bruteratel | ibaAnalyzerInstall_v6[.]6[.]1[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ibaAnalyzerInstall_v6.6.1.exe
Size

23.6MB
MD5

75728b028e7eacbda9e0e77fd4b34d41
SHA1

daeff7ec7cbb8d31aa9e983a7aefe32ecb50fc7c
SHA256

1d6300fb759d3e44fc515c37bce65201e9d3d7430a7c7a65651162dd1f69f60c
SHA512

b30b8319a575bc45e7adc7b29c10f05ec4c7150ee1802ca0583b61a45ce30fc3c0d7de2a375b4b427b719da596ac25f82debb50bf25d22e7586cb7b02a6a1e5d
SSDEEP

393216:J0FN2eH6CKsCH/WLox54PGPvvx/g5tSXaN1fQ2nGFz5qG0ACL4afVcHH2h2hezQd:JC2eaCKsyjx5tPvurSqNZQ2GFcGeLcH3

Score

10^/10

bruteratel

Malware Config

Signatures

Bruteratel family
bruteratel

Detect BruteRatel badger 1 IoCs

resource	yara_rule
static1/unpack001/ibaThreadSafeNativeFFT.dll	family_bruteratel

Unsigned PE 54 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/SimpleSC.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/BB FlashBack Player.dll
unpack001/DevExpress.Data.v6.3.dll
unpack001/DevExpress.Utils.v6.3.dll
unpack001/DevExpress.XtraEditors.v6.3.dll
unpack001/DevExpress.XtraGrid.v6.3.dll
unpack001/DotNetMagic2005.dll
unpack001/ICSharpCode.SharpZipLib.dll
unpack001/IbaVLogger.dll
unpack001/OverlayWindow.dll
unpack001/Plugins/View.ibaFFT.dll
unpack001/PowerCollections.dll
unpack001/View.ibaEventTable.dll
unpack001/View.ibaGraphManager.dll
unpack001/XCrashReport.exe
unpack001/de/View.ibaEventTable.resources.dll
unpack001/de/View.ibaFFT.resources.dll
unpack001/de/View.ibaGraphManager.resources.dll
unpack001/de/hdClient.resources.dll
unpack001/de/hdCommon.resources.dll
unpack001/de/ibaHDOffline.resources.dll
unpack001/de/ibaInspectraShared.resources.dll
unpack001/de/ibaViewUtilities.resources.dll
unpack001/fr/View.ibaEventTable.resources.dll
unpack001/fr/View.ibaGraphManager.resources.dll
unpack001/fr/hdClient.resources.dll
unpack001/fr/hdCommon.resources.dll
unpack001/fr/ibaHDOffline.resources.dll
unpack001/fr/ibaViewUtilities.resources.dll
unpack001/hdClient.dll
unpack001/hdClientInterfaces.dll
unpack001/hdCommon.dll
unpack001/hdCore.dll
unpack001/ibaAnalyzerViewHost.dll
unpack001/ibaAnalyzerViewHostActiveX.ocx
unpack001/ibaDataExtractor.dll
unpack001/ibaDataExtractorMC.dll
unpack001/ibaHDOffline.dll
unpack001/ibaHDOfflineActiveX.ocx
unpack001/ibaHdViewUtilities.dll
unpack001/ibaInspectraShared.dll
unpack001/ibaLogger.dll
unpack001/ibaManagedFFT.dll
unpack001/ibaRunTime.dll
unpack001/ibaThreadSafeNativeFFT.dll
unpack001/ibaViewInterfaces.dll
unpack001/ibaViewUtilities.dll
unpack001/mkl_custom.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/$PLUGINSDIR/nsExec.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

ibaAnalyzerInstall_v6.6.1.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:d8:13:92:5c:ef:52:cf:3d:80:c1:ca:7a:4c:ca:5e:bb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

31-10-2012 14:45

Not After

01-11-2015 14:45

Subject

CN=iba AG,OU=IT-Infrastructure,O=iba AG,L=Fuerth,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c12646576656c6f70406962612d61672e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7e:b4:fe:29:55:06:b8:ee:a2:48:d3:4f:73:ee:56:c0:33:ea:5a:d2
Signer

Actual PE Digest

7e:b4:fe:29:55:06:b8:ee:a2:48:d3:4f:73:ee:56:c0:33:ea:5a:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SimpleSC.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ContinueService
ExistsService
GetErrorMessage
GetServiceBinaryPath
GetServiceDelayedAutoStartInfo
GetServiceDescription
GetServiceDisplayName
GetServiceFailure
GetServiceFailureFlag
GetServiceLogon
GetServiceName
GetServiceStartType
GetServiceStatus
GrantServiceLogonPrivilege
InstallService
PauseService
RemoveService
RemoveServiceLogonPrivilege
RestartService
ServiceIsPaused
ServiceIsRunning
ServiceIsStopped
SetServiceBinaryPath
SetServiceDelayedAutoStartInfo
SetServiceDescription
SetServiceFailure
SetServiceFailureFlag
SetServiceLogon
SetServiceStartType
StartService
StopService

Sections

CODE
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
lstrcpynA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/databaseoptions.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/licenseserveroptions.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/Cmct15.dll
.dll windows:5 windows x86 arch:x86

8612a327ed086490781051b30b4b8262

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmCT15.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

PlaySoundW

cmut15

ord17
ord87
ord30
ord3
ord58

kernel32

FindResourceExW
GetThreadLocale
GetVersionExA
GetEnvironmentVariableW
CreateDirectoryW
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapReAlloc
RtlUnwind
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
lstrcpynA
GetOEMCP
GetCPInfo
GetStdHandle
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapFree
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCommandLineA
DeleteFileA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
WriteConsoleA
CreateMutexW
GlobalSize
GetSystemInfo
RaiseException
IsBadCodePtr
IsBadReadPtr
GetFileType
GetTempPathW
FlushFileBuffers
ReadFile
GetFileAttributesW
UnlockFile
SetEndOfFile
SetFilePointer
GetFileSize
GetFullPathNameW
IsBadStringPtrW
LCMapStringW
MultiByteToWideChar
ResumeThread
SuspendThread
GetVersion
QueryPerformanceFrequency
GetThreadPriority
GetExitCodeThread
InterlockedExchangeAdd
ProcessIdToSessionId
ResetEvent
SetThreadPriority
GetACP
TerminateThread
WideCharToMultiByte
WriteFile
GetCurrentThread
OutputDebugStringW
SetEvent
QueryPerformanceCounter
GetUserDefaultLangID
SizeofResource
lstrcpynW
GlobalAddAtomW
CompareStringW
GetTimeFormatW
GlobalDeleteAtom
SetLastError
ReleaseMutex
WaitForSingleObject
GetVersionExW
VirtualFree
VirtualAlloc
VirtualProtect
PulseEvent
DuplicateHandle
GetCurrentProcess
CreateProcessW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WaitForMultipleObjects
CreateEventW
FindNextFileW
GlobalReAlloc
FormatMessageW
GetFileInformationByHandle
LCMapStringA
DeleteFileW
GetHandleInformation
CreateFileW
GetTickCount
Sleep
DebugBreak
FindClose
FindFirstFileW
GetCurrentDirectoryW
InterlockedDecrement
InterlockedIncrement
SystemTimeToFileTime
GetLocalTime
LocalFree
LocalAlloc
VirtualQuery
LockResource
LoadResource
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
CloseHandle
UnmapViewOfFile
GetWindowsDirectoryW
MapViewOfFile
GetModuleHandleW
GetLastError
GetCurrentProcessId
CreateFileMappingW
GetCurrentThreadId
GetModuleFileNameW
GetProcAddress
SetErrorMode
FreeLibrary
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
IsValidCodePage
GetModuleHandleA

user32

InvertRect
GetScrollInfo
SetScrollInfo
SetScrollPos
GetScrollRange
SetScrollRange
GetScrollPos
DrawIconEx
WindowFromDC
GetClassLongW
SetTimer
EnumWindows
KillTimer
DrawIcon
LoadIconW
AdjustWindowRectEx
CloseClipboard
SetClipboardData
EmptyClipboard
MessageBeep
OpenClipboard
DestroyMenu
InsertMenuItemW
SetCursorPos
FlashWindow
GetDialogBaseUnits
SetForegroundWindow
CallNextHookEx
DrawEdge
SetWindowsHookExW
SetMenu
LoadMenuW
CallMsgFilterW
MsgWaitForMultipleObjects
WaitForInputIdle
SetMenuItemInfoW
GetMenuItemInfoW
GetAsyncKeyState
CreatePopupMenu
GetMenuState
GetSubMenu
DeleteMenu
GetMenuItemID
GetMenuItemCount
GetUpdateRect
GetTopWindow
LoadBitmapW
RegisterClipboardFormatW
PostQuitMessage
GetMessageW
DrawFrameControl
MapDialogRect
GetNextDlgGroupItem
SetActiveWindow
GetNextDlgTabItem
SetWindowTextW
CreateDialogIndirectParamW
GetUpdateRgn
CharUpperW
IsIconic
ShowCaret
HideCaret
CharLowerW
UpdateWindow
UnionRect
GetWindowDC
CopyRect
ScreenToClient
CallWindowProcW
GetClassInfoW
CheckMenuItem
GetSystemMenu
EnumChildWindows
EnableMenuItem
AppendMenuW
DefDlgProcW
GetWindowPlacement
MoveWindow
ClientToScreen
ShowWindow
RemovePropW
SetPropW
GetDesktopWindow
CreateWindowExW
RegisterWindowMessageW
UnregisterClassW
ReleaseDC
GetDC
IsRectEmpty
SetRectEmpty
DrawTextW
SystemParametersInfoW
OffsetRect
RegisterClassW
LoadCursorW
GetWindowTextW
GetClassNameW
InflateRect
DrawFocusRect
SetRect
FillRect
SetCursor
GetWindowTextLengthW
GetMenu
IsZoomed
GetMenuItemRect
EnableScrollBar
WaitMessage
GetDlgCtrlID
DestroyCursor
GetForegroundWindow
DefWindowProcW
GetKeyState
GetFocus
SetCapture
SetFocus
ReleaseCapture
PostMessageW
GetPropW
InvalidateRect
PtInRect
MapVirtualKeyW
GetKeyNameTextW
EndPaint
EndDialog
ReplyMessage
DialogBoxIndirectParamW
FindWindowW
LoadStringW
LockWindowUpdate
DestroyIcon
GetUserObjectInformationW
TrackPopupMenu
InsertMenuW
TranslateAcceleratorW
LoadAcceleratorsW
DefMDIChildProcW
SetClassLongW
SystemParametersInfoA
ValidateRect
GetProcessWindowStation
BeginPaint
GetSysColorBrush
GetSysColor
RedrawWindow
IntersectRect
EqualRect
LoadImageW
UnhookWindowsHookEx
GetCapture
GetWindowThreadProcessId
WindowFromPoint
GetCursorPos
AttachThreadInput
GetActiveWindow
SendMessageTimeoutW
GetClientRect
IsWindowEnabled
GetWindow
GetParent
IsWindowVisible
GetSystemMetrics
GetWindowRect
GetWindowLongW
SetWindowLongW
GetDlgItem
DestroyWindow
IsWindow
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
InSendMessage
SetWindowPos
SendMessageW
EnableWindow
MessageBoxW

gdi32

GetTextColor
GetNearestColor
GetStockObject
Rectangle
RoundRect
SetPixelV
StretchDIBits
CreatePalette
SelectPalette
RealizePalette
CreateDIBitmap
CreateBitmapIndirect
SetPixel
SetMapMode
GetTextMetricsW
SaveDC
IntersectClipRect
RestoreDC
UnrealizeObject
SetBrushOrgEx
SetTextAlign
ExtTextOutW
LPtoDP
DPtoLP
ExcludeClipRect
TextOutW
GetMapMode
CreatePatternBrush
CreatePen
ExtSelectClipRgn
PatBlt
CreateCompatibleBitmap
GetBkColor
CreateRoundRectRgn
GetTextExtentPoint32W
FloodFill
CombineRgn
OffsetRgn
FillRgn
BeginPath
CloseFigure
GetDeviceCaps
FillPath
Polygon
CreateFontIndirectW
CreateCompatibleDC
DeleteDC
LineDDA
RectInRegion
OffsetWindowOrgEx
SetWindowOrgEx
CreateBitmap
SetViewportOrgEx
ExtCreatePen
ModifyWorldTransform
GetViewportExtEx
SetViewportExtEx
SetWorldTransform
GetGraphicsMode
GetWorldTransform
GetWindowExtEx
SetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
GetRgnBox
GetTextExtentPointW
SetStretchBltMode
StretchBlt
GetPixel
BitBlt
GetObjectType
SetBkMode
SetTextColor
SetBkColor
SelectClipRgn
GdiFlush
CreateDIBSection
LineTo
MoveToEx
EndPath
GetCurrentObject
CreateRectRgn
GetClipRgn
CreateRectRgnIndirect
SelectObject
CreateSolidBrush
GetClipBox
DeleteObject
GetObjectW

advapi32

LookupPrivilegeValueW
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
GetUserNameW
OpenProcessToken
RegEnumKeyExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegCreateKeyExW
AdjustTokenPrivileges

shell32

SHGetMalloc
ShellExecuteExW
SHGetFileInfoW
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListW

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleGetIconOfFile
OleMetafilePictFromIconAndLabel
CreateStreamOnHGlobal
ReleaseStgMedium
OleUninitialize
OleInitialize
CLSIDFromString
CoCreateInstance
DoDragDrop

oleaut32

VariantChangeType
OleLoadPicture
SysReAllocString
VariantCopy
VariantCopyInd
VariantClear
VariantInit
SysAllocString
SysFreeString

msimg32

AlphaBlend
GradientFill

Exports

Exports

AnimAbsHideWidget
AnimAbsShowWidget
AnimAnimateWidget
AnimCombineBitmaps
AnimCreateWidget
AnimDestroyAllWidgetsForTheWindow
AnimDestroyWidget
AnimDistanceInPoints
AnimDrawBitmap
AnimGetNextWidget
AnimGetWidgetExtra
AnimGetWidgetPoint
AnimGetWidgetRect
AnimGetWidgetSize
AnimHideWidget
AnimIntersectWidgetRect
AnimInvalidateWidgetsForPaint
AnimIsPointInWidget
AnimIsWidgetVisible
AnimMoveWidget
AnimRepaintWidgets
AnimShowWidget
AnimWidgetHitTest
AnimWidgetsOverlap
CrdAddPageA
CrdAddPageDynamicA
CrdAddPageDynamicW
CrdAddPageIndirectA
CrdAddPageIndirectDynamicA
CrdAddPageIndirectDynamicW
CrdAddPageIndirectW
CrdAddPageW
CrdDeletePageA
CrdDeletePageW
CrdDialogBoxA
CrdDialogBoxParamA
CrdDialogBoxParamExA
CrdDialogBoxParamExW
CrdDialogBoxParamW
CrdDialogBoxW
CrdEndDialog
CrdGetClientRect
CrdGetCurrentPageA
CrdGetCurrentPageW
CrdGetCurrentPageWithFocusA
CrdGetCurrentPageWithFocusW
CrdGetDefaultMessage
CrdGetDlgItem
CrdGetFlagsA
CrdGetFlagsW
CrdGetHWND
CrdGetPageA
CrdGetPageCount
CrdGetPageHandleA
CrdGetPageHandleW
CrdGetPageIndex
CrdGetPageItemA
CrdGetPageItemW
CrdGetPageW
CrdGetTitleA
CrdGetTitleW
CrdHasFocusA
CrdHasFocusW
CrdInternalGetShortcutWnd
CrdIsDialogMessage
CrdManageDialogA
CrdManageDialogW
CrdSetCurrentPageA
CrdSetCurrentPageOfControl
CrdSetCurrentPageW
CrdSetFlagsA
CrdSetFlagsW
CrdSetMessage
CrdSetTitleA
CrdSetTitleW
CrdSimulateCardA
CrdSimulateCardW
CtlAbortDlgCheckAbort
CtlAbortDlgClearAbort
CtlAbortDlgEnd
CtlAbortDlgHWnd
CtlAbortDlgSetTextA
CtlAbortDlgSetTextW
CtlAbortDlgStartA
CtlAbortDlgStartLocA
CtlAbortDlgStartLocW
CtlAbortDlgStartW
CtlAddBitmap
CtlAddCtlSupportA
CtlAddCtlSupportAlike
CtlAddCtlSupportAlikeEx
CtlAddCtlSupportW
CtlAddInplaceTooltipManager
CtlAdjustWindowRectEx
CtlAttachHelpWindowA
CtlAttachHelpWindowW
CtlButtonODMessage
CtlCreateActCtx
CtlCreateObject
CtlDestroyActCtx
CtlDetachHelpWindow
CtlDialogboxAppendSysmenu
CtlDialogboxCheckSysmenu
CtlDialogboxCustomize
CtlDialogboxOnSyscommand
CtlDoesIDHaveBitmap
CtlDrawEdge
CtlDrawParentBackground
CtlEnsureVisible
CtlEraseBkgnd
CtlGetBitmap
CtlGetDesktopInfos
CtlGetDialogboxMode
CtlGetInterface
CtlGetInternalBitmapCount
CtlGetLANGID
CtlGetMainApplicationWindow
CtlGetMonitorRect
CtlGetNameDlgA
CtlGetNameDlgLocA
CtlGetNameDlgLocW
CtlGetNameDlgW
CtlGetPushButtonBmpInfo
CtlGetScrollPos
CtlGetScrollRange
CtlGetScrollWidth
CtlGetSysColor
CtlGetSysColorBrush
CtlGetVersion
CtlHTMLDialog
CtlHoveringMsg
CtlJobClose
CtlJobOpen
CtlLoadAndPatchDialogResourceA
CtlLoadAndPatchDialogResourceEx
CtlLoadAndPatchDialogResourceW
CtlMessageBeep
CtlMessageBoxA
CtlMessageBoxAutoA
CtlMessageBoxAutoLocA
CtlMessageBoxAutoLocW
CtlMessageBoxAutoW
CtlMessageBoxExA
CtlMessageBoxExAutoA
CtlMessageBoxExAutoLocA
CtlMessageBoxExAutoLocW
CtlMessageBoxExAutoW
CtlMessageBoxExLocA
CtlMessageBoxExLocW
CtlMessageBoxExW
CtlMessageBoxLocA
CtlMessageBoxLocW
CtlMessageBoxW
CtlPaintButtonBMP
CtlPaintPushButtonBMP
CtlPopActCtx
CtlPushActCtx
CtlReleaseChildControls
CtlRepaintMessage
CtlSetDialogboxMode
CtlSetForegroundWindow
CtlSetHelpWindowDelay
CtlSetIconFromHost
CtlSetLANGID
CtlSetLANGIDEx
CtlSetMessageBoxProtocolFileName
CtlSetScrollIdleDelay
CtlSetScrollPos
CtlSetScrollRange
CtlSetScrollWidth
CtlSimulateButtonA
CtlSimulateButtonExA
CtlSimulateButtonExW
CtlSimulateButtonW
CtlSimulateColorCtl
CtlSimulateGroupA
CtlSimulateGroupW
CtlSimulateStaticA
CtlSimulateStaticW
CtlSkinDrawCardBackground
CtlSkinDrawCardControlTab
CtlSkinDrawControl
CtlSkinHookingProhibitionFlags
CtlSkinModifyCardControl
CtlSkinOverpaintNCArea
CtlSkinRegisterControl
CtlSubclassChildControls
CtlTools_Reload
CtlTools_hBrBkgnd
CtlTools_hBrBkgndTrue
CtlTools_hBrShadow
CtlTools_hpenDkBkgnd
CtlTools_hpenDkGray
CtlTools_hpenLtBkgnd
CtlTools_hpenLtGray
CtlTools_hpenMedGray
CtlTools_rgbBkgnd
CtlTools_rgbShadow
CtlTransparentBlt
CtlXPColor
CtlXlatLANGID
CtlXlatPath
CtlXlatResourceHandle
DcAddBinaryFile
DcAddHGLOBAL
DcAddSpecialFormatID
DcAddText
DcAddTextFile
DcCreateDataObject
DcDrag
DcReleaseDataObject
MmAddMenuGraphics
MmAddMenuItem
MmAddMenuItemCtl
MmAttachMenu
MmDetachMenu
MmForceMenuLoaded
MmForceUniqueIDs
MmGetMenuItem
MmGetMenuItemCtl
MmReleaseMenuGraphics
MmSetMenuItemTextA
MmSetMenuItemTextW

Sections

.text
Size: 710KB - Virtual size: 709KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/Cmll15ex.llx
.dll regsvr32 windows:5 windows x86 arch:x86

6d22be45e429160002c0590dab1eec55

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dev\dlls\ll15ex\Release\cmll15ex.pdb

