0ce879f13728266492e11f813f8dc021cd66ce1fe35b685c9d4293dc9dc7a203

Sharing

Copy URL

Twitter E-mail

General

Target

0ce879f13728266492e11f813f8dc021cd66ce1fe35b685c9d4293dc9dc7a203
Size

5.4MB
MD5

323ed9f0a33f5434c5c45e25982e9955
SHA1

9b10f72a403832561f77b282582fc31da81bba4b
SHA256

0ce879f13728266492e11f813f8dc021cd66ce1fe35b685c9d4293dc9dc7a203
SHA512

df5763deadd405ec8c20a26b44399973d5540d04258134875f8e9441a24326384200bebba644851ad7a26077d1771a16431f14dd264bc6987c77e8f6b2202f8e
SSDEEP

98304:209Ziy8P85sba5PoZ3WVDGGFoZH1WIpSNDPFL07nmZxy4hAMJhJEnKHO6c3:2YnIaGdyeONPF47nmZxywAtnz6c3

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/AccessControl.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/nsExec.dll
unpack002/$PLUGINSDIR/nsProcess.dll
unpack002/$PROGRAMFILES/HCA/HCAServiSign/HCA/CSHIS.dll
unpack002/$PROGRAMFILES/HCA/HCAServiSign/HCA/CsHis30.dll
unpack002/$PROGRAMFILES/HCA/HCAServiSign/HCA/CsHis50.dll
unpack002/$WINDIR/System32/CSHIS.dll
unpack002/$WINDIR/System32/CsHis30.dll
unpack002/$WINDIR/System32/CsHis50.dll
unpack002/$WINDIR/System32/HCACSAPI.dll
unpack002/$WINDIR/System32/HCACSPKCS11.dll
unpack002/$WINDIR/System32/HCAPKCS11.dll
unpack002/$WINDIR/System32/HCAUtility.dll
unpack002/HCA/HCAAPISVI.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsExec.dll

Files

0ce879f13728266492e11f813f8dc021cd66ce1fe35b685c9d4293dc9dc7a203
.zip
HCAServiSignAdapterSetup_1.0.23.1227.exe
.exe windows:4 windows x86 arch:x86

1f23f452093b5c1ff091a2f9fb4fa3e9

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:d9:99:cc:1d:39:a0:fe:a8:4e:47:0e:7c:29:a0:d8:2d:09:63:9c:46:2f:5c:fc:e9:4c:c1:34:57:1f:02:ad
Signer

Actual PE Digest

b9:d9:99:cc:1d:39:a0:fe:a8:4e:47:0e:7c:29:a0:d8:2d:09:63:9c:46:2f:5c:fc:e9:4c:c1:34:57:1f:02:ad

Digest Algorithm

sha256

PE Digest Matches

true

9f:02:44:26:9c:1a:4e:8a:44:6e:67:b0:3a:a4:19:51:c0:5b:2e:42
Signer

Actual PE Digest

9f:02:44:26:9c:1a:4e:8a:44:6e:67:b0:3a:a4:19:51:c0:5b:2e:42

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
SetCurrentDirectoryW
GetFileAttributesW
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
CopyFileW
GetShortPathNameW
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
MoveFileW
GetFullPathNameW
SetFileTime
SearchPathW
CompareFileTime
lstrcmpW
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalUnlock
GetDiskFreeSpaceW
GlobalAlloc
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
lstrlenA
MulDiv
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW

user32

GetSystemMenu
SetClassLongW
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
GetDC
SetTimer
SetWindowTextW
LoadImageW
SetForegroundWindow
ShowWindow
IsWindow
SetWindowLongW
FindWindowExW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
EndPaint
CreateDialogParamW
SendMessageTimeoutW
wsprintfW
PostQuitMessage

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AccessControl.dll
.dll windows:4 windows x86 arch:x86

50c8f5ff7efcfab29d0d699e5f7a53fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetCurrentProcess
LocalAlloc
LoadLibraryA
GetProcAddress
GetLastError
lstrlenW
lstrcpyW
LocalFree
GetFileAttributesW
CloseHandle
lstrcatW
lstrcmpiW
GlobalFree
lstrcpynW

user32

wsprintfW

advapi32

SetNamedSecurityInfoW
RegOpenKeyExW
GetSidSubAuthorityCount
RegSetKeySecurity
IsValidSid
SetSecurityDescriptorGroup
SetEntriesInAclW
GetSecurityDescriptorOwner
GetUserNameW
GetSidSubAuthority
OpenProcessToken
SetSecurityDescriptorOwner
GetSidIdentifierAuthority
GetNamedSecurityInfoW
RegGetKeySecurity
AdjustTokenPrivileges
InitializeSecurityDescriptor
LookupAccountNameW
RegCloseKey
GetSecurityDescriptorGroup
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
LookupAccountSidW
LookupPrivilegeValueW

Exports

Exports

ClearOnFile
ClearOnRegKey
DenyOnFile
DenyOnRegKey
DisableFileInheritance
DisableRegKeyInheritance
EnableFileInheritance
EnableRegKeyInheritance
GetCurrentUserName
GetFileGroup
GetFileOwner
GetRegKeyGroup
GetRegKeyOwner
GrantOnFile
GrantOnRegKey
NameToSid
RevokeOnFile
RevokeOnRegKey
SetFileGroup
SetFileOwner
SetOnFile
SetOnRegKey
SetRegKeyGroup
SetRegKeyOwner
SidToName

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

e26d7460d0c04056b9226a899477ba4d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

af:bc:1f:72:32:88:d5:a0:64:b4:1c:9c:a3:aa:de:14:fd:67:bc:6f:7e:c4:79:53:dd:53:b9:4d:f0:13:b6:4c
Signer

Actual PE Digest

af:bc:1f:72:32:88:d5:a0:64:b4:1c:9c:a3:aa:de:14:fd:67:bc:6f:7e:c4:79:53:dd:53:b9:4d:f0:13:b6:4c

Digest Algorithm

sha256

PE Digest Matches

true

72:91:b3:c9:77:0e:4d:88:34:9d:40:37:fc:5b:28:71:ed:f4:e2:c8
Signer

Actual PE Digest

72:91:b3:c9:77:0e:4d:88:34:9d:40:37:fc:5b:28:71:ed:f4:e2:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
CloseHandle
OpenProcess
LoadLibraryW
GetProcAddress
GetVersionExW
GlobalFree
lstrcpyW
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
WriteFile
VirtualAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers

Exports

Exports

FindProc

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

d806a080e21508dd768fa70be247d2ae

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be
Signer

Actual PE Digest

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be

Digest Algorithm

sha256

PE Digest Matches

true

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93
Signer

Actual PE Digest

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetVersionExW
GlobalFree
lstrcpyW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA

Exports

Exports

KillProc

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/liteFirewall.dll
.dll windows:5 windows x86 arch:x86

d581909bbb46b6bf2b16e48b9e3dd1d6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:08:60:ba:d0:72:9f:1e:88:d6:24:43:d6:f3:98:06
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

03/07/2017, 00:00

Not After

03/07/2018, 23:59

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074873696e636875,1.3.6.1.4.1.311.60.2.1.2=#130654616977616e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:08:60:ba:d0:72:9f:1e:88:d6:24:43:d6:f3:98:06
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

03/07/2017, 00:00

Not After

03/07/2018, 23:59

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074873696e636875,1.3.6.1.4.1.311.60.2.1.2=#130654616977616e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4a:9b:20:b4:97:94:5b:c9:ee:0c:6b:a8:b0:19:c9:8b:fd:cd:a7:8c:6a:97:67:0c:91:fb:ed:55:9f:57:36:ee
Signer

Actual PE Digest

4a:9b:20:b4:97:94:5b:c9:ee:0c:6b:a8:b0:19:c9:8b:fd:cd:a7:8c:6a:97:67:0c:91:fb:ed:55:9f:57:36:ee

Digest Algorithm

sha256

PE Digest Matches

true

eb:78:ca:ba:62:ed:7c:c4:ef:96:a1:93:98:43:13:97:c5:55:83:dc
Signer

Actual PE Digest

eb:78:ca:ba:62:ed:7c:c4:ef:96:a1:93:98:43:13:97:c5:55:83:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfW

ole32

CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleRun
CoCreateInstance
CoInitialize
CoInitializeEx

oleaut32

GetErrorInfo
SysFreeString
SysAllocString

kernel32

DeleteCriticalSection
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
SetFilePointer
GetLocaleInfoA
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
InterlockedDecrement
HeapFree
GetProcessHeap
GetLastError
RtlUnwind
GetCurrentThreadId
GetCommandLineA
RaiseException
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
HeapSize
VirtualAlloc
HeapReAlloc
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

AddRule
RemoveRule

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d31c5eb927119d00232e4d4b0e32fcdb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
MultiByteToWideChar
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyW
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessW
GetStartupInfoW
CreatePipe
GetProcAddress
lstrcpynW
DeleteFileW
lstrcmpiW
GetCurrentProcess
lstrcatW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CopyFileW
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW
ExitProcess
GetCommandLineW
GlobalLock
GetVersion
lstrlenW

user32

SendMessageW
FindWindowExW
CharNextW
wsprintfW
CharPrevW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:5 windows x86 arch:x86

439074d1c01f7b16781bdf060930814a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc

user32

GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW

Exports

Exports

_CloseProcess
_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 927B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/HCA/HCAServiSign/HCA/CSHIS.dll
.dll windows:5 windows x86 arch:x86

1921ebf3dfa32e393609c123038d569e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSAStartup
inet_addr
connect
ioctlsocket
WSACleanup
recv
closesocket
select
socket
inet_ntop
send
WSAGetLastError
__WSAFDIsSet

kernel32

IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetStartupInfoW
HeapCreate
HeapDestroy
GetConsoleCP
GetConsoleMode
CreateFileW
LCMapStringW
FreeEnvironmentStringsW
GetSystemInfo
QueryPerformanceCounter
SetConsoleCtrlHandler
GetStringTypeW
CompareStringW
WriteConsoleW
GetProcessHeap
GetExitCodeProcess
SetEnvironmentVariableA
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
VirtualAlloc
RaiseException
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
IsValidCodePage
HeapFree
GetDriveTypeW
GetTimeZoneInformation
GetSystemTimeAsFileTime
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
lstrcmpiA
DeleteFileA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
HeapSize
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
ExitThread
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
CompareStringA
DeleteCriticalSection
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
GetModuleHandleExA
GetTickCount
CreateProcessA
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
GetLastError
WaitForSingleObject
ResetEvent
SetEvent
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetDllDirectoryA
UnmapViewOfFile
FreeLibrary
GetCurrentProcessId
CreateFileMappingA
OpenFileMappingA
CreateMutexA
MapViewOfFile
CreateEventA
lstrcpyA
GetTempPathA
CopyFileA
GetVersionExA
WideCharToMultiByte
CreateFileA
CreateThread
GetCurrentDirectoryA
GetModuleFileNameA
GetPrivateProfileStringA
GetExitCodeThread
Sleep
TerminateThread
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateProcess
OpenProcess
CloseHandle
ExitProcess
HeapReAlloc
VirtualQuery
ReadConsoleInputA
SetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
GetEnvironmentStringsW

user32

SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
CharUpperA
DestroyIcon
IsIconic
DeleteMenu
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
RealChildWindowFromPoint
UnregisterClassA
GetSystemMetrics
GetSysColorBrush
ShowOwnedPopups
SetCursor
GetMessageA
IsClipboardFormatAvailable
GetCursorPos
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
GetProcessWindowStation
GetUserObjectInformationW
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
GetWindowRgn
DestroyCursor
DrawIcon
TranslateMessage
MapDialogRect
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawFocusRect
GetWindowLongA
GetSysColor
FillRect
OffsetRect
InflateRect
CopyRect
RegisterWindowMessageA
DrawTextA
GetDesktopWindow
InvalidateRect
GetClientRect
SetTimer
EnableWindow
GetTopWindow
MessageBeep
SetDlgItemTextA
UpdateWindow
DestroyWindow
MessageBoxA
KillTimer
SendMessageA
wsprintfA
LoadCursorA

gdi32

CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
RectVisible
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
CreateFontIndirectA
EnumFontFamiliesExA
CreateHatchBrush
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
PtVisible
GetPixel
GetRgnBox
GetTextMetricsA
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
CreatePen
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextExtentPoint32A
SetBkColor
CreateFontA
SelectObject
DeleteObject
SetTextColor
Rectangle
CreateSolidBrush
TextOutA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA

shell32

DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateGuid

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

iphlpapi

GetAdaptersAddresses

hcacsapi

?HCA_GetCardType@@YGJPAXPAK@Z
?HCA_GetCardSN@@YGJPAXPAEK@Z
?HCA_GetBasicData@@YGKPAXPAEK@Z
?HCA_GetCardVersion@@YGJPAXPAK@Z
?HCA_GNFuncExec@@YGJJPAD0JJJJJPAX@Z

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

??0CCshis@@QAE@XZ
??4CCshis@@QAEAAV0@ABV0@@Z
HCA_GNFuncCall
VPNGetRandom
VPNH_Sign
VPNH_VerifySign
csCloseCom
csDisableHCAAPI
csDisableHCPIN
csEnableHCAAPI
csGetCardNo
csGetComConfig
csGetDateTime
csGetHOSPID
csGetHospAbbName
csGetHospID
csGetHospName
csGetVersion
csGetVersionEx
csHisAPI
csISSetPIN
csInputHCPIN
csOpenCom
csReScanPCSC
csReload
csSetComConfig
csSoftwareReset
csUnGetSeqNumber
csUpdateHCContents
csUpdateHCNoReset
csUploadData
csVerifyHCPIN
csVerifySAMDC
hisDeletePredeliveryData
hisGetBasicData
hisGetCardStatus
hisGetCriticalIllness
hisGetCriticalIllnessID
hisGetCumulativeData
hisGetCumulativeFee
hisGetEmergentTel
hisGetHPCType
hisGetICD10DeC
hisGetICD10EnC
hisGetInoculateData
hisGetInsurerData
hisGetLastSeqNum
hisGetOrganDonate
hisGetRegisterBasic
hisGetRegisterBasic2
hisGetRegisterPregnant
hisGetRegisterPrevent
hisGetSam0
hisGetSeqNumber
hisGetSeqNumber256
hisGetSeqNumber256N1
hisGetTreatNumICCard
hisGetTreatNumNoICCard
hisGetTreatmentNeedHPC
hisGetTreatmentNoNeedHPC
hisQuickInsurence
hisReadPrescriptAllergic
hisReadPrescriptHVE
hisReadPrescriptLongTerm
hisReadPrescriptMain
hisReadPrescription
hisWriteAllergicMedicines
hisWriteAllergicNum
hisWriteEmergentTel
hisWriteHealthInsurance
hisWriteInoculateData
hisWriteMultiPrescript
hisWriteMultiPrescriptSign
hisWriteNewBorn
hisWriteOrganDonate
hisWritePredeliveryCheckup
hisWritePrescription
hisWritePrescriptionSign
hisWriteTreatmentCode
hisWriteTreatmentData
hisWriteTreatmentFee
hpcGetAllData
hpcGetHPCCNAME
hpcGetHPCENAME
hpcGetHPCSN
hpcGetHPCSSN
hpcGetHPCStatus
hpcInputHPCPIN
hpcUnlockHPC
hpcVHPCLogout
hpcVerifyHPCPIN
hpcVerifyHPCPINR

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/HCA/HCAServiSign/HCA/CsHis30.dll
.dll windows:4 windows x86 arch:x86

bb1b7649bf9c856ca672b9db6461e960

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

socket
WSAStartup
inet_addr
connect
ioctlsocket
WSACleanup
recv
__WSAFDIsSet
send
htons
closesocket
select
WSAGetLastError

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
DeleteFileA
FindClose
FindFirstFileA
GetFullPathNameA
GetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetFileType
GetCurrentProcess
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcpynA
LocalFree
MulDiv
SetLastError
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MoveFileA
FreeLibrary
LoadLibraryA
GetProcAddress
GetTickCount
lstrcpyA
CreateFileA
GetTempPathA
CopyFileA
GetVersionExA
GetExitCodeThread
TerminateThread
CloseHandle
GetCurrentDirectoryA
GetPrivateProfileStringA
CreateThread
GetModuleFileNameA
Sleep
InterlockedExchange
GetFileInformationByHandle
PeekNamedPipe
GetDriveTypeA
GetCommandLineA

user32

GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
AdjustWindowRectEx
MapWindowPoints
LoadIconA
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
UnregisterClassA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
SetForegroundWindow
CreateDialogIndirectParamA
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
SetCursor
PostMessageA
PostQuitMessage
GetWindowLongA
FillRect
InflateRect
CopyRect
OffsetRect
DrawFocusRect
GetSysColor
RegisterWindowMessageA
DrawTextA
InvalidateRect
GetDesktopWindow
GetClientRect
SetTimer
EnableWindow
MessageBeep
KillTimer
SendMessageA
GetTopWindow
MessageBoxA
wsprintfA
SetDlgItemTextA
UpdateWindow
DestroyWindow
GetWindow
GetSystemMetrics
PeekMessageA

gdi32

CreateFontA
SelectObject
Rectangle
SetBkColor
CreateSolidBrush
CreatePen
GetTextExtentPoint32A
CreateBitmap
GetClipBox
GetObjectA
DeleteDC
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
MoveToEx
LineTo
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

Exports

Exports

??0CCIE_DLL@@QAE@XZ
??1CCIE_DLL@@UAE@XZ
??_7CCIE_DLL@@6B@
HCA_GNFuncCall
VPNGetRandom
VPNH_Sign
csCloseCom
csDisableHCPIN
csGetCardNo
csGetDateTime
csGetHospID
csGetVersion
csGetVersionEx
csHisAPI
csISSetPIN
csInputHCPIN
csOpenCom
csSoftwareReset
csUnGetSeqNumber
csUpdateHCContents
csUpdateHCNoReset
csUploadData
csVerifyHCPIN
csVerifySAMDC
hisDeletePredeliveryData
hisGetBasicData
hisGetCardStatus
hisGetCriticalIllness
hisGetCriticalIllnessID
hisGetCumulativeData
hisGetCumulativeFee
hisGetEmergentTel
hisGetHPCType
hisGetICD10DeC
hisGetICD10EnC
hisGetInoculateData
hisGetInsurerData
hisGetLastSeqNum
hisGetOrganDonate
hisGetRegisterBasic
hisGetRegisterBasic2
hisGetRegisterPregnant
hisGetRegisterPrevent
hisGetSam0
hisGetSeqNumber
hisGetSeqNumber256
hisGetSeqNumber256N1
hisGetTreatNumICCard
hisGetTreatNumNoICCard
hisGetTreatmentNeedHPC
hisGetTreatmentNoNeedHPC
hisReadPrescriptAllergic
hisReadPrescriptHVE
hisReadPrescriptLongTerm
hisReadPrescriptMain
hisReadPrescription
hisWriteAllergicMedicines
hisWriteAllergicNum
hisWriteEmergentTel
hisWriteHealthInsurance
hisWriteInoculateData
hisWriteMultiPrescript
hisWriteMultiPrescriptSign
hisWriteNewBorn
hisWriteOrganDonate
hisWritePredeliveryCheckup
hisWritePrescription
hisWritePrescriptionSign
hisWriteTreatmentCode
hisWriteTreatmentData
hisWriteTreatmentFee
hpcGetAllData
hpcGetHPCCNAME
hpcGetHPCENAME
hpcGetHPCSN
hpcGetHPCSSN
hpcGetHPCStatus
hpcInputHPCPIN
hpcUnlockHPC
hpcVerifyHPCPIN
hpcVerifyHPCPINR

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/HCA/HCAServiSign/HCA/CsHis50.dll
.dll windows:5 windows x86 arch:x86

1921ebf3dfa32e393609c123038d569e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSAStartup
inet_addr
connect
ioctlsocket
WSACleanup
recv
closesocket
select
socket
inet_ntop
send
WSAGetLastError
__WSAFDIsSet

kernel32

IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetStartupInfoW
HeapCreate
HeapDestroy
GetConsoleCP
GetConsoleMode
CreateFileW
LCMapStringW
FreeEnvironmentStringsW
GetSystemInfo
QueryPerformanceCounter
SetConsoleCtrlHandler
GetStringTypeW
CompareStringW
WriteConsoleW
GetProcessHeap
GetExitCodeProcess
SetEnvironmentVariableA
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
VirtualAlloc
RaiseException
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
IsValidCodePage
HeapFree
GetDriveTypeW
GetTimeZoneInformation
GetSystemTimeAsFileTime
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
lstrcmpiA
DeleteFileA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
HeapSize
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
ExitThread
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
CompareStringA
DeleteCriticalSection
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
GetModuleHandleExA
GetTickCount
CreateProcessA
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
GetLastError
WaitForSingleObject
ResetEvent
SetEvent
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetDllDirectoryA
UnmapViewOfFile
FreeLibrary
GetCurrentProcessId
CreateFileMappingA
OpenFileMappingA
CreateMutexA
MapViewOfFile
CreateEventA
lstrcpyA
GetTempPathA
CopyFileA
GetVersionExA
WideCharToMultiByte
CreateFileA
CreateThread
GetCurrentDirectoryA
GetModuleFileNameA
GetPrivateProfileStringA
GetExitCodeThread
Sleep
TerminateThread
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateProcess
OpenProcess
CloseHandle
ExitProcess
HeapReAlloc
VirtualQuery
ReadConsoleInputA
SetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
GetEnvironmentStringsW

user32

SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
CharUpperA
DestroyIcon
IsIconic
DeleteMenu
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
RealChildWindowFromPoint
UnregisterClassA
GetSystemMetrics
GetSysColorBrush
ShowOwnedPopups
SetCursor
GetMessageA
IsClipboardFormatAvailable
GetCursorPos
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
GetProcessWindowStation
GetUserObjectInformationW
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
GetWindowRgn
DestroyCursor
DrawIcon
TranslateMessage
MapDialogRect
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawFocusRect
GetWindowLongA
GetSysColor
FillRect
OffsetRect
InflateRect
CopyRect
RegisterWindowMessageA
DrawTextA
GetDesktopWindow
InvalidateRect
GetClientRect
SetTimer
EnableWindow
GetTopWindow
MessageBeep
SetDlgItemTextA
UpdateWindow
DestroyWindow
MessageBoxA
KillTimer
SendMessageA
wsprintfA
LoadCursorA

gdi32

CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
RectVisible
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
CreateFontIndirectA
EnumFontFamiliesExA
CreateHatchBrush
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
PtVisible
GetPixel
GetRgnBox
GetTextMetricsA
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
CreatePen
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextExtentPoint32A
SetBkColor
CreateFontA
SelectObject
DeleteObject
SetTextColor
Rectangle
CreateSolidBrush
TextOutA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA

shell32

DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateGuid

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

iphlpapi

GetAdaptersAddresses

hcacsapi

?HCA_GetCardType@@YGJPAXPAK@Z
?HCA_GetCardSN@@YGJPAXPAEK@Z
?HCA_GetBasicData@@YGKPAXPAEK@Z
?HCA_GetCardVersion@@YGJPAXPAK@Z
?HCA_GNFuncExec@@YGJJPAD0JJJJJPAX@Z

