3bdd602693f225d251e6b47d908a245f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3bdd602693f225d251e6b47d908a245f_JaffaCakes118
Size

4.0MB
MD5

3bdd602693f225d251e6b47d908a245f
SHA1

63be90abe4e6a99c8be860cdbc099ac9f54db4fd
SHA256

79ae14d993fdfc363514fada8e1aebe71eaf0ef8d80901ac2cf3cfc7e02c8c30
SHA512

cef12fe61bae06c866c5ff49d4f2f46da5f6e5a7163dabe3e66bdcd5d9841a87240eae46c161a395c6708fa572302b3e200ce018d26350b8a948ed2e7662b007
SSDEEP

98304:R+jottIc6ZPPaBD2bJOJNXW/MfNpcSv1eo/srOCDoMJQ9mzF:R7NeaBwM18Kv1eo/srZD7QS

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
3bdd602693f225d251e6b47d908a245f_JaffaCakes118
unpack001/$PLUGINSDIR/Base64.dll
unpack001/$PLUGINSDIR/BrandingURL.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/blowfish.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/msvcm90.dll
unpack001/uninst.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

3bdd602693f225d251e6b47d908a245f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Base64.dll
.dll windows:4 windows x86 arch:x86

1ba6926a1ee4e4cda118768081f528d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
TerminateProcess

msvcr80

memset
atoi
_crt_debugger_hook

Exports

Exports

Decrypt
Encrypt

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/blowfish.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Decrypt
Encrypt

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

3f1149a3053980fe6b461521d2b55a2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

CloseHandle
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
GetLastError
GlobalFree
lstrcmpiA
DeleteFileA
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
CreateFileA

user32

MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
GetWindowTextA
IsWindow
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
SendMessageA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
3g2.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3g2plus.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3gp.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
3gpplus.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FFF.NFO
Language/Chinese_Simplified.uni
Language/Traditional Chinese.uni
Language/english.uni
Microsoft.VC90.CRT.manifest
.xml
aac.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
aacplus.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
acdbase.dll
.dll windows:5 windows x86 arch:x86

06f79f412dc41be9a29639e0689c655b

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b6:fd:a5:8a:12:e7:0b:af:10:c2:af:c6:86:12:b2:54:5e:1c:8b:51
Signer

Actual PE Digest

b6:fd:a5:8a:12:e7:0b:af:10:c2:af:c6:86:12:b2:54:5e:1c:8b:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mmioDescend
mmioRead
mmioSeek
mmioCreateChunk
mmioClose
mmioWrite
mmioAscend
mmioOpenW

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
LocalFree
lstrcpyA
LocalAlloc
lstrlenA
MultiByteToWideChar
GetACP
WideCharToMultiByte
CreateDirectoryW
CreateFileW
lstrcpyW
CloseHandle
WriteFile
DeleteFileW
QueryPerformanceCounter
DisableThreadLibraryCalls
Sleep
InterlockedExchange
InterlockedCompareExchange

user32

MessageBoxA

msvcr90

memcpy
_ultoa
strtoul
floor
malloc
free
fprintf
__iob_func
??3@YAXPAX@Z
??2@YAPAXI@Z
isalnum
_CxxThrowException
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_CIsin
_CIsqrt
memset

Exports

Exports

??0CSampleRateConverter2@@QAE@XZ
??0CWaveReader@@QAE@PA_W@Z
??0CWaveWriter@@QAE@PA_W_N@Z
??0XWaveReader@@QAE@H@Z
??0XWaveWriter@@QAE@H@Z
??1CSampleRateConverter2@@QAE@XZ
??1CWaveReader@@QAE@XZ
??1CWaveWriter@@QAE@XZ
??4CSampleRateConverter2@@QAEAAV0@ABV0@@Z
??4CWaveReader@@QAEAAV0@ABV0@@Z
??4CWaveWriter@@QAEAAV0@ABV0@@Z
??4XWaveReader@@QAEAAV0@ABV0@@Z
??4XWaveWriter@@QAEAAV0@ABV0@@Z
?Close@CWaveWriter@@QAEXXZ
?Convert@@YAKPAXKKGG@Z
?Deinit@CSampleRateConverter2@@QAEXXZ
?Delete@CWaveReader@@QAEXXZ
?Delete@CWaveWriter@@QAEXXZ
?GetLength@CWaveReader@@QAEKXZ
?GetWaveFormat@CWaveReader@@QAEKAAPAUtWAVEFORMATEX@@@Z
?Init@CSampleRateConverter2@@QAEXKKKKKKKAAPAX0@Z
?Read@CWaveReader@@QAEXPAXI@Z
?Resample@CSampleRateConverter2@@QAEKK@Z
?ResampleStereo@CSampleRateConverter2@@AAEHNNPAFPAM01HH@Z
?WriteData@CWaveWriter@@QAEXPAXI@Z
?WriteHeader@CWaveWriter@@QAEXPAUtWAVEFORMATEX@@@Z
BASE64Decode
BASE64Encode
BASE64FreeMem
ID3Helper_AddBinary
ID3Helper_AddDword
ID3Helper_AddStr
ID3Helper_Alloc
ID3Helper_Copy
ID3Helper_Free
ID3Helper_FreeBinary
ID3Helper_GetBinary
ID3Helper_GetDword
ID3Helper_GetStr
ID3Helper_PutData
UNC_AnsiToUnicode
UNC_AnsiToUtf8
UNC_ChangeEndian
UNC_UnicodeToAnsi
UNC_UnicodeToUtf8
UNC_Utf8ToAnsi
UNC_Utf8ToUnicode
UNC_freeStr
UNC_freeWStr
UUDecode
UUEncode
UUFreeMem

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adpcm.dll
.dll windows:5 windows x86 arch:x86

31d9b983dd6b65ab4202d2cbf63ceab4

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b2:47:db:70:d5:5c:e8:44:5a:76:e5:cf:6e:9a:db:e0:85:a2:a1:c7
Signer

Actual PE Digest

b2:47:db:70:d5:5c:e8:44:5a:76:e5:cf:6e:9a:db:e0:85:a2:a1:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msacm32

acmStreamUnprepareHeader
acmStreamOpen
acmStreamSize
acmStreamClose
acmStreamPrepareHeader
acmStreamConvert
acmMetrics
acmFormatEnumW
acmDriverOpen
acmFormatTagDetailsW
acmDriverClose

kernel32

Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateDirectoryW
lstrcpyW
lstrcatW
InterlockedExchange
InterlockedCompareExchange

user32

wsprintfW

acdbase

?WriteHeader@CWaveWriter@@QAEXPAUtWAVEFORMATEX@@@Z
?Init@CSampleRateConverter2@@QAEXKKKKKKKAAPAX0@Z
?Delete@CWaveWriter@@QAEXXZ
?Resample@CSampleRateConverter2@@QAEKK@Z
??0CWaveWriter@@QAE@PA_W_N@Z
??1CWaveWriter@@QAE@XZ
ID3Helper_Free
??1CSampleRateConverter2@@QAE@XZ
??0CSampleRateConverter2@@QAE@XZ
ID3Helper_Copy
?WriteData@CWaveWriter@@QAEXPAXI@Z

msvcr90

_vswprintf
wcscat
_close
memset
??2@YAPAXI@Z
wcscmp
qsort
wcscpy
??3@YAXPAX@Z
memmove
__CxxFrameHandler3
?_wopen@@YAHPB_WHH@Z
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_write
memcpy
_lseek

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
aiff.dll
.dll windows:5 windows x86 arch:x86

52f17366be3a3e38325f109d26938a96

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

68:6c:54:f5:c7:b4:6c:5c:0d:2c:8e:a8:41:03:d3:49:40:75:f7:ed
Signer

Actual PE Digest

68:6c:54:f5:c7:b4:6c:5c:0d:2c:8e:a8:41:03:d3:49:40:75:f7:ed

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
WriteFile
CreateFileW
SetFilePointer
DeleteFileW
CloseHandle
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

acdbase

?Init@CSampleRateConverter2@@QAEXKKKKKKKAAPAX0@Z
??1CSampleRateConverter2@@QAE@XZ
?Resample@CSampleRateConverter2@@QAEKK@Z
??0CSampleRateConverter2@@QAE@XZ
?Deinit@CSampleRateConverter2@@QAEXXZ

msvcr90

_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
??3@YAXPAX@Z
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
??2@YAPAXI@Z
memcpy
floor
frexp
ldexp
_vswprintf
_initterm

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alac.dll
.dll windows:5 windows x86 arch:x86

2415e39d9ee17421df8520d60061cdc4

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

90:9b:e7:a5:df:19:60:7d:38:73:6b:99:c4:22:ff:fa:ab:7e:83:82
Signer

Actual PE Digest

90:9b:e7:a5:df:19:60:7d:38:73:6b:99:c4:22:ff:fa:ab:7e:83:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CreateDirectoryW
DeleteFileW
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceCounter

acdbase

ID3Helper_FreeBinary
ID3Helper_GetBinary
ID3Helper_GetStr
ID3Helper_GetDword

msvcr90

floor
_CIsqrt
vfprintf
strstr
fprintf
__iob_func
realloc
_vsnprintf
??2@YAPAXI@Z
_CxxThrowException
memmove
_errno
_purecall
??3@YAXPAX@Z
__CxxFrameHandler3
vprintf
printf_s
strncpy
fprintf_s
_stricmp
isalnum
fflush
wcscpy
wcslen
strcmp
_vswprintf
_wfopen
_wrename
_wremove
fgetpos
fsetpos
feof
fread
fwrite
fputs
fclose
strchr
ceil
strerror
tolower
sscanf
_ftime64
_fstat64
_fileno
_vsnprintf_s
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
malloc
free
memcpy
memset
strlen

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ct.dll
.dll windows:5 windows x86 arch:x86

2ca080c1eda0b2912a720e76d218f7be

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:95:2f:32:76:9f:67:b8:0c:e4:5b:ff:54:9b:51:d9:2a:40:9c:b5
Signer

Actual PE Digest

f6:95:2f:32:76:9f:67:b8:0c:e4:5b:ff:54:9b:51:d9:2a:40:9c:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl

kernel32

SetUnhandledExceptionFilter
CompareStringW
CompareStringA
GetProcessHeap
CloseHandle
GetFileSize
CreateFileW
CreateDirectoryW
lstrcpyW
lstrlenW
GetModuleFileNameW
ReadFile
CopyFileW
DeleteFileW
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
HeapSize
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetVersionExA
FormatMessageA
LoadLibraryA
GetThreadLocale
HeapAlloc
RaiseException
GetLastError
HeapReAlloc
RtlUnwind
HeapFree
EnterCriticalSection
LeaveCriticalSection
MoveFileW
GetTimeZoneInformation
GetSystemTimeAsFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetEnvironmentVariableA
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleHandleA
SetHandleCount
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

user32

wsprintfW

shell32

SHGetFolderPathW

acdbase

??0CWaveWriter@@QAE@PA_W_N@Z
ID3Helper_Copy
ID3Helper_GetDword
ID3Helper_GetStr
ID3Helper_GetBinary
ID3Helper_FreeBinary
ID3Helper_Free
??1CWaveWriter@@QAE@XZ
?Delete@CWaveWriter@@QAEXXZ
?WriteData@CWaveWriter@@QAEXPAXI@Z

id3lib

?RenderID3@@YAHPAUID3Helper@@HPAHPAPAD@Z
?WriteID3V1@@YAXPB_WPAUID3Helper@@@Z
?RenderID3_FreeBuffer@@YAXPAD@Z

Exports

Exports

?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z

Sections

.text
Size: 790KB - Virtual size: 790KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_ape.dll
.dll windows:5 windows x86 arch:x86

d316a6f3c7947cfe3b4441d9c4f67ea1

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:37:9b:0f:09:8e:40:f4:5c:cd:33:c6:63:fa:ca:46:14:ef:9f:3a
Signer

Actual PE Digest

39:37:9b:0f:09:8e:40:f4:5c:cd:33:c6:63:fa:ca:46:14:ef:9f:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateThread
WaitForSingleObject
Sleep
SetFileAttributesW
CreateThread
WideCharToMultiByte
MultiByteToWideChar
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
CreateFileW
DeleteFileW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedExchange
InterlockedCompareExchange

user32

MessageBoxA

acdbase

ID3Helper_AddBinary
ID3Helper_AddDword
ID3Helper_GetStr
ID3Helper_GetBinary
ID3Helper_FreeBinary
ID3Helper_Alloc
ID3Helper_GetDword
ID3Helper_AddStr

msvcr90

??2@YAPAXI@Z
__CxxFrameHandler3
memcpy
strtoul
sscanf
strncmp
sprintf
memmove
qsort
strncpy
_wcsicmp
_wtoi
_purecall
wcsrchr
atoi
_strnicmp
strstr
_CxxThrowException
free
calloc
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??3@YAXPAX@Z
memset
_wcsnicmp

Exports

Exports

_FillWaveFormatEx@16
_FillWaveHeader@16
winampGetInModule2

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_flac.dll
.dll windows:5 windows x86 arch:x86

b697eb81915e44f78c1b7e0d410897c1

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:3a:43:e2:e9:45:dd:06:95:3c:19:c0:df:fa:b7:f1:4c:15:df:86
Signer

Actual PE Digest

3a:3a:43:e2:e9:45:dd:06:95:3c:19:c0:df:fa:b7:f1:4c:15:df:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetFileSize
CreateFileW
Sleep
SetFileAttributesW
CreateThread
TerminateThread
WaitForSingleObject
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
InterlockedCompareExchange
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange
QueryPerformanceCounter

acdbase

ID3Helper_GetDword
ID3Helper_GetStr
ID3Helper_GetBinary
ID3Helper_Alloc
ID3Helper_AddDword
ID3Helper_AddStr
UUDecode
ID3Helper_AddBinary
UUFreeMem

msvcr90

realloc
memmove
memset
memcpy
memchr
strtoul
sscanf
sprintf
strchr
feof
calloc
_fstat64i32
__iob_func
_wfopen
fread
free
ferror
_setmode
ftell
fseek
fclose
_wchmod
_wstat64i32
_errno
wcsrchr
_wunlink
_wutime64
fwrite
_wrename
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
malloc
_wcsdup
_strdup
_fileno
_strnicmp

