38e4f2a4a8ca1387c1a0268891b8b3f6_JaffaCakes118

resource
38e4f2a4a8ca1387c1a0268891b8b3f6_JaffaCakes118
unpack001/$PLUGINSDIR/Base64.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/bin/KwModLocalMusic.dll

resource	yara_rule
sample	nsis_installer_1

.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathA

GetShortPathNameA

GetFullPathNameA

MoveFileA

SetCurrentDirectoryA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

Sleep

CreateFileA

GetFileSize

GetModuleFileNameA

GetTickCount

GetCurrentProcess

SetFileTime

ExitProcess

GetCommandLineA

GetWindowsDirectoryA

GetTempPathA

lstrcpynA

GetDiskFreeSpaceA

GlobalUnlock

GlobalLock

CreateThread

CreateProcessA

RemoveDirectoryA

GetTempFileNameA

lstrlenA

lstrcatA

GetSystemDirectoryA

CloseHandle

lstrcmpiA

lstrcmpA

GetEnvironmentVariableA

ExpandEnvironmentStringsA

GlobalFree

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

SetErrorMode

GetModuleHandleA

LoadLibraryA

GetProcAddress

FreeLibrary

MultiByteToWideChar

WritePrivateProfileStringA

GetPrivateProfileStringA

WriteFile

ReadFile

SetFilePointer

FindClose

MulDiv

FindNextFileA

FindFirstFileA

DeleteFileA

CopyFileA

user32

ExitWindowsEx

CharNextA

DialogBoxParamA

GetClassInfoA

SystemParametersInfoA

RegisterClassA

EndDialog

SetClassLongA

IsWindowEnabled

SetWindowPos

GetSysColor

CheckDlgButton

GetAsyncKeyState

IsDlgButtonChecked

GetMessagePos

LoadBitmapA

IsWindowVisible

CloseClipboard

SetClipboardData

EmptyClipboard

OpenClipboard

CreateDialogParamA

AppendMenuA

CreatePopupMenu

GetSystemMetrics

SetDlgItemTextA

GetDlgItemTextA

MessageBoxA

CharPrevA

wvsprintfA

DispatchMessageA

PeekMessageA

SendMessageTimeoutA

FindWindowExA

IsWindow

GetDlgItem

LoadImageA

GetDC

EnableWindow

InvalidateRect

CreateWindowExA

GetWindowLongA

DrawFocusRect

DestroyWindow

SetTimer

SetWindowTextA

PostQuitMessage

SetForegroundWindow

ShowWindow

TrackPopupMenu

wsprintfA

SendMessageA

CallWindowProcA

MapWindowPoints

GetWindowRect

ScreenToClient

PtInRect

LoadCursorA

SetCursor

DefWindowProcA

BeginPaint

GetClientRect

FillRect

DrawTextA

EndPaint

SetWindowLongA

gdi32

SetBkColor

GetDeviceCaps

GetCurrentObject

GetObjectA

DeleteObject

CreateBrushIndirect

CreateFontIndirectA

SetBkMode

SetTextColor

SelectObject

shell32

SHGetMalloc

SHGetPathFromIDListA

SHBrowseForFolderA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

SHGetSpecialFolderLocation

advapi32

RegEnumKeyA

RegEnumValueA

RegSetValueExA

RegCreateKeyExA

RegOpenKeyExA

RegDeleteKeyA

RegDeleteValueA

RegCloseKey

RegQueryValueExA

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 448KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$1

$APPDATA/kuwo/Conf/p2pconf/setup.xml

.xml

$PLUGINSDIR/Base64.dll

.dll windows:4 windows x86 arch:x86

472def3d6dc5d4ffe27376a831b4d49b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalFree

lstrcpyA

lstrcpynA

GlobalAlloc

GetCommandLineA

GetVersion

ExitProcess

TerminateProcess

GetCurrentProcess

GetCurrentThreadId

TlsSetValue

TlsAlloc

TlsFree

TlsGetValue

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

DeleteCriticalSection

GetModuleFileNameA

FreeEnvironmentStringsA

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStrings

GetEnvironmentStringsW

HeapDestroy

HeapCreate

VirtualFree

HeapFree

WriteFile

MultiByteToWideChar

GetStringTypeA

GetStringTypeW

InitializeCriticalSection

EnterCriticalSection

LeaveCriticalSection

HeapAlloc

GetCPInfo

GetACP

GetOEMCP

VirtualAlloc

HeapReAlloc

GetProcAddress

LoadLibraryA

RtlUnwind

LCMapStringA

LCMapStringW

Exports

Decrypt

Encrypt

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/InstallOptions.dll

.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA

GetCurrentDirectoryA

GetPrivateProfileIntA

GetModuleHandleA

lstrcmpiA

GetPrivateProfileStringA

lstrcatA

lstrcpynA

WritePrivateProfileStringA

lstrlenA

lstrcpyA

GlobalFree

MultiByteToWideChar

GlobalAlloc

user32

GetDlgCtrlID

GetClientRect

SetWindowRgn

MapWindowPoints

LoadImageA

SetWindowLongA

CreateWindowExA

MapDialogRect

SetWindowPos

GetWindowRect

CreateDialogParamA

ShowWindow

EnableWindow

GetDlgItem

DestroyIcon

DestroyWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

PtInRect

LoadCursorA

SetCursor

DrawTextA

GetWindowLongA

DrawFocusRect

CallWindowProcA

PostMessageA

MessageBoxA

CharNextA

wsprintfA

GetWindowTextA

SetWindowTextA

SendMessageA

LoadIconA

gdi32

SetTextColor

GetObjectA

SelectObject

GetDIBits

CreateRectRgn

CombineRgn

DeleteObject

CreateCompatibleDC

shell32

SHGetPathFromIDListA

SHBrowseForFolderA

SHGetDesktopFolder

SHGetMalloc

ShellExecuteA

comdlg32

GetOpenFileNameA

GetSaveFileNameA

CommDlgExtendedError

Exports

dialog

initDialog

show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/KillProcDLL.dll

.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess

CloseHandle

OpenProcess

FreeLibrary

LoadLibraryA

GetProcAddress

GetVersionExA

GlobalFree

lstrcpyA

InterlockedDecrement

InterlockedIncrement

GetCommandLineA

GetVersion

HeapFree

HeapAlloc

WideCharToMultiByte

MultiByteToWideChar

LCMapStringA

LCMapStringW

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

ExitProcess

GetCurrentProcess

HeapReAlloc

HeapSize

GetCurrentThreadId

TlsSetValue

TlsAlloc

TlsFree

TlsGetValue

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

GetModuleFileNameA

FreeEnvironmentStringsA

FreeEnvironmentStringsW

GetEnvironmentStrings

GetEnvironmentStringsW

HeapDestroy

HeapCreate

VirtualFree

WriteFile

VirtualAlloc

RtlUnwind

GetCPInfo

GetStringTypeA

GetStringTypeW

GetACP

GetOEMCP

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/KuWoNsis_new.dll

.dll windows:4 windows x86 arch:x86

188422af675275317874dcc96bd6779b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

82:a9:0e:fd:70:19:36:42:1e:aa:52:c6:0a:24:de:35:61:c4:fb:b1
Signer

Actual PE Digest

82:a9:0e:fd:70:19:36:42:1e:aa:52:c6:0a:24:de:35:61:c4:fb:b1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\KwProjects\NsisPlugin\KuWoNsis\Release\KuWoNsis.pdb

Imports

kernel32

GetLogicalDriveStringsA

GetDiskFreeSpaceExA

GlobalFree

lstrcpyA

lstrcpynA

GlobalAlloc

FindClose

FindFirstFileA

MoveFileExA

GetLogicalDrives

FindNextFileA

GetVersionExA

CreateDirectoryA

MoveFileA

SetFileTime

LocalFileTimeToFileTime

SystemTimeToFileTime

GetLocalTime

GetDriveTypeA

CreateFileA

CloseHandle

DeleteFileA

DeviceIoControl

RtlUnwind

RaiseException

GetSystemTimeAsFileTime

GetCommandLineA

HeapAlloc

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetLastError

HeapFree

OutputDebugStringA

GetProcAddress

GetModuleHandleA

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

InterlockedDecrement

GetCurrentThreadId

ExitProcess

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

DeleteCriticalSection

GetModuleFileNameA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

HeapDestroy

HeapCreate

VirtualFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

LeaveCriticalSection

EnterCriticalSection

VirtualAlloc

HeapReAlloc

WriteFile

HeapSize

SetFilePointer

GetConsoleCP

GetConsoleMode

GetCPInfo

GetACP

GetOEMCP

Sleep

LoadLibraryA

InitializeCriticalSection

GetModuleHandleW

SetStdHandle

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

MultiByteToWideChar

LCMapStringA

LCMapStringW

GetStringTypeA

GetStringTypeW

GetLocaleInfoA

FlushFileBuffers

VirtualProtect

GetSystemInfo

VirtualQuery

advapi32

BuildExplicitAccessWithNameA

SetEntriesInAclA

SetNamedSecurityInfoA

GetNamedSecurityInfoA

Exports

AddDirAccessRights

AddRegAccessRights

CreateCachePath

GetInstallDate

ModifyCacheFileAsNow

RenameDeletePathAllFiles

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

lstrcpyA

lstrcpynA

FreeLibrary

lstrcatA

GetProcAddress

LoadLibraryA

GetModuleHandleA

MultiByteToWideChar

lstrlenA

WideCharToMultiByte

GetLastError

VirtualAlloc

VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/inetc.dll

.dll windows:4 windows x86 arch:x86

5d31a4a9e83c0a8e38bab1f57d28402c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

msvcrt

strtoul

_adjust_fdiv

malloc

_initterm

free

_mbsrchr

memset

_mbsstr

_mbschr

strtol

strlen

kernel32

DeleteFileA

CreateThread

WaitForSingleObject

TerminateThread

GetModuleHandleA

MulDiv

lstrcpyA

GlobalAlloc

LoadLibraryA

GetProcAddress

lstrcmpiA

WriteFile

ReadFile

lstrlenA

lstrcmpA

lstrcpynA

GetLastError

CreateFileA

GlobalFree

CloseHandle

SleepEx

SetFilePointer

GetTickCount

lstrcatA

GetFileSize

user32

MessageBoxA

GetParent

ShowWindow

PostMessageA

SetWindowTextA

IsWindow

SendMessageA

GetDlgItem

SetDlgItemTextA

SendDlgItemMessageA

SetWindowPos

SystemParametersInfoA

GetClientRect

GetWindowRect

SetTimer

LoadIconA

SetWindowLongA

GetWindowLongA

UpdateWindow

DestroyWindow

KillTimer

RedrawWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

EnableWindow

CreateDialogParamA

FindWindowExA

wsprintfA

GetWindowTextA

wininet

HttpSendRequestA

HttpSendRequestExA

HttpQueryInfoA

InternetCloseHandle

InternetErrorDlg

InternetSetFilePointer

InternetQueryOptionA

HttpAddRequestHeadersA

InternetSetOptionA

HttpOpenRequestA

FtpCreateDirectoryA

FtpOpenFileA

InternetGetLastResponseInfoA

HttpEndRequestA

InternetConnectA

InternetCrackUrlA

InternetOpenA

InternetReadFile

InternetWriteFile

comctl32

ord17

Exports

get

head

post

put

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ioSpecial.ini

$PLUGINSDIR/modern-header.bmp

$PLUGINSDIR/modern-wizard.bmp

EncodeBnd.exe

.exe windows:4 windows x86 arch:x86

78f160eb7866ebc0f1481a827449de0a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d1:06:8e:5f:61:29:ec:3e:62:b3:93:ef:f4:e6:91:01:8d:8a:3b:0d
Signer

Actual PE Digest

d1:06:8e:5f:61:29:ec:3e:62:b3:93:ef:f4:e6:91:01:8d:8a:3b:0d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\working\2804\CommonLib\prj\Encode\Release\Encode.pdb