Imports

cmut15

ord83
ord59
ord206
ord7
ord270
ord313
ord219
ord314
ord211
ord333
ord332
ord348
ord330
ord340
ord339
ord368
ord312
ord316
ord271
ord258
ord320
ord110
ord111
ord82

cmct15

ord185
ord70
ord166
ord168
ord182
ord98
ord176
ord253
ord189
ord163
ord28
ord71

cmdw15

ord159
ord58
ord51
ord52

cmll15

ord440

cmls15

ord69
ord68
ord66
ord63
ord47
ord54
ord46
ord51
ord48
ord56
ord52
ord71
ord64

kernel32

HeapAlloc
HeapFree
RtlUnwind
RaiseException
WritePrivateProfileStringW
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetTempFileNameW
lstrlenA
GetACP
IsDBCSLeadByteEx
GlobalFree
GlobalUnlock
GlobalLock
GetTempPathW
CloseHandle
CreateFileW
GetCurrentThreadId
OutputDebugStringW
GetProcAddress
LoadLibraryW
SetErrorMode
GlobalAlloc
FreeLibrary
GetModuleFileNameW
LocalFree
FormatMessageW
MulDiv
GetCPInfo
SetLastError
GetModuleHandleW
InterlockedDecrement
lstrcmpA
GetVersionExW
GetCurrentProcessId
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
CompareStringW
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleA
InterlockedIncrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
MoveFileW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom

user32

DestroyIcon
DestroyMenu
LoadCursorW
GetSysColorBrush
UnregisterClassW
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
CharUpperW
GetDesktopWindow
CreateDialogIndirectParamW
EndDialog
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetActiveWindow
DispatchMessageW
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
LoadIconW
InflateRect
SendMessageW
EnableWindow
DefWindowProcW
CallWindowProcW
PtInRect
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
CallNextHookEx
GetDlgItem
CheckDlgButton
GetParent
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
SetFocus
GetNextDlgTabItem
GetWindow
GetWindowTextW
GetWindowTextLengthW
GetActiveWindow
MessageBoxW
GetForegroundWindow
IsWindow
GetWindowRect
CopyRect
EqualRect
GetSubMenu
GetFocus
IsWindowEnabled
UnhookWindowsHookEx
ReleaseDC
GetDC
GetClientRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenu

gdi32

SetMapMode
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
RestoreDC
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportExtEx
SaveDC
CreateBitmap
GetObjectW
SetBkColor
GetClipBox
SetEnhMetaFileBits
DeleteEnhMetaFile
GetDeviceCaps
CreateCompatibleDC
SetTextColor
DeleteObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW

shell32

ExtractIconW
ShellExecuteW

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW

ole32

CoRegisterClassObject
CoInitializeEx
CoCreateInstance
CoUninitialize
StringFromCLSID
CoRevokeClassObject
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

VariantClear
VariantInit
SysAllocString
SysAllocStringLen
SysReAllocStringLen
SafeArrayUnlock
SafeArrayPutElement
SafeArrayLock
SafeArrayCreate
SysStringLen
SysFreeString
SysStringByteLen
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/Cmll15ht.llx
.dll windows:1 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

CODE
Size: 755KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/Cmll15oc.llx
.dll windows:1 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

CODE
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/Cmll15xl.dll
.dll windows:5 windows x86 arch:x86

7812742d01931d4fc188330f84538818

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegFlushKey
RegCloseKey

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongW
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharToOemW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
lstrlenW
lstrcpyW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualAlloc
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
OutputDebugStringW
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExW
GetVersion
GetTickCount
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemDefaultLCID
GetStdHandle
GetProfileStringW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindFirstFileW
FindClose
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
Sleep
OutputDebugStringA

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RectVisible
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsW
GetTextFaceW
GetTextExtentPointA
GetTextExtentPointW
GetTextExtentPoint32W
GetTextExtentExPointW
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPath
GetPaletteEntries
GetOutlineTextMetricsA
GetObjectW
GetMetaFileBitsEx
GetFontLanguageInfo
GetFontData
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetCharWidthA
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExcludeClipRect
EnumEnhMetaFile
EndPath
EndPage
EndDoc
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateFontW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CloseEnhMetaFile
BitBlt
BeginPath
GetCharacterPlacementW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

cmut15

UtilHeapObjectSize
UtilHeapObjectFree
UtilHeapObjectAlloc
UtilHeapDelete
UtilHeapCreate
UtilJobClose
UtilJobOpen

ole32

CoCreateGuid
OleUninitialize
OleInitialize
StgCreateDocfile
CoUninitialize
CoInitialize

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

shell32

ShellExecuteW

winspool.drv

OpenPrinterW
EnumPrintersW
DocumentPropertiesW
ClosePrinter

Exports

Exports

54h4fhrhu4gz
5hu54heb
874zhejfheg
XlsAddCurrentObjectsToWorksheet
XlsAddImageObject
XlsAddLineObject
XlsAddRectangleObject
XlsAddTextObject
XlsFinalizeWorkbook
XlsFinalizeWorksheet
XlsInitWorksheet
XlsJobClose
XlsJobOpen
XlsNewPage
XlsSetOptionString
hrh4tberj
hufehhe
jft4j54h5ihr
kjfrejtoihjt4th
nr94h579htruhnb
z85hfehfbeh

Sections

.text
Size: 900KB - Virtual size: 900KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 589B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/Cmls15.dll
.dll windows:5 windows x86 arch:x86

4543f1f60e5a022b0aeb07e0c35d2cdd

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmLS15.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

cmut15

ord17

cmct15

ord21
ord64
ord250
ord34
ord2
ord149
ord239
ord238
ord1
ord66
ord28
ord71
ord29
ord260
ord3
ord237
ord233
ord236
ord231
ord73
ord74
ord246
ord27
ord70
ord301
ord302
ord10

cmbr15

ord10
ord44

kernel32

TlsGetValue
TlsAlloc
DeleteFileA
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCommandLineA
LoadLibraryA
HeapDestroy
VirtualFree
GetSystemTimeAsFileTime
RtlUnwind
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
TlsSetValue
TlsFree
HeapSize
ExitProcess
GetStdHandle
GetOEMCP
IsValidCodePage
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
ReadProcessMemory
CreateDirectoryW
GetEnvironmentVariableW
GlobalReAlloc
GlobalSize
GetVersionExA
GetModuleHandleA
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
InterlockedExchange
RaiseException
IsBadCodePtr
IsBadReadPtr
LCMapStringW
ExpandEnvironmentStringsW
GetFileTime
GetFileType
FindClose
GetTempPathW
FlushFileBuffers
ReadFile
FileTimeToSystemTime
UnlockFile
SetEndOfFile
SetFilePointer
FindFirstFileW
GetFileSize
GetSystemInfo
ReleaseMutex
GetThreadLocale
GetUserDefaultLangID
GetComputerNameW
FindResourceW
FindResourceExW
CreateMutexW
HeapCreate
LockResource
MultiByteToWideChar
FormatMessageW
LoadResource
IsBadStringPtrW
LocalFree
GetCurrentProcessId
GetVersion
QueryPerformanceFrequency
WaitForMultipleObjects
CreateEventW
GetExitCodeThread
CreateFileMappingW
LocalAlloc
InterlockedExchangeAdd
ProcessIdToSessionId
ResetEvent
GetACP
TerminateThread
WideCharToMultiByte
WriteFile
SetEvent
WaitForSingleObject
QueryPerformanceCounter
UnmapViewOfFile
MapViewOfFile
lstrcpynW
lstrcpynA
SetThreadLocale
GetCPInfo
Sleep
GetTickCount
GetThreadPriority
SetThreadPriority
GetLocaleInfoW
GetUserDefaultLCID
GlobalDeleteAtom
GlobalAddAtomW
GetFileAttributesW
SetFileAttributesW
GetShortPathNameW
SetLastError
CompareStringW
GetModuleHandleW
SystemTimeToFileTime
GetProfileIntW
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualQuery
ResumeThread
GetThreadContext
SuspendThread
GetCurrentProcess
DuplicateHandle
GetCurrentThread
GetPrivateProfileStringW
GetModuleFileNameW
GetTimeZoneInformation
GetSystemTime
CopyFileW
GlobalMemoryStatus
GlobalFree
GetVersionExW
GetTimeFormatW
GetDateFormatW
GetLocalTime
DebugBreak
DeleteFileW
CloseHandle
CreateFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
OutputDebugStringW
LoadLibraryW
SetErrorMode
GetProcAddress
FreeLibrary
MulDiv
InterlockedDecrement
InterlockedIncrement
GetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WriteConsoleW
GetProcessHeap
CreateFileA
HeapFree

user32

IsDialogMessageW
CreateDialogIndirectParamW
EndDialog
InSendMessage
LoadStringW
MsgWaitForMultipleObjects
CharUpperW
SendMessageTimeoutW
WindowFromDC
UnregisterClassA
RegisterClassA
GetCapture
GetMenuItemInfoW
IsIconic
SetScrollInfo
GetScrollInfo
BeginDeferWindowPos
ShowScrollBar
ClientToScreen
GetClassNameW
FindWindowW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
UpdateWindow
InsertMenuItemW
MessageBeep
MapVirtualKeyW
ShowCursor
InvalidateRgn
MoveWindow
MapDialogRect
TrackPopupMenu
CreatePopupMenu
DrawIcon
GetSystemMenu
EnableMenuItem
DestroyMenu
GetSubMenu
GetClassLongW
InflateRect
OffsetRect
RemovePropW
GetPropW
GetNextDlgTabItem
DrawFrameControl
GetDC
CharToOemA
UnionRect
DeferWindowPos
SendNotifyMessageW
EndDeferWindowPos
SetPropW
SetRect
SetRectEmpty
IsRectEmpty
MapWindowPoints
GetMessageW
SetCursor
GetCursorPos
ScreenToClient
RedrawWindow
RegisterWindowMessageW
DrawIconEx
DrawTextW
GetUpdateRect
LoadImageW
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
CreateWindowExW
EqualRect
SystemParametersInfoW
KillTimer
SetTimer
EnumWindows
GetDesktopWindow
EnableWindow
ReplyMessage
DialogBoxIndirectParamW
GetUserObjectInformationW
GetProcessWindowStation
DestroyIcon
LoadBitmapW
LoadMenuW
ReleaseDC
GetSysColorBrush
IsWindow
GetActiveWindow
GetWindow
FillRect
DrawEdge
GetSysColor
GetClientRect
DefWindowProcW
EndPaint
BeginPaint
GetKeyState
GetFocus
SetCapture
SetFocus
ReleaseCapture
CheckRadioButton
LockWindowUpdate
DefMDIChildProcW
SetClassLongW
LoadAcceleratorsW
WaitMessage
GetClassInfoW
TranslateAcceleratorW
CallWindowProcW
InsertMenuW
DrawFocusRect
PostMessageW
GetParent
InvalidateRect
PtInRect
IsWindowEnabled
UnregisterClassW
RegisterClassW
LoadCursorW
DispatchMessageW
TranslateMessage
CallMsgFilterW
PeekMessageW
GetWindowLongW
SetWindowLongW
GetSystemMetrics
GetWindowRect
GetDlgItem
DestroyWindow
SetActiveWindow
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetWindowPos
SendMessageW
IsWindowVisible
ShowWindow
GetMenuItemCount

gdi32

GetNearestColor
DeleteObject
GetDIBits
EnumEnhMetaFile
SetViewportExtEx
SetWindowExtEx
SetMapMode
CreateBitmap
CreateDIBSection
GetEnhMetaFileHeader
DeleteDC
EndDoc
EndPage
StartPage
ResetDCW
StartDocW
CreateDCW
SetBkColor
SetTextColor
SelectObject
GetEnhMetaFileBits
GetStockObject
LineTo
MoveToEx
ModifyWorldTransform
SetViewportOrgEx
GetMapMode
GetWindowOrgEx
GetWindowExtEx
GetWorldTransform
GetGraphicsMode
SetWorldTransform
SetWindowOrgEx
DeleteMetaFile
SelectClipRgn
GetBkColor
CreatePen
GetClipBox
UnrealizeObject
SetBrushOrgEx
BitBlt
AbortDoc
ExtSelectClipRgn
SetBkMode
GetTextExtentPointW
SetAbortProc
SetTextAlign
CreateRoundRectRgn
IntersectClipRect
RoundRect
GetTextExtentPoint32W
PtInRegion
BeginPath
CloseFigure
EndPath
FillPath
GetRgnBox
CreateRectRgn
GdiFlush
Rectangle
SetROP2
Polyline
StretchBlt
PatBlt
GetCurrentObject
SelectClipPath
CreateSolidBrush
GetPixel
CreatePatternBrush
GetObjectType
CreateCompatibleBitmap
CreateCompatibleDC
CreateHatchBrush
ExtCreatePen
SetStretchBltMode
ExtTextOutW
ExcludeClipRect
GetTextMetricsW
LPtoDP
DeleteEnhMetaFile
GetTextAlign
CreateRectRgnIndirect
CombineRgn
SaveDC
RestoreDC
DPtoLP
GetDeviceCaps
CreateEnhMetaFileW
CloseEnhMetaFile
PlayEnhMetaFileRecord
SetEnhMetaFileBits
GetFontLanguageInfo
GetCharacterPlacementW
TranslateCharsetInfo
CreateFontIndirectW
GetViewportOrgEx
GetViewportExtEx
PlayEnhMetaFile
Polygon
GetObjectW

winspool.drv

DocumentPropertiesW
ClosePrinter
GetPrinterW
EnumPrintersW
EnumJobsW
OpenPrinterW
DeviceCapabilitiesW

comdlg32

CommDlgExtendedError

advapi32

LookupPrivilegeValueW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
FreeSid
AllocateAndInitializeSid
RegOpenKeyW
EqualSid
GetTokenInformation
GetUserNameW
OpenProcessToken
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges

shell32

ShellExecuteExW
ShellExecuteW
SHGetFileInfoW

ole32

CoGetClassObject
OleUninitialize
CoCreateInstance
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CLSIDFromProgID
CoUninitialize
CoInitialize
CoTaskMemAlloc
OleInitialize

oleaut32

VarR8FromCy
VariantChangeType
VarR8FromDec
SystemTimeToVariantTime
SysReAllocString
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
VariantCopy
OleLoadPicture
SysFreeString
SysAllocString
VariantCopyInd
VariantClear
VariantInit

Exports

Exports

LlStgsysAppend
LlStgsysAppendEMF
LlStgsysConvertA
LlStgsysConvertW
LlStgsysDeleteFiles
LlStgsysDeleteJob
LlStgsysDeletePage
LlStgsysDestroyMetafile
LlStgsysDrawPage
LlStgsysGetAPIVersion
LlStgsysGetFileVersion
LlStgsysGetFilenameA
LlStgsysGetFilenameW
LlStgsysGetJob
LlStgsysGetJobCount
LlStgsysGetJobOptionStringExA
LlStgsysGetJobOptionStringExW
LlStgsysGetJobOptionValue
LlStgsysGetLLFilename
LlStgsysGetLastError
LlStgsysGetPageCount
LlStgsysGetPageMetafile
LlStgsysGetPageOptionStringA
LlStgsysGetPageOptionStringW
LlStgsysGetPageOptionValue
LlStgsysGetPagePrinterA
LlStgsysGetPagePrinterW
LlStgsysPrintA
LlStgsysPrintW
LlStgsysSetJob
LlStgsysSetJobOptionStringExA
LlStgsysSetJobOptionStringExW
LlStgsysSetPageOptionStringA
LlStgsysSetPageOptionStringW
LlStgsysStorageClose
LlStgsysStorageConvertA
LlStgsysStorageConvertW
LlStgsysStorageCreateA
LlStgsysStorageCreateW
LlStgsysStorageOpen13
LlStgsysStorageOpenA
LlStgsysStorageOpenExA
LlStgsysStorageOpenExW
LlStgsysStorageOpenW
LlStgsysStoragePrintA
LlStgsysStoragePrintExW
LlStgsysStoragePrintW
LsConversionConfigurationDlg
LsConversionConvertEMFToFileA
LsConversionConvertEMFToFileW
LsConversionConvertEMFToStream
LsConversionConvertStgToFileA
LsConversionConvertStgToFileW
LsConversionConvertStgToStream
LsConversionGetOptionStringA
LsConversionGetOptionStringW
LsConversionJobClose
LsConversionJobOpenA
LsConversionJobOpenW
LsConversionPrintA
LsConversionPrintW
LsConversionSetOptionStringA
LsConversionSetOptionStringW
LsCreateViewerControlOverParent
LsDrawInputObject
LsGetDDXForms
LsGetDebug
LsGetDlgboxMode
LsGetOrgTextFromGlyphsW
LsGetViewerControlClassNameA
LsGetViewerControlClassNameEx
LsGetViewerControlClassNameW
LsGetViewerControlDefaultMessage
LsInternalCreateViewerControlOverParent13
LsInternalGetViewerControlFromParent13
LsMailConfigurationDialogA
LsMailConfigurationDialogW
LsMailGetOptionStringA
LsMailGetOptionStringW
LsMailJobClose
LsMailJobOpen
LsMailSendFile
LsMailSetOptionStringA
LsMailSetOptionStringW
LsMailViewA
LsMailViewW
LsProfileEnd
LsProfileStartA
LsProfileStartW
LsSetDebug
LsSetDlgboxMode

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmbr15.dll
.dll windows:5 windows x86 arch:x86

ab881e88133a11dc46363151f610933d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmBR15.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

cmut15

ord71
ord72
ord33
ord229
ord74
ord3
ord211
ord11

cmct15

ord231
ord244
ord70
ord71
ord6
ord91
ord64
ord66
ord92
ord9
ord3
ord240
ord73
ord29
ord13
ord109
ord149
ord242
ord98
ord68
ord107
ord81
ord80
ord83
ord84
ord10
ord236
ord74
ord238
ord233

kernel32

DeleteFileW
CreateMutexW
lstrcpynA
FindResourceExW
GetUserDefaultLangID
GetThreadLocale
ReleaseMutex
IsBadReadPtr
IsBadCodePtr
RaiseException
InterlockedExchange
ReadFile
GlobalSize
GlobalReAlloc
GetEnvironmentVariableW
CreateDirectoryW
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GetConsoleCP
GetModuleHandleA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapReAlloc
VirtualAlloc
RtlUnwind
GetSystemTimeAsFileTime
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
GetStdHandle
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapAlloc
HeapFree
DeleteFileA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCommandLineA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetFileType
UnlockFile
SetEndOfFile
SetFilePointer
FindFirstFileW
GetFileSize
LCMapStringW
LockResource
GlobalUnlock
GlobalLock
MultiByteToWideChar
FormatMessageW
GetLocaleInfoW
LoadResource
IsBadStringPtrW
SetLastError
SetErrorMode
GetSystemInfo
ResumeThread
SuspendThread
LocalFree
GetConsoleMode
GetCurrentProcessId
QueryPerformanceFrequency
GetThreadPriority
WaitForMultipleObjects
CreateEventW
GetExitCodeThread
CreateFileMappingW
LocalAlloc
InterlockedExchangeAdd
ProcessIdToSessionId
ResetEvent
GlobalFree
SetThreadPriority
GetACP
CreateFileW
TerminateThread
WideCharToMultiByte
GlobalAlloc
WriteFile
GetCurrentThread
OutputDebugStringW
SetEvent
WaitForSingleObject
QueryPerformanceCounter
UnmapViewOfFile
MapViewOfFile
InterlockedDecrement
InterlockedIncrement
GetVersion
GetModuleFileNameW
GetVersionExW
VirtualQuery
GetPrivateProfileIntW
CompareStringW
GetFileAttributesW
GetLocalTime
GetModuleHandleW
LoadLibraryW
DuplicateHandle
GetCurrentProcess
GlobalDeleteAtom
GlobalAddAtomW
GetPrivateProfileStringW
GetLastError
WritePrivateProfileStringW
DebugBreak
Sleep
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
MulDiv
FindResourceW
GetCurrentThreadId
CloseHandle
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
FindClose
GetTempPathW
FlushFileBuffers
WriteConsoleW
GetProcessHeap
CreateFileA
GetSystemDirectoryW

user32

InSendMessage
GetWindowThreadProcessId
WaitMessage
GetWindowDC
CallWindowProcW
MsgWaitForMultipleObjects
CharUpperW
SendMessageTimeoutW
GetMenuState
GetIconInfo
GetAsyncKeyState
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollPos
GetNextDlgTabItem
MapDialogRect
OffsetRect
PeekMessageW
ReleaseDC
GetDC
GetDoubleClickTime
ScrollDC
TrackPopupMenu
ClientToScreen
FindWindowW
MapVirtualKeyW
DestroyMenu
CheckMenuItem
GetMenuItemID
ModifyMenuW
GetMenuStringW
AppendMenuW
EndDialog
DeleteMenu
GetSubMenu
GetProcessWindowStation
LoadImageW
GetDialogBaseUnits
ValidateRect
SetActiveWindow
MessageBoxW
DrawTextW
DrawIcon
DrawIconEx
DefMDIChildProcW
EndPaint
BeginPaint
UnhookWindowsHookEx
SetWindowsHookExW
GetActiveWindow
GetDesktopWindow
CallNextHookEx
GetClassNameW
LoadStringW
SystemParametersInfoW
DeferWindowPos
SendNotifyMessageW
EndDeferWindowPos
SetRect
SetRectEmpty
IsRectEmpty
GetWindow
MapWindowPoints
ReleaseCapture
DispatchMessageW
TranslateMessage
GetMessageW
GetKeyState
SetCapture
EnableMenuItem
CreateDialogIndirectParamW
IsDialogMessageW
GetClassLongW
ReplyMessage
DialogBoxIndirectParamW
GetSystemMenu
GetMenuItemCount
GetUserObjectInformationW
RedrawWindow
DefWindowProcW
OemKeyScan
DrawFocusRect
UnregisterClassW
RegisterClassW
LockWindowUpdate
SetClassLongW
CallMsgFilterW
LoadAcceleratorsW
GetClassInfoW
TranslateAcceleratorW
CheckRadioButton
InsertMenuW
GetKeyboardLayoutNameW
LoadMenuW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
SetWindowLongW
SetWindowPos
ShowWindow
EnableWindow
GetPropW
SetPropW
RemovePropW
GetDlgItem
DrawEdge
FillRect
LoadBitmapW
GetUpdateRect
DestroyWindow
SetFocus
GetSysColorBrush
PostMessageW
SetCursor
MessageBeep
UpdateWindow
InvalidateRect
PtInRect
IsWindow
IsWindowVisible
MoveWindow
CreateWindowExW
InflateRect
GetWindowLongW
GetWindowRect
GetFocus
DestroyIcon
IsWindowEnabled
GetSysColor
GetClientRect
GetDlgCtrlID
GetParent
EqualRect
RegisterWindowMessageW
LoadCursorW
WindowFromPoint
GetCursorPos
ScreenToClient
KillTimer
SetTimer
GetSystemMetrics
SendMessageW
DestroyCursor

gdi32

CreateSolidBrush
CreatePen
GetTextMetricsW
GetDeviceCaps
UnrealizeObject
GetCurrentObject
SetBkMode
CreateRectRgn
BeginPath
RoundRect
EndPath
GetObjectW
IntersectClipRect
OffsetWindowOrgEx
SetWindowOrgEx
GetClipRgn
GetPixel
GetObjectType
CreateBitmap
SetViewportOrgEx
ExtCreatePen
ModifyWorldTransform
GetViewportExtEx
SetViewportExtEx
SetWorldTransform
SetStretchBltMode
GetGraphicsMode
GetMapMode
SetMapMode
GetWorldTransform
StretchBlt
GetWindowExtEx
SetWindowExtEx
LPtoDP
GetViewportOrgEx
GetWindowOrgEx
ExtTextOutW
CombineRgn
SetTextAlign
SetBrushOrgEx
SelectClipRgn
CreateRectRgnIndirect
LineTo
MoveToEx
SetBkColor
Polygon
GetStockObject
GetTextExtentPointW
Rectangle
ExcludeClipRect
SelectClipPath
CreatePatternBrush
DeleteDC
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SetTextColor
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
SelectObject

advapi32

LookupPrivilegeValueW
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
GetUserNameW
OpenProcessToken
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegCreateKeyExW
AdjustTokenPrivileges

shell32

SHGetFileInfoW
ExtractIconW
DragAcceptFiles

ole32

OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
OleUninitialize

oleaut32

VariantChangeType
SysReAllocString
SystemTimeToVariantTime
SysFreeString
SysAllocString
VariantClear
VariantInit

