38a7e42ce0ccf4c91675341be45554df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38a7e42ce0ccf4c91675341be45554df_JaffaCakes118
Size

6.0MB
MD5

38a7e42ce0ccf4c91675341be45554df
SHA1

a3f5178836c482287fd34d13f9c0d3f3271b908f
SHA256

05ae491066d764f782fb5abd57c5ca65424a5cc19450c139cb850a29ad4e160e
SHA512

5717aae1a6a5858032adde1aa8e8092e31e2c1da5d3f28eaf2629c4de3048eb0f66d5ed3dc7d40681783dd70d7bb7a7dd8c4f1c6adc86f2b6fd4487d2f177428
SSDEEP

98304:PdHAq3a+3JEGTsqZiNfdIuh3yg49fZbRHKUgzSJpY35BGXDyL7aj5zDupjkZztE+:iq3j3Jj5iNfdIo3yg49ftRrgenY35BGP

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Codecs/OptimFROG.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Codecs/OptimFROG.dll	upx

Unsigned PE 51 IoCs

Checks for missing Authenticode signature.

resource
38a7e42ce0ccf4c91675341be45554df_JaffaCakes118
unpack001/Codecs/AviSplitter.ax
unpack001/Codecs/CoreAAC.ax
unpack001/Codecs/CoreAVC.ax
unpack001/Codecs/FLVSplitter.ax
unpack001/Codecs/Haali/Haalisplitter.ax
unpack001/Codecs/Haali/avi.dll
unpack001/Codecs/Haali/mkunicode.dll
unpack001/Codecs/Haali/mkzlib.dll
unpack001/Codecs/Haali/mp4.dll
unpack001/Codecs/MP4Splitter.ax
unpack001/Codecs/MatroskaSplitter.ax
unpack001/Codecs/Mpeg2DecFilter.ax
unpack001/Codecs/MpegSplitter.ax
unpack001/Codecs/OptimFROG.dll
unpack003/out.upx
unpack001/Codecs/RadGtSplitter.ax
unpack001/Codecs/RealMediaSplitter.ax
unpack001/Codecs/VP8DecFilter.ax
unpack001/Codecs/VSFilter.dll
unpack001/Codecs/asfsplliter.ax
unpack001/Codecs/binkw32.dll
unpack001/Codecs/dsfVorbisDecoder.ax
unpack001/Codecs/ir41_32.ax
unpack001/Codecs/mmflvmux.ax
unpack001/Codecs/mmx264.ax
unpack001/Codecs/mp4demux.dll
unpack001/Codecs/mp4mux.ax
unpack001/Codecs/mp4v.dll
unpack001/Codecs/real/14_43260.dll
unpack001/Codecs/real/28_83260.dll
unpack001/Codecs/real/amrn.dll
unpack001/Codecs/real/atrc.dll
unpack001/Codecs/real/cook.dll
unpack001/Codecs/real/cook3260.dll
unpack001/Codecs/real/dnet3260.dll
unpack001/Codecs/real/drv1.dll
unpack001/Codecs/real/drv2.dll
unpack001/Codecs/real/drvc.dll
unpack001/Codecs/real/helixprodctrl.dll
unpack001/Codecs/real/helixprodctrl4.dll
unpack001/Codecs/real/pncrt.dll
unpack001/Codecs/real/raac.dll
unpack001/Codecs/real/ralf.dll
unpack001/Codecs/real/sipr.dll
unpack001/Codecs/vp7dec.ax
unpack001/Codecs/vp8decoder.dll
unpack001/Codecs/webmsource.dll
unpack001/Codecs/webmsplit.dll
unpack001/Codecs/wm/mfplat.dll
unpack001/Codecs/wm/qasf.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/Baidu-TB-ASBar.exe	nsis_installer_1
static1/unpack001/Baidu-TB-ASBar.exe	nsis_installer_2

Files

38a7e42ce0ccf4c91675341be45554df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ads.xml
Apply.exe
.exe windows:5 windows x86 arch:x86

0b1774cb051ef877e6a935fdc476b44d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:32:23:ca:92:d1:51
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

25/07/2012, 10:42

Not After

29/07/2015, 12:06

Subject

CN=Chongqing Langzhou Trade Co.\, Ltd.,O=Chongqing Langzhou Trade Co.\, Ltd.,L=Chongqing,ST=Chongqing,C=CN,1.2.840.113549.1.9.1=#0c0d7178313332374071712e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17/09/2006, 19:46

Not After

17/09/2036, 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

1f:a4:83:7b:51:a7:e6:ee:73:0d:49:91:1c:43:03:0b:6d:42:fb:c3
Signer

Actual PE Digest

1f:a4:83:7b:51:a7:e6:ee:73:0d:49:91:1c:43:03:0b:6d:42:fb:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
WriteFile
CreateFileW
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
CreateFileA
GetStringTypeW
LoadLibraryW
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
SetHandleCount
ReadFile
Sleep
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ExitProcess
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapCreate
GetStartupInfoW
HeapSetInformation
GetCommandLineW
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
EncodePointer
DecodePointer
HeapSize
HeapReAlloc
HeapDestroy
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
FindResourceExW
LockResource
OpenEventW
CloseHandle
CreateEventW
WideCharToMultiByte
InterlockedExchange
lstrlenA
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
MulDiv
lstrcmpW
SetLastError
IsBadWritePtr
RaiseException
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetProcAddress
lstrlenW
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
GetFileType

user32

GetWindow
GetWindowRect
MonitorFromWindow
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
ShowWindow
LoadCursorW
GetClassInfoExW
GetMonitorInfoW
DispatchMessageW
GetWindowLongW
SetWindowLongW
PostQuitMessage
TranslateMessage
GetMessageW
PeekMessageW
CharNextW
DefWindowProcW
DestroyWindow
RegisterClassExW
CreateWindowExW
GetSysColor
MoveWindow
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetDlgItem
FindWindowW
SetForegroundWindow
SetCursor
UnregisterClassA
SetWindowRgn
OffsetRect
SetRect
TrackMouseEvent
DrawTextW
IsIconic
PtInRect
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
IsWindow
SendMessageW
SetFocus
GetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW

gdi32

CreateDIBSection
CreateRoundRectRgn
SetDIBColorTable
StretchBlt
SetViewportOrgEx
DPtoLP
SetTextColor
SetBkMode
CreateFontIndirectW
GetDIBColorTable
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject

advapi32

RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

DispCallFunc
VariantCopy
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysStringLen

shlwapi

StrStrIW

comctl32

InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

gdiplus

GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Baidu-TB-ASBar.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Baidu/ASBarBroker.exe
.exe windows:4 windows x86 arch:x86

8cb73f23fc4ffce04345bba981c347fe

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

kernel32

OutputDebugStringW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetProcAddress
LoadLibraryW
GetLongPathNameW
GetCurrentThreadId
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
DebugBreak
GetShortPathNameW
OpenProcess
CreateFileW
DeviceIoControl
GetVersionExW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
lstrlenA
InterlockedIncrement
GetModuleFileNameW
CreateEventW
CreateThread
SetEvent
lstrcmpiW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
VirtualAllocEx
GetConsoleCP
SetFilePointer
LoadLibraryA
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

user32

GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
CharNextW
PostThreadMessageW
UnregisterClassA
CharLowerBuffW

advapi32

RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
VarUI4FromStr

shlwapi

PathFileExistsW
StrCmpNIW
SHGetValueW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Baidu/AddressBar.dll
.dll regsvr32 windows:4 windows x86 arch:x86

e71d3b3585dc814a5bc5b07f78ba06d6

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\cygwin\home\scmpf\compiler_src\liuan02_652628_win32\0\app\gensoft\bar\address-search\Res\Chinese\Baidudg\AddressBar.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

gethostname
WSAStartup
gethostbyname
inet_ntoa
WSACleanup

shlwapi

StrDupW
PathRemoveFileSpecW
StrCmpNW
UrlCanonicalizeW
UrlUnescapeA
StrCmpIW
PathRemoveFileSpecA
PathIsDirectoryA
PathFileExistsW
SHDeleteValueW
StrStrIW
SHGetValueW
StrCpyNW
SHDeleteKeyW
SHSetValueW

dbghelp

ImageDirectoryEntryToData

winmm

timeGetTime

iphlpapi

GetAdaptersInfo
GetNetworkParams

wininet

InternetCloseHandle
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
HttpQueryInfoW
GetUrlCacheEntryInfoW
InternetQueryOptionW
InternetConnectA
HttpOpenRequestA
InternetReadFile
InternetReadFileExA
InternetSetStatusCallbackA
InternetOpenUrlW
InternetSetOptionW
InternetQueryDataAvailable
InternetCrackUrlW
InternetGetCookieW
DeleteUrlCacheEntryW
InternetSetStatusCallbackW

rpcrt4

UuidCreate

setupapi

SetupIterateCabinetW

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetOpenStatus
ImmGetCompositionWindow

dnsapi

DnsQuery_W
DnsRecordListFree

kernel32

GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
LoadLibraryA
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
InterlockedDecrement
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
InterlockedIncrement
OutputDebugStringW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
LoadLibraryExW
lstrlenA
DebugBreak
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
DisableThreadLibraryCalls
LocalFree
CloseHandle
ResumeThread
SetThreadPriority
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteFileW
GetACP
GetCurrentThreadId
WideCharToMultiByte
GetTickCount
GlobalUnlock
GlobalLock
CreateFileW
DeviceIoControl
GetVersionExW
FlushInstructionCache
GetCurrentProcess
lstrcmpW
SwitchToThread
GetCurrentProcessId
GetCommandLineW
Sleep
MoveFileExW
GetPrivateProfileStringW
CreateDirectoryW
GetCurrentDirectoryA
GetSystemDirectoryW
GetLongPathNameW
TerminateThread
CopyFileW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
IsBadReadPtr
GetPrivateProfileIntW
IsBadCodePtr
CreateEventW
TryEnterCriticalSection
GetLocalTime
CompareStringW
GetWindowsDirectoryW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
SetFileTime
WriteFile
GetTempFileNameW
GetTempPathW
LockResource
GlobalFree
GlobalAlloc
SetErrorMode
GetFileSize
FileTimeToSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetShortPathNameW
lstrcatW
lstrcpyW
WritePrivateProfileStringW
FindNextFileW
FindClose
FindFirstFileW
FreeResource
WriteProcessMemory
ReadProcessMemory
VirtualProtect
VirtualQuery
lstrcmpiA
GetFileInformationByHandle
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
LocalAlloc
GetProcessHeap
GlobalReAlloc
GetFileAttributesA
DeleteFileA
AreFileApisANSI
CreateFileA
GetTempPathA
FlushFileBuffers
SetEndOfFile
UnlockFile
LockFile
LockFileEx
GetFullPathNameA
GetFullPathNameW
GetSystemTime
GetSystemTimeAsFileTime
SetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetHandleCount
GetFileType
ExitThread
CreateThread
GetStartupInfoA
FileTimeToLocalFileTime
GetDriveTypeW
GetDriveTypeA
FindFirstFileA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThread
HeapDestroy
HeapCreate
FatalAppExitA
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
GetVersionExA
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
TerminateProcess
RemoveDirectoryW
UnhandledExceptionFilter

user32

SetRectEmpty
UpdateWindow
GetDlgCtrlID
GetCapture
AttachThreadInput
GetClassLongW
wsprintfW
RemovePropW
SetPropW
GetPropW
MessageBoxW
OffsetRect
SetCursor
IsWindowEnabled
GetWindowDC
ScreenToClient
MoveWindow
GetWindowTextLengthW
SetFocus
GetWindow
MapWindowPoints
SetWindowPos
GetDlgItem
EndDialog
CharLowerW
FindWindowW
UnregisterClassW
RegisterClassW
GetActiveWindow
DialogBoxParamW
FindWindowExW
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
EnumChildWindows
GetGUIThreadInfo
CreateDialogParamW
SetWindowTextW
GetKeyState
GetClassNameW
GetParent
GetWindowThreadProcessId
WindowFromPoint
GetWindowRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DestroyWindow
PtInRect
LoadCursorW
IsWindow
KillTimer
SetTimer
ShowWindow
PostMessageW
GetClientRect
BeginPaint
EndPaint
RegisterWindowMessageW
InvalidateRect
FillRect
DrawIconEx
SetScrollPos
ReleaseCapture
SystemParametersInfoW
GetWindowTextW
ReleaseDC
GetDC
GetFocus
CharLowerBuffA
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DefWindowProcW
CallWindowProcW
GetWindowLongW
SetWindowLongW
LoadIconW
GetSysColor
DrawFocusRect
LoadStringW
InflateRect
CopyRect
DrawTextW
SendMessageW
UpdateLayeredWindow
SetRect
GetSystemMetrics
SetCapture
DestroyIcon
GetScrollInfo
SetScrollInfo
ShowScrollBar
PeekMessageW
GetDesktopWindow
CharUpperBuffW
CharUpperW
MonitorFromRect
GetMonitorInfoW
LoadImageW
CreateIconFromResourceEx
CharLowerBuffW
SetForegroundWindow
IsWindowVisible
GetForegroundWindow
UnregisterClassA
CharNextW

gdi32

CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
DeleteDC
SelectObject
TextOutW
GetPixel
DeleteObject
ExtCreateRegion
CombineRgn
SetStretchBltMode
StretchBlt
GetDIBits
SetTextColor
GetTextExtentPointW
BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontW
GetStockObject
GetCurrentObject
CreateCompatibleBitmap
SetBkMode
SetBkColor
ExtTextOutW
MoveToEx
GetObjectW
CreatePen
LineTo

advapi32

RegQueryInfoKeyW
RegCreateKeyW
RegQueryValueExW
CryptDestroyKey
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
RegEnumKeyExA
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
CryptDuplicateKey
CryptDecrypt
CryptEncrypt
RegOpenKeyW
RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