Exports

Exports

winampGetInModule2

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_mp4.dll
.dll windows:5 windows x86 arch:x86

e68ad702434779a4d3912560390e6ec9

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

59:40:c9:66:ca:08:bc:c7:c9:c0:8a:fc:3d:6f:18:b2:42:14:24:85
Signer

Actual PE Digest

59:40:c9:66:ca:08:bc:c7:c9:c0:8a:fc:3d:6f:18:b2:42:14:24:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
CloseHandle
TerminateThread
WaitForSingleObject
SetFileAttributesW
CreateThread
lstrcpyW
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange

acdbase

ID3Helper_Alloc
ID3Helper_GetBinary
ID3Helper_AddStr
ID3Helper_AddBinary
ID3Helper_GetStr
ID3Helper_GetDword
ID3Helper_AddDword
ID3Helper_FreeBinary

msvcr90

free
malloc
fseek
ftell
fread
memmove
fclose
_wfopen
_wcsicmp
memset
memcpy
floor
_vsnprintf
??2@YAPAXI@Z
_CxxThrowException
_errno
realloc
_purecall
??3@YAXPAX@Z
__CxxFrameHandler3
vprintf
printf_s
__iob_func
strncpy
fprintf_s
_stricmp
isalnum
fflush
tolower
_wrename
_wremove
fgetpos
fsetpos
feof
fwrite
fputs
fopen
strchr
strncmp
ceil
strerror
sscanf
_ftime64
_fstat64
_fileno
_CIsin
_CIcos
_CIpow
_CIsqrt
_CIlog
qsort
fprintf
_vsnprintf_s
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_vswprintf

Exports

Exports

winampGetInModule2

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_mpc.dll
.dll windows:5 windows x86 arch:x86

2c3a5a5bf33870dea2cad7ce68caae60

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ae:c6:58:bf:7c:3e:64:0a:63:d7:b9:d1:19:ef:cc:bd:d5:51:b3:be
Signer

Actual PE Digest

ae:c6:58:bf:7c:3e:64:0a:63:d7:b9:d1:19:ef:cc:bd:d5:51:b3:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetACP
WideCharToMultiByte
Sleep
DisableThreadLibraryCalls
CloseHandle
TerminateThread
WaitForSingleObject
SetFileAttributesW
SetThreadPriority
CreateThread
CreateFileW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
DeleteFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent

acdbase

ID3Helper_Alloc
ID3Helper_AddDword
ID3Helper_AddStr
ID3Helper_AddBinary
ID3Helper_GetDword
ID3Helper_GetStr
ID3Helper_GetBinary
ID3Helper_FreeBinary

msvcr90

qsort
_CIpow
memmove
memcpy
free
memset
_wcsdup
_stricmp
malloc
realloc
strncmp
atoi
_purecall
??3@YAXPAX@Z
fclose
fread
fwrite
fseek
ftell
_chsize
_fileno
??2@YAPAXI@Z
_wfopen
__CxxFrameHandler3
strtoul
calloc
_wcsicmp
strncpy
_wtoi
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
sscanf
sprintf

Exports

Exports

winampGetInModule2

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_ogg.dll
.dll windows:5 windows x86 arch:x86

182be7fc708c4c6896cd2dc80ca51159

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

88:6e:a1:56:7b:62:c8:a4:70:fd:f8:6a:62:bf:17:f5:31:3d:d4:ea
Signer

Actual PE Digest

88:6e:a1:56:7b:62:c8:a4:70:fd:f8:6a:62:bf:17:f5:31:3d:d4:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateThread
WaitForSingleObject
Sleep
DeleteFileW
MoveFileW
SetFileAttributesW
CreateThread
InterlockedCompareExchange
InterlockedExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId

user32

wsprintfW

acdbase

ID3Helper_GetBinary
BASE64Encode
ID3Helper_FreeBinary
ID3Helper_Alloc
ID3Helper_AddDword
ID3Helper_GetStr
UUDecode
ID3Helper_AddBinary
UUFreeMem
BASE64Decode
BASE64FreeMem
ID3Helper_GetDword
ID3Helper_AddStr

msvcr90

_CIexp
_CIsqrt
_CIcos
_fseeki64
fclose
strtoul
sscanf
_wfopen
??3@YAXPAX@Z
sprintf
??2@YAPAXI@Z
ftell
fread
realloc
_CIsin
free
malloc
memset
fwrite
memmove
memchr
calloc
toupper
ldexp
qsort
ceil
exit
_errno
fseek
fopen
floor
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_CIlog
_CIatan
memcpy
_CIpow

Exports

Exports

winampGetInModule2

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_wma.dll
.dll windows:5 windows x86 arch:x86

97e352681512a89b4ce4779228624d90

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cd:72:1f:ca:3a:8b:6e:b6:04:a8:24:72:ce:b6:49:40:b9:7c:2f:3e
Signer

Actual PE Digest

cd:72:1f:ca:3a:8b:6e:b6:04:a8:24:72:ce:b6:49:40:b9:7c:2f:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateSyncReader
WMCreateEditor

msvcr90

_crt_debugger_hook
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
??3@YAXPAX@Z
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
sscanf
swscanf
??2@YAPAXI@Z

kernel32

Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
SetFileAttributesW
lstrlenW
WaitForSingleObject
CloseHandle
CreateThread
ResumeThread
InterlockedIncrement

user32

wsprintfW
MessageBoxA

ole32

CoInitializeEx
CoUninitialize

acdbase

ID3Helper_AddDword
ID3Helper_GetDword
ID3Helper_GetStr
ID3Helper_AddBinary
UNC_freeStr
ID3Helper_AddStr
UNC_UnicodeToUtf8
ID3Helper_Alloc
ID3Helper_GetBinary
UNC_Utf8ToUnicode
UNC_freeWStr

Exports

Exports

winampGetInModule2

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decoder_wv.dll
.dll windows:5 windows x86 arch:x86

142452c70f2088ce8f0e152de0d9596e

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

eb:4a:5f:74:48:ad:17:89:36:7e:6b:dc:4c:77:b5:be:f3:f9:d8:f2
Signer

Actual PE Digest

eb:4a:5f:74:48:ad:17:89:36:7e:6b:dc:4c:77:b5:be:f3:f9:d8:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetACP
MultiByteToWideChar
CloseHandle
TerminateThread
WaitForSingleObject
Sleep
SetFileAttributesW
SetThreadPriority
CreateThread
CreateFileW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
DeleteFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent

user32

PostMessageA
MessageBoxA

acdbase

ID3Helper_GetDword
ID3Helper_AddStr
ID3Helper_GetBinary
ID3Helper_FreeBinary
ID3Helper_AddDword
ID3Helper_Alloc
ID3Helper_GetStr
ID3Helper_AddBinary

msvcr90

strncmp
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3
memset
memcpy
memmove
qsort
sprintf
_wcsicmp
strncpy
_wtoi
isdigit
free
malloc
floor
atof
_crt_debugger_hook
strtoul
sscanf
realloc
_purecall
_fstat64i32
fread
ftell
fseek
ungetc
_fileno
fwrite
_stricmp
fclose
_wfopen
_setmode
__iob_func
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_CIpow

Exports

Exports

?winampGetExtendedFileInfo@@YAHUextendedFileInfoStruct@@@Z
winampGetInModule2

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ezcddax.exe
.exe windows:4 windows x86 arch:x86

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:6a:48:dd:ea:2b:f4:e6:7e:e1:2f:41:b7:3d:de:e9:53:d2:e7:2f
Signer