Exports

Exports

BrwsCheckDateContentsA
BrwsCheckDateContentsW
BrwsCheckDateDMY
BrwsCommandMessage
BrwsCreateCalendar
BrwsDrawSmallIcon
BrwsFormatDateContentsToDisplayA
BrwsFormatDateContentsToDisplayW
BrwsFormatDateDMYToDisplayA
BrwsFormatDateDMYToDisplayW
BrwsFormatDateDisplayToContentsA
BrwsFormatDateDisplayToContentsW
BrwsFormatDateDisplayToDMYA
BrwsFormatDateDisplayToDMYW
BrwsGetClassNameA
BrwsGetClassNameW
BrwsGetDlgboxMode
BrwsGetVersion
BrwsGetXEditControlMessage
BrwsLoadIconA
BrwsLoadIconW
BrwsMessagebase
BrwsReleaseEditControl
BrwsSetDebugDefault
BrwsSetDlgboxMode
BrwsSetEditToBtnEditControl
BrwsSetEditToBtnEditControlHandle
BrwsSetEditToCalControlA
BrwsSetEditToCalControlW
BrwsSetMouseWheelScrollCount
BrwsSetTooltipA
BrwsSetTooltipW

Sections

.text
Size: 660KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 873KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmdw15.dll
.dll windows:5 windows x86 arch:x86

cfff9fdebd49ed133aca484622ad90c6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmDW15.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

cmut15

ord86
ord17
ord32

cmct15

ord3
ord27

kernel32

GetUserDefaultLangID
IsBadCodePtr
RaiseException
CreateMutexW
lstrcpynA
FindResourceExW
GetThreadLocale
ReleaseMutex
CreateFileA
GlobalSize
GetEnvironmentVariableW
CreateDirectoryW
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableW
SetEnvironmentVariableA
IsBadReadPtr
GetStringTypeA
LCMapStringA
SetStdHandle
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
HeapReAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetSystemTimeAsFileTime
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
GetStdHandle
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteFileA
HeapFree
HeapAlloc
LCMapStringW
GetSystemInfo
MultiByteToWideChar
FormatMessageW
IsBadStringPtrW
GetModuleHandleA
ResumeThread
SuspendThread
LocalFree
GetCurrentProcessId
GetVersion
GetCurrentThreadId
QueryPerformanceFrequency
GetThreadPriority
WaitForMultipleObjects
CreateEventW
GetExitCodeThread
LocalAlloc
InterlockedExchangeAdd
ProcessIdToSessionId
GetLocalTime
ResetEvent
SetThreadPriority
GetACP
TerminateThread
WideCharToMultiByte
GetCurrentThread
OutputDebugStringW
SetEvent
WaitForSingleObject
QueryPerformanceCounter
GetSystemTime
DebugBreak
DeleteFileW
DuplicateHandle
GetFileTime
GetFileType
FindClose
GetTempPathW
FlushFileBuffers
FileTimeToSystemTime
GetFileAttributesW
Sleep
WriteFile
GetTickCount
UnlockFile
GetCurrentProcess
LoadResource
FindResourceW
SetErrorMode
SetEndOfFile
SetFilePointer
FindFirstFileW
GetFileSize
DeleteCriticalSection
GetProcAddress
CompareStringW
GetModuleFileNameW
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
FreeLibrary
VirtualQuery
SetLastError
ReadFile
GlobalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalAlloc
UnmapViewOfFile
GetLastError
MulDiv
GlobalUnlock
GlobalLock
MapViewOfFile
CloseHandle
CreateFileMappingW
CreateFileW
InterlockedDecrement
InterlockedIncrement
GlobalFree
GetProcessHeap
GetStringTypeW
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCommandLineA
RtlUnwind

user32

GetDC
MessageBoxW
ReleaseDC
SetWindowPos
GetWindowThreadProcessId
GetFocus
MessageBoxA
FillRect
LoadImageW
GetParent
LockWindowUpdate
GetWindowLongW
LoadStringW
MsgWaitForMultipleObjects
MessageBeep
FindWindowW
TranslateMessage
PeekMessageW
CharUpperW
SendMessageTimeoutW
IsWindow
GetSystemMetrics
DispatchMessageW
SetRect
DestroyIcon
DrawIconEx
GetIconInfo
wsprintfW

gdi32

GetObjectType
CreateDIBSection
GdiFlush
DeleteEnhMetaFile
DeleteMetaFile
EnumEnhMetaFile
EnumMetaFile
PlayMetaFile
PlayEnhMetaFileRecord
SelectClipRgn
CreateRectRgnIndirect
PlayMetaFileRecord
SetMetaFileBitsEx
GetEnhMetaFileW
GetEnhMetaFileHeader
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
SetViewportOrgEx
LPtoDP
SetWindowExtEx
GetWindowExtEx
GetWorldTransform
SetMapMode
GetMapMode
GetGraphicsMode
SaveDC
SetWorldTransform
SetViewportExtEx
GetViewportExtEx
RestoreDC
GetDeviceCaps
SetDIBitsToDevice
StretchDIBits
PatBlt
BitBlt
StretchBlt
GetPaletteEntries
CreateDIBitmap
GetDIBits
GetStockObject
CreatePalette
GetDIBColorTable
GetObjectW
CreateSolidBrush
DeleteDC
SetStretchBltMode
RealizePalette
SelectPalette
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
GetUserNameW
RegQueryValueExW

ole32

CreateStreamOnHGlobal

oleaut32

VariantInit
SystemTimeToVariantTime
SysAllocString
VariantCopyInd
VariantChangeType
VariantClear

msimg32

AlphaBlend

Exports

Exports

DwgBmpFromDib
DwgCreateDibPalette
DwgCreateLogicalDib
DwgDibFromBmp
DwgDibFromDib
DwgDisplay
DwgDisplayColored
DwgDisplayDirect
DwgDisplayEx
DwgDisplayMFAware
DwgDrawBmp
DwgDrawDib
DwgDrawDibMapping
DwgEditA
DwgEditNoCtl
DwgEditW
DwgErrortextA
DwgErrortextW
DwgGetCapability
DwgGetHandleToDIB
DwgGetInterface
DwgGetNameA
DwgGetNameW
DwgGetOption
DwgGetSize
DwgGetSizeEx
DwgGetType
DwgGetVersion
DwgJobClose
DwgJobOpen
DwgJpegFromDib
DwgSetA
DwgSetDebug
DwgSetExtA
DwgSetExtW
DwgSetExtZoomedA
DwgSetExtZoomedW
DwgSetGlobalOption
DwgSetOption
DwgSetW
DwgStretchBmp
DwgStretchDib
DwgStretchDibMapping
DwgTiffAppendDIB
DwgTiffEnd
DwgTiffEndCancel
DwgTiffEndSaveAsA
DwgTiffEndSaveAsW
DwgTiffFromDib
DwgTiffStart

Sections

.text
Size: 532KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll15.dll
.dll windows:5 windows x86 arch:x86

67d9764463a39317dd9b65d9ebeef091

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmLL15.pdb

Imports

mpr

WNetGetConnectionW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

imm32

ImmGetContext
ImmGetOpenStatus
ImmSetCompositionFontA
ImmReleaseContext
ImmSetCompositionWindow

oledlg

OleUIAddVerbMenuW

cmut15

ord87
ord70
ord206
ord72
ord71
ord37
ord137
ord136
ord135
ord134
ord133
ord132
ord18
ord55
ord44
ord52
ord73
ord46
ord47
ord66
ord19
ord49
ord50
ord20
ord42
ord43
ord48
ord45

cmct15

ord302
ord228
ord215
ord186
ord89
ord234
ord28
ord3
ord246
ord38
ord250
ord74
ord70
ord71
ord64
ord237
ord236
ord4
ord18
ord231
ord233
ord91
ord6
ord240
ord232
ord27
ord66
ord13
ord304
ord92
ord149
ord238
ord239
ord84
ord80
ord83
ord107
ord106
ord108
ord97
ord182
ord96
ord244
ord85
ord16
ord21
ord2
ord23
ord230
ord229
ord29
ord301
ord303
ord73
ord9

cmbr15

ord44
ord46
ord10

cmdw15

ord42
ord124
ord31
ord11
ord33
ord25
ord50
ord130
ord34
ord32
ord9
ord121
ord56
ord22
ord126
ord13
ord60
ord48
ord40
ord45
ord8
ord12

cmls15

ord10
ord11
ord9
ord8
ord2
ord85
ord3
ord86
ord87
ord88
ord75
ord32
ord94
ord74
ord35
ord34

kernel32

HeapDestroy
HeapCreate
HeapReAlloc
ExitProcess
HeapSize
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
LCMapStringA
RtlUnwind
GetProcessHeap
CreateFileA
DeleteFileA
ExitThread
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
LoadLibraryA
GetDriveTypeA
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
SetStdHandle
GetLocaleInfoA
EnumSystemLocalesA
GetStringTypeA
GetStringTypeW
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
CreateThread
GetCurrentDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
ReadProcessMemory
GlobalReAlloc
InterlockedExchange
RaiseException
IsBadCodePtr
IsBadReadPtr
ExpandEnvironmentStringsW
GetFileTime
GetFileType
FlushFileBuffers
FileTimeToSystemTime
LockFile
UnlockFile
SetEndOfFile
SetFilePointer
GetFileSize
GetFullPathNameW
GetComputerNameW
FormatMessageW
IsBadStringPtrW
LocalFree
GetExitCodeThread
CreateFileMappingW
InterlockedExchangeAdd
ProcessIdToSessionId
TerminateThread
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateMutexW
LCMapStringW
FindNextFileW
WaitForMultipleObjects
lstrcpynA
SetThreadPriority
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
ReleaseSemaphore
CreateSemaphoreW
FindResourceExW
GetUserDefaultLCID
LockResource
FreeEnvironmentStringsW
LoadResource
FindResourceW
FindClose
FindFirstFileW
GetThreadContext
ResumeThread
SuspendThread
IsValidLocale
GetCPInfo
GetLocalTime
GetWindowsDirectoryW
GetLogicalDriveStringsW
GlobalMemoryStatus
GetProcessAffinityMask
GetVersionExW
GetACP
GetOEMCP
GetDiskFreeSpaceW
GetDriveTypeW
lstrlenW
GetSystemInfo
GetVersion
QueryPerformanceFrequency
QueryPerformanceCounter
SetThreadAffinityMask
GetCurrentProcessId
GetEnvironmentVariableW
CreateDirectoryW
ReadFile
WriteFile
CreateMailslotW
GetCommandLineW
OpenProcess
GetTempPathW
WriteProfileStringW
GetProfileStringW
VirtualFree
VirtualAlloc
VirtualProtect
CancelWaitableTimer
VirtualQuery
SetWaitableTimer
CreateWaitableTimerW
lstrcpynW
GetCurrencyFormatW
GetNumberFormatW
GetTimeFormatW
GetDateFormatW
CompareStringW
MultiByteToWideChar
GlobalSize
EnumSystemLocalesW
GlobalAlloc
CreateFileW
SystemTimeToFileTime
GetSystemTime
SetCurrentDirectoryW
GetCurrentDirectoryW
SetThreadLocale
GetThreadLocale
GlobalDeleteAtom
GlobalAddAtomW
GetTickCount
GetModuleHandleW
SetErrorMode
DebugBreak
GlobalFree
GlobalUnlock
GlobalLock
GetLastError
SetLastError
GetLocaleInfoW
GetUserDefaultLangID
ReleaseMutex
ResetEvent
OutputDebugStringW
GetCurrentThreadId
GetFileAttributesW
DeleteFileW
MulDiv
WaitForSingleObject
SetEvent
Sleep
GetCurrentThread
GetThreadPriority
CreateEventW
CloseHandle
DuplicateHandle
GetCurrentProcess
LoadLibraryW
GetModuleFileNameW
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEnvironmentVariableA
SetEnvironmentVariableW
GetEnvironmentStringsW
SizeofResource
SetHandleCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
LocalAlloc

user32

GetSysColorBrush
AppendMenuW
GetDC
CountClipboardFormats
SetScrollRange
GetClipboardData
IntersectRect
WindowFromDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetUpdateRect
ValidateRect
GetNextDlgGroupItem
MessageBoxW
GetKeyboardLayoutNameW
AdjustWindowRect
CharUpperW
ReleaseDC
GetWindowDC
PostQuitMessage
SetMenu
CreateAcceleratorTableW
ModifyMenuW
GetKeyNameTextW
GetMenuState
DrawMenuBar
SetForegroundWindow
MsgWaitForMultipleObjectsEx
LoadAcceleratorsW
TranslateAcceleratorW
DestroyAcceleratorTable
SetMenuItemInfoW
GetMenuItemInfoW
GetSystemMenu
SetWindowPlacement
GetWindowPlacement
GetTopWindow
GetClassNameW
ClientToScreen
GetCaretPos
LoadStringW
BringWindowToTop
DestroyCursor
GetClipboardFormatNameW
LoadIconW
IsZoomed
GetAsyncKeyState
IsIconic
GetScrollInfo
ShowScrollBar
SetScrollInfo
GetDoubleClickTime
DeleteMenu
EnableMenuItem
GetMenuItemID
GetMenuItemCount
MapDialogRect
SetTimer
GetDlgCtrlID
GetNextDlgTabItem
IsCharAlphaW
ChildWindowFromPointEx
DrawCaption
SystemParametersInfoW
GetMenu
DrawFrameControl
IsClipboardFormatAvailable
GetSysColor
GetDlgItem
UnregisterClassW
GetProcessWindowStation
CharUpperA
RemovePropW
GetPropW
GetIconInfo
DestroyIcon
DrawIconEx
MapVirtualKeyW
GetCapture
DeferWindowPos
SendNotifyMessageW
SendMessageW
RegisterWindowMessageW
SetRect
MessageBeep
GetActiveWindow
CreatePopupMenu
InsertMenuItemW
LoadImageW
EndDeferWindowPos
SetPropW
ScreenToClient
RedrawWindow
SetWindowLongW
IsCharAlphaNumericW
IsRectEmpty
SetParent
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetSubMenu
CheckMenuItem
LoadMenuW
UpdateWindow
MoveWindow
EqualRect
WaitMessage
WindowFromPoint
GetMessageW
GetCursor
ReleaseCapture
SetCapture
GetCursorPos
PtInRect
DrawTextW
DrawEdge
LoadBitmapW
AdjustWindowRectEx
AttachThreadInput
MsgWaitForMultipleObjects
KillTimer
GetUserObjectInformationW
DestroyMenu
InflateRect
PeekMessageW
CallMsgFilterW
TranslateMessage
DispatchMessageW
IsWindow
GetParent
GetWindowThreadProcessId
SendMessageTimeoutW
RegisterClipboardFormatW
FindWindowW
CreateWindowExW
DestroyWindow
GetSystemMetrics
SetRectEmpty
UnionRect
OffsetRect
FillRect
GetWindowRect
GetClientRect
EnableWindow
ShowWindow
GetWindow
SetFocus
SetActiveWindow
SetCursor
LoadCursorW
LockWindowUpdate
TrackPopupMenu
InSendMessage
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
GetClassLongW
ReplyMessage
DialogBoxIndirectParamW
DefMDIChildProcW
SetClassLongW
GetClassInfoW
CallWindowProcW
CheckRadioButton
wsprintfW
ScrollWindow
SetScrollPos
RegisterClassExW
GetScrollRange
CharLowerA
RegisterClassW
CharLowerBuffW
EndPaint
BeginPaint
DrawFocusRect
CharUpperBuffW
DefWindowProcW
SetWindowPos
GetDesktopWindow
MapWindowPoints
InvalidateRect
GetWindowLongW
IsWindowEnabled
IsWindowVisible
GetFocus
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetKeyState
PostMessageW
InsertMenuW

gdi32

GetDeviceCaps
GetStockObject
GdiComment
SetWindowExtEx
SetViewportExtEx
SetViewportOrgEx
GetWindowExtEx
GetTextExtentPointW
CombineRgn
CreatePolygonRgn
Polygon
SetPixelV
BeginPath
GetMapMode
LineDDA
EndPath
StrokePath
GetCurrentObject
GetTextColor
GetClipRgn
CreateRectRgn
SelectClipRgn
PathToRegion
GetRgnBox
ModifyWorldTransform
GetWindowOrgEx
GetViewportOrgEx
GetViewportExtEx
GetGraphicsMode
SetWindowOrgEx
PlayMetaFileRecord
CreateRectRgnIndirect
DeleteObject
PlayEnhMetaFileRecord
GetEnhMetaFileHeader
SelectPalette
RealizePalette
EnumMetaFile
EnumEnhMetaFile
PtInRegion
IntersectClipRect
Rectangle
GetEnhMetaFileBits
GetWinMetaFileBits
SelectClipPath
CreateFontW
TextOutW
CreatePen
Escape
SetEnhMetaFileBits
StretchBlt
CreateCompatibleBitmap
SetDIBits
Polyline
LPtoDP
DPtoLP
SetROP2
FillPath
DeleteDC
OffsetWindowOrgEx
StartDocW
TranslateCharsetInfo
EndPage
EndDoc
CreateDCW
GetClipBox
UnrealizeObject
AbortDoc
ResetDCW
SetGraphicsMode
Ellipse
CreateEllipticRgn
ExtSelectClipRgn
SetPolyFillMode
CreateRoundRectRgn
OffsetRgn
RectInRegion
CopyEnhMetaFileW
FlattenPath
GetPath
OffsetViewportOrgEx
DeleteMetaFile
CreatePatternBrush
SetAbortProc
CloseFigure
GetTextCharset
CreateSolidBrush
CreateCompatibleDC
CreateBitmap
CreateHatchBrush
PatBlt
SetWorldTransform
CreatePenIndirect
ExtCreatePen
GetPixel
GetObjectType
CreateDIBSection
GetCharABCWidthsW
GetCharWidth32W
GetWorldTransform
GetOutlineTextMetricsW
GetCharABCWidthsA
GetCharWidthW
GetCharABCWidthsFloatW
ScaleWindowExtEx
GetTextAlign
GdiFlush
GetBkMode
ExcludeClipRect
SetPixel
GetNearestColor
CreatePalette
CreateFontIndirectW
GetTextMetricsW
StartPage
LineTo
SetStretchBltMode
SetBrushOrgEx
RoundRect
SetBkMode
SetTextColor
SetTextAlign
SetBkColor
BitBlt
SaveDC
SetMapMode
GetObjectW
EnumFontFamiliesW
RestoreDC
EnumFontFamiliesExW
CreateEnhMetaFileW
SelectObject
GetBkColor
CloseEnhMetaFile
PlayEnhMetaFile
DeleteEnhMetaFile
GetTextExtentPoint32W
MoveToEx
ExtTextOutW