ShellExecuteW
SHGetFolderPathW
ShellExecuteExW
ExtractIconW
SHGetSpecialFolderPathW
DragQueryFileA
ord85

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemAlloc
CoGetClassObject
RevokeDragDrop
CoInitialize
CoUninitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize

oleaut32

SysAllocString
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantInit
SysFreeString
SysAllocStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
VariantCopy
SysStringLen
VariantClear
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo

msimg32

AlphaBlend

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RemoveOldVersion
RunOnceUpdate
SVCUninstall
UpdateASBar
_sqlite3_key_interop@12
_sqlite3_rekey_interop@12

Sections

.text
Size: 879KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll
.dll regsvr32 windows:4 windows x86 arch:x86

886543cb05622fe2602926a61bff5e3a

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\cygwin\home\scmpf\compiler_src\liuan02_707101_win32\0\app\gensoft\bar\toolbar\chinese_unicode_release\BaiduBarX.pdb

Imports

setupapi

SetupIterateCabinetW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetCompositionStringW

shlwapi

StrCpyW
SHDeleteKeyW
SHSetValueW
SHGetValueW
PathFindFileNameW
PathFileExistsW
SHDeleteValueW
UrlCombineW
UrlUnescapeW
HashData
PathRemoveExtensionW
PathIsDirectoryA
PathRemoveFileSpecA
StrCmpIW
StrStrIW
PathFindExtensionW
UrlUnescapeA
UrlCanonicalizeW
StrRetToStrW
StrRetToStrA
UrlEscapeW
SHCopyKeyW
PathIsDirectoryW
PathRemoveFileSpecW

wininet

HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetReadFile
InternetSetStatusCallbackW
InternetCloseHandle
HttpQueryInfoW
DeleteUrlCacheEntryW
InternetSetCookieW
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpAddRequestHeadersA
HttpOpenRequestA
GetUrlCacheEntryInfoW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetConnectA
InternetQueryDataAvailable
InternetQueryOptionW
FindFirstUrlCacheGroup
DeleteUrlCacheGroup
FindNextUrlCacheGroup
FindCloseUrlCache
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
InternetOpenUrlW
InternetGetCookieW
HttpSendRequestExW
HttpEndRequestW
InternetGetConnectedState
InternetOpenA
InternetSetOptionA

urlmon

URLDownloadToFileW
CoInternetGetSession

rpcrt4

UuidCreate

iphlpapi

GetAdaptersInfo
GetNetworkParams

ws2_32

gethostbyname
gethostname

winmm

timeGetTime

kernel32

lstrlenW
lstrlenA
DebugBreak
OutputDebugStringW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetCurrentThreadId
InterlockedIncrement
CreateProcessW
GetModuleHandleExW
WideCharToMultiByte
CreateDirectoryW
GetTempPathW
CreateFileW
CloseHandle
WriteFile
WaitForSingleObject
CreateMutexW
ReleaseMutex
DeleteFileW
ResumeThread
SetThreadPriority
SizeofResource
LockResource
LoadResource
FindResourceW
LocalFree
FreeLibrary
lstrcmpiW
VirtualProtect
TryEnterCriticalSection
LoadLibraryExW
MultiByteToWideChar
DisableThreadLibraryCalls
CopyFileW
DeviceIoControl
GetSystemDirectoryW
GetVersionExW
GetPrivateProfileStringW
GetTickCount
IsProcessorFeaturePresent
LoadLibraryA
GetACP
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcessId
FindClose
FindNextFileW
FindFirstFileW
TerminateThread
GetExitCodeThread
OpenMutexW
GetFullPathNameW
GlobalFree
MulDiv
RemoveDirectoryW
Sleep
ReadFile
GetFileSize
Thread32Next
SuspendThread
OpenThread
Thread32First
CreateToolhelp32Snapshot
UnmapViewOfFile
SetUnhandledExceptionFilter
MapViewOfFile
CreateFileMappingW
TerminateProcess
OpenProcess
IsBadReadPtr
SwitchToThread
GetCommandLineW
GetPrivateProfileIntW
ExpandEnvironmentStringsW
GetExitCodeProcess
TlsFree
TlsGetValue
TlsSetValue
InterlockedDecrement
SetEvent
CreateEventW
Process32NextW
Process32FirstW
InterlockedExchange
FindResourceExW
GetSystemTime
ResetEvent
WritePrivateProfileStringW
SetFileAttributesW
Module32NextW
Module32FirstW
lstrcmpW
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableW
SetFilePointer
GetSystemInfo
GlobalSize
SetErrorMode
QueryPerformanceCounter
QueryPerformanceFrequency
FreeResource
GetShortPathNameW
GetSystemDefaultLCID
ReadProcessMemory
MoveFileExW
lstrcatW
lstrcpyW
GetTempFileNameW
GlobalReAlloc
GetVolumeInformationA
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
VirtualQuery
GetFileAttributesA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThread
GetStdHandle
GetModuleFileNameA
FatalAppExitA
HeapCreate
ExitProcess
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
SetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
GetDriveTypeA
GetFullPathNameA
CompareStringA
GetCurrentProcess
FlushInstructionCache
InterlockedCompareExchange
TlsAlloc
GetVersionExA
SetEnvironmentVariableA
CompareStringW

user32

SetForegroundWindow
UpdateLayeredWindow
EqualRect
MsgWaitForMultipleObjects
PeekMessageW
DeleteMenu
EnableMenuItem
GetMenuItemCount
GetMenuItemInfoW
InsertMenuItemW
GetSysColorBrush
ShowCursor
UnregisterHotKey
RegisterHotKey
PrintWindow
EnumDisplayMonitors
EndMenu
GetMenuItemRect
RemovePropW
GetPropW
SetPropW
SetMenuItemInfoW
DrawStateW
TrackPopupMenuEx
ModifyMenuW
MessageBeep
LoadBitmapW
GetSubMenu
PostQuitMessage
ValidateRect
SetParent
IntersectRect
CharLowerBuffA
WaitForInputIdle
CreateIconFromResourceEx
CharNextA
SetActiveWindow
ScrollWindow
GetSystemMetrics
RegisterClipboardFormatW
GetAsyncKeyState
GetMessagePos
IsRectEmpty
GetScrollInfo
SetScrollPos
ClientToScreen
FrameRect
EnableWindow
SetWindowRgn
SetScrollInfo
GetScrollPos
DestroyCursor
DestroyIcon
GetClassLongW
SetClassLongW
MonitorFromRect
GetMonitorInfoW
CopyRect
MoveWindow
InflateRect
WindowFromPoint
IsChild
FindWindowW
AdjustWindowRectEx
GetCapture
ReleaseCapture
SetCursor
GetForegroundWindow
SetCapture
IsWindowEnabled
UpdateWindow
DrawFocusRect
SetRectEmpty
ReleaseDC
SetFocus
DrawIconEx
FillRect
TrackMouseEvent
MessageBoxW
CharLowerBuffW
GetWindowThreadProcessId
GetGUIThreadInfo
GetClassNameW
GetFocus
GetSysColor
TranslateMessage
DispatchMessageW
OffsetRect
SetRect
InvalidateRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
RegisterWindowMessageW
GetCursorPos
ScreenToClient
PtInRect
SetWindowsHookExW
GetActiveWindow
LoadIconW
IsWindowVisible
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SendMessageW
DialogBoxParamW
DestroyMenu
IsMenu
GetKeyState
CharLowerW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DestroyWindow
LoadCursorW
KillTimer
SetTimer
PostMessageW
CharNextW
AttachThreadInput
CharUpperBuffW
LoadKeyboardLayoutW
ActivateKeyboardLayout
UnregisterClassW
RegisterClassW
GetMessageW
IsIconic
PostThreadMessageW
FindWindowExW
EnumChildWindows
SendMessageA
GetUpdateRect
GetTopWindow
UnregisterClassA
MenuItemFromPoint
GetMenuItemID
GetDlgItemTextW
AdjustWindowRect
GetWindowDC
CreateDialogParamW
SetDlgItemTextW
RedrawWindow
EnumWindows
IsDialogMessageW
LoadImageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharUpperW
CreateMenu
InsertMenuW
TrackPopupMenu
EndPaint
BeginPaint
DefWindowProcW
LoadStringW
SetWindowPos
IsWindow
GetDlgItem
ShowWindow
GetDC
SetWindowTextW
GetWindowLongW
SetWindowLongW
CallWindowProcW
EndDialog
MonitorFromPoint
RemoveMenu
AppendMenuW
CreatePopupMenu
GetDlgCtrlID
UnhookWindowsHookEx
CallNextHookEx

gdi32

ExtCreateRegion
CombineRgn
SetStretchBltMode
StretchBlt
GetDIBits
GetTextMetricsW
PatBlt
GetTextColor
CreateRoundRectRgn
FillRgn
CreateRectRgn
TextOutW
GetPixel
SetPixel
Rectangle
SetROP2
GetObjectW
CreatePen
LineTo
MoveToEx
SelectObject
CreateDIBSection
CreateFontW
CreateBitmap
ExcludeClipRect
GetDeviceCaps
DPtoLP
SetViewportOrgEx
GetClipBox
RoundRect
RestoreDC
SaveDC
GetCurrentObject
CreatePolygonRgn
CreateSolidBrush
CreateDCW
CreateFontIndirectW
GetTextExtentPoint32W
DeleteObject
GetStockObject
SetBkColor
SetBkMode
DeleteDC
SetTextColor
ExtTextOutW
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap

advapi32

RegDeleteValueW
GetSecurityDescriptorSacl
SetSecurityInfo
EqualSid
GetUserNameW
RegSetKeySecurity
RegEnumKeyW
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
GetTokenInformation
CopySid
RegCreateKeyW
OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
GetLengthSid
SetTokenInformation
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
CreateProcessAsUserW

shell32

ShellExecuteW
DragQueryFileA
DuplicateIcon
SHGetFolderPathW
SHFileOperationW
ShellExecuteExW
SHCreateDirectoryExW
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ExtractIconW
SHGetSpecialFolderPathW

ole32

OleUninitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
OleDraw
RegisterDragDrop
OleDuplicateData
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
CLSIDFromProgID
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize
CoCreateGuid

oleaut32

VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarBstrCmp
VariantCopy
LoadTypeLi
UnRegisterTypeLi
VariantInit
VarUI4FromStr
LoadRegTypeLi
VarBstrCat
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysFreeString
SetErrorInfo
VariantChangeType
RegisterTypeLi
SysStringLen
GetErrorInfo
CreateErrorInfo

msimg32

GradientFill
AlphaBlend

gdiplus

GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipDrawImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON
GdipDisposeImage
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipGetImageEncodersSize
GdipFree

uxtheme

DrawThemeBackground
OpenThemeData
CloseThemeData

Exports

Exports

ClearDefSearch
ClearHomePage
CloseIEUpdate
DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
MyCopyFile
RunOnceRemove
RunOnceUpdate
SVCUninstall
SetDefSearch
SetHomePageToBaidu
ShowTipMsg
ShowWebMsg
Uninstall
UpdateBaiduToolbar
UpdateBaiduToolbarWithUI

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 385KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Baidu/Toolbar/BaiduBarX_Tmp/BarBroker.exe
.exe windows:4 windows x86 arch:x86