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

??0CCshis@@QAE@XZ
??4CCshis@@QAEAAV0@ABV0@@Z
HCA_GNFuncCall
VPNGetRandom
VPNH_Sign
VPNH_VerifySign
csCloseCom
csDisableHCAAPI
csDisableHCPIN
csEnableHCAAPI
csGetCardNo
csGetComConfig
csGetDateTime
csGetHOSPID
csGetHospAbbName
csGetHospID
csGetHospName
csGetVersion
csGetVersionEx
csHisAPI
csISSetPIN
csInputHCPIN
csOpenCom
csReScanPCSC
csReload
csSetComConfig
csSoftwareReset
csUnGetSeqNumber
csUpdateHCContents
csUpdateHCNoReset
csUploadData
csVerifyHCPIN
csVerifySAMDC
hisDeletePredeliveryData
hisGetBasicData
hisGetCardStatus
hisGetCriticalIllness
hisGetCriticalIllnessID
hisGetCumulativeData
hisGetCumulativeFee
hisGetEmergentTel
hisGetHPCType
hisGetICD10DeC
hisGetICD10EnC
hisGetInoculateData
hisGetInsurerData
hisGetLastSeqNum
hisGetOrganDonate
hisGetRegisterBasic
hisGetRegisterBasic2
hisGetRegisterPregnant
hisGetRegisterPrevent
hisGetSam0
hisGetSeqNumber
hisGetSeqNumber256
hisGetSeqNumber256N1
hisGetTreatNumICCard
hisGetTreatNumNoICCard
hisGetTreatmentNeedHPC
hisGetTreatmentNoNeedHPC
hisQuickInsurence
hisReadPrescriptAllergic
hisReadPrescriptHVE
hisReadPrescriptLongTerm
hisReadPrescriptMain
hisReadPrescription
hisWriteAllergicMedicines
hisWriteAllergicNum
hisWriteEmergentTel
hisWriteHealthInsurance
hisWriteInoculateData
hisWriteMultiPrescript
hisWriteMultiPrescriptSign
hisWriteNewBorn
hisWriteOrganDonate
hisWritePredeliveryCheckup
hisWritePrescription
hisWritePrescriptionSign
hisWriteTreatmentCode
hisWriteTreatmentData
hisWriteTreatmentFee
hpcGetAllData
hpcGetHPCCNAME
hpcGetHPCENAME
hpcGetHPCSN
hpcGetHPCSSN
hpcGetHPCStatus
hpcInputHPCPIN
hpcUnlockHPC
hpcVHPCLogout
hpcVerifyHPCPIN
hpcVerifyHPCPINR

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES/Mozilla Firefox/changingtec.cfg
$PROGRAMFILES/Mozilla Firefox/defaults/pref/firefox-windows-truststore.js
$PROGRAMFILES64/Mozilla Firefox/changingtec.cfg
$PROGRAMFILES64/Mozilla Firefox/defaults/pref/firefox-windows-truststore.js
$WINDIR/System32/CSHIS.dll
.dll windows:5 windows x86 arch:x86

1921ebf3dfa32e393609c123038d569e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSAStartup
inet_addr
connect
ioctlsocket
WSACleanup
recv
closesocket
select
socket
inet_ntop
send
WSAGetLastError
__WSAFDIsSet

kernel32

IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetStartupInfoW
HeapCreate
HeapDestroy
GetConsoleCP
GetConsoleMode
CreateFileW
LCMapStringW
FreeEnvironmentStringsW
GetSystemInfo
QueryPerformanceCounter
SetConsoleCtrlHandler
GetStringTypeW
CompareStringW
WriteConsoleW
GetProcessHeap
GetExitCodeProcess
SetEnvironmentVariableA
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
VirtualAlloc
RaiseException
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
IsValidCodePage
HeapFree
GetDriveTypeW
GetTimeZoneInformation
GetSystemTimeAsFileTime
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
lstrcmpiA
DeleteFileA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
HeapSize
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
ExitThread
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
CompareStringA
DeleteCriticalSection
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
GetModuleHandleExA
GetTickCount
CreateProcessA
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
GetLastError
WaitForSingleObject
ResetEvent
SetEvent
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetDllDirectoryA
UnmapViewOfFile
FreeLibrary
GetCurrentProcessId
CreateFileMappingA
OpenFileMappingA
CreateMutexA
MapViewOfFile
CreateEventA
lstrcpyA
GetTempPathA
CopyFileA
GetVersionExA
WideCharToMultiByte
CreateFileA
CreateThread
GetCurrentDirectoryA
GetModuleFileNameA
GetPrivateProfileStringA
GetExitCodeThread
Sleep
TerminateThread
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateProcess
OpenProcess
CloseHandle
ExitProcess
HeapReAlloc
VirtualQuery
ReadConsoleInputA
SetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
GetEnvironmentStringsW

user32

SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
CharUpperA
DestroyIcon
IsIconic
DeleteMenu
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
RealChildWindowFromPoint
UnregisterClassA
GetSystemMetrics
GetSysColorBrush
ShowOwnedPopups
SetCursor
GetMessageA
IsClipboardFormatAvailable
GetCursorPos
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
GetProcessWindowStation
GetUserObjectInformationW
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
GetWindowRgn
DestroyCursor
DrawIcon
TranslateMessage
MapDialogRect
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawFocusRect
GetWindowLongA
GetSysColor
FillRect
OffsetRect
InflateRect
CopyRect
RegisterWindowMessageA
DrawTextA
GetDesktopWindow
InvalidateRect
GetClientRect
SetTimer
EnableWindow
GetTopWindow
MessageBeep
SetDlgItemTextA
UpdateWindow
DestroyWindow
MessageBoxA
KillTimer
SendMessageA
wsprintfA
LoadCursorA

gdi32

CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
RectVisible
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
CreateFontIndirectA
EnumFontFamiliesExA
CreateHatchBrush
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
PtVisible
GetPixel
GetRgnBox
GetTextMetricsA
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
CreatePen
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextExtentPoint32A
SetBkColor
CreateFontA
SelectObject
DeleteObject
SetTextColor
Rectangle
CreateSolidBrush
TextOutA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA

shell32

DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateGuid

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

iphlpapi

GetAdaptersAddresses

hcacsapi

?HCA_GetCardType@@YGJPAXPAK@Z
?HCA_GetCardSN@@YGJPAXPAEK@Z
?HCA_GetBasicData@@YGKPAXPAEK@Z
?HCA_GetCardVersion@@YGJPAXPAK@Z
?HCA_GNFuncExec@@YGJJPAD0JJJJJPAX@Z

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

??0CCshis@@QAE@XZ
??4CCshis@@QAEAAV0@ABV0@@Z
HCA_GNFuncCall
VPNGetRandom
VPNH_Sign
VPNH_VerifySign
csCloseCom
csDisableHCAAPI
csDisableHCPIN
csEnableHCAAPI
csGetCardNo
csGetComConfig
csGetDateTime
csGetHOSPID
csGetHospAbbName
csGetHospID
csGetHospName
csGetVersion
csGetVersionEx
csHisAPI
csISSetPIN
csInputHCPIN
csOpenCom
csReScanPCSC
csReload
csSetComConfig
csSoftwareReset
csUnGetSeqNumber
csUpdateHCContents
csUpdateHCNoReset
csUploadData
csVerifyHCPIN
csVerifySAMDC
hisDeletePredeliveryData
hisGetBasicData
hisGetCardStatus
hisGetCriticalIllness
hisGetCriticalIllnessID
hisGetCumulativeData
hisGetCumulativeFee
hisGetEmergentTel
hisGetHPCType
hisGetICD10DeC
hisGetICD10EnC
hisGetInoculateData
hisGetInsurerData
hisGetLastSeqNum
hisGetOrganDonate
hisGetRegisterBasic
hisGetRegisterBasic2
hisGetRegisterPregnant
hisGetRegisterPrevent
hisGetSam0
hisGetSeqNumber
hisGetSeqNumber256
hisGetSeqNumber256N1
hisGetTreatNumICCard
hisGetTreatNumNoICCard
hisGetTreatmentNeedHPC
hisGetTreatmentNoNeedHPC
hisQuickInsurence
hisReadPrescriptAllergic
hisReadPrescriptHVE
hisReadPrescriptLongTerm
hisReadPrescriptMain
hisReadPrescription
hisWriteAllergicMedicines
hisWriteAllergicNum
hisWriteEmergentTel
hisWriteHealthInsurance
hisWriteInoculateData
hisWriteMultiPrescript
hisWriteMultiPrescriptSign
hisWriteNewBorn
hisWriteOrganDonate
hisWritePredeliveryCheckup
hisWritePrescription
hisWritePrescriptionSign
hisWriteTreatmentCode
hisWriteTreatmentData
hisWriteTreatmentFee
hpcGetAllData
hpcGetHPCCNAME
hpcGetHPCENAME
hpcGetHPCSN
hpcGetHPCSSN
hpcGetHPCStatus
hpcInputHPCPIN
hpcUnlockHPC
hpcVHPCLogout
hpcVerifyHPCPIN
hpcVerifyHPCPINR

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/System32/CsHis30.dll
.dll windows:4 windows x86 arch:x86

bb1b7649bf9c856ca672b9db6461e960

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

socket
WSAStartup
inet_addr
connect
ioctlsocket
WSACleanup
recv
__WSAFDIsSet
send
htons
closesocket
select
WSAGetLastError

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
DeleteFileA
FindClose
FindFirstFileA
GetFullPathNameA
GetFileAttributesA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetFileType
GetCurrentProcess
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetOEMCP
GetCPInfo
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcpynA
LocalFree
MulDiv
SetLastError
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MoveFileA
FreeLibrary
LoadLibraryA
GetProcAddress
GetTickCount
lstrcpyA
CreateFileA
GetTempPathA
CopyFileA
GetVersionExA
GetExitCodeThread
TerminateThread
CloseHandle
GetCurrentDirectoryA
GetPrivateProfileStringA
CreateThread
GetModuleFileNameA
Sleep
InterlockedExchange
GetFileInformationByHandle
PeekNamedPipe
GetDriveTypeA
GetCommandLineA

user32

GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
AdjustWindowRectEx
MapWindowPoints
LoadIconA
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
UnregisterClassA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
SetForegroundWindow
CreateDialogIndirectParamA
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
SetCursor
PostMessageA
PostQuitMessage
GetWindowLongA
FillRect
InflateRect
CopyRect
OffsetRect
DrawFocusRect
GetSysColor
RegisterWindowMessageA
DrawTextA
InvalidateRect
GetDesktopWindow
GetClientRect
SetTimer
EnableWindow
MessageBeep
KillTimer
SendMessageA
GetTopWindow
MessageBoxA
wsprintfA
SetDlgItemTextA
UpdateWindow
DestroyWindow
GetWindow
GetSystemMetrics
PeekMessageA

gdi32

CreateFontA
SelectObject
Rectangle
SetBkColor
CreateSolidBrush
CreatePen
GetTextExtentPoint32A
CreateBitmap
GetClipBox
GetObjectA
DeleteDC
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
MoveToEx
LineTo
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

Exports

Exports

??0CCIE_DLL@@QAE@XZ
??1CCIE_DLL@@UAE@XZ
??_7CCIE_DLL@@6B@
HCA_GNFuncCall
VPNGetRandom
VPNH_Sign
csCloseCom
csDisableHCPIN
csGetCardNo
csGetDateTime
csGetHospID
csGetVersion
csGetVersionEx
csHisAPI
csISSetPIN
csInputHCPIN
csOpenCom
csSoftwareReset
csUnGetSeqNumber
csUpdateHCContents
csUpdateHCNoReset
csUploadData
csVerifyHCPIN
csVerifySAMDC
hisDeletePredeliveryData
hisGetBasicData
hisGetCardStatus
hisGetCriticalIllness
hisGetCriticalIllnessID
hisGetCumulativeData
hisGetCumulativeFee
hisGetEmergentTel
hisGetHPCType
hisGetICD10DeC
hisGetICD10EnC
hisGetInoculateData
hisGetInsurerData
hisGetLastSeqNum
hisGetOrganDonate
hisGetRegisterBasic
hisGetRegisterBasic2
hisGetRegisterPregnant
hisGetRegisterPrevent
hisGetSam0
hisGetSeqNumber
hisGetSeqNumber256
hisGetSeqNumber256N1
hisGetTreatNumICCard
hisGetTreatNumNoICCard
hisGetTreatmentNeedHPC
hisGetTreatmentNoNeedHPC
hisReadPrescriptAllergic
hisReadPrescriptHVE
hisReadPrescriptLongTerm
hisReadPrescriptMain
hisReadPrescription
hisWriteAllergicMedicines
hisWriteAllergicNum
hisWriteEmergentTel
hisWriteHealthInsurance
hisWriteInoculateData
hisWriteMultiPrescript
hisWriteMultiPrescriptSign
hisWriteNewBorn
hisWriteOrganDonate
hisWritePredeliveryCheckup
hisWritePrescription
hisWritePrescriptionSign
hisWriteTreatmentCode
hisWriteTreatmentData
hisWriteTreatmentFee
hpcGetAllData
hpcGetHPCCNAME
hpcGetHPCENAME
hpcGetHPCSN
hpcGetHPCSSN
hpcGetHPCStatus
hpcInputHPCPIN
hpcUnlockHPC
hpcVerifyHPCPIN
hpcVerifyHPCPINR

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/System32/CsHis50.dll
.dll windows:5 windows x86 arch:x86

1921ebf3dfa32e393609c123038d569e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htons
WSAStartup
inet_addr
connect
ioctlsocket
WSACleanup
recv
closesocket
select
socket
inet_ntop
send
WSAGetLastError
__WSAFDIsSet

kernel32

IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetStartupInfoW
HeapCreate
HeapDestroy
GetConsoleCP
GetConsoleMode
CreateFileW
LCMapStringW
FreeEnvironmentStringsW
GetSystemInfo
QueryPerformanceCounter
SetConsoleCtrlHandler
GetStringTypeW
CompareStringW
WriteConsoleW
GetProcessHeap
GetExitCodeProcess
SetEnvironmentVariableA
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
VirtualAlloc
RaiseException
GetCommandLineA
DecodePointer
EncodePointer
RtlUnwind
IsValidCodePage
HeapFree
GetDriveTypeW
GetTimeZoneInformation
GetSystemTimeAsFileTime
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFileAttributesA
GetFileAttributesExA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
lstrcmpiA
DeleteFileA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetACP
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
HeapSize
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
ExitThread
GetPrivateProfileIntA
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
lstrcmpA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
CompareStringA
DeleteCriticalSection
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
InterlockedDecrement
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
MulDiv
lstrlenA
GetModuleHandleExA
GetTickCount
CreateProcessA
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
GetLastError
WaitForSingleObject
ResetEvent
SetEvent
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetDllDirectoryA
UnmapViewOfFile
FreeLibrary
GetCurrentProcessId
CreateFileMappingA
OpenFileMappingA
CreateMutexA
MapViewOfFile
CreateEventA
lstrcpyA
GetTempPathA
CopyFileA
GetVersionExA
WideCharToMultiByte
CreateFileA
CreateThread
GetCurrentDirectoryA
GetModuleFileNameA
GetPrivateProfileStringA
GetExitCodeThread
Sleep
TerminateThread
FindResourceW
LoadResource
LockResource
SizeofResource
TerminateProcess
OpenProcess
CloseHandle
ExitProcess
HeapReAlloc
VirtualQuery
ReadConsoleInputA
SetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
GetEnvironmentStringsW

user32

SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
CharUpperA
DestroyIcon
IsIconic
DeleteMenu
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
RealChildWindowFromPoint
UnregisterClassA
GetSystemMetrics
GetSysColorBrush
ShowOwnedPopups
SetCursor
GetMessageA
IsClipboardFormatAvailable
GetCursorPos
PostQuitMessage
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadIconW
LoadIconA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
IsWindowVisible
ValidateRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
PtInRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
GetProcessWindowStation
GetUserObjectInformationW
GetNextDlgTabItem
EndDialog
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetFocus
SetWindowPos
GetParent
IsWindowEnabled
GetWindowRgn
DestroyCursor
DrawIcon
TranslateMessage
MapDialogRect
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
IsWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetWindow
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawFocusRect
GetWindowLongA
GetSysColor
FillRect
OffsetRect
InflateRect
CopyRect
RegisterWindowMessageA
DrawTextA
GetDesktopWindow
InvalidateRect
GetClientRect
SetTimer
EnableWindow
GetTopWindow
MessageBeep
SetDlgItemTextA
UpdateWindow
DestroyWindow
MessageBoxA
KillTimer
SendMessageA
wsprintfA
LoadCursorA

gdi32

CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
SetRectRgn
CombineRgn
PatBlt
DPtoLP
RectVisible
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
OffsetRgn
CreateFontIndirectA
EnumFontFamiliesExA
CreateHatchBrush
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
PtVisible
GetPixel
GetRgnBox
GetTextMetricsA
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
CreatePen
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextExtentPoint32A
SetBkColor
CreateFontA
SelectObject
DeleteObject
SetTextColor
Rectangle
CreateSolidBrush
TextOutA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA

shell32

DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
ShellExecuteA

comctl32

ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoCreateGuid

oleaut32

SysFreeString
SysAllocString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

iphlpapi

GetAdaptersAddresses

hcacsapi

?HCA_GetCardType@@YGJPAXPAK@Z
?HCA_GetCardSN@@YGJPAXPAEK@Z
?HCA_GetBasicData@@YGKPAXPAEK@Z
?HCA_GetCardVersion@@YGJPAXPAK@Z
?HCA_GNFuncExec@@YGJJPAD0JJJJJPAX@Z

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

Exports

Exports

??0CCshis@@QAE@XZ
??4CCshis@@QAEAAV0@ABV0@@Z
HCA_GNFuncCall
VPNGetRandom
VPNH_Sign
VPNH_VerifySign
csCloseCom
csDisableHCAAPI
csDisableHCPIN
csEnableHCAAPI
csGetCardNo
csGetComConfig
csGetDateTime
csGetHOSPID
csGetHospAbbName
csGetHospID
csGetHospName
csGetVersion
csGetVersionEx
csHisAPI
csISSetPIN
csInputHCPIN
csOpenCom
csReScanPCSC
csReload
csSetComConfig
csSoftwareReset
csUnGetSeqNumber
csUpdateHCContents
csUpdateHCNoReset
csUploadData
csVerifyHCPIN
csVerifySAMDC
hisDeletePredeliveryData
hisGetBasicData
hisGetCardStatus
hisGetCriticalIllness
hisGetCriticalIllnessID
hisGetCumulativeData
hisGetCumulativeFee
hisGetEmergentTel
hisGetHPCType
hisGetICD10DeC
hisGetICD10EnC
hisGetInoculateData
hisGetInsurerData
hisGetLastSeqNum
hisGetOrganDonate
hisGetRegisterBasic
hisGetRegisterBasic2
hisGetRegisterPregnant
hisGetRegisterPrevent
hisGetSam0
hisGetSeqNumber
hisGetSeqNumber256
hisGetSeqNumber256N1
hisGetTreatNumICCard
hisGetTreatNumNoICCard
hisGetTreatmentNeedHPC
hisGetTreatmentNoNeedHPC
hisQuickInsurence
hisReadPrescriptAllergic
hisReadPrescriptHVE
hisReadPrescriptLongTerm
hisReadPrescriptMain
hisReadPrescription
hisWriteAllergicMedicines
hisWriteAllergicNum
hisWriteEmergentTel
hisWriteHealthInsurance
hisWriteInoculateData
hisWriteMultiPrescript
hisWriteMultiPrescriptSign
hisWriteNewBorn
hisWriteOrganDonate
hisWritePredeliveryCheckup
hisWritePrescription
hisWritePrescriptionSign
hisWriteTreatmentCode
hisWriteTreatmentData
hisWriteTreatmentFee
hpcGetAllData
hpcGetHPCCNAME
hpcGetHPCENAME
hpcGetHPCSN
hpcGetHPCSSN
hpcGetHPCStatus
hpcInputHPCPIN
hpcUnlockHPC
hpcVHPCLogout
hpcVerifyHPCPIN
hpcVerifyHPCPINR

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/System32/HCACSAPI.dll
.dll windows:6 windows x86 arch:x86

7d94240b36ef999b3be5dae35f5d17db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\git\Component\LIB\HCACSAPI\Release\HCACSAPI.pdb

Imports

reader

ord34
ord26
ord22
ord21
ord20
ord7
ord6

crypt32

CertFreeCertificateContext
CryptImportPublicKeyInfo
CertCreateCertificateContext

kernel32

SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
FormatMessageW
GetSystemTime
FindFirstFileW
SetEndOfFile
HeapSize
WriteConsoleW
MoveFileExW
SetCurrentDirectoryW
GetFullPathNameW
GetFullPathNameA
lstrlenA
GetTempPathA
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
GetLastError
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
DecodePointer
DeleteFileA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
ExpandEnvironmentStringsA
GetWindowsDirectoryA
GetFileType
GetStdHandle
WriteFile
GetModuleHandleW
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexW
GlobalMemoryStatus
LoadLibraryW
QueryPerformanceCounter
FlushConsoleInputBuffer
GlobalAlloc
GlobalFree
FindClose
GetNativeSystemInfo
GetModuleFileNameA
GetSystemDirectoryA
GetTempPathW
DeleteFileW
FindFirstFileA
FindNextFileA
GetVersionExA
GetVersionExW
ReadFile
SetFilePointer
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetLocalTime
FileTimeToSystemTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
GetProcessHeap
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
GetModuleFileNameW
HeapFree
HeapAlloc
GetCurrentThread
GetACP
GetStringTypeW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
FlushFileBuffers
GetConsoleCP
ReadConsoleW
SetFilePointerEx
SetStdHandle
GetFileAttributesExW
FindFirstFileExA
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
TlsGetValue

user32

GetSystemMetrics
wsprintfW
GetDesktopWindow
GetActiveWindow
ReleaseDC
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
GetLastActivePopup
GetDC

advapi32

RegCreateKeyExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
CryptVerifySignatureW
CryptSignHashW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptDecrypt
CryptEncrypt
CryptGetUserKey
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExA
RegOpenKeyExW
CryptAcquireContextA
CryptReleaseContext