Imports

kernel32

GetTickCount

TerminateThread

WaitForSingleObject

GetExitCodeThread

lstrcpynA

CloseHandle

CreateThread

ResetEvent

SetEvent

GetSystemInfo

VirtualProtect

ReadFile

SetEndOfFile

LoadLibraryA

GetStringTypeW

GetStringTypeA

GetLocaleInfoA

LCMapStringW

MultiByteToWideChar

LCMapStringA

CreateFileA

InitializeCriticalSection

SetFilePointer

VirtualQuery

RtlUnwind

RaiseException

GetModuleHandleA

GetCommandLineA

GetVersionExA

ExitProcess

HeapAlloc

HeapFree

HeapReAlloc

TlsAlloc

SetLastError

GetCurrentThreadId

GetLastError

TlsFree

TlsSetValue

TlsGetValue

GetProcAddress

SetUnhandledExceptionFilter

EnterCriticalSection

LeaveCriticalSection

WriteFile

FlushFileBuffers

DeleteCriticalSection

TerminateProcess

GetCurrentProcess

GetStdHandle

GetModuleFileNameA

UnhandledExceptionFilter

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

SetHandleCount

GetFileType

GetStartupInfoA

HeapDestroy

HeapCreate

VirtualFree

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

VirtualAlloc

IsBadWritePtr

HeapSize

IsBadReadPtr

IsBadCodePtr

GetACP

GetOEMCP

GetCPInfo

SetStdHandle

InterlockedExchange

ws2_32

inet_addr

gethostbyname

WSACloseEvent

shutdown

closesocket

WSASend

WSARecv

WSAWaitForMultipleEvents

WSAGetOverlappedResult

WSAResetEvent

select

bind

listen

WSASocketA

setsockopt

WSAGetLastError

ioctlsocket

WSAStartup

WSACleanup

htons

htonl

WSACreateEvent

connect

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

KwMusic.exe

.exe windows:5 windows x86 arch:x86

d37436deaf839aaae619193b8b8393aa

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

18:d2:4b:fb:f7:8f:84:01:28:be:d1:91:b3:92:c5:6f:b8:03:f4:a6
Signer

Actual PE Digest

18:d2:4b:fb:f7:8f:84:01:28:be:d1:91:b3:92:c5:6f:b8:03:f4:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle

GetPrivateProfileStringA

WritePrivateProfileStringA

FindFirstFileA

FindClose

GetModuleFileNameA

CreateProcessA

FlushFileBuffers

RaiseException

RtlUnwind

GetCommandLineA

GetStartupInfoA

HeapAlloc

GetLastError

HeapFree

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

GetModuleHandleW

GetProcAddress

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

GetCurrentThreadId

InterlockedDecrement

Sleep

HeapSize

ExitProcess

WriteFile

GetStdHandle

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

SetHandleCount

GetFileType

DeleteCriticalSection

HeapCreate

VirtualFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

LeaveCriticalSection

EnterCriticalSection

VirtualAlloc

HeapReAlloc

SetFilePointer

GetConsoleCP

GetConsoleMode

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

LoadLibraryA

InitializeCriticalSectionAndSpinCount

SetStdHandle

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

MultiByteToWideChar

LCMapStringA

LCMapStringW

GetStringTypeA

GetStringTypeW

GetLocaleInfoA

CreateFileA

user32

MessageBoxA

advapi32

RegOpenKeyExA

RegSetValueExA

RegCreateKeyExA

RegCloseKey

RegQueryValueExA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 565KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

bin/CKuwoPlayer.dll

.dll windows:5 windows x86 arch:x86

cc3290c3217d058fcd1a545829056489

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b2:79:5a:8b:82:75:70:e2:71:f5:ca:b9:49:ba:5f:15:c5:79:51:01
Signer

Actual PE Digest

b2:79:5a:8b:82:75:70:e2:71:f5:ca:b9:49:ba:5f:15:c5:79:51:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\Projects\501全面发布\KwResource\bin\release\pdb\CKuwoPlayer.pdb

Imports

winmm

timeEndPeriod

timeGetDevCaps

timeBeginPeriod

mfc90

ord266

ord1062

ord798

ord1144

ord265

ord1607

ord310

ord601

ord800

ord5997

ord605

ord1278

ord321

ord1243

ord1241

ord1268

ord1180

ord1233

ord2084

ord391

ord1152

ord1277

ord1275

ord1145

ord1075

ord1137

ord322

ord801

ord1087

msvcr90

__clean_type_info_names_internal

_except_handler4_common

_purecall

__CxxFrameHandler3

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

??1exception@std@@UAE@XZ

??0exception@std@@QAE@XZ

_invalid_parameter_noinfo

_CxxThrowException

??0exception@std@@QAE@ABV01@@Z

atoi

atof

strncpy

iswspace

sprintf

_crt_debugger_hook

memset

_msize

?_type_info_dtor_internal_method@type_info@@QAEXXZ

?terminate@@YAXXZ

_CIcos

_CIsin

__CppXcptFilter

_adjust_fdiv

_amsg_exit

_initterm_e

_initterm

_encoded_null

free

_malloc_crt

_decode_pointer

_onexit

_lock

_encode_pointer

__dllonexit

_unlock

_vscprintf

vsprintf

tolower

strncmp

fprintf

fopen

fread

fclose

strrchr

_stat64

strstr

_mbsrchr

toupper

memcpy

_snprintf

memmove_s

_CIsqrt

_CIlog10

_stricmp

kernel32

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

InterlockedCompareExchange

InterlockedExchange

LocalAlloc

LocalFree

GetFileAttributesA

CreateProcessA

WaitForSingleObject

FindNextFileA

FindClose

GetModuleFileNameA

QueryPerformanceCounter

CreateThread

TerminateThread

CloseHandle

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSection

Sleep

GetLastError

GetCurrentThreadId

GetWindowsDirectoryA

LoadLibraryA

GetProcAddress

FreeLibrary

DeleteCriticalSection

GetSystemTimeAsFileTime

GetTickCount

FindFirstFileA

GetCurrentProcessId

user32

CreateWindowExA

GetMessageA

PostMessageA

RegisterClassA

IsChild

TranslateMessage

DispatchMessageA

PostQuitMessage

DefWindowProcA

MessageBoxA

CopyRect

DestroyWindow

GetParent

gdi32

GetStockObject

shlwapi

PathFileExistsA

ole32

CoUninitialize

msvcp90

?uncaught_exception@std@@YA_NXZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?good@ios_base@std@@QBE_NXZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ

?width@ios_base@std@@QAEHH@Z

??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z

??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ

??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z

?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z

?eof@?$char_traits@D@std@@SAHXZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?flags@ios_base@std@@QBEHXZ

?width@ios_base@std@@QBEHXZ

??7ios_base@std@@QBE_NXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwdatadef

??0SONG_INFO@@QAE@XZ

?Init@SONG_INFO@@QAEXXZ

??1SONG_INFO@@QAE@XZ

kwmodconfig

AfxGetConfigManager

Exports

CreateKuwoPlayer

GetKuwoPlayerMediaPluginConfig

GetMeidaPluginManagerFactory

ReleaseKuwoPlayer

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

bin/CWmpPlayer.dll

.dll windows:5 windows x86 arch:x86

ffa030b08ed1f9b091f130d76d941a26

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:85:72:65:88:dc:f4:8c:f4:e8:71:40:c0:97:93:9c:13:a0:86:33
Signer

Actual PE Digest

1d:85:72:65:88:dc:f4:8c:f4:e8:71:40:c0:97:93:9c:13:a0:86:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\Projects\501全面发布\KwResource\bin\release\pdb\CWmpPlayer.pdb

Imports

mfc90

ord3346

ord796

ord1728

ord2069

ord744

ord3732

ord524

ord4513

ord4529

ord4030

ord2795

ord5139

ord4688

ord1729

ord6446

ord5668

ord5666

ord958

ord963

ord967

ord965

ord969

ord2610

ord2630

ord2614

ord2620

ord2618

ord2616

ord2633

ord2628

ord2612

ord2635

ord2623

ord2605

ord2607

ord6391

ord2375

ord2368

ord1644

ord6784

ord4160

ord6782

ord3671

ord5389

ord6356

ord3218

ord1446

ord5608

ord2139

ord1792

ord1791

ord5633

ord2766

ord2978

ord3107

ord4714

ord2961

ord3135

ord2769

ord2888

ord2759

ord3277

ord4066

ord4067

ord4057

ord2886

ord4334

ord4895

ord4667

ord595

ord3940

ord4281

ord1755

ord1752

ord4331

ord1497

ord4650

ord5585

ord2074

ord5497

ord4589

ord6780

ord2625

ord5647

ord1746

ord3949

ord2592

ord798

ord2470

ord800

msvcr90

_stricmp

__clean_type_info_names_internal

_except_handler4_common

_crt_debugger_hook

?_type_info_dtor_internal_method@type_info@@QAEXXZ

?terminate@@YAXXZ

__CppXcptFilter

_adjust_fdiv

_amsg_exit

_initterm_e

_initterm

_encoded_null

free

_malloc_crt

_decode_pointer

_onexit

_lock

_encode_pointer

__dllonexit

_unlock

strrchr

memset

_mbsicmp

_mbsstr

_mbsnbcpy

memmove_s

??0exception@std@@QAE@ABV01@@Z

_CxxThrowException

_invalid_parameter_noinfo

_purecall

__CxxFrameHandler3

??0exception@std@@QAE@XZ

??1exception@std@@UAE@XZ

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@ABQBD@Z

_strnicmp

kernel32

GetCurrentProcess

GetLastError

lstrlenW

MultiByteToWideChar

WaitForSingleObject

GetSystemTimeAsFileTime

GetCurrentProcessId

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

DisableThreadLibraryCalls

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

WideCharToMultiByte

TerminateProcess

InterlockedCompareExchange

Sleep

InterlockedExchange

GetWindowsDirectoryA

CreateFileA

CloseHandle

lstrcpyA

lstrcatA

CreateProcessA

user32

ShowWindow

IsWindow

EnableWindow

GetParent

KillTimer

SetTimer

GetClientRect

GetWindowRect

CopyRect

oleaut32

SysFreeString

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

?CreateMediaAudioPlayer@@YAPAVIMediaAudioPlayer@@XZ

?CreateMediaVideoPlayer@@YAPAVIMediaVideoPlayer@@XZ

?ReleaseMediaAudioPlayer@@YAXPAVIMediaAudioPlayer@@@Z

?ReleaseMediaVideoPlayer@@YAXPAVIMediaVideoPlayer@@@Z

CreateWmpPlayer

ReleaseWmpPlayer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

bin/CoreAVC0.ax

.dll regsvr32 windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

92:c8:5c:3a:53:e1:48:67:69:9a:2c:04:95:b0:a0:31:37:1d:57:a4
Signer

Actual PE Digest

92:c8:5c:3a:53:e1:48:67:69:9a:2c:04:95:b0:a0:31:37:1d:57:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Exports

Configure

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.
Size: - Virtual size: 788KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

bin/DshowPlayer.dll

.dll windows:5 windows x86 arch:x86

51011157c8eff9ae62263977212e0b44

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d6:84:85:eb:b8:8a:2e:04:b2:41:b8:74:fa:3c:7b:7b:35:90:82:dc
Signer

Actual PE Digest

d6:84:85:eb:b8:8a:2e:04:b2:41:b8:74:fa:3c:7b:7b:35:90:82:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\Projects\501全面发布\KwResource\bin\release\pdb\DshowPlayer.pdb