6223fe4bfb126e3750ccd92127592502

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

dbghelp

SymGetOptions
SymSetOptions
StackWalk
SymGetModuleInfo
SymFunctionTableAccess
SymInitialize
SymLoadModule

wininet

InternetCrackUrlW
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA

kernel32

GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
GetCurrentDirectoryA
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
WaitForSingleObject
WideCharToMultiByte
lstrlenW
RaiseException
GetLastError
InterlockedDecrement
lstrcmpiW
SetEvent
CreateThread
CreateEventW
GetModuleFileNameW
InterlockedIncrement
lstrlenA
DebugBreak
OutputDebugStringW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetCurrentThreadId
GetCommandLineW
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetModuleFileNameA
VirtualQueryEx
UnmapViewOfFile
FlushInstructionCache
GetCurrentProcess
MapViewOfFile
CreateFileMappingW
SetLastError
CreateFileW
DeleteFileW
GetTempPathW
GetTickCount
ReadFile
GetFileSize
InterlockedExchange
GetSystemDefaultLCID
GetVersionExW
WriteFile
GlobalFree
GlobalAlloc
GetCurrentProcessId
SetFilePointer
GetShortPathNameW
FindClose
FindFirstFileW
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStartupInfoW
GetFileAttributesA
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
ExitProcess
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetConsoleCP
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
CreateFileA
SetEndOfFile
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapDestroy
OpenThread
GetConsoleMode
GetFullPathNameW

user32

CharLowerBuffW
GetSystemMetrics
LoadImageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
SendMessageW
GetDlgItem
ShowWindow
GetWindowLongW
GetActiveWindow
DestroyWindow
EndDialog
DialogBoxParamW
LoadStringW
SetWindowLongW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
PostThreadMessageW
UnregisterClassA

advapi32

RegOpenKeyW
RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc

oleaut32

LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi
VarUI4FromStr
UnRegisterTypeLi

shlwapi

StrCmpNIW
PathFileExistsW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Baidu/Toolbar/BaiduBarX_Tmp/rc.dll
.dll windows:4 windows x86 arch:x86

d811d71710ad58776155b7a8da1fa9db

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Baidu/conf.xml
.xml
Codecs/AviSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

ac58e9013e67b1b5c058c679eaf4705e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
FlushFileBuffers
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GlobalFlags
HeapAlloc
HeapFree
GetCommandLineA
WriteFile
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetStdHandle
GetFileType
HeapSize
ExitProcess
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetThreadLocale
LocalAlloc
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
ReadFile
GetFileSizeEx
SetFilePointerEx
DeleteFileW
GetCurrentProcessId
SetLastError
GetModuleFileNameW
GetVersion
CreateFileW
WideCharToMultiByte
RaiseException
DisableThreadLibraryCalls
VirtualAlloc
GetCurrentProcess
VirtualFree
GetSystemInfo
Sleep
lstrcmpW
GetModuleFileNameA
lstrlenA
lstrlenW
CreateThread
GetVersionExW
GetLastError
SetThreadPriority
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
CreateEventW
InterlockedExchange
CloseHandle
ResetEvent
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
InterlockedDecrement
FreeLibrary
InterlockedIncrement
SizeofResource
MultiByteToWideChar
GetTickCount
LoadResource
LockResource
OutputDebugStringW
FindResourceW
GetProcessHeap

user32

SetWindowTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
GetDlgItem
UnregisterClassA
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowsHookExW
CallNextHookEx
ValidateRect
GetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
PostMessageW
PostQuitMessage
DestroyMenu
GetClientRect
GetSystemMetrics
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
GetKeyState
GetTopWindow

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
SetBkColor
ScaleViewportExtEx
RectVisible
PtVisible
RestoreDC
SetViewportExtEx
SaveDC
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
TextOutW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

oleaut32

VariantInit
VariantChangeType
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/CoreAAC.ax
.dll regsvr32 windows:4 windows x86 arch:x86

603a5553c41f87f262cc1e933305d724

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_onexit
qsort
memmove
??2@YAPAXI@Z
__dllonexit
_adjust_fdiv
malloc
_ftol
free
_purecall
__CxxFrameHandler
??3@YAXPAX@Z
_CIpow

winmm

timeSetEvent
timeGetTime

kernel32

GetCurrentProcess
lstrcmpiA
SetErrorMode
GetTickCount
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
GetLastError
GetVersionExA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
CloseHandle
CreateEventA
ResetEvent
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
SetEvent
WaitForMultipleObjects
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
FreeLibrary
LoadLibraryA
InterlockedExchange
CreateThread
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetACP
SetThreadPriority
GetThreadPriority

advapi32

RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

user32

ShowWindow
wsprintfA
SetDlgItemTextA
SetTimer
CheckDlgButton
KillTimer
IsDlgButtonChecked
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
DestroyWindow
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
wvsprintfA
PostThreadMessageA
RegisterWindowMessageA
GetQueueStatus
DispatchMessageA
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow

ole32

CoCreateInstance
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/CoreAVC.ax
.dll regsvr32 windows:5 windows x86 arch:x86

a51dab6f4a70c7f5108331c3fee35df0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

shell32

ShellExecuteA

advapi32

RegEnumKeyExA

ole32

CLSIDFromString

oleaut32

SafeArrayAccessData

user32

GetSystemMenu

version

GetFileVersionInfoA

comctl32

InitCommonControlsEx

gdi32

SetTextColor

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 255KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Codecs/FLVSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

13b38008f29a68c6bb241588064cba76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Program Files\QvodPlayer80\Codecs\FLVSplitter.pdb

Imports

kernel32

FlushFileBuffers
GlobalAddAtomW
WritePrivateProfileStringW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalFindAtomW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetFilePointer
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
WriteFile
GetThreadLocale
LocalAlloc
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GlobalDeleteAtom
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
GetCurrentProcessId
SetLastError
GetModuleFileNameW
GetVersion
WideCharToMultiByte
RaiseException
ReadFile
CreateFileW
GetFileSizeEx
SetFilePointerEx
DeleteFileW
TerminateThread
FindResourceW
LoadResource
LockResource
SizeofResource
DisableThreadLibraryCalls
VirtualAlloc
GetCurrentProcess
VirtualFree
GetSystemInfo
lstrcmpW
LoadLibraryW
InterlockedDecrement
FreeLibrary
InterlockedIncrement
CreateThread
GetVersionExW
GetTickCount
GetCurrentThread
SetThreadPriority
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
CreateEventW
InterlockedExchange
CloseHandle
ResetEvent
GetModuleFileNameA
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
WaitForSingleObject
Sleep
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UnregisterClassA
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassW
SetCursor
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
DestroyMenu
ShowWindow
CallWindowProcW
IsWindowEnabled
MessageBoxW
UnhookWindowsHookEx
EnableWindow
GetSystemMetrics
PostMessageW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
SetRect
SetWindowsHookExW

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SaveDC
SetViewportExtEx
PtVisible
ScaleViewportExtEx
DeleteObject
OffsetViewportOrgEx
CreateBitmap
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RestoreDC
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RectVisible

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString

oleaut32

VariantChangeType
SysAllocString
SysFreeString
VariantInit
VariantClear
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/Haali/Haalisplitter.ax
.dll regsvr32 windows:5 windows x86 arch:x86

414ec1bc0de0d85027929ca19e0d6be5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

gdi32

BitBlt
AddFontResourceW
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateFontW
GetDeviceCaps
GetTextMetricsW
SetBkColor
SetBkMode
ExtTextOutW
DeleteDC
GdiFlush
SetTextColor
SetTextAlign
CreateDCA
RemoveFontResourceW

kernel32

GetModuleFileNameW
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
DeleteFileW
GetTempPathW
GetTempFileNameW
CreateFileW
WriteFile
GetLastError
GetSystemTime
SystemTimeToFileTime
CreateFileA
SetFilePointer
ReadFile
CreateThread
VirtualFree
VirtualAlloc
SetEndOfFile
GetVersion
InterlockedExchange
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
MulDiv
lstrlenW
EnterCriticalSection
FindFirstFileW
FindNextFileW
FindClose
lstrlenA
VirtualQuery
FreeLibrary
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LeaveCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LoadLibraryA
GetModuleHandleA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
LoadResource
LockResource
SizeofResource
WaitForSingleObject
HeapAlloc
WaitForMultipleObjects
HeapFree
InterlockedDecrement
HeapDestroy
CreateEventW
HeapCreate
InterlockedIncrement
CloseHandle
ResetEvent
SetEvent
FindResourceExW
GetTickCount
Sleep
SetLastError
TlsFree
TlsSetValue
GetCurrentProcess
TlsAlloc
TlsGetValue
GetStdHandle
RtlUnwind
lstrcpynW
lstrcmpW
ReleaseSemaphore
CreateSemaphoreW
GetSystemInfo
DuplicateHandle
GetVersionExW
DisableThreadLibraryCalls
lstrcmpiA
RaiseException
OutputDebugStringA
FormatMessageW
HeapReAlloc
HeapSize
GetCommandLineA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetProcessHeap
LoadLibraryW

user32

GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
ShowWindow
GetWindowThreadProcessId
IsWindowVisible
MessageBoxW
EnumWindows
CreatePopupMenu
SendDlgItemMessageW
GetDesktopWindow
LoadStringW
DestroyWindow
InvalidateRect
CreateDialogParamW
GetMenuItemCount
CheckMenuRadioItem
DestroyMenu
GetDlgItem
SendMessageW
AppendMenuW
PostMessageW
TrackPopupMenu
GetCursorPos
SetForegroundWindow
LoadIconW
PostQuitMessage
DefWindowProcW
GetSystemMetrics
CreateWindowExW
RegisterClassW
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
RegisterWindowMessageW
CallWindowProcW
EndPaint
BeginPaint
RedrawWindow
ReleaseDC
GetDC
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
SetWindowLongW
GetWindowLongW
KillTimer
GetSysColor

advapi32

RegEnumKeyExW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumValueA
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegQueryValueExW

shell32

Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoInitializeEx
CoTaskMemFree
CoUninitialize

oleaut32

SafeArrayDestroy
SafeArrayCreateVector
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysAllocString
VariantInit
OleCreatePropertyFrame
SysFreeString
SysAllocStringLen
OleLoadPicture
SafeArrayCreate
SafeArrayGetDim

mkzlib

deflateBound
deflate
deflateInit_
deflateEnd
crc32
deflateReset
compress

mkunicode

iso_getlcid
iso_codetoname
iso_getentry
Utf8ToUtf16
Utf16ToUtf8
iso_getsyslang

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

UuidToStringA
UuidFromStringA
RpcStringFreeA

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/Haali/avi.dll
.dll regsvr32 windows:5 windows x86 arch:x86

137c2204050ee4bb5202bad653832958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadResource
SizeofResource
LoadLibraryExW
MultiByteToWideChar
FreeLibrary
GetThreadLocale
SetThreadLocale
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetModuleHandleW
GetProcAddress
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
FindResourceW
lstrlenW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
VirtualFree
VirtualAlloc
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualQuery
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
VariantClear
SysAllocStringLen
VariantChangeType
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SafeArrayUnaccessData

mkunicode

Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/Haali/mkunicode.dll
.dll windows:5 windows x86 arch:x86

1da5d5aea5082cc09bfa84c92764c4f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
MultiByteToWideChar

Exports

Exports

Utf16ToUtf8
Utf8ToUtf16
iso_code2tocode3
iso_code3tocode2
iso_code3tocode3
iso_codetoname
iso_getentry
iso_getlcid
iso_getsyslang
iso_nametocode3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/Haali/mkzlib.dll
.dll windows:5 windows x86 arch:x86

efcc761811aa76f93e9c981878270d69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
inflate
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/Haali/mp4.dll
.dll regsvr32 windows:5 windows x86 arch:x86

3f440f513153ae823175c3bf5cd0945f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
GetProcAddress
GetThreadLocale
FreeLibrary
LoadLibraryExW
lstrlenW
InterlockedDecrement
InterlockedIncrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetThreadLocale
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualQuery
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
VariantClear
SysFreeString
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysAllocStringLen

mkzlib

inflate
inflateInit_
inflateEnd

mkunicode

Utf16ToUtf8
Utf8ToUtf16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/MP4Splitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

4b784aa0fac445ef5286027831723d8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\qvodplayer4_filters\Mp4SplitterFilter\branches\zhongweiyuan\MP4Splitter\Release\MP4Splitter.pdb

Imports

kernel32

LocalReAlloc
TlsFree
GetModuleHandleA
GetVersionExA
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GlobalFlags
CompareStringA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
TlsSetValue
RtlUnwind
QueryPerformanceCounter
SetStdHandle
GetFileType
VirtualQuery
HeapSize
ExitProcess
HeapDestroy
HeapCreate
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetFileTime
GetFileSize
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
DisableThreadLibraryCalls
LoadLibraryW
FreeLibrary
GetModuleFileNameA
lstrlenA
lstrlenW
VirtualAlloc
GetCurrentProcess
DuplicateHandle
VirtualFree
InterlockedDecrement
InterlockedIncrement
lstrcmpW
CreateThread
GetVersionExW
GetLastError
GetTickCount
GetCurrentThreadId
GetModuleHandleW
CreateEventW
DeleteFileW
OutputDebugStringW
Sleep
SetThreadPriority
InterlockedExchange
ResetEvent
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetProcAddress
GetModuleFileNameW
GetVersion
CreateFileW
CloseHandle
GetVolumeInformationW
FindFirstFileW
FindClose
MultiByteToWideChar
FindResourceW
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
GetProcessHeap

user32

SetWindowTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
UnregisterClassA
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
PostQuitMessage
DestroyMenu
GetWindowTextW
PostMessageW
CharUpperW
GetSystemMetrics
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
ClientToScreen

gdi32

DeleteDC
CreateBitmap
GetStockObject
ExtTextOutW
ScaleWindowExtEx
PtVisible
SetWindowExtEx
TextOutW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
TranslateCharsetInfo
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
RectVisible

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCreateKeyW
RegSetValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey

shlwapi

PathIsUNCW
PathFindFileNameW
PathStripToRootW

ole32

CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/MatroskaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