Actual PE Digest

6b:6a:48:dd:ea:2b:f4:e6:7e:e1:2f:41:b7:3d:de:e9:53:d2:e7:2f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$10TCCalendar
@$xp$10TGraphKind
@$xp$11TCGaugeKind
@$xp$12PPItemIdList
@$xp$13Zlibpas@TFree
@$xp$14Zlibpas@TAlloc
@$xp$16Pngimage2@TChunk
@$xp$17Pngimage2@TFilter
@$xp$17TPerformanceGraph
@$xp$17Uptunicode@TEditW
@$xp$18Cdiroutl@TTextCase
@$xp$18Pngimage2@TFilters
@$xp$18Pngimage2@TPNGList
@$xp$18Pngimage2@TRGBLine
@$xp$18Pngimage2@pRGBLine
@$xp$19Pngimage2@EPngError
@$xp$19Pngimage2@TIHDRData
@$xp$19Pngimage2@TRGBPixel
@$xp$19Pngimage2@TUnitType
@$xp$19Pngimage2@pCardinal
@$xp$19Pngimage2@pIHDRData
@$xp$19Pngimage2@pRGBPixel
@$xp$19Pngimage2@pUnitType
@$xp$19Uptunicode@TButtonW
@$xp$19Virtualtrees@TCache
@$xp$19Zlibpas@TZStreamRec
@$xp$20Pngbitbtn@TPngBitBtn
@$xp$20Pngimage2@TByteArray
@$xp$20Pngimage2@TChunkIDAT
@$xp$20Pngimage2@TChunkIEND
@$xp$20Pngimage2@TChunkIHDR
@$xp$20Pngimage2@TChunkName
@$xp$20Pngimage2@TChunkPLTE
@$xp$20Pngimage2@TChunkgAMA
@$xp$20Pngimage2@TChunkpHYs
@$xp$20Pngimage2@TChunktEXt
@$xp$20Pngimage2@TChunktIME
@$xp$20Pngimage2@TChunktRNS
@$xp$20Pngimage2@TChunkzTXt
@$xp$20Pngimage2@pByteArray
@$xp$20Uptshellutils@TCSIDL
@$xp$20Virtualtrees@TVTBias
@$xp$20Virtualtrees@TVTEdit
@$xp$21Pngfunctions@PRGBLine
@$xp$21Pngfunctions@TRGBLine
@$xp$21Pngimage2@TChunkClass
@$xp$21Pngimage2@TPNGObject2
@$xp$21Uptunicode@TCheckboxW
@$xp$21Virtualtrees@THitInfo
@$xp$21Virtualtrees@TWMPrint
@$xp$22Pngfunctions@PRGBALine
@$xp$22Pngfunctions@TRGBALine
@$xp$22Pngimage2@Pngimage2__1
@$xp$22Pngimage2@TZStreamRec2
@$xp$22Uptunicode@TPTStringsW
@$xp$22Virtualtrees@PCardinal
@$xp$22Virtualtrees@TDropMode
@$xp$22Virtualtrees@TVTColors
@$xp$22Virtualtrees@TVTHeader
@$xp$23Pngfunctions@TPngOption
@$xp$23Pngimage2@EPNGNotExists
@$xp$23Pngimage2@EPNGOutMemory
@$xp$23Pngimage2@EPNGZLIBError
@$xp$23Pngimage2@TPointerArray
@$xp$23Pngimage2@pPointerArray
@$xp$23Uptshellutils@TLinkData
@$xp$23Upttreelist@TPTListView
@$xp$23Upttreelist@TPTTreeView
@$xp$23Uptunicode@TStaticTextW
@$xp$23Virtualtrees@TBlendMode
@$xp$23Virtualtrees@TCheckType
@$xp$23Virtualtrees@TLineImage
@$xp$23Virtualtrees@TNodeArray
@$xp$24Pngfunctions@TPngOptions
@$xp$24Pngimage2@EPngInvalidCRC
@$xp$24Pngimage2@TMAXBITMAPINFO
@$xp$24Uptunicode@TAccessCanvas
@$xp$24Uptunicode@TPTHintWindow
@$xp$24Uptunicode@TSpeedButtonW
@$xp$24Virtualtrees@IVTEditLink
@$xp$24Virtualtrees@PVTHintData
@$xp$24Virtualtrees@TCacheEntry
@$xp$24Virtualtrees@TCheckState
@$xp$24Virtualtrees@TIndexArray
@$xp$24Virtualtrees@TVTDragType
@$xp$24Virtualtrees@TVTHintData
@$xp$24Virtualtrees@TVTHintMode
@$xp$24Virtualtrees@TVTLineMode
@$xp$24Virtualtrees@TVTLineType
@$xp$25Pngimage2@EPNGInvalidSpec
@$xp$25Pngimage2@EPNGNoImageData
@$xp$25Pngimage2@EPNGSizeExceeds
@$xp$25Pngimage2@EPngInvalidIHDR
@$xp$25Pngimage2@TPNGPointerList
@$xp$25Uptimagecombo@TPTCombobox
@$xp$25Uptshellutils@TPTPidlList
@$xp$25Uptshellutils@TPTShortcut
@$xp$25Uptunicode@TPTStringListW
@$xp$25Virtualtrees@PSHDragImage
@$xp$25Virtualtrees@PVTReference
@$xp$25Virtualtrees@PVirtualNode
@$xp$25Virtualtrees@TColumnIndex
@$xp$25Virtualtrees@TFormatArray
@$xp$25Virtualtrees@THeaderState
@$xp$25Virtualtrees@THitPosition
@$xp$25Virtualtrees@TSHDragImage
@$xp$25Virtualtrees@TVSTTextType
@$xp$25Virtualtrees@TVTDragImage
@$xp$25Virtualtrees@TVTImageInfo
@$xp$25Virtualtrees@TVTImageKind
@$xp$25Virtualtrees@TVTLineStyle
@$xp$25Virtualtrees@TVTPaintInfo
@$xp$25Virtualtrees@TVTPaintText
@$xp$25Virtualtrees@TVTReference
@$xp$25Virtualtrees@TVirtualNode
@$xp$26Pngimage2@EPNGIHDRNotFirst
@$xp$26Pngimage2@TInterlaceMethod
@$xp$26Pngimagelist@TPngImageList
@$xp$26Virtualtrees@TChangeReason
@$xp$26Virtualtrees@TChangeStates
@$xp$26Virtualtrees@TColumnsArray
@$xp$26Virtualtrees@THeaderStates
@$xp$26Virtualtrees@THitPositions
@$xp$26Virtualtrees@TMouseButtons
@$xp$26Virtualtrees@TVTAutoOption
@$xp$26Virtualtrees@TVTDataObject
@$xp$26Virtualtrees@TVTExportMode
@$xp$26Virtualtrees@TVTExportType
@$xp$26Virtualtrees@TVTMiscOption
@$xp$26Virtualtrees@TVTPaintEvent
@$xp$26Virtualtrees@TVTPopupEvent
@$xp$27Cdiroutl@TCDirectoryOutline
@$xp$27Pngimage2@EPngUnexpectedEnd
@$xp$27Pngimage2@TCompressionLevel
@$xp$27Uptimagecombo@TPTImageCombo
@$xp$27Virtualtrees@IVTDragManager
@$xp$27Virtualtrees@TCardinalArray
@$xp$27Virtualtrees@TDragOperation
@$xp$27Virtualtrees@TEnumFormatEtc
@$xp$27Virtualtrees@TRealWMNCPaint
@$xp$27Virtualtrees@TSortDirection
@$xp$27Virtualtrees@TVTAutoOptions
@$xp$27Virtualtrees@TVTButtonStyle
@$xp$27Virtualtrees@TVTChangeEvent
@$xp$27Virtualtrees@TVTDragManager
@$xp$27Virtualtrees@TVTGetNodeProc
@$xp$27Virtualtrees@TVTHeaderClass
@$xp$27Virtualtrees@TVTHeaderStyle
@$xp$27Virtualtrees@TVTMiscOptions
@$xp$27Virtualtrees@TVTPaintOption
@$xp$27Virtualtrees@TVTScrollEvent
@$xp$27Virtualtrees@TVTSearchStart
@$xp$27Virtualtrees@TVTUpdateState
@$xp$28Pngimage2@EPNGInvalidNewSize
@$xp$28Pngimage2@EPNGInvalidPalette
@$xp$28Pngimage2@EPNGMissingPalette
@$xp$28Uptshellutils@TPTIdListArray
@$xp$28Uptunicode@TPTStringListRecW
@$xp$28Virtualtrees@TCheckImageKind
@$xp$28Virtualtrees@TColumnPosition
@$xp$28Virtualtrees@TDragOperations
@$xp$28Virtualtrees@TFormatEtcArray
@$xp$28Virtualtrees@TScrollBarStyle
@$xp$28Virtualtrees@TStringEditLink
@$xp$28Virtualtrees@TVTColumnOption
@$xp$28Virtualtrees@TVTCompareEvent
@$xp$28Virtualtrees@TVTDropMarkMode
@$xp$28Virtualtrees@TVTHeaderOption
@$xp$28Virtualtrees@TVTPaintOptions
@$xp$28Virtualtrees@TVTStringOption
@$xp$28Virtualtrees@TVTTransparency
@$xp$28Virtualtrees@Virtualtrees__4
@$xp$28Virtualtrees@Virtualtrees__9
@$xp$29Uptshellcontrols@TPTShellList
@$xp$29Uptshellcontrols@TPTShellTree
@$xp$29Uptshellutils@TLinkDataOption
@$xp$29Uptshellutils@_TPTShortcut@_1
@$xp$29Upttreelist@TPTCustomListView
@$xp$29Upttreelist@TPTCustomTreeView
@$xp$29Uptunicode@_TPTStringListW@_1
@$xp$29Virtualtrees@TBaseVirtualTree
@$xp$29Virtualtrees@TGetNextNodeProc
@$xp$29Virtualtrees@THeaderPaintInfo
@$xp$29Virtualtrees@TItemEraseAction
@$xp$29Virtualtrees@TVSTGetHintEvent
@$xp$29Virtualtrees@TVSTGetTextEvent
@$xp$29Virtualtrees@TVSTNewTextEvent
@$xp$29Virtualtrees@TVTCellPaintMode
@$xp$29Virtualtrees@TVTChangingEvent
@$xp$29Virtualtrees@TVTColumnOptions
@$xp$29Virtualtrees@TVTDragDropEvent
@$xp$29Virtualtrees@TVTDragImageKind
@$xp$29Virtualtrees@TVTDragOverEvent
@$xp$29Virtualtrees@TVTDrawHintEvent
@$xp$29Virtualtrees@TVTDrawNodeEvent
@$xp$29Virtualtrees@TVTDrawTextEvent
@$xp$29Virtualtrees@TVTFreeNodeEvent
@$xp$29Virtualtrees@TVTGetImageEvent
@$xp$29Virtualtrees@TVTHeaderHitInfo
@$xp$29Virtualtrees@TVTHeaderOptions
@$xp$29Virtualtrees@TVTInitNodeEvent
@$xp$29Virtualtrees@TVTNodeAlignment
@$xp$29Virtualtrees@TVTOperationKind
@$xp$29Virtualtrees@TVTSaveNodeEvent
@$xp$29Virtualtrees@TVTSaveTreeEvent
@$xp$29Virtualtrees@TVTStringOptions
@$xp$29Virtualtrees@TVTUpdatingEvent
@$xp$29Virtualtrees@TVirtualDrawTree
@$xp$29Virtualtrees@Virtualtrees__02
@$xp$29Virtualtrees@Virtualtrees__51
@$xp$29Virtualtrees@Virtualtrees__61
@$xp$29Virtualtrees@Virtualtrees__71
@$xp$29Virtualtrees@_TVirtualNode@_1
@$xp$30Pngimage2@EPNGHeaderNotPresent
@$xp$30Pngimage2@EPNGUnknownInterlace
@$xp$30Pngimage2@TPNGTransparencyMode
@$xp$30Uptshellcontrols@TPTShListData
@$xp$30Uptshellcontrols@TPTShTreeData
@$xp$30Uptshellcontrols@TPTShellCombo
@$xp$30Uptshellutils@PPTModuleVersion
@$xp$30Uptshellutils@TLinkDataOptions
@$xp$30Uptshellutils@TPTModuleVersion
@$xp$30Uptshellutils@TPTShellIconSize
@$xp$30Upttreelist@TPTLvSortDirection
@$xp$30Uptunicode@TPTWideCanvasHelper
@$xp$30Virtualtrees@EVirtualTreeError
@$xp$30Virtualtrees@IDragSourceHelper
@$xp$30Virtualtrees@IDropTargetHelper
@$xp$30Virtualtrees@TClipboardFormats
@$xp$30Virtualtrees@TGetFirstNodeProc
@$xp$30Virtualtrees@TScrollBarOptions
@$xp$30Virtualtrees@TScrollDirections
@$xp$30Virtualtrees@TSmartAutoFitType
@$xp$30Virtualtrees@TTreeOptionsClass
@$xp$30Virtualtrees@TVTButtonFillMode
@$xp$30Virtualtrees@TVTGetCursorEvent
@$xp$30Virtualtrees@TVTImageInfoIndex
@$xp$30Virtualtrees@TVTKeyActionEvent
@$xp$30Virtualtrees@TVTNodeAttachMode
@$xp$30Virtualtrees@TVTNodeMovedEvent
@$xp$30Virtualtrees@TVTOperationEvent
@$xp$30Virtualtrees@TVTOperationKinds
@$xp$30Virtualtrees@TVirtualNodeState
@$xp$30Virtualtrees@TVirtualTreeClass
@$xp$31Pngimage2@EPNGInvalidFileHeader
@$xp$31Uptfilematch@TPTFileMatchOption
@$xp$31Uptimagecombo@TPTCustomCombobox
@$xp$31Uptimagecombo@TPTImageComboItem
@$xp$31Uptshellcontrols@TPTShComboData
@$xp$31Virtualtrees@THintAnimationType
@$xp$31Virtualtrees@TInternalStgMedium
@$xp$31Virtualtrees@TStringTreeOptions
@$xp$31Virtualtrees@TVSTTextSourceType
@$xp$31Virtualtrees@TVTAnimationOption
@$xp$31Virtualtrees@TVTDragImageStates
@$xp$31Virtualtrees@TVTEditCancelEvent
@$xp$31Virtualtrees@TVTEditChangeEvent
@$xp$31Virtualtrees@TVTGetImageExEvent
@$xp$31Virtualtrees@TVTNodeCopiedEvent
@$xp$31Virtualtrees@TVTNodeExportEvent
@$xp$31Virtualtrees@TVTNodeMovingEvent
@$xp$31Virtualtrees@TVTScrollIncrement
@$xp$31Virtualtrees@TVTSearchDirection
@$xp$31Virtualtrees@TVTSelectionOption
@$xp$31Virtualtrees@TVTTreeExportEvent
@$xp$31Virtualtrees@TVirtualNodeStates
@$xp$31Virtualtrees@TVirtualStringTree