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wldap32

ord301
ord16
ord200
ord79
ord77
ord35
ord33
ord32
ord88
ord143
ord36
ord13
ord26
ord211
ord60
ord195
ord41
ord27

ws2_32

getsockopt
select
WSACleanup
getaddrinfo
freeaddrinfo
__WSAFDIsSet
WSAGetLastError
WSASetLastError
shutdown
WSAStartup
gethostbyname
socket
closesocket
connect
htons
getpeername
inet_addr
inet_ntoa
gethostname
ntohs
ntohl
recv
send
ioctlsocket
setsockopt
accept
bind
htonl
listen
getservbyname

gdi32

GetDIBits
GetObjectW
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

shell32

SHGetFolderPathA

oleaut32

SysFreeString
SysAllocStringLen

urlmon

URLDownloadToFileA

wininet

InternetQueryOptionA

Exports

Exports

?HCA_CertValidate@@YGKPAXPAEK1K@Z
?HCA_CheckHCAApplet@@YGKPAX@Z
?HCA_GNFuncExec@@YGJJPAD0JJJJJPAX@Z
?HCA_GetBasicData@@YGKPAXPAEK@Z
?HCA_GetBasicData_PKCS@@YGKPAXPAEK@Z
?HCA_GetCardInfo@@YGKPAXQAEK@Z
?HCA_GetCardSN@@YGJPAXPAEK@Z
?HCA_GetCardType@@YGJPAXPAK@Z
?HCA_GetCardUUID@@YGKPAXQAEK@Z
?HCA_GetCardVersion@@YGJPAXPAK@Z
?HCA_GetCertAttr@@YGKPAXPAEKIH1@Z
?HCA_GetCertFromHPC@@YGKPAXIQAEK@Z
?HCA_GetCertFromHPC_PKCS@@YGKPAXIQAEK@Z
?HCA_GetCertType@@YGKPAXPAEK@Z
?HCA_GetKeySize@@YGJPAXPAK@Z
?HCA_GetSignatureAlgorithm@@YGKPAEK0KH@Z
?HCA_GetTSInfo@@YGKPAEJH0J@Z
?HCA_LoadCert@@YGKQAEK@Z
?HCA_MessageDigest@@YGKPAEK0@Z
?HCA_MessageDigestEx@@YGKKPAEK0@Z
?HCA_PrivateDecrypt@@YGKPAXPAEK1K@Z
?HCA_PrivateDecrypt_PKCS@@YGKPAXPAEK1PAK@Z
?HCA_PublicEncrypt@@YGKPAEK0K0K@Z
?HCA_PublicEncrypt_PKCS@@YGKPAEK0K@Z
?HCA_ReVerifyPIN@@YGJPAXQAE@Z
?HCA_ResetHCAApplet@@YGKPAX@Z
?HCA_SetPIN@@YGJPAXQAE1@Z
?HCA_SetPIN_PKCS@@YGJPAXQAE1@Z
?HCA_SetTSAddress@@YGKQAE0@Z
?HCA_SignDigest@@YGKPAXPAEKK1K@Z
?HCA_SignMessage@@YGKPAXPAEK1K@Z
?HCA_SignMessage_PKCS@@YGKPAXPAEKK1KK@Z
?HCA_TSQuery@@YGKPAEJ0J@Z
?HCA_TSVerify@@YGKPAEJ0J@Z
?HCA_TestGNFunc@@YGJJPAD0JJJJJPAX@Z
?HCA_VerifyPIN@@YGJPAXQAE@Z
?HCA_VerifyPIN_PKCS@@YGJPAXQAE@Z
?HCA_VerifySignMessage2@@YGKPAEK0K0K@Z
?HCA_VerifySignMessage3@@YGKPAEK0K0K@Z
?HCA_VerifySignMessage@@YGKPAEK0K0K@Z
?HCA_VerifySignMessage_PKCS@@YGKPAEK0K@Z

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/System32/HCACSPKCS11.dll
.dll windows:6 windows x86 arch:x86

81ae2ab93ef49d1926f1f29209da91f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\git\Component\DLL\HCAP11\Release\HCACSPKCS11.pdb

Imports

kernel32

GetWindowsDirectoryA
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexW
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
GlobalMemoryStatus
LoadLibraryW
QueryPerformanceCounter
GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetModuleFileNameW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
WideCharToMultiByte
GetTickCount
HeapAlloc
GetCurrentThread
GetACP
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
MoveFileExW
DeleteFileW
GetStringTypeW
HeapReAlloc
GetTimeZoneInformation
SetConsoleCtrlHandler
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
SetStdHandle
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
CreateFileW
WriteConsoleW
HeapSize
SetEndOfFile
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
EncodePointer
DecodePointer
RaiseException
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
GetLastError
GetProcAddress
HeapFree
FreeLibrary

reader

ord6
ord7
ord20
ord21
ord34
ord26
ord22

user32

GetUserObjectInformationW
MessageBoxW
GetDesktopWindow
GetProcessWindowStation

gdi32

CreateDCW
CreateCompatibleDC
BitBlt
DeleteObject
DeleteDC
GetObjectW
SelectObject
GetDeviceCaps
GetBitmapBits
CreateCompatibleBitmap

advapi32

RegisterEventSourceW
ReportEventW
SystemFunction036
DeregisterEventSource

Exports

Exports

CKI_C_CancelFunction
CKI_C_CloseAllSessions
CKI_C_CloseSession
CKI_C_CopyObject
CKI_C_CreateObject
CKI_C_Decrypt
CKI_C_DecryptDigestUpdate
CKI_C_DecryptFinal
CKI_C_DecryptInit
CKI_C_DecryptUpdate
CKI_C_DecryptVerifyUpdate
CKI_C_DeriveKey
CKI_C_DestroyObject
CKI_C_Digest
CKI_C_DigestEncryptUpdate
CKI_C_DigestFinal
CKI_C_DigestInit
CKI_C_DigestKey
CKI_C_DigestUpdate
CKI_C_Encrypt
CKI_C_EncryptFinal
CKI_C_EncryptInit
CKI_C_EncryptUpdate
CKI_C_Finalize
CKI_C_FindObjects
CKI_C_FindObjectsFinal
CKI_C_FindObjectsInit
CKI_C_GenerateKey
CKI_C_GenerateKeyPair
CKI_C_GenerateRandom
CKI_C_GetAttributeValue
CKI_C_GetFunctionList
CKI_C_GetFunctionStatus
CKI_C_GetInfo
CKI_C_GetMechanismInfo
CKI_C_GetMechanismList
CKI_C_GetObjectSize
CKI_C_GetOperationState
CKI_C_GetSessionInfo
CKI_C_GetSlotInfo
CKI_C_GetSlotList
CKI_C_GetTokenInfo
CKI_C_InitPIN
CKI_C_InitToken
CKI_C_Initialize
CKI_C_Login
CKI_C_Logout
CKI_C_OpenSession
CKI_C_SeedRandom
CKI_C_SetAttributeValue
CKI_C_SetComReaderHandle
CKI_C_SetOperationState
CKI_C_SetPIN
CKI_C_Sign
CKI_C_SignEncryptUpdate
CKI_C_SignFinal
CKI_C_SignInit
CKI_C_SignRecover
CKI_C_SignRecoverInit
CKI_C_SignUpdate
CKI_C_UnwrapKey
CKI_C_Verify
CKI_C_VerifyFinal
CKI_C_VerifyInit
CKI_C_VerifyRecover
CKI_C_VerifyRecoverInit
CKI_C_VerifyUpdate
CKI_C_WaitForSlotEvent
CKI_C_WrapKey
C_CancelFunction
C_CloseAllSessions
C_CloseSession
C_CopyObject
C_CreateObject
C_Decrypt
C_DecryptDigestUpdate
C_DecryptFinal
C_DecryptInit
C_DecryptUpdate
C_DecryptVerifyUpdate
C_DeriveKey
C_DestroyObject
C_Digest
C_DigestEncryptUpdate
C_DigestFinal
C_DigestInit
C_DigestKey
C_DigestUpdate
C_Encrypt
C_EncryptFinal
C_EncryptInit
C_EncryptUpdate
C_Finalize
C_FindObjects
C_FindObjectsFinal
C_FindObjectsInit
C_GenerateKey
C_GenerateKeyPair
C_GenerateRandom
C_GetAttributeValue
C_GetFunctionList
C_GetFunctionStatus
C_GetInfo
C_GetMechanismInfo
C_GetMechanismList
C_GetObjectSize
C_GetOperationState
C_GetSessionInfo
C_GetSlotInfo
C_GetSlotList
C_GetTokenInfo
C_InitPIN
C_InitToken
C_Initialize
C_Login
C_Logout
C_OpenSession
C_SeedRandom
C_SetAttributeValue
C_SetComReaderHandle
C_SetOperationState
C_SetPIN
C_Sign
C_SignEncryptUpdate
C_SignFinal
C_SignInit
C_SignRecover
C_SignRecoverInit
C_SignUpdate
C_UnwrapKey
C_Verify
C_VerifyFinal
C_VerifyInit
C_VerifyRecover
C_VerifyRecoverInit
C_VerifyUpdate
C_WaitForSlotEvent
C_WrapKey

Sections

.text
Size: 834KB - Virtual size: 833KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/System32/HCAPKCS11.dll
.dll windows:6 windows x86 arch:x86

0ad421d41e3651af952228ed4b553b8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
ExpandEnvironmentStringsA
GetWindowsDirectoryA
HeapAlloc
HeapFree
GetProcessHeap
GetLastError
FreeLibrary
GetModuleHandleW
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexW
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
GetProcAddress
GlobalMemoryStatus
LoadLibraryW
QueryPerformanceCounter
GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
GetCurrentThreadId
TlsFree
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
WideCharToMultiByte
GetACP
CompareStringW
LCMapStringW
GetStringTypeW
HeapReAlloc
GetTimeZoneInformation
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
SetStdHandle
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
HeapSize
SetEndOfFile
DecodePointer
RaiseException
TlsSetValue
GetCurrentProcessId

winscard

g_rgSCardRawPci
g_rgSCardT1Pci
g_rgSCardT0Pci
SCardTransmit
SCardStatusW
SCardDisconnect
SCardReconnect
SCardConnectA
SCardListReadersA
SCardReleaseContext
SCardEstablishContext

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
GetDesktopWindow

advapi32

DeregisterEventSource
ReportEventW
RegisterEventSourceW

Exports

Exports

CKI_C_CancelFunction
CKI_C_CloseAllSessions
CKI_C_CloseSession
CKI_C_CopyObject
CKI_C_CreateObject
CKI_C_Decrypt
CKI_C_DecryptDigestUpdate
CKI_C_DecryptFinal
CKI_C_DecryptInit
CKI_C_DecryptUpdate
CKI_C_DecryptVerifyUpdate
CKI_C_DeriveKey
CKI_C_DestroyObject
CKI_C_Digest
CKI_C_DigestEncryptUpdate
CKI_C_DigestFinal
CKI_C_DigestInit
CKI_C_DigestKey
CKI_C_DigestUpdate
CKI_C_Encrypt
CKI_C_EncryptFinal
CKI_C_EncryptInit
CKI_C_EncryptUpdate
CKI_C_Finalize
CKI_C_FindObjects
CKI_C_FindObjectsFinal
CKI_C_FindObjectsInit
CKI_C_GenerateKey
CKI_C_GenerateKeyPair
CKI_C_GenerateRandom
CKI_C_GetAttributeValue
CKI_C_GetFunctionList
CKI_C_GetFunctionStatus
CKI_C_GetInfo
CKI_C_GetMechanismInfo
CKI_C_GetMechanismList
CKI_C_GetObjectSize
CKI_C_GetOperationState
CKI_C_GetSessionInfo
CKI_C_GetSlotInfo
CKI_C_GetSlotList
CKI_C_GetTokenInfo
CKI_C_InitPIN
CKI_C_InitToken
CKI_C_Initialize
CKI_C_Login
CKI_C_Logout
CKI_C_OpenSession
CKI_C_SeedRandom
CKI_C_SetAttributeValue
CKI_C_SetOperationState
CKI_C_SetPIN
CKI_C_Sign
CKI_C_SignEncryptUpdate
CKI_C_SignFinal
CKI_C_SignInit
CKI_C_SignRecover
CKI_C_SignRecoverInit
CKI_C_SignUpdate
CKI_C_UnwrapKey
CKI_C_Verify
CKI_C_VerifyFinal
CKI_C_VerifyInit
CKI_C_VerifyRecover
CKI_C_VerifyRecoverInit
CKI_C_VerifyUpdate
CKI_C_WaitForSlotEvent
CKI_C_WrapKey
C_CancelFunction
C_CloseAllSessions
C_CloseSession
C_CopyObject
C_CreateObject
C_Decrypt
C_DecryptDigestUpdate
C_DecryptFinal
C_DecryptInit
C_DecryptUpdate
C_DecryptVerifyUpdate
C_DeriveKey
C_DestroyObject
C_Digest
C_DigestEncryptUpdate
C_DigestFinal
C_DigestInit
C_DigestKey
C_DigestUpdate
C_Encrypt
C_EncryptFinal
C_EncryptInit
C_EncryptUpdate
C_Finalize
C_FindObjects
C_FindObjectsFinal
C_FindObjectsInit
C_GenerateKey
C_GenerateKeyPair
C_GenerateRandom
C_GetAttributeValue
C_GetFunctionList
C_GetFunctionStatus
C_GetInfo
C_GetMechanismInfo
C_GetMechanismList
C_GetObjectSize
C_GetOperationState
C_GetSessionInfo
C_GetSlotInfo
C_GetSlotList
C_GetTokenInfo
C_InitPIN
C_InitToken
C_Initialize
C_Login
C_Logout
C_OpenSession
C_SeedRandom
C_SetAttributeValue
C_SetOperationState
C_SetPIN
C_Sign
C_SignEncryptUpdate
C_SignFinal
C_SignInit
C_SignRecover
C_SignRecoverInit
C_SignUpdate
C_UnwrapKey
C_Verify
C_VerifyFinal
C_VerifyInit
C_VerifyRecover
C_VerifyRecoverInit
C_VerifyUpdate
C_WaitForSlotEvent
C_WrapKey

Sections

.text
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/System32/HCAUtility.dll
.dll windows:4 windows x86 arch:x86

3b00c9e0d1a23b02e5acbec6ec28b5b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetProcAddress
LoadLibraryA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

??0CHCAUtility@@QAE@XZ
??4CHCAUtility@@QAEAAV0@ABV0@@Z
?fnHCAUtility@@YAHXZ
?nHCAUtility@@3HA
GetCardType
GetVDATE
_CloseCom@4
_GetBasicData@4
_OpenCom@4

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$WINDIR/pthreadVC1.dll
.dll windows:4 windows x86 arch:x86

8135d8b7e1c6c3c12486b4ff4f2fbce0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:08:60:ba:d0:72:9f:1e:88:d6:24:43:d6:f3:98:06
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

03/07/2017, 00:00

Not After

03/07/2018, 23:59

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074873696e636875,1.3.6.1.4.1.311.60.2.1.2=#130654616977616e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:08:60:ba:d0:72:9f:1e:88:d6:24:43:d6:f3:98:06
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

03/07/2017, 00:00

Not After

03/07/2018, 23:59

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074873696e636875,1.3.6.1.4.1.311.60.2.1.2=#130654616977616e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

74:97:11:c9:9d:0b:10:4c:6d:7c:58:90:6d:10:d5:ca:e1:3c:92:53:3e:b5:84:a7:e4:e8:11:5e:2f:fb:10:a1
Signer

Actual PE Digest

74:97:11:c9:9d:0b:10:4c:6d:7c:58:90:6d:10:d5:ca:e1:3c:92:53:3e:b5:84:a7:e4:e8:11:5e:2f:fb:10:a1

Digest Algorithm

sha256

PE Digest Matches

true

f3:98:d2:17:43:72:0c:f4:ff:34:f7:19:46:f5:11:21:39:be:d3:0b
Signer

Actual PE Digest

f3:98:d2:17:43:72:0c:f4:ff:34:f7:19:46:f5:11:21:39:be:d3:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_endthreadex
_onexit
__dllonexit
_adjust_fdiv
_initterm
_beginthreadex
malloc
exit
longjmp
_ftime
_errno
_setjmp3
free
calloc

wsock32

WSAGetLastError
WSASetLastError

kernel32

TlsSetValue
Sleep
TlsAlloc
GetCurrentProcessId
OpenProcess
LoadLibraryA
WaitForMultipleObjects
FreeLibrary
GetProcAddress
SetThreadPriority
ReleaseSemaphore
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
TlsFree
CreateSemaphoreA
SetEvent
CloseHandle
WaitForSingleObject
CreateEventA
InterlockedExchangeAdd
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ResetEvent
GetCurrentThreadId
SetLastError
GetThreadPriority
DuplicateHandle
GetCurrentThread
GetCurrentProcess
GetProcessAffinityMask
TlsGetValue
GetLastError
InterlockedIncrement
InterlockedDecrement

Exports

Exports

pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getconcurrency
pthread_getschedparam
pthread_getspecific
pthread_getw32threadhandle_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
ptw32_get_exception_services_code
ptw32_pop_cleanup
ptw32_push_cleanup
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCA/HCAAPISVI.dll
.dll regsvr32 windows:6 windows x86 arch:x86

61a26b303a7abc1deb53b1afe0efac10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Git\Component\SVI\HCAAPISVI\Release\HCAAPISVI.pdb

Imports

kernel32

DeleteFileW
PeekConsoleInputA
ReadConsoleInputW
GetNumberOfConsoleInputEvents
SetConsoleMode
GetFullPathNameW
GetCurrentDirectoryW
GetModuleHandleA
MoveFileExW
GetModuleHandleW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
FormatMessageW
FlushConsoleInputBuffer
SystemTimeToFileTime
GetTickCount
GlobalMemoryStatus
LoadLibraryW
FindFirstFileW
CreateMutexW
GetProcAddress
LoadLibraryExA
DeleteFileA
GetTempPathA
GlobalFree
lstrlenA
IsDBCSLeadByte
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
lstrcmpiA
MulDiv
GlobalLock
GlobalUnlock
GlobalAlloc
SizeofResource
GetConsoleCP
GetModuleFileNameA
FreeLibrary
DisableThreadLibraryCalls
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
LoadResource
GetLastError
RaiseException
DecodePointer
SetCurrentDirectoryW
EncodePointer
WriteConsoleW
SetEndOfFile
CreateFileW
FlushFileBuffers
SetStdHandle
GetStringTypeW
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
GetFileSizeEx
GetConsoleOutputCP
WriteFile
SetFilePointerEx
ReadConsoleW
GetConsoleMode
CloseHandle
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
HeapReAlloc
HeapSize
GetCurrentThread
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
ReadFile
VirtualQuery
VirtualProtect
ExpandEnvironmentStringsA
CreateMutexA
WaitForSingleObject
LocalAlloc
ReleaseMutex
OpenMutexA
GetWindowsDirectoryA
LocalFree
GetCurrentProcessId
GetSystemTime
LoadLibraryA
IsDebuggerPresent
OutputDebugStringW
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetSystemInfo

user32

SetFocus
GetFocus
GetKeyState
GetDC
ReleaseDC
BeginPaint
EndPaint
SetWindowRgn
InvalidateRect
GetClientRect
IntersectRect
UnionRect
OffsetRect
EqualRect
PtInRect
LoadCursorA
GetParent
SetWindowLongA
GetClassInfoExA
CreateWindowExA
IsWindow
IsChild
DestroyWindow
ShowWindow
RegisterClassExA
DefWindowProcA
CallWindowProcA
GetActiveWindow
MessageBoxA
GetLastActivePopup
UnregisterClassA
CharNextW
CharNextA
MessageBoxW
SetWindowPos
GetUserObjectInformationW
GetProcessWindowStation
GetWindowLongA

gdi32

SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
LPtoDP
TextOutA
SetTextAlign
SetMapMode
SaveDC
RestoreDC
GetDeviceCaps
DeleteMetaFile
DeleteDC
CreateRectRgnIndirect
CreateMetaFileA
CreateDCA
CloseMetaFile
GetObjectW
CreateCompatibleBitmap
GetDIBits
DeleteObject

advapi32

InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
FreeSid
ReportEventW
RegisterEventSourceW
DeregisterEventSource

ole32

OleRegEnumVerbs
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
ReadClassStm
WriteClassStm
CreateDataAdviseHolder
OleSaveToStream
CreateOleAdviseHolder
OleRegGetUserType
OleRegGetMiscStatus

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
VariantChangeType
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
UnRegisterTypeLi
OleCreatePropertyFrame
SysAllocStringLen
SafeArrayCreate
SafeArrayDestroy
SafeArrayPutElement

wldap32

ord13
ord211
ord60
ord195
ord143
ord88
ord26
ord27
ord36
ord32
ord33
ord35
ord77
ord79
ord41
ord200
ord16
ord301

ws2_32

inet_addr
freeaddrinfo
getaddrinfo
WSACleanup
select
getsockopt
ioctlsocket
__WSAFDIsSet
shutdown
WSASetLastError
WSAGetLastError
WSAStartup
gethostbyname
socket
setsockopt
send
recv
htons
connect
closesocket
gethostname
htonl
getservbyname
ntohs
listen
ntohl
bind
inet_ntoa
getpeername
accept

urlmon

URLDownloadToFileA

wininet

InternetQueryOptionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCA/HCAAPISVIAdapter.dll
.dll windows:6 windows x86 arch:x86

ed721ebf9c5daddf524d151efbf93473

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:30:9f:cf:91:23:66:22:5a:bc:ac:79:0b:ad:ff:fd:7e:d0:0f:66:94:8e:79:02:a9:87:f9:05:70:50:3f:f1
Signer

Actual PE Digest

78:30:9f:cf:91:23:66:22:5a:bc:ac:79:0b:ad:ff:fd:7e:d0:0f:66:94:8e:79:02:a9:87:f9:05:70:50:3f:f1

Digest Algorithm

sha256

PE Digest Matches

true

c0:6c:c5:56:37:be:49:91:ef:17:ff:64:49:88:f5:3c:80:5d:6f:ee
Signer

Actual PE Digest

c0:6c:c5:56:37:be:49:91:ef:17:ff:64:49:88:f5:3c:80:5d:6f:ee

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\git\Product\ServiSignV1_0\CGServiSignAdapters\HCAServiSignAdapterSetup\HCAAPISVI\AdapterProject\Release\HCAAPISVIAdapter.pdb

Imports

kernel32

MultiByteToWideChar
GetLastError
CloseHandle
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
ReadFile
WriteFile
CreateFileW
LocalFree
ExpandEnvironmentStringsA
CreateMutexA
LocalAlloc
GetCurrentThreadId
OpenMutexA
GetCurrentProcessId
GetSystemTime
SetEndOfFile
HeapSize
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
ReleaseMutex
GetFileAttributesW
WaitForSingleObject
GetTempPathW
FindClose
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
HeapReAlloc
LCMapStringW
CompareStringW
GetFileType
GetStdHandle
HeapFree
HeapAlloc
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
GetWindowsDirectoryA
GetStartupInfoW
GetModuleHandleExW
WriteConsoleW
ExitProcess
LoadLibraryExW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
GetSystemTimeAsFileTime
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
SetEntriesInAclW

ole32

CoUninitialize
OleRun
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringByteLen
VariantCopy
VariantClear
SysStringByteLen
SysFreeString
GetErrorInfo
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
SysStringLen
SysAllocStringLen
VariantChangeType
SysAllocString
VariantInit

Exports

Exports

callJsonMapMethod
callMethod

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCA/HCACSAPISVI.dll
.dll regsvr32 windows:5 windows x86 arch:x86

84b0bebcaa12df2192306b1b665cbd9d

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:29:15:27:00:00:00:00:00:2a
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:55

Not After

15/04/2021, 20:05

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:10:b0:f0:5e:fa:6c:4a:f5:53:e4:db
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:29:15:27:00:00:00:00:00:2a
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:55

Not After

15/04/2021, 20:05

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:eb:0e:d6:a0:b6:cd:42:29:62:8e:26:39:09:93:eb:c2:b6:a6:f2:a1:a8:c5:4b:28:2f:1f:3f:a9:f3:6d:de
Signer

Actual PE Digest

05:eb:0e:d6:a0:b6:cd:42:29:62:8e:26:39:09:93:eb:c2:b6:a6:f2:a1:a8:c5:4b:28:2f:1f:3f:a9:f3:6d:de