6660c7bfdbe99d93f987b3ad0317ecd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetModuleHandleA
GetVersionExA
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GlobalFlags
CompareStringA
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
GetProcessHeap
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
VirtualQuery
HeapSize
ExitProcess
HeapDestroy
HeapCreate
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LocalAlloc
GetFullPathNameW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetFileTime
GetFileSize
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
GetTempPathW
GetTempFileNameW
DeleteFileW
RaiseException
GetModuleFileNameW
GetVersion
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
DisableThreadLibraryCalls
CreateThread
GetVersionExW
GetTickCount
SetThreadPriority
GetModuleHandleW
GetProcAddress
InterlockedExchange
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrcmpW
LoadLibraryW
InterlockedDecrement
FreeLibrary
InterlockedIncrement
GetModuleFileNameA
GetLastError
lstrlenA
lstrlenW
DeleteCriticalSection
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
Sleep
InitializeCriticalSection
GetLocaleInfoA
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FindResourceW
IsDebuggerPresent

user32

SetWindowTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
UnregisterClassA
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
ClientToScreen
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowTextW
PostQuitMessage
DestroyMenu
GetClientRect
PostMessageW
CharUpperW
GetSystemMetrics
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
GrayStringW

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
ScaleViewportExtEx
RectVisible
PtVisible
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
TextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

shlwapi

PathIsUNCW
PathFindFileNameW
PathStripToRootW

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString

oleaut32

VariantClear
VariantChangeType
SysAllocStringLen
SysAllocString
SysFreeString
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/Mpeg2DecFilter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

029aa0567041e2df739512c3ffc45bc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
HeapFree
RtlUnwind
RaiseException
HeapAlloc
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
TlsGetValue
ExitProcess
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
GetStdHandle
Sleep
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
VirtualQuery
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
LocalAlloc
WritePrivateProfileStringW
FindResourceExW
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GetModuleHandleA
GetCurrentProcessId
GlobalAddAtomW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GlobalDeleteAtom
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
MulDiv
DisableThreadLibraryCalls
GetVersionExW
GetTickCount
GetCurrentThread
GetModuleHandleW
InterlockedExchange
LoadLibraryW
FreeLibrary
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
VirtualFree
GetSystemInfo
ReleaseSemaphore
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
lstrcmpW
GetModuleFileNameA
GetLastError
lstrlenA
lstrlenW
GetProcAddress
GetModuleFileNameW
GetVersion
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualProtect
FlushInstructionCache
GetSystemTimeAsFileTime

user32

ShowWindow
MoveWindow
SetWindowTextW
IsDlgButtonChecked
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetWindowTextW
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
UnregisterClassA
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetSysColor
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
DestroyMenu
LoadCursorW
GetSysColorBrush
UnregisterClassW
GetClientRect
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDC
ReleaseDC
InvalidateRect
SetRect
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
EnableWindow
SendMessageW
GetWindow
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
IntersectRect
IsRectEmpty
ClientToScreen
CopyRect

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps
SetViewportExtEx
EnumFontFamiliesExW
ScaleViewportExtEx
SelectObject
OffsetViewportOrgEx
GetTextExtentPoint32W
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateFontIndirectW
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyW
RegSetValueW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoTaskMemFree
CLSIDFromString
CoTaskMemAlloc

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/MpegSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

99af4973553a983ed31d4609e150db87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadLocale
WriteFile
FlushFileBuffers
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalFindAtomW
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
SetStdHandle
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
LocalAlloc
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
WritePrivateProfileStringW
GetCurrentProcessId
GlobalAddAtomW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GlobalLock
GlobalAlloc
GlobalDeleteAtom
SetLastError
GetFileSizeEx
SetFilePointerEx
DeleteFileW
SetFilePointer
ReadFile
GetModuleFileNameW
GetVersion
CreateFileW
WideCharToMultiByte
RaiseException
CreateThread
GetTickCount
GetCurrentThread
SetThreadPriority
GetModuleHandleW
InterlockedExchange
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrcmpW
InterlockedIncrement
GetModuleFileNameA
GetLastError
lstrlenA
lstrlenW
InterlockedDecrement
DisableThreadLibraryCalls
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileType

user32

ShowWindow
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSysColor
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetDlgCtrlID
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
UnregisterClassW
GetSystemMetrics
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetSysColorBrush
LoadCursorW
DestroyMenu
AdjustWindowRectEx
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
UnhookWindowsHookEx
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
UnregisterClassA
GetWindowRect
GetMessageTime

gdi32

DeleteDC
GetStockObject
SelectObject
ScaleWindowExtEx
PtVisible
Escape
SetWindowExtEx
ExtTextOutW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
TextOutW
GetDeviceCaps
CreateBitmap
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
RectVisible

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

ole32

CoTaskMemAlloc
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree
CLSIDFromString

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear
SysAllocStringLen
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/OptimFROG.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

OptimFROG_close
OptimFROG_createInstance
OptimFROG_decodeFile
OptimFROG_destroyInstance
OptimFROG_freeTags
OptimFROG_getInfo
OptimFROG_getPos
OptimFROG_getTags
OptimFROG_getVersion
OptimFROG_infoFile
OptimFROG_open
OptimFROG_openExt
OptimFROG_read
OptimFROG_readHead
OptimFROG_readTail
OptimFROG_recoverableErrors
OptimFROG_seekPoint
OptimFROG_seekTime
OptimFROG_seekable

Sections

UPX0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QMVSplitterFilter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

fae4664718acf6c82b1ba1e3f4c5bc91

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e4:0a:9b:8f:56:57:4c:7e:5b:b1:99:09:43:8f:bb:d6:33:03:25:20
Signer

Actual PE Digest

e4:0a:9b:8f:56:57:4c:7e:5b:b1:99:09:43:8f:bb:d6:33:03:25:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetEvent
WaitForSingleObject
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
GetVersionExW
DisableThreadLibraryCalls
CreateEventW
GetProcAddress
GetModuleHandleW
lstrcpynW
lstrcmpW
GetCurrentThreadId
SetThreadPriority
GetTickCount
ResetEvent
InterlockedExchange
CreateThread
CreateSemaphoreW
InterlockedIncrement
FreeLibrary
InterlockedDecrement
ReleaseSemaphore
VirtualFree
GetCurrentProcess
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RtlUnwind
RaiseException
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
HeapSize
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

user32

wsprintfW

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegDeleteKeyW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoFreeUnusedLibraries

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QvodMpeg2Dec.ax
.dll regsvr32 windows:4 windows x86 arch:x86

e51373108e9dafd166529202b2a42f1a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

30/09/2010, 00:00

Not After

01/01/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:23:7d:2a:07:e7:a8:bb:ff:e3:b7:21:4f:03:02:d3:7a:d3:bd:4c
Signer

Actual PE Digest

4f:23:7d:2a:07:e7:a8:bb:ff:e3:b7:21:4f:03:02:d3:7a:d3:bd:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\qvod_code\svn\filter\qvodmpegdecoderfilter\branches\liangjianguo\bin\release\QvodMpeg2Dec.pdb

Imports

kernel32

GetModuleHandleA
GlobalFlags
GetVersionExA
LoadLibraryA
GlobalFindAtomW
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetStdHandle
TerminateProcess
IsDebuggerPresent
HeapDestroy
HeapCreate
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
VirtualQuery
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
WritePrivateProfileStringW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
GetCurrentProcessId
SetLastError
GlobalAddAtomW
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
GlobalLock
GlobalAlloc
SetErrorMode
GetCurrentThread
GetModuleHandleW
InterlockedExchange
LoadLibraryW
FreeLibrary
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
VirtualFree
ReleaseSemaphore
WaitForSingleObject
InterlockedIncrement
lstrcmpW
GetModuleFileNameA
GetLastError
lstrlenA
lstrlenW
InterlockedDecrement
DisableThreadLibraryCalls
GetVersionExW
GetProcAddress
GetModuleFileNameW
GetVersion
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
GetTickCount
UnhandledExceptionFilter

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
UnregisterClassA
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnregisterClassW
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
DestroyMenu
LoadCursorW
GetSysColorBrush
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
PostMessageW
PostQuitMessage
SetRect
GetDesktopWindow
GetWindowRect
LoadStringW
DefWindowProcW
DestroyWindow
ShowWindow
InvalidateRect
MoveWindow
CreateDialogParamW
SetWindowLongW
GetWindowLongW
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
EnableWindow
SendMessageW
GetDlgItem
GetDlgCtrlID

gdi32

DeleteDC
GetStockObject
ExtTextOutW
ScaleWindowExtEx
PtVisible
SetWindowExtEx
TextOutW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
CreateBitmap
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
RectVisible

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegCreateKeyW
RegSetValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QvodPNGDecoder.ax
.dll regsvr32 windows:4 windows x86 arch:x86

d22da7f4a6067d239a27bf6d1ab6c4ca

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

90:46:d3:c2:83:53:e3:8a:68:e8:02:f6:90:cf:33:2e:06:1a:0c:4d
Signer

Actual PE Digest

90:46:d3:c2:83:53:e3:8a:68:e8:02:f6:90:cf:33:2e:06:1a:0c:4d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcpynW
InterlockedIncrement
InterlockedDecrement
CloseHandle
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
FreeLibrary
InitializeCriticalSection
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileW
lstrcmpW
DisableThreadLibraryCalls
GetModuleFileNameA
GetVersionExW
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
GetProcAddress
CreateFileA
SetEndOfFile
GetLocaleInfoA
LoadLibraryA
RtlUnwind
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
HeapReAlloc
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
IsDebuggerPresent
ReadFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
FlushFileBuffers
ExitProcess
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

user32

wsprintfW

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoTaskMemAlloc

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Size@CxIOFile@@UAEJXZ
?Tell@CxIOFile@@UAEJXZ
?Write@CxIOFile@@UAEIPBXII@Z
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QvodPostVideo.ax
.dll regsvr32 windows:4 windows x86 arch:x86

702f9ab3a07e21e2ea4b36e73b37c251

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:12:3a:1f:24:a4:ae:60:07:ab:a4:41:20:34:f1:c9:14:8f:cc:51
Signer

Actual PE Digest

63:12:3a:1f:24:a4:ae:60:07:ab:a4:41:20:34:f1:c9:14:8f:cc:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

kernel32

WriteFile
CreateEventW
GetTickCount
SetEvent
WaitForSingleObject
ResetEvent
lstrcmpW
InterlockedIncrement
InterlockedDecrement
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
FreeLibrary
GetProcAddress
GetLastError
GetVersionExW
lstrlenW
CreateFileW
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
LoadLibraryA
GetSystemTime
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
HeapSize
ExitProcess
RaiseException
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte

user32

MoveWindow
EnableWindow
SendMessageW
SetWindowTextW
IsDlgButtonChecked
GetWindowTextW
GetDesktopWindow
GetWindowRect
LoadStringW
DefWindowProcW
DestroyWindow
ShowWindow
InvalidateRect
CreateDialogParamW
SetWindowLongW
GetWindowLongW
GetDlgItem

advapi32

RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QvodSound.ax
.dll regsvr32 windows:4 windows x86 arch:x86

090950ca5346bf812a01e2b7f9d98c14

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:37:21:7c:7d:54:c8:db:7a:6b:eb:20:d6:2c:2c:9d:fb:ef:16:b1
Signer

Actual PE Digest

7f:37:21:7c:7d:54:c8:db:7a:6b:eb:20:d6:2c:2c:9d:fb:ef:16:b1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord16
ord17

kernel32

EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryW
FreeLibrary
ReadFile
SetEndOfFile
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
GetVersionExW
DisableThreadLibraryCalls
InterlockedDecrement
lstrcmpW
InterlockedIncrement
CloseHandle
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
GetTickCount
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
SetFilePointer
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CreateWindowExW
CheckRadioButton
GetDlgItemTextA
GetWindowLongW
SetWindowLongW
CreateDialogParamW
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcW
LoadStringW
GetWindowRect
GetDesktopWindow
SetDlgItemTextW
GetDlgItemTextW
wsprintfW
SetDlgItemTextA
SendMessageW
GetDlgItem

comdlg32

GetSaveFileNameW

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoTaskMemAlloc

advapi32

RegSetValueW
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QvodSource.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0a5a3f6642c2905b11a3b0a35ae3428a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:1e:3b:bf:bb:71:81:cc:e5:9a:3e:eb:ea:24:77:39:08:96:fc:16
Signer

Actual PE Digest

58:1e:3b:bf:bb:71:81:cc:e5:9a:3e:eb:ea:24:77:39:08:96:fc:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
CloseHandle
CreateThread
GetLocalTime
GetCurrentDirectoryA
GetTickCount
Sleep
ReleaseSemaphore
CreateSemaphoreW
CreateEventW
FindResourceExW
WaitForMultipleObjects
LoadResource
OutputDebugStringW
WideCharToMultiByte
SizeofResource
MultiByteToWideChar
FindFirstFileA
FindClose
LockResource
TerminateThread
ResumeThread
ResetEvent
EnterCriticalSection
GetLastError
LeaveCriticalSection
InitializeCriticalSection
SetEvent
FindResourceW
WaitForSingleObject
GetThreadLocale
InterlockedExchange
GetProcAddress
GetModuleHandleW
GetCurrentThreadId
SetThreadPriority
GetVersionExW
InterlockedIncrement
FreeLibrary
InterlockedDecrement
GetSystemInfo
VirtualFree
GetCurrentProcess
VirtualAlloc
lstrlenW
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
GetCPInfo
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
LCMapStringA
LCMapStringW
ReadFile
SetFilePointer
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapReAlloc
HeapSize
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
CreateFileA
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile

user32

GetWindowLongW
SetWindowLongW
CreateDialogParamW
MoveWindow
ShowWindow
DestroyWindow
LoadStringW
GetWindowRect
GetDesktopWindow
UnregisterClassA
InvalidateRect
SendMessageW
GetDlgItemTextW
GetDlgItem