Imports

mfc90

ord4199

ord2087

ord3209

ord5657

ord5659

ord2447

ord800

ord4333

ord4981

ord5663

ord5646

ord6001

ord2766

ord2978

ord3107

ord4714

ord2961

ord3110

ord5813

ord944

ord2759

ord4477

ord4067

ord4057

ord2886

ord4334

ord4890

ord4667

ord3659

ord589

ord4029

ord310

ord2480

ord820

ord5963

ord4392

ord817

ord945

ord6721

ord5533

ord1046

ord4165

ord6018

ord2206

ord2251

ord4733

ord6781

ord4159

ord6783

ord4409

ord4434

ord2769

ord3213

ord305

ord2888

ord316

ord1087

ord801

ord5997

ord1603

ord4197

ord4066

ord6613

ord3178

ord910

ord1611

ord601

ord798

ord793

ord605

ord1278

ord321

ord1243

ord1241

ord1268

ord1180

ord1233

ord2084

ord391

ord1152

ord1277

ord1275

ord1145

ord1075

ord1137

ord322

msvcr90

__clean_type_info_names_internal

_crt_debugger_hook

?_type_info_dtor_internal_method@type_info@@QAEXXZ

__CppXcptFilter

_adjust_fdiv

_amsg_exit

_initterm_e

_initterm

_encoded_null

free

_malloc_crt

_except_handler4_common

_decode_pointer

_onexit

_lock

_encode_pointer

__dllonexit

_unlock

_CIlog10

strstr

memset

__CxxFrameHandler3

_purecall

?terminate@@YAXXZ

kernel32

FreeLibrary

MultiByteToWideChar

CloseHandle

WaitForSingleObject

LoadLibraryA

GetProcAddress

GetCurrentProcess

GetSystemTimeAsFileTime

GetCurrentProcessId

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetVersionExA

TerminateProcess

InterlockedCompareExchange

Sleep

InterlockedExchange

LocalAlloc

LocalFree

GetLastError

GetModuleFileNameA

GetWindowsDirectoryA

CreateProcessA

user32

CreateWindowExA

GetMessageA

TranslateMessage

DispatchMessageA

PostQuitMessage

DefWindowProcA

GetParent

SendMessageA

CallWindowProcA

SetWindowLongA

GetClientRect

GetDC

ReleaseDC

RegisterClassA

gdi32

GetStockObject

shlwapi

PathFileExistsA

ole32

CoUninitialize

CoInitialize

CoCreateInstance

oleaut32

VariantInit

VariantClear

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwmodconfig

AfxGetConfigManager

Exports

GetDshowPlayer

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

bin/Encode.exe

.exe windows:5 windows x86 arch:x86

da51d131c2d14a263ced57385b829735

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a7:9f:1c:81:96:85:4d:6e:17:22:b4:d3:79:a5:91:52:37:e5:18:29
Signer

Actual PE Digest

a7:9f:1c:81:96:85:4d:6e:17:22:b4:d3:79:a5:91:52:37:e5:18:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\MusicBoxV5\Main\KwResource\bin\release\pdb\Encode.pdb

Imports

kernel32

FreeLibrary

GetProcAddress

LoadLibraryA

FlushFileBuffers

CloseHandle

CreateFileA

WriteConsoleW

GetConsoleOutputCP

RaiseException

RtlUnwind

GetCommandLineA

HeapAlloc

GetLastError

HeapFree

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

GetModuleHandleW

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

GetCurrentThreadId

InterlockedDecrement

Sleep

HeapSize

ExitProcess

WriteFile

GetStdHandle

GetModuleFileNameA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

SetHandleCount

GetFileType

GetStartupInfoA

DeleteCriticalSection

HeapCreate

VirtualFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

LeaveCriticalSection

EnterCriticalSection

VirtualAlloc

HeapReAlloc

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

SetFilePointer

GetConsoleCP

GetConsoleMode

InitializeCriticalSectionAndSpinCount

GetLocaleInfoA

GetStringTypeA

MultiByteToWideChar

GetStringTypeW

LCMapStringA

LCMapStringW

SetStdHandle

WriteConsoleA

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwlib

?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?GetUserID@UserId@KwLib@@YA_NQADH@Z

?GetInstallSRC@UserId@KwLib@@YA_NQADH@Z

?Base64Encode@Base64@KwLib@@YAHPADPBDH1@Z

kwmodconfig

AfxGetConfigManager

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

bin/KwAni.dll

.dll windows:5 windows x86 arch:x86

42f0a66ccc29a28cd542a63f4ad4eb08

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9d:0b:18:bb:e4:7e:ba:cc:cb:57:80:c2:e9:fb:b0:8e:c7:f6:c1:1b
Signer

Actual PE Digest

9d:0b:18:bb:e4:7e:ba:cc:cb:57:80:c2:e9:fb:b0:8e:c7:f6:c1:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\Projects\501全面发布\KwResource\bin\release\pdb\KwAni.pdb