Digest Algorithm

sha256

PE Digest Matches

true

52:a0:14:6c:b2:25:ca:4a:ed:7c:9d:8d:6e:70:ef:ac:5e:4a:c8:d0
Signer

Actual PE Digest

52:a0:14:6c:b2:25:ca:4a:ed:7c:9d:8d:6e:70:ef:ac:5e:4a:c8:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
GetFullPathNameA
GetFullPathNameW
FreeLibraryAndExitThread
ResumeThread
ExitThread
SetConsoleMode
GlobalUnlock
GlobalLock
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
DuplicateHandle
Sleep
InitializeCriticalSection
InterlockedCompareExchange
GetTempFileNameA
GetTempPathA
FormatMessageW
LocalAlloc
FlushConsoleInputBuffer
GetCurrentThreadId
SetLastError
EnterCriticalSection
LeaveCriticalSection
IsDBCSLeadByte
SetCurrentDirectoryA
FindResourceA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
lstrcmpiA
MulDiv
SizeofResource
ReadConsoleInputA
LoadResource
GlobalAlloc
GetProcAddress
DisableThreadLibraryCalls
FreeLibrary
InterlockedDecrement
InterlockedIncrement
EncodePointer
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
GetSystemTime
LoadLibraryW
GlobalMemoryStatus
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
ReadFile
GetFileSize
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
DecodePointer
CreateThread
SetEndOfFile
WriteConsoleW
SetFilePointerEx
FlushFileBuffers
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetTimeZoneInformation
GetStringTypeW
GetCurrentProcessId
GetTickCount
ExpandEnvironmentStringsA
GetWindowsDirectoryA
CreateFileA
DeleteFileA
DeleteFileW
GlobalFree
FindClose
GetSystemDirectoryA
FindNextFileA
GetVersionExW
WriteFile
SetFilePointer
SystemTimeToFileTime
GetCurrentDirectoryW
GetFileAttributesW
FileTimeToSystemTime
LoadLibraryA
IsDebuggerPresent
OutputDebugStringW
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetSystemInfo
VirtualProtect
VirtualQuery
ExitProcess
GetModuleHandleExW
GetConsoleCP
GetConsoleMode
GetCurrentThread
GetACP
GetStdHandle
GetFileType
HeapSize
HeapReAlloc
CompareStringW
LCMapStringW

user32

OffsetRect
UnionRect
IntersectRect
GetClientRect
InvalidateRect
SetWindowRgn
MessageBoxA
EqualRect
EndPaint
BeginPaint
ReleaseDC
GetDC
GetKeyState
DefWindowProcA
UnregisterClassA
DestroyWindow
CallWindowProcA
PtInRect
RegisterClassExA
GetClassInfoExA
CreateWindowExA
IsWindow
IsChild
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
GetWindowLongA
SetWindowLongA
GetParent
LoadCursorA
SetFocus
CharNextW
CharNextA
SetWindowPos
ShowWindow
GetFocus

gdi32

SetWindowExtEx
SetViewportOrgEx
LPtoDP
TextOutA
SetTextAlign
SetMapMode
SaveDC
RestoreDC
GetDeviceCaps
DeleteMetaFile
DeleteDC
CreateRectRgnIndirect
CreateMetaFileA
CreateDCA
CloseMetaFile
SetWindowOrgEx

advapi32

RegOpenKeyExA
InitializeSecurityDescriptor
ReportEventW
RegQueryValueExA
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
SetSecurityDescriptorDacl
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegisterEventSourceW
DeregisterEventSource

ole32

WriteClassStm
ReadClassStm
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
OleSaveToStream
CreateOleAdviseHolder
OleRegGetUserType
OleRegGetMiscStatus
CoInitialize
CoUninitialize
CoInitializeEx
OleRun
OleRegEnumVerbs
CoCreateInstance

oleaut32

GetErrorInfo
SysAllocStringLen
SysFreeString
SafeArrayCreate
SafeArrayPutElement
VariantClear
SysAllocString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantChangeType
OleCreatePropertyFrame
UnRegisterTypeLi
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ws2_32

getservbyport
gethostbyaddr
select
ntohs
inet_ntoa
inet_addr
listen
getsockopt
ioctlsocket
__WSAFDIsSet
WSAGetLastError
WSASetLastError
shutdown
getsockname
bind
WSACleanup
htonl
closesocket
connect
htons
recv
send
setsockopt
socket
gethostbyname
WSAStartup
getservbyname

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
docbDefaultSAXHandlerInit
emptyExp
forbiddenExp
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
valuePop
valuePush
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlC14NDocDumpMemory
xmlC14NDocSave
xmlC14NDocSaveTo
xmlC14NExecute
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlChildElementCount
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlExpCtxtNbCons
xmlExpCtxtNbNodes
xmlExpDump
xmlExpExpDerive
xmlExpFree
xmlExpFreeCtxt
xmlExpGetLanguage
xmlExpGetStart
xmlExpIsNillable
xmlExpMaxToken
xmlExpNewAtom
xmlExpNewCtxt
xmlExpNewOr
xmlExpNewRange
xmlExpNewSeq
xmlExpParse
xmlExpRef
xmlExpStringDerive
xmlExpSubsume
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFirstElementChild
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOFTPClose
xmlIOFTPMatch
xmlIOFTPOpen
xmlIOFTPRead
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode
xmlIsChar
xmlIsCharGroup
xmlIsCombining
xmlIsCombiningGroup
xmlIsDigit
xmlIsDigitGroup
xmlIsExtender
xmlIsExtenderGroup
xmlIsID
xmlIsIdeographic
xmlIsIdeographicGroup
xmlIsLetter
xmlIsMainThread
xmlIsMixedElement
xmlIsPubidChar
xmlIsPubidChar_tab
xmlIsRef
xmlIsXHTML
xmlKeepBlanksDefault
xmlLastElementChild
xmlLineNumbersDefault
xmlLinkGetData
xmlListAppend
xmlListClear
xmlListCopy
xmlListCreate
xmlListDelete
xmlListDup
xmlListEmpty
xmlListEnd
xmlListFront
xmlListInsert
xmlListMerge
xmlListPopBack
xmlListPopFront
xmlListPushBack
xmlListPushFront
xmlListRemoveAll
xmlListRemoveFirst
xmlListRemoveLast
xmlListReverse
xmlListReverseSearch
xmlListReverseWalk
xmlListSearch
xmlListSize

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCA/HCACSAPISVIAdapter.dll
.dll windows:6 windows x86 arch:x86

ed721ebf9c5daddf524d151efbf93473

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

12:0d:7a:dc:e2:d4:ec:86:0b:07:55:b9:ee:0f:92:16:a0:d8:75:47:03:2f:57:fc:fe:68:e0:35:c6:7f:c4:aa
Signer

Actual PE Digest

12:0d:7a:dc:e2:d4:ec:86:0b:07:55:b9:ee:0f:92:16:a0:d8:75:47:03:2f:57:fc:fe:68:e0:35:c6:7f:c4:aa

Digest Algorithm

sha256

PE Digest Matches

true

ef:e1:11:2a:c3:e3:05:d7:c5:9f:39:3b:7a:c5:8b:8b:72:c2:21:ba
Signer

Actual PE Digest

ef:e1:11:2a:c3:e3:05:d7:c5:9f:39:3b:7a:c5:8b:8b:72:c2:21:ba

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\git\Product\ServiSignV1_0\CGServiSignAdapters\HCAServiSignAdapterSetup\HCACSAPISVI\AdapterProject\Release\HCACSAPISVIAdapter.pdb

Imports

kernel32

MultiByteToWideChar
GetLastError
CloseHandle
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
ReadFile
WriteFile
CreateFileW
LocalFree
ExpandEnvironmentStringsA
CreateMutexA
LocalAlloc
GetCurrentThreadId
OpenMutexA
GetCurrentProcessId
GetSystemTime
SetEndOfFile
HeapSize
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
ReleaseMutex
GetFileAttributesW
WaitForSingleObject
GetTempPathW
FindClose
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
HeapReAlloc
LCMapStringW
CompareStringW
GetFileType
GetStdHandle
HeapFree
HeapAlloc
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
GetWindowsDirectoryA
GetStartupInfoW
GetModuleHandleExW
WriteConsoleW
ExitProcess
LoadLibraryExW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
GetSystemTimeAsFileTime
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
SetEntriesInAclW

ole32

CoUninitialize
OleRun
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringByteLen
VariantCopy
VariantClear
SysStringByteLen
SysFreeString
GetErrorInfo
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
SysStringLen
SysAllocStringLen
VariantChangeType
SysAllocString
VariantInit

Exports

Exports

callJsonMapMethod
callMethod

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCA/HCAServiSignAdapterSetupUninstall.exe
.exe windows:4 windows x86 arch:x86

1f23f452093b5c1ff091a2f9fb4fa3e9

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fa:b5:00:68:29:49:f9:60:12:04:66:88:af:4f:4c:24:b2:31:c1:a4:7a:bf:43:65:52:62:d0:db:90:12:05:85
Signer

Actual PE Digest

fa:b5:00:68:29:49:f9:60:12:04:66:88:af:4f:4c:24:b2:31:c1:a4:7a:bf:43:65:52:62:d0:db:90:12:05:85

Digest Algorithm

sha256

PE Digest Matches

true

c0:ac:0e:24:1c:77:ec:ea:0b:b8:76:fa:23:aa:e8:77:b5:15:1e:8e
Signer

Actual PE Digest

c0:ac:0e:24:1c:77:ec:ea:0b:b8:76:fa:23:aa:e8:77:b5:15:1e:8e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
SetCurrentDirectoryW
GetFileAttributesW
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
CopyFileW
GetShortPathNameW
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
MoveFileW
GetFullPathNameW
SetFileTime
SearchPathW
CompareFileTime
lstrcmpW
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalUnlock
GetDiskFreeSpaceW
GlobalAlloc
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
lstrlenA
MulDiv
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW

user32

GetSystemMenu
SetClassLongW
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
GetDC
SetTimer
SetWindowTextW
LoadImageW
SetForegroundWindow
ShowWindow
IsWindow
SetWindowLongW
FindWindowExW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
EndPaint
CreateDialogParamW
SendMessageTimeoutW
wsprintfW
PostQuitMessage

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FindProcDLL.dll
.dll windows:4 windows x86 arch:x86

e26d7460d0c04056b9226a899477ba4d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

af:bc:1f:72:32:88:d5:a0:64:b4:1c:9c:a3:aa:de:14:fd:67:bc:6f:7e:c4:79:53:dd:53:b9:4d:f0:13:b6:4c
Signer

Actual PE Digest

af:bc:1f:72:32:88:d5:a0:64:b4:1c:9c:a3:aa:de:14:fd:67:bc:6f:7e:c4:79:53:dd:53:b9:4d:f0:13:b6:4c

Digest Algorithm

sha256

PE Digest Matches

true

72:91:b3:c9:77:0e:4d:88:34:9d:40:37:fc:5b:28:71:ed:f4:e2:c8
Signer

Actual PE Digest

72:91:b3:c9:77:0e:4d:88:34:9d:40:37:fc:5b:28:71:ed:f4:e2:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
CloseHandle
OpenProcess
LoadLibraryW
GetProcAddress
GetVersionExW
GlobalFree
lstrcpyW
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
DisableThreadLibraryCalls
WriteFile
VirtualAlloc
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers

Exports

Exports

FindProc

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

d806a080e21508dd768fa70be247d2ae

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

10/04/2015, 00:00

Not After

08/06/2017, 23:59

Subject

CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be
Signer

Actual PE Digest

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be

Digest Algorithm

sha256

PE Digest Matches

true

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93
Signer

Actual PE Digest

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetVersionExW
GlobalFree
lstrcpyW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA

Exports

Exports

KillProc

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/liteFirewall.dll
.dll windows:5 windows x86 arch:x86

d581909bbb46b6bf2b16e48b9e3dd1d6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:08:60:ba:d0:72:9f:1e:88:d6:24:43:d6:f3:98:06
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

03/07/2017, 00:00

Not After

03/07/2018, 23:59

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074873696e636875,1.3.6.1.4.1.311.60.2.1.2=#130654616977616e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:08:60:ba:d0:72:9f:1e:88:d6:24:43:d6:f3:98:06
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

03/07/2017, 00:00

Not After

03/07/2018, 23:59

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,O=Changing Information Technology Inc.,L=Hsinchu,ST=Taiwan,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13074873696e636875,1.3.6.1.4.1.311.60.2.1.2=#130654616977616e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4a:9b:20:b4:97:94:5b:c9:ee:0c:6b:a8:b0:19:c9:8b:fd:cd:a7:8c:6a:97:67:0c:91:fb:ed:55:9f:57:36:ee
Signer

Actual PE Digest

4a:9b:20:b4:97:94:5b:c9:ee:0c:6b:a8:b0:19:c9:8b:fd:cd:a7:8c:6a:97:67:0c:91:fb:ed:55:9f:57:36:ee

Digest Algorithm

sha256

PE Digest Matches

true

eb:78:ca:ba:62:ed:7c:c4:ef:96:a1:93:98:43:13:97:c5:55:83:dc
Signer

Actual PE Digest

eb:78:ca:ba:62:ed:7c:c4:ef:96:a1:93:98:43:13:97:c5:55:83:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfW

ole32

CoUninitialize
CLSIDFromString
CLSIDFromProgID
OleRun
CoCreateInstance
CoInitialize
CoInitializeEx

oleaut32

GetErrorInfo
SysFreeString
SysAllocString

kernel32

DeleteCriticalSection
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
SetFilePointer
GetLocaleInfoA
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
InterlockedDecrement
HeapFree
GetProcessHeap
GetLastError
RtlUnwind
GetCurrentThreadId
GetCommandLineA
RaiseException
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
HeapSize
VirtualAlloc
HeapReAlloc
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

AddRule
RemoveRule

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d31c5eb927119d00232e4d4b0e32fcdb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
MultiByteToWideChar
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyW
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessW
GetStartupInfoW
CreatePipe
GetProcAddress
lstrcpynW
DeleteFileW
lstrcmpiW
GetCurrentProcess
lstrcatW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CopyFileW
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW
ExitProcess
GetCommandLineW
GlobalLock
GetVersion
lstrlenW

user32

SendMessageW
FindWindowExW
CharNextW
wsprintfW
CharPrevW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TestPutFile
HCAServiSign.exe
.exe windows:6 windows x86 arch:x86

feb3b1751c360f373a45658c7b208475

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e6:b5:70:1b:41:f0:cf:71:f0:64:91:d5:34:5d:c1:8a:65:13:63:c3:6d:c0:cc:f1:cd:48:a2:03:3d:f2:cd:b1
Signer

Actual PE Digest

e6:b5:70:1b:41:f0:cf:71:f0:64:91:d5:34:5d:c1:8a:65:13:63:c3:6d:c0:cc:f1:cd:48:a2:03:3d:f2:cd:b1

Digest Algorithm

sha256

PE Digest Matches

true

31:b9:97:75:8c:a9:65:66:17:98:bc:9d:15:44:7d:99:5b:5d:fd:c0
Signer

Actual PE Digest

31:b9:97:75:8c:a9:65:66:17:98:bc:9d:15:44:7d:99:5b:5d:fd:c0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\git\Product\ServiSignV1_0\CGServiSign\Release\OriginalServiSign.pdb

Imports

ws2_32

shutdown
closesocket
htonl
ntohs
WSAGetLastError
recv
send
setsockopt
WSAPoll
getsockname
WSAStartup
listen
select
bind
accept
__WSAFDIsSet
WSACleanup
WSASend
ioctlsocket
connect
socket
WSASocketW
WSASetLastError
htons

libgnutls-30

ord170
ord77
ord598
ord589
ord652
ord72
ord94
ord188
ord726
ord308
ord126
ord723
ord649
ord718
ord150
ord758
ord93
ord322
ord113
ord258
ord829
ord69
ord125
ord54
ord593
ord714
ord259
ord114
ord767
ord133
ord195
ord661
ord201
ord272
ord655
ord861
ord204

kernel32

GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetConsoleOutputCP
GetFileSizeEx
SetFilePointerEx
GetTimeZoneInformation
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
HeapFree
HeapAlloc
ReadConsoleW
GetConsoleMode
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
RtlUnwind
GetStringTypeW
GetCPInfo
CompareStringEx
DecodePointer
EncodePointer
GetCurrentProcess
WaitForSingleObject
CreateFileW
GetCurrentThreadId
MultiByteToWideChar
Sleep
GetLastError
GetProcAddress
GetCurrentProcessId
FreeLibrary
IsWow64Process
LoadLibraryExW
QueryPerformanceFrequency
LoadLibraryW
QueryPerformanceCounter
FindFirstFileW
FindNextFileW
FindClose
ReadFile
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
SetHandleInformation
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount64
RaiseException
GetStartupInfoW
TerminateProcess
GetModuleFileNameW
GetTempPathW
CreateMutexW
GetCommandLineW
ReleaseMutex
UnmapViewOfFile
DeleteFileW
GetWindowsDirectoryW
CreateProcessW
GetModuleHandleW
CopyFileW
WideCharToMultiByte
GetExitCodeProcess
OpenEventW
CreateEventW
SetEvent
ResetEvent
GetVersionExW
GetSystemDirectoryW
GetNativeSystemInfo
WriteFile
CreateDirectoryW
ExpandEnvironmentStringsA
CreateMutexA
LocalAlloc
OpenMutexA
GetWindowsDirectoryA
LocalFree
GetSystemTime
InitializeCriticalSectionEx
LCMapStringEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
GetExitCodeThread
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetFileInformationByHandleEx
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
FlushFileBuffers
HeapSize
AreFileApisANSI
SetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
GetLocaleInfoEx
FormatMessageA
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetEndOfFile
GetFileAttributesW
WriteConsoleW
WaitForSingleObjectEx

user32

DestroyWindow
CreateWindowExW
UnregisterClassW
IsWindow
DispatchMessageW
DefWindowProcW
TranslateMessage
FindWindowW
GetWindowThreadProcessId
SetWindowPos
EnumWindows
GetWindowTextW
wsprintfW
GetMessageW
RegisterClassW
GetSystemMetrics

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
SetEntriesInAclW
GetUserNameW

shell32

SHGetKnownFolderPath
SHGetFolderPathW

ole32

CoTaskMemFree

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString

wtsapi32

WTSRegisterSessionNotification

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Exports

Exports

?CGWhiteBoxResultFinal@@YAXPAPAD@Z
?getCGWhiteboxResult@@YAPADPAPAFHJ@Z

Sections

.text
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCAServiSignMonitor.exe
.exe windows:6 windows x86 arch:x86

3aa40e7a0b4890084c78e7970c24ee23

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b6:38:f6:0c:a0:ab:f4:73:eb:7f:ff:6e:7a:59:a7:2b:a2:53:2c:52:57:5f:66:c9:16:8b:58:7e:0f:ca:f7:08
Signer

Actual PE Digest

b6:38:f6:0c:a0:ab:f4:73:eb:7f:ff:6e:7a:59:a7:2b:a2:53:2c:52:57:5f:66:c9:16:8b:58:7e:0f:ca:f7:08

Digest Algorithm

sha256

PE Digest Matches

true

38:05:26:59:2a:4b:d7:17:5b:32:ec:3a:a7:47:2a:43:76:8f:22:00
Signer

Actual PE Digest

38:05:26:59:2a:4b:d7:17:5b:32:ec:3a:a7:47:2a:43:76:8f:22:00

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\git\Product\ServiSignV1_0\CGServiSign\Release\OriginalServiSignMonitor.pdb

Imports

gdiplus

GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageEncodersSize
GdipSaveImageToFile

kernel32

HeapSize
GetLastError
LockResource
DeleteFileW
HeapReAlloc
CloseHandle
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
GetModuleHandleW
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
GetTempPathW
CreateMutexW
WaitForSingleObject
GetFileAttributesW
ReleaseMutex
OpenProcess
CreateToolhelp32Snapshot
MultiByteToWideChar
Process32NextW
K32GetModuleBaseNameW
Process32FirstW
LoadLibraryW
K32EnumProcesses
GetWindowsDirectoryW
GetProcAddress
CreateProcessW
FreeLibrary
WideCharToMultiByte
K32EnumProcessModules
GetExitCodeProcess
OpenEventW
CreateEventW
SetEvent
ResetEvent
GetVersionExW
GetSystemDirectoryW
GetNativeSystemInfo
ReadFile
WriteFile
CreateFileW
FindClose
LocalFree
ExpandEnvironmentStringsA
CreateMutexA
GetACP
GetCurrentThreadId
OpenMutexA
GetWindowsDirectoryA
GetCurrentProcessId
GetSystemTime
IsValidCodePage
FindFirstFileExW
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
VirtualQuery
VirtualProtect
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
TlsSetValue
InitializeCriticalSectionEx
LeaveCriticalSection
FindNextFileW
EnterCriticalSection
HeapFree
FindFirstFileW
SizeofResource
CreateDirectoryW
Sleep
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
SetEnvironmentVariableW
TlsGetValue
TlsAlloc
SetLastError
RtlUnwind
RaiseException
OutputDebugStringW
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCPInfo
CompareStringEx
GetStringTypeW
LCMapStringEx
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
SetEndOfFile
LocalAlloc
WaitForSingleObjectEx
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
GetLocaleInfoEx
GetSystemTimeAsFileTime

user32

PostQuitMessage
RegisterWindowMessageW
SetForegroundWindow
FindWindowExW
GetKeyState
AppendMenuW
GetSystemMetrics
GetMessageW
DefWindowProcW
PostMessageW
GetClientRect
DestroyWindow
EnumChildWindows
CreateWindowExW
SendMessageW
UnregisterClassW
CreatePopupMenu
TrackPopupMenu
IsWindow
DispatchMessageW
DestroyIcon
RegisterClassW
MessageBoxIndirectW
DestroyMenu
TranslateMessage
LoadIconW
FindWindowW
wsprintfW
GetCursorPos

gdi32

BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
CreateDCW
GetDeviceCaps
DeleteDC
GetObjectW
DeleteObject

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
SetEntriesInAclW
GetUserNameW

shell32

ShellExecuteExW
SHGetFolderPathW
SHGetSpecialFolderPathA
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen
SysStringLen

shlwapi

PathFindExtensionW

wtsapi32

WTSRegisterSessionNotification

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HCAServiSignWorker.exe
.exe windows:6 windows x86 arch:x86

e97829f2424a42e7a8179455dd700f15

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

24/06/2021, 08:19

Not After

02/08/2024, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS Dept.,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a4:0e:ff:8f:09:67:ff:5a:b4:af:1e:77:58:07:6b:57:6f:e3:53:86:1b:39:69:12:f4:a4:74:99:0d:b4:3e:cb
Signer

Actual PE Digest

a4:0e:ff:8f:09:67:ff:5a:b4:af:1e:77:58:07:6b:57:6f:e3:53:86:1b:39:69:12:f4:a4:74:99:0d:b4:3e:cb

Digest Algorithm

sha256

PE Digest Matches

true

a3:e2:a0:dc:85:e5:89:6d:8d:3f:7a:49:e0:29:f2:c4:0d:3d:27:2f
Signer

Actual PE Digest

a3:e2:a0:dc:85:e5:89:6d:8d:3f:7a:49:e0:29:f2:c4:0d:3d:27:2f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\git\Product\ServiSignV1_0\CGServiSign\Release\OriginalServiSignWorker.pdb

Imports

kernel32

GetTempPathW
CreateMutexW
GetFileAttributesW
ReleaseMutex
OpenProcess
CreateToolhelp32Snapshot
MultiByteToWideChar
Process32NextW
K32GetModuleBaseNameW
Process32FirstW
CloseHandle
LoadLibraryW
K32EnumProcesses
GetWindowsDirectoryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
K32EnumProcessModules
GetExitCodeProcess
OpenEventW
ReadFile
WriteFile
CreateFileW
GetVersionExW
GetSystemDirectoryW
GetNativeSystemInfo
LocalFree
ExpandEnvironmentStringsA
GetModuleFileNameW
LocalAlloc
GetCurrentThreadId
OpenMutexA
GetWindowsDirectoryA
GetCurrentProcessId
GetSystemTime
DecodePointer
SetEndOfFile
HeapSize
GetConsoleOutputCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
TerminateProcess
GetCurrentProcess
GetStartupInfoW
DeleteFileW
GetLastError
Sleep
WaitForSingleObject
IsValidCodePage
FindFirstFileExW
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
HeapReAlloc
LCMapStringW
CompareStringW
GetFileType
HeapAlloc
HeapFree
GetStdHandle
ExitProcess
WriteConsoleW
FindClose
RemoveDirectoryW
FindNextFileW
CreateMutexA
FindFirstFileW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
RtlUnwind
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW

user32

DestroyWindow
wsprintfW
FindWindowW
TranslateMessage
RegisterClassW
GetSystemMetrics
GetMessageW
DefWindowProcW
CreateWindowExW
SendMessageW
UnregisterClassW
IsWindow
DispatchMessageW