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegCloseKey

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/QvodSubtitle.ax
.dll regsvr32 windows:4 windows x86 arch:x86

be26fc307fd190c63ad8ae8dce79f9c3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:ca:c0:20:4e:26:af:c8:93:f8:a3:db:73:e0:1c:70
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/04/2011, 00:00

Not After

16/07/2013, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

94:e0:4e:a5:77:cc:72:5c:98:27:c1:bf:02:8e:26:e0:c2:d6:1c:88
Signer

Actual PE Digest

94:e0:4e:a5:77:cc:72:5c:98:27:c1:bf:02:8e:26:e0:c2:d6:1c:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdiplus

GdipLoadImageFromFile
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageRawFormat
GdipGetImageType
GdipDrawPath
GdipDeletePath
GdipCreateSolidFill
GdipCreatePath
GdipDeletePen
GdipCloneBrush
GdipDeleteBrush
GdipDeleteFont
GdipCreatePen1
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipAddPathString
GdipCreateBitmapFromScan0
GdipDeleteFontFamily
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateFontFamilyFromName
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipFillPath
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdipSetPenLineJoin
GdipFree
GdipCreateFromHDC
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipMeasureString

kernel32

InterlockedIncrement
CloseHandle
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
FreeLibrary
GetProcAddress
GetTickCount
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetModuleHandleA
WideCharToMultiByte
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
Sleep
SystemTimeToTzSpecificLocalTime
GetSystemTime
TlsAlloc
TlsSetValue
TlsFree
SetLastError
lstrcmpW
InterlockedDecrement
DisableThreadLibraryCalls
GetVersionExW
GetModuleFileNameA
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetHandleCount
GetStdHandle
SetEndOfFile
CreateFileA
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileW
GetLocaleInfoW
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetEnvironmentStrings
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
ReadFile
SetFilePointer
HeapSize
WriteFile
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsGetValue

user32

GetWindowTextLengthW
GetWindowTextW
GetDesktopWindow
GetWindowRect
LoadStringW
DefWindowProcW
DestroyWindow
ShowWindow
InvalidateRect
MoveWindow
CreateDialogParamW
SetWindowLongW
GetWindowLongW
SetDlgItemInt
SendMessageW
GetDlgItem
GetDlgItemTextW
SetDlgItemTextW
wsprintfW

comdlg32

GetOpenFileNameW
ChooseColorW
ChooseFontW

advapi32

RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueW
RegCreateKeyW

ole32

CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance

gdi32

DeleteDC
CreateCompatibleDC
SetMapMode
SetBkMode
CreateFontIndirectW
SetTextColor

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/RadGtSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

889412c92af0f151765011fc0824804f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\mpc\src\filters\parser\radgtsplitter\Release\RadGtSplitter.pdb

Imports

kernel32

UnlockFile
SetEndOfFile
GetThreadLocale
GetFullPathNameA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameA
lstrcmpA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
LockFile
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualQuery
GetCommandLineA
GetProcessHeap
SetStdHandle
GetFileType
HeapSize
ExitProcess
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FlushFileBuffers
WriteFile
ReadFile
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
SetLastError
DeleteFileA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
RaiseException
CreateThread
GetTickCount
SetThreadPriority
GetACP
GetModuleHandleA
DisableThreadLibraryCalls
GetVersionExA
GetModuleFileNameA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
FreeLibrary
SetFilePointer
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapFree

user32

SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
UnregisterClassA
GetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
PostMessageA
GetSystemMetrics
GetWindowThreadProcessId
SendMessageA
PostQuitMessage
DestroyMenu
SetWindowTextA
GetClassInfoA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
wsprintfA
CharUpperA
MessageBoxA
TabbedTextOutA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

shlwapi

PathIsUNCA
PathFindFileNameA
PathStripToRootA

ole32

CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CLSIDFromString

oleaut32

VariantChangeType
VariantInit
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/RealMediaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

0118ec82690ef9a34fddc0a88d4114f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
GetModuleFileNameA
LockResource
EnterCriticalSection
GetVersionExW
DisableThreadLibraryCalls
InterlockedDecrement
lstrlenW
lstrlenA
GetLastError
InterlockedIncrement
lstrcmpW
CloseHandle
CreateEventW
SetEvent
ResetEvent
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
InterlockedExchange
GetModuleHandleW
SetThreadPriority
GetCurrentThread
GetTickCount
CreateThread
GetProcAddress
FindFirstFileW
GetVolumeInformationW
CreateFileW
GetVersion
RaiseException
DeleteFileW
GlobalDeleteAtom
GlobalAlloc
GlobalLock
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
SetLastError
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
LocalFree
FormatMessageW
GlobalUnlock
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSize
GetFileTime
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameW
LocalAlloc
GetVersionExA
LoadLibraryA
CompareStringW
GlobalFindAtomW
GlobalFlags
GetModuleHandleA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
HeapFree
HeapAlloc
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
HeapReAlloc
ExitProcess
SetStdHandle
GetFileType
VirtualQuery
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
SizeofResource
Sleep
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSection
OutputDebugStringW
LoadResource
FreeLibrary
FindClose
FindResourceW

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathAddBackslashA
PathRemoveFileSpecA

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetMenu
GetClientRect
SetForegroundWindow
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
GetForegroundWindow
GetWindowTextW
IsWindow
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
GetCapture
WinHelpW
LoadIconW
SetWindowTextW
ShowWindow
ClientToScreen
GetSysColorBrush
ReleaseDC
GetDC
LoadCursorW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetSysColor
DestroyMenu
UnregisterClassA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
CharUpperW
GetSystemMetrics
GetMenuItemID
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
EnableWindow
MessageBoxW
SetCursor
PostMessageW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SetRect
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcW
DefWindowProcW
SetWindowLongW
SetWindowPos
IsWindowEnabled

gdi32

GetDeviceCaps
RectVisible
TextOutW
ExtTextOutW
GetClipBox
SetTextColor
SetBkColor
DeleteObject
SaveDC
RestoreDC
SetMapMode
Escape
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateBitmap
GetStockObject
DeleteDC
PtVisible

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

advapi32

RegQueryValueW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
RegEnumKeyW
RegOpenKeyW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CLSIDFromString

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocStringLen
VariantChangeType
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 272KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/VP8DecFilter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

317d2ae15472ba95f4dc866e6c9f8b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
CreateEventW
CloseHandle
Sleep
SetEvent
QueryPerformanceFrequency
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
GetVersionExW
DisableThreadLibraryCalls
InterlockedIncrement
FreeLibrary
InterlockedDecrement
lstrcpynW
VirtualFree
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
GetProcAddress
GetTickCount
CreateThread
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
HeapReAlloc
RtlUnwind
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
RaiseException
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection

user32

wsprintfW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegSetValueW
RegCreateKeyW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoFreeUnusedLibraries
StringFromGUID2

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/VSFilter.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b73349842f85c74c408b362d73212703

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Program Files\QvodPlayer\Codecs\VSFilter.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

DeleteFileW
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
HeapAlloc
HeapFree
GetCommandLineA
GetProcessHeap
RtlUnwind
RaiseException
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetFileTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualQuery
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetErrorMode
GetModuleFileNameA
lstrlenA
lstrlenW
DisableThreadLibraryCalls
VirtualAlloc
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
ReleaseSemaphore
InterlockedDecrement
InterlockedIncrement
CreateSemaphoreW
GetVersionExW
GetTickCount
GetCurrentThread
GetCurrentThreadId
ResetEvent
lstrcmpW
DebugBreak
GetFullPathNameW
GetTempFileNameW
FreeLibrary
GetTempPathW
IsDBCSLeadByteEx
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindNextFileW
FindClose
GetStartupInfoW
lstrcpynW
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryW
GetFileAttributesW
GetModuleHandleW
SetLastError
GetModuleFileNameW
CreateThread
WaitForSingleObject
WaitForMultipleObjects
GetVersion
CreateEventW
InterlockedExchange
SetEvent
TerminateThread
MulDiv
GetLastError
FindNextChangeNotification
SetThreadPriority
CloseHandle
FindFirstChangeNotificationW
FindCloseChangeNotification
Sleep
WideCharToMultiByte
LoadResource
MultiByteToWideChar
InitializeCriticalSection
FindResourceW
SizeofResource
DeleteCriticalSection
LockResource
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent

user32

DrawTextExW
TabbedTextOutW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
UnregisterClassA
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
GrayStringW
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetParent
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DefWindowProcW
ShowWindow
MoveWindow
GetWindowLongW
PeekMessageW
IsWindow
InflateRect
CharLowerBuffW
MessageBoxW
UnionRect
EqualRect
SetRectEmpty
SetRect
IsRectEmpty
ClientToScreen
BeginPaint
EndPaint
UnregisterClassW
LoadCursorW
GetSysColorBrush
CharUpperW
SetCursor
ValidateRect
DestroyMenu
CopyRect
PostMessageW
RegisterWindowMessageW
DestroyIcon
UnhookWindowsHookEx
GetMessageW
SystemParametersInfoW
CallNextHookEx
LoadIconW
SetTimer
GetCursorPos
DispatchMessageW
CreatePopupMenu
AppendMenuW
PostQuitMessage
SetForegroundWindow
TranslateMessage
GetClientRect
GetSysColor
InvalidateRect
SetWindowLongW
EnableWindow
GetWindowRect
DestroyWindow
GetDlgItem
CreateDialogParamW
GetDesktopWindow
SendMessageW
ReleaseDC
GetDC
OffsetRect
IntersectRect
DrawTextW
GetWindowThreadProcessId
SetActiveWindow

gdi32

PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetStockObject
ScaleWindowExtEx
RestoreDC
SaveDC
SelectObject
GetObjectW
SetBkMode
ExtTextOutW
CreateBitmap
SetBkColor
GetClipBox
GetKerningPairsW
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
AddFontResourceW
TranslateCharsetInfo
TextOutW
GetTextExtentPoint32W
GetTextMetricsW
DeleteObject
CreateDIBSection
CreateFontIndirectW
DeleteDC
CreateCompatibleDC
GetDeviceCaps
SetMapMode
SetTextColor

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyW
RegSetValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueW

shell32

ShellExecuteW
SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
UrlUnescapeW

ole32

CoTaskMemRealloc
CoUninitialize
CoInitialize
CLSIDFromString
CoTaskMemAlloc
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
StringFromGUID2

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
OleCreatePropertyFrame
SysAllocString
SysStringLen
VarBstrCmp

wininet

InternetOpenUrlW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetReadFile
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable

Exports

Exports

DirectVobSub
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VirtualdubFilterModuleDeinit
VirtualdubFilterModuleInit2
_AvisynthPluginInit2@4
_AvisynthPluginInit@4
csri_close
csri_open_file
csri_open_mem
csri_query_ext
csri_render
csri_renderer_byname
csri_renderer_default
csri_renderer_info
csri_renderer_next
csri_request_fmt

Sections

.text
Size: 676KB - Virtual size: 674KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/asfsplliter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

61540ae4d5f1fe29babe6b430f77a241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateReader

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA

user32

wsprintfA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

free
??1type_info@@UAE@XZ
_CxxThrowException
_ftol
__CxxFrameHandler
??2@YAPAXI@Z
_adjust_fdiv
malloc
_initterm

kernel32

DisableThreadLibraryCalls
LocalFree
GetModuleFileNameA
lstrlenA
GetVersionExA
GetLastError
SetThreadPriority
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
CreateThread
FreeLibrary
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
InterlockedIncrement
SetEvent
EnterCriticalSection
ResetEvent
LeaveCriticalSection
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/bass_fsalac.dll
.dll windows:5 windows x86 arch:x86

80bb83a4a61546010afae7efe5e60489

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:32:23:ca:92:d1:51
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

25/07/2012, 10:42

Not After

29/07/2015, 12:06

Subject

CN=Chongqing Langzhou Trade Co.\, Ltd.,O=Chongqing Langzhou Trade Co.\, Ltd.,L=Chongqing,ST=Chongqing,C=CN,1.2.840.113549.1.9.1=#0c0d7178313332374071712e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17/09/2006, 19:46

Not After

17/09/2036, 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

3d:a3:c0:1e:9e:4d:48:9e:b4:2a:03:de:97:28:31:23:b7:31:3d:d1
Signer

Actual PE Digest

3d:a3:c0:1e:9e:4d:48:9e:b4:2a:03:de:97:28:31:23:b7:31:3d:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\快播\Codecs\bass_fsalac.pdb

Imports

kernel32

FindResourceExW
GetLastError
CloseHandle
GlobalFree
GlobalAlloc
lstrlenW
lstrlenA
GetModuleFileNameW
GetVersion
ReadFile
GetFileSize
CreateFileW
CreateThread
FindResourceW
LoadResource
LockResource
SizeofResource
WriteConsoleW
FlushFileBuffers
SetStdHandle
CreateFileA
LoadLibraryW
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
SetFilePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
LCMapStringW
GetStringTypeW
HeapCreate
Sleep
ExitProcess
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoW
SetEndOfFile

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetQueryDataAvailable
HttpQueryInfoA
HttpSendRequestA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetReadFile

iphlpapi

GetAdaptersInfo

Exports

Exports

DestroyDll
PostXml
RegUserMovie
SanStart
SendLookMovie

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/binkw32.dll
.dll windows:4 windows x86 arch:x86

863844ad7aa759748e31329c65f10f35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Devel\Projects\bink\build\binkw32.pdb

Imports

user32

SetCursor
GetClassLongA
RegisterClassA
ChangeDisplaySettingsA
IsWindowVisible
GetSystemMetrics
GetCursorPos
DefWindowProcA
ReleaseDC
PeekMessageA
CreateWindowExA
GetTopWindow
GetWindowLongA
GetActiveWindow
GetWindowThreadProcessId
GetWindow
EndPaint
ClientToScreen
DestroyWindow
MessageBoxA
ScreenToClient
GetWindowRect
IsIconic
GetClientRect
BeginPaint
GetDC
ShowCursor
UnregisterClassA

gdi32

CreateDIBSection
GetDeviceCaps
StretchBlt
GetDIBits
SetPixel
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetPixel
DeleteDC

kernel32

GetOEMCP
GetACP
LCMapStringW
MultiByteToWideChar
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetCPInfo
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
HeapSize
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlUnwind
GetLastError
CreateEventA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
CreateFileA
SetFilePointer
ReadFile
CloseHandle
WaitForSingleObject
SetEvent
RaiseException
SetThreadPriority
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ResumeThread
CreateThread
GetCurrentProcess
TerminateProcess
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetCommandLineA
HeapFree
HeapAlloc

winmm

waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutSetVolume
waveOutReset
waveOutRestart
waveOutPause
waveOutWrite
waveOutClose
timeGetTime

Exports

Exports

_BinkBufferBlit@12
_BinkBufferCheckWinPos@12
_BinkBufferClear@8
_BinkBufferClose@4
_BinkBufferGetDescription@4
_BinkBufferGetError@0
_BinkBufferLock@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferSetHWND@8
_BinkBufferSetOffset@12
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferUnlock@4
_BinkCheckCursor@20
_BinkClose@4
_BinkCloseTrack@4
_BinkCopyToBuffer@28
_BinkCopyToBufferRect@44
_BinkDDSurfaceType@4
_BinkDX8SurfaceType@4
_BinkDoFrame@4
_BinkGetError@0
_BinkGetKeyFrame@12
_BinkGetRealtime@12
_BinkGetRects@8
_BinkGetSummary@8
_BinkGetTrackData@8
_BinkGetTrackID@8
_BinkGetTrackMaxSize@8
_BinkGetTrackType@8
_BinkGoto@12
_BinkIsSoftwareCursor@8
_BinkLogoAddress@0
_BinkNextFrame@4
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkOpenMiles@4
_BinkOpenTrack@8
_BinkOpenWaveOut@4
_BinkPause@8
_BinkRestoreCursor@4
_BinkService@4
_BinkSetError@4
_BinkSetFrameRate@8
_BinkSetIO@4
_BinkSetIOSize@4
_BinkSetMixBinVolumes@20
_BinkSetMixBins@16
_BinkSetPan@12
_BinkSetSimulate@4
_BinkSetSoundOnOff@8
_BinkSetSoundSystem@8
_BinkSetSoundTrack@8
_BinkSetVideoOnOff@8
_BinkSetVolume@12
_BinkWait@4
_RADSetMemory@8
_RADTimerRead@0
_YUV_blit_16a1bpp@52
_YUV_blit_16a1bpp_mask@60
_YUV_blit_16a4bpp@52
_YUV_blit_16a4bpp_mask@60
_YUV_blit_16bpp@48
_YUV_blit_16bpp_mask@56
_YUV_blit_24bpp@48
_YUV_blit_24bpp_mask@56
_YUV_blit_24rbpp@48
_YUV_blit_24rbpp_mask@56
_YUV_blit_32abpp@52
_YUV_blit_32abpp_mask@60
_YUV_blit_32bpp@48
_YUV_blit_32bpp_mask@56
_YUV_blit_32rabpp@52
_YUV_blit_32rabpp_mask@60
_YUV_blit_32rbpp@48
_YUV_blit_32rbpp_mask@56
_YUV_blit_UYVY@48
_YUV_blit_UYVY_mask@56
_YUV_blit_YUY2@48
_YUV_blit_YUY2_mask@56
_YUV_blit_YV12@52
_YUV_init@4
_radfree@4
_radmalloc@4

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK4444
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK5551
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32A
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16X2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32X2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16MX
Size: 1024B - Virtual size: 515B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32MX
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16M
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32M
Size: 1024B - Virtual size: 547B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 361B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32R
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32RA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32RX
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24X2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24M
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24R
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24RX
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24RM
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 369B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 327B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYV12
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKDATA
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/dsfVorbisDecoder.ax
.dll regsvr32 windows:4 windows x86 arch:x86

7cd1d34b27471c3acc17e36af78a59c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries

oleaut32

SysFreeString
VariantInit
SysAllocString
VariantClear

kernel32

SetStdHandle
OutputDebugStringW
SetFilePointer
GetLastError
CreateFileW
CloseHandle
GetStdHandle
WriteFile
GetTimeFormatW
GetModuleFileNameW
GetCurrentThreadId
WriteConsoleA
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
WideCharToMultiByte
MultiByteToWideChar
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetEnvironmentStringsW
InitializeCriticalSection
DeleteCriticalSection
OutputDebugStringA
InterlockedIncrement
InterlockedDecrement
CreateEventW
SetEvent
ResetEvent
WaitForSingleObject
ReleaseSemaphore
VirtualFree
lstrcmpW
GetCurrentProcess
CreateSemaphoreW
VirtualAlloc
FreeLibrary
SetThreadPriority
CreateThread
GetVersionExW
DisableThreadLibraryCalls
lstrlenW
lstrlenA
GetModuleFileNameA
InterlockedExchange
GetProcAddress
GetModuleHandleW
GetTickCount
InterlockedCompareExchange
Sleep
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
HeapReAlloc
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

shell32

SHGetSpecialFolderPathW

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/ir41_32.ax
.dll regsvr32 windows:4 windows x86 arch:x86

1927d0db3b7884104ff5f0a44713b4b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

DefDriverProc
timeGetTime

kernel32

CreateSemaphoreA
CloseHandle
GlobalReAlloc
OutputDebugStringA
UnmapViewOfFile
OpenFileMappingA
GetSystemInfo
ReleaseSemaphore
WaitForSingleObject
MultiByteToWideChar
DeleteCriticalSection
GetCommandLineA
GetLastError
EnterCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
LeaveCriticalSection
lstrlenA
GetModuleFileNameA
InitializeCriticalSection
Sleep
InterlockedIncrement
InterlockedDecrement
VirtualAlloc
VirtualFree
GetModuleHandleA
GetACP
GetVersion
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetVersionExA
TlsAlloc
TlsFree
SetLastError
TlsGetValue
DisableThreadLibraryCalls
WideCharToMultiByte
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
HeapFree
HeapAlloc
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
HeapDestroy
LCMapStringA
LCMapStringW
HeapReAlloc
HeapSize
FlushFileBuffers
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
SetFilePointer
MapViewOfFile
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
IsBadReadPtr
LocalHandle
LocalUnlock
LocalFree
LocalAlloc
LocalLock
CreateFileMappingA
HeapCreate
TlsSetValue
IsBadCodePtr
RaiseException

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

LoadStringA
MessageBoxA
DialogBoxParamA
SetDlgItemInt
GetDlgItemTextA
IsRectEmpty
GetDlgItemInt
IsDlgButtonChecked
SetWindowLongA
GetWindowLongA
CheckDlgButton
SendMessageA
GetDlgItem
EnableWindow
ShowWindow
EndDialog
CheckRadioButton
SetDlgItemTextA
PostMessageA
EndPaint
GetWindowRect
LoadBitmapA
BeginPaint
WinHelpA
ReleaseDC
wsprintfA
wvsprintfA
CreateDialogParamA
MoveWindow
InvalidateRect
DestroyWindow
DefWindowProcA
LoadStringW
GetDesktopWindow
GetDC

gdi32

GetSystemPaletteEntries
DeleteDC
BitBlt
CreateCompatibleDC
SelectObject
GetObjectA

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

AboutDialogProc
ConfigureDialogProc
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
DriverDialogProc
DriverProc

Sections

.text
Size: 467KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/mmflvmux.ax
.dll regsvr32 windows:4 windows x86 arch:x86

25aa678a22a9c450874bd35c93db3435

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
FlushFileBuffers
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
HeapSize
WriteFile
HeapCreate
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GetModuleHandleA
GlobalAddAtomW
GlobalFlags
WritePrivateProfileStringW
GetCurrentProcessId
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
ConvertDefaultLocale
GetModuleFileNameW
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
GlobalDeleteAtom
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
DisableThreadLibraryCalls
SetErrorMode
CreateThread
GetProcAddress
GetVersionExW
GetCurrentThread
GetModuleHandleW
GetModuleFileNameA
GetLastError
lstrlenW
lstrlenA
GetCurrentThreadId
CreateEventW
VirtualAlloc
lstrcmpW
VirtualFree
GetCurrentProcess
CloseHandle
WaitForMultipleObjects
ResetEvent
InterlockedExchange
GetTickCount
SetEvent
WaitForSingleObject
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LockResource
MultiByteToWideChar
SizeofResource
WideCharToMultiByte
LoadResource
FindResourceW
HeapDestroy

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
CallWindowProcW
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
UnregisterClassA
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetDlgCtrlID
GetClassNameW
PtInRect
SetCursor
SetMenuItemBitmaps
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetWindowTextW
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
SendMessageW
GetKeyState
GetCursorPos
ValidateRect
UnhookWindowsHookEx
PostMessageW
SetWindowPos
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowRect
GetDesktopWindow
LoadStringW
RegisterWindowMessageW
PeekMessageW
DispatchMessageW
DestroyWindow
InvalidateRect
GetWindowLongW
SetWindowLongW
ShowWindow
CreateDialogParamW
DefWindowProcW
MoveWindow
SetTimer
KillTimer
GetDlgItem
SetWindowTextW
GetMenuCheckMarkDimensions
GrayStringW

gdi32

DeleteDC
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
PtVisible

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegQueryValueW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/mmx264.ax
.dll regsvr32 windows:4 windows x86 arch:x86

d3e7b5cc057915e01866a3e529014a8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pthreadvc2

pthread_cond_destroy
pthread_mutex_destroy
pthread_cond_broadcast
pthread_mutex_unlock
pthread_cond_wait
pthread_mutex_lock
pthread_num_processors_np
pthread_create
pthread_join
pthread_cond_init
pthread_mutex_init

kernel32

GetModuleHandleA
GlobalFlags
CompareStringW
GlobalAddAtomW
GetVersionExA
LoadLibraryA
GlobalFindAtomW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
MoveFileA
RaiseException
RtlUnwind
HeapReAlloc
ExitProcess
HeapSize
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
WritePrivateProfileStringW
GetThreadLocale
GetCurrentProcessId
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalDeleteAtom
ConvertDefaultLocale
GetModuleFileNameW
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
WideCharToMultiByte
IsDBCSLeadByteEx
Sleep
SetErrorMode
DisableThreadLibraryCalls
lstrlenW
lstrlenA
MultiByteToWideChar
GetModuleFileNameA
GetVersionExW
GetLastError
GetCurrentThread
InterlockedExchange
GetTickCount
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryW
InterlockedDecrement
CreateSemaphoreW
ReleaseSemaphore
CloseHandle
VirtualAlloc
VirtualFree
GetCurrentThreadId
WaitForSingleObject
InterlockedIncrement
GetCurrentProcess
lstrcmpW
LockResource
FindResourceW
LoadResource
SizeofResource
GetSystemInfo
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteFileA
IsDebuggerPresent

user32

DestroyMenu
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindow
GetDlgCtrlID
GetClassNameW
PtInRect
ClientToScreen
GrayStringW
UnregisterClassA
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetParent
GetLastActivePopup
IsWindowEnabled
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
UnhookWindowsHookEx
PostMessageW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowRect
LoadStringW
GetDesktopWindow
DefWindowProcW
GetWindowLongW
LoadIconW
WinHelpW
GetCapture
GetWindowPlacement
GetClassLongW
CreateDialogParamW
MoveWindow
InvalidateRect
DestroyWindow
ShowWindow
SetWindowLongW
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
SetWindowTextW
SendMessageW
MessageBoxW
GetWindowTextW
KillTimer
SetTimer
GetDlgItem
EnableWindow
GetWindowThreadProcessId
DrawTextExW

gdi32

ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
TextOutW
GetStockObject
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
RectVisible
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
PtVisible