Imports

kernel32

GetCurrentProcessId

CreateToolhelp32Snapshot

Thread32First

Thread32Next

lstrcpyA

WideCharToMultiByte

FindResourceA

LoadResource

SizeofResource

SetLastError

GetLastError

lstrlenA

MultiByteToWideChar

LocalFree

FormatMessageA

GetModuleFileNameA

LocalAlloc

LeaveCriticalSection

TlsGetValue

EnterCriticalSection

GlobalReAlloc

GlobalHandle

InitializeCriticalSection

FreeResource

TlsSetValue

LocalReAlloc

DeleteCriticalSection

TlsFree

InterlockedDecrement

FreeLibrary

CompareStringA

GetModuleHandleW

InterlockedIncrement

GlobalGetAtomNameA

lstrcmpA

CloseHandle

GetCurrentThreadId

LoadLibraryA

ReadFile

WriteFile

SetFilePointer

FlushFileBuffers

SetEndOfFile

GetCurrentProcess

CreateFileA

GlobalAddAtomA

GlobalFlags

GetVersionExA

lstrcmpW

GlobalDeleteAtom

GlobalFindAtomA

GetLocaleInfoA

GetCPInfo

GetOEMCP

TerminateProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

RaiseException

RtlUnwind

GetCommandLineA

HeapAlloc

HeapFree

VirtualAlloc

VirtualQuery

HeapReAlloc

HeapSize

Sleep

ExitProcess

GetStdHandle

GetACP

IsValidCodePage

LCMapStringA

LCMapStringW

SetHandleCount

GetFileType

GetStartupInfoA

GetStringTypeA

GetStringTypeW

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

HeapCreate

HeapDestroy

VirtualFree

QueryPerformanceCounter

GetTickCount

GetSystemTimeAsFileTime

InitializeCriticalSectionAndSpinCount

GetConsoleCP

GetConsoleMode

SetStdHandle

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

GetProcessHeap

CompareStringW

SetEnvironmentVariableA

WriteProcessMemory

VirtualProtectEx

VirtualQueryEx

ReadProcessMemory

lstrcmpiW

LockResource

IsBadCodePtr

GetModuleHandleA

GetProcAddress

IsBadReadPtr

GlobalLock

GlobalUnlock

GlobalFree

TlsAlloc

GlobalAlloc

user32

MapWindowPoints

GetMessagePos

GetMessageTime

GetTopWindow

GetForegroundWindow

GetCapture

WinHelpA

LoadIconA

RegisterWindowMessageA

PostQuitMessage

TabbedTextOutA

DrawTextA

DrawTextExA

GrayStringA

DestroyMenu

GetMenu

SystemParametersInfoA

IsIconic

GetWindowPlacement

GetMenuCheckMarkDimensions

LoadBitmapA

ModifyMenuA

EnableMenuItem

CheckMenuItem

GetClassInfoExA

GetDlgItem

GetFocus

GetWindow

GetDlgCtrlID

GetClassNameA

SetWindowTextA

SetWindowsHookExA

CallNextHookEx

DispatchMessageA

GetKeyState

PeekMessageA

GetWindowTextA

GetSystemMetrics

GetSysColor

GetSysColorBrush

UnhookWindowsHookEx

GetWindowThreadProcessId

GetLastActivePopup

IsWindowEnabled

EnableWindow

MessageBoxA

GetMenuState

GetMenuItemID

GetMenuItemCount

SetRect

GetLayeredWindowAttributes

GetWindowLongA

DefWindowProcA

GetCursorPos

SetMenu

SetForegroundWindow

SetMenuItemBitmaps

EqualRect

SetCapture

ReleaseCapture

CopyRect

GetUpdateRect

GetClientRect

GetClassInfoA

RegisterClassA

AdjustWindowRectEx

ValidateRect

MoveWindow

WindowFromPoint

SetLayeredWindowAttributes

GetWindowRect

GetActiveWindow

ShowWindow

UpdateLayeredWindow

BeginPaint

EndPaint

SetPropA

IsWindow

CallWindowProcA

SendMessageA

SetClassLongA

LoadCursorA

InvalidateRect

TrackMouseEvent

PostMessageA

SetWindowLongA

RegisterClassExA

SetTimer

CreateWindowExA

GetClassLongA

PtInRect

ClientToScreen

IsWindowVisible

ReleaseDC

GetDC

GetDesktopWindow

GetPropA

GetParent

RemovePropA

SetWindowPos

DestroyWindow

ScreenToClient

WindowFromDC

IntersectRect

OffsetRect

GetSubMenu

gdi32

CreateBitmap

GetClipBox

SaveDC

RestoreDC

SetStretchBltMode

SetMapMode

PtVisible

RectVisible

Escape

OffsetViewportOrgEx

SetViewportExtEx

ExtSelectClipRgn

CreateRectRgnIndirect

GetStockObject

DeleteDC

DeleteObject

SelectObject

CreateDIBSection

CreateCompatibleDC

BitBlt

ExtTextOutA

SetBkColor

CombineRgn

CreateRectRgn

SetDIBitsToDevice

GetObjectA

GetCurrentObject

StretchBlt

CreateFontIndirectA

LineTo

MoveToEx

CreatePen

TextOutA

SetTextColor

SetBkMode

GetBkMode

GetTextExtentPoint32A

GetTextExtentExPointA

ScaleViewportExtEx

RealizePalette

GetDIBits

SetWindowExtEx

ScaleWindowExtEx

SetViewportOrgEx

GetDeviceCaps

shell32

SHCreateDirectoryExA

ShellExecuteA

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

VariantClear

VariantChangeType

VariantInit

msimg32

TransparentBlt

AlphaBlend

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA

winmm

timeKillEvent

timeSetEvent

oleacc

CreateStdAccessibleObject

LresultFromObject

dbghelp

ImageDirectoryEntryToData

winspool.drv

ClosePrinter

DocumentPropertiesA

OpenPrinterA

Exports

KwAni

Sections

.text
Size: 478KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

bin/KwCommonUI.dll

.dll windows:5 windows x86 arch:x86

1c275135fb6b3bebe8b59802530851a4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ac:ba:d7:34:81:2c:08:6b:7b:28:42:44:d8:7a:dc:f7:34:47:00:dd
Signer

Actual PE Digest

ac:ba:d7:34:81:2c:08:6b:7b:28:42:44:d8:7a:dc:f7:34:47:00:dd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\Projects\501全面发布\KwResource\bin\release\pdb\KwCommonUI.pdb

Imports

mfc90

ord6473

ord3676

ord6057

ord6474

ord6675

ord3965

ord2449

ord321

ord2452

ord2451

ord1303

ord1258

ord6682

ord6676

ord2505

ord6494

ord6153

ord781

ord1222

ord1265

ord320

ord4617

ord3796

ord3506

ord491

ord3126

ord5965

ord4807

ord4792

ord729

ord3049

ord3076

ord2154

ord1368

ord1259

ord4281

ord6464

ord6788

ord2692

ord5482

ord2356

ord5152

ord1220

ord4502

ord6646

ord3940

ord3996

ord799

ord1098

ord1746

ord2795

ord721

ord1867

ord1866

ord1751

ord5745

ord1401

ord1391

ord2342

ord6290

ord6289

ord2359

ord4383

ord6583

ord6556

ord4528

ord6252

ord2895

ord4114

ord6558

ord4515

ord4512

ord2965

ord3728

ord6006

ord6430

ord3418

ord4279

ord6433

ord4282

ord2246

ord2125

ord1744

ord1745

ord3227

ord4890

ord3485

ord474

ord801

ord4296

ord1764

ord1763

ord6597

ord5574

ord5593

ord1879

ord1739

ord4865

ord2638

ord2639

ord2642

ord2641

ord2640

ord5639

ord683

ord4536

ord2194

ord1380

ord4535

ord5382

ord4918

ord5367

ord5064

ord5386

ord5476

ord5224

ord4771

ord5127

ord5215

ord5385

ord4784

ord4783

ord4693

ord5213

ord5369

ord4604

ord4927

ord5393

ord4889

ord4940

ord5392

ord5264

ord4912

ord4775

ord4846

ord5472

ord4972

ord5341

ord4931

ord4930

ord5334

ord4095

ord4851

ord4850

ord5209

ord4608

ord5199

ord4796

ord5403

ord4575

ord4582

ord5001

ord5194

ord4793

ord4808

ord4806

ord4788

ord4791

ord4786

ord5281

ord5278

ord4364

ord3345

ord6390

ord5584

ord3670

ord1444

ord5599

ord2964

ord4679

ord430

ord3819

ord3757

ord1868

ord1869

ord1536

ord3213

ord305

ord6613

ord1611

ord2691

ord1152

ord391

ord1241

ord3987

ord4993

ord1490

ord4507

ord5997

ord5615

ord5309

ord2208

ord1810

ord1809

ord1678

ord3344

ord6388

ord1496

ord5636

ord4668

ord374

ord639

ord2364

ord3783

ord2896

ord6670

ord2360

ord1720

ord3643

ord4384

ord2283

ord4646

ord777

ord3920

ord2274

ord1668

ord4638

ord3480

ord611

ord404

ord5520

ord3179

ord5753

ord1555

ord5835

ord663

ord2523

ord452

ord3657

ord5926

ord2954

ord2948

ord3636

ord400

ord2084

ord1069

ord5771

ord3856

ord306

ord6802

ord5761

ord3143

ord301

ord6148

ord4477

ord2481

ord945

ord942

ord941

ord2327

ord5963

ord4506

ord2480

ord4392

ord5876

ord4337

ord6791

ord5750

ord1247

ord3579

ord3223

ord2263

ord6077

ord585

ord1724

ord1588

ord2700

ord787

ord6554

ord4437

ord2591

ord1361

ord2130

ord4498

ord2282

ord3568

ord1144

ord6152

ord6493

ord4236

ord1329

ord1108

ord1178

ord3845

ord757

ord3620

ord553

ord4026

ord4386

ord3153

ord4157

ord3151

ord3159

ord6329

ord2590

ord790

ord4757

ord3931

ord586

ord789

ord820

ord1045

ord6760

ord2097

ord4513

ord5063

ord3997

ord333

ord525

ord6078

ord4396

ord5179

ord3678

ord3730

ord4248

ord6291

ord6333

ord3157

ord3148

ord3731

ord1699

ord3056

ord1681

ord5808

ord2753

ord6046

ord6552

ord6043

ord6546

ord4565

ord6549

ord6352

ord6166

ord6084

ord5957

ord6023

ord5846

ord5833

ord6398

ord6157

ord3504

ord693

ord2280

ord4644

ord3244

ord3554

ord654

ord3519

ord4527

ord3612

ord1603

ord3831

ord6079

ord6527

ord6616

ord677

ord2278

ord1771

ord1685

ord4642

ord3277

ord265

ord3815

ord1254

ord300

ord4030

ord3665

ord367

ord2141

ord2469

ord6507

ord636

ord6559

ord2100

ord1691

ord595

ord310

ord436

ord266

ord6557

ord337

ord613

ord6584

ord1116

ord4529

ord2143

ord4116

ord4311

ord6170

ord6048

ord2431

ord2470

ord6071

ord3346

ord6391

ord1755

ord1752

ord4331

ord1497

ord4650

ord2074

ord5497

ord6780

ord4589

ord5647

ord3732

ord5139

ord4688

ord1729

ord6446

ord5668

ord5666

ord958

ord963

ord967

ord965

ord969

ord2610

ord2630

ord2614

ord2620

ord2618

ord2616

ord2633

ord2628

ord2612

ord2635

ord2623

ord2605

ord2607

ord2625

ord2375

ord2368

ord1644

ord6784

ord4160

ord6782

ord3671

ord5389

ord6356

ord3218

ord1446

ord5608

ord2139

ord1792

ord1791

ord1728

ord5633

ord2766

ord2978

ord3107

ord4714

ord2961

ord3135

ord2769

ord2888

ord2759

ord4066

ord4067

ord4057

ord2886

ord4334

ord4895

ord4667

ord3663

ord686

ord796

ord2592

ord3178

ord6074

ord1357

ord3627

ord3477

ord2588

ord3528

ord1358

ord3479

ord2106

ord316

ord2539

ord910

ord1183

ord601

ord3534

ord1137

ord1061

ord1252

ord1087

ord3726

ord798

ord5585

ord4760

ord2587

ord2069

ord590

ord794

ord524

ord744

ord817

ord580

msvcr90

memset

?_type_info_dtor_internal_method@type_info@@QAEXXZ

__clean_type_info_names_internal

_crt_debugger_hook

__CppXcptFilter

_amsg_exit

_initterm_e

_initterm

_encoded_null

_malloc_crt

_decode_pointer

_onexit

_lock

_encode_pointer

__dllonexit

_unlock

?terminate@@YAXXZ

_except_handler4_common

sprintf_s

_stricmp

_time64

_vswprintf_c_l

_beginthreadex

_CIsin

_mbsicmp

fopen

fseek

ftell

fclose

fread

_snprintf

atoi

_mbsstr

strcat_s

ldiv

__RTDynamicCast

malloc

free

_CIcos

memcpy

memmove_s

strcpy_s

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@ABQBD@Z

memcpy_s

_invalid_parameter_noinfo

??0exception@std@@QAE@ABV01@@Z