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
SetEntriesInAclW
GetUserNameW

shell32

SHGetFolderPathW

oleaut32

SysAllocString
SysFreeString
VariantClear
SysStringLen
SysAllocStringLen

wtsapi32

WTSRegisterSessionNotification

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

crypt32

CryptStringToBinaryA
CertCloseStore
CertOpenStore
CertAddEncodedCertificateToStore

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TestPutFile
libffi-6.dll
.dll windows:4 windows x86 arch:x86

8678bcc2dbe18635fe86607fa227d775

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:10:b0:f0:5e:fa:6c:4a:f5:53:e4:db
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9e:4c:55:78:f0:17:da:d0:9b:26:25:48:4b:4c:24:18:49:0e:a0:22
Signer

Actual PE Digest

9e:4c:55:78:f0:17:da:d0:9b:26:25:48:4b:4c:24:18:49:0e:a0:22

Digest Algorithm

sha1

PE Digest Matches

true

8d:b1:1d:50:d3:17:be:05:51:4b:8e:2a:ed:4a:e4:af:09:ba:84:a0:ae:95:9e:d4:f5:0d:ec:54:f8:57:25:2d
Signer

Actual PE Digest

8d:b1:1d:50:d3:17:be:05:51:4b:8e:2a:ed:4a:e4:af:09:ba:84:a0:ae:95:9e:d4:f5:0d:ec:54:f8:57:25:2d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
free
fwrite
malloc
memcpy
memmove
strlen
strncmp
_unlock
abort
vfprintf
calloc

Exports

Exports

ffi_call
ffi_call_win32
ffi_closure_FASTCALL
ffi_closure_STDCALL
ffi_closure_SYSV
ffi_closure_SYSV_inner
ffi_closure_THISCALL
ffi_closure_alloc
ffi_closure_free
ffi_closure_raw_SYSV
ffi_closure_raw_THISCALL
ffi_java_ptrarray_to_raw
ffi_java_raw_size
ffi_java_raw_to_ptrarray
ffi_prep_args
ffi_prep_cif
ffi_prep_cif_core
ffi_prep_cif_machdep
ffi_prep_cif_var
ffi_prep_closure
ffi_prep_closure_loc
ffi_prep_raw_closure
ffi_prep_raw_closure_loc
ffi_ptrarray_to_raw
ffi_raw_call
ffi_raw_size
ffi_raw_to_ptrarray
ffi_type_double
ffi_type_float
ffi_type_longdouble
ffi_type_pointer
ffi_type_sint16
ffi_type_sint32
ffi_type_sint64
ffi_type_sint8
ffi_type_uint16
ffi_type_uint32
ffi_type_uint64
ffi_type_uint8
ffi_type_void

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libgcc_s_sjlj-1.dll
.dll windows:4 windows x86 arch:x86

acf98f37c909d3e1d8941c3855a5dbd1

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

72:49:13:98:10:b1:50:f1:56:d7:7c:3d
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

df:af:93:ae:8f:af:53:6c:59:26:b6:c0:97:6d:74:96:45:f2:dd:d2
Signer

Actual PE Digest

df:af:93:ae:8f:af:53:6c:59:26:b6:c0:97:6d:74:96:45:f2:dd:d2

Digest Algorithm

sha1

PE Digest Matches

true

17:92:dd:6c:f7:db:9d:ee:52:ef:46:98:aa:7a:cd:c3:e4:ad:d5:39:2c:4c:23:c2:23:18:30:07:52:73:1b:92
Signer

Actual PE Digest

17:92:dd:6c:f7:db:9d:ee:52:ef:46:98:aa:7a:cd:c3:e4:ad:d5:39:2c:4c:23:c2:23:18:30:07:52:73:1b:92

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
free
fwrite
malloc
memcpy
memset
realloc
strlen
strncmp
_unlock
abort
vfprintf
calloc

libwinpthread-1

pthread_getspecific
pthread_key_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

Exports

Exports

_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_Find_FDE
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_SetGR
_Unwind_SetIP
_Unwind_SjLj_ForcedUnwind
_Unwind_SjLj_RaiseException
_Unwind_SjLj_Register
_Unwind_SjLj_Resume
_Unwind_SjLj_Resume_or_Rethrow
_Unwind_SjLj_Unregister
__absvdi2
__absvsi2
__addtf3
__addvdi3
__addvsi3
__ashldi3
__ashrdi3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbsi2
__clzdi2
__clzsi2
__cmpdi2
__ctzdi2
__ctzsi2
__deregister_frame
__deregister_frame_info
__deregister_frame_info_bases
__divdc3
__divdi3
__divmoddi4
__divsc3
__divtc3
__divtf3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffssi2
__fixdfdi
__fixsfdi
__fixtfdi
__fixtfsi
__fixunsdfdi
__fixunsdfsi
__fixunssfdi
__fixunssfsi
__fixunstfdi
__fixunstfsi
__fixunsxfdi
__fixunsxfsi
__fixxfdi
__floatdidf
__floatdisf
__floatditf
__floatdixf
__floatsitf
__floatundidf
__floatundisf
__floatunditf
__floatundixf
__floatunsitf
__gcc_personality_sj0
__getf2
__gttf2
__letf2
__lshrdi3
__lttf2
__moddi3
__muldc3
__muldi3
__mulsc3
__multc3
__multf3
__mulvdi3
__mulvsi3
__mulxc3
__negdi2
__negtf2
__negvdi2
__negvsi2
__netf2
__paritydi2
__paritysi2
__popcountdi2
__popcountsi2
__powidf2
__powisf2
__powitf2
__powixf2
__register_frame
__register_frame_info
__register_frame_info_bases
__register_frame_info_table
__register_frame_info_table_bases
__register_frame_table
__subtf3
__subvdi3
__subvsi3
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpdi2
__udivdi3
__udivmoddi4
__umoddi3
__unordtf2

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1012B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libgmp-10.dll
.dll windows:4 windows x86 arch:x86

ad83c523f93213d18ccd3d6841295b44

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:10:b0:f0:5e:fa:6c:4a:f5:53:e4:db
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e8:1a:e8:51:df:ea:a8:ce:82:b1:21:78:7c:6b:53:d1:6d:fe:f5:ea
Signer

Actual PE Digest

e8:1a:e8:51:df:ea:a8:ce:82:b1:21:78:7c:6b:53:d1:6d:fe:f5:ea

Digest Algorithm

sha1

PE Digest Matches

true

5d:bc:9a:37:a0:86:b5:e0:d0:10:c0:f7:fc:a5:a5:44:5b:0b:5c:5b:9e:ce:f7:b2:50:3b:cf:89:14:c6:3e:7e
Signer

Actual PE Digest

5d:bc:9a:37:a0:86:b5:e0:d0:10:c0:f7:fc:a5:a5:44:5b:0b:5c:5b:9e:ce:f7:b2:50:3b:cf:89:14:c6:3e:7e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
ferror
fgetc
fprintf
fputc
fread
free
fscanf
fwrite
getc
islower
isspace
isxdigit
localeconv
malloc
memcpy
memset
printf
putc
putchar
puts
raise
realloc
sscanf
strchr
strlen
strncmp
strtol
_unlock
abort
ungetc
vfprintf
vsprintf
calloc
_vsnprintf

Exports

Exports

__gmp_0
__gmp_allocate_func
__gmp_asprintf
__gmp_asprintf_final
__gmp_asprintf_funs
__gmp_asprintf_memory
__gmp_asprintf_reps
__gmp_assert_fail
__gmp_assert_header
__gmp_binvert_limb_table
__gmp_bits_per_limb
__gmp_default_allocate
__gmp_default_fp_limb_precision
__gmp_default_free
__gmp_default_reallocate
__gmp_digit_value_tab
__gmp_divide_by_zero
__gmp_doprnt
__gmp_doprnt_integer
__gmp_doprnt_mpf2
__gmp_doscan
__gmp_errno
__gmp_exception
__gmp_extract_double
__gmp_fac2cnt_table
__gmp_fib_table
__gmp_fprintf
__gmp_fprintf_funs
__gmp_free_func
__gmp_fscanf
__gmp_fscanf_funs
__gmp_get_memory_functions
__gmp_init_primesieve
__gmp_invalid_operation
__gmp_jacobi_table
__gmp_junk
__gmp_limbroots_table
__gmp_mt_recalc_buffer
__gmp_nextprime
__gmp_odd2fac_table
__gmp_oddfac_table
__gmp_primesieve
__gmp_printf
__gmp_randclear
__gmp_randclear_mt
__gmp_randget_mt
__gmp_randinit
__gmp_randinit_default
__gmp_randinit_lc_2exp
__gmp_randinit_lc_2exp_size
__gmp_randinit_mt
__gmp_randinit_mt_noseed
__gmp_randinit_set
__gmp_randiset_mt
__gmp_rands
__gmp_rands_initialized
__gmp_randseed
__gmp_randseed_ui
__gmp_reallocate_func
__gmp_scanf
__gmp_set_memory_functions
__gmp_snprintf
__gmp_snprintf_funs
__gmp_sprintf
__gmp_sprintf_funs
__gmp_sqrt_of_negative
__gmp_sscanf
__gmp_sscanf_funs
__gmp_tmp_reentrant_alloc
__gmp_tmp_reentrant_free
__gmp_urandomb_ui
__gmp_urandomm_ui
__gmp_vasprintf
__gmp_version
__gmp_vfprintf
__gmp_vfscanf
__gmp_vprintf
__gmp_vscanf
__gmp_vsnprintf
__gmp_vsprintf
__gmp_vsscanf
__gmpf_abs
__gmpf_add
__gmpf_add_ui
__gmpf_ceil
__gmpf_clear
__gmpf_clears
__gmpf_cmp
__gmpf_cmp_d
__gmpf_cmp_si
__gmpf_cmp_ui
__gmpf_cmp_z
__gmpf_div
__gmpf_div_2exp
__gmpf_div_ui
__gmpf_dump
__gmpf_eq
__gmpf_fits_sint_p
__gmpf_fits_slong_p
__gmpf_fits_sshort_p
__gmpf_fits_uint_p
__gmpf_fits_ulong_p
__gmpf_fits_ushort_p
__gmpf_floor
__gmpf_get_d
__gmpf_get_d_2exp
__gmpf_get_default_prec
__gmpf_get_prec
__gmpf_get_si
__gmpf_get_str
__gmpf_get_ui
__gmpf_init
__gmpf_init2
__gmpf_init_set
__gmpf_init_set_d
__gmpf_init_set_si
__gmpf_init_set_str
__gmpf_init_set_ui
__gmpf_inits
__gmpf_inp_str
__gmpf_integer_p
__gmpf_mul
__gmpf_mul_2exp
__gmpf_mul_ui
__gmpf_neg
__gmpf_out_str
__gmpf_pow_ui
__gmpf_random2
__gmpf_reldiff
__gmpf_set
__gmpf_set_d
__gmpf_set_default_prec
__gmpf_set_prec
__gmpf_set_prec_raw
__gmpf_set_q
__gmpf_set_si
__gmpf_set_str
__gmpf_set_ui
__gmpf_set_z
__gmpf_size
__gmpf_sqrt
__gmpf_sqrt_ui
__gmpf_sub
__gmpf_sub_ui
__gmpf_swap
__gmpf_trunc
__gmpf_ui_div
__gmpf_ui_sub
__gmpf_urandomb
__gmpn_add
__gmpn_add_1
__gmpn_add_err1_n
__gmpn_add_err2_n
__gmpn_add_err3_n
__gmpn_add_n
__gmpn_add_n_sub_n
__gmpn_add_nc
__gmpn_addmul_1
__gmpn_addmul_1c
__gmpn_and_n
__gmpn_andn_n
__gmpn_bases
__gmpn_bc_mulmod_bnm1
__gmpn_bc_set_str
__gmpn_bdiv_dbm1c
__gmpn_bdiv_q
__gmpn_bdiv_q_1
__gmpn_bdiv_q_itch
__gmpn_bdiv_qr
__gmpn_bdiv_qr_itch
__gmpn_binvert
__gmpn_binvert_itch
__gmpn_broot
__gmpn_broot_invm1
__gmpn_brootinv
__gmpn_bsqrt
__gmpn_bsqrtinv
__gmpn_cmp
__gmpn_cnd_add_n
__gmpn_cnd_sub_n
__gmpn_cnd_swap
__gmpn_com
__gmpn_copyd
__gmpn_copyi
__gmpn_dc_set_str
__gmpn_dcpi1_bdiv_q
__gmpn_dcpi1_bdiv_q_n
__gmpn_dcpi1_bdiv_q_n_itch
__gmpn_dcpi1_bdiv_qr
__gmpn_dcpi1_bdiv_qr_n
__gmpn_dcpi1_bdiv_qr_n_itch
__gmpn_dcpi1_div_q
__gmpn_dcpi1_div_qr
__gmpn_dcpi1_div_qr_n
__gmpn_dcpi1_divappr_q
__gmpn_dcpi1_divappr_q_n
__gmpn_div_q
__gmpn_div_qr_1
__gmpn_div_qr_1n_pi1
__gmpn_div_qr_2
__gmpn_div_qr_2n_pi1
__gmpn_div_qr_2u_pi1
__gmpn_divexact
__gmpn_divexact_1
__gmpn_divexact_by3
__gmpn_divexact_by3c
__gmpn_divisible_p
__gmpn_divmod_1
__gmpn_divrem
__gmpn_divrem_1
__gmpn_divrem_1c
__gmpn_divrem_2
__gmpn_dump
__gmpn_fft_best_k
__gmpn_fft_next_size
__gmpn_fib2_ui
__gmpn_gcd
__gmpn_gcd_1
__gmpn_gcd_subdiv_step
__gmpn_gcdext
__gmpn_gcdext_1
__gmpn_gcdext_hook
__gmpn_gcdext_lehmer_n
__gmpn_get_d
__gmpn_get_str
__gmpn_hamdist
__gmpn_hgcd
__gmpn_hgcd2
__gmpn_hgcd2_jacobi
__gmpn_hgcd_appr
__gmpn_hgcd_appr_itch
__gmpn_hgcd_itch
__gmpn_hgcd_jacobi
__gmpn_hgcd_matrix_adjust
__gmpn_hgcd_matrix_init
__gmpn_hgcd_matrix_mul
__gmpn_hgcd_matrix_mul_1
__gmpn_hgcd_matrix_update_q
__gmpn_hgcd_mul_matrix1_vector
__gmpn_hgcd_reduce
__gmpn_hgcd_reduce_itch
__gmpn_hgcd_step
__gmpn_invert
__gmpn_invertappr
__gmpn_ior_n
__gmpn_iorn_n
__gmpn_jacobi_2
__gmpn_jacobi_base
__gmpn_jacobi_n
__gmpn_lshift
__gmpn_lshiftc
__gmpn_matrix22_mul
__gmpn_matrix22_mul1_inverse_vector
__gmpn_matrix22_mul_itch
__gmpn_matrix22_mul_strassen
__gmpn_mod_1
__gmpn_mod_1_1p
__gmpn_mod_1_1p_cps
__gmpn_mod_1s_2p
__gmpn_mod_1s_2p_cps
__gmpn_mod_1s_3p
__gmpn_mod_1s_3p_cps
__gmpn_mod_1s_4p
__gmpn_mod_1s_4p_cps
__gmpn_mod_34lsub1
__gmpn_modexact_1_odd
__gmpn_modexact_1c_odd
__gmpn_mu_bdiv_q
__gmpn_mu_bdiv_q_itch
__gmpn_mu_bdiv_qr
__gmpn_mu_bdiv_qr_itch
__gmpn_mu_div_q
__gmpn_mu_div_q_itch
__gmpn_mu_div_qr
__gmpn_mu_div_qr_choose_in
__gmpn_mu_div_qr_itch
__gmpn_mu_divappr_q
__gmpn_mu_divappr_q_choose_in
__gmpn_mu_divappr_q_itch
__gmpn_mul
__gmpn_mul_1
__gmpn_mul_basecase
__gmpn_mul_fft
__gmpn_mul_n
__gmpn_mullo_basecase
__gmpn_mullo_n
__gmpn_mulmid
__gmpn_mulmid_basecase
__gmpn_mulmid_n
__gmpn_mulmod_bnm1
__gmpn_mulmod_bnm1_next_size
__gmpn_nand_n
__gmpn_neg
__gmpn_ni_invertappr
__gmpn_nior_n
__gmpn_nussbaumer_mul
__gmpn_perfect_power_p
__gmpn_perfect_square_p
__gmpn_pi1_bdiv_q_1
__gmpn_popcount
__gmpn_pow_1
__gmpn_powlo
__gmpn_powm
__gmpn_preinv_divrem_1
__gmpn_preinv_mod_1
__gmpn_preinv_mu_div_qr
__gmpn_preinv_mu_div_qr_itch
__gmpn_preinv_mu_divappr_q
__gmpn_random
__gmpn_random2
__gmpn_redc_1
__gmpn_redc_2
__gmpn_redc_n
__gmpn_remove
__gmpn_rootrem
__gmpn_rshift
__gmpn_sbpi1_bdiv_q
__gmpn_sbpi1_bdiv_qr
__gmpn_sbpi1_div_q
__gmpn_sbpi1_div_qr
__gmpn_sbpi1_divappr_q
__gmpn_scan0
__gmpn_scan1
__gmpn_sec_add_1
__gmpn_sec_add_1_itch
__gmpn_sec_div_qr
__gmpn_sec_div_qr_itch
__gmpn_sec_div_r
__gmpn_sec_div_r_itch
__gmpn_sec_invert
__gmpn_sec_invert_itch
__gmpn_sec_mul
__gmpn_sec_mul_itch
__gmpn_sec_pi1_div_qr
__gmpn_sec_pi1_div_r
__gmpn_sec_powm
__gmpn_sec_powm_itch
__gmpn_sec_sqr
__gmpn_sec_sqr_itch
__gmpn_sec_sub_1
__gmpn_sec_sub_1_itch
__gmpn_sec_tabselect
__gmpn_set_str
__gmpn_set_str_compute_powtab
__gmpn_sizeinbase
__gmpn_sqr
__gmpn_sqr_basecase
__gmpn_sqrlo
__gmpn_sqrlo_basecase
__gmpn_sqrmod_bnm1
__gmpn_sqrmod_bnm1_next_size
__gmpn_sqrtrem
__gmpn_sub
__gmpn_sub_1
__gmpn_sub_err1_n
__gmpn_sub_err2_n
__gmpn_sub_err3_n
__gmpn_sub_n
__gmpn_sub_nc
__gmpn_submul_1
__gmpn_submul_1c
__gmpn_tdiv_qr
__gmpn_toom22_mul
__gmpn_toom2_sqr
__gmpn_toom32_mul
__gmpn_toom33_mul
__gmpn_toom3_sqr
__gmpn_toom42_mul
__gmpn_toom42_mulmid
__gmpn_toom43_mul
__gmpn_toom44_mul
__gmpn_toom4_sqr
__gmpn_toom52_mul
__gmpn_toom53_mul
__gmpn_toom54_mul
__gmpn_toom62_mul
__gmpn_toom63_mul
__gmpn_toom6_sqr
__gmpn_toom6h_mul
__gmpn_toom8_sqr
__gmpn_toom8h_mul
__gmpn_toom_couple_handling
__gmpn_toom_eval_dgr3_pm1
__gmpn_toom_eval_dgr3_pm2
__gmpn_toom_eval_pm1
__gmpn_toom_eval_pm2
__gmpn_toom_eval_pm2exp
__gmpn_toom_eval_pm2rexp
__gmpn_toom_interpolate_12pts
__gmpn_toom_interpolate_16pts
__gmpn_toom_interpolate_5pts
__gmpn_toom_interpolate_6pts
__gmpn_toom_interpolate_7pts
__gmpn_toom_interpolate_8pts
__gmpn_trialdiv
__gmpn_udiv_qrnnd
__gmpn_umul_ppmm
__gmpn_xnor_n
__gmpn_xor_n
__gmpn_zero
__gmpn_zero_p
__gmpq_abs
__gmpq_add
__gmpq_canonicalize
__gmpq_clear
__gmpq_clears
__gmpq_cmp
__gmpq_cmp_si
__gmpq_cmp_ui
__gmpq_cmp_z
__gmpq_div
__gmpq_div_2exp
__gmpq_equal
__gmpq_get_d
__gmpq_get_den
__gmpq_get_num
__gmpq_get_str
__gmpq_init
__gmpq_inits
__gmpq_inp_str
__gmpq_inv
__gmpq_mul
__gmpq_mul_2exp
__gmpq_neg
__gmpq_out_str
__gmpq_set
__gmpq_set_d
__gmpq_set_den
__gmpq_set_f
__gmpq_set_num
__gmpq_set_si
__gmpq_set_str
__gmpq_set_ui
__gmpq_set_z
__gmpq_sub
__gmpq_swap
__gmpz_2fac_ui
__gmpz_abs
__gmpz_add
__gmpz_add_ui
__gmpz_addmul
__gmpz_addmul_ui
__gmpz_and
__gmpz_aorsmul_1
__gmpz_array_init
__gmpz_bin_ui
__gmpz_bin_uiui
__gmpz_cdiv_q
__gmpz_cdiv_q_2exp
__gmpz_cdiv_q_ui
__gmpz_cdiv_qr
__gmpz_cdiv_qr_ui
__gmpz_cdiv_r
__gmpz_cdiv_r_2exp
__gmpz_cdiv_r_ui
__gmpz_cdiv_ui
__gmpz_clear
__gmpz_clears
__gmpz_clrbit
__gmpz_cmp
__gmpz_cmp_d
__gmpz_cmp_si
__gmpz_cmp_ui
__gmpz_cmpabs
__gmpz_cmpabs_d
__gmpz_cmpabs_ui
__gmpz_com
__gmpz_combit
__gmpz_congruent_2exp_p
__gmpz_congruent_p
__gmpz_congruent_ui_p
__gmpz_divexact
__gmpz_divexact_gcd
__gmpz_divexact_ui
__gmpz_divisible_2exp_p
__gmpz_divisible_p
__gmpz_divisible_ui_p
__gmpz_dump
__gmpz_export
__gmpz_fac_ui
__gmpz_fdiv_q
__gmpz_fdiv_q_2exp
__gmpz_fdiv_q_ui
__gmpz_fdiv_qr
__gmpz_fdiv_qr_ui
__gmpz_fdiv_r
__gmpz_fdiv_r_2exp
__gmpz_fdiv_r_ui
__gmpz_fdiv_ui
__gmpz_fib2_ui
__gmpz_fib_ui
__gmpz_fits_sint_p
__gmpz_fits_slong_p
__gmpz_fits_sshort_p
__gmpz_fits_uint_p
__gmpz_fits_ulong_p
__gmpz_fits_ushort_p
__gmpz_gcd
__gmpz_gcd_ui
__gmpz_gcdext

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 972B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libgnutls-30.dll
.dll windows:4 windows x86 arch:x86

c7bb5599739f2e7a4521a0cbdd0407fb

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

72:49:13:98:10:b1:50:f1:56:d7:7c:3d
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ea:c8:b4:b5:49:af:b6:d0:11:be:32:80:48:f2:58:d1:40:e4:bc:56
Signer