@$xp$31Virtualtrees@TVirtualTreeColumn
@$xp$31Virtualtrees@TVirtualTreeStates
@$xp$32Pngimage2@EPNGUnknownCompression
@$xp$32Pngimagelist@TPngImageCollection
@$xp$32Uptfilematch@TPTFileMatchOptions
@$xp$32Uptshellcontrols@TPTOleDragEvent
@$xp$32Uptshellcontrols@TPTOleDropEvent
@$xp$32Uptshellcontrols@TPTShellLocator
@$xp$32Uptthumbnails@TPTShellThumbnails
@$xp$32Virtualtrees@TAutoScrollInterval
@$xp$32Virtualtrees@TVTAnimationOptions
@$xp$32Virtualtrees@TVTColumnClickEvent
@$xp$32Virtualtrees@TVTDragAllowedEvent
@$xp$32Virtualtrees@TVTFocusChangeEvent
@$xp$32Virtualtrees@TVTGetHintSizeEvent
@$xp$32Virtualtrees@TVTHeaderClickEvent
@$xp$32Virtualtrees@TVTHeaderMouseEvent
@$xp$32Virtualtrees@TVTHeaderPaintEvent
@$xp$32Virtualtrees@TVTHelpContextEvent
@$xp$32Virtualtrees@TVTMeasureItemEvent
@$xp$32Virtualtrees@TVTNodeCopyingEvent
@$xp$32Virtualtrees@TVTSelectionOptions
@$xp$32Virtualtrees@TVTStateChangeEvent
@$xp$32Virtualtrees@TVirtualTreeColumns
@$xp$32Virtualtrees@TVirtualTreeOptions
@$xp$33Pngimage2@EPNGMissingMultipleIDAT
@$xp$33Uptimagecombo@TPTCustomImageCombo
@$xp$33Uptshellutils@IPTDropTargetHelper
@$xp$33Uptshellutils@TPTDropTargetHelper
@$xp$33Uptunicode@TPTStringsWSortCompare
@$xp$33Virtualtrees@THeaderPaintElements
@$xp$33Virtualtrees@TScrollUpdateOptions
@$xp$33Virtualtrees@TVTAnimationCallback
@$xp$33Virtualtrees@TVTColumnExportEvent
@$xp$33Virtualtrees@TVTConstraintPercent
@$xp$33Virtualtrees@TVTCreateEditorEvent
@$xp$33Virtualtrees@TVTDrawSelectionMode
@$xp$33Virtualtrees@TVTEditChangingEvent
@$xp$33Virtualtrees@TVTGetImageTextEvent
@$xp$33Virtualtrees@TVTGetLineStyleEvent
@$xp$33Virtualtrees@TVTGetNodeWidthEvent
@$xp$33Virtualtrees@TVTHeaderHitPosition
@$xp$33Virtualtrees@TVTHeaderNotifyEvent
@$xp$33Virtualtrees@TVTIncrementalSearch
@$xp$33Virtualtrees@TVTInitChildrenEvent
@$xp$34Pngimage2@EPNGCouldNotLoadResource
@$xp$34Pngimage2@EPNGUnknownCriticalChunk
@$xp$34Uptshellcontrols@TPTLVEditedWEvent
@$xp$34Uptshellcontrols@TPTShAddItemEvent
@$xp$34Uptshellcontrols@TPTShellViewStyle
@$xp$34Uptshellcontrols@TPTTVEditedWEvent
@$xp$34Uptshellutils@TPTDeviceChangeEvent
@$xp$34Uptshellutils@TPTFriendlyNameFlags
@$xp$34Virtualtrees@TVTCheckChangingEvent
@$xp$34Virtualtrees@TVTFocusChangingEvent
@$xp$34Virtualtrees@TVTHeaderColumnLayout
@$xp$34Virtualtrees@TVTHeaderDraggedEvent
@$xp$34Virtualtrees@TVTHeaderHitPositions
@$xp$34Virtualtrees@TVTHotNodeChangeEvent
@$xp$34Virtualtrees@TVTRenderOLEDataEvent
@$xp$34Virtualtrees@TVTScrollbarShowEvent
@$xp$34Virtualtrees@TVirtualNodeInitState
@$xp$34Vistaprogressbar@TVistaProgressBar
@$xp$35Uptshellcontrols@TPTCustomShellList
@$xp$35Uptshellcontrols@TPTCustomShellTree
@$xp$35Uptshellcontrols@TPTShellListOption
@$xp$35Uptshellcontrols@TPTShellTreeOption
@$xp$35Virtualtrees@TCustomVirtualDrawTree
@$xp$35Virtualtrees@TVSTShortenStringEvent
@$xp$35Virtualtrees@TVTAddToSelectionEvent
@$xp$35Virtualtrees@TVTAfterCellPaintEvent
@$xp$35Virtualtrees@TVTAfterItemEraseEvent
@$xp$35Virtualtrees@TVTAfterItemPaintEvent
@$xp$35Virtualtrees@TVTColumnDblClickEvent
@$xp$35Virtualtrees@TVTDragMoveRestriction
@$xp$35Virtualtrees@TVTGetCellIsEmptyEvent
@$xp$35Virtualtrees@TVTHeaderDraggingEvent
@$xp$35Virtualtrees@TVTInternalPaintOption
@$xp$35Virtualtrees@TVirtualNodeInitStates
@$xp$35Virtualtrees@TVirtualTreeHintWindow
@$xp$36Pngimagelist@TPngImageCollectionItem
@$xp$36Uptshellcontrols@TPTCustomShellCombo
@$xp$36Uptshellcontrols@TPTShPopupHintEvent
@$xp$36Uptshellcontrols@TPTShellComboOption
@$xp$36Uptshellcontrols@TPTShellListOptions
@$xp$36Uptshellcontrols@TPTShellTreeOptions
@$xp$36Uptshellutils@TPTDeviceChangeHandler
@$xp$36Virtualtrees@TInternalStgMediumArray
@$xp$36Virtualtrees@TVTBackgroundPaintEvent
@$xp$36Virtualtrees@TVTBeforeCellPaintEvent
@$xp$36Virtualtrees@TVTBeforeItemEraseEvent
@$xp$36Virtualtrees@TVTBeforeItemPaintEvent
@$xp$36Virtualtrees@TVTFixedAreaConstraints
@$xp$36Virtualtrees@TVTGetHeaderCursorEvent
@$xp$36Virtualtrees@TVTGetNodeDataSizeEvent
@$xp$36Virtualtrees@TVTHeaderMouseMoveEvent
@$xp$36Virtualtrees@TVTInternalPaintOptions
@$xp$36Virtualtrees@TVTStructureChangeEvent
@$xp$36Virtualtrees@TVirtualTreeColumnClass
@$xp$36Virtualtrees@TVirtualTreeColumnStyle
@$xp$37Pngimage2@EPNGCannotChangeTransparent
@$xp$37Pngimagelist@TPngImageCollectionItems
@$xp$37Uptimagecombo@TPTDeleteComboItemEvent
@$xp$37Uptshellcontrols@TPTOleDragStartEvent
@$xp$37Uptshellcontrols@TPTShellComboOptions
@$xp$37Virtualtrees@TCustomStringTreeOptions
@$xp$37Virtualtrees@TCustomVirtualStringTree
@$xp$37Virtualtrees@TVTCellContentMarginType
@$xp$37Virtualtrees@TVTCreateDataObjectEvent
@$xp$37Virtualtrees@TVTHeaderDraggedOutEvent
@$xp$37Virtualtrees@TVTMeasureTextWidthEvent
@$xp$37Virtualtrees@TVTTooltipLineBreakStyle
@$xp$37Virtualtrees@TVirtualTreeColumnsClass
@$xp$38Uptshellcontrols@TPTShellLocator_Which
@$xp$38Upttreelist@TPTLvHeaderSortDisplayMode
@$xp$38Virtualtrees@TCustomVirtualTreeOptions
@$xp$38Virtualtrees@TVTCreateDragManagerEvent
@$xp$38Virtualtrees@TVTIncrementalSearchEvent
@$xp$39Uptshellcontrols@TPTCustomShellList_LCS
@$xp$39Uptshellcontrols@TPTShDblClickOpenEvent
@$xp$39Upttreelist@TPTLvOnItemContextMenuEvent
@$xp$39Upttreelist@TPTTvOnNodeContextMenuEvent
@$xp$39Virtualtrees@TVTAfterAutoFitColumnEvent
@$xp$39Virtualtrees@TVTNodeHeightTrackingEvent
@$xp$40Uptshellcontrols@TPTOleDragCompleteEvent
@$xp$40Virtualtrees@TVTAdvancedHeaderPaintEvent
@$xp$40Virtualtrees@TVTAfterAutoFitColumnsEvent
@$xp$40Virtualtrees@TVTBeforeAutoFitColumnEvent
@$xp$40Virtualtrees@TVTColumnWidthTrackingEvent
@$xp$40Virtualtrees@TVTRemoveFromSelectionEvent
@$xp$41Uptshellcontrols@TPTShListDeleteItemEvent
@$xp$41Uptshellcontrols@TPTShTreeDeleteItemEvent
@$xp$41Uptshellcontrols@TPTShTreeInsertItemEvent
@$xp$41Virtualtrees@TVTBeforeAutoFitColumnsEvent
@$xp$41Virtualtrees@TVTGetCellContentMarginEvent
@$xp$41Virtualtrees@TVTHeaderHeightTrackingEvent
@$xp$42Uptimagecombo@TPTDeleteImageComboItemEvent
@$xp$42Uptshellcontrols@TPTShComboDeleteItemEvent
@$xp$42Virtualtrees@TVTCanSplitterResizeNodeEvent
@$xp$43Uptimagecombo@TPTImageComboGetItemDataEvent
@$xp$43Virtualtrees@TVTAfterGetMaxColumnWidthEvent
@$xp$44Virtualtrees@TVTBeforeGetMaxColumnWidthEvent
@$xp$44Virtualtrees@TVTCanSplitterResizeColumnEvent
@$xp$44Virtualtrees@TVTCanSplitterResizeHeaderEvent
@$xp$44Virtualtrees@TVTGetUserClipboardFormatsEvent
@$xp$44Vtaccessibilityfactory@IVTAccessibleProvider
@$xp$45Virtualtrees@TVTAfterColumnWidthTrackingEvent
@$xp$45Virtualtrees@TVTHeaderPaintQueryElementsEvent
@$xp$45Virtualtrees@TVTNodeHeightDblClickResizeEvent
@$xp$46Virtualtrees@TVTAfterHeaderHeightTrackingEvent
@$xp$46Virtualtrees@TVTBeforeColumnWidthTrackingEvent
@$xp$46Virtualtrees@TVTColumnWidthDblClickResizeEvent
@$xp$46Vtaccessibilityfactory@TVTAccessibilityFactory
@$xp$47Virtualtrees@TVTBeforeHeaderHeightTrackingEvent
@$xp$47Virtualtrees@TVTHeaderHeightDblClickResizeEvent
@$xp$49Uptshellcontrols@TPTShLvBeforeShellMenuPopupEvent
@$xp$49Uptshellcontrols@TPTShTvBeforeShellMenuPopupEvent
@$xp$4TPie
@$xp$52Uptshellcontrols@TPTShLvAfterShellMenuSelectionEvent
@$xp$52Uptshellcontrols@TPTShTvAfterShellMenuSelectionEvent
@$xp$7TAngles
@$xp$7TCGauge
@$xp$7TRating
@$xp$ynpqqrp14System@TObject$v
@$xp$ynpqqrp14System@TObject21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$8%ii$v
@$xp$ynpqqrp14System@TObject46System@%Set$t18Classes@Classes__1$iuc$0$iuc$8%ii$v
@$xp$ynpqqrp14System@TObjecti$v
@$xp$ynpqqrp14System@TObjectrb$v
@$xp$ynpqqrp14System@TObjectrp20Controls@TDragObject$v
@$xp$ynpqqrp14System@TObjectrp24Controls@TDragDockObject$v
@$xp$ynpqqrp14System@TObjectrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$8%$v
@$xp$ynpqqrp14System@TObjectt1ii$v
@$xp$ynpqqrp14System@TObjectt1ii19Controls@TDragStatero$v
@@About@Finalize
@@About@Initialize
@@Accuratecdda_statuswindow@Finalize
@@Accuratecdda_statuswindow@Initialize
@@Accuratecdda_thread@Finalize
@@Accuratecdda_thread@Initialize
@@Acdi@Finalize
@@Acdi@Initialize
@@Amazon_search@Finalize
@@Amazon_search@Initialize
@@Audio_cd_thread@Finalize
@@Audio_cd_thread@Initialize
@@Buffer2@Finalize
@@Buffer2@Initialize
@@Buffer@Finalize
@@Buffer@Initialize
@@Burn_iso@Finalize
@@Burn_iso@Initialize
@@Ccalendr@Finalize
@@Ccalendr@Initialize
@@Cd_dvd_thread@Finalize
@@Cd_dvd_thread@Initialize
@@Cd_dvd_writeform@Finalize
@@Cd_dvd_writeform@Initialize
@@Cddbcategoryselect@Finalize
@@Cddbcategoryselect@Initialize
@@Cdiroutl@Finalize
@@Cdiroutl@Initialize
@@Cdw2_addthread@Finalize
@@Cdw2_addthread@Initialize
@@Cdw2_detect@Finalize
@@Cdw2_detect@Initialize
@@Cdw_addthread@Finalize
@@Cdw_addthread@Initialize
@@Cdwriteform@Finalize
@@Cdwriteform@Initialize
@@Cgauges@Finalize
@@Cgauges@Initialize
@@Converter@Finalize
@@Converter@Initialize
@@Converting@Finalize
@@Converting@Initialize
@@Copying@Finalize
@@Copying@Initialize
@@Copythread2@Finalize
@@Copythread2@Initialize
@@Copythread@Finalize
@@Copythread@Initialize
@@Crc32@Finalize
@@Crc32@Initialize
@@Cuesheet@Finalize
@@Cuesheet@Initialize
@@Dbbrowser@Finalize
@@Dbbrowser@Initialize
@@Dbquery_statuswindow@Finalize
@@Dbquery_statuswindow@Initialize
@@Decss@Finalize
@@Decss@Initialize
@@Dsp@Finalize
@@Dsp@Initialize