_CxxThrowException

??0exception@std@@QAE@XZ

??1exception@std@@UAE@XZ

__CxxFrameHandler3

_purecall

strncpy_s

_adjust_fdiv

kernel32

lstrcmpiA

lstrlenA

MultiByteToWideChar

WideCharToMultiByte

GetCPInfo

GlobalFree

GlobalUnlock

GlobalLock

GlobalAlloc

MapViewOfFile

CreateFileMappingA

CreateFileA

GetTickCount

FreeLibrary

GetWindowsDirectoryA

lstrcpyA

WinExec

lstrcatA

Sleep

OutputDebugStringA

HeapFree

GetProcessHeap

HeapAlloc

MulDiv

GlobalReAlloc

GetCurrentDirectoryA

LocalFree

FormatMessageA

GetModuleFileNameA

CloseHandle

FlushFileBuffers

WriteFile

SizeofResource

WaitForSingleObject

ResetEvent

SetEvent

ResumeThread

CreateEventA

VirtualProtect

InterlockedExchange

InterlockedCompareExchange

TerminateProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

LoadResource

LockResource

FreeResource

GetVersion

GetCurrentThreadId

GetLastError

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

FindResourceA

GetVersionExA

GetProcAddress

GetModuleHandleA

FlushInstructionCache

GetCurrentProcess

LoadLibraryA

SetLastError

user32

GrayStringA

DrawTextExA

DrawTextA

TabbedTextOutA

GetParent

GetFocus

GetUpdateRect

ScreenToClient

FillRect

DestroyIcon

GetDC

ReleaseDC

DrawIconEx

GetIconInfo

GetSysColor

GetCursorPos

CallNextHookEx

InflateRect

EqualRect

SetWindowsHookExA

ReleaseCapture

LoadCursorA

GetSysColorBrush

RegisterClassExA

EnableWindow

SetCapture

GetCapture

KillTimer

SetTimer

RedrawWindow

InvalidateRect

GetClientRect

SetWindowRgn

PostMessageA

SendMessageA

DrawFrameControl

CopyRect

SetRectEmpty

PtInRect

IsRectEmpty

UnhookWindowsHookEx

ClientToScreen

OffsetRect

IntersectRect

SystemParametersInfoA

IsIconic

GetWindowPlacement

GetWindowRect

GetSystemMetrics

IsWindow

ModifyMenuA

RemoveMenu

GetDesktopWindow

GetMenuItemInfoA

LoadImageA

MessageBoxA

WindowFromPoint

GetNextDlgGroupItem

DrawFocusRect

IsWindowVisible

SetLayeredWindowAttributes

CopyIcon

UpdateWindow

GetMessagePos

MessageBeep

CopyImage

DefWindowProcA

CallWindowProcA

GetWindow

GetClassNameA

GetDlgCtrlID

MoveWindow

AdjustWindowRectEx

EndPaint

BeginPaint

CheckMenuItem

EnableMenuItem

GetWindowDC

EnableScrollBar

GetScrollInfo

GetScrollPos

GetScrollRange

SetScrollInfo

SetScrollPos

SetScrollRange

ShowScrollBar

GetPropA

SetWindowPos

RemovePropA

CreateWindowExA

SetPropA

FrameRect

WindowFromDC

MapWindowPoints

GetKeyState

ChildWindowFromPoint

DestroyWindow

ShowWindow

RegisterClassA

SetCursor

GetAsyncKeyState

SetWindowLongA

GetWindowLongA

LoadBitmapA

SetRect

DrawEdge

CreateMenu

CreatePopupMenu

DeleteMenu

AppendMenuA

GetMenuItemCount

GetMenuItemID

GetMenuState

InsertMenuA

GetSubMenu

gdi32

SaveDC

SetStretchBltMode

RestoreDC

Polygon

IntersectClipRect

SetWindowOrgEx

PlayEnhMetaFile

CreatePatternBrush

SetBrushOrgEx

CreateBitmap

UnrealizeObject

CreateFontW

GetTextMetricsA

SetBkColor

GetCurrentObject

RoundRect

GetTextColor

GetTextExtentPointA

CreateICA

ExtCreateRegion

GetDIBits

CreateDIBitmap

CreateHalftonePalette

StretchDIBits

SelectPalette

RealizePalette

CreatePalette

GetTextExtentPoint32W

SetPixel

PatBlt

Rectangle

Ellipse

GetBkMode

GetDeviceCaps

CreateHatchBrush

CreatePen

SetBkMode

SetTextColor

SelectClipRgn

DeleteDC

GetPixel

GetDCOrgEx

GetClipBox

GetStockObject

CreateSolidBrush

CreateFontIndirectA

GetObjectA

CreateCompatibleBitmap

CreateRectRgn

CreatePolygonRgn

CombineRgn

EqualRgn

OffsetRgn

CreateCompatibleDC

FrameRgn

StretchBlt

DeleteObject

CreateFontA

BitBlt

CreateDIBSection

GetTextExtentPoint32A

PtVisible

RectVisible

ExtTextOutA

Escape

SelectObject

TextOutA

msimg32

TransparentBlt

advapi32

RegQueryValueExA

RegOpenKeyExA

RegQueryValueA

RegCloseKey

shell32

SHBrowseForFolderA

SHGetPathFromIDListA

SHGetMalloc

ShellExecuteA

DragQueryFileA

comctl32

_TrackMouseEvent

InitCommonControlsEx

ImageList_GetIconSize

ole32

CreateStreamOnHGlobal

CoCreateInstance

oleaut32

SysStringByteLen

SysAllocStringByteLen

SysAllocStringLen

VariantCopy

VariantClear

SysFreeString

VariantInit

OleLoadPicture

kwlib

?EndWith@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

?Format@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ

?Trim@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z

?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

??1_MUSICINFO@KwLib@@QAE@XZ

?GetFileSize@Dir@KwLib@@YAHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z

?GetFileExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

?GetFileNameWithoutExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

?QueryMIInfo@MIQuerier@KwLib@@SAKPBDPAU_MUSICINFO@2@@Z

??0_MUSICINFO@KwLib@@QAE@XZ

?Str2Lower@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z

?FindAllFiles@Dir@KwLib@@YAHAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@1H@Z

?IsDirectory@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?ToFileTime@DateTime@Time@KwLib@@QBE_KXZ

??0DateTime@Time@KwLib@@QAE@XZ

msvcp90

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z

?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z