Actual PE Digest

ea:c8:b4:b5:49:af:b6:d0:11:be:32:80:48:f2:58:d1:40:e4:bc:56

Digest Algorithm

sha1

PE Digest Matches

true

c1:5a:c5:9f:d4:2e:d6:30:c9:ff:6c:6e:dc:6c:20:91:6c:24:a1:b8:89:0c:6a:96:59:b3:97:c3:4d:e0:d6:09
Signer

Actual PE Digest

c1:5a:c5:9f:d4:2e:d6:30:c9:ff:6c:6e:dc:6c:20:91:6c:24:a1:b8:89:0c:6a:96:59:b3:97:c3:4d:e0:d6:09

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptReleaseContext
CryptSetHashParam
CryptSetProvParam
CryptSignHashA

crypt32

CertCloseStore
CertDeleteCertificateFromStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenSystemStoreA
PFXImportCertStore

libgcc_s_sjlj-1

__divdi3
__emutls_get_address
__moddi3
__udivdi3
__umoddi3

libgmp-10

__gmpn_rshift
__gmpn_sub_n
__gmpz_add
__gmpz_add_ui
__gmpz_cdiv_q
__gmpz_clear
__gmpz_cmp
__gmpz_cmp_ui
__gmpz_export
__gmpz_fdiv_q
__gmpz_fdiv_q_2exp
__gmpz_fdiv_r
__gmpz_fdiv_r_2exp
__gmpz_gcd
__gmpz_import
__gmpz_init
__gmpz_invert
__gmpz_lcm
__gmpz_limbs_finish
__gmpz_limbs_write
__gmpz_mod
__gmpz_mul
__gmpz_mul_2exp
__gmpz_mul_ui
__gmpz_powm
__gmpz_probab_prime_p
__gmpz_set
__gmpz_set_ui
__gmpz_sizeinbase
__gmpz_sqrt
__gmpz_sub
__gmpz_sub_ui
__gmpz_tstbit

libhogweed-4

_nettle_cnd_copy
_nettle_ecc_add_jjj
_nettle_ecc_j_to_a
_nettle_ecc_mod
_nettle_ecc_mod_add
_nettle_ecc_mod_inv
_nettle_ecc_mod_mul
_nettle_ecc_mod_random
_nettle_ecc_mul_a
_nettle_ecc_mul_g
_nettle_gmp_alloc_limbs
_nettle_gmp_free_limbs
_nettle_mpn_set_base256_le
_nettle_mpz_limbs_copy
nettle_curve25519_mul
nettle_curve25519_mul_g
nettle_dsa_generate_params
nettle_dsa_params_clear
nettle_dsa_params_init
nettle_dsa_sign
nettle_dsa_signature_clear
nettle_dsa_signature_init
nettle_dsa_verify
nettle_ecc_bit_size
nettle_ecc_point_clear
nettle_ecc_point_get
nettle_ecc_point_init
nettle_ecc_point_mul
nettle_ecc_point_mul_g
nettle_ecc_point_set
nettle_ecc_scalar_clear
nettle_ecc_scalar_get
nettle_ecc_scalar_init
nettle_ecc_scalar_set
nettle_ecc_size
nettle_ecc_size_a
nettle_ecdsa_generate_keypair
nettle_ecdsa_sign
nettle_ecdsa_verify
nettle_ed25519_sha512_public_key
nettle_ed25519_sha512_sign
nettle_ed25519_sha512_verify
nettle_get_secp_256r1
nettle_get_secp_384r1
nettle_get_secp_521r1
nettle_mpz_get_str_256
nettle_mpz_random
nettle_mpz_random_size
nettle_mpz_set_str_256_s
nettle_mpz_set_str_256_u
nettle_mpz_sizeinbase_256_s
nettle_mpz_sizeinbase_256_u
nettle_rsa_decrypt_tr
nettle_rsa_encrypt
nettle_rsa_generate_keypair
nettle_rsa_pkcs1_sign_tr
nettle_rsa_pkcs1_verify
nettle_rsa_private_key_clear
nettle_rsa_private_key_init
nettle_rsa_private_key_prepare
nettle_rsa_pss_sha256_sign_digest_tr
nettle_rsa_pss_sha256_verify_digest
nettle_rsa_pss_sha384_sign_digest_tr
nettle_rsa_pss_sha384_verify_digest
nettle_rsa_pss_sha512_sign_digest_tr
nettle_rsa_pss_sha512_verify_digest
nettle_rsa_public_key_clear
nettle_rsa_public_key_init
nettle_rsa_public_key_prepare

libidn2-0

idn2_free
idn2_strerror
idn2_to_ascii_8z
idn2_to_unicode_8z8z

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileInformationByHandle
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
_amsg_exit
_errno
_exit
_findclose
_findfirst
_fullpath
_get_osfhandle
_initterm
_iob
_lock
_mkdir
_onexit
_snwprintf
_stricmp
_strnicmp
time
localtime
gmtime
fclose
ferror
fflush
fgetpos
fgets
fopen
fputc
fread
free
fwprintf
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
raise
realloc
setlocale
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncat
strncmp
strpbrk
strrchr
strstr
strtol
strtoul
_unlock
abort
atoi
time
tolower
ungetc
vfprintf
wcscpy
wcslen
atol
calloc
_findnext
_lseek
_fileno

libnettle-6

_nettle_write_le32
nettle_aes128_decrypt
nettle_aes128_encrypt
nettle_aes128_set_decrypt_key
nettle_aes128_set_encrypt_key
nettle_aes192_decrypt
nettle_aes192_encrypt
nettle_aes192_set_decrypt_key
nettle_aes192_set_encrypt_key
nettle_aes256_decrypt
nettle_aes256_encrypt
nettle_aes256_set_decrypt_key
nettle_aes256_set_encrypt_key
nettle_arcfour128_set_key
nettle_arcfour_crypt
nettle_arcfour_set_key
nettle_arctwo40_set_key
nettle_arctwo_decrypt
nettle_arctwo_encrypt
nettle_base64_decode_final
nettle_base64_decode_init
nettle_base64_decode_update
nettle_base64_encode_raw
nettle_camellia128_crypt
nettle_camellia128_set_encrypt_key
nettle_camellia192_set_decrypt_key
nettle_camellia192_set_encrypt_key
nettle_camellia256_crypt
nettle_camellia256_set_decrypt_key
nettle_camellia256_set_encrypt_key
nettle_camellia_set_decrypt_key
nettle_cbc_decrypt
nettle_cbc_encrypt
nettle_ccm_decrypt_message
nettle_ccm_encrypt_message
nettle_cfb_decrypt
nettle_cfb_encrypt
nettle_chacha_crypt
nettle_chacha_poly1305_decrypt
nettle_chacha_poly1305_digest
nettle_chacha_poly1305_encrypt
nettle_chacha_poly1305_set_key
nettle_chacha_poly1305_set_nonce
nettle_chacha_poly1305_update
nettle_chacha_set_key
nettle_chacha_set_nonce
nettle_des3_decrypt
nettle_des3_encrypt
nettle_des3_set_key
nettle_des_decrypt
nettle_des_encrypt
nettle_des_set_key
nettle_gcm_aes128_digest
nettle_gcm_aes128_set_iv
nettle_gcm_aes128_set_key
nettle_gcm_aes128_update
nettle_gcm_aes256_digest
nettle_gcm_aes256_set_iv
nettle_gcm_aes256_set_key
nettle_gcm_aes256_update
nettle_gcm_camellia128_digest
nettle_gcm_camellia128_set_iv
nettle_gcm_camellia128_set_key
nettle_gcm_camellia128_update
nettle_gcm_camellia256_digest
nettle_gcm_camellia256_set_iv
nettle_gcm_camellia256_set_key
nettle_gcm_camellia256_update
nettle_gcm_decrypt
nettle_gcm_digest
nettle_gcm_encrypt
nettle_gcm_set_iv
nettle_gcm_set_key
nettle_gcm_update
nettle_gosthash94_init
nettle_hkdf_expand
nettle_hmac_digest
nettle_hmac_md5_digest
nettle_hmac_md5_set_key
nettle_hmac_md5_update
nettle_hmac_set_key
nettle_hmac_sha1_digest
nettle_hmac_sha1_set_key
nettle_hmac_sha1_update
nettle_hmac_sha224_digest
nettle_hmac_sha224_set_key
nettle_hmac_sha256_digest
nettle_hmac_sha256_set_key
nettle_hmac_sha256_update
nettle_hmac_sha384_digest
nettle_hmac_sha384_set_key
nettle_hmac_sha512_digest
nettle_hmac_sha512_set_key
nettle_hmac_sha512_update
nettle_md2_digest
nettle_md2_init
nettle_md2_update
nettle_md5_digest
nettle_md5_init
nettle_md5_update
nettle_memxor
nettle_pbkdf2
nettle_pbkdf2_hmac_sha1
nettle_pbkdf2_hmac_sha256
nettle_salsa20_256_set_key
nettle_salsa20_crypt
nettle_salsa20r12_crypt
nettle_sha1_digest
nettle_sha1_init
nettle_sha1_update
nettle_sha224_digest
nettle_sha224_init
nettle_sha256_digest
nettle_sha256_init
nettle_sha256_update
nettle_sha384_digest
nettle_sha384_init
nettle_sha3_224_digest
nettle_sha3_224_init
nettle_sha3_224_update
nettle_sha3_256_digest
nettle_sha3_256_init
nettle_sha3_256_update
nettle_sha3_384_digest
nettle_sha3_384_init
nettle_sha3_384_update
nettle_sha3_512_digest
nettle_sha3_512_init
nettle_sha3_512_update
nettle_sha512_digest
nettle_sha512_init
nettle_sha512_update
nettle_umac128_digest
nettle_umac128_set_key
nettle_umac128_set_nonce
nettle_umac128_update
nettle_umac96_digest
nettle_umac96_set_key
nettle_umac96_set_nonce
nettle_umac96_update

libp11-kit-0

p11_kit_config_option
p11_kit_message
p11_kit_module_finalize
p11_kit_module_get_flags
p11_kit_module_get_name
p11_kit_module_initialize
p11_kit_module_load
p11_kit_module_release
p11_kit_modules_load_and_initialize
p11_kit_pin_file_callback
p11_kit_pin_get_length
p11_kit_pin_get_value
p11_kit_pin_new_for_string
p11_kit_pin_register_callback
p11_kit_pin_request
p11_kit_pin_unref
p11_kit_pin_unregister_callback
p11_kit_space_strdup
p11_kit_space_strlen
p11_kit_strerror
p11_kit_uri_format
p11_kit_uri_free
p11_kit_uri_get_attribute
p11_kit_uri_get_attributes
p11_kit_uri_get_module_info
p11_kit_uri_get_pin_source
p11_kit_uri_get_pin_value
p11_kit_uri_get_token_info
p11_kit_uri_match_module_info
p11_kit_uri_match_token_info
p11_kit_uri_new
p11_kit_uri_parse
p11_kit_uri_set_attribute

libwinpthread-1

clock_gettime

user32

MessageBoxW

ws2_32

WSAGetLastError
WSASetLastError
connect
recv
select
send

Exports

Exports

_dsa_generate_dss_g
_dsa_generate_dss_pq
_dsa_validate_dss_g
_dsa_validate_dss_pq
_gnutls13_psk_ext_iter_next_binder
_gnutls13_psk_ext_iter_next_identity
_gnutls13_psk_ext_parser_init
_gnutls_bin2hex
_gnutls_buffer_append_str
_gnutls_buffer_init
_gnutls_buffer_to_datum
_gnutls_cidr_to_string
_gnutls_cipher_to_entry
_gnutls_decode_ber_rs_raw
_gnutls_default_priority_string
_gnutls_digest_exists
_gnutls_encode_ber_rs_raw
_gnutls_hello_set_default_version
_gnutls_ip_to_string
_gnutls_lib_force_operational
_gnutls_lib_simulate_error
_gnutls_log
_gnutls_log_level
_gnutls_mac_to_entry
_gnutls_mpi_log
_gnutls_mpi_ops
_gnutls_pkcs11_token_get_url
_gnutls_pkcs12_string_to_key
_gnutls_prf_raw
_gnutls_record_overhead
_gnutls_record_set_default_version
_gnutls_resolve_priorities
_gnutls_rsa_pms_set_version
_gnutls_server_name_set_raw
_gnutls_set_session_ticket_key_rotation_callback
_gnutls_supplemental_deinit
_gnutls_ucs2_to_utf8
_gnutls_utf8_to_ucs2
_gnutls_version_to_entry
_gnutls_x509_name_constraints_merge
_rsa_generate_fips186_4_keypair
dsa_generate_dss_keypair
gnutls_aead_cipher_decrypt
gnutls_aead_cipher_deinit
gnutls_aead_cipher_encrypt
gnutls_aead_cipher_encryptv
gnutls_aead_cipher_init
gnutls_alert_get
gnutls_alert_get_name
gnutls_alert_get_strname
gnutls_alert_send
gnutls_alert_send_appropriate
gnutls_alpn_get_selected_protocol
gnutls_alpn_set_protocols
gnutls_anon_allocate_client_credentials
gnutls_anon_allocate_server_credentials
gnutls_anon_free_client_credentials
gnutls_anon_free_server_credentials
gnutls_anon_set_params_function
gnutls_anon_set_server_dh_params
gnutls_anon_set_server_known_dh_params
gnutls_anon_set_server_params_function
gnutls_auth_client_get_type
gnutls_auth_get_type
gnutls_auth_server_get_type
gnutls_base64_decode2
gnutls_base64_encode2
gnutls_buffer_append_data
gnutls_bye
gnutls_calloc
gnutls_certificate_activation_time_peers
gnutls_certificate_allocate_credentials
gnutls_certificate_client_get_request_status
gnutls_certificate_expiration_time_peers
gnutls_certificate_free_ca_names
gnutls_certificate_free_cas
gnutls_certificate_free_credentials
gnutls_certificate_free_crls
gnutls_certificate_free_keys
gnutls_certificate_get_crt_raw
gnutls_certificate_get_issuer
gnutls_certificate_get_ocsp_expiration
gnutls_certificate_get_openpgp_crt
gnutls_certificate_get_openpgp_key
gnutls_certificate_get_ours
gnutls_certificate_get_peers
gnutls_certificate_get_peers_subkey_id
gnutls_certificate_get_trust_list
gnutls_certificate_get_verify_flags
gnutls_certificate_get_x509_crt
gnutls_certificate_get_x509_key
gnutls_certificate_send_x509_rdn_sequence
gnutls_certificate_server_set_request
gnutls_certificate_set_dh_params
gnutls_certificate_set_flags
gnutls_certificate_set_key
gnutls_certificate_set_known_dh_params
gnutls_certificate_set_ocsp_status_request_file
gnutls_certificate_set_ocsp_status_request_file2
gnutls_certificate_set_ocsp_status_request_function
gnutls_certificate_set_ocsp_status_request_function2
gnutls_certificate_set_ocsp_status_request_mem
gnutls_certificate_set_openpgp_key
gnutls_certificate_set_openpgp_key_file
gnutls_certificate_set_openpgp_key_file2
gnutls_certificate_set_openpgp_key_mem
gnutls_certificate_set_openpgp_key_mem2
gnutls_certificate_set_openpgp_keyring_file
gnutls_certificate_set_openpgp_keyring_mem
gnutls_certificate_set_params_function
gnutls_certificate_set_pin_function
gnutls_certificate_set_retrieve_function
gnutls_certificate_set_retrieve_function2
gnutls_certificate_set_retrieve_function3
gnutls_certificate_set_trust_list
gnutls_certificate_set_verify_flags
gnutls_certificate_set_verify_function
gnutls_certificate_set_verify_limits
gnutls_certificate_set_x509_crl
gnutls_certificate_set_x509_crl_file
gnutls_certificate_set_x509_crl_mem
gnutls_certificate_set_x509_key
gnutls_certificate_set_x509_key_file
gnutls_certificate_set_x509_key_file2
gnutls_certificate_set_x509_key_mem
gnutls_certificate_set_x509_key_mem2
gnutls_certificate_set_x509_simple_pkcs12_file
gnutls_certificate_set_x509_simple_pkcs12_mem
gnutls_certificate_set_x509_system_trust
gnutls_certificate_set_x509_trust
gnutls_certificate_set_x509_trust_dir
gnutls_certificate_set_x509_trust_file
gnutls_certificate_set_x509_trust_mem
gnutls_certificate_type_get
gnutls_certificate_type_get2
gnutls_certificate_type_get_id
gnutls_certificate_type_get_name
gnutls_certificate_type_list
gnutls_certificate_verification_status_print
gnutls_certificate_verify_peers
gnutls_certificate_verify_peers2
gnutls_certificate_verify_peers3
gnutls_check_version
gnutls_cipher_add_auth
gnutls_cipher_decrypt
gnutls_cipher_decrypt2
gnutls_cipher_deinit
gnutls_cipher_encrypt
gnutls_cipher_encrypt2
gnutls_cipher_get
gnutls_cipher_get_block_size
gnutls_cipher_get_id
gnutls_cipher_get_iv_size
gnutls_cipher_get_key_size
gnutls_cipher_get_name
gnutls_cipher_get_tag_size
gnutls_cipher_init
gnutls_cipher_list
gnutls_cipher_self_test
gnutls_cipher_set_iv
gnutls_cipher_suite_get_name
gnutls_cipher_suite_info
gnutls_cipher_tag
gnutls_compression_get
gnutls_compression_get_id
gnutls_compression_get_name
gnutls_compression_list
gnutls_credentials_clear
gnutls_credentials_get
gnutls_credentials_set
gnutls_crypto_register_aead_cipher
gnutls_crypto_register_cipher
gnutls_crypto_register_digest
gnutls_crypto_register_mac
gnutls_db_check_entry
gnutls_db_check_entry_time
gnutls_db_get_default_cache_expiration
gnutls_db_get_ptr
gnutls_db_remove_session
gnutls_db_set_cache_expiration
gnutls_db_set_ptr
gnutls_db_set_remove_function
gnutls_db_set_retrieve_function
gnutls_db_set_store_function
gnutls_decode_ber_digest_info
gnutls_decode_gost_rs_value
gnutls_decode_rs_value
gnutls_deinit
gnutls_dh_get_group
gnutls_dh_get_peers_public_bits
gnutls_dh_get_prime_bits
gnutls_dh_get_pubkey
gnutls_dh_get_secret_bits
gnutls_dh_params_cpy
gnutls_dh_params_deinit
gnutls_dh_params_export2_pkcs3
gnutls_dh_params_export_pkcs3
gnutls_dh_params_export_raw
gnutls_dh_params_generate2
gnutls_dh_params_import_dsa
gnutls_dh_params_import_pkcs3
gnutls_dh_params_import_raw
gnutls_dh_params_import_raw2
gnutls_dh_params_init
gnutls_dh_set_prime_bits
gnutls_digest_get_id
gnutls_digest_get_name
gnutls_digest_get_oid
gnutls_digest_list
gnutls_digest_self_test
gnutls_dtls_cookie_send
gnutls_dtls_cookie_verify
gnutls_dtls_get_data_mtu
gnutls_dtls_get_mtu
gnutls_dtls_get_timeout
gnutls_dtls_prestate_set
gnutls_dtls_set_data_mtu
gnutls_dtls_set_mtu
gnutls_dtls_set_timeouts
gnutls_ecc_curve_get
gnutls_ecc_curve_get_id
gnutls_ecc_curve_get_name
gnutls_ecc_curve_get_oid
gnutls_ecc_curve_get_pk
gnutls_ecc_curve_get_size
gnutls_ecc_curve_list
gnutls_encode_ber_digest_info
gnutls_encode_gost_rs_value
gnutls_encode_rs_value
gnutls_error_is_fatal
gnutls_error_to_alert
gnutls_est_record_overhead_size
gnutls_ext_get_current_msg
gnutls_ext_get_data
gnutls_ext_get_name
gnutls_ext_raw_parse
gnutls_ext_register
gnutls_ext_set_data
gnutls_ffdhe_2048_group_generator
gnutls_ffdhe_2048_group_prime
gnutls_ffdhe_2048_key_bits
gnutls_ffdhe_3072_group_generator
gnutls_ffdhe_3072_group_prime
gnutls_ffdhe_3072_key_bits
gnutls_ffdhe_4096_group_generator
gnutls_ffdhe_4096_group_prime
gnutls_ffdhe_4096_key_bits
gnutls_ffdhe_6144_group_generator
gnutls_ffdhe_6144_group_prime
gnutls_ffdhe_6144_key_bits
gnutls_ffdhe_8192_group_generator
gnutls_ffdhe_8192_group_prime
gnutls_ffdhe_8192_key_bits
gnutls_fingerprint
gnutls_fips140_mode_enabled
gnutls_fips140_set_mode
gnutls_free
gnutls_global_deinit
gnutls_global_init
gnutls_global_set_audit_log_function
gnutls_global_set_log_function
gnutls_global_set_log_level
gnutls_global_set_mem_functions
gnutls_global_set_mutex
gnutls_global_set_time_function
gnutls_gost_paramset_get_name
gnutls_gost_paramset_get_oid
gnutls_group_get
gnutls_group_get_id
gnutls_group_get_name
gnutls_group_list
gnutls_handshake
gnutls_handshake_description_get_name
gnutls_handshake_get_last_in
gnutls_handshake_get_last_out
gnutls_handshake_set_hook_function
gnutls_handshake_set_max_packet_length
gnutls_handshake_set_post_client_hello_function
gnutls_handshake_set_private_extensions
gnutls_handshake_set_random
gnutls_handshake_set_timeout
gnutls_hash
gnutls_hash_deinit
gnutls_hash_fast
gnutls_hash_get_len
gnutls_hash_init
gnutls_hash_output
gnutls_heartbeat_allowed
gnutls_heartbeat_enable
gnutls_heartbeat_get_timeout
gnutls_heartbeat_ping
gnutls_heartbeat_pong
gnutls_heartbeat_set_timeouts
gnutls_hex2bin
gnutls_hex_decode
gnutls_hex_decode2
gnutls_hex_encode
gnutls_hex_encode2
gnutls_hmac
gnutls_hmac_deinit
gnutls_hmac_fast
gnutls_hmac_get_len
gnutls_hmac_init
gnutls_hmac_output
gnutls_hmac_set_nonce
gnutls_idna_map
gnutls_idna_reverse_map
gnutls_init
gnutls_key_generate
gnutls_kx_get
gnutls_kx_get_id
gnutls_kx_get_name
gnutls_kx_list
gnutls_load_file
gnutls_mac_get
gnutls_mac_get_id
gnutls_mac_get_key_size
gnutls_mac_get_name
gnutls_mac_get_nonce_size
gnutls_mac_list
gnutls_mac_self_test
gnutls_malloc
gnutls_memcmp
gnutls_memset
gnutls_ocsp_req_add_cert
gnutls_ocsp_req_add_cert_id
gnutls_ocsp_req_deinit
gnutls_ocsp_req_export
gnutls_ocsp_req_get_cert_id
gnutls_ocsp_req_get_extension
gnutls_ocsp_req_get_nonce
gnutls_ocsp_req_get_version
gnutls_ocsp_req_import
gnutls_ocsp_req_init
gnutls_ocsp_req_print
gnutls_ocsp_req_randomize_nonce
gnutls_ocsp_req_set_extension
gnutls_ocsp_req_set_nonce
gnutls_ocsp_resp_check_crt
gnutls_ocsp_resp_deinit
gnutls_ocsp_resp_export
gnutls_ocsp_resp_export2
gnutls_ocsp_resp_get_certs
gnutls_ocsp_resp_get_extension
gnutls_ocsp_resp_get_nonce
gnutls_ocsp_resp_get_produced
gnutls_ocsp_resp_get_responder
gnutls_ocsp_resp_get_responder2
gnutls_ocsp_resp_get_responder_raw_id
gnutls_ocsp_resp_get_response
gnutls_ocsp_resp_get_signature
gnutls_ocsp_resp_get_signature_algorithm
gnutls_ocsp_resp_get_single
gnutls_ocsp_resp_get_status
gnutls_ocsp_resp_get_version
gnutls_ocsp_resp_import
gnutls_ocsp_resp_import2
gnutls_ocsp_resp_init
gnutls_ocsp_resp_list_import2
gnutls_ocsp_resp_print
gnutls_ocsp_resp_verify
gnutls_ocsp_resp_verify_direct
gnutls_ocsp_status_request_enable_client
gnutls_ocsp_status_request_get
gnutls_ocsp_status_request_get2
gnutls_ocsp_status_request_is_checked
gnutls_oid_to_digest
gnutls_oid_to_ecc_curve
gnutls_oid_to_gost_paramset
gnutls_oid_to_mac
gnutls_oid_to_pk
gnutls_oid_to_sign
gnutls_openpgp_crt_check_email
gnutls_openpgp_crt_check_hostname
gnutls_openpgp_crt_check_hostname2
gnutls_openpgp_crt_deinit
gnutls_openpgp_crt_export
gnutls_openpgp_crt_export2
gnutls_openpgp_crt_get_auth_subkey
gnutls_openpgp_crt_get_creation_time
gnutls_openpgp_crt_get_expiration_time
gnutls_openpgp_crt_get_fingerprint
gnutls_openpgp_crt_get_key_id
gnutls_openpgp_crt_get_key_usage
gnutls_openpgp_crt_get_name
gnutls_openpgp_crt_get_pk_algorithm
gnutls_openpgp_crt_get_pk_dsa_raw
gnutls_openpgp_crt_get_pk_rsa_raw
gnutls_openpgp_crt_get_preferred_key_id
gnutls_openpgp_crt_get_revoked_status
gnutls_openpgp_crt_get_subkey_count
gnutls_openpgp_crt_get_subkey_creation_time
gnutls_openpgp_crt_get_subkey_expiration_time
gnutls_openpgp_crt_get_subkey_fingerprint
gnutls_openpgp_crt_get_subkey_id
gnutls_openpgp_crt_get_subkey_idx
gnutls_openpgp_crt_get_subkey_pk_algorithm
gnutls_openpgp_crt_get_subkey_pk_dsa_raw
gnutls_openpgp_crt_get_subkey_pk_rsa_raw
gnutls_openpgp_crt_get_subkey_revoked_status
gnutls_openpgp_crt_get_subkey_usage
gnutls_openpgp_crt_get_version
gnutls_openpgp_crt_import
gnutls_openpgp_crt_init
gnutls_openpgp_crt_print
gnutls_openpgp_crt_set_preferred_key_id
gnutls_openpgp_crt_verify_ring
gnutls_openpgp_crt_verify_self
gnutls_openpgp_keyring_check_id
gnutls_openpgp_keyring_deinit
gnutls_openpgp_keyring_get_crt
gnutls_openpgp_keyring_get_crt_count
gnutls_openpgp_keyring_import
gnutls_openpgp_keyring_init
gnutls_openpgp_privkey_deinit
gnutls_openpgp_privkey_export
gnutls_openpgp_privkey_export2
gnutls_openpgp_privkey_export_dsa_raw
gnutls_openpgp_privkey_export_rsa_raw
gnutls_openpgp_privkey_export_subkey_dsa_raw
gnutls_openpgp_privkey_export_subkey_rsa_raw
gnutls_openpgp_privkey_get_fingerprint
gnutls_openpgp_privkey_get_key_id
gnutls_openpgp_privkey_get_pk_algorithm
gnutls_openpgp_privkey_get_preferred_key_id
gnutls_openpgp_privkey_get_revoked_status
gnutls_openpgp_privkey_get_subkey_count
gnutls_openpgp_privkey_get_subkey_creation_time
gnutls_openpgp_privkey_get_subkey_expiration_time
gnutls_openpgp_privkey_get_subkey_fingerprint
gnutls_openpgp_privkey_get_subkey_id
gnutls_openpgp_privkey_get_subkey_idx
gnutls_openpgp_privkey_get_subkey_pk_algorithm
gnutls_openpgp_privkey_get_subkey_revoked_status
gnutls_openpgp_privkey_import
gnutls_openpgp_privkey_init
gnutls_openpgp_privkey_sec_param
gnutls_openpgp_privkey_set_preferred_key_id
gnutls_openpgp_privkey_sign_hash
gnutls_openpgp_send_cert
gnutls_openpgp_set_recv_key_function
gnutls_packet_deinit
gnutls_packet_get
gnutls_pcert_deinit
gnutls_pcert_export_openpgp
gnutls_pcert_export_x509
gnutls_pcert_import_openpgp
gnutls_pcert_import_openpgp_raw
gnutls_pcert_import_x509
gnutls_pcert_import_x509_list
gnutls_pcert_import_x509_raw
gnutls_pcert_list_import_x509_file
gnutls_pcert_list_import_x509_raw
gnutls_pem_base64_decode
gnutls_pem_base64_decode2
gnutls_pem_base64_encode
gnutls_pem_base64_encode2
gnutls_perror
gnutls_pk_algorithm_get_name
gnutls_pk_bits_to_sec_param
gnutls_pk_get_id
gnutls_pk_get_name
gnutls_pk_get_oid
gnutls_pk_list
gnutls_pk_self_test
gnutls_pk_to_sign
gnutls_pkcs11_add_provider
gnutls_pkcs11_copy_attached_extension
gnutls_pkcs11_copy_pubkey
gnutls_pkcs11_copy_secret_key
gnutls_pkcs11_copy_x509_crt2
gnutls_pkcs11_copy_x509_privkey2
gnutls_pkcs11_crt_is_known
gnutls_pkcs11_deinit
gnutls_pkcs11_delete_url
gnutls_pkcs11_get_pin_function
gnutls_pkcs11_get_raw_issuer
gnutls_pkcs11_get_raw_issuer_by_dn
gnutls_pkcs11_get_raw_issuer_by_subject_key_id
gnutls_pkcs11_init
gnutls_pkcs11_obj_deinit
gnutls_pkcs11_obj_export
gnutls_pkcs11_obj_export2
gnutls_pkcs11_obj_export3
gnutls_pkcs11_obj_export_url
gnutls_pkcs11_obj_flags_get_str
gnutls_pkcs11_obj_get_exts
gnutls_pkcs11_obj_get_flags
gnutls_pkcs11_obj_get_info
gnutls_pkcs11_obj_get_ptr
gnutls_pkcs11_obj_get_type
gnutls_pkcs11_obj_import_url
gnutls_pkcs11_obj_init
gnutls_pkcs11_obj_list_import_url3
gnutls_pkcs11_obj_list_import_url4
gnutls_pkcs11_obj_set_info
gnutls_pkcs11_obj_set_pin_function
gnutls_pkcs11_privkey_cpy
gnutls_pkcs11_privkey_deinit
gnutls_pkcs11_privkey_export_pubkey

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libhogweed-4.dll
.dll windows:4 windows x86 arch:x86

b367513ce3ad7fa509fddf30e822d18c

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:10:b0:f0:5e:fa:6c:4a:f5:53:e4:db
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:d1:b4:d6:6e:2a:73:9b:86:30:54:f5:0d:9c:02:a0:4a:c5:68:c9
Signer

Actual PE Digest

8d:d1:b4:d6:6e:2a:73:9b:86:30:54:f5:0d:9c:02:a0:4a:c5:68:c9

Digest Algorithm

sha1

PE Digest Matches

true

40:0a:76:3e:3f:63:fc:e3:c9:3e:df:14:bd:58:fb:06:47:5f:a0:b7:c2:7d:35:df:3c:46:3e:0e:02:bb:b9:3a
Signer

Actual PE Digest

40:0a:76:3e:3f:63:fc:e3:c9:3e:df:14:bd:58:fb:06:47:5f:a0:b7:c2:7d:35:df:3c:46:3e:0e:02:bb:b9:3a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgmp-10

__gmp_get_memory_functions
__gmpn_add_n
__gmpn_addmul_1
__gmpn_cnd_add_n
__gmpn_cnd_sub_n
__gmpn_copyd
__gmpn_copyi
__gmpn_mul_1
__gmpn_mul_n
__gmpn_perfect_square_p
__gmpn_rshift
__gmpn_sqr
__gmpn_sub_n
__gmpn_submul_1
__gmpn_zero
__gmpz_add
__gmpz_add_ui
__gmpz_clear
__gmpz_cmp
__gmpz_cmp_ui
__gmpz_com
__gmpz_congruent_p
__gmpz_fdiv_q
__gmpz_fdiv_q_2exp
__gmpz_fdiv_r
__gmpz_fdiv_r_2exp
__gmpz_gcd
__gmpz_import
__gmpz_init
__gmpz_init_set
__gmpz_init_set_ui
__gmpz_invert
__gmpz_limbs_finish
__gmpz_limbs_modify
__gmpz_limbs_read
__gmpz_limbs_write
__gmpz_mul
__gmpz_mul_2exp
__gmpz_mul_ui
__gmpz_powm
__gmpz_powm_sec
__gmpz_powm_ui
__gmpz_probab_prime_p
__gmpz_roinit_n
__gmpz_scan1
__gmpz_set_ui
__gmpz_setbit
__gmpz_sizeinbase
__gmpz_sub
__gmpz_sub_ui
__gmpz_submul_ui
__gmpz_tdiv_q_2exp
__gmpz_tdiv_qr
__gmpz_tstbit

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_exit
_initterm
_iob
_lock
_onexit
_snwprintf
time
free
fwprintf
fwrite
malloc
memchr
memcmp
memcpy
memmove
memset
raise
strcspn
strlen
strncmp
_unlock
abort
vfprintf
wcscpy
calloc

user32

MessageBoxW

libnettle-6

nettle_base64_decode_final
nettle_base64_decode_init
nettle_base64_decode_update
nettle_base64_encode_final
nettle_base64_encode_group
nettle_base64_encode_init
nettle_base64_encode_raw
nettle_base64_encode_update
nettle_buffer_grow
nettle_buffer_space
nettle_buffer_write
nettle_md5_digest
nettle_memxor
nettle_sha1_digest
nettle_sha1_init
nettle_sha1_update
nettle_sha256
nettle_sha256_digest
nettle_sha384
nettle_sha512
nettle_sha512_digest
nettle_sha512_update

Exports

Exports

_nettle_cnd_copy
_nettle_cnd_swap
_nettle_curve25519
_nettle_curve25519_eh_to_x
_nettle_dsa_hash
_nettle_ecc_a_to_j
_nettle_ecc_add_eh
_nettle_ecc_add_ehh
_nettle_ecc_add_jja
_nettle_ecc_add_jjj
_nettle_ecc_dup_eh
_nettle_ecc_dup_jj
_nettle_ecc_eh_to_a
_nettle_ecc_hash
_nettle_ecc_j_to_a
_nettle_ecc_mod
_nettle_ecc_mod_add
_nettle_ecc_mod_addmul_1
_nettle_ecc_mod_inv
_nettle_ecc_mod_mul
_nettle_ecc_mod_mul_1
_nettle_ecc_mod_random
_nettle_ecc_mod_sqr
_nettle_ecc_mod_sub
_nettle_ecc_mod_submul_1
_nettle_ecc_mul_a
_nettle_ecc_mul_a_eh
_nettle_ecc_mul_g
_nettle_ecc_mul_g_eh
_nettle_ecc_pm1_redc
_nettle_ecc_pp1_redc
_nettle_eddsa_compress
_nettle_eddsa_compress_itch
_nettle_eddsa_decompress
_nettle_eddsa_decompress_itch
_nettle_eddsa_expand_key
_nettle_eddsa_hash
_nettle_eddsa_public_key
_nettle_eddsa_public_key_itch
_nettle_eddsa_sign
_nettle_eddsa_sign_itch
_nettle_eddsa_verify
_nettle_eddsa_verify_itch
_nettle_generate_pocklington_prime
_nettle_gmp_alloc
_nettle_gmp_alloc_limbs
_nettle_gmp_free
_nettle_gmp_free_limbs
_nettle_mpn_get_base256_le
_nettle_mpn_set_base256
_nettle_mpn_set_base256_le
_nettle_mpz_limbs_cmp
_nettle_mpz_limbs_copy
_nettle_mpz_limbs_read_n
_nettle_mpz_set_n
_nettle_pkcs1_signature_prefix
_nettle_rsa_blind
_nettle_rsa_check_size
_nettle_rsa_unblind
_nettle_rsa_verify
_nettle_rsa_verify_recover
_nettle_sec_add_1
_nettle_sec_sub_1
_nettle_sec_tabselect
nettle_asn1_der_decode_bitstring
nettle_asn1_der_decode_bitstring_last
nettle_asn1_der_decode_constructed
nettle_asn1_der_decode_constructed_last
nettle_asn1_der_get_bignum
nettle_asn1_der_get_uint32
nettle_asn1_der_iterator_first
nettle_asn1_der_iterator_next
nettle_curve25519_mul
nettle_curve25519_mul_g
nettle_dsa_compat_generate_keypair
nettle_dsa_generate_keypair
nettle_dsa_generate_params
nettle_dsa_keypair_from_sexp_alist
nettle_dsa_keypair_to_sexp
nettle_dsa_openssl_private_key_from_der_iterator
nettle_dsa_params_clear
nettle_dsa_params_from_der_iterator
nettle_dsa_params_init
nettle_dsa_private_key_clear
nettle_dsa_private_key_init
nettle_dsa_public_key_clear
nettle_dsa_public_key_from_der_iterator
nettle_dsa_public_key_init
nettle_dsa_sha1_keypair_from_sexp
nettle_dsa_sha1_sign
nettle_dsa_sha1_sign_digest
nettle_dsa_sha1_verify
nettle_dsa_sha1_verify_digest
nettle_dsa_sha256_keypair_from_sexp
nettle_dsa_sha256_sign
nettle_dsa_sha256_sign_digest
nettle_dsa_sha256_verify
nettle_dsa_sha256_verify_digest
nettle_dsa_sign
nettle_dsa_signature_clear
nettle_dsa_signature_from_sexp
nettle_dsa_signature_init
nettle_dsa_verify
nettle_ecc_bit_size
nettle_ecc_ecdsa_sign
nettle_ecc_ecdsa_sign_itch
nettle_ecc_ecdsa_verify
nettle_ecc_ecdsa_verify_itch
nettle_ecc_point_clear
nettle_ecc_point_get
nettle_ecc_point_init
nettle_ecc_point_mul
nettle_ecc_point_mul_g
nettle_ecc_point_set
nettle_ecc_scalar_clear
nettle_ecc_scalar_get
nettle_ecc_scalar_init
nettle_ecc_scalar_random
nettle_ecc_scalar_set
nettle_ecc_size
nettle_ecc_size_a
nettle_ecc_size_j
nettle_ecdsa_generate_keypair
nettle_ecdsa_sign
nettle_ecdsa_verify
nettle_ed25519_sha512_public_key
nettle_ed25519_sha512_sign
nettle_ed25519_sha512_verify
nettle_get_secp_256r1
nettle_get_secp_384r1
nettle_get_secp_521r1
nettle_mpz_get_str_256
nettle_mpz_init_set_str_256_s
nettle_mpz_init_set_str_256_u
nettle_mpz_random
nettle_mpz_random_size
nettle_mpz_set_sexp
nettle_mpz_set_str_256_s
nettle_mpz_set_str_256_u
nettle_mpz_sizeinbase_256_s
nettle_mpz_sizeinbase_256_u
nettle_openssl_provate_key_from_der
nettle_pgp_armor
nettle_pgp_crc24
nettle_pgp_put_header
nettle_pgp_put_header_length
nettle_pgp_put_length
nettle_pgp_put_mpi
nettle_pgp_put_public_rsa_key
nettle_pgp_put_rsa_sha1_signature
nettle_pgp_put_string
nettle_pgp_put_sub_packet
nettle_pgp_put_uint16
nettle_pgp_put_uint32
nettle_pgp_put_userid
nettle_pgp_sub_packet_end
nettle_pgp_sub_packet_start
nettle_pkcs1_decrypt
nettle_pkcs1_encrypt
nettle_pkcs1_rsa_digest_encode
nettle_pkcs1_rsa_md5_encode
nettle_pkcs1_rsa_md5_encode_digest
nettle_pkcs1_rsa_sha1_encode
nettle_pkcs1_rsa_sha1_encode_digest
nettle_pkcs1_rsa_sha256_encode
nettle_pkcs1_rsa_sha256_encode_digest
nettle_pkcs1_rsa_sha512_encode
nettle_pkcs1_rsa_sha512_encode_digest
nettle_pss_encode_mgf1
nettle_pss_mgf1
nettle_pss_verify_mgf1
nettle_random_prime
nettle_rsa_compute_root
nettle_rsa_compute_root_tr
nettle_rsa_decrypt
nettle_rsa_decrypt_tr
nettle_rsa_encrypt
nettle_rsa_generate_keypair
nettle_rsa_keypair_from_der
nettle_rsa_keypair_from_sexp
nettle_rsa_keypair_from_sexp_alist
nettle_rsa_keypair_to_openpgp
nettle_rsa_keypair_to_sexp
nettle_rsa_md5_sign
nettle_rsa_md5_sign_digest
nettle_rsa_md5_sign_digest_tr
nettle_rsa_md5_sign_tr
nettle_rsa_md5_verify
nettle_rsa_md5_verify_digest
nettle_rsa_pkcs1_sign
nettle_rsa_pkcs1_sign_tr
nettle_rsa_pkcs1_verify
nettle_rsa_private_key_clear
nettle_rsa_private_key_from_der_iterator
nettle_rsa_private_key_init
nettle_rsa_private_key_prepare
nettle_rsa_pss_sha256_sign_digest_tr
nettle_rsa_pss_sha256_verify_digest
nettle_rsa_pss_sha384_sign_digest_tr
nettle_rsa_pss_sha384_verify_digest
nettle_rsa_pss_sha512_sign_digest_tr
nettle_rsa_pss_sha512_verify_digest
nettle_rsa_public_key_clear
nettle_rsa_public_key_from_der_iterator
nettle_rsa_public_key_init
nettle_rsa_public_key_prepare
nettle_rsa_sha1_sign
nettle_rsa_sha1_sign_digest
nettle_rsa_sha1_sign_digest_tr
nettle_rsa_sha1_sign_tr
nettle_rsa_sha1_verify
nettle_rsa_sha1_verify_digest
nettle_rsa_sha256_sign
nettle_rsa_sha256_sign_digest
nettle_rsa_sha256_sign_digest_tr
nettle_rsa_sha256_sign_tr
nettle_rsa_sha256_verify
nettle_rsa_sha256_verify_digest
nettle_rsa_sha512_sign
nettle_rsa_sha512_sign_digest
nettle_rsa_sha512_sign_digest_tr
nettle_rsa_sha512_sign_tr
nettle_rsa_sha512_verify
nettle_rsa_sha512_verify_digest
nettle_secp_256r1
nettle_secp_384r1
nettle_secp_521r1
nettle_sexp_format
nettle_sexp_iterator_assoc
nettle_sexp_iterator_check_type
nettle_sexp_iterator_check_types
nettle_sexp_iterator_enter_list
nettle_sexp_iterator_exit_list
nettle_sexp_iterator_first
nettle_sexp_iterator_get_uint32
nettle_sexp_iterator_next
nettle_sexp_iterator_subexpr
nettle_sexp_transport_format
nettle_sexp_transport_iterator_first
nettle_sexp_transport_vformat
nettle_sexp_vformat

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 948B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libidn2-0.dll
.dll windows:4 windows x86 arch:x86

cc3c84ffab5ba0aff51d39c586339074

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:90:20:77:61:c4:26:dd:94:50:03:0d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:10:b0:f0:5e:fa:6c:4a:f5:53:e4:db
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

57:4b:03:ef:de:92:9d:5f:88:26:7b:a5:bc:02:b6:93:51:57:59:60
Signer

Actual PE Digest

57:4b:03:ef:de:92:9d:5f:88:26:7b:a5:bc:02:b6:93:51:57:59:60

Digest Algorithm

sha1

PE Digest Matches

true

f1:db:f0:bf:da:28:9a:7d:b3:26:e2:8c:fc:2d:a1:ea:7f:85:89:f3:c3:d8:63:6d:e9:7a:a2:ea:15:a6:b9:bb
Signer

Actual PE Digest

f1:db:f0:bf:da:28:9a:7d:b3:26:e2:8c:fc:2d:a1:ea:7f:85:89:f3:c3:d8:63:6d:e9:7a:a2:ea:15:a6:b9:bb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgcc_s_sjlj-1

__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__argv
__dllonexit
__mb_cur_max
_amsg_exit
_errno
_get_osfhandle
_initterm
_iob
_lock
_onexit
exit
fflush
fputc
free
fwrite
getc
getenv
localeconv
malloc
memcmp
memcpy
memmove
putc
realloc
setlocale
strchr
strcmp
strcpy
strerror
strlen
strncmp
strrchr
_unlock
abort
atoi
vfprintf
wcslen
bsearch
calloc
_strdup
_fileno

Exports

Exports

_idn2_punycode_decode
_idn2_punycode_encode
idn2_check_version
idn2_free
idn2_lookup_u8
idn2_lookup_ul
idn2_register_u8
idn2_register_ul
idn2_strerror
idn2_strerror_name
idn2_to_ascii_4i
idn2_to_ascii_4z
idn2_to_ascii_8z
idn2_to_ascii_lz
idn2_to_unicode_44i
idn2_to_unicode_4z4z
idn2_to_unicode_8z4z
idn2_to_unicode_8z8z
idn2_to_unicode_8zlz
idn2_to_unicode_lzlz

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 617B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libnettle-6.dll
.dll windows:4 windows x86 arch:x86

1095e03445200f2d946aceadcb60a9cf

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

72:49:13:98:10:b1:50:f1:56:d7:7c:3d
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:a0:d3:c0:02:18:7a:91:67:85:fe:a4:e5:a1:c2:be:d6:b3:61:b3
Signer

Actual PE Digest

4f:a0:d3:c0:02:18:7a:91:67:85:fe:a4:e5:a1:c2:be:d6:b3:61:b3

Digest Algorithm

sha1

PE Digest Matches

true

08:8d:fd:0e:4a:47:4f:dc:7b:57:de:a3:6e:fb:3f:93:d7:f0:aa:d4:5d:91:2a:14:a6:57:4f:dc:aa:7e:3a:92
Signer

Actual PE Digest

08:8d:fd:0e:4a:47:4f:dc:7b:57:de:a3:6e:fb:3f:93:d7:f0:aa:d4:5d:91:2a:14:a6:57:4f:dc:aa:7e:3a:92

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libgcc_s_sjlj-1

__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_exit
_initterm
_iob
_lock
_onexit
_snwprintf
free
fwprintf
fwrite
malloc
memcpy
memset
raise
realloc
strcmp
strlen
strncmp
_unlock
abort
vfprintf
wcscpy
calloc

user32

MessageBoxW

Exports

Exports

_nettle_aes_decrypt
_nettle_aes_encrypt
_nettle_aes_encrypt_table
_nettle_aes_invert
_nettle_aes_set_key
_nettle_camellia_absorb
_nettle_camellia_crypt
_nettle_camellia_invert_key
_nettle_camellia_table
_nettle_chacha_core
_nettle_md5_compress
_nettle_poly1305_block
_nettle_ripemd160_compress
_nettle_salsa20_core
_nettle_sha1_compress
_nettle_sha256_compress
_nettle_sha3_pad
_nettle_sha3_update
_nettle_sha512_compress
_nettle_umac_l2
_nettle_umac_l2_final
_nettle_umac_l2_init
_nettle_umac_l3
_nettle_umac_l3_init
_nettle_umac_nh
_nettle_umac_nh_n
_nettle_umac_poly128
_nettle_umac_poly64
_nettle_umac_set_key
_nettle_write_be32
_nettle_write_le32
_nettle_write_le64
nettle_MD5Final
nettle_MD5Init
nettle_MD5Update
nettle_aeads
nettle_aes128
nettle_aes128_decrypt
nettle_aes128_encrypt
nettle_aes128_invert_key
nettle_aes128_set_decrypt_key
nettle_aes128_set_encrypt_key
nettle_aes192
nettle_aes192_decrypt
nettle_aes192_encrypt
nettle_aes192_invert_key
nettle_aes192_set_decrypt_key
nettle_aes192_set_encrypt_key
nettle_aes256
nettle_aes256_decrypt
nettle_aes256_encrypt
nettle_aes256_invert_key
nettle_aes256_set_decrypt_key
nettle_aes256_set_encrypt_key
nettle_aes_decrypt
nettle_aes_encrypt
nettle_aes_invert_key
nettle_aes_set_decrypt_key
nettle_aes_set_encrypt_key
nettle_arcfour128_set_key
nettle_arcfour_crypt
nettle_arcfour_set_key
nettle_arctwo128
nettle_arctwo128_set_key
nettle_arctwo128_set_key_gutmann
nettle_arctwo40
nettle_arctwo40_set_key
nettle_arctwo64
nettle_arctwo64_set_key
nettle_arctwo_decrypt
nettle_arctwo_encrypt
nettle_arctwo_gutmann128
nettle_arctwo_set_key
nettle_arctwo_set_key_ekb
nettle_arctwo_set_key_gutmann
nettle_armors
nettle_base16
nettle_base16_decode_final
nettle_base16_decode_init
nettle_base16_decode_single
nettle_base16_decode_update
nettle_base16_encode_single
nettle_base16_encode_update
nettle_base64
nettle_base64_decode_final
nettle_base64_decode_init
nettle_base64_decode_single
nettle_base64_decode_update
nettle_base64_encode_final
nettle_base64_encode_group
nettle_base64_encode_init
nettle_base64_encode_raw
nettle_base64_encode_single
nettle_base64_encode_update
nettle_base64url
nettle_base64url_decode_init
nettle_base64url_encode_init
nettle_blowfish128_set_key
nettle_blowfish_decrypt
nettle_blowfish_encrypt
nettle_blowfish_set_key
nettle_buffer_clear
nettle_buffer_copy
nettle_buffer_grow
nettle_buffer_init
nettle_buffer_init_realloc
nettle_buffer_init_size
nettle_buffer_reset
nettle_buffer_space
nettle_buffer_write
nettle_camellia128
nettle_camellia128_crypt
nettle_camellia128_invert_key
nettle_camellia128_set_encrypt_key
nettle_camellia192
nettle_camellia192_set_decrypt_key
nettle_camellia192_set_encrypt_key
nettle_camellia256
nettle_camellia256_crypt
nettle_camellia256_invert_key
nettle_camellia256_set_decrypt_key
nettle_camellia256_set_encrypt_key
nettle_camellia_set_decrypt_key
nettle_cast128
nettle_cast128_decrypt
nettle_cast128_encrypt
nettle_cast128_set_key
nettle_cast5_set_key
nettle_cbc_decrypt
nettle_cbc_encrypt
nettle_ccm_aes128_decrypt
nettle_ccm_aes128_decrypt_message
nettle_ccm_aes128_digest
nettle_ccm_aes128_encrypt
nettle_ccm_aes128_encrypt_message
nettle_ccm_aes128_set_key
nettle_ccm_aes128_set_nonce
nettle_ccm_aes128_update
nettle_ccm_aes192_decrypt
nettle_ccm_aes192_decrypt_message
nettle_ccm_aes192_digest
nettle_ccm_aes192_encrypt
nettle_ccm_aes192_encrypt_message
nettle_ccm_aes192_set_key
nettle_ccm_aes192_set_nonce
nettle_ccm_aes192_update
nettle_ccm_aes256_decrypt
nettle_ccm_aes256_decrypt_message
nettle_ccm_aes256_digest
nettle_ccm_aes256_encrypt
nettle_ccm_aes256_encrypt_message
nettle_ccm_aes256_set_key
nettle_ccm_aes256_set_nonce
nettle_ccm_aes256_update
nettle_ccm_decrypt
nettle_ccm_decrypt_message
nettle_ccm_digest
nettle_ccm_encrypt
nettle_ccm_encrypt_message
nettle_ccm_set_nonce
nettle_ccm_update
nettle_cfb_decrypt
nettle_cfb_encrypt
nettle_chacha_crypt
nettle_chacha_poly1305
nettle_chacha_poly1305_decrypt
nettle_chacha_poly1305_digest
nettle_chacha_poly1305_encrypt
nettle_chacha_poly1305_set_key
nettle_chacha_poly1305_set_nonce
nettle_chacha_poly1305_update
nettle_chacha_set_key
nettle_chacha_set_nonce
nettle_chacha_set_nonce96
nettle_ciphers
nettle_ctr_crypt
nettle_des3_decrypt
nettle_des3_encrypt
nettle_des3_set_key
nettle_des_check_parity
nettle_des_decrypt
nettle_des_encrypt
nettle_des_fix_parity
nettle_des_set_key
nettle_eax_aes128
nettle_eax_aes128_decrypt
nettle_eax_aes128_digest
nettle_eax_aes128_encrypt
nettle_eax_aes128_set_key
nettle_eax_aes128_set_nonce
nettle_eax_aes128_update
nettle_eax_decrypt
nettle_eax_digest
nettle_eax_encrypt
nettle_eax_set_key
nettle_eax_set_nonce
nettle_eax_update
nettle_gcm_aes128
nettle_gcm_aes128_decrypt
nettle_gcm_aes128_digest
nettle_gcm_aes128_encrypt
nettle_gcm_aes128_set_iv
nettle_gcm_aes128_set_key
nettle_gcm_aes128_update
nettle_gcm_aes192
nettle_gcm_aes192_decrypt
nettle_gcm_aes192_digest
nettle_gcm_aes192_encrypt
nettle_gcm_aes192_set_iv
nettle_gcm_aes192_set_key
nettle_gcm_aes192_update
nettle_gcm_aes256
nettle_gcm_aes256_decrypt
nettle_gcm_aes256_digest
nettle_gcm_aes256_encrypt
nettle_gcm_aes256_set_iv
nettle_gcm_aes256_set_key
nettle_gcm_aes256_update
nettle_gcm_aes_decrypt
nettle_gcm_aes_digest
nettle_gcm_aes_encrypt
nettle_gcm_aes_set_iv
nettle_gcm_aes_set_key
nettle_gcm_aes_update
nettle_gcm_camellia128
nettle_gcm_camellia128_decrypt
nettle_gcm_camellia128_digest
nettle_gcm_camellia128_encrypt
nettle_gcm_camellia128_set_iv
nettle_gcm_camellia128_set_key
nettle_gcm_camellia128_update
nettle_gcm_camellia256
nettle_gcm_camellia256_decrypt
nettle_gcm_camellia256_digest
nettle_gcm_camellia256_encrypt
nettle_gcm_camellia256_set_iv
nettle_gcm_camellia256_set_key
nettle_gcm_camellia256_update
nettle_gcm_decrypt
nettle_gcm_digest
nettle_gcm_encrypt
nettle_gcm_set_iv
nettle_gcm_set_key
nettle_gcm_update
nettle_get_aeads
nettle_get_armors
nettle_get_ciphers
nettle_get_hashes
nettle_gosthash94
nettle_gosthash94_digest
nettle_gosthash94_init
nettle_gosthash94_update
nettle_hashes
nettle_hkdf_expand
nettle_hkdf_extract
nettle_hmac_digest
nettle_hmac_md5_digest
nettle_hmac_md5_set_key
nettle_hmac_md5_update
nettle_hmac_ripemd160_digest
nettle_hmac_ripemd160_set_key
nettle_hmac_ripemd160_update
nettle_hmac_set_key
nettle_hmac_sha1_digest
nettle_hmac_sha1_set_key
nettle_hmac_sha1_update
nettle_hmac_sha224_digest
nettle_hmac_sha224_set_key
nettle_hmac_sha256_digest
nettle_hmac_sha256_set_key
nettle_hmac_sha256_update
nettle_hmac_sha384_digest
nettle_hmac_sha384_set_key
nettle_hmac_sha512_digest
nettle_hmac_sha512_set_key
nettle_hmac_sha512_update
nettle_hmac_update
nettle_knuth_lfib_get
nettle_knuth_lfib_get_array
nettle_knuth_lfib_init
nettle_knuth_lfib_random
nettle_lookup_hash
nettle_md2
nettle_md2_digest
nettle_md2_init
nettle_md2_update
nettle_md4
nettle_md4_digest
nettle_md4_init
nettle_md4_update
nettle_md5
nettle_md5_digest
nettle_md5_init
nettle_md5_update
nettle_memeql_sec
nettle_memxor
nettle_memxor3
nettle_openssl_des_cbc_cksum
nettle_openssl_des_cbc_encrypt
nettle_openssl_des_check_key
nettle_openssl_des_ecb3_encrypt
nettle_openssl_des_ecb_encrypt
nettle_openssl_des_ede3_cbc_encrypt
nettle_openssl_des_is_weak_key
nettle_openssl_des_key_sched
nettle_openssl_des_ncbc_encrypt
nettle_openssl_des_set_odd_parity
nettle_pbkdf2
nettle_pbkdf2_hmac_sha1
nettle_pbkdf2_hmac_sha256
nettle_poly1305_aes_digest
nettle_poly1305_aes_set_key
nettle_poly1305_aes_set_nonce
nettle_poly1305_aes_update
nettle_poly1305_digest
nettle_poly1305_set_key
nettle_realloc
nettle_ripemd160
nettle_ripemd160_digest
nettle_ripemd160_init
nettle_ripemd160_update
nettle_salsa20_128_set_key
nettle_salsa20_256_set_key
nettle_salsa20_crypt
nettle_salsa20_set_key
nettle_salsa20_set_nonce
nettle_salsa20r12_crypt
nettle_serpent128
nettle_serpent128_set_key
nettle_serpent192
nettle_serpent192_set_key
nettle_serpent256
nettle_serpent256_set_key
nettle_serpent_decrypt
nettle_serpent_encrypt
nettle_serpent_set_key
nettle_sha1
nettle_sha1_digest
nettle_sha1_init
nettle_sha1_update
nettle_sha224
nettle_sha224_digest
nettle_sha224_init
nettle_sha256
nettle_sha256_digest
nettle_sha256_init
nettle_sha256_update
nettle_sha384
nettle_sha384_digest
nettle_sha384_init
nettle_sha3_224
nettle_sha3_224_digest
nettle_sha3_224_init
nettle_sha3_224_update
nettle_sha3_256
nettle_sha3_256_digest
nettle_sha3_256_init
nettle_sha3_256_update
nettle_sha3_384
nettle_sha3_384_digest
nettle_sha3_384_init
nettle_sha3_384_update
nettle_sha3_512
nettle_sha3_512_digest
nettle_sha3_512_init
nettle_sha3_512_update
nettle_sha3_permute
nettle_sha512
nettle_sha512_224
nettle_sha512_224_digest
nettle_sha512_224_init
nettle_sha512_256
nettle_sha512_256_digest
nettle_sha512_256_init
nettle_sha512_digest
nettle_sha512_init
nettle_sha512_update
nettle_twofish128
nettle_twofish128_set_key
nettle_twofish192
nettle_twofish192_set_key
nettle_twofish256
nettle_twofish256_set_key
nettle_twofish_decrypt
nettle_twofish_encrypt
nettle_twofish_set_key
nettle_umac128_digest
nettle_umac128_set_key
nettle_umac128_set_nonce
nettle_umac128_update
nettle_umac32_digest
nettle_umac32_set_key
nettle_umac32_set_nonce
nettle_umac32_update
nettle_umac64_digest
nettle_umac64_set_key
nettle_umac64_set_nonce
nettle_umac64_update
nettle_umac96_digest
nettle_umac96_set_key
nettle_umac96_set_nonce
nettle_umac96_update
nettle_version_major
nettle_version_minor
nettle_xrealloc
nettle_yarrow256_fast_reseed
nettle_yarrow256_init
nettle_yarrow256_is_seeded
nettle_yarrow256_needed_sources
nettle_yarrow256_random
nettle_yarrow256_seed
nettle_yarrow256_slow_reseed
nettle_yarrow256_update
nettle_yarrow_key_event_estimate
nettle_yarrow_key_event_init

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 948B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libp11-kit-0.dll
.dll windows:4 windows x86 arch:x86

c6647ccec5dd8c9fd6f6bdb9858e7b7f

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:10:b0:f0:5e:fa:6c:4a:f5:53:e4:db
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

83:39:52:2f:ee:a6:0b:fa:e5:da:b2:7d:10:4b:2a:82:81:b2:41:d1
Signer

Actual PE Digest

83:39:52:2f:ee:a6:0b:fa:e5:da:b2:7d:10:4b:2a:82:81:b2:41:d1

Digest Algorithm

sha1

PE Digest Matches

true

0b:9f:d8:76:d1:52:16:ec:37:3b:a4:c3:2a:e0:0a:a4:01:08:a1:c1:f4:d9:6c:5d:4b:5c:9c:49:84:77:1e:2d
Signer

Actual PE Digest

0b:9f:d8:76:d1:52:16:ec:37:3b:a4:c3:2a:e0:0a:a4:01:08:a1:c1:f4:d9:6c:5d:4b:5c:9c:49:84:77:1e:2d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libffi-6

ffi_closure_alloc
ffi_prep_cif
ffi_prep_closure_loc
ffi_type_pointer
ffi_type_uint32
ffi_type_uint8

libgcc_s_sjlj-1

__udivdi3
__umoddi3

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateThread
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeProcess
GetFileAttributesA
GetFileSizeEx
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
SetHandleInformation
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__argv
__dllonexit
__mb_cur_max
_amsg_exit
_errno
_exit
_findclose
_findfirst
_fullpath
_get_osfhandle
_initterm
_iob
_lock
_onexit
_pipe
_snwprintf
_spawnv
_stat
_stricmp
gmtime
fflush
fprintf
fputc
free
fwprintf
fwrite
getenv
isalnum
isspace
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
raise
rand
realloc
setlocale
setvbuf
sprintf
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
_unlock
abort
atoi
tolower
vfprintf
wcscpy
wcslen
bsearch
calloc
_vsnprintf
_findnext
_write
_strdup
_read
_open
_mkdir
_getpid
_dup2
_dup
_close

shell32

SHGetSpecialFolderPathA

user32

MessageBoxW

Exports

Exports

C_GetFunctionList
p11_kit_be_loud
p11_kit_be_quiet
p11_kit_config_option
p11_kit_finalize_module
p11_kit_finalize_registered
p11_kit_initialize_module
p11_kit_initialize_registered
p11_kit_iter_add_callback
p11_kit_iter_add_filter
p11_kit_iter_begin
p11_kit_iter_begin_with
p11_kit_iter_destroy_object
p11_kit_iter_free
p11_kit_iter_get_attributes
p11_kit_iter_get_kind
p11_kit_iter_get_module
p11_kit_iter_get_object
p11_kit_iter_get_session
p11_kit_iter_get_slot
p11_kit_iter_get_slot_info
p11_kit_iter_get_token
p11_kit_iter_keep_session
p11_kit_iter_load_attributes
p11_kit_iter_new
p11_kit_iter_next
p11_kit_iter_set_uri
p11_kit_load_initialize_module
p11_kit_message
p11_kit_module_finalize
p11_kit_module_for_name
p11_kit_module_get_filename
p11_kit_module_get_flags
p11_kit_module_get_name
p11_kit_module_initialize
p11_kit_module_load
p11_kit_module_release
p11_kit_modules_finalize
p11_kit_modules_finalize_and_release
p11_kit_modules_initialize
p11_kit_modules_load
p11_kit_modules_load_and_initialize
p11_kit_modules_release
p11_kit_pin_file_callback
p11_kit_pin_get_length
p11_kit_pin_get_value
p11_kit_pin_new
p11_kit_pin_new_for_buffer
p11_kit_pin_new_for_string
p11_kit_pin_ref
p11_kit_pin_register_callback
p11_kit_pin_request
p11_kit_pin_unref
p11_kit_pin_unregister_callback
p11_kit_registered_module_to_name
p11_kit_registered_modules
p11_kit_registered_name_to_module
p11_kit_registered_option
p11_kit_remote_serve_module
p11_kit_remote_serve_token
p11_kit_remote_serve_tokens
p11_kit_set_progname
p11_kit_space_strdup
p11_kit_space_strlen
p11_kit_strerror
p11_kit_uri_any_unrecognized
p11_kit_uri_clear_attribute
p11_kit_uri_clear_attributes
p11_kit_uri_format
p11_kit_uri_free
p11_kit_uri_get_attribute
p11_kit_uri_get_attributes
p11_kit_uri_get_module_info
p11_kit_uri_get_module_name
p11_kit_uri_get_module_path
p11_kit_uri_get_pin_source
p11_kit_uri_get_pin_value
p11_kit_uri_get_pinfile
p11_kit_uri_get_slot_id
p11_kit_uri_get_slot_info
p11_kit_uri_get_token_info
p11_kit_uri_get_vendor_query
p11_kit_uri_match_attributes
p11_kit_uri_match_module_info
p11_kit_uri_match_slot_info
p11_kit_uri_match_token_info
p11_kit_uri_message
p11_kit_uri_new
p11_kit_uri_parse
p11_kit_uri_set_attribute
p11_kit_uri_set_attributes
p11_kit_uri_set_module_name
p11_kit_uri_set_module_path
p11_kit_uri_set_pin_source
p11_kit_uri_set_pin_value
p11_kit_uri_set_pinfile
p11_kit_uri_set_slot_id
p11_kit_uri_set_unrecognized
p11_kit_uri_set_vendor_query

Sections

.text
Size: 663KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libwinpthread-1.dll
.dll windows:4 windows x86 arch:x86

e923b264e10de76cdc0f3fd9e04671bb

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:67:fa:46:ce:6c:fe:95:15:a6:9e:b2
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 003-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:11:51:ed:80:6d:9b:fd:09:ec:ec:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

22/11/2018, 00:57

Not After

03/07/2021, 08:42

Subject

SERIALNUMBER=16325089,CN=Changing Information Technology Inc.,OU=MIS,O=Changing Information Technology Inc.,STREET=2F\, 48 Park Ave.2\, Hsinchu Science Park,L=Hsinchu,ST=Taiwan,C=TW,1.2.840.113549.1.9.1=#0c13677577406368616e67696e677465632e636f6d,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

72:49:13:98:10:b1:50:f1:56:d7:7c:3d
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

14/06/2018, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign TSA for Standard - G3 - 003-01,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01/09/1998, 12:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8c:66:66:25:3d:66:97:19:fa:b8:8c:32:66:61:8d:a4:a8:36:94:d8
Signer

Actual PE Digest

8c:66:66:25:3d:66:97:19:fa:b8:8c:32:66:61:8d:a4:a8:36:94:d8

Digest Algorithm

sha1

PE Digest Matches

true

56:46:6c:d5:b3:46:72:65:51:28:25:f3:fd:9d:7a:b6:86:8a:36:bf:3f:64:f0:50:a3:b3:f0:5e:04:ed:ee:b0
Signer

Actual PE Digest

56:46:6c:d5:b3:46:72:65:51:28:25:f3:fd:9d:7a:b6:86:8a:36:bf:3f:64:f0:50:a3:b3:f0:5e:04:ed:ee:b0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetProcessAffinityMask
GetProcessTimes
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__dllonexit
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_onexit
_setjmp3
exit
fprintf
free
fwrite
malloc
memmove
memset
printf
realloc
strlen
strncmp
_ultoa
_unlock
abort
vfprintf
calloc
longjmp
_strdup

Exports

Exports

__pth_gpointer_locked
__pthread_clock_nanosleep
_pthread_cleanup_dest
_pthread_get_state
_pthread_invoke_cancel
_pthread_key_dest
_pthread_rel_time_in_ms
_pthread_set_state
_pthread_time_in_ms
_pthread_time_in_ms_from_timespec
_pthread_tryjoin
clock_getres
clock_gettime
clock_nanosleep
clock_settime
nanosleep
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_timedwait_relative_np
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getclock
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setclock
pthread_condattr_setpshared
pthread_create
pthread_create_wrapper
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_get_concurrency
pthread_getclean
pthread_getconcurrency
pthread_getevent
pthread_gethandle
pthread_getname_np
pthread_getschedparam
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getprioceiling
pthread_mutexattr_getprotocol
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setprioceiling
pthread_mutexattr_setprotocol
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_set_concurrency
pthread_set_num_processors_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setname_np
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_tls_init
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1012B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f23f452093b5c1ff091a2f9fb4fa3e9

Code Sign

58:9d:19:4f:be:a1:47:77:57:8c:5b:71Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

58:9d:19:4f:be:a1:47:77:57:8c:5b:71Certificate

Extended Key Usages

Key Usages

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1dCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

b9:d9:99:cc:1d:39:a0:fe:a8:4e:47:0e:7c:29:a0:d8:2d:09:63:9c:46:2f:5c:fc:e9:4c:c1:34:57:1f:02:adSigner

9f:02:44:26:9c:1a:4e:8a:44:6e:67:b0:3a:a4:19:51:c0:5b:2e:42Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 112KB

.rsrc Size: 18KB - Virtual size: 17KB

50c8f5ff7efcfab29d0d699e5f7a53fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 348B

.reloc Size: 1KB - Virtual size: 1KB

e26d7460d0c04056b9226a899477ba4d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

58:9d:19:4f:be:a1:47:77:57:8c:5b:71
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

b9:d9:99:cc:1d:39:a0:fe:a8:4e:47:0e:7c:29:a0:d8:2d:09:63:9c:46:2f:5c:fc:e9:4c:c1:34:57:1f:02:ad
Signer

9f:02:44:26:9c:1a:4e:8a:44:6e:67:b0:3a:a4:19:51:c0:5b:2e:42
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 112KB

.rsrc
Size: 18KB - Virtual size: 17KB

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 348B

.reloc
Size: 1KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

af:bc:1f:72:32:88:d5:a0:64:b4:1c:9c:a3:aa:de:14:fd:67:bc:6f:7e:c4:79:53:dd:53:b9:4d:f0:13:b6:4c
Signer

72:91:b3:c9:77:0e:4d:88:34:9d:40:37:fc:5b:28:71:ed:f4:e2:c8
Signer

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

73:65:ed:e7:f8:fb:b1:47:67:02:d2:93:08:39:6f:51
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

34:90:d1:59:65:be:ef:cf:bf:ca:9c:b1:ec:de:06:ad:a0:8d:7b:91:a1:d5:a5:9c:f9:46:12:62:8b:cf:17:be
Signer

6e:f6:7d:f1:be:21:52:33:9a:6e:7a:04:eb:a0:47:ec:3a:3d:c0:93
Signer

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB