectRect
GdipDrawRectangle
GdipDrawLineI
GdipDrawLine
GdipFillRectangle
GdipReleaseDC
GdipGetDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetSolidFillColor
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipGetImageWidth
GdipGetImageHeight
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStream
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipSetPenColor
GdipDeletePen
GdipCreatePen2
GdipCreatePen1
GdipDisposeImageAttributes
GdipDrawString
imm32
ImmGetContext
ImmAssociateContext
ImmReleaseContext
ImmNotifyIME
comctl32
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
_TrackMouseEvent
Sections
.text Size: 290KB - Virtual size: 289KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 91KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
partner/QIYILittle_02_14.exe.exe windows:5 windows x86 arch:x86
a28733685f9756f0ce0fc4fdfa263284
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before30-09-2010 00:00Not After01-01-2014 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
53:8e:4b:92:bd:f7:4e:f5:bc:1d:02:5b:2d:4f:22:c6Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before28-12-2010 00:00Not After27-12-2013 23:59SubjectCN=BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING QIYI CENTURY SCIENCE&TECHNOLOGY CO.\,LTD.,L=beijing,ST=beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
15:d0:d1:2f:66:3d:51:a9:d0:2c:cb:dc:67:36:4b:ad:84:cf:72:23Signer
Actual PE Digest15:d0:d1:2f:66:3d:51:a9:d0:2c:cb:dc:67:36:4b:ad:84:cf:72:23Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
E:\qiyi\project\plugin\CuteInstall\LiteInstall\LittleInstall2010\COMPILE_S\LittleInstall2010.pdb
Imports
urlmon
URLDownloadToCacheFileA
wininet
InternetOpenA
InternetOpenUrlA
InternetCanonicalizeUrlA
DeleteUrlCacheEntry
gdiplus
GdipDrawImageRectI
GdipGetImageWidth
GdipCreateFromHDC
GdipCloneImage
GdipGetImageHeight
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdiplusStartup
GdipDeleteGraphics
GdipDisposeImage
uxtheme
IsThemeActive
CloseThemeData
OpenThemeData
comctl32
InitCommonControlsEx
kernel32
GetStringTypeW
GetConsoleMode
FreeEnvironmentStringsW
SetFilePointer
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapSize
GetLastError
lstrlenA
LocalFree
FormatMessageA
WideCharToMultiByte
LockResource
LoadResource
FindResourceA
CreateMutexA
VerifyVersionInfoA
VerSetConditionMask
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
CloseHandle
GetModuleFileNameA
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
Sleep
GetVersion
TerminateProcess
GetExitCodeProcess
CreateProcessA
MultiByteToWideChar
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
GetEnvironmentStringsW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
DecodePointer
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
QueryPerformanceCounter
LoadLibraryW
SetStdHandle
FlushFileBuffers
HeapReAlloc
WriteConsoleW
CreateFileW
GetTickCount
user32
DrawTextA
DestroyWindow
CreateDialogParamA
SetWindowTextA
MoveWindow
SetDlgItemTextA
SetForegroundWindow
SetFocus
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowRect
SystemParametersInfoA
GetSystemMetrics
GetWindowLongA
SetWindowLongA
MsgWaitForMultipleObjects
LoadCursorA
SetCursor
IsWindowVisible
EndPaint
ShowWindow
LoadIconA
KillTimer
SetTimer
IsWindow
GetDC
GetClientRect
FillRect
SendMessageA
InvalidateRect
UpdateWindow
ReleaseDC
ExitWindowsEx
CharNextA
LoadStringA
MessageBoxA
CharPrevA
GetDlgItem
BeginPaint
gdi32
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkMode
BitBlt
DeleteObject
DeleteDC
CreateFontIndirectA
CreateSolidBrush
advapi32
AllocateAndInitializeSid
FreeSid
shell32
Shell_NotifyIconA
ole32
CreateStreamOnHGlobal
netapi32
Netbios
Sections
.text Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 55KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
partner/filedown_239131.exe.exe windows:4 windows x86 arch:x86
127023d18fc7df4cbf5c4293254b1a4a
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate
IssuerCN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6dNot Before17-11-2006 00:00Not After30-12-2020 23:59SubjectCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USKey Usages
KeyUsageCertSign
KeyUsageCRLSign
22:f2:40:24:c2:80:0b:ad:37:11:bc:a7:be:4e:1f:7bCertificate
IssuerCN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=USNot Before20-06-2012 00:00Not After20-06-2014 23:59SubjectCN=上海瑞创网络科技股份有限公司,OU=Provided by TrustAsia,O=上海瑞创网络科技股份有限公司,L=上海,ST=上海,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate
IssuerCN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
ea:2c:5b:c2:74:aa:29:8b:2a:f3:17:71:a6:c1:be:82:47:dc:12:58Signer
Actual PE Digestea:2c:5b:c2:74:aa:29:8b:2a:f3:17:71:a6:c1:be:82:47:dc:12:58Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetCloseHandle
InternetReadFile
InternetOpenUrlW
InternetOpenW
HttpQueryInfoW
InternetSetOptionW
kernel32
FlushInstructionCache
InitializeCriticalSection
SetLastError
InterlockedIncrement
RaiseException
EnterCriticalSection
LeaveCriticalSection
LoadResource
SizeofResource
GetFileAttributesW
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
GetVersionExW
GetTempPathW
WriteFile
GetExitCodeProcess
CloseHandle
WaitForSingleObject
DeleteFileW
GetLongPathNameW
CreateFileW
GetTempFileNameW
GetTickCount
Sleep
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
WideCharToMultiByte
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
lstrlenW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleA
HeapCreate
HeapDestroy
RtlUnwind
GetStartupInfoW
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
SetFilePointer
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentProcess
FreeLibrary
GetCurrentThreadId
lstrcmpiW
GetLastError
GetModuleFileNameW
GetVersionExA
InterlockedDecrement
MultiByteToWideChar
LoadLibraryExW
FindResourceW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
GetStringTypeW
GetStringTypeA
user32
UnregisterClassA
SetWindowPos
SetWindowTextW
SetDlgItemTextW
GetClientRect
GetDlgItem
MessageBoxW
GetParent
MapWindowPoints
GetWindow
EnableWindow
BringWindowToTop
SystemParametersInfoW
GetWindowRect
DestroyMenu
DestroyIcon
SendMessageW
RegisterWindowMessageW
KillTimer
GetWindowLongW
CreateWindowExW
GetCursorPos
IsWindow
GetSystemMetrics
LoadMenuW
IsMenu
LoadCursorW
SetForegroundWindow
GetSubMenu
RegisterClassExW
SetMenuDefaultItem
TrackPopupMenu
CallWindowProcW
SetTimer
LoadImageW
PostMessageW
GetMenuDefaultItem
GetClassInfoExW
PeekMessageW
GetDesktopWindow
GetMessageW
ShowWindow
DestroyWindow
CreateDialogParamW
DefWindowProcW
SetWindowLongW
DispatchMessageW
CharNextW
TranslateMessage
PostQuitMessage
gdi32
CreateFontIndirectW
DeleteObject
advapi32
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
shell32
ShellExecuteExW
Shell_NotifyIconW
ole32
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
oleaut32
VarUI4FromStr
comctl32
InitCommonControlsEx
Sections
.text Size: 81KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
partner/she1094809.exe.exe windows:4 windows x86 arch:x86
d3f2a6862ab7272b657df9d6b5d75f6b
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
61:19:93:e4:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before22-02-2011 19:25Not After22-02-2021 19:35SubjectCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
41:00:26:b7:ae:29:96:3b:60:8d:61:91:1b:77:1e:16Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before11-05-2012 00:00Not After10-08-2015 23:59SubjectCN=Beijing Rising Information Technology Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing Rising Information Technology Corporation Limited,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
8b:47:57:0b:45:a1:1a:45:15:e0:e7:94:f2:0a:a2:d8:93:c7:a2:e3Signer
Actual PE Digest8b:47:57:0b:45:a1:1a:45:15:e0:e7:94:f2:0a:a2:d8:93:c7:a2:e3Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DeviceIoControl
GetModuleFileNameA
GetModuleHandleA
GetLastError
CreateDirectoryA
lstrcpynA
SetLastError
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
WideCharToMultiByte
MoveFileA
lstrcmpiA
FlushFileBuffers
WriteFile
SetEndOfFile
SetFilePointer
SetFileTime
SystemTimeToFileTime
DeleteFileA
SetFileAttributesA
FileTimeToSystemTime
FindClose
FindFirstFileA
GetLocalTime
lstrcatA
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
Sleep
IsBadReadPtr
CreateProcessA
InterlockedIncrement
InterlockedDecrement
ReleaseMutex
CreateMutexA
GetCommandLineA
lstrlenW
MultiByteToWideChar
LoadLibraryExA
IsDBCSLeadByte
RemoveDirectoryA
FindNextFileA
GetFileAttributesA
GetExitCodeProcess
WaitForSingleObject
GetStartupInfoA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetTempPathA
GetTempFileNameA
CopyFileA
LocalFree
SetStdHandle
IsBadCodePtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
TerminateProcess
IsBadWritePtr
VirtualFree
HeapCreate
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
lstrlenA
GetVersionExA
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalFree
lstrcpyA
FreeLibrary
ReadFile
CreateFileA
GetFileSize
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
user32
DestroyWindow
SendMessageA
IsWindow
PostMessageA
DefWindowProcA
CharNextA
CharUpperA
wsprintfA
advapi32
RegCloseKey
RegOpenKeyExA
OpenProcessToken
GetTokenInformation
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
shell32
ShellExecuteExA
ole32
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CoInitializeSecurity
CoCreateGuid
OleRun
CoTaskMemRealloc
CoTaskMemAlloc
oleaut32
SafeArrayGetLBound
SafeArrayGetUBound
VarUI4FromStr
SysFreeString
VariantInit
VariantClear
SysAllocStringLen
SysAllocString
VarBstrCat
SafeArrayDestroy
SafeArrayGetElement
shlwapi
PathFileExistsA
PathRemoveFileSpecA
PathSkipRootA
comctl32
InitCommonControlsEx
rpcrt4
UuidCreate
wininet
HttpSendRequestExA
HttpEndRequestA
InternetSetCookieA
InternetWriteFile
HttpAddRequestHeadersA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetAttemptConnect
InternetCloseHandle
InternetCrackUrlA
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 96KB - Virtual size: 94KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
partner/silentoi_39015028_54.exe.exe windows:4 windows x86 arch:x86
fe1a14cd7edeebaf852900d30ce5a3cb
Code Sign
79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before01-05-2012 00:00Not After31-12-2012 23:59SubjectCN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
26:2f:33:e4:18:2e:6a:fd:d9:82:d1:5c:66:3e:98:ffCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before10-05-2012 00:00Not After18-07-2014 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
c:\clientci\workspace\webinstaller_compile\root\bdwebinstallertrayicon\unicode_release\bdwebinstaller.pdb
Imports
shlwapi
PathIsURLA
PathIsURLW
PathFileExistsW
shell32
ShellExecuteExW
SHCreateDirectoryExW
SHGetFolderPathW
wininet
InternetCloseHandle
InternetCrackUrlW
InternetOpenW
InternetReadFile
InternetOpenUrlW
InternetConnectW
HttpSendRequestW
HttpQueryInfoW
InternetReadFileExA
HttpQueryInfoA
HttpSendRequestA
InternetSetOptionW
HttpOpenRequestW
kernel32
FileTimeToSystemTime
FindClose
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
SetEndOfFile
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
CreateFileA
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
CloseHandle
GetLastError
GetCurrentProcess
GetLocalTime
WriteFile
GetCommandLineW
SetLastError
CreateMutexW
GetModuleHandleW
GetTickCount
GetTempPathW
CreateFileW
RaiseException
FindResourceW
FlushInstructionCache
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceExW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
CreateEventW
CreateSemaphoreW
ReleaseSemaphore
SetEvent
WaitForMultipleObjects
GetExitCodeThread
TerminateThread
Sleep
lstrlenW
FileTimeToLocalFileTime
MapViewOfFile
UnmapViewOfFile
GetVersionExW
WaitForSingleObject
DeleteFileW
GetFileSize
GetSystemInfo
MoveFileExW
EnumResourceNamesW
GetModuleFileNameW
GlobalAlloc
GlobalFree
GetVolumeInformationA
DeviceIoControl
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
GetCurrentDirectoryA
GetFullPathNameW
GetConsoleMode
GetSystemTimeAsFileTime
GetConsoleCP
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetStdHandle
GetDriveTypeW
FindFirstFileW
GetStartupInfoW
RtlUnwind
HeapCreate
GetModuleHandleA
CreateThread
ExitThread
GetStringTypeW
GetStringTypeA
SetFilePointer
CreateFileMappingW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
user32
SendMessageW
PostQuitMessage
KillTimer
SetTimer
CallWindowProcW
GetWindowLongW
PostMessageW
SetWindowLongW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DefWindowProcW
ShowWindow
SetWindowPos
FindWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
DestroyWindow
IsWindow
CharNextW
LoadCursorW
UnregisterClassA
advapi32
GetTokenInformation
OpenProcessToken
GetUserNameW
ole32
CoInitialize
CoUninitialize
CoCreateGuid
iphlpapi
GetAdaptersInfo
Sections
.text Size: 152KB - Virtual size: 148KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
player/NetAgent.dll.dll windows:4 windows x86 arch:x86
4c82dab3e6098d79e2bd2a5aa1394a82
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before20-04-2011 00:00Not After16-07-2013 23:59SubjectCN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
59:ec:62:0e:93:3b:40:b8:9e:69:a6:ae:20:ac:eb:98:39:ba:0e:92Signer
Actual PE Digest59:ec:62:0e:93:3b:40:b8:9e:69:a6:ae:20:ac:eb:98:39:ba:0e:92Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
ws2_32
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
recv
closesocket
WSACloseEvent
setsockopt
WSAGetLastError
htons
gethostbyname
socket
WSACreateEvent
connect
WSAEventSelect
send
kernel32
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetLocaleInfoA
Sleep
GetTickCount
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrcatA
GetModuleFileNameA
CreateEventA
LoadLibraryA
CompareStringA
CompareStringW
GetLastError
FlushFileBuffers
RaiseException
MoveFileA
DeleteFileA
CreateDirectoryA
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFileAttributesA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CloseHandle
ResumeThread
CreateThread
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
DeleteCriticalSection
SetFilePointer
ReadFile
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetFullPathNameA
GetCurrentDirectoryA
MultiByteToWideChar
GetStdHandle
ExitProcess
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSection
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
user32
wsprintfA
advapi32
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
Exports
Exports
CreateAndRunAgent
CreateUpLoadAgent
GetDownSpeed
GetDownloadLen
GetFileHeadLen
GetFileLen
GetFilePath
GetUpLoadLen
IsThreadExit
PauseTask
ReadFromFile
Seek
Terminate
Sections
.text Size: 88KB - Virtual size: 86KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 992B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
player/QvodNet.dll.dll windows:4 windows x86 arch:x86
4b9d87fc74602af06958fdc546e10b10
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before20-04-2011 00:00Not After16-07-2013 23:59SubjectCN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
d9:1a:c4:fd:8d:6d:66:fe:1d:20:a2:3a:d7:b6:7a:ba:b8:30:5d:47Signer
Actual PE Digestd9:1a:c4:fd:8d:6d:66:fe:1d:20:a2:3a:d7:b6:7a:ba:b8:30:5d:47Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
ws2_32
gethostname
ntohs
WSAStartup
ntohl
WSAGetLastError
setsockopt
htonl
gethostbyname
inet_ntoa
recv
send
inet_addr
socket
closesocket
connect
htons
kernel32
GetProcessHeap
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
LoadLibraryA
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetDiskFreeSpaceExW
CreateFileW
CloseHandle
GetPrivateProfileStringW
GetFileSize
SetFilePointer
MultiByteToWideChar
GetLogicalDrives
GetDriveTypeW
GetSystemDirectoryW
WideCharToMultiByte
CreateProcessW
ReadFile
GetModuleFileNameW
GetLastError
GetVersionExA
Sleep
GetPrivateProfileIntW
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
GetFileAttributesW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
CreateDirectoryW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
SetEnvironmentVariableA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
ExitProcess
RtlUnwind
GetFullPathNameW
GetCurrentDirectoryA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
user32
SendMessageA
FindWindowA
shell32
SHGetSpecialFolderPathW
netagent
Terminate
GetFilePath
GetDownSpeed
PauseTask
GetDownloadLen
ReadFromFile
CreateAndRunAgent
GetFileLen
Exports
Exports
_ClearQvodNet
_InitQvodNet
Sections
.text Size: 128KB - Virtual size: 126KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 976B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
player/QvodPlayMedia.dll.dll windows:4 windows x86 arch:x86
d1960969b9bb90814a4327c8e1d96e3e
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before20-04-2011 00:00Not After16-07-2013 23:59SubjectCN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
71:e1:ea:eb:24:95:eb:f9:40:ee:26:68:b8:07:d0:7d:71:6e:44:53Signer
Actual PE Digest71:e1:ea:eb:24:95:eb:f9:40:ee:26:68:b8:07:d0:7d:71:6e:44:53Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
quartz
AMGetErrorTextW
winmm
waveOutSetVolume
waveOutGetVolume
ws2_32
ntohs
ntohl
kernel32
OutputDebugStringW
LockResource
LoadResource
SizeofResource
FindResourceW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetWindowsDirectoryW
GetLocaleInfoW
GetTickCount
GetLastError
lstrcmpiW
WaitForSingleObject
FlushInstructionCache
GetCurrentProcess
lstrcmpW
MulDiv
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetLastError
LoadLibraryExW
GetModuleHandleW
SetEvent
CloseHandle
GetFileSize
CreateEventW
GetVersionExW
ResetEvent
CreateThread
SuspendThread
TerminateThread
ResumeThread
WideCharToMultiByte
LocalFree
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileW
SetStdHandle
IsValidCodePage
IsValidLocale
VirtualQuery
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
HeapCreate
HeapDestroy
HeapSize
SetFilePointer
ReadFile
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
ExitProcess
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
ExitThread
GetFileAttributesW
HeapReAlloc
GetSystemInfo
GetModuleHandleA
VirtualProtect
RtlUnwind
IsDebuggerPresent
LoadLibraryW
GetProcAddress
FreeLibrary
Sleep
lstrlenA
FindClose
MultiByteToWideChar
TryEnterCriticalSection
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
FindFirstFileW
InterlockedIncrement
lstrlenW
InterlockedDecrement
CreateFileA
SetEndOfFile
GetVersionExA
EnumSystemLocalesA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
user32
IsChild
LoadStringW
CharUpperW
CharNextW
CharLowerW
SetWindowLongW
GetWindowLongW
CreateWindowExW
DestroyWindow
MoveWindow
ShowWindow
SendMessageW
SetRectEmpty
EqualRect
CallWindowProcW
SetSysColors
wsprintfW
EnumDisplayMonitors
FindWindowExW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
UnregisterClassA
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ScreenToClient
ClientToScreen
SetWindowPos
DefWindowProcW
GetDesktopWindow
GetDC
ReleaseDC
IsWindowVisible
SystemParametersInfoW
GetClientRect
IsWindow
GetSysColor
gdi32
GetStockObject
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetObjectW
advapi32
RegQueryValueExW
RegQueryValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
RegCloseKey
ole32
CoTaskMemRealloc
StringFromGUID2
OleLockRunning
CoGetClassObject
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoUninitialize
CoCreateInstance
StringFromCLSID
CoInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
oleaut32
VarUI4FromStr
SysFreeString
VariantInit
VariantClear
SysAllocString
SysStringLen
OleCreatePropertyFrame
SysAllocStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
GetErrorInfo
Exports
Exports
_ClearQvodMedia
_InitQvodMedia
Sections
.text Size: 344KB - Virtual size: 342KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 116KB - Virtual size: 113KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 168KB - Virtual size: 167KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
player/QvodTerminal.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 732KB - Virtual size: 729KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 116KB - Virtual size: 113KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