Sections

.textbss
Size: - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 193KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ezcddax32.dll
.dll regsvr32 windows:5 windows x86 arch:x86

adcdbe8ee6f3b0bfc564279e25f36923

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a2:13:87:65:b4:e7:e7:70:02:e1:74:ae:f5:be:f4:a3:67:ea:6d:8e
Signer

Actual PE Digest

a2:13:87:65:b4:e7:e7:70:02:e1:74:ae:f5:be:f4:a3:67:ea:6d:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
IsDBCSLeadByte
GetVersion
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetFileAttributesW
GlobalUnlock
GlobalLock
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
TlsAlloc
TlsSetValue
TlsFree
VirtualFree
HeapReAlloc
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
MultiByteToWideChar
lstrcpyW
GetModuleFileNameW
CreateProcessW
Sleep
OpenEventW
CloseHandle
lstrlenW
TlsGetValue
SetLastError

user32

GetWindowTextW
GetClassNameW
GetWindowTextLengthW
SetForegroundWindow
wsprintfW
LoadImageA
SendMessageA
InsertMenuW
SetMenuItemBitmaps
CreatePopupMenu
CharNextW
EnumWindows
CharNextA

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExW
RegDeleteValueA

shell32

DragQueryFileA
DragQueryFileW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ezcddax64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

635b5ac89c925adcbfa033411a8846b4

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3c:a8:a6:b7:d4:8d:0f:fc:cd:7d:60:09:3b:e5:4c:34:b7:de:99:2c
Signer

Actual PE Digest

3c:a8:a6:b7:d4:8d:0f:fc:cd:7d:60:09:3b:e5:4c:34:b7:de:99:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
DisableThreadLibraryCalls
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
IsDBCSLeadByte
GetVersion
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetFileAttributesW
GlobalUnlock
GlobalLock
HeapAlloc
HeapFree
RtlPcToFileHeader
RtlUnwindEx
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlLookupFunctionEntry
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
ExitProcess
WriteFile
GetStdHandle
HeapSetInformation
HeapCreate
HeapDestroy
HeapReAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
lstrcpyW
GetModuleFileNameW
CreateProcessW
Sleep
OpenEventW
CloseHandle
lstrlenW
IsValidCodePage
SetLastError

user32

GetWindowTextW
GetClassNameW
GetWindowTextLengthW
SetForegroundWindow
wsprintfW
LoadImageA
SendMessageA
InsertMenuW
SetMenuItemBitmaps
CreatePopupMenu
CharNextW
EnumWindows
CharNextA

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExW
RegDeleteValueA

shell32

DragQueryFileA
DragQueryFileW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
flac.dll
.dll windows:5 windows x86 arch:x86

6efa4f860ac68d1989ca76e029771fdc

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

55:24:d8:24:24:28:5f:8e:c6:ba:f0:64:7e:4a:65:d6:cb:ce:e1:17
Signer

Actual PE Digest

55:24:d8:24:24:28:5f:8e:c6:ba:f0:64:7e:4a:65:d6:cb:ce:e1:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
DeleteFileW
SetUnhandledExceptionFilter
MultiByteToWideChar
GetLastError
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

user32

DialogBoxParamA
EndDialog

acdbase

ID3Helper_GetBinary
ID3Helper_GetStr
ID3Helper_GetDword

msvcr90

??3@YAXPAX@Z
sprintf
_swprintf
??2@YAPAXI@Z
memset
memchr
strchr
exit
fprintf
__iob_func
fclose
fread
fopen
_fileno
_setmode
memcpy
calloc
_wfopen
fwrite
ftell
fseek
qsort
frexp
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
memmove
realloc
free
malloc
_strdup
_CIlog
_CIcos
_stat64i32
_CIexp

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize
Configure

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
id3lib.dll
.dll windows:5 windows x86 arch:x86

57e42f5965424039f2bcbe3aa19ed9d1

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e1:70:75:bf:28:47:b1:20:95:ff:a9:4c:68:88:12:f1:4f:12:df:1c
Signer

Actual PE Digest

e1:70:75:bf:28:47:b1:20:95:ff:a9:4c:68:88:12:f1:4f:12:df:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
SetEndOfFile
SetFilePointer
CreateFileW
lstrcpyW
lstrlenW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
InterlockedExchange

acdbase

ID3Helper_GetStr
ID3Helper_GetDword
ID3Helper_GetBinary
ID3Helper_FreeBinary
UNC_Utf8ToAnsi
UNC_freeStr
UNC_Utf8ToUnicode
UNC_freeWStr

msvcp90

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?_Xran@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPADII@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcr90

?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
memmove
memcpy
memset
??_V@YAXPAX@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
fclose
fread
ftell
fseek
fopen
fwrite
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
memmove_s
atoi
isdigit
_memicmp
sprintf
_wrename
_wremove
strncmp
calloc
free
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
_stricmp

Exports

Exports

??0BStringReader@io@dami@@QAE@ABV012@@Z
??0BStringReader@io@dami@@QAE@ABV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@@Z
??0BStringWriter@io@dami@@QAE@AAV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@@Z
??0BStringWriter@io@dami@@QAE@ABV012@@Z
??0CharReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0CharReader@io@dami@@QAE@ABV012@@Z
??0CompressedReader@io@dami@@QAE@AAVID3_Reader@@I@Z
??0CompressedReader@io@dami@@QAE@ABV012@@Z
??0ExitTrigger@io@dami@@QAE@AAVID3_Reader@@@Z
??0ExitTrigger@io@dami@@QAE@AAVID3_Reader@@I@Z
??0ExitTrigger@io@dami@@QAE@ABV012@@Z
??0ID3_FStreamWriter@@QAE@AAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_FStreamWriter@@QAE@ABV0@@Z
??0ID3_Field@@IAE@XZ
??0ID3_Field@@QAE@ABV0@@Z
??0ID3_Frame@@QAE@ABV0@@Z
??0ID3_Frame@@QAE@W4ID3_FrameID@@@Z
??0ID3_FrameInfo@@QAE@XZ
??0ID3_IFStreamReader@@QAE@AAV?$basic_ifstream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_IFStreamReader@@QAE@ABV0@@Z
??0ID3_IOStreamWriter@@QAE@AAV?$basic_iostream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_IOStreamWriter@@QAE@ABV0@@Z
??0ID3_IStreamReader@@QAE@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_IStreamReader@@QAE@ABV0@@Z
??0ID3_MemoryReader@@QAE@ABV0@@Z
??0ID3_MemoryReader@@QAE@PBDI@Z
??0ID3_MemoryReader@@QAE@PBEI@Z
??0ID3_MemoryReader@@QAE@XZ
??0ID3_MemoryWriter@@QAE@ABV0@@Z
??0ID3_MemoryWriter@@QAE@QAEI@Z
??0ID3_MemoryWriter@@QAE@XZ
??0ID3_OFStreamWriter@@QAE@AAV?$basic_ofstream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_OFStreamWriter@@QAE@ABV0@@Z
??0ID3_OStreamWriter@@QAE@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@@Z
??0ID3_OStreamWriter@@QAE@ABV0@@Z
??0ID3_Reader@@QAE@ABV0@@Z
??0ID3_Reader@@QAE@XZ
??0ID3_Tag@@QAE@ABV0@@Z
??0ID3_Tag@@QAE@PB_W@Z
??0ID3_Writer@@QAE@ABV0@@Z
??0ID3_Writer@@QAE@XZ
??0LineFeedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0LineFeedReader@io@dami@@QAE@ABV012@@Z
??0StringReader@io@dami@@QAE@ABV012@@Z
??0StringReader@io@dami@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringWriter@io@dami@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringWriter@io@dami@@QAE@ABV012@@Z
??0UnsyncedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0UnsyncedReader@io@dami@@QAE@ABV012@@Z
??0UnsyncedWriter@io@dami@@QAE@AAVID3_Writer@@@Z
??0UnsyncedWriter@io@dami@@QAE@ABV012@@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@I@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@II@Z
??0WindowedReader@io@dami@@QAE@ABV012@@Z
??1BStringReader@io@dami@@UAE@XZ
??1BStringWriter@io@dami@@UAE@XZ
??1CharReader@io@dami@@UAE@XZ
??1CompressedReader@io@dami@@UAE@XZ
??1ExitTrigger@io@dami@@UAE@XZ
??1ID3_FStreamWriter@@UAE@XZ
??1ID3_Field@@MAE@XZ
??1ID3_Frame@@UAE@XZ
??1ID3_FrameInfo@@QAE@XZ
??1ID3_IFStreamReader@@UAE@XZ
??1ID3_IOStreamWriter@@UAE@XZ
??1ID3_IStreamReader@@UAE@XZ
??1ID3_MemoryReader@@UAE@XZ
??1ID3_MemoryWriter@@UAE@XZ
??1ID3_OFStreamWriter@@UAE@XZ
??1ID3_OStreamWriter@@UAE@XZ
??1ID3_Tag@@UAE@XZ
??1LineFeedReader@io@dami@@UAE@XZ
??1StringReader@io@dami@@UAE@XZ
??1StringWriter@io@dami@@UAE@XZ
??1UnsyncedReader@io@dami@@UAE@XZ
??4CompressedReader@io@dami@@QAEAAV012@ABV012@@Z
??4ID3_Frame@@QAEAAV0@ABV0@@Z
??4ID3_FrameInfo@@QAEAAV0@ABV0@@Z
??4ID3_MemoryReader@@QAEAAV0@ABV0@@Z
??4ID3_MemoryWriter@@QAEAAV0@ABV0@@Z
??4ID3_Reader@@QAEAAV0@ABV0@@Z
??4ID3_Tag@@QAEAAV0@ABV0@@Z
??4ID3_Writer@@QAEAAV0@ABV0@@Z
??6ID3_Tag@@QAEAAV0@ABVID3_Frame@@@Z
??6ID3_Tag@@QAEAAV0@PBVID3_Frame@@@Z
??_7BStringReader@io@dami@@6B@
??_7BStringWriter@io@dami@@6B@
??_7CharReader@io@dami@@6B@
??_7CompressedReader@io@dami@@6B@
??_7ExitTrigger@io@dami@@6B@
??_7ID3_FStreamWriter@@6B@
??_7ID3_Field@@6B@
??_7ID3_Frame@@6B@
??_7ID3_IFStreamReader@@6B@
??_7ID3_IOStreamWriter@@6B@
??_7ID3_IStreamReader@@6B@
??_7ID3_MemoryReader@@6B@
??_7ID3_MemoryWriter@@6B@
??_7ID3_OFStreamWriter@@6B@
??_7ID3_OStreamWriter@@6B@
??_7ID3_Reader@@6B@
??_7ID3_Tag@@6B@
??_7ID3_Writer@@6B@
??_7LineFeedReader@io@dami@@6B@
??_7StringReader@io@dami@@6B@
??_7StringWriter@io@dami@@6B@
??_7UnsyncedReader@io@dami@@6B@
??_7UnsyncedWriter@io@dami@@6B@
??_7WindowedReader@io@dami@@6B@
??_FID3_Frame@@QAEXXZ
??_FID3_Tag@@QAEXXZ
?AddFrame@ID3_Tag@@QAEXABVID3_Frame@@@Z
?AddFrame@ID3_Tag@@QAEXPBVID3_Frame@@@Z
?AddFrames@ID3_Tag@@QAEXPBVID3_Frame@@I@Z
?AddNewFrame@ID3_Tag@@QAEXPAVID3_Frame@@@Z
?AttachFrame@ID3_Tag@@QAE_NPAVID3_Frame@@@Z
?Clear@ID3_Frame@@QAEXXZ
?Clear@ID3_Tag@@QAEXXZ
?Contains@ID3_Frame@@QBE_NW4ID3_FieldID@@@Z
?CreateIterator@ID3_Frame@@QAEPAVIterator@1@XZ
?CreateIterator@ID3_Frame@@QBEPAVConstIterator@1@XZ
?CreateIterator@ID3_Tag@@QAEPAVIterator@1@XZ
?CreateIterator@ID3_Tag@@QBEPAVConstIterator@1@XZ
?Description@ID3_FrameInfo@@QAEPBDW4ID3_FrameID@@@Z
?END_OF_READER@ID3_Reader@@2FB
?END_OF_WRITER@ID3_Writer@@2FB
?Field@ID3_Frame@@QBEAAVID3_Field@@W4ID3_FieldID@@@Z
?FieldFlags@ID3_FrameInfo@@QAEGW4ID3_FrameID@@H@Z
?FieldSize@ID3_FrameInfo@@QAEIW4ID3_FrameID@@H@Z
?FieldType@ID3_FrameInfo@@QAE?AW4ID3_FieldType@@W4ID3_FrameID@@H@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@I@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@PBD@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@PB_W@Z
?GetAppendedBytes@ID3_Tag@@QBEIXZ
?GetCompression@ID3_Frame@@QBE_NXZ
?GetDataSize@ID3_Frame@@QBEIXZ
?GetDescription@ID3_Frame@@QBEPBDXZ
?GetDescription@ID3_Frame@@SAPBDW4ID3_FrameID@@@Z
?GetEncryptionID@ID3_Frame@@QBEEXZ
?GetExperimental@ID3_Tag@@QBE_NXZ
?GetExtendedHeader@ID3_Tag@@QBE_NXZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
?GetFileName@ID3_Tag@@QBEPB_WXZ
?GetFileSize@ID3_Tag@@QBEIXZ
?GetGroupingID@ID3_Frame@@QBEEXZ
?GetID3Genre@@YAPBDK@Z
?GetID@ID3_Frame@@QBE?AW4ID3_FrameID@@XZ
?GetMp3HeaderInfo@ID3_Tag@@QBEPBUMp3_Headerinfo@@XZ
?GetPadding@ID3_Tag@@QAE_NXZ
?GetPrependedBytes@ID3_Tag@@QBEIXZ
?GetSpec@ID3_Frame@@QBE?AW4ID3_V2Spec@@XZ
?GetSpec@ID3_Tag@@QBE?AW4ID3_V2Spec@@XZ
?GetTextID@ID3_Frame@@QBEPBDXZ
?GetUnsync@ID3_Tag@@QBE_NXZ
?HasChanged@ID3_Frame@@QBE_NXZ
?HasChanged@ID3_Tag@@QBE_NXZ
?HasLyrics@ID3_Tag@@QBE_NXZ
?HasTagType@ID3_Tag@@QBE_NW4ID3_TagType@@@Z
?HasV1Tag@ID3_Tag@@QBE_NXZ
?HasV2Tag@ID3_Tag@@QBE_NXZ
?ID3_AddAlbum@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddArtist@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD11_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddGenre@@YAPAVID3_Frame@@PAVID3_Tag@@I_N@Z
?ID3_AddGenre@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddLyricist@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD11_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddPicture@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1W4ID3_PictureType@@1_N@Z
?ID3_AddPicture@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD3W4ID3_ContentType@@_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD3_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@_N@Z
?ID3_AddTitle@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddTrack@@YAPAVID3_Frame@@PAVID3_Tag@@EE_N@Z
?ID3_AddYear@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_FreeString@@YAXPAD@Z
?ID3_GetAlbum@@YAPADPBVID3_Tag@@@Z
?ID3_GetArtist@@YAPADPBVID3_Tag@@@Z
?ID3_GetComment@@YAPADPBVID3_Tag@@PBD@Z
?ID3_GetDescriptionOfPicType@@YAPADPAVID3_Tag@@W4ID3_PictureType@@@Z
?ID3_GetGenre@@YAPADPBVID3_Tag@@@Z
?ID3_GetGenreNum@@YAIPBVID3_Tag@@@Z
?ID3_GetLyricist@@YAPADPBVID3_Tag@@@Z
?ID3_GetLyrics@@YAPADPBVID3_Tag@@@Z
?ID3_GetMimeTypeOfPicType@@YAPADPAVID3_Tag@@W4ID3_PictureType@@@Z
?ID3_GetPictureData@@YAHPBVID3_Tag@@PBD@Z
?ID3_GetPictureDataOfPicType@@YAIPAVID3_Tag@@PAPAXW4ID3_PictureType@@@Z
?ID3_GetPictureDataOfPicType@@YAIPAVID3_Tag@@PBDW4ID3_PictureType@@@Z
?ID3_GetPictureMimeType@@YAPADPBVID3_Tag@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@I@Z
?ID3_GetSyncLyrics@@YAPAVID3_Frame@@PBVID3_Tag@@PBD1AAPBEAAI@Z
?ID3_GetTitle@@YAPADPBVID3_Tag@@@Z
?ID3_GetTrack@@YAPADPBVID3_Tag@@@Z
?ID3_GetTrackNum@@YAIPBVID3_Tag@@@Z
?ID3_GetYear@@YAPADPBVID3_Tag@@@Z
?ID3_HasPicture@@YA_NPBVID3_Tag@@@Z
?ID3_IsTagHeader@@YAHQBE@Z
?ID3_RemoveAlbums@@YAIPAVID3_Tag@@@Z
?ID3_RemoveArtists@@YAIPAVID3_Tag@@@Z
?ID3_RemoveComments@@YAIPAVID3_Tag@@PBD@Z
?ID3_RemoveDiscs@@YAIPAVID3_Tag@@@Z
?ID3_RemoveGenres@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyricist@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyrics@@YAIPAVID3_Tag@@@Z
?ID3_RemovePictureType@@YAIPAVID3_Tag@@W4ID3_PictureType@@@Z
?ID3_RemovePictures@@YAIPAVID3_Tag@@@Z
?ID3_RemoveRatings@@YAIPAVID3_Tag@@@Z
?ID3_RemoveTitles@@YAIPAVID3_Tag@@@Z
?ID3_RemoveTracks@@YAIPAVID3_Tag@@@Z
?ID3_RemoveYears@@YAIPAVID3_Tag@@@Z
?IsV2Tag@ID3_Tag@@SAIAAVID3_Reader@@@Z
?IsV2Tag@ID3_Tag@@SAIPBE@Z
?Link@ID3_Tag@@QAEIAAVID3_Reader@@G@Z
?Link@ID3_Tag@@QAEIPB_WG@Z
?Link@ID3_Tag@@QAEIPB_W_N1@Z
?LongName@ID3_FrameInfo@@QAEPADW4ID3_FrameID@@@Z
?MaxFrameID@ID3_FrameInfo@@QAEHXZ
?NumFields@ID3_Frame@@QBEIXZ
?NumFields@ID3_FrameInfo@@QAEHW4ID3_FrameID@@@Z
?NumFrames@ID3_Tag@@QBEIXZ
?Parse@ID3_Frame@@QAE_NAAVID3_Reader@@@Z
?Parse@ID3_Tag@@QAEIPBEI@Z
?Parse@ID3_Tag@@QAEIQBEPBE@Z
?Parse@ID3_Tag@@QAE_NAAVID3_Reader@@@Z
?RemoveFrame@ID3_Tag@@QAEPAVID3_Frame@@PBV2@@Z
?Render@ID3_Frame@@QBEXAAVID3_Writer@@@Z
?Render@ID3_Tag@@QBEIAAVID3_Writer@@W4ID3_TagType@@@Z
?Render@ID3_Tag@@QBEIPAEW4ID3_TagType@@@Z
?RenderID3@@YAHPAUID3Helper@@HPAHPAPAD@Z
?RenderID3_FreeBuffer@@YAXPAD@Z
?SetCompression@ID3_Frame@@QAE_N_N@Z
?SetCompression@ID3_Tag@@QAEX_N@Z
?SetEncryptionID@ID3_Frame@@QAE_NE@Z
?SetExperimental@ID3_Tag@@QAE_N_N@Z
?SetExtendedHeader@ID3_Tag@@QAE_N_N@Z
?SetGroupingID@ID3_Frame@@QAE_NE@Z
?SetID@ID3_Frame@@QAE_NW4ID3_FrameID@@@Z
?SetPadding@ID3_Tag@@QAE_N_N@Z
?SetSpec@ID3_Frame@@QAE_NW4ID3_V2Spec@@@Z
?SetSpec@ID3_Tag@@QAE_NW4ID3_V2Spec@@@Z
?SetUnsync@ID3_Tag@@QAE_N_N@Z
?ShortName@ID3_FrameInfo@@QAEPADW4ID3_FrameID@@@Z
?Size@ID3_Frame@@QAEIXZ
?Size@ID3_Tag@@QBEIXZ
?Strip@ID3_Tag@@QAEGG@Z
?Update@ID3_Tag@@QAEGG@Z
?WriteID3V1@@YAXPB_WPAUID3Helper@@@Z
?atEnd@BStringReader@io@dami@@UAE_NXZ
?atEnd@ID3_Reader@@UAE_NXZ
?atEnd@ID3_Writer@@UAE_NXZ
?atEnd@StringReader@io@dami@@UAE_NXZ
?close@BStringReader@io@dami@@UAEXXZ
?close@BStringWriter@io@dami@@UAEXXZ
?close@CharReader@io@dami@@UAEXXZ
?close@ID3_FStreamWriter@@UAEXXZ
?close@ID3_IFStreamReader@@UAEXXZ
?close@ID3_IOStreamWriter@@UAEXXZ
?close@ID3_IStreamReader@@UAEXXZ
?close@ID3_MemoryReader@@UAEXXZ
?close@ID3_MemoryWriter@@UAEXXZ
?close@ID3_OFStreamWriter@@UAEXXZ
?close@ID3_OStreamWriter@@UAEXXZ
?close@StringReader@io@dami@@UAEXXZ
?close@StringWriter@io@dami@@UAEXXZ
?close@UnsyncedWriter@io@dami@@UAEXXZ
?close@WindowedReader@io@dami@@UAEXXZ
?createFile@dami@@YA?AW4ID3_Err@@PA_WAAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
?flush@BStringWriter@io@dami@@UAEXXZ
?flush@ID3_IOStreamWriter@@UAEXXZ
?flush@ID3_MemoryWriter@@UAEXXZ
?flush@ID3_OStreamWriter@@UAEXXZ
?flush@StringWriter@io@dami@@UAEXXZ
?flush@UnsyncedWriter@io@dami@@UAEXXZ
?getAlbum@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getArtist@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getBeg@BStringReader@io@dami@@UAEIXZ
?getBeg@CharReader@io@dami@@UAEIXZ
?getBeg@ID3_IOStreamWriter@@UAEIXZ
?getBeg@ID3_IStreamReader@@UAEIXZ
?getBeg@ID3_MemoryReader@@UAEIXZ
?getBeg@ID3_MemoryWriter@@UAEIXZ
?getBeg@ID3_OStreamWriter@@UAEIXZ
?getBeg@ID3_Reader@@UAEIXZ
?getBeg@ID3_Writer@@UAEIXZ
?getBeg@StringReader@io@dami@@UAEIXZ
?getBeg@UnsyncedWriter@io@dami@@UAEIXZ
?getBeg@WindowedReader@io@dami@@UAEIXZ
?getComment@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@V45@@Z
?getCur@BStringReader@io@dami@@UAEIXZ
?getCur@BStringWriter@io@dami@@UAEIXZ
?getCur@CharReader@io@dami@@UAEIXZ
?getCur@ID3_IOStreamWriter@@UAEIXZ
?getCur@ID3_IStreamReader@@UAEIXZ
?getCur@ID3_MemoryReader@@UAEIXZ
?getCur@ID3_MemoryWriter@@UAEIXZ
?getCur@ID3_OStreamWriter@@UAEIXZ
?getCur@StringReader@io@dami@@UAEIXZ
?getCur@StringWriter@io@dami@@UAEIXZ
?getCur@UnsyncedWriter@io@dami@@UAEIXZ
?getCur@WindowedReader@io@dami@@UAEIXZ
?getEnd@BStringReader@io@dami@@UAEIXZ
?getEnd@CharReader@io@dami@@UAEIXZ
?getEnd@ID3_IStreamReader@@UAEIXZ
?getEnd@ID3_MemoryReader@@UAEIXZ
?getEnd@ID3_MemoryWriter@@UAEIXZ
?getEnd@ID3_Reader@@UAEIXZ
?getEnd@ID3_Writer@@UAEIXZ
?getEnd@StringReader@io@dami@@UAEIXZ
?getEnd@UnsyncedWriter@io@dami@@UAEIXZ
?getEnd@WindowedReader@io@dami@@UAEIXZ
?getFileSize@dami@@YAIAAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
?getFileSize@dami@@YAIAAV?$basic_ifstream@DU?$char_traits@D@std@@@std@@@Z
?getFileSize@dami@@YAIAAV?$basic_ofstream@DU?$char_traits@D@std@@@std@@@Z
?getFrameText@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@W4ID3_FrameID@@@Z
?getGenre@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getGenreNum@v2@id3@dami@@YAIABVID3_TagImpl@@@Z
?getLyricist@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getLyrics@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getMaxSize@ID3_Writer@@UAEIXZ
?getNumSyncs@UnsyncedWriter@io@dami@@QBEIXZ
?getReader@ID3_IStreamReader@@IBEAAV?$basic_istream@DU?$char_traits@D@std@@@std@@XZ
?getSize@ID3_Writer@@UAEIXZ
?getString@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVID3_Frame@@W4ID3_FieldID@@@Z
?getStringAtIndex@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVID3_Frame@@W4ID3_FieldID@@I@Z
?getSyncLyrics@v2@id3@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@ABVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@1@Z
?getTitle@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getTrack@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getTrackNum@v2@id3@dami@@YAIABVID3_TagImpl@@@Z
?getV1Comment@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getWriter@ID3_IOStreamWriter@@IBEAAV?$basic_iostream@DU?$char_traits@D@std@@@std@@XZ
?getWriter@ID3_OStreamWriter@@IBEAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@XZ
?getYear@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?hasAlbum@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasArtist@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasComment@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasGenre@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasLyrics@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasSyncLyrics@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
?hasTitle@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasTrack@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasV1Comment@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?hasYear@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?inWindow@WindowedReader@io@dami@@AAE_NI@Z
?inWindow@WindowedReader@io@dami@@QAE_NXZ
?openReadableFile@dami@@YA?AW4ID3_Err@@PA_WAAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
?openReadableFile@dami@@YA?AW4ID3_Err@@PA_WAAV?$basic_ifstream@DU?$char_traits@D@std@@@std@@@Z
?openWritableFile@dami@@YA?AW4ID3_Err@@PA_WAAV?$basic_fstream@DU?$char_traits@D@std@@@std@@@Z
?openWritableFile@dami@@YA?AW4ID3_Err@@PA_WAAV?$basic_ofstream@DU?$char_traits@D@std@@@std@@@Z
?peekChar@BStringReader@io@dami@@UAEFXZ
?peekChar@CharReader@io@dami@@UAEFXZ
?peekChar@ID3_IStreamReader@@UAEFXZ
?peekChar@ID3_MemoryReader@@UAEFXZ
?peekChar@StringReader@io@dami@@UAEFXZ
?peekChar@WindowedReader@io@dami@@UAEFXZ
?readAllBinary@io@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@AAVID3_Reader@@@Z
?readBENumber@io@dami@@YAIAAVID3_Reader@@I@Z
?readBinary@io@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@AAVID3_Reader@@I@Z
?readChar@ID3_Reader@@UAEFXZ
?readChar@LineFeedReader@io@dami@@UAEFXZ
?readChar@UnsyncedReader@io@dami@@UAEFXZ
?readChar@WindowedReader@io@dami@@UAEFXZ
?readChars@BStringReader@io@dami@@UAEIQADI@Z
?readChars@BStringReader@io@dami@@UAEIQAEI@Z
?readChars@CharReader@io@dami@@UAEIQADI@Z
?readChars@CharReader@io@dami@@UAEIQAEI@Z
?readChars@ID3_IStreamReader@@UAEIQADI@Z
?readChars@ID3_IStreamReader@@UAEIQAEI@Z
?readChars@ID3_MemoryReader@@UAEIQADI@Z
?readChars@ID3_MemoryReader@@UAEIQAEI@Z
?readChars@ID3_Reader@@UAEIQADI@Z
?readChars@StringReader@io@dami@@UAEIQADI@Z
?readChars@StringReader@io@dami@@UAEIQAEI@Z
?readChars@WindowedReader@io@dami@@UAEIQADI@Z
?readChars@WindowedReader@io@dami@@UAEIQAEI@Z
?readLENumber@io@dami@@YAIAAVID3_Reader@@I@Z
?readString@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@@Z
?readText@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?readTrailingSpaces@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?readUInt28@io@dami@@YAIAAVID3_Reader@@@Z
?readUnicodeString@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@@Z
?readUnicodeText@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?release@ExitTrigger@io@dami@@QAEXXZ
?remainingBytes@ID3_Reader@@UAEIXZ
?removeAlbums@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeAllComments@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeArtists@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeComments@v2@id3@dami@@YAIAAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?removeFrames@v2@id3@dami@@YAIAAVID3_TagImpl@@W4ID3_FrameID@@@Z
?removeGenres@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeLyricists@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeLyrics@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeTitles@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeTracks@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeYears@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?renderNumber@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@II@Z
?renderNumber@dami@@YAIPAEII@Z
?setAlbum@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setArtist@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setBeg@WindowedReader@io@dami@@QAEII@Z
?setBuffer@ID3_MemoryReader@@IAEXPBEI@Z
?setBuffer@ID3_MemoryWriter@@IAEXPAEI@Z
?setComment@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?setCur@BStringReader@io@dami@@UAEII@Z
?setCur@CharReader@io@dami@@UAEII@Z
?setCur@ID3_IStreamReader@@UAEII@Z
?setCur@ID3_MemoryReader@@UAEII@Z
?setCur@StringReader@io@dami@@UAEII@Z
?setCur@WindowedReader@io@dami@@UAEII@Z
?setEnd@WindowedReader@io@dami@@QAEII@Z
?setExitPos@ExitTrigger@io@dami@@QAEXI@Z
?setFrameText@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@W4ID3_FrameID@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setGenre@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@I@Z
?setLyricist@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setLyrics@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?setSyncLyrics@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@W4ID3_TimeStampFormat@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@7@3W4ID3_ContentType@@@Z
?setTitle@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setTrack@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@EE@Z
?setWindow@WindowedReader@io@dami@@QAEXII@Z
?setYear@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?skipChars@BStringReader@io@dami@@UAEII@Z
?skipChars@ID3_Reader@@UAEII@Z
?skipChars@StringReader@io@dami@@UAEII@Z
?toString@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?toWString@dami@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QB_WI@Z
?ucslen@dami@@YAIPB_W@Z
?update@ExitTrigger@io@dami@@QAEXXZ
?writeBENumber@io@dami@@YAIAAVID3_Writer@@II@Z
?writeChar@ID3_IOStreamWriter@@UAEFE@Z
?writeChar@ID3_OStreamWriter@@UAEFE@Z
?writeChar@ID3_Writer@@UAEFE@Z
?writeChar@UnsyncedWriter@io@dami@@UAEFE@Z
?writeChars@BStringWriter@io@dami@@UAEIQBDI@Z
?writeChars@BStringWriter@io@dami@@UAEIQBEI@Z
?writeChars@ID3_IOStreamWriter@@UAEIQBDI@Z
?writeChars@ID3_IOStreamWriter@@UAEIQBEI@Z
?writeChars@ID3_MemoryWriter@@UAEIQBDI@Z
?writeChars@ID3_MemoryWriter@@UAEIQBEI@Z
?writeChars@ID3_OStreamWriter@@UAEIQBDI@Z
?writeChars@ID3_OStreamWriter@@UAEIQBEI@Z
?writeChars@ID3_Writer@@UAEIQBDI@Z
?writeChars@StringWriter@io@dami@@UAEIQBDI@Z
?writeChars@StringWriter@io@dami@@UAEIQBEI@Z
?writeChars@UnsyncedWriter@io@dami@@UAEIQBDI@Z
?writeChars@UnsyncedWriter@io@dami@@UAEIQBEI@Z
?writeString@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeText@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeTrailingSpaces@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?writeUInt28@io@dami@@YAIAAVID3_Writer@@I@Z
?writeUnicodeString@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?writeUnicodeText@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
ID3Field_AddASCII
ID3Field_AddUNICODE
ID3Field_Clear
ID3Field_FromFile
ID3Field_GetASCII
ID3Field_GetASCIIItem
ID3Field_GetBINARY
ID3Field_GetINT
ID3Field_GetNumTextItems
ID3Field_GetUNICODE
ID3Field_GetUNICODEItem
ID3Field_SetASCII
ID3Field_SetBINARY
ID3Field_SetINT
ID3Field_SetUNICODE
ID3Field_Size
ID3Field_ToFile
ID3Frame_Clear
ID3Frame_Delete
ID3Frame_GetCompression
ID3Frame_GetField
ID3Frame_GetID
ID3Frame_New
ID3Frame_NewID
ID3Frame_SetCompression
ID3Frame_SetID
ID3TagConstIterator_Delete
ID3TagConstIterator_GetNext
ID3TagIterator_Delete
ID3TagIterator_GetNext
ID3Tag_AddFrame
ID3Tag_AddFrames
ID3Tag_AttachFrame
ID3Tag_Clear
ID3Tag_CreateConstIterator
ID3Tag_CreateIterator
ID3Tag_Delete
ID3Tag_FindFrameWithASCII
ID3Tag_FindFrameWithID
ID3Tag_FindFrameWithINT
ID3Tag_FindFrameWithUNICODE
ID3Tag_HasChanged

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lame.dll
.dll windows:5 windows x86 arch:x86

2f135b78a4839a8c8c3c01706f46df1f

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f0:2b:63:0c:54:11:37:90:64:97:2c:b4:18:fd:6e:d4:1f:24:d1:5e
Signer

Actual PE Digest

f0:2b:63:0c:54:11:37:90:64:97:2c:b4:18:fd:6e:d4:1f:24:d1:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msacm32

acmStreamOpen
acmStreamConvert
acmStreamPrepareHeader
acmStreamClose
acmStreamSize
acmStreamUnprepareHeader

kernel32

ResetEvent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetFileSize
CreateDirectoryW
WriteFile
CopyFileW
GetVersionExW
ReadFile
GetModuleFileNameW
CreateFileW
lstrlenW
CloseHandle
DeleteFileW
lstrcpyW
WaitForSingleObject
CreateEventW
ResumeThread
CreateThread
FindFirstFileW
FreeLibrary
SetEvent
LoadLibraryW
Sleep
GetProcAddress
MoveFileW
FindClose
GetTickCount
FindNextFileW
GetCurrentThreadId
SetFileAttributesW
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
IsDebuggerPresent

user32

MessageBoxW
CreateDialogParamW
SendDlgItemMessageW
EndDialog
SetWindowLongW
GetDlgItem
SendMessageW
wsprintfW
DialogBoxParamW
PostMessageW
DestroyWindow
PostThreadMessageW
GetWindowLongW
EnableWindow

shell32

SHGetFolderPathW

acdbase

UNC_AnsiToUnicode
UNC_freeWStr
?Delete@CWaveWriter@@QAEXXZ
?WriteData@CWaveWriter@@QAEXPAXI@Z
??1CWaveWriter@@QAE@XZ
??0CWaveWriter@@QAE@PA_W_N@Z
ID3Helper_Free
ID3Helper_Copy
ID3Helper_AddStr
?Resample@CSampleRateConverter2@@QAEKK@Z
?Init@CSampleRateConverter2@@QAEXKKKKKKKAAPAX0@Z
??1CSampleRateConverter2@@QAE@XZ
??0CSampleRateConverter2@@QAE@XZ
?Read@CWaveReader@@QAEXPAXI@Z
?GetLength@CWaveReader@@QAEKXZ
?GetWaveFormat@CWaveReader@@QAEKAAPAUtWAVEFORMATEX@@@Z
ID3Helper_GetStr
UNC_Utf8ToAnsi
UNC_UnicodeToUtf8
ID3Helper_PutData
ID3Helper_FreeBinary
ID3Helper_GetDword
ID3Helper_AddBinary
ID3Helper_GetBinary
UNC_Utf8ToUnicode
UNC_AnsiToUtf8
UNC_ChangeEndian
ID3Helper_Alloc
?Deinit@CSampleRateConverter2@@QAEXXZ
ID3Helper_AddDword
UNC_freeStr
??0CWaveReader@@QAE@PA_W@Z
??1CWaveReader@@QAE@XZ

id3lib

?WriteID3V1@@YAXPB_WPAUID3Helper@@@Z
?RenderID3@@YAHPAUID3Helper@@HPAHPAPAD@Z
?RenderID3_FreeBuffer@@YAXPAD@Z
?ID3_RemoveTracks@@YAIPAVID3_Tag@@@Z
?ID3_RemoveComments@@YAIPAVID3_Tag@@PBD@Z
?ID3_RemoveYears@@YAIPAVID3_Tag@@@Z
?ID3_RemoveGenres@@YAIPAVID3_Tag@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@@Z
?ID3_RemoveDiscs@@YAIPAVID3_Tag@@@Z
?ID3_RemoveAlbums@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyrics@@YAIPAVID3_Tag@@@Z
?GetID3Genre@@YAPBDK@Z
?ID3_GetPictureDataOfPicType@@YAIPAVID3_Tag@@PAPAXW4ID3_PictureType@@@Z
?ID3_GetGenreNum@@YAIPBVID3_Tag@@@Z
?Field@ID3_Frame@@QBEAAVID3_Field@@W4ID3_FieldID@@@Z
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
??1ID3_Frame@@UAE@XZ
??0ID3_Frame@@QAE@W4ID3_FrameID@@@Z
?ID3_RemoveTitles@@YAIPAVID3_Tag@@@Z
?ID3_RemoveRatings@@YAIPAVID3_Tag@@@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Link@ID3_Tag@@QAEIPB_WG@Z
?RemoveFrame@ID3_Tag@@QAEPAVID3_Frame@@PBV2@@Z
?AttachFrame@ID3_Tag@@QAE_NPAVID3_Frame@@@Z
?SetPadding@ID3_Tag@@QAE_N_N@Z
?SetExtendedHeader@ID3_Tag@@QAE_N_N@Z
?SetUnsync@ID3_Tag@@QAE_N_N@Z
?Size@ID3_Tag@@QBEIXZ
??1ID3_Tag@@UAE@XZ
??0ID3_Tag@@QAE@PB_W@Z
?ID3_RemoveArtists@@YAIPAVID3_Tag@@@Z
?ID3_RemovePictureType@@YAIPAVID3_Tag@@W4ID3_PictureType@@@Z
?Render@ID3_Tag@@QBEIPAEW4ID3_TagType@@@Z

msvcr90

_CIatan
_CIlog
_CIpow
_CxxThrowException
floor
__CxxFrameHandler3
_CIsqrt
_CIcos
_CIexp
_CIsin
_crt_debugger_hook
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__lconv_init
memcpy
memset
_errno
fprintf
_write
_memicmp
??_V@YAXPAX@Z
_chsize
_invalid_parameter_noinfo
_wcslwr
_wcsnicmp
sscanf
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_filelength
_wcsicmp
memmove_s
ftell
fwrite
fread
strncmp
vfprintf
fflush
_CIlog10
__iob_func
exit
qsort
_close
_lseek
_read
?_wopen@@YAHPB_WHH@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
rand
_vswprintf
ceil
malloc
memmove
free
calloc
fseek
_wfopen
strncpy
fclose
sprintf
??_U@YAPAXI@Z
wcsncpy
wcstol

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

ACDX_CloseConfig
ACDX_Compress
ACDX_Configure
ACDX_DeinitCompress
ACDX_GetFormat
ACDX_GetFormatSize
ACDX_InitCompress
ACDX_InitCompress2
ACDX_Initialize
ACDX_OpenConfig
ACDX_PutFormat
Decode
FreeID3Helper
GetLength
InitDecode
LAMEInit
MP3Decode
MP3Decode2
ReadID3
WaveDecode
WinampMPEGEOF
WriteID3

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
m4a.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
m4aplus.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
m4b.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
monkey.dll
.dll windows:5 windows x86 arch:x86

de61760d678f52fd8fb975fab1650726

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

71:e4:8e:3b:33:a8:28:28:99:e0:22:2f:67:75:63:1d:4c:8c:c3:1e
Signer

Actual PE Digest

71:e4:8e:3b:33:a8:28:28:99:e0:22:2f:67:75:63:1d:4c:8c:c3:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
CreateFileW
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange
GetCurrentThreadId

acdbase

ID3Helper_GetStr
ID3Helper_GetBinary
ID3Helper_FreeBinary
ID3Helper_Copy
ID3Helper_Free
ID3Helper_GetDword

msvcr90

memset
memmove
qsort
strncpy
_wcsicmp
_wtoi
strncmp
_CxxThrowException
free
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CxxFrameHandler3
sprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
_purecall

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize
_FillWaveFormatEx@16
_FillWaveHeader@16

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mp4.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mp4plus.dll
.dll windows:5 windows x86 arch:x86

d6f4918809a7462394a45b5437e7ec76

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

Actual PE Digest

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
lstrlenW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

ct

?CT_DeinitCompress@@YAHW4EncoderMode@@_NPAX@Z
?CT_Compress@@YAHW4EncoderMode@@PAXK1@Z
?CT_Initialize@@YA_NW4EncoderMode@@PAPAUACDXDRIVER@@@Z
?CT_InitCompress@@YAHW4EncoderMode@@PA_WKKKKPAUID3Helper@@HHPAPAX@Z

msvcr90

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_encoded_null
free
_malloc_crt
_encode_pointer
wcscmp
wcslen
_wcslwr
_adjust_fdiv

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcm90.dll
.dll windows:5 windows x86 arch:x86

2e705c0231c4d814c2d2191566905482

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcm90.i386.pdb

Imports

msvcr90

__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
__setusermatherr
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_query_new_handler@@YAP6AHI@ZXZ
signal
_invalid_parameter
_errno
_set_invalid_parameter_handler
_get_invalid_parameter_handler
?set_terminate@@YAP6AXXZP6AXXZ@Z
_get_terminate
_set_purecall_handler
_get_purecall_handler
?set_unexpected@@YAP6AXXZP6AXXZ@Z
_get_unexpected
_fpieee_flt
_cexit
strcpy_s
strlen
_exit
_XcptFilter
_endthread
_getptd
_freefls
___fls_setvalue@8
___fls_getvalue@4
__get_flsindex
__set_flsgetvalue
_dosmaperr
_initptd
calloc
_encode_pointer
memcpy_s
memcmp
memmove_s
memset
??_V@YAXPAX@Z
___mb_cur_max_func
_invalid_parameter_noinfo
_invoke_watson
_CxxThrowException
??2@YAPAXI@Z
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
abort
fgetc
fputc
ungetc
fflush
setvbuf
fwrite
fgetpos
fseek
fsetpos
fclose
__iob_func
fgetwc
fputwc
ungetwc
realloc
setlocale
sprintf_s
memcpy
___lc_handle_func
__crtGetStringTypeW
__pctype_func
___mb_cur_max_l_func
___lc_codepage_func
__crtLCMapStringW
__crtLCMapStringA
_wfsopen
mbstowcs_s
__uncaught_exception
isupper
islower
towlower
towupper
strcmp
__FrameUnwindFilter
__dllonexit
_unlock
??3@YAXPAX@Z
_ui64toa_s
_create_locale
malloc
_free_locale
_endthreadex
free

kernel32

WideCharToMultiByte
CreateThread
ResumeThread
GetLastError
ExitThread
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

ole32

CoCreateInstance

mscoree

CorBindToRuntimeEx
_CorDllMain

Exports

Exports

?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF_func@std@@YAABJXZ
?_Cerr_func@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@XZ
?_Cin_func@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@XZ
?_Clocptr_func@_Locimp@locale@std@@CAAAPAV123@XZ
?_Clog_func@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@XZ
?_Cout_func@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fpz_func@std@@YAAA_JXZ
?_Getcvt@@YA?AU_Cvtvec@@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Id_cnt_func@id@locale@std@@CAAAHXZ
?_Id_func@?$codecvt@GDH@std@@SAAAVid@locale@2@XZ
?_Id_func@?$codecvt@_WDH@std@@SAAAVid@locale@2@XZ
?_Id_func@?$ctype@D@std@@SAAAVid@locale@2@XZ
?_Id_func@?$ctype@G@std@@SAAAVid@locale@2@XZ
?_Id_func@?$ctype@_W@std@@SAAAVid@locale@2@XZ
?_Index_func@ios_base@std@@CAAAHXZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?_Init_cnt_func@Init@ios_base@std@@CAAAHXZ
?_Init_ctor@Init@ios_base@std@@CAXPAV123@@Z
?_Init_dtor@Init@ios_base@std@@CAXPAV123@@Z
?_Init_locks_ctor@_Init_locks@std@@CAXPAV12@@Z
?_Init_locks_dtor@_Init_locks@std@@CAXPAV12@@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
?_Locimp_dtor@_Locimp@locale@std@@CAXPAV123@@Z
?_Locinfo_Addcats@_Locinfo@std@@SAAAV12@PAV12@HPBD@Z
?_Locinfo_ctor@_Locinfo@std@@SAXPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?_Locinfo_ctor@_Locinfo@std@@SAXPAV12@HPBD@Z
?_Locinfo_ctor@_Locinfo@std@@SAXPAV12@PBD@Z
?_Locinfo_dtor@_Locinfo@std@@SAXPAV12@@Z
?_Lockit_ctor@_Lockit@std@@CAXPAV12@@Z
?_Lockit_ctor@_Lockit@std@@CAXPAV12@H@Z
?_Lockit_ctor@_Lockit@std@@SAXH@Z
?_Lockit_dtor@_Lockit@std@@CAXPAV12@@Z
?_Lockit_dtor@_Lockit@std@@SAXH@Z
?_Mbrtowc@@YAHPAGPBDIPAHPBU_Cvtvec@@@Z
?_Mbrtowc@@YAHPA_WPBDIPAHPBU_Cvtvec@@@Z
?_Mtxdst@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mtxinit@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mtxlock@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mtxunlock@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mutex_Lock@_Mutex@std@@CAXPAV12@@Z
?_Mutex_Unlock@_Mutex@std@@CAXPAV12@@Z
?_Mutex_ctor@_Mutex@std@@CAXPAV12@@Z
?_Mutex_dtor@_Mutex@std@@CAXPAV12@@Z
?_Nomemory@std@@YAXXZ
?_Once@@YAXPAJP6AXXZ@Z
?_Setgloballocale@locale@std@@CAXPAX@Z
?_Sync_func@ios_base@std@@CAAA_NXZ
?_Wcerr_func@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@XZ
?_Wcerr_func@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@XZ
?_Wcin_func@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@1@XZ
?_Wcin_func@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@1@XZ
?_Wclog_func@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@XZ
?_Wclog_func@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@XZ
?_Wcout_func@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@XZ
?_Wcout_func@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@XZ
?_Wcrtomb@@YAHPADGPAHPBU_Cvtvec@@@Z
?_Wcrtomb@@YAHPAD_WPAHPBU_Cvtvec@@@Z
?_Xinvarg@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
?_Xran@_String_base@std@@SAXXZ
?__Wcrtomb_lk@@YAHPAD_WPAHPBU_Cvtvec@@@Z
?__get_default_appdomain@@YAJPAPAUIUnknown@@@Z
?__query_new_handler_m@@YAP6MHI@ZXZ
?__release_appdomain@@YAXPAUIUnknown@@@Z
?_beginthread@@YAIP6MXPAX@ZI0@Z
?_beginthreadex@@YAIPAXIP6MI0@Z0IPAI@Z
?_fpieee_flt@@YAHKPAU_EXCEPTION_POINTERS@@P6MHPAU_FPIEEE_RECORD@@@Z@Z
?_set_invalid_parameter_handler@@YAP6AXPB_W00II@ZH@Z
?_set_invalid_parameter_handler@@YAP6MXPB_W00II@ZP6MX000II@Z@Z
?_set_new_handler@@YAP6MHI@ZP6MHI@Z@Z
?_set_purecall_handler@@YAP6AXXZH@Z
?_set_purecall_handler@@YAP6MXXZP6MXXZ@Z
?_uncaught_exception_m@std@@YA_NXZ
?classic@locale@std@@SAABV12@XZ
?empty@locale@std@@SA?AV12@XZ
?global@locale@std@@SA?AV12@ABV12@@Z
?resetiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?set_new_handler@std@@YAP6MXXZP6MXXZ@Z
?set_terminate@@YAP6MXXZP6MXXZ@Z
?set_unexpected@@YAP6MXXZP6MXXZ@Z
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
?setiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?setprecision@std@@YA?AU?$_Smanip@H@1@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
?signal@@YAP6MXH@ZHH@Z
?signal@@YAP6MXH@ZHP6MXH@Z@Z
__setusermatherr_m
towctrans
wctrans
wctype

Sections

.text
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp90.dll
.dll windows:5 windows x86 arch:x86

c2219f463c61f3122c87331837e12c34

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-08-2007 00:23

Not After

23-02-2009 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:c4:fe:36:f3:bd:3e:f2:64:2c:75:13:e1:a7:62:07:ef:2f:ea:bf
Signer

Actual PE Digest

e9:c4:fe:36:f3:bd:3e:f2:64:2c:75:13:e1:a7:62:07:ef:2f:ea:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp90.i386.pdb

Imports

msvcr90

fflush
setvbuf
fwrite
??0exception@std@@QAE@XZ
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
__iob_func
_wfsopen
mbstowcs_s
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
memcpy
_Strftime
strcspn
sprintf_s
abort
??0exception@std@@QAE@ABQBDH@Z
_realloc_crt
setlocale
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fputs
__uncaught_exception
ungetc
towupper
strcmp
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
_calloc_crt
islower
__crtGetStringTypeW
__crtLCMapStringW
__crtCompareStringW
isspace
tolower
strtod
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
fputc
fgetc
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
_invalid_parameter_noinfo
___mb_cur_max_func
??_V@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove_s
memcpy_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
towlower
??0exception@std@@QAE@ABQBD@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@IAE@PBDI_N1@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N1@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@IAE@PBDI_N1@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N1@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@IAE@PBDI_N1@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N1@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
??0?$allocator@G@std@@QAE@ABV01@@Z
??0?$allocator@G@std@@QAE@XZ
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@V?$_String_const_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@1@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@IAE@PBDI@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@IAE@PBDI@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@IAE@PBDI@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@IAE@PBDI@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@IAE@PBDI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@IAE@PBDI@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@IAE@PBDI@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@IAE@PBDI@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@IAE@PBDI@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@IAE@PBDI@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@IAE@PBDI@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

Sections

.text
Size: 521KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr90.dll
.dll windows:5 windows x86 arch:x86

0fda4497453286b1daa098623dfc53ce

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-08-2007 00:23

Not After

23-02-2009 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8
Signer

Actual PE Digest

4e:a2:0c:d7:08:3c:6d:9c:9c:e7:11:07:12:85:b9:f7:4e:10:16:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateFileA
FlushFileBuffers
CreatePipe
CreateFileW
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
GetFileInformationByHandle
PeekNamedPipe
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getptd
_getsystime
_getw
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
musepack.dll
.dll windows:5 windows x86 arch:x86

deb15fb5439557d5d010bcb521683f79

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b9:f5:6b:60:27:53:ac:a7:eb:fb:67:7e:c0:cb:c9:9e:6e:3b:7d:e7
Signer

Actual PE Digest

b9:f5:6b:60:27:53:ac:a7:eb:fb:67:7e:c0:cb:c9:9e:6e:3b:7d:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetACP
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryW
DeleteFileW
CreateFileW
CloseHandle
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent

acdbase

ID3Helper_GetBinary
ID3Helper_Free
ID3Helper_GetStr
ID3Helper_GetDword
ID3Helper_Copy
ID3Helper_FreeBinary

msvcr90

memset
fwrite
fseek
exit
_CIsqrt
_CIatan
_CIpow
fprintf
__iob_func
memmove
_CIlog10
_CIexp
_CIlog
free
qsort
memcpy
fclose
strncmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_wcsicmp
strncpy
_wtoi
_vswprintf
_wfopen
_purecall
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_CIsin
_CIcos
sprintf

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
notify.wav
ntaspi32.dll
.dll windows:5 windows x86 arch:x86

1091f723823a43ea88d4644fdd319484

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f9:19:78:cf:a1:07:90:c2:06:de:35:b0:ec:4a:3a:5a:e3:de:e1:58
Signer

Actual PE Digest

f9:19:78:cf:a1:07:90:c2:06:de:35:b0:ec:4a:3a:5a:e3:de:e1:58

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CreateEventA
CloseHandle
WaitForSingleObject
SetEvent
Sleep
CreateFileA
GetLastError
DeviceIoControl
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange
GetTickCount

user32

MessageBoxA
wsprintfA

msvcr90

memset
memcpy
??3@YAXPAX@Z
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
exit
sprintf
malloc
free
??2@YAPAXI@Z

Exports

Exports

EnableASPINTFeature
FreeASPI32Buffer
GetASPI32Buffer
GetASPI32DLLVersion
GetASPI32SupportInfo
LockASPINTVolume
RegisterWOWPost
SendASPI32Command
TranslateASPI32Address
WOWDispatch

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ogg.dll
.dll windows:5 windows x86 arch:x86

3ec9f360d8bd222ec493865c791b8acc

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8d:c6:a2:aa:80:6b:aa:79:88:31:c5:2f:c5:5e:a4:39:dd:16:07:69
Signer

Actual PE Digest

8d:c6:a2:aa:80:6b:aa:79:88:31:c5:2f:c5:5e:a4:39:dd:16:07:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

acdbase

ID3Helper_GetStr
ID3Helper_GetBinary
BASE64Encode
BASE64FreeMem
ID3Helper_FreeBinary
ID3Helper_GetDword

msvcr90

sprintf
rand
srand
??2@YAPAXI@Z
malloc
free
realloc
memmove
memset
floor
calloc
_CIsin
_CIatan
qsort
exit
_CIexp
_CIsqrt
_CIcos
_CIlog
??3@YAXPAX@Z
ldexp
_CIpow
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_wfopen
fwrite
memcpy
fclose
_time64
_vswprintf
ceil

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcm.dll
.dll windows:5 windows x86 arch:x86

b3836d76610c60f93cd4c10ab16e7bd3

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4e:98:2b:2c:97:58:59:3c:28:09:82:80:b5:51:33:90:6c:1b:c2:e0
Signer

Actual PE Digest

4e:98:2b:2c:97:58:59:3c:28:09:82:80:b5:51:33:90:6c:1b:c2:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
lstrlenW
lstrcpyW
GetModuleFileNameW
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange

user32

wsprintfW

acdbase

??1CWaveWriter@@QAE@XZ
?Resample@CSampleRateConverter2@@QAEKK@Z
?WriteData@CWaveWriter@@QAEXPAXI@Z
ID3Helper_Copy
?Delete@CWaveWriter@@QAEXXZ
?WriteHeader@CWaveWriter@@QAEXPAUtWAVEFORMATEX@@@Z
?Init@CSampleRateConverter2@@QAEXKKKKKKKAAPAX0@Z
ID3Helper_Free
??1CSampleRateConverter2@@QAE@XZ
??0CSampleRateConverter2@@QAE@XZ
?Deinit@CSampleRateConverter2@@QAEXXZ
??0CWaveWriter@@QAE@PA_W_N@Z

msvcr90

_close
_crt_debugger_hook
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3
_write
?_wopen@@YAHPB_WHH@Z
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_lseek

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcmdual.dll
.dll windows:5 windows x86 arch:x86

0ee4dadbd023c0c8c91c1a8b6ed9dd5d

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c3:a9:e2:fb:47:a9:4a:49:61:6b:80:69:82:05:78:62:5c:73:cf:9d
Signer

Actual PE Digest

c3:a9:e2:fb:47:a9:4a:49:61:6b:80:69:82:05:78:62:5c:73:cf:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
InterlockedExchange

user32

wsprintfW

acdbase

??1CWaveWriter@@QAE@XZ
?Resample@CSampleRateConverter2@@QAEKK@Z
?WriteData@CWaveWriter@@QAEXPAXI@Z
ID3Helper_Copy
?Delete@CWaveWriter@@QAEXXZ
?WriteHeader@CWaveWriter@@QAEXPAUtWAVEFORMATEX@@@Z
?Init@CSampleRateConverter2@@QAEXKKKKKKKAAPAX0@Z
ID3Helper_Free
??1CSampleRateConverter2@@QAE@XZ
??0CSampleRateConverter2@@QAE@XZ
?Deinit@CSampleRateConverter2@@QAEXXZ
??0CWaveWriter@@QAE@PA_W_N@Z

msvcr90

_close
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3
_write
?_wopen@@YAHPB_WHH@Z
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_lseek

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 710B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
register32.exe
.exe windows:5 windows x86 arch:x86

5d001a4afba8ee64b3dbf0eeec6de605

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:c6:c4:1c:de:bf:6f:0a:81:53:37:79:03:0e:9d:83:c7:a6:37:34
Signer

Actual PE Digest

73:c6:c4:1c:de:bf:6f:0a:81:53:37:79:03:0e:9d:83:c7:a6:37:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\out\register32.pdb

Imports

kernel32

lstrcatW
lstrcmpiW
GetCommandLineW
GetProcAddress
lstrlenW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
lstrcpyW

user32

wsprintfW

shell32

CommandLineToArgvW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteValueW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
register64.exe
.exe windows:5 windows x64 arch:x64

5d001a4afba8ee64b3dbf0eeec6de605

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

12:77:cc:e7:52:a4:76:31:93:57:25:ba:7e:b6:59:c3:6c:62:c5:39
Signer

Actual PE Digest

12:77:cc:e7:52:a4:76:31:93:57:25:ba:7e:b6:59:c3:6c:62:c5:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\out\register64.pdb

Imports

kernel32

lstrcatW
lstrcmpiW
GetCommandLineW
GetProcAddress
lstrlenW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
lstrcpyW

user32

wsprintfW

shell32

CommandLineToArgvW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteValueW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
waveout.dll
.dll windows:5 windows x86 arch:x86

59cd86de179be14b479801ed306ea31b

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:66:93:36:62:3d:f4:8a:b9:83:28:29:3c:16:88:c6:13:53:14:12
Signer

Actual PE Digest

62:66:93:36:62:3d:f4:8a:b9:83:28:29:3c:16:88:c6:13:53:14:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutWrite
waveOutOpen
waveOutPrepareHeader

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
SetThreadPriority
GetCurrentThread
CreateEventA
WaitForSingleObject
CloseHandle
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId

msvcr90

_encoded_null
free
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_malloc_crt
_encode_pointer
??3@YAXPAX@Z
memcpy
memset
??2@YAPAXI@Z
_decode_pointer

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wavpack.dll
.dll windows:5 windows x86 arch:x86

c5c8c31c8178eff30fed3540d90635aa

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:dd:26:08:9c:f3:dd:b3:04:fa:f9:88:74:1c:85:bb:b5:51:1e:e6
Signer

Actual PE Digest

09:dd:26:08:9c:f3:dd:b3:04:fa:f9:88:74:1c:85:bb:b5:51:1e:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetACP
MultiByteToWideChar
CloseHandle
CreateDirectoryW
CreateFileW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
DeleteFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

acdbase

ID3Helper_GetStr
ID3Helper_GetBinary
ID3Helper_FreeBinary
ID3Helper_Copy
ID3Helper_Free
ID3Helper_GetDword

msvcr90

qsort
sprintf
_wcsicmp
strncpy
_wtoi
isdigit
free
malloc
floor
realloc
memmove
ferror
fread
fwrite
_fileno
ftell
fseek
ungetc
fclose
_chsize
fflush
_wremove
_vswprintf
_wfopen
_purecall
_fstat64i32
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
memcpy
memset
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
strncmp

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wma9.dll
.dll windows:5 windows x86 arch:x86

34ce92ca7e490e48b6e8e140f2f49b71

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7e:86:90:c4:27:2a:d7:07:01:ec:7a:f7:37:51:b5:35:6d:5d:8d:f2
Signer

Actual PE Digest

7e:86:90:c4:27:2a:d7:07:01:ec:7a:f7:37:51:b5:35:6d:5d:8d:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateWriter
WMCreateProfileManager

msvcr90

__CppXcptFilter
__clean_type_info_names_internal
_adjust_fdiv
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
??_U@YAPAXI@Z
memcpy
_unlock

kernel32

CreateDirectoryW
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DeleteFileW
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

wsprintfW

acdbase

ID3Helper_GetBinary
UNC_Utf8ToUnicode
UNC_freeWStr
ID3Helper_GetStr
ID3Helper_GetDword
ID3Helper_FreeBinary

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wma91.dll
.dll windows:5 windows x86 arch:x86

34ce92ca7e490e48b6e8e140f2f49b71

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:6e:e7:10:36:a3:79:d8:8a:54:fe:dc:f8:4c:24:6b:9f:12:53:cd
Signer

Actual PE Digest

2b:6e:e7:10:36:a3:79:d8:8a:54:fe:dc:f8:4c:24:6b:9f:12:53:cd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateWriter
WMCreateProfileManager

msvcr90

__CppXcptFilter
__clean_type_info_names_internal
_adjust_fdiv
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
??_U@YAPAXI@Z
memcpy
_unlock

kernel32

CreateDirectoryW
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DeleteFileW
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

wsprintfW

acdbase

ID3Helper_GetBinary
UNC_Utf8ToUnicode
UNC_freeWStr
ID3Helper_GetStr
ID3Helper_GetDword
ID3Helper_FreeBinary

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wma92.dll
.dll windows:5 windows x86 arch:x86

34ce92ca7e490e48b6e8e140f2f49b71

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30-12-2009 00:00

Not After

29-12-2012 23:59

Subject

CN=Poikosoft,O=Poikosoft,POSTALCODE=33560,STREET=Kivitaltankatu 5 E 9,L=Tampere,ST=n/a,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

85:87:5e:e0:f0:d8:ee:64:9d:cc:9b:a3:be:9c:49:58:e9:1a:cd:59
Signer

Actual PE Digest

85:87:5e:e0:f0:d8:ee:64:9d:cc:9b:a3:be:9c:49:58:e9:1a:cd:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateWriter
WMCreateProfileManager

msvcr90

__CppXcptFilter
__clean_type_info_names_internal
_adjust_fdiv
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
??_U@YAPAXI@Z
memcpy
_unlock

kernel32

CreateDirectoryW
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DeleteFileW
lstrlenW
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

wsprintfW

acdbase

ID3Helper_GetBinary
UNC_Utf8ToUnicode
UNC_freeWStr
ID3Helper_GetStr
ID3Helper_GetDword
ID3Helper_FreeBinary

Exports

Exports

ACDX_Compress
ACDX_DeinitCompress
ACDX_InitCompress
ACDX_Initialize

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 12KB - Virtual size: 12KB

1ba6926a1ee4e4cda118768081f528d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 503B

.data Size: 512B - Virtual size: 828B

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 512B - Virtual size: 166B

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 992B

.rdata Size: 1024B - Virtual size: 839B

.data Size: 512B - Virtual size: 336B

.reloc Size: 512B - Virtual size: 220B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 503B

.data
Size: 512B - Virtual size: 828B

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 512B - Virtual size: 166B

.text
Size: 1024B - Virtual size: 992B

.rdata
Size: 1024B - Virtual size: 839B

.data
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

CODE
Size: 13KB - Virtual size: 13KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 906B

.edata
Size: 512B - Virtual size: 89B

.reloc
Size: 1024B - Virtual size: 880B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 864B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 446B

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

33:42:b3:9a:f7:17:a7:17:a7:9f:45:ab:bf:4d:57:8a
Certificate

43:45:53:45:f1:48:df:82:76:5b:e2:d5:f5:4c:e1:11:ff:0c:ae:43
Signer