winspool.drv

DocumentPropertiesW
EnumPrintersW
ClosePrinter
OpenPrinterW
EnumJobsW
DeviceCapabilitiesW
GetPrinterW

comdlg32

CommDlgExtendedError

advapi32

LookupPrivilegeValueW
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
GetUserNameW
OpenProcessToken
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW

ole32

CoLockObjectExternal
RevokeDragDrop
DoDragDrop
OleGetClipboard
StgCreateDocfile
GetHGlobalFromStream
CoCreateInstance
RegisterDragDrop
CoInitialize
CoTaskMemFree
OleSetClipboard
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
OleCreateFromData
OleCreateLinkToFile
GetClassFile
CreateStreamOnHGlobal
StgIsStorageFile
StgOpenStorage
ReleaseStgMedium
CoTaskMemAlloc
CoUninitialize

oleaut32

VarR8FromCy
VarR8FromDec
SystemTimeToVariantTime
VarDateFromStr
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayGetDim
SafeArrayUnlock
SafeArrayPutElement
SafeArrayLock
SafeArrayCreate
OleLoadPicture
VariantCopy
VariantChangeType
SysReAllocString
VariantInit
VariantCopyInd
VariantClear
SysFreeString
SysAllocString

msimg32

AlphaBlend
GradientFill

Exports

Exports

LlAddCtlSupportA
LlAddCtlSupportW
LlAssociatePreviewControl
LlAztecEncode
LlConvertBLOBToStringA
LlConvertBLOBToStringW
LlConvertHGLOBALToStringA
LlConvertHGLOBALToStringW
LlConvertStreamToStringA
LlConvertStreamToStringW
LlConvertStringToBLOBA
LlConvertStringToBLOBW
LlConvertStringToHGLOBALA
LlConvertStringToHGLOBALW
LlConvertStringToStreamA
LlConvertStringToStreamW
LlCreateSketchA
LlCreateSketchW
LlDbAddTableA
LlDbAddTableRelationA
LlDbAddTableRelationExA
LlDbAddTableRelationExW
LlDbAddTableRelationW
LlDbAddTableSortOrderA
LlDbAddTableSortOrderExA
LlDbAddTableSortOrderExW
LlDbAddTableSortOrderW
LlDbAddTableW
LlDbDumpStructure
LlDbGetMasterTableA
LlDbGetMasterTableW
LlDbSetMasterTableA
LlDbSetMasterTableW
LlDebugOutputA
LlDebugOutputW
LlDefineChartFieldExtA
LlDefineChartFieldExtW
LlDefineChartFieldStart
LlDefineChartFieldVarA
LlDefineChartFieldVarW
LlDefineFieldA
LlDefineFieldExtA
LlDefineFieldExtHandleA
LlDefineFieldExtHandleW
LlDefineFieldExtW
LlDefineFieldStart
LlDefineFieldVarA
LlDefineFieldVarW
LlDefineFieldW
LlDefineGroupingA
LlDefineGroupingW
LlDefineLayoutA
LlDefineLayoutW
LlDefineSortOrderA
LlDefineSortOrderStart
LlDefineSortOrderW
LlDefineSumVariableA
LlDefineSumVariableW
LlDefineVariableA
LlDefineVariableExtA
LlDefineVariableExtHandleA
LlDefineVariableExtHandleW
LlDefineVariableExtW
LlDefineVariableNameA
LlDefineVariableNameW
LlDefineVariableStart
LlDefineVariableVarA
LlDefineVariableVarW
LlDefineVariableW
LlDesignerAddActionA
LlDesignerAddActionW
LlDesignerFileOpenA
LlDesignerFileOpenW
LlDesignerFileSaveA
LlDesignerFileSaveW
LlDesignerGetOptionStringA
LlDesignerGetOptionStringW
LlDesignerInvokeAction
LlDesignerProhibitAction
LlDesignerProhibitEditingObjectA
LlDesignerProhibitEditingObjectW
LlDesignerProhibitFunctionA
LlDesignerProhibitFunctionW
LlDesignerRefreshWorkspace
LlDesignerSetOptionStringA
LlDesignerSetOptionStringW
LlDlgEditLineA
LlDlgEditLineExA
LlDlgEditLineExW
LlDlgEditLineW
LlDomCreateSubobjectA
LlDomCreateSubobjectW
LlDomDeleteSubobject
LlDomGetObjectA
LlDomGetObjectW
LlDomGetProject
LlDomGetPropertyA
LlDomGetPropertyBSTR
LlDomGetPropertyW
LlDomGetSubobject
LlDomGetSubobjectCount
LlDomSetPropertyA
LlDomSetPropertyW
LlDrawToolbarBackground
LlDumpMemory
LlEnumGetEntryA
LlEnumGetEntryW
LlEnumGetFirstChartField
LlEnumGetFirstField
LlEnumGetFirstVar
LlEnumGetNextEntry
LlExprContainsVariableA
LlExprContainsVariableW
LlExprErrorA
LlExprErrorW
LlExprEvaluateA
LlExprEvaluateVar
LlExprEvaluateW
LlExprFree
LlExprGetUsedVarsA
LlExprGetUsedVarsExA
LlExprGetUsedVarsExW
LlExprGetUsedVarsW
LlExprIsConstant
LlExprParseA
LlExprParseW
LlExprType
LlExprTypeVar
LlExprUpdateCollectionForLlX
LlGetChartFieldContentsA
LlGetChartFieldContentsW
LlGetDebug
LlGetDefaultProjectParameterA
LlGetDefaultProjectParameterW
LlGetDlgboxMode
LlGetErrortextA
LlGetErrortextW
LlGetFieldContentsA
LlGetFieldContentsW
LlGetFieldTypeA
LlGetFieldTypeW
LlGetNotificationMessage
LlGetOption
LlGetOptionStringA
LlGetOptionStringW
LlGetPreviewOption
LlGetPrinterFromPrinterFileA
LlGetPrinterFromPrinterFileW
LlGetProjectParameterA
LlGetProjectParameterW
LlGetSumVariableContentsA
LlGetSumVariableContentsW
LlGetTempFileNameA
LlGetTempFileNameW
LlGetUsedIdentifiersA
LlGetUsedIdentifiersExA
LlGetUsedIdentifiersExW
LlGetUsedIdentifiersW
LlGetUserSectionDataA
LlGetUserSectionDataW
LlGetUserVariableContentsA
LlGetUserVariableContentsW
LlGetVariableContentsA
LlGetVariableContentsW
LlGetVariableTypeA
LlGetVariableTypeW
LlGetVersion
LlInternalAttachApp
LlInternalDetachApp
LlJobClose
LlJobOpen
LlJobOpenCopy
LlJobOpenLCID
LlLocConvertCountryToA
LlLocConvertCountryToW
LlLocSystemTimeFromLocaleStringA
LlLocSystemTimeFromLocaleStringW
LlLocSystemTimeToLocaleStringA
LlLocSystemTimeToLocaleStringW
LlPreviewDeleteFilesA
LlPreviewDeleteFilesW
LlPreviewDisplayA
LlPreviewDisplayExA
LlPreviewDisplayExW
LlPreviewDisplayW
LlPreviewSetTempPathA
LlPreviewSetTempPathW
LlPrint
LlPrintAbort
LlPrintBeginGroup
LlPrintCheckLineFit
LlPrintCopyPrinterConfigurationA
LlPrintCopyPrinterConfigurationW
LlPrintDbGetCurrentTableA
LlPrintDbGetCurrentTableRelationA
LlPrintDbGetCurrentTableRelationW
LlPrintDbGetCurrentTableSortOrderA
LlPrintDbGetCurrentTableSortOrderW
LlPrintDbGetCurrentTableW
LlPrintDbGetRootTableCount
LlPrintDeclareChartRow
LlPrintDidMatchFilter
LlPrintEnableObjectA
LlPrintEnableObjectW
LlPrintEnd
LlPrintEndGroup
LlPrintFields
LlPrintFieldsEnd
LlPrintGetChartObjectCount
LlPrintGetColumnInfoA
LlPrintGetColumnInfoW
LlPrintGetCurrentPage
LlPrintGetFieldCharsPrintedA
LlPrintGetFieldCharsPrintedW
LlPrintGetFilterExpressionA
LlPrintGetFilterExpressionW
LlPrintGetGroupingA
LlPrintGetGroupingW
LlPrintGetItemsPerPage
LlPrintGetItemsPerTable
LlPrintGetOption
LlPrintGetOptionStringA
LlPrintGetOptionStringW
LlPrintGetPrinterInfoA
LlPrintGetPrinterInfoW
LlPrintGetProjectParameterA
LlPrintGetProjectParameterW
LlPrintGetRemItemsPerTableA
LlPrintGetRemItemsPerTableW
LlPrintGetRemainingItemsPerTableA
LlPrintGetRemainingItemsPerTableW
LlPrintGetRemainingSpacePerTableA
LlPrintGetRemainingSpacePerTableW
LlPrintGetSortOrderA
LlPrintGetSortOrderW
LlPrintGetTextCharsPrintedA
LlPrintGetTextCharsPrintedW
LlPrintGroupHeader
LlPrintGroupLine
LlPrintIsChartFieldUsedA
LlPrintIsChartFieldUsedW
LlPrintIsFieldUsedA
LlPrintIsFieldUsedW
LlPrintIsVariableUsedA
LlPrintIsVariableUsedW
LlPrintOptionsDialogA
LlPrintOptionsDialogTitleA
LlPrintOptionsDialogTitleW
LlPrintOptionsDialogW
LlPrintResetObjectStates
LlPrintResetProjectState
LlPrintSelectOffsetEx
LlPrintSetBoxTextA
LlPrintSetBoxTextW
LlPrintSetOption
LlPrintSetOptionStringA
LlPrintSetOptionStringW
LlPrintSetProjectParameterA
LlPrintSetProjectParameterW
LlPrintStartA
LlPrintStartW
LlPrintUpdateBox
LlPrintWillMatchFilter
LlPrintWithBoxStartA
LlPrintWithBoxStartW
LlPrinterSetupA
LlPrinterSetupW
LlProfileEnd
LlProfileStartA
LlProfileStartW
LlProjectClose
LlProjectOpenA
LlProjectOpenW
LlProjectSaveA
LlProjectSaveW
LlRTFCopyToClipboard
LlRTFCreateObject
LlRTFDeleteObject
LlRTFDisplay
LlRTFEditObject
LlRTFEditorGetRTFControlHandle
LlRTFEditorInvokeAction
LlRTFEditorProhibitAction
LlRTFGetTextA
LlRTFGetTextLength
LlRTFGetTextW
LlRTFSetTextA
LlRTFSetTextW
LlSelectFileDlgTitleExA
LlSelectFileDlgTitleExW
LlSetDebug
LlSetDefaultProjectParameterA
LlSetDefaultProjectParameterW
LlSetDlgboxMode
LlSetFileExtensionsA
LlSetFileExtensionsW
LlSetNotificationCallback
LlSetNotificationCallbackExt
LlSetNotificationMessage
LlSetOption
LlSetOptionStringA
LlSetOptionStringW
LlSetPreviewOption
LlSetPrinterDefaultsDirA
LlSetPrinterDefaultsDirW
LlSetPrinterInPrinterFileA
LlSetPrinterInPrinterFileW
LlSetPrinterToDefaultA
LlSetPrinterToDefaultW
LlViewerProhibitAction
LlXGetExportParameterA
LlXGetExportParameterW
LlXGetParameterA
LlXGetParameterW
LlXOBStatJobOpen
LlXSetExportParameterA
LlXSetExportParameterW
LlXSetParameterA
LlXSetParameterW
LlXlatNameA
LlXlatNameW

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 683KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 257KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll1500.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll1501.chm
.chm
$SYSDIR/cmll1501.inf
$SYSDIR/cmll1501.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll1509.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll1512.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll1521.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll1525.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll15bc.llx
.dll windows:5 windows x86 arch:x86

61817b4b49de53584355d1d8499d2a85

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegFlushKey
RegCloseKey

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongW
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EndDialog
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageA
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateDialogParamW
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharToOemW
CharNextW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
lstrcpyW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualAlloc
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetVersionExW
GetVersion
GetTickCount
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileW
CreateEventW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RectVisible
RealizePalette
Polygon
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetTextMetricsW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
FrameRgn
ExcludeClipRect
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
BitBlt

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ole32

OleUninitialize
OleInitialize
IsEqualGUID

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

cmct15

CtlGetVersion

cmut15

PasDebug

cmll15

LlAztecEncode

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/cmll15bm.llx
.dll windows:5 windows x86 arch:x86

ceb117ab054ce04e5ed647f29553cba5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmll15bm.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

cmdw15

ord9
ord126
ord13
ord12

kernel32

IsBadReadPtr
GetUserDefaultLangID
IsBadCodePtr
RaiseException
CreateMutexW
lstrcpynA
ReleaseMutex
GetEnvironmentVariableW
CreateDirectoryW
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
DeleteFileW
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapReAlloc
VirtualAlloc
RtlUnwind
GetSystemTimeAsFileTime
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
GetStdHandle
ExitProcess
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetFileType
SetLastError
GetTempPathW
FlushFileBuffers
GetFileAttributesW
Sleep
UnlockFile
GetCurrentProcess
SetErrorMode
LCMapStringW
MultiByteToWideChar
FormatMessageW
IsBadStringPtrW
ResumeThread
SuspendThread
LocalFree
GetCurrentProcessId
GetVersion
GetCurrentThreadId
QueryPerformanceFrequency
GetThreadPriority
WaitForMultipleObjects
CreateEventW
GetExitCodeThread
LocalAlloc
InterlockedExchangeAdd
ProcessIdToSessionId
GetLocalTime
ResetEvent
SetThreadPriority
GetACP
MulDiv
TerminateThread
WideCharToMultiByte
GetCurrentThread
OutputDebugStringW
SetEvent
WaitForSingleObject
QueryPerformanceCounter
UnmapViewOfFile
MapViewOfFile
DebugBreak
SetEndOfFile
SetFilePointer
CreateFileMappingW
GetTickCount
WriteFile
CloseHandle
GetFileSize
ReadFile
CreateFileW
GlobalAlloc
GlobalUnlock
GlobalLock
DeleteCriticalSection
EnterCriticalSection
GetProcAddress
CompareStringW
GetModuleFileNameW
LeaveCriticalSection
LoadLibraryW
InitializeCriticalSection
GetModuleHandleW
FreeLibrary
VirtualQuery
LoadResource
FindResourceExW
GlobalFree
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcessHeap
CreateFileA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
DeleteFileA
CreateThread
ExitThread
GetCommandLineA

user32

FillRect
ReleaseDC
GetDC
SetWindowPos
GetWindowThreadProcessId
GetParent
LockWindowUpdate
GetWindowLongW
MsgWaitForMultipleObjects
MessageBeep
FindWindowW
TranslateMessage
PeekMessageW
CharUpperW
SendMessageTimeoutW
IsWindow
GetSystemMetrics
DispatchMessageW
wsprintfW

gdi32

DeleteDC
GetObjectType
TextOutW
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
CreateBitmap
SetROP2
Polygon
SetPolyFillMode
RoundRect
DeleteObject
Ellipse

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyExW
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
GetUserNameW
OpenProcessToken
RegCloseKey

oleaut32

VariantClear
SysReAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmll15pw.llx
.dll windows:1 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

CODE
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$SYSDIR/cmll15si.chm
.chm
$SYSDIR/cmll15sx.dll
.dll regsvr32 windows:5 windows x86 arch:x86

512bf30677586ccabd6524e9b3b939b6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cmls15

ord1
ord23
ord32
ord3

kernel32

HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetCommandLineA
Sleep
ExitProcess
HeapReAlloc
HeapSize
GetACP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetOEMCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LockResource
CloseHandle
GetFileTime
CreateFileA
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
CompareStringA
LoadLibraryA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GetCPInfo
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
SetFileTime
GetFileAttributesA
GlobalGetAtomNameA
FreeResource
GetModuleFileNameW
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetCurrentProcessId
SetLastError
GlobalAddAtomA
GetConsoleCP

user32

CreateDialogIndirectParamA
LoadCursorA
GetSysColorBrush
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
GetClassInfoExA
RegisterClassA
DeferWindowPos
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetWindowRect
PtInRect
GetNextDlgTabItem
SetWindowTextA
UnregisterClassA
EndPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
WinHelpA
SetFocus
EqualRect
GetDlgItem
GetDlgCtrlID
LoadIconA
GetCapture
ReleaseCapture
SetActiveWindow
InvalidateRect
UpdateWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
SetMenu
GetDesktopWindow
CharNextA
CharNextW
MessageBoxA
PostQuitMessage
GetWindow
ShowWindow
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
SetWindowLongA
IsWindow
TranslateAcceleratorA
BringWindowToTop
DrawMenuBar
CreateWindowExA
DefMDIChildProcA
GetMenu
LoadMenuA
EndDialog
GetMenuItemInfoA
InflateRect
CharUpperA
GetWindowTextA
DestroyIcon
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
LoadAcceleratorsA
DestroyMenu
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
SetCursor
SetWindowsHookExA
BeginPaint

gdi32

DeleteObject
GetObjectA
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetClipBox
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPoint32A
SetWindowExtEx
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateCompatibleBitmap
PatBlt
GetDeviceCaps
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA

shell32

DragFinish
ExtractIconA
SHGetFileInfoA
DragQueryFileA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveFileSpecW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoInitializeEx

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantClear
VariantChangeType
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmls1500.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmls1501.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmls1509.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmls1512.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmls1521.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmls1525.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx15.cpl
.dll windows:5 windows x86 arch:x86

de5d112b525575e02a10b8895039d893

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
SetErrorMode
FreeLibrary
LCMapStringW
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

LoadIconA
LoadStringA
GetActiveWindow

Exports

Exports

CPlApplet

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx15.dll
.dll regsvr32 windows:5 windows x86 arch:x86

c9c8400ed3eb0acca051cd4b89d2c36b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmMX15.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