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegSetValueW
RegEnumKeyExW
RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueW

shlwapi

PathFindExtensionW
PathFindFileNameW

ole32

StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 864KB - Virtual size: 861KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/mp4demux.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bc54721f72d90d45f75f6f91ea250efb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
ResetEvent
InterlockedDecrement
CreateThread
CloseHandle
GetCurrentThreadId
InterlockedIncrement
InterlockedExchange
CreateEventW
GetProcAddress
GetTickCount
GetLastError
GetVersionExW
lstrcmpW
SetEvent
VirtualFree
GetCurrentProcess
VirtualAlloc
FreeLibrary
lstrlenW
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
CreateFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
WideCharToMultiByte
HeapFree
GetStringTypeA
Sleep
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetVersionExA
HeapAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetCPInfo
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
HeapReAlloc
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetLocaleInfoW

user32

SetRect

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/mp4mux.ax
.dll regsvr32 windows:4 windows x86 arch:x86

46e0fb3c586c85f97271f499acba27e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
lstrlenA
lstrlenW
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetVersionExW
DisableThreadLibraryCalls
lstrcmpW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
GetCurrentProcess
InterlockedIncrement
CreateSemaphoreW
VirtualAlloc
FreeLibrary
InterlockedExchange
GetProcAddress
GetTickCount
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
CreateFileA
WriteConsoleW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsValidLocale
GetCurrentThreadId
HeapFree
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoA
GetProcessHeap
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCommandLineA
GetVersionExA
HeapAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetCPInfo
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
HeapReAlloc
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA

user32

SetRect
IsRectEmpty

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW

ole32

CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2

oleaut32

SysAllocString
SysFreeString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/mp4v.dll
.dll windows:4 windows x86 arch:x86

030a353bc87d0e0fdf976987b755ae8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\src\datatype_rn\rm\video\codec\g2mp4combo\mp4v.pdb

Imports

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryA
SetErrorMode
FreeLibrary
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
ExitProcess
GetSystemTimeAsFileTime

msvcr71

sprintf
tolower
isupper
strncpy
_stricmp
strchr
memmove
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__security_error_handler
malloc
??2@YAPAXI@Z
free
_purecall
??3@YAXPAX@Z
_putenv

Exports

Exports

PNCodec_Close
PNCodec_GetMediaFormats
PNCodec_GetUIName
PNCodec_GetVersion
PNCodec_Input
PNCodec_Open
PNCodec_PreferredMediaFormat
PNCodec_QueryMediaFormat
PNCodec_StreamOpen
PNStream_Close
PNStream_GetIPNUnknown
PNStream_GetInputBufferSize
PNStream_GetProperty
PNStream_GetStreamHeader
PNStream_GetStreamHeaderSize
PNStream_Input
PNStream_OpenSettingsBox
PNStream_PostProcess
PNStream_ReleaseFrame
PNStream_SetDataCallback
PNStream_SetOutputPacketSize
PNStream_SetProperty
SetDLLAccessPath
_PNCodec_GetIPNUnknown@4

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/14_43260.dll
.dll windows:4 windows x86 arch:x86

10cc1c83f991b066cba98aa471df4e60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

free
_iob
fprintf
_onexit
_adjust_fdiv
__dllonexit
strrchr
malloc
_CIpow
??3@YAXPAX@Z
_initterm
memmove
sprintf
strchr
atol
??2@YAPAXI@Z
_purecall
calloc

advapi32

RegQueryValueA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegCloseKey

user32

LoadStringA

kernel32

GetModuleFileNameA
LoadLibraryA
FreeLibrary

Exports

Exports

RACloseCodec
RADecode
RAEncode
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetFlavorProperty
RAGetNumberOfFlavors
RAInitDecoder
RAInitEncoder
RAOpenCodec2
RASetFlavor

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/28_83260.dll
.dll windows:4 windows x86 arch:x86

3fde72e769c2ba8f88c009f3828dd015

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

atol
_adjust_fdiv
malloc
memmove
_ftol
_purecall
strchr
_initterm
_onexit
__dllonexit
sprintf
free
??2@YAPAXI@Z
strrchr
??3@YAXPAX@Z

advapi32

RegCloseKey
RegEnumKeyA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA

user32

LoadStringA

kernel32

GetModuleFileNameA
FreeLibrary
LoadLibraryA

Exports

Exports

RACloseCodec
RADecode
RAEncode
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetFlavorProperty
RAGetNumberOfFlavors
RAInitDecoder
RAInitEncoder
RAOpenCodec2
RASetFlavor

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/amrn.dll
.dll windows:4 windows x86 arch:x86

50e39fe3221cb763784a4da9ebd4893a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

free
fprintf
_iob
??3@YAXPAX@Z
??2@YAPAXI@Z
malloc
_initterm
_adjust_fdiv
_purecall
memmove

kernel32

DisableThreadLibraryCalls

Exports

Exports

RACreateDecoderInstance

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/atrc.dll
.dll windows:4 windows x86 arch:x86

5132cde9ac8899a69f40dfaacc320c4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_ftol
??3@YAXPAX@Z
memmove
calloc
free
malloc
_CIpow
floor
??2@YAPAXI@Z
_assert
_except_handler3
_purecall
_initterm
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/cook.dll
.dll windows:4 windows x86 arch:x86

7186ef18b8145b9efacd73914d40cee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

free
??3@YAXPAX@Z
memmove
_purecall
_CIpow
malloc
??2@YAPAXI@Z
_ftol
_initterm
_adjust_fdiv

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/cook3260.dll
.dll windows:4 windows x86 arch:x86

7186ef18b8145b9efacd73914d40cee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

free
??3@YAXPAX@Z
memmove
_purecall
_CIpow
malloc
??2@YAPAXI@Z
_ftol
_initterm
_adjust_fdiv

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/dnet3260.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

RACloseCodec
RADecode
RAEncode
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetFlavorProperty
RAGetNumberOfFlavors
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetFlavor
SetDLLAccessPath

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/drv1.dll
.dll windows:4 windows x86 arch:x86

232d11e71e9db2c13e39696149eba4f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

printf
putchar
free
_ftol
_iob
calloc
malloc
_initterm
_adjust_fdiv
fprintf

kernel32

DisableThreadLibraryCalls

Exports

Exports

GetGUID
GetRV10DecParams
RV10toRGB3Alloc
RV10toRGB3Free
RV10toRGB3Init
RV10toRGB3Transform
RV10toYUVPostMove
RV10toYUVPostfilter
RV10toYUVTemporalInterp
RV10toYUVTemporalSetup
RV10toYUVTransform
SetRV10DecParams

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 829B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/drv2.dll
.dll windows:4 windows x86 arch:x86

44586b56c5dcc55b19268bed59258786

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_initterm
_ftol
free
__CxxFrameHandler
malloc
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_adjust_fdiv

kernel32

DisableThreadLibraryCalls
GetSystemInfo

advapi32

RegOpenKeyExA
RegCloseKey

Exports

Exports

GetGUID
RV20toYUV420CustomMessage
RV20toYUV420Free
RV20toYUV420HiveMessage
RV20toYUV420Init
RV20toYUV420Transform
RV20toYUV420_RN_FRU_Free
RV20toYUV420_RN_FRU_GetFrame
RV20toYUV420_RN_FRU_Init
RV20toYUV420_RN_FRU_Setup

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IACODE2
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IACODE1
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MMXCODE1
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MMXDATA1
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/drvc.dll
.dll windows:4 windows x86 arch:x86

5d841dc9603dda4e7058b842c1dedbfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

__CxxFrameHandler
memmove
_ftol
_purecall
malloc
free
??3@YAXPAX@Z
_initterm
_adjust_fdiv
_beginthreadex
??2@YAPAXI@Z

kernel32

WaitForMultipleObjects
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetPrivateProfileIntA
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetSystemInfo
CreateEventA
QueryPerformanceCounter
SetEvent
QueryPerformanceFrequency
ResetEvent

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

?GetGUID@@YGJPAE@Z
RV40toYUV420CustomMessage
RV40toYUV420Free
RV40toYUV420HiveMessage
RV40toYUV420Init
RV40toYUV420Transform

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/helixprodctrl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a8071b46ee93c5b4b766b5d5cba224ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
CreateMutexA
CloseHandle
GetCurrentThreadId
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
Sleep
InterlockedExchange
GetProcAddress
LoadLibraryA
GetModuleHandleA
WaitForSingleObject
CreateEventA
GetCurrentDirectoryA
SetEvent
WaitForMultipleObjects
ResetEvent
CreateThread
GetExitCodeThread
TerminateThread
FreeLibrary
WideCharToMultiByte
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
HeapDestroy
MultiByteToWideChar
GetModuleFileNameA
lstrlenA
FlushInstructionCache
GetShortPathNameA
GetLastError
LocalFree
SetErrorMode
GetCurrentProcess
lstrlenW
ReleaseMutex

oleaut32

SafeArrayCreate
SystemTimeToVariantTime
SysFreeString
SetErrorInfo
OleCreatePropertyFrame
RegisterTypeLi
SysAllocString
LoadTypeLi
VariantClear
SafeArrayPutElement
VariantInit
CreateErrorInfo
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
LoadRegTypeLi

user32

GetWindowLongA
CallWindowProcA
LoadStringA
GetDC
SetWindowLongA
CharNextA
ReleaseDC
DestroyWindow
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetKeyState
InvalidateRect
SetFocus
IsWindow
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
CreateWindowExA
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
DefWindowProcA
ShowWindow
IntersectRect

advapi32

RegOpenKeyExA
RegQueryValueA

ole32

CoTaskMemAlloc
CoInitializeEx
CoUnmarshalInterface
ProgIDFromCLSID
CoReleaseMarshalData
CreateStreamOnHGlobal
GetHGlobalFromStream
CoMarshalInterface
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemFree
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoCreateInstance

gdi32

RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

msvcrt

_CxxThrowException
malloc
isupper
tolower
_itoa
localtime
memmove
_ftol
strchr
_splitpath
strrchr
sprintf
wcslen
_fullpath
_snprintf
strncmp
sscanf
strncpy
free
abort
_stricmp
realloc
_purecall
??2@YAPAXI@Z
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__CxxFrameHandler
_putenv
_strnicmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/helixprodctrl4.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a8071b46ee93c5b4b766b5d5cba224ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
CreateMutexA
CloseHandle
GetCurrentThreadId
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
Sleep
InterlockedExchange
GetProcAddress
LoadLibraryA
GetModuleHandleA
WaitForSingleObject
CreateEventA
GetCurrentDirectoryA
SetEvent
WaitForMultipleObjects
ResetEvent
CreateThread
GetExitCodeThread
TerminateThread
FreeLibrary
WideCharToMultiByte
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
HeapDestroy
MultiByteToWideChar
GetModuleFileNameA
lstrlenA
FlushInstructionCache
GetShortPathNameA
GetLastError
LocalFree
SetErrorMode
GetCurrentProcess
lstrlenW
ReleaseMutex

oleaut32

SafeArrayCreate
SystemTimeToVariantTime
SysFreeString
SetErrorInfo
OleCreatePropertyFrame
RegisterTypeLi
SysAllocString
LoadTypeLi
VariantClear
SafeArrayPutElement
VariantInit
CreateErrorInfo
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantChangeType
LoadRegTypeLi

user32

GetWindowLongA
CallWindowProcA
LoadStringA
GetDC
SetWindowLongA
CharNextA
ReleaseDC
DestroyWindow
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetKeyState
InvalidateRect
SetFocus
IsWindow
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
CreateWindowExA
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
DefWindowProcA
ShowWindow
IntersectRect

advapi32

RegOpenKeyExA
RegQueryValueA

ole32

CoTaskMemAlloc
CoInitializeEx
CoUnmarshalInterface
ProgIDFromCLSID
CoReleaseMarshalData
CreateStreamOnHGlobal
GetHGlobalFromStream
CoMarshalInterface
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemFree
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoCreateInstance

gdi32

RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreateDCA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

msvcrt

_CxxThrowException
malloc
isupper
tolower
_itoa
localtime
memmove
_ftol
strchr
_splitpath
strrchr
sprintf
wcslen
_fullpath
_snprintf
strncmp
sscanf
strncpy
free
abort
_stricmp
realloc
_purecall
??2@YAPAXI@Z
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
__CxxFrameHandler
_putenv
_strnicmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/pncrt.dll
.dll windows:4 windows x86 arch:x86

828907b7a8ec04c9c4031e40ef2f76ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapReAlloc
HeapValidate
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
GetLocaleInfoA
GetLocaleInfoW
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
GetSystemTime
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
SetUserHeapAlloc
SetUserHeapCalloc
SetUserHeapFree
SetUserHeapReAlloc
SetUserHeapSize
SetUserHeapValidate
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtHeapAlloc
_CrtHeapCalloc
_CrtHeapFree
_CrtHeapReAlloc
_CrtHeapSize
_CrtHeapValidate
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/raac.dll
.dll windows:4 windows x86 arch:x86

2569b16af6a5e82c06ef6aed87f5e148

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

??2@YAPAXI@Z
memmove
_CxxThrowException
calloc
free
malloc
exp
fputs
printf
pow
??3@YAXPAX@Z
__CxxFrameHandler
strncpy
log10
atan
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?terminate@@YAXXZ
_iob
log
_purecall
_except_handler3

kernel32

DisableThreadLibraryCalls
IsBadReadPtr

Exports

Exports

RACloseCodec
RACreateDecoderInstance
RACreateEncoderInstance
RADecode
RAFlush
RAFreeDecoder
RAGetBackend
RAGetFlavorProperty
RAGetGUID
RAInitDecoder
RAOpenCodec2
RASetComMode

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/ralf.dll
.dll windows:4 windows x86 arch:x86

ca3cf2dadfa161c51320288930144294

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

malloc
free
??3@YAXPAX@Z
??2@YAPAXI@Z
_ftol
_adjust_fdiv
_purecall
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

RACreateDecoderInstance
RACreateEncoderInstance

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/real/sipr.dll
.dll windows:4 windows x86 arch:x86

ab44f666347fdcd438ddb88f10cba053

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

frexp
??3@YAXPAX@Z
strncpy
_purecall
_ftol
rand
_CIpow
ldexp
??2@YAPAXI@Z
_CIacos
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
RASetPwd
_RAGetNumberOfFlavors2@4

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/vp7dec.ax
.dll regsvr32 windows:4 windows x86 arch:x86

81264cb0bc73710829255ea94441d901

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

GetSystemInfo
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
FreeLibrary
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetVersionExA
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetACP
InterlockedExchange
GetTickCount
CloseHandle
CompareStringW
CompareStringA
HeapSize
ReadFile
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
VirtualProtect
GetCurrentProcessId
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
CreateFileA
SetFilePointer
VirtualQuery
SetStdHandle
GetCPInfo
GetOEMCP
FlushFileBuffers
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
WriteFile
UnhandledExceptionFilter
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
QueryPerformanceCounter
QueryPerformanceFrequency
RtlUnwind
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle

user32

wvsprintfA
wsprintfA
IsRectEmpty
SendMessageA
GetDlgItem
SendDlgItemMessageA
SetDlgItemInt
CheckDlgButton
SetDlgItemTextA
GetDesktopWindow
GetWindowRect
LoadStringW
LoadStringA
GetWindowLongA
DefWindowProcA
DestroyWindow
ShowWindow
InvalidateRect
MoveWindow
CreateDialogParamA
SetWindowLongA
GetDlgItemInt

advapi32

RegEnumKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoTaskMemFree
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
StringFromGUID2
CoTaskMemAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/vp8decoder.dll
.dll regsvr32 windows:5 windows x86 arch:x86

8f73a92e24486315fea5ecb28ffeb341

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\src\dll\webmdshow\Release\vp8decoder.pdb

Imports

kernel32

GetModuleFileNameW
QueryPerformanceCounter
QueryPerformanceFrequency
CreateEventW
WaitForSingleObject
ReadFile
SetEvent
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
InterlockedDecrement
Sleep
InterlockedIncrement
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
SetStdHandle
GetConsoleMode
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapAlloc
RtlUnwind
ExitThread
CreateThread
HeapReAlloc
RaiseException
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP

user32

SetRectEmpty

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

ole32

CoWaitForMultipleHandles
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleRun
StringFromGUID2

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

shlwapi

SHDeleteKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/webmsource.dll
.dll regsvr32 windows:5 windows x86 arch:x86

f9afc54dad0af33f503764984b982e5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\src\dll\webmdshow\Release\webmsource.pdb

Imports

kernel32

GetModuleFileNameW
SetFilePointerEx
ReadFile
CreateEventW
GetFileSizeEx
WaitForSingleObject
Sleep
SetEvent
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
InterlockedDecrement
CreateFileW
InterlockedIncrement
GetProcessHeap
CreateFileA
GetModuleHandleA
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteConsoleW
GetFileType
GetStdHandle
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
HeapAlloc
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetModuleFileNameA
ExitProcess
LoadLibraryW
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FlushFileBuffers

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

ole32

CoWaitForMultipleHandles
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleRun
StringFromGUID2

shlwapi

SHDeleteKeyW

user32

SetRectEmpty

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/webmsplit.dll
.dll regsvr32 windows:5 windows x86 arch:x86

ca30abfbb60ab546fc91c1cf213d1506

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\src\dll\webmdshow\Release\webmsplit.pdb

Imports

kernel32

GetModuleFileNameW
GetSystemInfo
WaitForSingleObject
CreateEventW
ResetEvent
WaitForMultipleObjects
SetEvent
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
InterlockedDecrement
Sleep
InterlockedIncrement
GetProcessHeap
FlushFileBuffers
CreateFileA
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
MultiByteToWideChar
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
HeapAlloc
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

ole32

CoWaitForMultipleHandles
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleRun
StringFromGUID2

shlwapi

SHDeleteKeyW

user32

SetRectEmpty

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/wm/mfplat.dll
.dll windows:6 windows x86 arch:x86

3fd147b0452b46798f75232ddc859db8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\DOCUME~1\bld4act\LOCALS~1\Temp\Hpolaris\optPolaris\baseline\mfplat.pdb

Imports

msvcrt

wcsrchr
memmove
_wcsicmp
swscanf
_vsnwprintf
_purecall
memcpy
memset
calloc
free
strtoul
strchr
rand
ungetc
_ultow
_beginthreadex
srand
_unlock
__dllonexit
_lock
_onexit
isdigit
isxdigit
mbtowc
__mb_cur_max
isleadbyte
localeconv
_iob
_snprintf
_itoa
wctomb
malloc
iswctype
_errno
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
wcstombs
realloc
__badioinfo
__pioinfo
_read
_fileno
_lseeki64
_write
_isatty

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
OutputDebugStringA
RegisterWaitForSingleObject
GetOverlappedResult
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
GetComputerNameExW
GetSystemDirectoryA
LoadLibraryA
GetTempPathW
QueueUserWorkItem
SetFilePointer
SetEndOfFile
GetFileAttributesExW
CreateFileW
GetFullPathNameW
GetVolumePathNameW
GetDiskFreeSpaceW
GetDriveTypeW
WriteFile
ReadFile
VirtualFree
VirtualAlloc
FlushFileBuffers
lstrlenW
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
SetEvent
WaitForSingleObject
GetLastError
CreateEventW
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
DebugBreak
MultiByteToWideChar
HeapAlloc
GetProcessHeap
HeapFree
GetSystemInfo
WaitForSingleObjectEx
HeapSize
CreateSemaphoreW
InterlockedExchange
ReleaseSemaphore
GetCurrentThreadId
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetVersionExW
ResetEvent
GetVersion
GetFileSize

advapi32

RegOpenKeyW
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
RegEnumValueW
CryptGenRandom
CryptAcquireContextA
CryptReleaseContext
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
TraceMessage
TraceEvent
UnregisterTraceGuids
GetTraceEnableFlags

user32

GetSystemMetrics

ws2_32

WSAEventSelect
socket
getpeername
getsockname
getsockopt
ntohl
WSACleanup
WSAEnumNetworkEvents
shutdown
listen
setsockopt
bind
ioctlsocket
closesocket
WSASetLastError
getservbyport
ntohs
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
WSAGetLastError
inet_addr
WSAStartup
gethostbyname

ole32

CoInitializeEx
CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
CLSIDFromString
CoCreateFreeThreadedMarshaler
PropVariantCopy
CoUnmarshalInterface
CreateStreamOnHGlobal
CoMarshalInterface
GetHGlobalFromStream
PropVariantClear
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysFreeString
SysStringByteLen
SysAllocString
VariantChangeType

shlwapi

PathCreateFromUrlW
UrlCreateFromPathW
UrlUnescapeW

Exports

Exports

CopyPropVariant
CreatePropVariant
CreatePropertyStore
DestroyPropVariant
FormatTagFromWfx
LFGetGlobalPool
MFAddPeriodicCallback
MFAllocateWorkQueue
MFAppendCollection
MFAverageTimePerFrameToFrameRate
MFBeginCreateFile
MFBeginGetHostByName
MFBeginRegisterWorkQueueWithMMCSS
MFBeginUnregisterWorkQueueWithMMCSS
MFBlockThread
MFCalculateBitmapImageSize
MFCalculateImageSize
MFCancelCreateFile
MFCancelWorkItem
MFCompareFullToPartialMediaType
MFCompareSockaddrAddresses
MFCreateAMMediaTypeFromMFMediaType
MFCreateAlignedMemoryBuffer
MFCreateAsyncResult
MFCreateAttributes
MFCreateAudioMediaType
MFCreateCollection
MFCreateEventQueue
MFCreateFile
MFCreateGuid
MFCreateLegacyMediaBufferOnMFMediaBuffer
MFCreateMFVideoFormatFromMFMediaType
MFCreateMediaBufferWrapper
MFCreateMediaEvent
MFCreateMediaType
MFCreateMediaTypeFromRepresentation
MFCreateMemoryBuffer
MFCreateMemoryStream
MFCreatePathFromURL
MFCreatePresentationDescriptor
MFCreateSample
MFCreateSocket
MFCreateSocketListener
MFCreateStreamDescriptor
MFCreateSystemTimeSource
MFCreateSystemUnderlyingClock
MFCreateTempFile
MFCreateURLFromPath
MFCreateUdpSockets
MFCreateWaveFormatExFromMFMediaType
MFDeserializeAttributesFromStream
MFDeserializeEvent
MFDeserializeMediaTypeFromStream
MFDeserializePresentationDescriptor
MFEndCreateFile
MFEndGetHostByName
MFEndRegisterWorkQueueWithMMCSS
MFEndUnregisterWorkQueueWithMMCSS
MFFrameRateToAverageTimePerFrame
MFFreeAdaptersAddresses
MFGetAdaptersAddresses
MFGetAttributesAsBlob
MFGetAttributesAsBlobSize
MFGetConfigurationDWORD
MFGetConfigurationPolicy
MFGetConfigurationStore
MFGetConfigurationString
MFGetIoPortHandle
MFGetNumericNameFromSockaddr
MFGetPlatform
MFGetPrivateWorkqueues
MFGetRandomNumber
MFGetSockaddrFromNumericName
MFGetSystemTime
MFGetTimerPeriodicity
MFGetWorkQueueMMCSSClass
MFGetWorkQueueMMCSSTaskId
MFHeapAlloc
MFHeapFree
MFInitAMMediaTypeFromMFMediaType
MFInitAttributesFromBlob
MFInitMediaTypeFromAMMediaType
MFInitMediaTypeFromMFVideoFormat
MFInitMediaTypeFromMPEG1VideoInfo
MFInitMediaTypeFromMPEG2VideoInfo
MFInitMediaTypeFromVideoInfoHeader
MFInitMediaTypeFromVideoInfoHeader2
MFInitMediaTypeFromWaveFormatEx
MFInvokeCallback
MFIsQueueThread
MFJoinIoPort
MFLockPlatform
MFLockWorkQueue
MFPlatformBigEndian
MFPlatformLittleEndian
MFPutWorkItem
MFPutWorkItemEx
MFRecordError
MFRemovePeriodicCallback
MFScheduleWorkItem
MFScheduleWorkItemEx
MFSerializeAttributesToStream
MFSerializeEvent
MFSerializeMediaTypeToStream
MFSerializePresentationDescriptor
MFSetSockaddrAny
MFShutdown
MFStartup
MFStreamDescriptorProtectMediaType
MFTEnum
MFTGetInfo
MFTRegister
MFTUnregister
MFTraceError
MFTraceFuncEnter
MFUnblockThread
MFUnlockPlatform
MFUnlockWorkQueue
MFUnwrapMediaType
MFValidateMediaTypeSize
MFWrapMediaType
MFllMulDiv
PropVariantFromStream
PropVariantToStream
ValidateWaveFormat

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Codecs/wm/qasf.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 68KB

.rsrc Size: 140KB - Virtual size: 140KB

0b1774cb051ef877e6a935fdc476b44d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

19:9d:f8:8eCertificate

Key Usages

14:32:23:ca:92:d1:51Certificate

Extended Key Usages

Key Usages

3dCertificate

Key Usages

01Certificate

Key Usages

1f:a4:83:7b:51:a7:e6:ee:73:0d:49:91:1c:43:03:0b:6d:42:fb:c3Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 14KB - Virtual size: 16KB

099c0646ea7282d232219f8807883be0

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3aCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 68KB

.rsrc
Size: 140KB - Virtual size: 140KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

19:9d:f8:8e
Certificate

14:32:23:ca:92:d1:51
Certificate

3d
Certificate

01
Certificate

1f:a4:83:7b:51:a7:e6:ee:73:0d:49:91:1c:43:03:0b:6d:42:fb:c3
Signer

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 14KB - Virtual size: 16KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 15KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 24KB - Virtual size: 20KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate