108dc545a85abb91e6b109fbcceac78b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

108dc545a85abb91e6b109fbcceac78b_JaffaCakes118
Size

2.9MB
MD5

108dc545a85abb91e6b109fbcceac78b
SHA1

d59d36c3e88c5226ca2e9c0ab24c12533c89b5ad
SHA256

a4bd0b9c64f89447652c74757c649e366c087846bc2f3c90e13af2456708c77d
SHA512

2d0a3111ba792f34abd11627367183e0b356cbba389369c51eae2363d661af4a32a78d8d9f4956b420d5e3ab4e2649069cae3817a7c0636ab7e0dce712ba66a7
SSDEEP

49152:Nd/l9C96Uti8bzUMehGIUoLfqiMkCJTy/GcvdmauEQ7nimxQ2hgEXyTxKWAr:38NXUvh1UCqiMkCJTVclDOimthBXrWAr

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/system/ALAudio.dll
unpack001/system/D3DDrv.dll
unpack001/system/DSETUP.dll
unpack001/system/defopenal32.dll
unpack001/system/encvag.dll

Files

108dc545a85abb91e6b109fbcceac78b_JaffaCakes118
.rar
system/ALAudio.dll
.dll windows:4 windows x86 arch:x86

3d76f5748f08bbd6f6cea7dbf2f91f2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

core

?Add@FArray@@QAEHHH@Z
?IsLoaded@UObject@@UAEHXZ
?Rename@UObject@@UAEXPB_WPAV1@@Z
?ConditionalDestroy@UObject@@QAEHXZ
?Remove@FArray@@QAEXHHH@Z
?StaticAllocateObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@11@Z
?LanguageChange@UObject@@UAEXXZ
?GMalloc@@3PAVFMalloc@@A
?Register@UObject@@UAEXXZ
?ScriptConsoleExec@UObject@@UAEHPB_WAAVFOutputDevice@@PAV1@@Z
?CallFunction@UObject@@UAEXAAUFFrame@@QAXPAVUFunction@@@Z
?GError@@3PAVFOutputDeviceError@@A
?InitExecution@UObject@@UAEXXZ
??1FString@@QAE@XZ
?GotoLabel@UObject@@UAEHVFName@@@Z
??4FString@@QAEAAV0@ABV0@@Z
?GotoState@UObject@@UAE?AW4EGotoState@@VFName@@@Z
??0FName@@QAE@PB_WW4EFindName@@@Z
?PostLoad@UObject@@UAEXXZ
??0FString@@QAE@ABV0@@Z
?Modify@UObject@@UAEXXZ
?Tick@USubsystem@@UAEXM@Z
??1FCriticalSection@@QAE@XZ
?ProcessRemoteFunction@UObject@@UAEHPAVUFunction@@PAXPAUFFrame@@@Z
?ProcessState@UObject@@UAEXM@Z
?NetDirty@UObject@@UAEXPAVUProperty@@@Z
??0FArray@@IAE@HH@Z
?ProcessDelegate@UObject@@UAEXVFName@@PAUFScriptDelegate@@PAX2@Z
?ProcessEvent@UObject@@UAEXPAVUFunction@@PAX1@Z
?OnEvent@UObject@@UAEXABVFString@@0@Z
??1FArray@@QAE@XZ
?Release@UObject@@UAGKXZ
?ClearL2Game@UObject@@UAEXXZ
?AddRef@UObject@@UAGKXZ
?IsPendingKill@UObject@@UAEHXZ
?appFailAssert@@YAXPBD0H@Z
?QueryInterface@UObject@@UAGKABVFGuid@@PAPAX@Z
?Empty@FArray@@QAEXHH@Z
??3UIntProperty@@SAXPAXPAVUObject@@PB_WK@Z
?appStrcpy@@YAPA_WPA_WPB_W@Z
??3UIntProperty@@SAXPAX@Z
?PrivateStaticClass@UObject@@0VUClass@@A
?GLanguageType@@3HA
??KFVector@@QBE?AV0@M@Z
??2UIntProperty@@SAPAXIPAVUObject@@PB_WK@Z
??9FString@@QBEHPB_W@Z
??1UClass@@UAE@XZ
?appFreeDllHandle@@YAXPAX@Z
?appSecondsQPC@@YANXZ
?appGetDllExport@@YAPAXPAXPB_W@Z
?GConfig@@3PAVFConfigCache@@A
??0UFloatProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??HFString@@QAE?AV0@ABV0@@Z
??0UClass@@QAE@W4ENativeConstructor@@KKPAV0@1VFGuid@@PB_W33KP6AXPAX@ZP8UObject@@AEXXZ@Z
?IsValid@UObject@@QAEHXZ
??1UFloatProperty@@UAE@XZ
?GetPathName@UObject@@QBEPB_WPAV1@PA_W@Z
?CopyCompleteValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
??0FVector@@QAE@XZ
?CopySingleValue@UBoolProperty@@UBEXPAX0PAVUObject@@@Z
?CopySingleValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?CopyCompleteValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
??3UFloatProperty@@SAXPAXPAVUObject@@PB_WK@Z
?ImportText@UBoolProperty@@UBEPB_WPB_WPAEHH@Z
?ImportText@UIntProperty@@UBEPB_WPB_WPAEHH@Z
??DFString@@QBEPB_WXZ
?CopySingleValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
?appSqrt@@YANN@Z
?appStrfind@@YAPB_WPB_W0@Z
??3UFloatProperty@@SAXPAX@Z
?GFileStream@@3PAVFFileStream@@A
?GetTransientPackage@UObject@@SAPAVUPackage@@XZ
?GAudioDefaultRadius@@3MA
?ExportTextItem@UBoolProperty@@UBEXAAVFString@@PAE1H@Z
?ExportTextItem@UIntProperty@@UBEXAAVFString@@PAE1H@Z
?Empty@FString@@QAEXXZ
?DestroyStream@FFileStream@@QAEXHH@Z
?ImportText@UFloatProperty@@UBEPB_WPB_WPAEHH@Z
?GIsEditor@@3HA
?ExportCppItem@UBoolProperty@@UBEXAAVFOutputDevice@@H@Z
?ExportCppItem@UIntProperty@@UBEXAAVFOutputDevice@@H@Z
?QueryStream@FFileStream@@QAEHHAAH@Z
?StaticLoadObject@UObject@@SAPAV1@PAVUClass@@PAV1@PB_W2KPAVUPackageMap@@@Z
?ExportTextItem@UFloatProperty@@UBEXAAVFString@@PAE1H@Z
??2UFloatProperty@@SAPAXIPAVUObject@@PB_WK@Z
?NetSerializeItem@UBoolProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?appStrcmp@@YAHPB_W0@Z
?NetSerializeItem@UIntProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
??4FString@@QAEAAV0@PB_W@Z
?RequestChunks@FFileStream@@QAEXHHPAX@Z
?StaticFindObject@UObject@@SAPAV1@PAVUClass@@PAV1@PB_WH@Z
?GetPropertiesSize@UField@@UAEHXZ
?GObjObjects@UObject@@1V?$TArray@PAVUObject@@@@A
?ExportCppItem@UFloatProperty@@UBEXAAVFOutputDevice@@H@Z
?appUnwindf@@YAXPB_WZZ
?SerializeItem@UBoolProperty@@UBEXAAVFArchive@@PAXH@Z
?SerializeItem@UIntProperty@@UBEXAAVFArchive@@PAXH@Z
?CreateStream@FFileStream@@QAEHPB_WHHPAXW4EFileStreamType@@1@Z
?GetOwnerClass@UField@@UAEPAVUClass@@XZ
?NetSerializeItem@UFloatProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?Identical@UBoolProperty@@UBEHPBX0@Z
?Identical@UIntProperty@@UBEHPBX0@Z
??0FString@@QAE@PB_W@Z
?Bind@UField@@UAEXXZ
?SerializeItem@UFloatProperty@@UBEXAAVFArchive@@PAXH@Z
?GetID@UProperty@@UBEEXZ
??0UBoolProperty@@QAE@W4ECppProperty@@HPB_WK@Z
?Link@UBoolProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?Link@UIntProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?PostEditChange@UObject@@UAEXXZ
?MergeBools@UField@@UAEHXZ
?Identical@UFloatProperty@@UBEHPBX0@Z
?GIsNative@@3HA
?Port@UProperty@@UBEHXZ
??0FString@@QAE@XZ
?debugf@@YAXW4EName@@PB_WZZ
?Serialize@UBoolProperty@@UAEXAAVFArchive@@@Z
?ShutdownAfterError@UObject@@UAEXXZ
?AddCppProperty@UField@@UAEXPAVUProperty@@@Z
?Link@UFloatProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?appAtof@@YAMPB_W@Z
?DestroyValue@UProperty@@UBEXPAX@Z
??1UBoolProperty@@UAE@XZ
?debugf@@YAXPB_WZZ
?GL2ReplayMode@@3HA
?Register@UField@@UAEXXZ
?GCountryCode@@3PA_WA
?CopyCompleteValue@UProperty@@UBEXPAX0PAVUObject@@@Z
?Logf@FOutputDevice@@QAAXPB_WZZ
?PostLoad@UField@@UAEXXZ
??3UBoolProperty@@SAXPAXPAVUObject@@PB_WK@Z
?Serialize@UObject@@UAEXAAVFArchive@@@Z
?appRand@@YAHXZ
?ExportText@UProperty@@UBEHHAAVFString@@PAE1H@Z
??3UBoolProperty@@SAXPAX@Z
?Destroy@UObject@@UAEXXZ
?StaticConfigName@UObject@@SAPB_WXZ
?Normalize@FVector@@QAEHXZ
?Printf@FString@@SA?AV1@PB_WZZ
?ExportCpp@UProperty@@UBEXAAVFOutputDevice@@HHHH@Z
?appGetDllHandle@@YAPAXPB_W@Z
??2UBoolProperty@@SAPAXIPAVUObject@@PB_WK@Z
?Unlock@FCriticalSection@@QAEXXZ
?Size@FVector@@QBEMXZ
?Lock@FCriticalSection@@QAEXXZ
?appMemset@@YAXPAXHH@Z
?AddZeroed@FArray@@QAEHHH@Z
?GAudioMaxRadiusMultiplier@@3MA
?CleanupDestroyed@UProperty@@UBEXPAE@Z
??0FCriticalSection@@QAE@XZ
?Serialize@UProperty@@UAEXAAVFArchive@@@Z
??0UIntProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??1UIntProperty@@UAE@XZ
?appFromAnsi@@YAPB_WPBDPA_W@Z
?ParseCommand@@YAHPAPB_WPB_W@Z

engine

??1UAudioSubsystem@@UAE@XZ
??4UAudioSubsystem@@QAEAAV0@ABV0@@Z
??0UAudioSubsystem@@QAE@ABV0@@Z
?CleanUp@UAudioSubsystem@@UAEXXZ
?PrivateStaticClass@UAmbientSoundObject@@0VUClass@@A
?GetDuration@USound@@UAEMXZ
??0USound@@QAE@PB_WH@Z
?ReadWaveInfo@FWaveModInfo@@QAEHAAV?$TArray@E@@@Z
?PrivateStaticClass@UMasterLevel@@0VUClass@@A
?IsSoundNight@UL2NEnvManager@@QAEHXZ
?PostLoad@USound@@UAEXXZ
??1USound@@UAE@XZ
?L2GetPhysicsVolume@ALevelInfo@@QAEPAVAPhysicsVolume@@VFVector@@PAVAActor@@H@Z
?IsSoundDay@UL2NEnvManager@@QAEHXZ
?Destroy@USound@@UAEXXZ
?PointRegion@UModel@@QBE?AUFPointRegion@@PAVAZoneInfo@@VFVector@@@Z
?RegisterStats@FStats@@QAEHW4EStatsType@@W4EStatsDataType@@VFString@@2W4EStatsUnit@@@Z
?Serialize@USound@@UAEXAAVFArchive@@@Z
?PrivateStaticClass@UAudioSubsystem@@0VUClass@@A
?PS2Convert@USound@@UAEXXZ
??3USound@@SAXPAXPAVUObject@@PB_WK@Z
??3USound@@SAXPAX@Z
??0UAudioSubsystem@@IAE@XZ
??2USound@@SAPAXIPAVUObject@@PB_WK@Z
?GStats@@3VFStats@@A
?Audio@USound@@2PAVUAudioSubsystem@@A
?GetZonePlayState@UAmbientSoundObject@@QAEHXZ
?PrivateStaticClass@USound@@0VUClass@@A
?GetCurZoneRenderState@AZoneInfo@@QAEHXZ
?IsSaveState@FL2ReplayManager@@QAEHXZ
?AddMusicName@FL2ReplayManager@@QAEXABVFString@@H@Z
?PrivateStaticClass@ALineagePlayerController@@0VUClass@@A
?IsPlayedUntilEnd@USound@@QAEHXZ

vorbisfile

ov_time_total
ov_pcm_total
ov_info

kernel32

GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
VirtualAlloc
WriteFile
LoadLibraryA
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException

Exports

Exports

??0UALAudioSubsystem@@QAE@ABV0@@Z
??0UALAudioSubsystem@@QAE@XZ
??1UALAudioSubsystem@@UAE@XZ
??2UALAudioSubsystem@@SAPAXIPAVUObject@@PB_WK@Z
??2UALAudioSubsystem@@SAPAXIPAW4EInternal@@@Z
??3UALAudioSubsystem@@SAXPAX@Z
??3UALAudioSubsystem@@SAXPAXPAVUObject@@@Z
??3UALAudioSubsystem@@SAXPAXPAVUObject@@PB_W@Z
??3UALAudioSubsystem@@SAXPAXPAVUObject@@PB_WK@Z
??3UALAudioSubsystem@@SAXPAXPAW4EInternal@@@Z
??4UALAudioSubsystem@@QAEAAV0@ABV0@@Z
??_7UALAudioSubsystem@@6BFExec@@@
??_7UALAudioSubsystem@@6BUObject@@@
?ChangeVoiceChatter@UALAudioSubsystem@@UAEXKKH@Z
?CheckSoundResource@UALAudioSubsystem@@UAEHPAVUSound@@@Z
?Destroy@UALAudioSubsystem@@UAEXXZ
?EnterVoiceChat@UALAudioSubsystem@@UAEXXZ
?Exec@UALAudioSubsystem@@UAEHPB_WAAVFOutputDevice@@@Z
?FindExt@UALAudioSubsystem@@QAEHPB_W@Z
?FindProc@UALAudioSubsystem@@QAEXAAPAXPAD1AAHH@Z
?FindProcs@UALAudioSubsystem@@QAEXH@Z
?GetMusicVolume@UALAudioSubsystem@@UAEMXZ
?GetNewStream@UALAudioSubsystem@@AAEHXZ
?GetOggVoiceVolume@UALAudioSubsystem@@UAEMXZ
?GetSoundVolume@UALAudioSubsystem@@UAEMXZ
?GetViewport@UALAudioSubsystem@@UAEPAVUViewport@@XZ
?GetWavVoiceVolume@UALAudioSubsystem@@UAEMXZ
?Init@UALAudioSubsystem@@UAEHXZ
?InternalConstructor@UALAudioSubsystem@@SAXPAX@Z
?IsMusicPlaying@UALAudioSubsystem@@UAEHXZ
?IsOggVoicePlaying@UALAudioSubsystem@@UAEHXZ
?IsPlaying@UALAudioSubsystem@@UAEHPAVAActor@@PAVUSound@@@Z
?IsPlayingInZone@UALAudioSubsystem@@AAE_NPAVULevel@@PAVUAmbientSoundObject@@@Z
?IsUseZoneState@UALAudioSubsystem@@AAE_NPAVULevel@@PAVUAmbientSoundObject@@@Z
?IsVaild@UALAudioSubsystem@@UAEHXZ
?IsValidGetStream@UALAudioSubsystem@@UAEHXZ
?IsVoiceEnd@UALAudioSubsystem@@UAEHXZ
?IsWavVoicePlaying@UALAudioSubsystem@@UAEHXZ
?LeaveVoiceChat@UALAudioSubsystem@@UAEXXZ
?LowQualitySound@UALAudioSubsystem@@UAEHXZ
?NoteDestroy@UALAudioSubsystem@@UAEXPAVAActor@@@Z
?NoteDestroy@UALAudioSubsystem@@UAEXPAVULevelObject@@@Z
?PlayMusic@UALAudioSubsystem@@UAEHABVFString@@MHHMHH@Z
?PlayPrevMusic@UALAudioSubsystem@@UAEXMHHMH@Z
?PlaySoundW@UALAudioSubsystem@@UAEHPAVAActor@@HPAVUSound@@VFVector@@MMMHMMH@Z
?PlaySoundW@UALAudioSubsystem@@UAEHPAVAActor@@HPAVUSound@@VFVector@@MMMHMMMMMH@Z
?PlaySoundW@UALAudioSubsystem@@UAEHPAVUSound@@PAVULevelObject@@HVFVector@@MMMHMMH@Z
?PlayVoice@UALAudioSubsystem@@UAEHVFString@@MHHH@Z
?PostEditChange@UALAudioSubsystem@@UAEXXZ
?PrivateStaticClass@UALAudioSubsystem@@0VUClass@@A
?RegisterSound@UALAudioSubsystem@@UAEXPAVUSound@@@Z
?SeeIfAnyNewAmbientSoundsNeedToBeStarted@UALAudioSubsystem@@QAEXHPAVULevel@@ABVFVector@@HN@Z
?Serialize@UALAudioSubsystem@@UAEXAAVFArchive@@@Z
?SetI3DL2Listener@UALAudioSubsystem@@AAEXPAVUI3DL2Listener@@@Z
?SetMusicVolume@UALAudioSubsystem@@UAEXHMM@Z
?SetMusicVolume@UALAudioSubsystem@@UAEXM@Z
?SetOggVoiceVolume@UALAudioSubsystem@@UAEXM@Z
?SetSoundVolume@UALAudioSubsystem@@UAEXM@Z
?SetViewport@UALAudioSubsystem@@UAEXPAVUViewport@@@Z
?SetVolumes@UALAudioSubsystem@@AAEXXZ
?SetWavVoiceVolume@UALAudioSubsystem@@UAEXM@Z
?ShutdownAfterError@UALAudioSubsystem@@UAEXXZ
?SoundPriority@UALAudioSubsystem@@AAEMPAVUViewport@@VFVector@@MMH@Z
?StaticClass@UALAudioSubsystem@@SAPAVUClass@@XZ
?StaticConstructor@UALAudioSubsystem@@QAEXXZ
?StopAllMusic@UALAudioSubsystem@@UAEHMH@Z
?StopAllPlayingSound@UALAudioSubsystem@@UAEHH@Z
?StopAllVoice@UALAudioSubsystem@@UAEHMH@Z
?StopMusic@UALAudioSubsystem@@UAEHHMH@Z
?StopSound@UALAudioSubsystem@@AAEXHM@Z
?StopSound@UALAudioSubsystem@@UAEHPAVAActor@@PAVUSound@@M@Z
?StopSound@UALAudioSubsystem@@UAEHPAVUSound@@PAVULevelObject@@M@Z
?UnregisterSound@UALAudioSubsystem@@UAEXPAVUSound@@@Z
?Update@UALAudioSubsystem@@UAEXPAVFSceneNode@@@Z
?UpdateAllPlayingAmbientSounds@UALAudioSubsystem@@QAEXABVFVector@@HPAVUEngine@@@Z
?UpdateAmbientSounds@UALAudioSubsystem@@AAEXAAV?$TArray@UALAmbient@@@@PAVUAmbientSoundObject@@PAVULevel@@AAVFVector@@@Z
?UpdateAmbientSounds@UALAudioSubsystem@@AAEXAAV?$TArray@UALAmbient@@@@PAVULevel@@ABVFVector@@H@Z
?UpdateIfSourceHasActor@UALAudioSubsystem@@QAEXHAAVFVector@@ABV2@@Z
?UpdateIfSourceHasLevelObject@UALAudioSubsystem@@QAEXH@Z
?UpdateStreamingSounds@UALAudioSubsystem@@QAEXH@Z
?alError@UALAudioSubsystem@@AAEHPA_WH@Z
GPackage
_DllMain@12
autoclassUALAudioSubsystem

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
system/ALAudio.int
system/AdditionalItemgrp.dat
system/CheckGrp.log
system/Cloak.int
system/Core.dll
.dll windows:4 windows x86 arch:x86

f9864994a4e8e33018182cfbea30a610

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

44:e7:9d:6c:c8:65:3f:d7:be:4d:f0:eb:b7:dd:b7:dc
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

23/12/2009, 00:00

Not After

21/02/2012, 23:59

Subject

CN=NCsoft Corp.,OU=System Operation Team,O=NCsoft Corp.,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

vorbisfile

ov_open2
ov_time_seek
ov_clear
ov_read

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

iphlpapi

GetAdaptersInfo

kernel32

SetEndOfFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetCurrentThreadId
WaitForSingleObject
InterlockedExchange
SetEvent
TerminateThread
SetThreadPriority
CreateThread
CreateEventW
InterlockedIncrement
GetLogicalDrives
GetDriveTypeW
GetDiskFreeSpaceExW
MultiByteToWideChar
LoadLibraryExW
CreateProcessA
GetSystemInfo
ExitProcess
DebugBreak
GetComputerNameA
ReadFile
GetModuleFileNameA
GetModuleFileNameW
GetCurrentProcess
InitializeCriticalSection
CreateFileW
QueryPerformanceCounter
GetLocalTime
LoadLibraryA
CompareStringA
CreateFileA
ExitThread
WideCharToMultiByte
GetProcessWorkingSetSize
GlobalMemoryStatus
GetComputerNameW
LoadLibraryW
QueryPerformanceFrequency
Sleep
DeleteCriticalSection
SetConsoleCtrlHandler
FormatMessageW
GetLastError
GetVersionExW
GetVersionExA
GetProcAddress
LeaveCriticalSection
FreeLibrary
FormatMessageA
GetExitCodeProcess
CloseHandle
CreateProcessW
EnterCriticalSection
SetFilePointer
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
CompareStringW
GlobalAlloc
SetEnvironmentVariableA
HeapCreate
HeapDestroy
GetEnvironmentStringsW
VirtualAlloc
HeapReAlloc
GetCurrentProcessId
GetTickCount
GetSystemTimeAsFileTime
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
FindFirstFileW
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
IsDebuggerPresent
LCMapStringA
LCMapStringW
RaiseException
GetTimeZoneInformation
RtlUnwind
GetFullPathNameA
GetCurrentDirectoryA
GetFullPathNameW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
VirtualFree

user32

OpenClipboard
MessageBoxW
EnumDisplaySettingsW
EmptyClipboard
PostQuitMessage
CloseClipboard
SetClipboardData
GetClipboardData
GetActiveWindow

shell32

ShellExecuteW
ShellExecuteA

ole32

CoCreateGuid

vcomp

omp_get_thread_num
omp_in_parallel

Exports

Exports

??0?$TArray@_W@@QAE@ABV0@@Z
??0?$TArray@_W@@QAE@H@Z
??0?$TArray@_W@@QAE@W4ENoInit@@@Z
??0?$TArray@_W@@QAE@XZ
??0?$TSingleton@VL2Configuration@@@@IAE@XZ
??0?$TSingleton@VL2Configuration@@@@QAE@ABV0@@Z
??0?$TSingleton@VL2ThreadUtil@@@@IAE@XZ
??0?$TSingleton@VL2ThreadUtil@@@@QAE@ABV0@@Z
??0?$TSingleton@VL2UserHardWareInformation@@@@IAE@XZ
??0?$TSingleton@VL2UserHardWareInformation@@@@QAE@ABV0@@Z
??0FArchive@@QAE@ABV0@@Z
??0FArchive@@QAE@XZ
??0FArray@@IAE@HH@Z
??0FArray@@QAE@W4ENoInit@@@Z
??0FArray@@QAE@XZ
??0FBitReader@@QAE@ABU0@@Z
??0FBitReader@@QAE@PAEH@Z
??0FBitWriter@@QAE@ABU0@@Z
??0FBitWriter@@QAE@H@Z
??0FBitWriterMark@@QAE@AAUFBitWriter@@@Z
??0FBitWriterMark@@QAE@XZ
??0FBlowFish@@QAE@XZ
??0FBox@@QAE@ABVFVector@@0@Z
??0FBox@@QAE@H@Z
??0FBox@@QAE@PBVFVector@@H@Z
??0FBox@@QAE@XZ
??0FCoords@@QAE@ABVFVector@@000@Z
??0FCoords@@QAE@ABVFVector@@@Z
??0FCoords@@QAE@XZ
??0FCriticalSection@@QAE@XZ
??0FDependency@@QAE@PAVUClass@@H@Z
??0FDependency@@QAE@XZ
??0FFileStream@@AAE@XZ
??0FFrame@@QAE@ABU0@@Z
??0FFrame@@QAE@PAVUObject@@@Z
??0FFrame@@QAE@PAVUObject@@PAVUStruct@@HPAX@Z
??0FGenerationInfo@@QAE@HH@Z
??0FGlobalMath@@QAE@XZ
??0FINT64@@QAE@H@Z
??0FINT64@@QAE@HH@Z
??0FINT64@@QAE@XZ
??0FINT64@@QAE@_J@Z
??0FInterpCurve@@QAE@ABV0@@Z
??0FInterpCurve@@QAE@XZ
??0FLabelEntry@@QAE@VFName@@H@Z
??0FMatrix@@QAE@ABVFVector@@ABVFQuat@@@Z
??0FMatrix@@QAE@VFPlane@@000@Z
??0FMatrix@@QAE@XZ
??0FMemCache@@QAE@XZ
??0FMemMark@@QAE@AAVFMemStack@@@Z
??0FMemMark@@QAE@XZ
??0FMemStack@@QAE@XZ
??0FMemStackStats@@QAE@XZ
??0FName@@QAE@PB_WW4EFindName@@@Z
??0FName@@QAE@W4EName@@@Z
??0FName@@QAE@XZ
??0FOutputDevice@@QAE@ABV0@@Z
??0FOutputDevice@@QAE@XZ
??0FPackageFileSummary@@QAE@ABU0@@Z
??0FPackageFileSummary@@QAE@XZ
??0FPackageInfo@@QAE@ABV0@@Z
??0FPackageInfo@@QAE@PAVULinkerLoad@@@Z
??0FParamMap@@QAE@ABV0@@Z
??0FParamMap@@QAE@XZ
??0FQuat@@QAE@ABVFMatrix@@@Z
??0FQuat@@QAE@MMMM@Z
??0FQuat@@QAE@XZ
??0FRotator@@QAE@ABVFQuat@@@Z
??0FRotator@@QAE@HHH@Z
??0FRotator@@QAE@XZ
??0FSingletonBase@@IAE@XZ
??0FSingletonBase@@QAE@ABV0@@Z
??0FSphere@@QAE@ABV0@@Z
??0FSphere@@QAE@ABVFVector@@M@Z
??0FSphere@@QAE@H@Z
??0FSphere@@QAE@PBVFVector@@H@Z
??0FSphere@@QAE@XZ
??0FString@@AAE@HPB_W@Z
??0FString@@QAE@ABV0@@Z
??0FString@@QAE@CH@Z
??0FString@@QAE@EH@Z
??0FString@@QAE@FH@Z
??0FString@@QAE@GH@Z
??0FString@@QAE@HH@Z
??0FString@@QAE@KH@Z
??0FString@@QAE@MHHH@Z
??0FString@@QAE@NHHH@Z
??0FString@@QAE@PBD@Z
??0FString@@QAE@PB_W@Z
??0FString@@QAE@W4ENoInit@@@Z
??0FString@@QAE@XZ
??0FVariance@@QAE@ABV0@@Z
??0FVariance@@QAE@ABVFString@@@Z
??0FVariance@@QAE@H@Z
??0FVariance@@QAE@M@Z
??0FVariance@@QAE@PB_W@Z
??0FVariance@@QAE@_J@Z
??0FVector@@QAE@M@Z
??0FVector@@QAE@MMM@Z
??0FVector@@QAE@XZ
??0L2Configuration@@AAE@XZ
??0L2Configuration@@QAE@ABV0@@Z
??0L2ParamStack@@QAE@AAV0@@Z
??0L2ParamStack@@QAE@H@Z
??0L2ThreadBase@@QAE@ABV0@@Z
??0L2ThreadBase@@QAE@PA_W@Z
??0L2ThreadStats@@QAE@XZ
??0L2ThreadUtil@@QAE@ABV0@@Z
??0L2ThreadUtil@@QAE@XZ
??0L2UserHardWareInformation@@AAE@XZ
??0L2UserHardWareInformation@@QAE@ABV0@@Z
??0UArrayProperty@@QAE@ABV0@@Z
??0UArrayProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UArrayProperty@@QAE@XZ
??0UBoolProperty@@QAE@ABV0@@Z
??0UBoolProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UBoolProperty@@QAE@XZ
??0UByteProperty@@QAE@ABV0@@Z
??0UByteProperty@@QAE@W4ECppProperty@@HPB_WKPAVUEnum@@@Z
??0UByteProperty@@QAE@XZ
??0UClass@@QAE@ABV0@@Z
??0UClass@@QAE@PAV0@@Z
??0UClass@@QAE@W4ENativeConstructor@@KKPAV0@1VFGuid@@PB_W33KP6AXPAX@ZP8UObject@@AEXXZ@Z
??0UClass@@QAE@W4EStaticConstructor@@KKVFGuid@@PB_W22KP6AXPAX@ZP8UObject@@AEXXZ@Z
??0UClass@@QAE@XZ
??0UClassProperty@@QAE@ABV0@@Z
??0UClassProperty@@QAE@W4ECppProperty@@HPB_WKPAVUClass@@@Z
??0UClassProperty@@QAE@XZ
??0UCommandlet@@QAE@ABV0@@Z
??0UCommandlet@@QAE@XZ
??0UConst@@IAE@XZ
??0UConst@@QAE@ABV0@@Z
??0UConst@@QAE@PAV0@PB_W@Z
??0UDelegateProperty@@QAE@ABV0@@Z
??0UDelegateProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UDelegateProperty@@QAE@XZ
??0UEnum@@IAE@XZ
??0UEnum@@QAE@ABV0@@Z
??0UEnum@@QAE@PAV0@@Z
??0UExporter@@QAE@ABV0@@Z
??0UExporter@@QAE@XZ
??0UFactory@@QAE@ABV0@@Z
??0UFactory@@QAE@XZ
??0UField@@IAE@XZ
??0UField@@QAE@ABV0@@Z
??0UField@@QAE@PAV0@@Z
??0UField@@QAE@W4ENativeConstructor@@PAVUClass@@PB_W2KPAV0@@Z
??0UField@@QAE@W4EStaticConstructor@@PB_W1K@Z
??0UFixedArrayProperty@@QAE@ABV0@@Z
??0UFixedArrayProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UFixedArrayProperty@@QAE@XZ
??0UFloatProperty@@QAE@ABV0@@Z
??0UFloatProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UFloatProperty@@QAE@XZ
??0UFunction@@IAE@XZ
??0UFunction@@QAE@ABV0@@Z
??0UFunction@@QAE@PAV0@@Z
??0UIntProperty@@QAE@ABV0@@Z
??0UIntProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UIntProperty@@QAE@XZ
??0ULanguage@@IAE@XZ
??0ULanguage@@QAE@ABV0@@Z
??0ULinker@@IAE@XZ
??0ULinker@@QAE@ABV0@@Z
??0ULinker@@QAE@PAVUObject@@@Z
??0ULinker@@QAE@PAVUObject@@PB_W@Z
??0UMapProperty@@QAE@ABV0@@Z
??0UMapProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UMapProperty@@QAE@XZ
??0UNameProperty@@QAE@ABV0@@Z
??0UNameProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UNameProperty@@QAE@XZ
??0UObject@@QAE@ABV0@@Z
??0UObject@@QAE@W4EInPlaceConstructor@@PAVUClass@@PAV0@VFName@@K@Z
??0UObject@@QAE@W4ENativeConstructor@@PAVUClass@@PB_W2K@Z
??0UObject@@QAE@W4EStaticConstructor@@PB_W1K@Z
??0UObject@@QAE@XZ
??0UObjectExporterT3D@@QAE@ABV0@@Z
??0UObjectExporterT3D@@QAE@XZ
??0UObjectProperty@@QAE@ABV0@@Z
??0UObjectProperty@@QAE@W4ECppProperty@@HPB_WKPAVUClass@@@Z
??0UObjectProperty@@QAE@XZ
??0UPackage@@QAE@ABV0@@Z
??0UPackage@@QAE@XZ
??0UPackageMap@@QAE@ABV0@@Z
??0UPackageMap@@QAE@XZ
??0UParamStack@@IAE@XZ
??0UParamStack@@QAE@ABV0@@Z
??0UProperty@@QAE@ABV0@@Z
??0UProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UProperty@@QAE@XZ
??0UState@@IAE@XZ
??0UState@@QAE@ABV0@@Z
??0UState@@QAE@PAV0@@Z
??0UState@@QAE@W4ENativeConstructor@@HPB_W1KPAV0@@Z
??0UState@@QAE@W4EStaticConstructor@@HPB_W1K@Z
??0UStrProperty@@QAE@ABV0@@Z
??0UStrProperty@@QAE@W4ECppProperty@@HPB_WK@Z
??0UStrProperty@@QAE@XZ
??0UStruct@@IAE@XZ
??0UStruct@@QAE@ABV0@@Z
??0UStruct@@QAE@PAV0@@Z
??0UStruct@@QAE@W4ENativeConstructor@@HPB_W1KPAV0@@Z
??0UStruct@@QAE@W4EStaticConstructor@@HPB_W1K@Z
??0UStructProperty@@QAE@ABV0@@Z
??0UStructProperty@@QAE@W4ECppProperty@@HPB_WKPAVUStruct@@@Z
??0UStructProperty@@QAE@XZ
??0USubsystem@@IAE@XZ
??0USubsystem@@QAE@ABV0@@Z
??0UTextBuffer@@QAE@ABV0@@Z
??0UTextBuffer@@QAE@PB_W@Z
??0UTextBufferFactory@@QAE@ABV0@@Z
??0UTextBufferFactory@@QAE@XZ
??1?$TArray@_W@@QAE@XZ
??1?$TSingleton@VL2Configuration@@@@MAE@XZ
??1?$TSingleton@VL2ThreadUtil@@@@MAE@XZ
??1?$TSingleton@VL2UserHardWareInformation@@@@MAE@XZ
??1FArchive@@UAE@XZ
??1FArray@@QAE@XZ
??1FBitReader@@UAE@XZ
??1FBitWriter@@UAE@XZ
??1FCriticalSection@@QAE@XZ
??1FFileStream@@AAE@XZ
??1FInterpCurve@@QAE@XZ
??1FMatrix@@QAE@XZ
??1FMemStack@@QAE@XZ
??1FMemStackFrame@@QAE@XZ
??1FPackageFileSummary@@QAE@XZ
??1FPackageInfo@@QAE@XZ
??1FParamMap@@QAE@XZ
??1FSingletonBase@@MAE@XZ
??1FString@@QAE@XZ
??1FVariance@@QAE@XZ
??1L2Configuration@@UAE@XZ
??1L2ParamStack@@QAE@XZ
??1L2ThreadBase@@UAE@XZ
??1L2ThreadUtil@@UAE@XZ
??1L2UserHardWareInformation@@EAE@XZ
??1UArrayProperty@@UAE@XZ
??1UBoolProperty@@UAE@XZ
??1UByteProperty@@UAE@XZ
??1UClass@@UAE@XZ
??1UClassProperty@@UAE@XZ
??1UCommandlet@@UAE@XZ
??1UConst@@UAE@XZ
??1UDelegateProperty@@UAE@XZ
??1UEnum@@UAE@XZ
??1UExporter@@UAE@XZ
??1UFactory@@UAE@XZ
??1UField@@UAE@XZ
??1UFixedArrayProperty@@UAE@XZ
??1UFloatProperty@@UAE@XZ
??1UFunction@@UAE@XZ
??1UIntProperty@@UAE@XZ
??1ULanguage@@UAE@XZ
??1ULinker@@UAE@XZ
??1UMapProperty@@UAE@XZ
??1UNameProperty@@UAE@XZ
??1UObject@@UAE@XZ
??1UObjectExporterT3D@@UAE@XZ
??1UObjectProperty@@UAE@XZ
??1UPackage@@UAE@XZ
??1UPackageMap@@UAE@XZ
??1UParamStack@@UAE@XZ
??1UProperty@@UAE@XZ
??1UState@@UAE@XZ
??1UStrProperty@@UAE@XZ
??1UStruct@@UAE@XZ
??1UStructProperty@@UAE@XZ
??1USubsystem@@UAE@XZ
??1UTextBuffer@@UAE@XZ
??1UTextBufferFactory@@UAE@XZ
??2UArrayProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UArrayProperty@@SAPAXIPAW4EInternal@@@Z
??2UBoolProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UBoolProperty@@SAPAXIPAW4EInternal@@@Z
??2UByteProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UByteProperty@@SAPAXIPAW4EInternal@@@Z
??2UClass@@SAPAXIPAVUObject@@PB_WK@Z
??2UClass@@SAPAXIPAW4EInternal@@@Z
??2UClassProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UClassProperty@@SAPAXIPAW4EInternal@@@Z
??2UCommandlet@@SAPAXIPAVUObject@@PB_WK@Z
??2UCommandlet@@SAPAXIPAW4EInternal@@@Z
??2UConst@@SAPAXIPAVUObject@@PB_WK@Z
??2UConst@@SAPAXIPAW4EInternal@@@Z
??2UDelegateProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UDelegateProperty@@SAPAXIPAW4EInternal@@@Z
??2UEnum@@SAPAXIPAVUObject@@PB_WK@Z
??2UEnum@@SAPAXIPAW4EInternal@@@Z
??2UExporter@@SAPAXIPAVUObject@@PB_WK@Z
??2UExporter@@SAPAXIPAW4EInternal@@@Z
??2UFactory@@SAPAXIPAVUObject@@PB_WK@Z
??2UFactory@@SAPAXIPAW4EInternal@@@Z
??2UField@@SAPAXIPAVUObject@@PB_WK@Z
??2UField@@SAPAXIPAW4EInternal@@@Z
??2UFixedArrayProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UFixedArrayProperty@@SAPAXIPAW4EInternal@@@Z
??2UFloatProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UFloatProperty@@SAPAXIPAW4EInternal@@@Z
??2UFunction@@SAPAXIPAVUObject@@PB_WK@Z
??2UFunction@@SAPAXIPAW4EInternal@@@Z
??2UIntProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UIntProperty@@SAPAXIPAW4EInternal@@@Z
??2ULanguage@@SAPAXIPAVUObject@@PB_WK@Z
??2ULanguage@@SAPAXIPAW4EInternal@@@Z
??2ULinker@@SAPAXIPAVUObject@@PB_WK@Z
??2ULinker@@SAPAXIPAW4EInternal@@@Z
??2UMapProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UMapProperty@@SAPAXIPAW4EInternal@@@Z
??2UNameProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UNameProperty@@SAPAXIPAW4EInternal@@@Z
??2UObject@@SAPAXIPAV0@PB_WK@Z
??2UObject@@SAPAXIPAW4EInternal@@@Z
??2UObjectExporterT3D@@SAPAXIPAVUObject@@PB_WK@Z
??2UObjectExporterT3D@@SAPAXIPAW4EInternal@@@Z
??2UObjectProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UObjectProperty@@SAPAXIPAW4EInternal@@@Z
??2UPackage@@SAPAXIPAVUObject@@PB_WK@Z
??2UPackage@@SAPAXIPAW4EInternal@@@Z
??2UPackageMap@@SAPAXIPAVUObject@@PB_WK@Z
??2UPackageMap@@SAPAXIPAW4EInternal@@@Z
??2UParamStack@@SAPAXIPAVUObject@@PB_WK@Z
??2UParamStack@@SAPAXIPAW4EInternal@@@Z
??2UProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UProperty@@SAPAXIPAW4EInternal@@@Z
??2UState@@SAPAXIPAVUObject@@PB_WK@Z
??2UState@@SAPAXIPAW4EInternal@@@Z
??2UStrProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UStrProperty@@SAPAXIPAW4EInternal@@@Z
??2UStruct@@SAPAXIPAVUObject@@PB_WK@Z
??2UStruct@@SAPAXIPAW4EInternal@@@Z
??2UStructProperty@@SAPAXIPAVUObject@@PB_WK@Z
??2UStructProperty@@SAPAXIPAW4EInternal@@@Z
??2USubsystem@@SAPAXIPAVUObject@@PB_WK@Z
??2USubsystem@@SAPAXIPAW4EInternal@@@Z
??2UTextBuffer@@SAPAXIPAVUObject@@PB_WK@Z
??2UTextBuffer@@SAPAXIPAW4EInternal@@@Z
??2UTextBufferFactory@@SAPAXIPAVUObject@@PB_WK@Z
??2UTextBufferFactory@@SAPAXIPAW4EInternal@@@Z
??3UArrayProperty@@SAXPAX@Z
??3UArrayProperty@@SAXPAXPAVUObject@@@Z
??3UArrayProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UArrayProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UArrayProperty@@SAXPAXPAW4EInternal@@@Z
??3UBoolProperty@@SAXPAX@Z
??3UBoolProperty@@SAXPAXPAVUObject@@@Z
??3UBoolProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UBoolProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UBoolProperty@@SAXPAXPAW4EInternal@@@Z
??3UByteProperty@@SAXPAX@Z
??3UByteProperty@@SAXPAXPAVUObject@@@Z
??3UByteProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UByteProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UByteProperty@@SAXPAXPAW4EInternal@@@Z
??3UClass@@SAXPAX@Z
??3UClass@@SAXPAXPAVUObject@@@Z
??3UClass@@SAXPAXPAVUObject@@PB_W@Z
??3UClass@@SAXPAXPAVUObject@@PB_WK@Z
??3UClass@@SAXPAXPAW4EInternal@@@Z
??3UClassProperty@@SAXPAX@Z
??3UClassProperty@@SAXPAXPAVUObject@@@Z
??3UClassProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UClassProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UClassProperty@@SAXPAXPAW4EInternal@@@Z
??3UCommandlet@@SAXPAX@Z
??3UCommandlet@@SAXPAXPAVUObject@@@Z
??3UCommandlet@@SAXPAXPAVUObject@@PB_W@Z
??3UCommandlet@@SAXPAXPAVUObject@@PB_WK@Z
??3UCommandlet@@SAXPAXPAW4EInternal@@@Z
??3UConst@@SAXPAX@Z
??3UConst@@SAXPAXPAVUObject@@@Z
??3UConst@@SAXPAXPAVUObject@@PB_W@Z
??3UConst@@SAXPAXPAVUObject@@PB_WK@Z
??3UConst@@SAXPAXPAW4EInternal@@@Z
??3UDelegateProperty@@SAXPAX@Z
??3UDelegateProperty@@SAXPAXPAVUObject@@@Z
??3UDelegateProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UDelegateProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UDelegateProperty@@SAXPAXPAW4EInternal@@@Z
??3UEnum@@SAXPAX@Z
??3UEnum@@SAXPAXPAVUObject@@@Z
??3UEnum@@SAXPAXPAVUObject@@PB_W@Z
??3UEnum@@SAXPAXPAVUObject@@PB_WK@Z
??3UEnum@@SAXPAXPAW4EInternal@@@Z
??3UExporter@@SAXPAX@Z
??3UExporter@@SAXPAXPAVUObject@@@Z
??3UExporter@@SAXPAXPAVUObject@@PB_W@Z
??3UExporter@@SAXPAXPAVUObject@@PB_WK@Z
??3UExporter@@SAXPAXPAW4EInternal@@@Z
??3UFactory@@SAXPAX@Z
??3UFactory@@SAXPAXPAVUObject@@@Z
??3UFactory@@SAXPAXPAVUObject@@PB_W@Z
??3UFactory@@SAXPAXPAVUObject@@PB_WK@Z
??3UFactory@@SAXPAXPAW4EInternal@@@Z
??3UField@@SAXPAX@Z
??3UField@@SAXPAXPAVUObject@@@Z
??3UField@@SAXPAXPAVUObject@@PB_W@Z
??3UField@@SAXPAXPAVUObject@@PB_WK@Z
??3UField@@SAXPAXPAW4EInternal@@@Z
??3UFixedArrayProperty@@SAXPAX@Z
??3UFixedArrayProperty@@SAXPAXPAVUObject@@@Z
??3UFixedArrayProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UFixedArrayProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UFixedArrayProperty@@SAXPAXPAW4EInternal@@@Z
??3UFloatProperty@@SAXPAX@Z
??3UFloatProperty@@SAXPAXPAVUObject@@@Z
??3UFloatProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UFloatProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UFloatProperty@@SAXPAXPAW4EInternal@@@Z
??3UFunction@@SAXPAX@Z
??3UFunction@@SAXPAXPAVUObject@@@Z
??3UFunction@@SAXPAXPAVUObject@@PB_W@Z
??3UFunction@@SAXPAXPAVUObject@@PB_WK@Z
??3UFunction@@SAXPAXPAW4EInternal@@@Z
??3UIntProperty@@SAXPAX@Z
??3UIntProperty@@SAXPAXPAVUObject@@@Z
??3UIntProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UIntProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UIntProperty@@SAXPAXPAW4EInternal@@@Z
??3ULanguage@@SAXPAX@Z
??3ULanguage@@SAXPAXPAVUObject@@@Z
??3ULanguage@@SAXPAXPAVUObject@@PB_W@Z
??3ULanguage@@SAXPAXPAVUObject@@PB_WK@Z
??3ULanguage@@SAXPAXPAW4EInternal@@@Z
??3ULinker@@SAXPAX@Z
??3ULinker@@SAXPAXPAVUObject@@@Z
??3ULinker@@SAXPAXPAVUObject@@PB_W@Z
??3ULinker@@SAXPAXPAVUObject@@PB_WK@Z
??3ULinker@@SAXPAXPAW4EInternal@@@Z
??3UMapProperty@@SAXPAX@Z
??3UMapProperty@@SAXPAXPAVUObject@@@Z
??3UMapProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UMapProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UMapProperty@@SAXPAXPAW4EInternal@@@Z
??3UNameProperty@@SAXPAX@Z
??3UNameProperty@@SAXPAXPAVUObject@@@Z
??3UNameProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UNameProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UNameProperty@@SAXPAXPAW4EInternal@@@Z
??3UObject@@SAXPAX@Z
??3UObject@@SAXPAXPAV0@@Z
??3UObject@@SAXPAXPAV0@PB_W@Z
??3UObject@@SAXPAXPAV0@PB_WK@Z
??3UObject@@SAXPAXPAW4EInternal@@@Z
??3UObjectExporterT3D@@SAXPAX@Z
??3UObjectExporterT3D@@SAXPAXPAVUObject@@@Z
??3UObjectExporterT3D@@SAXPAXPAVUObject@@PB_W@Z
??3UObjectExporterT3D@@SAXPAXPAVUObject@@PB_WK@Z
??3UObjectExporterT3D@@SAXPAXPAW4EInternal@@@Z
??3UObjectProperty@@SAXPAX@Z
??3UObjectProperty@@SAXPAXPAVUObject@@@Z
??3UObjectProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UObjectProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UObjectProperty@@SAXPAXPAW4EInternal@@@Z
??3UPackage@@SAXPAX@Z
??3UPackage@@SAXPAXPAVUObject@@@Z
??3UPackage@@SAXPAXPAVUObject@@PB_W@Z
??3UPackage@@SAXPAXPAVUObject@@PB_WK@Z
??3UPackage@@SAXPAXPAW4EInternal@@@Z
??3UPackageMap@@SAXPAX@Z
??3UPackageMap@@SAXPAXPAVUObject@@@Z
??3UPackageMap@@SAXPAXPAVUObject@@PB_W@Z
??3UPackageMap@@SAXPAXPAVUObject@@PB_WK@Z
??3UPackageMap@@SAXPAXPAW4EInternal@@@Z
??3UParamStack@@SAXPAX@Z
??3UParamStack@@SAXPAXPAVUObject@@@Z
??3UParamStack@@SAXPAXPAVUObject@@PB_W@Z
??3UParamStack@@SAXPAXPAVUObject@@PB_WK@Z
??3UParamStack@@SAXPAXPAW4EInternal@@@Z
??3UProperty@@SAXPAX@Z
??3UProperty@@SAXPAXPAVUObject@@@Z
??3UProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UProperty@@SAXPAXPAW4EInternal@@@Z
??3UState@@SAXPAX@Z
??3UState@@SAXPAXPAVUObject@@@Z
??3UState@@SAXPAXPAVUObject@@PB_W@Z
??3UState@@SAXPAXPAVUObject@@PB_WK@Z
??3UState@@SAXPAXPAW4EInternal@@@Z
??3UStrProperty@@SAXPAX@Z
??3UStrProperty@@SAXPAXPAVUObject@@@Z
??3UStrProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UStrProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UStrProperty@@SAXPAXPAW4EInternal@@@Z
??3UStruct@@SAXPAX@Z
??3UStruct@@SAXPAXPAVUObject@@@Z
??3UStruct@@SAXPAXPAVUObject@@PB_W@Z
??3UStruct@@SAXPAXPAVUObject@@PB_WK@Z
??3UStruct@@SAXPAXPAW4EInternal@@@Z
??3UStructProperty@@SAXPAX@Z
??3UStructProperty@@SAXPAXPAVUObject@@@Z
??3UStructProperty@@SAXPAXPAVUObject@@PB_W@Z
??3UStructProperty@@SAXPAXPAVUObject@@PB_WK@Z
??3UStructProperty@@SAXPAXPAW4EInternal@@@Z
??3USubsystem@@SAXPAX@Z
??3USubsystem@@SAXPAXPAVUObject@@@Z
??3USubsystem@@SAXPAXPAVUObject@@PB_W@Z
??3USubsystem@@SAXPAXPAVUObject@@PB_WK@Z
??3USubsystem@@SAXPAXPAW4EInternal@@@Z

Sections

.text
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
system/Core.u
system/CreditFont.gly
system/D3DDrv.dll
.dll windows:4 windows x86 arch:x86

c520421dbb790445a338a1413f18c65e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

d3d9

Direct3DCreate9

ddraw

DirectDrawCreateEx

core

??YFString@@QAEAAV0@ABV0@@Z
?appUnwindf@@YAXPB_WZZ
??1FString@@QAE@XZ
?GMalloc@@3PAVFMalloc@@A
??4FString@@QAEAAV0@ABV0@@Z
?GSEKScreenY@@3HA
?GSEKScreenX@@3HA
??0FString@@QAE@PB_W@Z
??YFString@@QAEAAV0@PB_W@Z
??DFString@@QBEPB_WXZ
?appItoa@@YAPA_WH@Z
?Printf@FString@@SA?AV1@PB_WZZ
??4FString@@QAEAAV0@PB_W@Z
?GetObj@?$TSingleton@VL2Configuration@@@@SAAAVL2Configuration@@XZ
?Logf@FOutputDevice@@QAAXPB_WZZ
??0FArray@@IAE@HH@Z
?GWarn@@3PAVFFeedbackContext@@A
?winToUNICODE@@YAPA_WPA_WPBDH@Z
??1FArray@@QAE@XZ
?winGetSizeUNICODE@@YAHPBD@Z
?Add@FArray@@QAEHHH@Z
?appFailAssert@@YAXPBD0H@Z
??8FString@@QBEHABV0@@Z
?Remove@FArray@@QAEXHHH@Z
?winGetSizeANSI@@YAHPB_W@Z
?GL2HDREffectType@@3HA
?GConfig@@3PAVFConfigCache@@A
??0FString@@QAE@ABV0@@Z
??0FString@@QAE@XZ
?GError@@3PAVFOutputDeviceError@@A
?GIsUCC@@3HA
?Logf@FOutputDevice@@QAAXW4EName@@PB_WZZ
?winToANSI@@YAPADPADPB_WH@Z
?appFromAnsi@@YAPB_WPBDPA_W@Z
?debugf@@YAXPB_WZZ
?debugf@@YAXW4EName@@PB_WZZ
?appLoadFileToString@@YAHAAVFString@@PB_WPAVFFileManager@@@Z
??6@YAAAVFArchive@@AAV0@AAVFString@@@Z
??0FSingletonBase@@IAE@XZ
?GFileManager@@3PAVFFileManager@@A
??1FSingletonBase@@MAE@XZ
?GNull@@3PAVFOutputDevice@@A
??6@YAAAVFArchive@@AAV0@AAVFCompactIndex@@@Z
?Realloc@FArray@@IAEXH@Z
?CountBytes@FArray@@QAEXAAVFArchive@@H@Z
?ByteOrderSerialize@FArchive@@QAEAAV1@PAXH@Z
??8FString@@QBEHPB_W@Z
?GCRCTable@@3PAKA
?appFloor@@YAHM@Z
?ClearL2Game@UObject@@UAEXXZ
?IsPendingKill@UObject@@UAEHXZ
?IsLoaded@UObject@@UAEHXZ
??1FMatrix@@QAE@XZ
?Rename@UObject@@UAEXPB_WPAV1@@Z
?ConditionalDestroy@UObject@@QAEHXZ
?StaticAllocateObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@11@Z
?LanguageChange@UObject@@UAEXXZ
?Register@UObject@@UAEXXZ
?ScriptConsoleExec@UObject@@UAEHPB_WAAVFOutputDevice@@PAV1@@Z
?CallFunction@UObject@@UAEXAAUFFrame@@QAXPAVUFunction@@@Z
?PostEditChange@UObject@@UAEXXZ
?Identity@FMatrix@@2V1@A
?ShutdownAfterError@UObject@@UAEXXZ
?InitExecution@UObject@@UAEXXZ
?GotoLabel@UObject@@UAEHVFName@@@Z
?GotoState@UObject@@UAE?AW4EGotoState@@VFName@@@Z
?Serialize@UObject@@UAEXAAVFArchive@@@Z
?PostLoad@UObject@@UAEXXZ
?Modify@UObject@@UAEXXZ
?ProcessRemoteFunction@UObject@@UAEHPAVUFunction@@PAXPAUFFrame@@@Z
??0FSphere@@QAE@ABV0@@Z
?ProcessState@UObject@@UAEXM@Z
?ProcessDelegate@UObject@@UAEXVFName@@PAUFScriptDelegate@@PAX2@Z
?ProcessEvent@UObject@@UAEXPAVUFunction@@PAX1@Z
?Tick@USubsystem@@UAEXM@Z
?Release@UObject@@UAGKXZ
?AddRef@UObject@@UAGKXZ
?NetDirty@UObject@@UAEXPAVUProperty@@@Z
?QueryInterface@UObject@@UAGKABVFGuid@@PAPAX@Z
??0FName@@QAE@PB_WW4EFindName@@@Z
?OnEvent@UObject@@UAEXABVFString@@0@Z
?appStrcmp@@YAHPB_W0@Z
?GSecondsPerCycle@@3NA
?GLanguageType@@3HA
?appSprintf@@YAHPA_WPB_WZZ
??9FString@@QBEHPB_W@Z
?Empty@FString@@QAEXXZ
?GetPathName@UObject@@QBEPB_WPAV1@PA_W@Z
?GL2SkipCalculateFullShader@@3HA
?appSecondsQPC@@YANXZ
?Coords@FMatrix@@QAE?AVFCoords@@XZ
?GMakeCacheIDIndex@@3_KA
?GetTransientPackage@UObject@@SAPAVUPackage@@XZ
?StaticConstructObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@1@Z
?Normalize@FVector@@QAEHXZ
?SafeNormal@FVector@@QBE?AV1@XZ
??8FMatrix@@QBEHAAV0@@Z
??KFVector@@QBE?AV0@M@Z
?DestroyValue@UProperty@@UBEXPAX@Z
?appCmdLine@@YAPB_WXZ
??2UIntProperty@@SAPAXIPAVUObject@@PB_WK@Z
?CopyCompleteValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
??3UIntProperty@@SAXPAXPAVUObject@@PB_WK@Z
?CopySingleValue@UFloatProperty@@UBEXPAX0PAVUObject@@@Z
?GIsRequestingExit@@3HA
??0UIntProperty@@QAE@W4ECppProperty@@HPB_WK@Z
?ExportText@UProperty@@UBEHHAAVFString@@PAE1H@Z
?CopyCompleteValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?ImportText@UFloatProperty@@UBEPB_WPB_WPAEHH@Z
?CopySingleValue@UIntProperty@@UBEXPAX0PAVUObject@@@Z
?ExportTextItem@UFloatProperty@@UBEXAAVFString@@PAE1H@Z
?appRound@@YAHM@Z
?ImportText@UIntProperty@@UBEPB_WPB_WPAEHH@Z
??2UBoolProperty@@SAPAXIPAVUObject@@PB_WK@Z
?NetSerializeItem@UFloatProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
??1UFloatProperty@@UAE@XZ
?appPow@@YANNN@Z
?ExportTextItem@UIntProperty@@UBEXAAVFString@@PAE1H@Z
?SerializeItem@UFloatProperty@@UBEXAAVFArchive@@PAXH@Z
?NetSerializeItem@UIntProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
??3UBoolProperty@@SAXPAXPAVUObject@@PB_WK@Z
?ExportCppItem@UFloatProperty@@UBEXAAVFOutputDevice@@H@Z
?SerializeItem@UIntProperty@@UBEXAAVFArchive@@PAXH@Z
?GetObj@?$TSingleton@VL2UserHardWareInformation@@@@SAAAVL2UserHardWareInformation@@XZ
??0UBoolProperty@@QAE@W4ECppProperty@@HPB_WK@Z
?ExportCpp@UProperty@@UBEXAAVFOutputDevice@@HHHH@Z
?ExportCppItem@UIntProperty@@UBEXAAVFOutputDevice@@H@Z
?CopyCompleteValue@UProperty@@UBEXPAX0PAVUObject@@@Z
?Identical@UFloatProperty@@UBEHPBX0@Z
?ParseCommand@@YAHPAPB_WPB_W@Z
?Identical@UIntProperty@@UBEHPBX0@Z
?CopySingleValue@UBoolProperty@@UBEXPAX0PAVUObject@@@Z
?Link@UFloatProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?Link@UIntProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?appAtoi@@YAHPB_W@Z
?ImportText@UBoolProperty@@UBEPB_WPB_WPAEHH@Z
?CleanupDestroyed@UProperty@@UBEXPAE@Z
??3UIntProperty@@SAXPAX@Z
?NEAR_CLIPPING_PLANE@@3MA
??1UClass@@UAE@XZ
?ExportTextItem@UBoolProperty@@UBEXAAVFString@@PAE1H@Z
?GetPropertiesSize@UField@@UAEHXZ
?GL2Antialiasing@@3HA
?appAtof@@YAMPB_W@Z
?NetSerializeItem@UBoolProperty@@UBEHAAVFArchive@@PAVUPackageMap@@PAX@Z
?GetOwnerClass@UField@@UAEPAVUClass@@XZ
?SetVGAInfo@L2UserHardWareInformation@@QAEXVFString@@T_LARGE_INTEGER@@@Z
??1UIntProperty@@UAE@XZ
?Parse@@YAHPB_W0AAK@Z
?SerializeItem@UBoolProperty@@UBEXAAVFArchive@@PAXH@Z
?Bind@UField@@UAEXXZ
??0UClass@@QAE@W4ENativeConstructor@@KKPAV0@1VFGuid@@PB_W33KP6AXPAX@ZP8UObject@@AEXXZ@Z
?Parse@@YAHPB_W0AAH@Z
?ExportCppItem@UBoolProperty@@UBEXAAVFOutputDevice@@H@Z
?MergeBools@UField@@UAEHXZ
??0FString@@QAE@PBD@Z
?Identical@UBoolProperty@@UBEHPBX0@Z
?AddCppProperty@UField@@UAEXPAVUProperty@@@Z
?StaticConfigName@UObject@@SAPB_WXZ
?Link@UBoolProperty@@UAEXAAVFArchive@@PAVUProperty@@@Z
?GL2NVPerfHUD@@3HA
?Serialize@UBoolProperty@@UAEXAAVFArchive@@@Z
?appSleep@@YAXM@Z
?Destroy@UObject@@UAEXXZ
?PrivateStaticClass@UObject@@0VUClass@@A
??3UBoolProperty@@SAXPAX@Z
?Register@UField@@UAEXXZ
?appMemset@@YAXPAXHH@Z
??1UBoolProperty@@UAE@XZ
?GL2EnableStaticMeshShadow@@3HA
?GIsEditor@@3HA
??2UFloatProperty@@SAPAXIPAVUObject@@PB_WK@Z
?Serialize@UProperty@@UAEXAAVFArchive@@@Z
??3UFloatProperty@@SAXPAXPAVUObject@@PB_WK@Z
?PostLoad@UField@@UAEXXZ
?GL2Shader@@3HA
?GL2UseTrilinear@@3HA
??0UFloatProperty@@QAE@W4ECppProperty@@HPB_WK@Z
?GetID@UProperty@@UBEEXZ
?GMachineVideo@@3PA_WA
??3UFloatProperty@@SAXPAX@Z
?Port@UProperty@@UBEHXZ
?ParseParam@@YAHPB_W0@Z
?appCos@@YANN@Z
?GetFullName@UObject@@QBEPB_WPA_W@Z
?GetDefaultObject@UClass@@QAEPAVUObject@@XZ
?Size@FVector@@QBEMXZ
??0FSphere@@QAE@XZ
??0FSphere@@QAE@H@Z
?GetName@UObject@@QBEPB_WXZ
?appMemcmp@@YAHPBX0H@Z
?AddZeroed@FArray@@QAEHHH@Z
??0UCommandlet@@QAE@XZ
??1UCommandlet@@UAE@XZ
?DynamicReloadCheck@UCommandlet@@UAEHH@Z
?PrivateStaticClass@UCommandlet@@0VUClass@@A

engine

?GetObj@?$TSingleton@VUPostEffEnvManager@@@@SAAAVUPostEffEnvManager@@XZ
?GStats@@3VFStats@@A
??0FVertexShaderFunction@@QAE@W4EVSFCommon@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFCommon@@@Z
?GetShaderFunctionValue@FShaderFunction@@QBEHXZ
??0FPixelShaderFunction@@QAE@W4EPSFEmitter@@@Z
??0FVertexShaderFunction@@QAE@W4EVSFEmitter@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFGaussianFilter@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFBloom@@@Z
?GEngineStats@@3VFEngineStats@@A
??0FShaderCode@@QAE@XZ
??1FShaderCode@@QAE@XZ
??6@YAAAVFArchive@@AAV0@AAPAVFShaderCode@@@Z
??0FVertexShaderFunction@@QAE@W4EVSFShadowMap@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFShadowMap@@@Z
??0FPixelShaderFunction@@QAE@W4EPSFVertexLight@@@Z
??0FVertexShaderFunction@@QAE@W4EVSFVertexLight@@@Z
??4URenderDevice@@QAEAAV0@ABV0@@Z
??0URenderDevice@@QAE@ABV0@@Z
?CompileShader@URenderDevice@@UAEHABVFString@@PAV?$TArray@K@@AAV2@@Z
?ClearCompiledShaders@URenderDevice@@UAEXXZ
??4?$TArray@E@@QAEAAV0@ABV0@@Z
??1URenderDevice@@UAE@XZ
??1?$TArray@E@@QAE@XZ
??0?$TArray@E@@QAE@ABV0@@Z
??1FMaterialStageProperty@@QAE@XZ
?GetStage@FShaderProperty@@QAE?AV?$TSmartPtr@VFMaterialStageProperty@@@@H@Z
?AddTexModifier@FShaderProperty@@QAEXHABVFString@@@Z
?PrivateStaticClass@UOpacityModifier@@0VUClass@@A
?RefreshBumpRawData@UBumpShader@@QAEXXZ
??_7FRenderResource@@6B@
?PrivateStaticClass@UFadeColor@@0VUClass@@A
?PrivateStaticClass@UTexture@@0VUClass@@A
?GetBumpRawData@UUnderWaterShader@@QAEPAEXZ
?PrivateStaticClass@UShader@@0VUClass@@A
?PrivateStaticClass@UColorModifier@@0VUClass@@A
?PrivateStaticClass@UL2ColorModifier@@0VUClass@@A
?PrivateStaticClass@UColorVariationMaterial@@0VUClass@@A
?PrivateStaticClass@UBitmapMaterial@@0VUClass@@A
?PrivateStaticClass@UModifier@@0VUClass@@A
??1FRenderResource@@UAE@XZ
?PrivateStaticClass@UTexModifier@@0VUClass@@A
?PrivateStaticClass@UFinalBlend@@0VUClass@@A
?PrivateStaticClass@UTexMatrix@@0VUClass@@A
?PrivateStaticClass@UCombiner@@0VUClass@@A
?GetCacheId@FRenderResource@@UAE_KXZ
?PrivateStaticClass@UVertexColor@@0VUClass@@A
?PrivateStaticClass@UConstantMaterial@@0VUClass@@A
?PrivateStaticClass@UUserDefinableMaterial@@0VUClass@@A
?GGlobalTempObjects@@3PAVUGlobalTempObjects@@A
?GetRefractionBkTex@FPlayerSceneNode@@SAPAVFAuxRenderTarget@@PAVUViewport@@@Z
?Add@?$TArray@E@@QAEHH@Z
?ClearFallbacks@UMaterial@@SAXXZ
?RefreshAll@UViewport@@SAXXZ
?LostDevice@URenderDevice@@QAEHXZ
??0URenderDevice@@QAE@XZ
??0?$TArray@E@@QAE@XZ
?PrivateStaticClass@URenderDevice@@0VUClass@@A
?RegisterStats@FStats@@QAEHW4EStatsType@@W4EStatsDataType@@VFString@@2W4EStatsUnit@@@Z
?SetRes@URenderDevice@@UAEHPAVUViewport@@HHHHHH@Z
?Empty@?$TArray@E@@QAEXH@Z
?GetPosition@FNPawnLight@@QAE?AVFVector@@XZ
?PrivateStaticClass@URenderedMaterial@@0VUClass@@A
?PauseRender@UDepthEffect@@QAEHPAVFRenderInterface@@@Z
?PrivateStaticClass@UBumpShader@@0VUClass@@A
?PrivateStaticClass@UUnderWaterShader@@0VUClass@@A
?Remove@?$TArray@E@@QAEXHH@Z
?ResumeRender@UDepthEffect@@QAEXPAVFRenderInterface@@@Z
?PrivateStaticClass@UMaterial@@0VUClass@@A
?GetObj@?$TSingleton@VUDepthEffect@@@@SAAAVUDepthEffect@@XZ
?GetLightColor@FDynamicLight@@QAE?AVFPlane@@W4ELightColorType@@@Z
?SetMaterial@FShaderProperty@@QAEXHPAVUBitmapMaterial@@@Z
?PrivateStaticClass@UProjectorMaterial@@0VUClass@@A
?SetStageCount@FShaderProperty@@QAEXH@Z
?PrivateStaticClass@UTerrainMaterial@@0VUClass@@A
?GetStageCount@FShaderProperty@@QBEHXZ
?PrivateStaticClass@UParticleMaterial@@0VUClass@@A
?Clear@FShaderProperty@@QAEXXZ
??0FVertexShaderFunction@@QAE@XZ
?PrivateStaticClass@UWaterMaterial@@0VUClass@@A
?GetShaderMaterial@UMaterial@@QAEPAVUBitmapMaterial@@H@Z
?PrivateStaticClass@UProxyBitmapMaterial@@0VUClass@@A
?GetTexModifierMatrix@FMaterialStageProperty@@QAEHMAAVFMatrix@@@Z
??0FPixelShaderFunction@@QAE@XZ
?PrivateStaticClass@UConstantColor@@0VUClass@@A
?GetDirection@FNPawnLight@@QAE?AVFVector@@XZ
?GL2GameData@@3VFL2GameData@@A
?ConvertDXT@UTexture@@QAE?AW4ETextureFormat@@HHHPAPAE@Z
?__Client@UTexture@@2PAVUClient@@A
??0FPixelShaderFunction@@QAE@W4EPSFSSAO@@@Z

kernel32

CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
WriteFile
HeapAlloc
GetProcessHeap
HeapFree
CreateFileMappingA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
GetFileSize
MapViewOfFile
GetLastError
OutputDebugStringA
VirtualAlloc
VirtualFree
MultiByteToWideChar
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcmpiA
WideCharToMultiByte
GetFullPathNameA
LeaveCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
Sleep
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
IsProcessorFeaturePresent
GetSystemInfo
GetVersionExA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
GetCommandLineA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapReAlloc
LCMapStringA
LCMapStringW
VirtualQuery
SetFilePointer
GetConsoleCP
GetConsoleMode

user32

ClientToScreen
GetSystemMetrics
MessageBoxW
GetClientRect
GetDC
GetDesktopWindow

gdi32

DeleteObject
SetDeviceGammaRamp
GetDeviceCaps

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

??0UD3DRenderDevice@@QAE@ABV0@@Z
??0UD3DRenderDevice@@QAE@XZ
??1UD3DRenderDevice@@UAE@XZ
??2UD3DRenderDevice@@SAPAXIPAVUObject@@PB_WK@Z
??2UD3DRenderDevice@@SAPAXIPAW4EInternal@@@Z
??3UD3DRenderDevice@@SAXPAX@Z
??3UD3DRenderDevice@@SAXPAXPAVUObject@@@Z
??3UD3DRenderDevice@@SAXPAXPAVUObject@@PB_W@Z
??3UD3DRenderDevice@@SAXPAXPAVUObject@@PB_WK@Z
??3UD3DRenderDevice@@SAXPAXPAW4EInternal@@@Z
??4UD3DRenderDevice@@QAEAAV0@ABV0@@Z
??_7UD3DRenderDevice@@6BFExec@@@
??_7UD3DRenderDevice@@6BUObject@@@
?CheckCachedResource@UD3DRenderDevice@@QAEXXZ
?ClearVertexDeclarationList@UD3DRenderDevice@@QAEXXZ
?CreatePixelShader@UD3DRenderDevice@@QBEPAUIDirect3DPixelShader9@@ABVFShaderCode@@@Z
?CreateVertexDeclaration@UD3DRenderDevice@@QAEPAUIDirect3DVertexDeclaration9@@AAUFShaderDeclaration@@@Z
?CreateVertexShader@UD3DRenderDevice@@QBEPAUIDirect3DVertexShader9@@ABVFShaderCode@@@Z
?DeleteAllTexture@UD3DRenderDevice@@UAEXXZ
?Destroy@UD3DRenderDevice@@EAEXXZ
?DiscardUnusedResource@UD3DRenderDevice@@QAEXPBVFD3DResource@@@Z
?Exec@UD3DRenderDevice@@UAEHPB_WAAVFOutputDevice@@@Z
?Exit@UD3DRenderDevice@@UAEXXZ
?Flush@UD3DRenderDevice@@UAEXXZ
?FlushResource@UD3DRenderDevice@@UAEX_K@Z
?GetBackBufferHeight@UD3DRenderDevice@@UBEHXZ
?GetBackBufferWidth@UD3DRenderDevice@@UBEHXZ
?GetCachedResource@UD3DRenderDevice@@QAEPAVFD3DResource@@_K@Z
?GetCreateTextureBytes@UD3DRenderDevice@@UAEKXZ
?GetCurrentRenderTargetBitDepth@UD3DRenderDevice@@QBEHXZ
?GetMultiSample@UD3DRenderDevice@@UAEHXZ
?GetRefreshRate@UD3DRenderDevice@@UAEHHHHHPAH@Z
?GetRenderCaps@UD3DRenderDevice@@UAEPAUFRenderCaps@@XZ
?GetRenderInterface@UD3DRenderDevice@@UAEPAVFRenderInterface@@XZ
?GetRes@UD3DRenderDevice@@UAEHHPAH00@Z
?GetResParams@UD3DRenderDevice@@UAEHAAH0000@Z
?GetShaderVersion@UD3DRenderDevice@@UAEXAAH0@Z
?HoldBackBuffer@UD3DRenderDevice@@UAEXXZ
?Init@UD3DRenderDevice@@UAEHXZ
?InternalConstructor@UD3DRenderDevice@@SAXPAX@Z
?IsUseTrilinear@UD3DRenderDevice@@UAEHXZ
?LoadCompiledShader@UD3DRenderDevice@@QAEXXZ
?Lock@UD3DRenderDevice@@UAEPAVFRenderInterface@@PAVUViewport@@PAEPAH@Z
?Present@UD3DRenderDevice@@UAEXPAVUViewport@@@Z
?PrivateStaticClass@UD3DRenderDevice@@0VUClass@@A
?ReadPixels@UD3DRenderDevice@@UAEXPAVUViewport@@PAVFColor@@@Z
?ResetDevice@UD3DRenderDevice@@QAEXXZ
?ResetShaders@UD3DRenderDevice@@UAEXXZ
?ResourceCached@UD3DRenderDevice@@UAEH_K@Z
?RestoreGamma@UD3DRenderDevice@@UAEXXZ
?SetEmulationMode@UD3DRenderDevice@@UAEXW4EHardwareEmulationMode@@@Z
?SetRenderTarget@UD3DRenderDevice@@QAEJHQAUIDirect3DSurface9@@@Z
?SetRes@UD3DRenderDevice@@UAEHPAVUViewport@@HHHHHH@Z
?SetUseTrilinear@UD3DRenderDevice@@UAEXH@Z
?StaticClass@UD3DRenderDevice@@SAPAVUClass@@XZ
?StaticConstructor@UD3DRenderDevice@@QAEXXZ
?SupportsTextureFormat@UD3DRenderDevice@@UAEHW4ETextureFormat@@@Z
?ToggleL2VideoCapture@UD3DRenderDevice@@EAEXXZ
?UnSetRes@UD3DRenderDevice@@QAEHPB_WJH@Z
?Unlock@UD3DRenderDevice@@UAEXPAVFRenderInterface@@@Z
?UpdateGamma@UD3DRenderDevice@@UAEXPAVUViewport@@@Z
?m_pRenDev@UD3DRenderDevice@@2PAV1@A
GPackage
_DllMain@12
autoclassUD3DRenderDevice
autoclassUShaderCommandlet

Sections

.text
Size: 935KB - Virtual size: 934KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 333KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
system/D3DDrv.int
system/DSETUP.dll
.dll windows:1 windows x86 arch:x86

11f97587271f24e7ea5b1d407409ad3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
VirtualProtect
VirtualProtectEx

core

?GL2UseGameGuard@@3HA

engine

?Destroy@UNetworkHandler@@UAEXXZ
?ReplyGameGuardQuery@UNetworkHandler@@UAEXKKKKW4GAMEGUARD_CHECK_TYPE@@@Z
?ResponseAuthGameGuard@UNetworkHandler@@UAEHXZ

Exports

Exports

DirectXSetupGetVersion

Sections

.text
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 39B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
system/Editor.u
system/actionname-e.dat
system/additionaleffect.dat
system/armorgrp.dat
system/bighead.int
system/castlename-e.dat
system/charcreategrp.dat
system/chargrp.dat
system/chatfilter.ini
system/classinfo-e.dat
system/commandname-e.dat
system/core.int
system/creditgrp-e.dat
system/defopenal32.dll
.dll windows:4 windows x86 arch:x86

bc81b622121c4235a8858ecacac0371b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\ghiebert\My Documents\prog\openal\OpenAL-Windows\Router\Release\OpenAL32.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveInGetNumDevs
waveOutGetNumDevs
waveInGetDevCapsA
waveOutMessage
waveOutGetDevCapsA

kernel32

IsDebuggerPresent
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetModuleHandleA
FindClose
GetLastError
FindNextFileA
FreeLibrary
GetProcAddress
LoadLibraryA
FindFirstFileA
GetSystemDirectoryA
GetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
IsBadReadPtr
HeapSize
GetConsoleMode
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
SetFilePointer
GetConsoleCP

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Exports

Exports

alBuffer3f
alBuffer3i
alBufferData
alBufferf
alBufferfv
alBufferi
alBufferiv
alDeleteBuffers
alDeleteSources
alDisable
alDistanceModel
alDopplerFactor
alDopplerVelocity
alEnable
alGenBuffers
alGenSources
alGetBoolean
alGetBooleanv
alGetBuffer3f
alGetBuffer3i
alGetBufferf
alGetBufferfv
alGetBufferi
alGetBufferiv
alGetDouble
alGetDoublev
alGetEnumValue
alGetError
alGetFloat
alGetFloatv
alGetInteger
alGetIntegerv
alGetListener3f
alGetListener3i
alGetListenerf
alGetListenerfv
alGetListeneri
alGetListeneriv
alGetProcAddress
alGetSource3f
alGetSource3i
alGetSourcef
alGetSourcefv
alGetSourcei
alGetSourceiv
alGetString
alIsBuffer
alIsEnabled
alIsExtensionPresent
alIsSource
alListener3f
alListener3i
alListenerf
alListenerfv
alListeneri
alListeneriv
alSource3f
alSource3i
alSourcePause
alSourcePausev
alSourcePlay
alSourcePlayv
alSourceQueueBuffers
alSourceRewind
alSourceRewindv
alSourceStop
alSourceStopv
alSourceUnqueueBuffers
alSourcef
alSourcefv
alSourcei
alSourceiv
alSpeedOfSound
alcCaptureCloseDevice
alcCaptureOpenDevice
alcCaptureSamples
alcCaptureStart
alcCaptureStop
alcCloseDevice
alcCreateContext
alcDestroyContext
alcGetContextsDevice
alcGetCurrentContext
alcGetEnumValue
alcGetError
alcGetIntegerv
alcGetProcAddress
alcGetString
alcIsExtensionPresent
alcMakeContextCurrent
alcOpenDevice
alcProcessContext
alcSuspendContext

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
system/encvag.dll
.dll windows:4 windows x86 arch:x86

a268499ce7d6f3e663f7366ce8d74977

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapSize
HeapReAlloc
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
SetHandleCount
ExitProcess
WritePrivateProfileStringA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
HeapFree
TerminateProcess
GetCommandLineA
RtlUnwind
GetModuleHandleA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersionExA
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
GetProcAddress
FindClose
LoadLibraryA
FreeLibrary
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
GetProcessVersion
GetLastError
SetLastError
LocalFree
SetUnhandledExceptionFilter
GetCurrentThreadId
LocalAlloc
GlobalFlags
MulDiv
GetVersion
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrlenA
lstrcpynA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
LCMapStringA
LCMapStringW
VirtualAlloc
GlobalAlloc
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalLock
CloseHandle

user32

MapWindowPoints
SetScrollInfo
ScrollWindow
ScreenToClient
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
SetActiveWindow
ShowScrollBar
SystemParametersInfoA
UpdateWindow
LoadIconA
GetSystemMetrics
LoadCursorA
GetSysColorBrush
LoadStringA
CharUpperA
DestroyMenu
WindowFromPoint
EndDialog
FindWindowA
InvalidateRect
GetSysColor
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IsIconic
BringWindowToTop
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SetFocus
IsWindowEnabled
ShowWindow
SetScrollPos
SetWindowLongA
GetScrollPos
SetScrollRange
GetDlgItem
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetDesktopWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowLongA
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
EnableWindow
SetCursor
ShowOwnedPopups
SendMessageA
PostMessageA
PostQuitMessage
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
GetMenu
SetWindowPos
GrayStringA

gdi32

DeleteObject
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateBitmap
GetDeviceCaps
RectVisible
TextOutA
PtVisible
Escape
GetObjectA
ExtTextOutA
DeleteDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragQueryFileA
DragFinish

comctl32

ImageList_Destroy
ord17

Exports

Exports

EncVag
EncVagFin
EncVagInit

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d76f5748f08bbd6f6cea7dbf2f91f2a

Headers

File Characteristics

Imports

core

engine

vorbisfile

kernel32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 9KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 504B

.reloc Size: 11KB - Virtual size: 10KB

f9864994a4e8e33018182cfbea30a610

Code Sign

01Certificate

44:e7:9d:6c:c8:65:3f:d7:be:4d:f0:eb:b7:dd:b7:dcCertificate

Extended Key Usages

0aCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

vorbisfile

winmm

iphlpapi

kernel32

user32

shell32

ole32

vcomp

Exports

Exports

Sections

.text Size: 550KB - Virtual size: 550KB

.rdata Size: 352KB - Virtual size: 351KB

.data Size: 23KB - Virtual size: 2.4MB

.rsrc Size: 1024B - Virtual size: 4KB

c520421dbb790445a338a1413f18c65e

Headers

File Characteristics

Imports

winmm

d3d9

ddraw

core

engine

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 935KB - Virtual size: 934KB

.rdata Size: 333KB - Virtual size: 332KB

.data Size: 57KB - Virtual size: 591KB

.rsrc Size: 512B - Virtual size: 432B

.reloc Size: 66KB - Virtual size: 65KB

11f97587271f24e7ea5b1d407409ad3e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

core

engine

Exports

Exports

Sections

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 9KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 504B

.reloc
Size: 11KB - Virtual size: 10KB

01
Certificate

44:e7:9d:6c:c8:65:3f:d7:be:4d:f0:eb:b7:dd:b7:dc
Certificate

0a
Certificate

.text
Size: 550KB - Virtual size: 550KB

.rdata
Size: 352KB - Virtual size: 351KB

.data
Size: 23KB - Virtual size: 2.4MB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 935KB - Virtual size: 934KB

.rdata
Size: 333KB - Virtual size: 332KB

.data
Size: 57KB - Virtual size: 591KB

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 66KB - Virtual size: 65KB

.text
Size: 1024B - Virtual size: 624B

.data
Size: 512B - Virtual size: 39B

.bss
Size: 512B - Virtual size: 48B

.idata
Size: 512B - Virtual size: 476B

.rdata
Size: 512B - Virtual size: 86B

.reloc
Size: 512B - Virtual size: 62B

.rsrc
Size: 1024B - Virtual size: 836B

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 29KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 15KB - Virtual size: 15KB