WSAStartup
shutdown
closesocket
WSACleanup
recv
send
gethostbyaddr
WSAGetLastError
connect
getsockopt
htons
gethostbyname
inet_addr
setsockopt
socket

cmct15

ord301
ord302
ord71
ord10
ord28
ord231
ord1
ord2
ord21
ord250
ord27
ord70

kernel32

CreateMutexW
lstrcpynA
FindResourceExW
WaitForSingleObject
GetComputerNameW
GetUserDefaultLangID
GetThreadLocale
LocalAlloc
ReleaseMutex
GetSystemInfo
IsBadStringPtrW
WideCharToMultiByte
MultiByteToWideChar
IsBadReadPtr
IsBadCodePtr
RaiseException
MapViewOfFile
UnmapViewOfFile
QueryPerformanceCounter
SetEvent
GetCurrentThread
GlobalAlloc
TerminateThread
SetThreadPriority
GlobalFree
ResetEvent
ProcessIdToSessionId
InterlockedExchangeAdd
CreateFileMappingW
GetExitCodeThread
CreateEventW
WaitForMultipleObjects
GetThreadPriority
QueryPerformanceFrequency
GetVersion
GetCurrentProcessId
ResumeThread
LCMapStringW
GlobalLock
GlobalUnlock
GetEnvironmentVariableW
CreateDirectoryW
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GlobalSize
GlobalReAlloc
SetHandleCount
InitializeCriticalSectionAndSpinCount
LoadLibraryA
InterlockedExchange
HeapSize
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
RtlUnwind
DuplicateHandle
GetFileTime
LockResource
GetFileType
FindClose
SetLastError
FlushFileBuffers
ReadFile
Sleep
WriteFile
UnlockFile
GetCurrentProcess
LoadResource
FindResourceW
GetStartupInfoA
SetEndOfFile
SetFilePointer
FindFirstFileW
GetFileSize
FileTimeToSystemTime
DeleteFileA
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
LocalFree
CompareStringW
GetModuleFileNameW
FormatMessageW
SetErrorMode
GetProfileIntW
VirtualQuery
OutputDebugStringW
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoW
GetLocalTime
GetSystemTime
MulDiv
GetTimeFormatW
GetUserDefaultLCID
GetDateFormatW
GetModuleHandleW
GlobalDeleteAtom
GlobalAddAtomW
GetFileAttributesW
SetFileAttributesW
CloseHandle
DeleteFileW
CreateFileW
GetTimeZoneInformation
GetShortPathNameW
GetProcAddress
FreeLibrary
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetCurrentThreadId
GetTickCount
GetACP
DebugBreak
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
GetModuleHandleA
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
CompareStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SuspendThread
CreateFileA

user32

DestroyIcon
DrawIconEx
SetRect
InsertMenuW
DialogBoxIndirectParamW
ReplyMessage
GetFocus
IsWindowEnabled
GetClassLongW
IsDialogMessageW
CreateDialogIndirectParamW
GetClassNameW
GetDlgItem
EndDialog
GetDesktopWindow
InSendMessage
GetWindowThreadProcessId
MsgWaitForMultipleObjects
MessageBeep
TranslateMessage
ReleaseDC
PeekMessageW
CharUpperW
SendMessageTimeoutW
GetSystemMetrics
DispatchMessageW
FindWindowW
LockWindowUpdate
LoadStringW
GetProcessWindowStation
GetUserObjectInformationW
IsWindow
MessageBoxW
GetActiveWindow
DestroyWindow
GetDC
CallWindowProcW
RemovePropW
CreateWindowExW
GetWindowTextLengthW
SetWindowTextW
GetPropW
RedrawWindow
SetPropW
TrackPopupMenu
CreatePopupMenu
FillRect
GetWindowTextW
SystemParametersInfoW
DrawFocusRect
DrawTextW
DrawIcon
GetSysColorBrush
GetSystemMenu
EnableMenuItem
LoadImageW
SetWindowLongW
GetSysColor
RegisterWindowMessageW
GetWindowLongW
GetParent
SetWindowPos
SetFocus
PostMessageW
ShowWindow
EqualRect
InflateRect
GetCursorPos
ScreenToClient
DestroyMenu
GetSubMenu
LoadMenuW
SendMessageW
GetWindowRect
GetClientRect
GetWindow
EnableWindow

gdi32

CreatePen
GetObjectType
CreateCompatibleDC
CreateBitmap
CreateFontIndirectW
GetTextExtentPointW
GetPixel
BitBlt
ExtCreatePen
CreateSolidBrush
SetStretchBltMode
StretchBlt
ExtTextOutW
DeleteDC
SelectClipRgn
SetMapMode
GetObjectW
SelectObject
GetStockObject
GetTextMetricsW
SetBkMode
SetTextColor
SetBkColor
CreateRectRgnIndirect
ExtSelectClipRgn
DeleteObject
GetDeviceCaps
EndPage
StartPage
TranslateCharsetInfo
MoveToEx
LineTo
EndDoc
StartDocW

comdlg32

PrintDlgW

advapi32

LookupPrivilegeValueW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegSetValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
FreeSid
AllocateAndInitializeSid
RegOpenKeyW
EqualSid
GetTokenInformation
GetUserNameW
OpenProcessToken
AdjustTokenPrivileges

shell32

SHGetFileInfoW

ole32

OleInitialize
CoGetClassObject
OleUninitialize
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

VariantChangeType
SystemTimeToVariantTime
SafeArrayPutElement
SafeArrayCreate
VariantTimeToSystemTime
VariantCopy
VariantCopyInd
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantClear
VariantInit
SysFreeString
SysAllocString
SysReAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 698KB - Virtual size: 697KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx1500.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx1501.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx1509.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx1512.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx1521.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmmx1525.lng
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/cmut15.dll
.dll windows:5 windows x86 arch:x86

9055dcae73e0006329716bff079cc45e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

cmUT15.pdb

Imports

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

EnumSystemLocalesW
CompareStringW
GetProcessHeap
HeapAlloc
HeapFree
GetTickCount
HeapCreate
HeapDestroy
HeapSize
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
FindFirstFileW
FindClose
FindNextFileW
GlobalFree
GetVolumeInformationW
WideCharToMultiByte
GetFileInformationByHandle
SystemTimeToTzSpecificLocalTime
FileTimeToDosDateTime
MapViewOfFile
UnmapViewOfFile
QueryPerformanceCounter
OutputDebugStringW
WriteFile
TerminateThread
MulDiv
CreateFileW
GetACP
SetThreadPriority
ResetEvent
ProcessIdToSessionId
InterlockedExchangeAdd
LocalAlloc
CreateFileMappingW
GetExitCodeThread
WaitForMultipleObjects
GetThreadPriority
QueryPerformanceFrequency
GetVersion
GetCurrentProcessId
GetFullPathNameW
GetFileSize
SetFilePointer
SetEndOfFile
SetErrorMode
FindResourceW
LoadResource
UnlockFile
LockFile
ReadFile
FlushFileBuffers
GetTempPathW
SetLastError
GetFileType
GetSystemTime
ExpandEnvironmentStringsW
IsBadStringPtrW
CreateEventW
MultiByteToWideChar
LCMapStringW
lstrcpynA
FindResourceExW
GetFileAttributesW
GetThreadLocale
GetSystemInfo
IsBadReadPtr
IsBadCodePtr
RaiseException
GetEnvironmentVariableW
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
GetDriveTypeA
GetModuleHandleA
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
HeapReAlloc
VirtualAlloc
RtlUnwind
GetSystemTimeAsFileTime
VirtualFree
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
DuplicateHandle
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsValidCodePage
GetOEMCP
GetCPInfo
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteFileA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetCommandLineA
ExitProcess
LocalFree
GetCurrentThread
GetCurrentThreadId
GetLastError
GetCurrentProcess
CloseHandle
GetModuleHandleW
CreateProcessW
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
Sleep
GetFileTime
LoadLibraryW
VirtualQuery
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetModuleFileNameW
GetTimeFormatW
GetDateFormatW
GetLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
SystemTimeToFileTime
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoW
DebugBreak
ResumeThread
GetUserDefaultLangID
DeleteFileW
CreateDirectoryW
GetThreadContext
SuspendThread
SetEvent
InitializeCriticalSection
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FormatMessageW

user32

UnhookWindowsHookEx
GetKeyState
SetWindowsHookExW
MessageBoxW
CallNextHookEx
LockWindowUpdate
GetProcessWindowStation
GetUserObjectInformationW
LoadStringW
MsgWaitForMultipleObjects
MessageBeep
FindWindowW
TranslateMessage
PeekMessageW
SendMessageTimeoutW
GetSystemMetrics
DispatchMessageW
CharLowerW
CharUpperW
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
RegisterClipboardFormatW
GetWindowTextW
GetWindowLongW
GetFocus
SendMessageW
DestroyCursor
WinHelpW
LoadCursorW
GetParent
GetActiveWindow
GetWindowThreadProcessId
GetClassNameW
GetDesktopWindow
GetWindow
WaitForInputIdle
PostMessageW
RegisterWindowMessageW
SetWindowPos
IsWindow
SetClipboardData

gdi32

DeleteObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
FreeSid
AllocateAndInitializeSid
GetTokenInformation
GetUserNameW
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyW
EqualSid

shell32

ShellExecuteW

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

oleaut32

VariantChangeType
SystemTimeToVariantTime
VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocString
SysReAllocString

Exports

Exports

PasDebug
ProfAppendBoolA
ProfAppendBoolW
ProfAppendColorrefA
ProfAppendColorrefW
ProfAppendDoubleA
ProfAppendDoubleW
ProfAppendFileA
ProfAppendFileW
ProfAppendFilesA
ProfAppendFilesW
ProfAppendInt64A
ProfAppendInt64HexA
ProfAppendInt64HexW
ProfAppendInt64W
ProfAppendIntA
ProfAppendIntHexA
ProfAppendIntHexW
ProfAppendIntW
ProfAppendListA
ProfAppendListW
ProfAppendPointA
ProfAppendPointW
ProfAppendRectA
ProfAppendRectLTWHA
ProfAppendRectLTWHW
ProfAppendRectW
ProfAppendStreamA
ProfAppendStreamW
ProfAppendStringA
ProfAppendStringW
ProfCopyList
ProfCreateListA
ProfCreateListW
ProfDebugList
ProfDeleteItemA
ProfDeleteItemW
ProfDeleteListA
ProfDeleteListW
ProfEmptyList
ProfEnumA
ProfEnumW
ProfExtractFilesA
ProfExtractFilesW
ProfGetBoolA
ProfGetBoolW
ProfGetColorrefA
ProfGetColorrefW
ProfGetDoubleA
ProfGetDoubleW
ProfGetError
ProfGetFileA
ProfGetFileW
ProfGetInt64A
ProfGetInt64W
ProfGetIntA
ProfGetIntW
ProfGetListA
ProfGetListW
ProfGetOption
ProfGetPointA
ProfGetPointW
ProfGetRectA
ProfGetRectLTWHA
ProfGetRectLTWHW
ProfGetRectW
ProfGetStreamA
ProfGetStreamW
ProfGetStringA
ProfGetStringLengthA
ProfGetStringLengthW
ProfGetStringW
ProfGetVersion
ProfIsClipboardDataAvailable
ProfJobAddRef
ProfJobClose
ProfJobOpenA
ProfJobOpenClipboard
ProfJobOpenExclusiveA
ProfJobOpenExclusiveW
ProfJobOpenStream
ProfJobOpenStreamObjectA
ProfJobOpenStreamObjectW
ProfJobOpenW
ProfLPSTRtoBOOLA
ProfLPSTRtoBOOLW
ProfLPSTRtoCOLORREFA
ProfLPSTRtoCOLORREFW
ProfLPSTRtoINT64A
ProfLPSTRtoINT64W
ProfLPSTRtoINTA
ProfLPSTRtoINTW
ProfLPSTRtoRECTA
ProfLPSTRtoRECTW
ProfSaveA
ProfSaveToClipboard
ProfSaveToStream
ProfSaveW
ProfSetBoolA
ProfSetBoolW
ProfSetColorrefA
ProfSetColorrefW
ProfSetDebug
ProfSetDoubleA
ProfSetDoubleW
ProfSetInt64A
ProfSetInt64HexA
ProfSetInt64HexW
ProfSetInt64W
ProfSetIntA
ProfSetIntHexA
ProfSetIntHexW
ProfSetIntW
ProfSetOption
ProfSetPointA
ProfSetPointW
ProfSetRectA
ProfSetRectLTWHA
ProfSetRectLTWHW
ProfSetRectW
ProfSetStringA
ProfSetStringW
UtilAddAccessRights
UtilAddAccessRightsForWise
UtilAssert
UtilAtrim
UtilConvertBLOBToString
UtilConvertHGLOBALToString
UtilConvertStreamToString
UtilConvertStringToBLOB
UtilConvertStringToHGLOBAL
UtilConvertStringToStream
UtilCtrlBreakHookAttach
UtilDateTimeFromLocaleString
UtilDateTimeToLocaleString
UtilDebug
UtilDebugExt
UtilDebugExtV
UtilDebugHelpGetModuleList
UtilDebugHelpGetStackTrace
UtilDebugHelpJobClose
UtilDebugHelpJobOpen
UtilDebugHelpSetOption
UtilDebugHelpWriteMiniDump
UtilEnsureLocalPath
UtilEnsureLocalPathForWise
UtilEnsureUNCPath
UtilEnsureUNCPathForWise
UtilError
UtilExHandlerEndProtection
UtilExHandlerJobClose
UtilExHandlerJobOpen
UtilExHandlerStartProtection
UtilFullpath
UtilGetCurrentUserDomainSID
UtilGetFSInfo
UtilGetFileInfoAccess
UtilGetFlags
UtilGetLikelyCharsetFromString
UtilGetListOfNames
UtilGetSIDOfUser
UtilGetUserOfSID
UtilGetVersion
UtilHeapCreate
UtilHeapDelete
UtilHeapObjectAlloc
UtilHeapObjectAllocExt
UtilHeapObjectFree
UtilHeapObjectSize
UtilHeapShrink
UtilHeapSize
UtilHeapSizeObjects
UtilHeapValidate
UtilHelp
UtilHelpClose
UtilHelpCursor
UtilHelpDisplay
UtilHelpDisplayContext
UtilHelpIsInHelpMode
UtilHelpOpen
UtilHelpOpenEx
UtilHelpPop
UtilHelpPush
UtilHelpSetHelpMode
UtilHelpShowContents
UtilHelpShowHelpOnHelp
UtilHelpShowIndex
UtilIsRPtr
UtilIsString
UtilIsWPtr
UtilJobClose
UtilJobOpen
UtilLanguageGet
UtilLanguageSet
UtilListModules
UtilLocConvertLocalTimeToUTCTime
UtilLocConvertUTCTimeToLocalTime
UtilLocDateTimeToSYSTEMTIME
UtilLocGetCountryInfo
UtilLocGetCountryList
UtilLocGetDSTStartAndEndInUTC
UtilLocLocaleStringFromSystemTime
UtilLocSystemTimeFromLocaleString
UtilLocaleStrcmp
UtilLocaleStricmp
UtilLocaleStrlwr
UtilLocaleStrncmp
UtilLocaleStrnicmp
UtilLocaleStrupr
UtilLtrim
UtilMemcpy
UtilMemset
UtilMergepath
UtilRtrim
UtilSafeSprintf
UtilSafeStrlen
UtilSetupImpersonateUser
UtilSetupLogoffImpersonatedUser
UtilSetupLogonImpersonatedUser
UtilSplitpath
UtilStackTrace
UtilStrcat
UtilStrchr
UtilStrcmp
UtilStrcpy
UtilStricmp
UtilStrlen
UtilStrncmp
UtilStrncpy
UtilStrnicmp
UtilStrrchr
UtilStrstr
UtilStuff
UtilSubstr
UtilZIPAppend
UtilZIPClose
UtilZIPCreate

Sections

.text
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/llview15.exe
.exe windows:5 windows x86 arch:x86

90f931bef0b5661491f6814bf733c3e1

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

04-01-2008 00:00

Not After

24-01-2011 23:59

Subject

CN=combit Software GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=combit Software GmbH,ST=Baden-Wuerttemberg,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\dev\apps\llview15\llviewer\Release\llview15.pdb

Imports

cmls15

ord2
ord89
ord34
ord32
ord12
ord10
ord27

kernel32

ExitProcess
HeapFree
HeapAlloc
ExitThread
CreateThread
RaiseException
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
VirtualAlloc
Sleep
LCMapStringA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GetLocaleInfoW
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
lstrlenW
GetModuleHandleW
lstrcmpW
InterlockedExchange
WideCharToMultiByte
CompareStringA
lstrcmpA
GetModuleFileNameW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
CloseHandle
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventW
GlobalAddAtomW
SetLastError
GetLastError
GetCurrentProcessId
FreeResource
GetVersionExA
RtlUnwind
GetStartupInfoW
SetErrorMode
GetFileSizeEx
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenA
GetAtomNameW
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetCurrentDirectoryW
GetModuleHandleA
GetTempPathW
GetProfileIntW
SearchPathW
GlobalGetAtomNameW
LoadLibraryA
InterlockedDecrement
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
GlobalFindAtomW
CompareStringW
GetTimeZoneInformation

user32

KillTimer
WindowFromPoint
GetDCEx
LockWindowUpdate
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SystemParametersInfoW
GetMenuItemInfoW
SetCapture
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetMenuBarInfo
ReleaseCapture
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetSubMenu
UnionRect
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
SetRectEmpty
InflateRect
GetWindowRect
GetSystemMetrics
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetWindowTextLengthW
GetWindowTextW
GetFocus
SetParent
GetSystemMenu
MapVirtualKeyW
GetKeyNameTextW
UnregisterClassW
GetParent
SetWindowPos
GetDialogBaseUnits
CharUpperW
DestroyIcon
GetSysColorBrush
DeleteMenu
GetMenuItemID
EndPaint
UpdateWindow
EnableWindow
SendMessageW
IsRectEmpty
LoadMenuW
SetRect
InvalidateRect
FillRect
GetClientRect
ReleaseDC
GetDC
GetSysColor
LoadBitmapW
SetTimer
LoadCursorW
GetWindow
CheckDlgButton
CheckRadioButton
GetDlgItem
GetDlgItemInt
ScrollWindowEx
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
GetWindowLongW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
RegisterClassW

gdi32

CreateFontIndirectW
ExtTextOutW
GetTextExtentPoint32W
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocW
GetDeviceCaps
RectVisible
TextOutW
CreateDCW
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
Escape
CopyMetaFileW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
DeleteObject
CreateDIBitmap
GetObjectW
CreateCompatibleBitmap
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
SelectPalette
RealizePalette
PtVisible
CreatePalette

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SetFileSecurityW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
RegCreateKeyExW
RegCreateKeyW
GetFileSecurityW
RegCloseKey
RegDeleteValueW
RegSetValueExW

shell32

DragFinish
ExtractIconW
SHGetFileInfoW
DragQueryFileW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW

ole32

StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoCreateInstance
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CoUninitialize
CoInitializeEx
CreateBindCtx

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarBstrFromDate

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BB FlashBack Player.dll
.dll regsvr32 windows:4 windows x86 arch:x86

90ad8eec8a8ab53a154ec13df5718eec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\PCWinCam\BCB6-new\FlashBack OCX\output\BB FlashBack Player.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

winmm

mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetDevCapsA
mixerGetNumDevs
mixerClose
mixerSetControlDetails
mciSendCommandA

msvfw32

DrawDibClose
DrawDibOpen

comctl32

InitCommonControlsEx
_TrackMouseEvent

wininet

InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetGoOnline
InternetOpenUrlA
InternetOpenA
InternetReadFile
HttpQueryInfoA
HttpEndRequestA
HttpSendRequestExA
HttpOpenRequestA
InternetAttemptConnect
InternetCrackUrlA
InternetConnectA

msimg32

AlphaBlend

ddraw

DirectDrawCreate

mpr

WNetGetUniversalNameW

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
SetLastError
GetLongPathNameA
InterlockedExchange
CreateEventA
CloseHandle
GetTempFileNameA
GetTempPathA
WaitForSingleObject
SetEvent
ResetEvent
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
GetCurrentThread
GetProcAddress
LoadLibraryA
GetVersionExA
CopyFileA
GlobalMemoryStatus
GlobalFree
SetProcessWorkingSetSize
GetProcessWorkingSetSize
OpenProcess
GetCurrentProcessId
HeapAlloc
HeapSetInformation
HeapCreate
HeapFree
HeapReAlloc
lstrcmpW
WriteFile
ReadFile
CreateFileA
CreateFileW
CreateProcessW
DuplicateHandle
DeleteFileW
GetModuleFileNameW
CreateMutexW
HeapCompact
SetWaitableTimer
GetFileSize
SetEndOfFile
CreateWaitableTimerA
InterlockedCompareExchange
GetFileTime
GetFileSizeEx
SetFilePointerEx
FindClose
FindNextFileW
OpenMutexW
FindFirstFileW
CopyFileW
GetTickCount
GetPrivateProfileStringA
LoadLibraryExA
FreeLibrary
FlushFileBuffers
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindFirstFileA
GetTempFileNameW
GetTempPathW
GetFullPathNameA
RemoveDirectoryA
CreateDirectoryA
SetFileAttributesA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetProcessHeap
GetLocaleInfoA
GetACP
lstrcmpiA
IsDBCSLeadByte
GetModuleHandleA
CreateThread
ExitThread
Sleep
DeleteFileA
RaiseException
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrlenA
GetThreadLocale
SetThreadLocale
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocalTime
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetEnvironmentVariableA
SetEnvironmentVariableA
GetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapDestroy
SetFilePointer
HeapSize

user32

GetDoubleClickTime
LoadAcceleratorsA
CreateDialogParamA
SetTimer
GetMenu
SetMenu
RemoveMenu
InsertMenuA
DrawMenuBar
GetSubMenu
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetForegroundWindow
CreatePopupMenu
InsertMenuItemA
TrackPopupMenu
DestroyMenu
DialogBoxParamA
SystemParametersInfoA
SetMenuItemInfoA
ScreenToClient
GetSystemMetrics
ShowScrollBar
EnableMenuItem
GetDlgItem
GetWindowTextA
GetDlgCtrlID
EndDialog
ClientToScreen
BringWindowToTop
SetForegroundWindow
GetMenuItemCount
GetMenuItemID
GetMenuBarInfo
RedrawWindow
CheckMenuItem
GetScrollInfo
SetScrollInfo
PostQuitMessage
GetCursorPos
UpdateWindow
PeekMessageA
LoadStringA
SetWindowTextA
InflateRect
GetMessageA
TranslateMessage
KillTimer
IsWindowEnabled
GetUpdateRect
GetCapture
MessageBoxW
MessageBoxA
GetWindow
LoadImageA
ReleaseCapture
SetCapture
GetWindowRect
FillRect
TranslateAcceleratorA
EnumChildWindows
IsWindowVisible
DeleteMenu
GetClassLongA
SetClassLongA
DrawTextA
GetIconInfo
MessageBeep
PostMessageA
SendMessageA
RegisterClassExA
GetClassInfoExA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
BeginPaint
EndPaint
InvalidateRect
GetDC
ReleaseDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
IsWindow
GetParent
SetFocus
GetFocus
IsChild
DestroyWindow
SetParent
ShowWindow
DefWindowProcA
UnionRect
PtInRect
GetKeyState
LoadCursorA
DispatchMessageA
GetMonitorInfoA
SetCursor
GetDesktopWindow
GetClientRect
EnableWindow
GetSysColor
CharNextA
UnregisterClassA
LoadIconA

gdi32

SetTextAlign
GetWindowExtEx
GetViewportExtEx
MoveToEx
GetStockObject
CreateRoundRectRgn
CreateRectRgn
SetBkMode
DeleteMetaFile
GetTextExtentPointA
Rectangle
Polyline
StretchDIBits
CreatePen
Ellipse
GetDIBits
GetObjectA
CloseMetaFile
RestoreDC
LineTo
CreateRectRgnIndirect
SetWindowExtEx
SetWindowOrgEx
SetMapMode
TextOutA
CreateDCA
CreateCompatibleDC
DeleteDC
SetStretchBltMode
StretchBlt
BitBlt
CreateFontIndirectA
SetTextColor
SetBkColor
SelectObject
CombineRgn
CreateEllipticRgn
CreatePolygonRgn
OffsetRgn
GetRgnBox
CreateSolidBrush
FillRgn
DeleteObject
FrameRgn
GetDeviceCaps
CreateMetaFileA
SaveDC
CreateDIBSection

comdlg32

GetOpenFileNameW
GetSaveFileNameA

advapi32

SetSecurityDescriptorDacl
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryInfoKeyA
InitializeSecurityDescriptor

shell32

DragAcceptFiles
DragQueryFileW
SHChangeNotify
FindExecutableA
ShellExecuteA
SHGetFileInfoA

ole32

ReadClassStm
CoTaskMemAlloc
CreateDataAdviseHolder
StringFromGUID2
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
StringFromCLSID
CoTaskMemFree
CoCreateInstance
WriteClassStm
OleSaveToStream
CreateOleAdviseHolder
OleSetContainedObject
OleCreate
CoInitialize

oleaut32

SetErrorInfo
VarUI4FromStr
SysAllocStringLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringByteLen
OleCreatePropertyFrame
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreate
OleLoadPicturePath
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi
LoadRegTypeLi
CreateErrorInfo

shlwapi

StrToIntA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 920KB - Virtual size: 919KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DevExpress.Data.v6.3.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 436KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DevExpress.Utils.v6.3.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DevExpress.XtraEditors.v6.3.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DevExpress.XtraGrid.v6.3.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DotNetMagic2005.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ICSharpCode.SharpZipLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IbaVLogger.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4157028fb88d9784d370519266d39068

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
FindResourceA
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapDestroy
DisableThreadLibraryCalls
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
CreateThread
CreateEventA
Sleep
SetLastError
ResetEvent
GetCurrentProcessId
GetSystemTime
GetCurrentThreadId
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExA
GetVersion
CreateSemaphoreA
OpenSemaphoreA
GetCurrentThread
CreateFileA
ReleaseSemaphore
SetThreadPriority
ReadFile
WriteFile
DeviceIoControl
SleepEx
FlushFileBuffers
PurgeComm
SetCommTimeouts
SetupComm
SetCommMask
SetCommState
GetCommState
GetOverlappedResult
ClearCommError
ClearCommBreak
SetCommBreak
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetTimeZoneInformation
GetLocalTime
RaiseException
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
GetEnvironmentVariableA
HeapCreate

user32

LoadStringA
CharNextA
wsprintfA

advapi32

ControlService
OpenServiceA
OpenSCManagerA
SetSecurityDescriptorDacl
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
InitializeSecurityDescriptor
CreateServiceA
StartServiceA
CloseServiceHandle

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi
VarUI4FromStr

vsysrtl

vsys_conv_to_vec_time

vloglib

vlogc_fetch
vlogInit
vlogCloseCursor
vlogFree
vlogOpenCursor
vlogStrerror

rpcrt4

NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
NdrDllGetClassObject
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_AddRef

ws2_32

connect
getsockname
bind
sendto
recvfrom
socket
WSAEnumNetworkEvents
WSACleanup
WSAStartup
WSAWaitForMultipleEvents
WSASetLastError
WSACreateEvent
WSACloseEvent
inet_ntoa
ntohs
accept
inet_addr
htons
htonl
closesocket
gethostbyname
recv
WSAGetLastError
send
WSAEventSelect

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 43B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OverlayWindow.dll
.dll windows:5 windows x86 arch:x86

11d7e396ec2fe601e2c87336648ac01a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\OverlayWindow\bin\Release\OverlayWindow.pdb

Imports

gdi32

Rectangle
Polyline
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
DeleteObject

msvcr100

_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_cexit
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
__FrameUnwindFilter

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
EncodePointer
DecodePointer
InterlockedExchange
Sleep
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

user32

SetWindowPos
EndPaint
UpdateWindow
GetClientRect
BeginPaint
GetUpdateRect
SetWindowLongW
GetWindowLongW
SetLayeredWindowAttributes
SetClassLongW
GetAncestor
IsWindow
InvalidateRect
ShowWindow
GetParent
GetWindowRect
GetWindow
IsWindowVisible
SubtractRect
FillRect

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 718B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/View.ibaFFT.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaOnlineFFT\obj\Release\View.ibaFFT.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerCollections.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
View.ibaEventTable.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaEventTable\obj\Release\View.ibaEventTable.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
View.ibaGraphManager.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaGraphManager\obj\Release\View.ibaGraphManager.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1006KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XCrashReport.exe
.exe windows:4 windows x86 arch:x86

b10788c55db6373022f53d73df9947e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesA
WritePrivateProfileStringA
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
RaiseException
ExitProcess
GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetStringTypeA
GetStringTypeW
Sleep
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GetThreadLocale
FlushFileBuffers
GetCurrentProcessId
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
UnmapViewOfFile
GetLocalTime
SystemTimeToFileTime
GetCurrentProcess
DuplicateHandle
CreateFileMappingA
MapViewOfFile
GetFileType
GetFileInformationByHandle
SetFilePointer
FileTimeToDosDateTime
FileTimeToSystemTime
WinExec
SetLastError
GetModuleHandleA
DeleteFileA
WriteFile
CompareStringW
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
GetProcAddress
lstrlenA
GlobalAlloc
lstrcatA
GlobalFree
lstrcpynA
GetNumberFormatA
lstrcpyA
GetLocaleInfoA
MulDiv
GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GetPrivateProfileStringA
GetLongPathNameA
CreateFileA
GetFileSize
ReadFile
CloseHandle
CopyFileA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetACP
SizeofResource

user32

GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsWindowEnabled
ShowWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyMenu
GetMessageTime
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
EndPaint
BeginPaint
ClientToScreen
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetFocus
UpdateWindow
DrawEdge
RegisterWindowMessageA
SetWindowLongA
MessageBeep
IsWindow
GetParent
KillTimer
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
InvalidateRect
UnregisterClassA
GetSysColorBrush
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetWindowThreadProcessId
GetCursorPos
WindowFromPoint
DestroyWindow
GetDesktopWindow
InflateRect
GetSystemMetrics
GetSysColor
RedrawWindow
GetClientRect
DrawIcon
FillRect
MessageBoxA
SetCapture
SetFocus
ReleaseCapture
SetActiveWindow
GetAsyncKeyState
wsprintfA
CopyIcon
DestroyCursor
GetMessagePos
SetCursor
LoadIconA
LoadCursorA
SetTimer
ScreenToClient
PtInRect
EnableWindow
LockWindowUpdate
GetWindowRect
SendMessageA
GetClassInfoA

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
OffsetViewportOrgEx
CreatePen
MoveToEx
LineTo
GetClipBox
SetViewportOrgEx
SelectObject
SelectClipRgn
DeleteObject
CreateFontIndirectA
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateRectRgn
CreateSolidBrush
GetTextExtentPoint32A
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetCurrentObject
BitBlt
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA
ExtractIconA

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dbghelp.dll
.dll windows:7 windows x86 arch:x86

f7cb4432172d116632abc77471a1a600

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:bf:fe:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-06-2007 21:56

Not After

22-09-2008 22:06

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-06-2007 23:54

Not After

13-06-2012 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:15:08:27:00:00:00:00:00:0c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

25-01-2006 23:22

Not After

25-01-2017 23:32

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

a1:03:2f:43:6a:f5:0c:26:23:9e:70:3c:b2:4f:25:d8:64:c5:09:6e
Signer

Actual PE Digest

a1:03:2f:43:6a:f5:0c:26:23:9e:70:3c:b2:4f:25:d8:64:c5:09:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dbghelp.pdb

Imports

msvcrt

_write
_lseeki64
_fileno
_read
__pioinfo
__badioinfo
ferror
wctomb
_snprintf
isleadbyte
mbtowc
isdigit
_onexit
_lock
__dllonexit
_unlock
_ismbblead
_amsg_exit
_initterm
_XcptFilter
memmove
_iob
__mb_cur_max
strchr
_vsnwprintf
iswprint
atol
??3@YAXPAX@Z
__unDName
_CxxThrowException
bsearch
fread
fseek
_wfsopen
_fsopen
wcstol
_fullpath
_wfullpath
_wgetenv
_get_osfhandle
_chsize
_close
_open_osfhandle
ftell
_memicmp
_mbscmp
??1type_info@@UAE@XZ
_errno
__CxxFrameHandler
iswspace
calloc
_itoa
_wcsdup
towlower
tolower
_wcslwr
time
_wctime
_ltoa
_wcsnicmp
_purecall
ctime
malloc
strncmp
isspace
_isatty
fclose
_stricmp
_strlwr
free
wcsrchr
strstr
memcpy
_wcsicmp
qsort
wcschr
wcsstr
wcsncmp
iswxdigit
memset
??2@YAPAXI@Z
_wsopen
_sopen

kernel32

ExpandEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
DeviceIoControl
DeleteFileA
CopyFileA
SetFileAttributesA
LCMapStringA
InterlockedIncrement
InterlockedDecrement
LocalFree
MapViewOfFileEx
FlushViewOfFile
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
GetThreadSelectorEntry
CreateThread
TerminateThread
VirtualQueryEx
GetPriorityClass
GetThreadPriority
GetThreadTimes
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThreadId
GetSystemTimeAsFileTime
LoadLibraryA
Sleep
GetVersion
GetSystemInfo
ReadProcessMemory
GetProcessHeap
GetFileAttributesA
SetErrorMode
WriteFile
OutputDebugStringA
VirtualFree
OpenProcess
GetCurrentProcessId
CreateFileMappingA
MapViewOfFile
FindClose
LocalAlloc
SetLastError
LeaveCriticalSection
EnterCriticalSection
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetLastError
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
DeleteCriticalSection
HeapDestroy
FreeLibrary
HeapCreate
InitializeCriticalSection
GetVersionExA
HeapReAlloc
HeapAlloc
HeapFree
IsDBCSLeadByte
SetFilePointer
GetCurrentProcess
UnmapViewOfFile
CreateDirectoryA
VirtualProtect
VirtualAlloc
DuplicateHandle
GetModuleHandleA

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
SearchTreeForFileW
StackWalk
StackWalk64
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymCleanup
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrW64
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
UnmapDebugInformation
WinDbgExtensionDllInit
block
chksym
dbghelp
dh
fptr
homedir
itoldyouso
lmi
lminfo
omap
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo

Sections

.text
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/View.ibaEventTable.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/View.ibaFFT.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/View.ibaGraphManager.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/hdClient.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/hdCommon.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/ibaHDOffline.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/ibaInspectraShared.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
de/ibaViewUtilities.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fr/View.ibaEventTable.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fr/View.ibaGraphManager.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fr/hdClient.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fr/hdCommon.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fr/ibaHDOffline.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fr/ibaViewUtilities.resources.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gdiplus.dll
.dll windows:5 windows x86 arch:x86

2a1ab6b72adad6b03d0746b0a5fa55d6

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04-12-2003 00:00

Not After

03-12-2008 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:9d:aa:11:d3:30:a8:95:60:ac:fa
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

01-07-1999 07:00

Not After

15-10-2005 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,OU=Copyright (c) 1999 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:06:51:3f:00:00:00:00:00:35
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,OU=Copyright (c) 1999 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Not Before

30-06-2003 23:22

Not After

30-08-2004 23:32

Subject

CN=Microsoft Windows XP Publisher,OU=Copyright (c) 2003 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

4f:11:fb:cd:c0:44:ea:be:51:45:c5:b8:65:ea:1c:b3:ee:fd:20:31
Signer

Actual PE Digest

4f:11:fb:cd:c0:44:ea:be:51:45:c5:b8:65:ea:1c:b3:ee:fd:20:31

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SearchPathA
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
RaiseException
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetSystemDefaultLCID
GetProcAddress
GetModuleHandleW
GetACP
GetVersionExA
LoadLibraryA
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
InterlockedIncrement
GetOEMCP
CreateSemaphoreA
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpyA
lstrcatA
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy

user32

ReleaseDC
GetDC
LoadBitmapW
LoadBitmapA
wsprintfW
SystemParametersInfoA
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
GetIconInfo
ClientToScreen
wvsprintfA
GetDCEx
GetWindowLongA
GetClassLongA

gdi32

GetNearestPaletteIndex
GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
GetWindowExtEx
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreateBrushIndirect
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
SetDIBColorTable
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
PolyPolyline
GetViewportExtEx
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hdClient.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 659KB - Virtual size: 658KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hdClientInterfaces.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\proj\ibaHDv1.5\hdClientInterfaces\obj\Release\hdClientInterfaces.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hdCommon.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\proj\ibaHDv1.5\hdCommon\obj\x64\Release\hdCommon.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hdCore.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaAnalyzer.exe
.exe windows:5 windows x86 arch:x86

098f6cacaad9d8d790bfc89c3841cdd9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:d8:13:92:5c:ef:52:cf:3d:80:c1:ca:7a:4c:ca:5e:bb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

31-10-2012 14:45

Not After

01-11-2015 14:45

Subject

CN=iba AG,OU=IT-Infrastructure,O=iba AG,L=Fuerth,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c12646576656c6f70406962612d61672e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e2:51:1c:51:83:b8:47:ac:7f:7a:af:31:26:31:ac:39:6a:c0:14:62
Signer

Actual PE Digest

e2:51:1c:51:83:b8:47:ac:7f:7a:af:31:26:31:ac:39:6a:c0:14:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\proj\PdaOffline6\Release\ibaAnalyzer.pdb

Imports

opengl32

glViewport
glLightModeli
glLightfv
glEndList
glCallList
glNewList
wglCreateContext
wglMakeCurrent
wglDeleteContext
wglUseFontBitmapsA
glListBase
glBitmap
glCallLists
glRasterPos3f
glGetFloatv
glScalef
glTranslatef
glPolygonMode
glVertex3fv
glMatrixMode
glLoadIdentity
glOrtho
glRotatef
glClear
glEnable
glColor3f
glBegin
glVertex3f
glEnd
glIsList
glGetBooleanv
glClearColor
glClearIndex
glDisable
glIndexf
glColor3fv
glIndexi

glu32

gluNurbsProperty
gluEndSurface
gluNurbsSurface
gluNewNurbsRenderer
gluDeleteNurbsRenderer
gluBeginSurface

shlwapi

PathFindExtensionA
PathFileExistsA
SHAutoComplete
PathIsDirectoryA
PathIsRelativeA
SHDeleteKeyA
PathCombineA
StrToIntA
PathSkipRootA
PathIsUNCA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionW

mpr

WNetCancelConnection2A
WNetAddConnection3A
WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA
WNetGetUniversalNameA

gdiplus

GdipGetImageEncodersSize
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipSetPageScale
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipFillRectangleI
GdipDrawPolygonI
GdipGetImageEncoders
GdipDisposeImage
GdipCreateSolidFill
GdipBitmapGetPixel
GdipCreatePen1
GdipGetLineRectI
GdipDeletePen
GdipCloneBrush
GdipFillPolygonI
GdipSetSmoothingMode
GdipCreateFromHDC
GdipCreateLineBrushFromRectWithAngleI
GdipDeleteGraphics
GdipDeleteBrush
GdipGetLinePresetBlend
GdipSetLinePresetBlend
GdipGetLinePresetBlendCount
GdipCloneImage
GdiplusShutdown
GdipAlloc
GdipFree
GdipDrawRectangleI
GdipGetImageGraphicsContext
GdiplusStartup
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStream

mkl_custom

DftiCommitDescriptor
DftiComputeBackward
DftiComputeForward
DftiFreeDescriptor
DftiCreateDescriptor_d_1d
DftiSetValue

winmm

waveOutGetVolume
waveOutSetVolume
waveOutGetPosition
waveOutOpen
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
PlaySoundA
waveOutClose

kernel32

GlobalFree
FormatMessageA
lstrcmpiA
GetUserDefaultUILanguage
GetLongPathNameA
CreateEventA
SetErrorMode
ReadFile
LocalFileTimeToFileTime
SetFileTime
FreeResource
FindResourceA
GlobalSize
GetLocalTime
GetFileInformationByHandle
InitializeCriticalSection
SetEvent
ProcessIdToSessionId
InterlockedCompareExchange
SearchPathA
TryEnterCriticalSection
CreateMutexA
OpenMutexA
ReleaseMutex
OpenFileMappingA
GetExitCodeProcess
OpenProcess
GetExitCodeThread
OpenThread
GetVolumeInformationA
FreeLibraryAndExitThread
ResetEvent
ResumeThread
DeviceIoControl
GetNumberFormatA
GlobalReAlloc
LocalFree
SuspendThread
lstrcmpW
LoadLibraryW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
GetStringTypeExA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetFullPathNameA
MulDiv
GetFileAttributesExA
GetFileSizeEx
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
GetModuleHandleW
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
LocalAlloc
GetSystemDirectoryW
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
LoadLibraryExA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetCurrentThread
GetProfileIntA
GlobalFlags
GetCPInfo
GetOEMCP
GetACP
VirtualProtect
FindResourceExW
DecodePointer
EncodePointer
RtlUnwind
HeapAlloc
HeapFree
VirtualAlloc
HeapReAlloc
GetTimeFormatA
GetDateFormatA
ExitProcess
GetDriveTypeA
HeapSetInformation
GetStartupInfoW
GetTimeZoneInformation
ExitThread
SetStdHandle
GetFileType
HeapSize
HeapQueryInformation
SystemTimeToFileTime
SetUnhandledExceptionFilter
TerminateProcess
GetStdHandle
GetLocaleInfoW
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
HeapCreate
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
SetHandleCount
PeekNamedPipe
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
GetDriveTypeW
CompareStringW
GetProcessHeap
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetVersionExA
lstrcmpA
SystemTimeToTzSpecificLocalTime
TerminateThread
SetFilePointer
IsDebuggerPresent
CreateProcessA
GetSystemTimeAsFileTime
lstrcpyA
GetSystemInfo
VirtualQuery
GetModuleFileNameA
GetFileSize
GetFileTime
RaiseException
GetCurrentProcess
WriteFile
GetCurrentThreadId
WaitForSingleObject
GetTickCount
FileTimeToLocalFileTime
SetThreadPriority
CreateThread
GetLocaleInfoA
GetFileAttributesA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindFirstFileExA
GetCurrentDirectoryA
SetCurrentDirectoryA
WinExec
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
FreeLibrary
CreateIoCompletionPort
lstrcpynA
GetSystemTime
GetSystemDefaultLCID
CreateFileA
CloseHandle
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
CopyFileA
GetComputerNameA
Sleep
GetThreadLocale
SetThreadLocale
DeleteFileA
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetCurrentProcessId
FileTimeToSystemTime
lstrlenA
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
MultiByteToWideChar
InterlockedExchange
QueryPerformanceCounter
QueryPerformanceFrequency
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
ExpandEnvironmentStringsA
MoveFileA
GetVersion
GlobalAlloc
GlobalLock
UnhandledExceptionFilter
GlobalUnlock
GetShortPathNameA

user32

GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
CharUpperBuffA
CopyImage
ShowOwnedPopups
DrawIcon
DestroyCursor
GetTabbedTextExtentW
RealChildWindowFromPoint
InvalidateRgn
CopyIcon
WaitMessage
GetNextDlgGroupItem
LoadImageW
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
IsCharLowerA
MapVirtualKeyExA
CreateMenu
InvertRect
HideCaret
GetWindowRgn
IsWindowEnabled
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
WinHelpA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
SetMenu
GetScrollRange
GetScrollPos
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetScrollInfo
SetScrollInfo
GetMenu
GetWindowDC
GetMenuState
GetMenuStringA
GetActiveWindow
SetScrollRange
GetMessagePos
SetScrollPos
EndPaint
BeginPaint
DrawEdge
ScrollDC
RegisterWindowMessageA
ValidateRect
WaitForInputIdle
GetWindowThreadProcessId
PostThreadMessageA
RegisterClassExA
RegisterDeviceNotificationA
UnregisterDeviceNotification
UnregisterClassA
GetDesktopWindow
GetUpdateRect
SetLayeredWindowAttributes
GrayStringA
DrawTextExA
TabbedTextOutA
TrackMouseEvent
PostQuitMessage
GetMessageA
SetFocus
SubtractRect
DestroyIcon
TranslateMessage
DispatchMessageA
GetDoubleClickTime
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
SetWindowPos
ToAsciiEx
CallWindowProcA
GetWindowTextA
GetClassNameA
ShowWindow
GetClassInfoA
FindWindowA
GetMenuItemID
CreatePopupMenu
ExcludeUpdateRgn
DrawFrameControl
InsertMenuA
GetSubMenu
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
SetForegroundWindow
GetLastActivePopup
GetSystemMenu
LoadMenuW
FrameRect
PeekMessageA
WindowFromPoint
GetSysColorBrush
AdjustWindowRectEx
GetCaretPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
DrawFocusRect
GetIconInfo
DrawStateA
RedrawWindow
RegisterClipboardFormatA
LoadStringA
EmptyClipboard
SetClipboardData
OpenClipboard
GetMenuItemCount
AppendMenuA
EqualRect
IntersectRect
DefWindowProcA
RegisterClassA
IsRectEmpty
SetWindowsHookExA
CallNextHookEx
UnionRect
SetRect
UnhookWindowsHookEx
GetWindowLongA
GetWindow
MessageBeep
SetParent
AdjustWindowRect
OffsetRect
LoadAcceleratorsA
TranslateAcceleratorA
GetDlgCtrlID
ChildWindowFromPointEx
GetFocus
ReleaseDC
GetDC
LoadCursorA
SetCursor
IsWindow
LoadCursorW
LoadIconA
MapWindowPoints
SetWindowLongA
SetWindowTextA
GetKeyState
wsprintfA
MessageBoxA
IsChild
DrawTextA
GetSysColor
SetCapture
GetCapture
InflateRect
CopyRect
ReleaseCapture
CheckMenuRadioItem
ModifyMenuA
SetRectEmpty
SetCursorPos
GetSystemMetrics
LoadImageA
LoadIconW
GetParent
KillTimer
SetTimer
UpdateWindow
ScreenToClient
ClientToScreen
GetWindowRect
RemoveMenu
EnableMenuItem
CheckMenuItem
DeleteMenu
FillRect
PtInRect
LoadBitmapW
GetClientRect
EnableWindow
SetActiveWindow
IsWindowVisible
InvalidateRect
PostMessageA
SendMessageA
CopyAcceleratorTableA
SetMenuDefaultItem
GetMenuDefaultItem
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
DrawIconEx
GetMenuItemInfoA
EnumDisplayMonitors
IsZoomed
DestroyAcceleratorTable
NotifyWinEvent
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
InsertMenuItemA
SetWindowContextHelpId
MapDialogRect
SetWindowRgn
SetClassLongA
LockWindowUpdate
BringWindowToTop
GetAsyncKeyState
CharNextA
CharUpperA
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
InSendMessage
SetMenuItemBitmaps
EnumChildWindows
GetMenuCheckMarkDimensions
GetCursorPos

gdi32

EnumFontFamiliesA
GetStockObject
SetDIBColorTable
GetBitmapDimensionEx
SetBitmapDimensionEx
CreateDIBitmap
Ellipse
GetClipBox
SetPixelFormat
ChoosePixelFormat
SwapBuffers
GetViewportOrgEx
DPtoLP
ExtTextOutA
GetCurrentObject
RectInRegion
GetWindowOrgEx
LPtoDP
PatBlt
TextOutA
GetTextExtentPointA
PlgBlt
PtVisible
RectVisible
Escape
UnrealizeObject
CreatePolygonRgn
FillRgn
SelectPalette
GetBkColor
CreateDCA
SetWindowExtEx
SetViewportExtEx
Arc
CreatePatternBrush
CopyMetaFileA
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
CombineRgn
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
EnumFontFamiliesExA
GetPixel
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowOrgEx
CreateRectRgn
Polygon
Polyline
CreateSolidBrush
BitBlt
OffsetWindowOrgEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreateBitmap
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
GetTextColor
SetRectRgn
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreateRoundRectRgn
GetTextCharsetInfo
CreateEllipticRgn
RoundRect
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetCharWidthA
GetTextExtentPoint32W
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetRgnBox
OffsetRgn
SetPixel
ExtFloodFill
SetPaletteEntries
PtInRegion
FrameRgn
GetBoundsRect
SetPixelV
CreateICA
CreateCompatibleBitmap
GetNearestColor
GetTextMetricsA
CreateFontA
RealizePalette
CreatePalette
SetDCPenColor
Rectangle
CreatePen
SelectObject
DeleteDC
CreateFontIndirectA
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetDeviceCaps
CreateDIBSection
StretchBlt
CreateCompatibleDC
GetObjectA
DeleteObject
GetDIBits
GetBrushOrgEx
SetStretchBltMode
SetBrushOrgEx
StretchDIBits
MoveToEx
GetTextExtentPoint32A

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegFlushKey
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA
RegQueryValueA
RegDeleteValueA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExW
RegSetValueA
CryptDecrypt
CryptAcquireContextA
CryptCreateHash
CryptEncrypt
CryptDestroyKey
CryptDestroyHash
CryptDeriveKey
CryptHashData

shell32

ExtractIconA
SHAddToRecentDocs
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderPathA
ord155
ExtractIconExA
SHGetFolderPathA
DragAcceptFiles
SHChangeNotify
DragQueryFileA
DragQueryPoint
DragFinish
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetMalloc
SHGetFileInfoA

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Create

ole32

OleLockRunning
OleFlushClipboard
OleIsCurrentClipboard
RevokeDragDrop
DoDragDrop
OleGetClipboard
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
CoGetClassObject
CoLockObjectExternal
RegisterDragDrop
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoDisconnectObject
CLSIDFromString
OleRun
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
OleDuplicateData
ReleaseStgMedium
StringFromCLSID
CoInitializeEx
CoInitialize
CoUninitialize
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateGuid
StringFromGUID2
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SafeArrayDestroy
VariantInit
VarCyFromStr
OleCreateFontIndirect
SysStringLen
VariantCopy
GetErrorInfo
VariantClear
SysFreeString
SysAllocStringLen
VariantChangeType
VarBstrFromDate
VarDateFromStr
SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
SysAllocString

oledlg

ord8

ws2_32

select
WSAStartup
gethostname
WSAGetLastError
WSACleanup
recvfrom
sendto
htons
__WSAFDIsSet
inet_ntoa
recv
send
closesocket
ntohs
getsockname
connect
bind
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSASetLastError
shutdown
WSACloseEvent
WSAEnumNetworkEvents
WSAIoctl
listen
ioctlsocket
getsockopt
getpeername
accept
inet_addr
setsockopt
gethostbyname
socket

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetConnectA
FtpFindFirstFileA
FtpOpenFileA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetFindNextFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
InternetCloseHandle

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 872KB - Virtual size: 871KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9.3MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ibaAnalyzerViewHost.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\proj\PdaOffline6\ibaAnalyzerViewHost\ibaAnalyzerViewHost\obj\Release\ibaAnalyzerViewHost.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaAnalyzerViewHostActiveX.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

e18b130c21bc31f2cd0f592f6a4cb2da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\proj\PdaOffline6\ibaAnalyzerViewHost\ibaAnalyzerViewHostActiveX\Release\ibaAnalyzerViewHostActiveX.pdb

Imports

mfc100u

ord12724
ord2853
ord8393
ord10045
ord6247
ord11210
ord8112
ord13380
ord10937
ord3402
ord11081
ord8277
ord14060
ord14059
ord14132
ord14149
ord14145
ord14147
ord14148
ord14146
ord2418
ord7385
ord2884
ord2887
ord12610
ord5558
ord12063
ord7394
ord4793
ord4646
ord5128
ord8484
ord5116
ord4924
ord4643
ord13375
ord3400
ord4588
ord8856
ord5470
ord3541
ord10356
ord10388
ord8321
ord10443
ord9220
ord8290
ord9614
ord9617
ord9615
ord8116
ord8128
ord8152
ord9131
ord10661
ord9345
ord9346
ord9370
ord9802
ord8113
ord9359
ord9398
ord10539
ord9471
ord9369
ord9430
ord9431
ord9432
ord10203
ord10204
ord9417
ord10251
ord10246
ord10241
ord10381
ord9146
ord8628
ord9088
ord10196
ord9373
ord9776
ord9422
ord9423
ord7481
ord11681
ord4442
ord9521
ord9519
ord10909
ord6993
ord4586
ord11017
ord2508
ord2888
ord12493
ord10229
ord10065
ord2957
ord11772
ord4425
ord9468
ord8064
ord1604
ord11597
ord2254
ord3484
ord9379
ord6823
ord6829
ord8347
ord9331
ord5139
ord8389
ord11204
ord13376
ord2417
ord12606
ord5556
ord2756
ord2980
ord2981
ord3627
ord9549
ord10412
ord10058
ord8179
ord11123
ord10446
ord10049
ord9445
ord9113
ord4396
ord4408
ord4404
ord4400
ord4430
ord4421
ord4392
ord4434
ord11246
ord4379
ord4383
ord4416
ord3999
ord14067
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord2852
ord11159
ord5143
ord5468
ord9333
ord6145
ord13364
ord5239
ord13365
ord8494
ord11467
ord5138
ord5302
ord6059
ord6669
ord908
ord13605
ord2091
ord322
ord2055
ord2053
ord2080
ord1984
ord2045
ord3413
ord408
ord1953
ord2090
ord2088
ord1945
ord1873
ord1934
ord323
ord1301
ord6667
ord7624
ord7548
ord11784
ord13854
ord4744
ord2164
ord11476
ord11477
ord266
ord265
ord2062
ord2064
ord2068
ord1292
ord890
ord1895
ord1992
ord2008
ord1890
ord13332
ord2002
ord2014
ord1296
ord351
ord1203
ord761
ord6559
ord4666
ord10271
ord8470
ord10406
ord897
ord3397
ord1946
ord2011
ord1996
ord1183
ord902
ord3669
ord2119
ord2880
ord10590
ord9330
ord12495
ord7168
ord296
ord731
ord1312
ord6578
ord1205
ord764
ord3230
ord1998
ord1931
ord1968
ord13381
ord7108
ord13387
ord8530
ord3684
ord3625
ord11864
ord7126
ord1739
ord14162
ord10976
ord13267
ord11469
ord7179
ord13570
ord13567
ord13572
ord13569
ord13571
ord13568
ord3416
ord5261
ord11228
ord11236
ord4085
ord7391
ord9498
ord11240
ord11209
ord11845
ord11244
ord1501
ord1508
ord1514
ord1512
ord1519
ord4413
ord4388
ord7175
ord4642
ord4923
ord5115
ord8483
ord4901
ord5118
ord4645
ord4794
ord4623
ord5467
ord6931
ord6932
ord6922
ord4792
ord7393
ord9328
ord8346
ord9351
ord6044

msvcr100

malloc
memcpy_s
wcsncpy_s
_recalloc
memset
_initterm
_initterm_e
wcsstr
__CppXcptFilter
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxQueryExceptionSize
wcscpy_s
wcscat_s
_cexit
__FrameUnwindFilter
_purecall
_amsg_exit
_encoded_null
free
_malloc_crt
??2@YAPAXI@Z
__CxxFrameHandler3
??3@YAXPAX@Z
__CxxExceptionFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ

kernel32

GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
LocalAlloc
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetThreadLocale
LoadLibraryW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
WideCharToMultiByte
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LocalFree
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection

oleaut32

UnRegisterTypeLi
RegisterTypeLi
SysFreeString
VarUI4FromStr
SysStringLen
LoadRegTypeLi
SysAllocString
LoadTypeLi

user32

GetFocus
CallNextHookEx
EnableWindow
CopyRect
UnhookWindowsHookEx
CharNextW
SetWindowsHookExW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance

mfcm100u

ord280

mscoree

_CorDllMain

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaDataExtractor.dll
.dll regsvr32 windows:4 windows x86 arch:x86

dda84c3f9a0b3c0680384629c59371af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDefaultLCID
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
SizeofResource
GetSystemTime
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WaitForSingleObject
CloseHandle
CreateThread
FormatMessageA
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
LoadResource
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
ReadFile
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
RtlUnwind
HeapFree
IsBadReadPtr
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue

user32

MessageBoxA
CharNextA
wsprintfA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumValueA

ole32

CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoInitializeEx
StringFromGUID2
CLSIDFromProgID

oleaut32

BSTR_UserSize
SysAllocString
VariantClear
SysAllocStringLen
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
VariantTimeToSystemTime
GetErrorInfo
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysFreeString

rpcrt4

CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 222B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaDataExtractorMC.dll
.dll regsvr32 windows:4 windows x86 arch:x86

dda84c3f9a0b3c0680384629c59371af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDefaultLCID
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
SizeofResource
GetSystemTime
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WaitForSingleObject
CloseHandle
CreateThread
FormatMessageA
GetLastError
lstrlenA
MultiByteToWideChar
lstrlenW
LoadResource
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
ReadFile
SetFilePointer
GetStringTypeW
GetStringTypeA
IsBadCodePtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
RtlUnwind
HeapFree
IsBadReadPtr
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue

user32

MessageBoxA
CharNextA
wsprintfA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegEnumValueA

ole32

CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoInitializeEx
StringFromGUID2
CLSIDFromProgID

oleaut32

BSTR_UserSize
SysAllocString
VariantClear
SysAllocStringLen
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
VariantTimeToSystemTime
GetErrorInfo
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysFreeString

rpcrt4

CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 222B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaHDOffline.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaHDOfflineActiveX.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

952efe582e5c95963b9843127863ffac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\proj\PdaOffline6\ibaHDOffline\ibaHDOfflineActiveX\Release\ibaHDOfflineActiveX.pdb

Imports

mfc100u

ord1519
ord1512
ord1514
ord1508
ord1501
ord11244
ord11246
ord12724
ord2853
ord8393
ord10045
ord6247
ord8112
ord13375
ord10937
ord3400
ord11081
ord8277
ord14060
ord14059
ord14132
ord14149
ord14145
ord14147
ord14148
ord14146
ord2418
ord7385
ord2884
ord2887
ord12610
ord5558
ord4588
ord8856
ord5470
ord3541
ord10356
ord10388
ord8321
ord10443
ord9220
ord8290
ord9614
ord9617
ord9615
ord8116
ord8128
ord8152
ord9131
ord10661
ord9345
ord9346
ord9370
ord9802
ord8113
ord9359
ord9398
ord10539
ord9471
ord9369
ord9430
ord9431
ord9432
ord10203
ord10204
ord9417
ord10251
ord10246
ord10241
ord10381
ord9146
ord8628
ord9088
ord10196
ord9373
ord9776
ord9422
ord9423
ord7481
ord11681
ord4442
ord9521
ord9519
ord10909
ord6993
ord4586
ord11017
ord2508
ord2888
ord12493
ord10229
ord10065
ord2957
ord11772
ord9351
ord9468
ord8064
ord1604
ord11597
ord4392
ord3484
ord6145
ord9333
ord5468
ord5143
ord11210
ord13380
ord3402
ord9379
ord6823
ord6829
ord8347
ord9331
ord5139
ord8389
ord11204
ord13376
ord2417
ord12606
ord5556
ord2756
ord2980
ord2981
ord3627
ord9549
ord10412
ord10058
ord8179
ord11123
ord10446
ord10049
ord9445
ord9113
ord4434
ord4413
ord4379
ord4383
ord4416
ord4388
ord14067
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord2852
ord11159
ord4643
ord4924
ord5116
ord8484
ord5128
ord4646
ord4793
ord7394
ord12063
ord13364
ord5239
ord13365
ord8494
ord11467
ord5138
ord5302
ord6059
ord6669
ord6667
ord7624
ord908
ord13605
ord2091
ord322
ord2055
ord2053
ord2080
ord1984
ord2045
ord3413
ord408
ord1953
ord2090
ord2088
ord1945
ord1873
ord1934
ord323
ord1301
ord7548
ord11784
ord13854
ord4744
ord2164
ord11476
ord11477
ord13381
ord7108
ord2062
ord1292
ord890
ord2064
ord2068
ord266
ord1895
ord1992
ord2008
ord265
ord1890
ord13332
ord2002
ord2014
ord351
ord1203
ord761
ord6559
ord1296
ord1183
ord4666
ord10271
ord10406
ord897
ord3397
ord1946
ord2011
ord1996
ord3669
ord2880
ord10590
ord9330
ord12495
ord7168
ord731
ord8470
ord6578
ord1205
ord764
ord3230
ord1998
ord1931
ord1968
ord13387
ord8530
ord3684
ord3625
ord11864
ord7126
ord1739
ord14162
ord10976
ord13267
ord11469
ord7179
ord13570
ord13567
ord13572
ord13569
ord13571
ord13568
ord3416
ord5261
ord11228
ord11236
ord4085
ord7391
ord9498
ord11240
ord11209
ord11845
ord4425
ord4396
ord4408
ord4404
ord4400
ord4430
ord3999
ord4421
ord7175
ord4642
ord4923
ord5115
ord8483
ord4901
ord5118
ord4645
ord4794
ord4623
ord5467
ord6931
ord6932
ord6922
ord4792
ord7393
ord9328
ord8346
ord2254
ord6044

msvcr100

__CxxDetectRethrow
__CxxRegisterExceptionObject
_recalloc
memset
_initterm
_initterm_e
_amsg_exit
__CxxUnregisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
malloc
wcscpy_s
wcsncpy_s
wcscat_s
_cexit
__FrameUnwindFilter
_purecall
__CppXcptFilter
wcsstr
_encoded_null
free
_malloc_crt
??2@YAPAXI@Z
__CxxFrameHandler3
??3@YAXPAX@Z
memcpy_s
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ

kernel32

GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
LocalAlloc
GetCurrentThreadId
RaiseException
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
lstrlenW
GetThreadLocale
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LocalFree
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection

oleaut32

UnRegisterTypeLi
RegisterTypeLi
SysFreeString
SysStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr

user32

GetFocus
CallNextHookEx
EnableWindow
CopyRect
UnhookWindowsHookEx
CharNextW
SetWindowsHookExW

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance

mfcm100u

ord280

mscoree

_CorDllMain

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaHdViewUtilities.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaHdViewUtilities\obj\Release\ibaHdViewUtilities.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaInspectraShared.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaInspectraShared\obj\x86\Release\ibaInspectraShared.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaLogger.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaManagedFFT.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\proj\ibaFFT\ibaManagedFFT\obj\x86\Release\ibaManagedFFT.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaRunTime.dll
.dll windows:4 windows x86 arch:x86

790a9ea28a746f3c6c07a3bd3a2b6020

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
CreateFileA
WideCharToMultiByte
HeapFree
GetProcessHeap
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
GetProcAddress
ExitProcess
FreeLibrary
LoadLibraryA
WaitForSingleObject
CloseHandle
CreateEventA
DisableThreadLibraryCalls
lstrcatA
IsBadReadPtr
lstrlenA
VirtualProtect
Sleep
SetEvent
SetEnvironmentVariableA
GetCurrentProcessId
GetModuleHandleA
InterlockedExchange
MultiByteToWideChar
GetLastError
InterlockedIncrement
SetFilePointer
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
IsBadWritePtr
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetModuleFileNameA
GetCurrentProcess
VirtualQuery
LCMapStringW
LCMapStringA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
HeapCreate
VirtualFree
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
SetStdHandle
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
ResumeThread
CreateThread
VirtualAlloc
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle

user32

MessageBoxA
wsprintfA
UnregisterClassA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

oleaut32

SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayCreate
VariantCopyInd
VariantChangeType
SysStringLen
SafeArrayUnlock
SafeArrayLock
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayDestroyDescriptor
VariantClear
VariantInit
SysFreeString
GetErrorInfo
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

CheckRuntime
DNG_Runtime
GetUserString
RunHVM

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hvm
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hvm0
Size: 372KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ibaThreadSafeNativeFFT.dll
.dll windows:5 windows x86 arch:x86

52194407b05d612d65457c898a7181c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\proj\ibaFFT\ibaNativeFFTWrapper\bin\Release\ibaThreadSafeNativeFFT.pdb

Imports

mkl_custom

DftiSetValue
DftiCommitDescriptor
DftiComputeForward
DftiCreateDescriptor_d_1d
DftiFreeDescriptor

msvcr100

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_encoded_null
_cexit
free
?terminate@@YAXXZ
??3@YAXPAX@Z
_CIsin
_CIsqrt
_CIlog10
__CxxFrameHandler3
__iob_func
fprintf
_CIcos
_CxxThrowException
?what@exception@std@@UBEPBDXZ
??_V@YAXPAX@Z
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject
__CxxDetectRethrow
_malloc_crt
__CppXcptFilter
?__ExceptionPtrCopy@@YAXPAXPBX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
__CxxUnregisterExceptionObject
__FrameUnwindFilter

kernel32

InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
DecodePointer
EncodePointer

msvcp100

?_Incref@facet@locale@std@@QAEXXZ

mscoree

_CorDllMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaViewInterfaces.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaViewInterfaces\obj\Release\ibaViewInterfaces.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ibaViewUtilities.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\proj\ibaPDAv6.33.x\ibaViewUtilities\obj\Release\ibaViewUtilities.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiomp5md.dll
.dll windows:4 windows x86 arch:x86

fe05cf45a9fbf191db178126c5792725

Code Sign

35:de:f4:cf
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

22-08-1998 16:41

Not After

22-08-2018 16:41

Subject

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b0:ff
Certificate

Issuer

OU=Equifax Secure Certificate Authority,O=Equifax,C=US

Not Before

16-02-2006 18:01

Not After

19-02-2016 18:01

Subject

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:23:13:4f:00:00:00:00:34:67
Certificate

Issuer

CN=Intel External Basic Issuing CA 3B,O=Intel Corporation,C=US

Not Before

17-02-2009 16:45

Not After

17-02-2012 16:45

Subject

CN=Intel(R) Software Products,O=Intel Corporation

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:2c:a5:fe:00:00:00:00:00:06
Certificate

Issuer

CN=Intel External Basic Policy CA,O=Intel Corporation,C=US

Not Before

22-03-2006 22:22

Not After

22-03-2012 22:32

Subject

CN=Intel External Basic Issuing CA 3B,O=Intel Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:b8:91:eb:8f:b4:79:d0:1e:00:8e:a4:a3:d5:85:36:75:fd:2a:9e
Signer

Actual PE Digest

ff:b8:91:eb:8f:b4:79:d0:1e:00:8e:a4:a3:d5:85:36:75:fd:2a:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

O:\promo\20110606\tmp\win_32-rtl_5_nor_dyn.12.rel.30.r1.c0.t0-fxqwin06\libiomp5md.pdb

Imports

kernel32

EnterCriticalSection
GetCurrentThreadId
GetProcAddress
LeaveCriticalSection
GetEnvironmentVariableA
lstrcpynA
lstrcmpA
GetLastError
InterlockedIncrement
SwitchToThread
LoadLibraryA
InitializeCriticalSection
GetCurrentProcess
GetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
SetEnvironmentVariableA
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeLibrary
FormatMessageW
WideCharToMultiByte
LocalFree
FormatMessageA
GetThreadLocale
GetModuleHandleExA
GetModuleFileNameA
LoadLibraryExA
AllocConsole
GetStdHandle
WriteFile
IsDebuggerPresent
RaiseException
SetThreadPriority
CreateThread
ResumeThread
CloseHandle
GetComputerNameA
SetErrorMode
GetModuleHandleA
DeleteCriticalSection
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
Sleep
TlsSetValue
TlsGetValue
GetProcessTimes
TlsFree
TerminateThread
QueryPerformanceCounter
DuplicateHandle
GetExitCodeThread
SleepEx
VirtualQuery
ExitThread
QueryPerformanceFrequency
TlsAlloc
GetSystemDirectoryA
GetSystemInfo
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentProcessId
RtlUnwind
SetConsoleCtrlHandler
ExitProcess
GetCommandLineA
GetVersionExA
GetProcessHeap
FatalAppExitA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
InterlockedExchange
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
CreateFileA
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
ReadFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
CompareStringA
CompareStringW
HeapSize
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetTimeZoneInformation

Exports

Exports

KMP_ALIGNED_SHARABLE_MALLOC
KMP_CALLOC
KMP_CREATE_AFFINITY_MASK
KMP_DEFERRED_ATOMIC_ADD_I4
KMP_DEFERRED_ATOMIC_ADD_I8
KMP_DEFERRED_ATOMIC_ADD_R4
KMP_DEFERRED_ATOMIC_ADD_R8
KMP_DESTROY_AFFINITY_MASK
KMP_FREE
KMP_GET_AFFINITY
KMP_GET_AFFINITY_MASK_PROC
KMP_GET_AFFINITY_MAX_PROC
KMP_GET_BLOCKTIME
KMP_GET_LIBRARY
KMP_GET_NUM_KNOWN_THREADS
KMP_GET_NUM_PROCESSES
KMP_GET_PROCESS_NUM
KMP_GET_PROCESS_THREAD_NUM
KMP_GET_STACKSIZE
KMP_GET_STACKSIZE_S
KMP_LOCK_COND_BROADCAST
KMP_LOCK_COND_SIGNAL
KMP_LOCK_COND_WAIT
KMP_MALLOC
KMP_NEST_LOCK_COND_BROADCAST
KMP_NEST_LOCK_COND_SIGNAL
KMP_NEST_LOCK_COND_WAIT
KMP_PRINT_BANNER
KMP_REALLOC
KMP_SET_AFFINITY
KMP_SET_AFFINITY_MASK_PROC
KMP_SET_BLOCKTIME
KMP_SET_DEFAULTS
KMP_SET_LIBRARY
KMP_SET_LIBRARY_SERIAL
KMP_SET_LIBRARY_THROUGHPUT
KMP_SET_LIBRARY_TURNAROUND
KMP_SET_PARALLEL_NAME
KMP_SET_STACKSIZE
KMP_SET_STACKSIZE_S
KMP_SET_STATS
KMP_SET_WARNINGS_OFF
KMP_SET_WARNINGS_ON
KMP_SHARABLE_CALLOC
KMP_SHARABLE_FREE
KMP_SHARABLE_MALLOC
KMP_SHARABLE_REALLOC
KMP_UNSET_AFFINITY_MASK_PROC
OMP_DESTROY_LOCK
OMP_DESTROY_NEST_LOCK
OMP_GET_ACTIVE_LEVEL
OMP_GET_ANCESTOR_THREAD_NUM
OMP_GET_DYNAMIC
OMP_GET_LEVEL
OMP_GET_MAX_ACTIVE_LEVELS
OMP_GET_MAX_THREADS
OMP_GET_NESTED
OMP_GET_NUM_PROCS
OMP_GET_NUM_THREADS
OMP_GET_SCHEDULE
OMP_GET_TEAM_SIZE
OMP_GET_THREAD_LIMIT
OMP_GET_THREAD_NUM
OMP_GET_WTICK
OMP_GET_WTIME
OMP_INIT_LOCK
OMP_INIT_NEST_LOCK
OMP_IN_FINAL
OMP_IN_PARALLEL
OMP_SET_DYNAMIC
OMP_SET_LOCK
OMP_SET_MAX_ACTIVE_LEVELS
OMP_SET_NESTED
OMP_SET_NEST_LOCK
OMP_SET_NUM_THREADS
OMP_SET_SCHEDULE
OMP_TEST_LOCK
OMP_TEST_NEST_LOCK
OMP_UNSET_LOCK
OMP_UNSET_NEST_LOCK
VT_getthid
_You_must_link_with_Intel_OpenMP_library
_You_must_link_with_Microsoft_OpenMP_library
_You_must_link_with_exactly_one_OpenMP_library
__kmp_acquire_lock
__kmp_acquire_ticket_lock
__kmp_debugging
__kmp_fork_call
__kmp_get_reduce_method
__kmp_invoke_microtask
__kmp_itt_fini_ittlib
__kmp_itt_init_ittlib
__kmp_launch_monitor
__kmp_launch_worker
__kmp_omp_debug_struct_info
__kmp_omp_library
__kmp_ompd_major_version
__kmp_ompd_minor_version
__kmp_reap_monitor
__kmp_reap_worker
__kmp_release
__kmp_release_lock
__kmp_release_ticket_lock
__kmp_test_lock
__kmp_wait_sleep
__kmp_wait_yield_4
__kmp_wait_yield_8
__kmpc_atomic_1
__kmpc_atomic_10
__kmpc_atomic_16
__kmpc_atomic_2
__kmpc_atomic_20
__kmpc_atomic_32
__kmpc_atomic_4
__kmpc_atomic_8
__kmpc_atomic_cmplx10_add
__kmpc_atomic_cmplx10_add_cpt
__kmpc_atomic_cmplx10_div
__kmpc_atomic_cmplx10_div_cpt
__kmpc_atomic_cmplx10_mul
__kmpc_atomic_cmplx10_mul_cpt
__kmpc_atomic_cmplx10_rd
__kmpc_atomic_cmplx10_sub
__kmpc_atomic_cmplx10_sub_cpt
__kmpc_atomic_cmplx10_wr
__kmpc_atomic_cmplx16_a16_rd
__kmpc_atomic_cmplx16_a16_wr
__kmpc_atomic_cmplx16_add
__kmpc_atomic_cmplx16_add_a16
__kmpc_atomic_cmplx16_add_a16_cpt
__kmpc_atomic_cmplx16_add_cpt
__kmpc_atomic_cmplx16_div
__kmpc_atomic_cmplx16_div_a16
__kmpc_atomic_cmplx16_div_a16_cpt
__kmpc_atomic_cmplx16_div_cpt
__kmpc_atomic_cmplx16_mul
__kmpc_atomic_cmplx16_mul_a16
__kmpc_atomic_cmplx16_mul_a16_cpt
__kmpc_atomic_cmplx16_mul_cpt
__kmpc_atomic_cmplx16_rd
__kmpc_atomic_cmplx16_sub
__kmpc_atomic_cmplx16_sub_a16
__kmpc_atomic_cmplx16_sub_a16_cpt
__kmpc_atomic_cmplx16_sub_cpt
__kmpc_atomic_cmplx16_wr
__kmpc_atomic_cmplx4_add
__kmpc_atomic_cmplx4_add_cmplx8
__kmpc_atomic_cmplx4_add_cpt
__kmpc_atomic_cmplx4_div
__kmpc_atomic_cmplx4_div_cmplx8
__kmpc_atomic_cmplx4_div_cpt
__kmpc_atomic_cmplx4_mul
__kmpc_atomic_cmplx4_mul_cmplx8
__kmpc_atomic_cmplx4_mul_cpt
__kmpc_atomic_cmplx4_rd
__kmpc_atomic_cmplx4_sub
__kmpc_atomic_cmplx4_sub_cmplx8
__kmpc_atomic_cmplx4_sub_cpt
__kmpc_atomic_cmplx4_wr
__kmpc_atomic_cmplx8_add
__kmpc_atomic_cmplx8_add_cpt
__kmpc_atomic_cmplx8_div
__kmpc_atomic_cmplx8_div_cpt
__kmpc_atomic_cmplx8_mul
__kmpc_atomic_cmplx8_mul_cpt
__kmpc_atomic_cmplx8_rd
__kmpc_atomic_cmplx8_sub
__kmpc_atomic_cmplx8_sub_cpt
__kmpc_atomic_cmplx8_wr
__kmpc_atomic_fixed1_add
__kmpc_atomic_fixed1_add_cpt
__kmpc_atomic_fixed1_add_fp
__kmpc_atomic_fixed1_andb
__kmpc_atomic_fixed1_andb_cpt
__kmpc_atomic_fixed1_andl
__kmpc_atomic_fixed1_andl_cpt
__kmpc_atomic_fixed1_div
__kmpc_atomic_fixed1_div_cpt
__kmpc_atomic_fixed1_div_float8
__kmpc_atomic_fixed1_div_fp
__kmpc_atomic_fixed1_eqv
__kmpc_atomic_fixed1_eqv_cpt
__kmpc_atomic_fixed1_max
__kmpc_atomic_fixed1_max_cpt
__kmpc_atomic_fixed1_min
__kmpc_atomic_fixed1_min_cpt
__kmpc_atomic_fixed1_mul
__kmpc_atomic_fixed1_mul_cpt
__kmpc_atomic_fixed1_mul_float8
__kmpc_atomic_fixed1_mul_fp
__kmpc_atomic_fixed1_neqv
__kmpc_atomic_fixed1_neqv_cpt
__kmpc_atomic_fixed1_orb
__kmpc_atomic_fixed1_orb_cpt
__kmpc_atomic_fixed1_orl
__kmpc_atomic_fixed1_orl_cpt
__kmpc_atomic_fixed1_rd
__kmpc_atomic_fixed1_shl
__kmpc_atomic_fixed1_shl_cpt
__kmpc_atomic_fixed1_shr
__kmpc_atomic_fixed1_shr_cpt
__kmpc_atomic_fixed1_sub
__kmpc_atomic_fixed1_sub_cpt
__kmpc_atomic_fixed1_sub_fp
__kmpc_atomic_fixed1_wr
__kmpc_atomic_fixed1_xor
__kmpc_atomic_fixed1_xor_cpt
__kmpc_atomic_fixed1u_div
__kmpc_atomic_fixed1u_div_cpt
__kmpc_atomic_fixed1u_div_fp
__kmpc_atomic_fixed1u_shr
__kmpc_atomic_fixed1u_shr_cpt
__kmpc_atomic_fixed2_add
__kmpc_atomic_fixed2_add_cpt
__kmpc_atomic_fixed2_add_fp
__kmpc_atomic_fixed2_andb
__kmpc_atomic_fixed2_andb_cpt
__kmpc_atomic_fixed2_andl
__kmpc_atomic_fixed2_andl_cpt
__kmpc_atomic_fixed2_div
__kmpc_atomic_fixed2_div_cpt
__kmpc_atomic_fixed2_div_float8
__kmpc_atomic_fixed2_div_fp
__kmpc_atomic_fixed2_eqv
__kmpc_atomic_fixed2_eqv_cpt
__kmpc_atomic_fixed2_max
__kmpc_atomic_fixed2_max_cpt
__kmpc_atomic_fixed2_min
__kmpc_atomic_fixed2_min_cpt
__kmpc_atomic_fixed2_mul
__kmpc_atomic_fixed2_mul_cpt
__kmpc_atomic_fixed2_mul_float8
__kmpc_atomic_fixed2_mul_fp
__kmpc_atomic_fixed2_neqv
__kmpc_atomic_fixed2_neqv_cpt
__kmpc_atomic_fixed2_orb
__kmpc_atomic_fixed2_orb_cpt
__kmpc_atomic_fixed2_orl
__kmpc_atomic_fixed2_orl_cpt
__kmpc_atomic_fixed2_rd
__kmpc_atomic_fixed2_shl
__kmpc_atomic_fixed2_shl_cpt
__kmpc_atomic_fixed2_shr
__kmpc_atomic_fixed2_shr_cpt
__kmpc_atomic_fixed2_sub
__kmpc_atomic_fixed2_sub_cpt
__kmpc_atomic_fixed2_sub_fp
__kmpc_atomic_fixed2_wr
__kmpc_atomic_fixed2_xor
__kmpc_atomic_fixed2_xor_cpt
__kmpc_atomic_fixed2u_div
__kmpc_atomic_fixed2u_div_cpt
__kmpc_atomic_fixed2u_div_fp
__kmpc_atomic_fixed2u_shr
__kmpc_atomic_fixed2u_shr_cpt
__kmpc_atomic_fixed4_add
__kmpc_atomic_fixed4_add_cpt
__kmpc_atomic_fixed4_add_fp
__kmpc_atomic_fixed4_andb
__kmpc_atomic_fixed4_andb_cpt
__kmpc_atomic_fixed4_andl
__kmpc_atomic_fixed4_andl_cpt
__kmpc_atomic_fixed4_div
__kmpc_atomic_fixed4_div_cpt
__kmpc_atomic_fixed4_div_float8
__kmpc_atomic_fixed4_div_fp
__kmpc_atomic_fixed4_eqv
__kmpc_atomic_fixed4_eqv_cpt
__kmpc_atomic_fixed4_max
__kmpc_atomic_fixed4_max_cpt
__kmpc_atomic_fixed4_min
__kmpc_atomic_fixed4_min_cpt
__kmpc_atomic_fixed4_mul
__kmpc_atomic_fixed4_mul_cpt
__kmpc_atomic_fixed4_mul_float8
__kmpc_atomic_fixed4_mul_fp
__kmpc_atomic_fixed4_neqv
__kmpc_atomic_fixed4_neqv_cpt
__kmpc_atomic_fixed4_orb
__kmpc_atomic_fixed4_orb_cpt
__kmpc_atomic_fixed4_orl
__kmpc_atomic_fixed4_orl_cpt
__kmpc_atomic_fixed4_rd
__kmpc_atomic_fixed4_shl
__kmpc_atomic_fixed4_shl_cpt
__kmpc_atomic_fixed4_shr
__kmpc_atomic_fixed4_shr_cpt
__kmpc_atomic_fixed4_sub
__kmpc_atomic_fixed4_sub_cpt
__kmpc_atomic_fixed4_sub_fp
__kmpc_atomic_fixed4_wr
__kmpc_atomic_fixed4_xor
__kmpc_atomic_fixed4_xor_cpt
__kmpc_atomic_fixed4u_div
__kmpc_atomic_fixed4u_div_cpt
__kmpc_atomic_fixed4u_div_fp
__kmpc_atomic_fixed4u_shr
__kmpc_atomic_fixed4u_shr_cpt
__kmpc_atomic_fixed8_add
__kmpc_atomic_fixed8_add_cpt
__kmpc_atomic_fixed8_add_fp
__kmpc_atomic_fixed8_andb
__kmpc_atomic_fixed8_andb_cpt
__kmpc_atomic_fixed8_andl
__kmpc_atomic_fixed8_andl_cpt
__kmpc_atomic_fixed8_div
__kmpc_atomic_fixed8_div_cpt
__kmpc_atomic_fixed8_div_float8
__kmpc_atomic_fixed8_div_fp
__kmpc_atomic_fixed8_eqv
__kmpc_atomic_fixed8_eqv_cpt
__kmpc_atomic_fixed8_max
__kmpc_atomic_fixed8_max_cpt
__kmpc_atomic_fixed8_min
__kmpc_atomic_fixed8_min_cpt
__kmpc_atomic_fixed8_mul
__kmpc_atomic_fixed8_mul_cpt
__kmpc_atomic_fixed8_mul_float8
__kmpc_atomic_fixed8_mul_fp
__kmpc_atomic_fixed8_neqv
__kmpc_atomic_fixed8_neqv_cpt
__kmpc_atomic_fixed8_orb
__kmpc_atomic_fixed8_orb_cpt
__kmpc_atomic_fixed8_orl
__kmpc_atomic_fixed8_orl_cpt
__kmpc_atomic_fixed8_rd
__kmpc_atomic_fixed8_shl
__kmpc_atomic_fixed8_shl_cpt
__kmpc_atomic_fixed8_shr
__kmpc_atomic_fixed8_shr_cpt
__kmpc_atomic_fixed8_sub
__kmpc_atomic_fixed8_sub_cpt
__kmpc_atomic_fixed8_sub_fp
__kmpc_atomic_fixed8_wr
__kmpc_atomic_fixed8_xor
__kmpc_atomic_fixed8_xor_cpt
__kmpc_atomic_fixed8u_div
__kmpc_atomic_fixed8u_div_cpt
__kmpc_atomic_fixed8u_div_fp
__kmpc_atomic_fixed8u_shr
__kmpc_atomic_fixed8u_shr_cpt
__kmpc_atomic_float10_add
__kmpc_atomic_float10_add_cpt
__kmpc_atomic_float10_add_fp
__kmpc_atomic_float10_div
__kmpc_atomic_float10_div_cpt
__kmpc_atomic_float10_div_fp
__kmpc_atomic_float10_mul
__kmpc_atomic_float10_mul_cpt
__kmpc_atomic_float10_mul_fp
__kmpc_atomic_float10_rd
__kmpc_atomic_float10_sub
__kmpc_atomic_float10_sub_cpt
__kmpc_atomic_float10_sub_fp
__kmpc_atomic_float10_wr
__kmpc_atomic_float16_a16_rd
__kmpc_atomic_float16_a16_wr
__kmpc_atomic_float16_add
__kmpc_atomic_float16_add_a16
__kmpc_atomic_float16_add_a16_cpt
__kmpc_atomic_float16_add_cpt
__kmpc_atomic_float16_div
__kmpc_atomic_float16_div_a16
__kmpc_atomic_float16_div_a16_cpt
__kmpc_atomic_float16_div_cpt
__kmpc_atomic_float16_max
__kmpc_atomic_float16_max_a16
__kmpc_atomic_float16_max_a16_cpt
__kmpc_atomic_float16_max_cpt
__kmpc_atomic_float16_min
__kmpc_atomic_float16_min_a16
__kmpc_atomic_float16_min_a16_cpt
__kmpc_atomic_float16_min_cpt
__kmpc_atomic_float16_mul
__kmpc_atomic_float16_mul_a16
__kmpc_atomic_float16_mul_a16_cpt
__kmpc_atomic_float16_mul_cpt
__kmpc_atomic_float16_rd
__kmpc_atomic_float16_sub
__kmpc_atomic_float16_sub_a16
__kmpc_atomic_float16_sub_a16_cpt
__kmpc_atomic_float16_sub_cpt
__kmpc_atomic_float16_wr
__kmpc_atomic_float4_add
__kmpc_atomic_float4_add_cpt
__kmpc_atomic_float4_add_float8
__kmpc_atomic_float4_add_fp
__kmpc_atomic_float4_div
__kmpc_atomic_float4_div_cpt
__kmpc_atomic_float4_div_float8
__kmpc_atomic_float4_div_fp
__kmpc_atomic_float4_max
__kmpc_atomic_float4_max_cpt
__kmpc_atomic_float4_min
__kmpc_atomic_float4_min_cpt
__kmpc_atomic_float4_mul
__kmpc_atomic_float4_mul_cpt
__kmpc_atomic_float4_mul_float8
__kmpc_atomic_float4_mul_fp
__kmpc_atomic_float4_rd
__kmpc_atomic_float4_sub
__kmpc_atomic_float4_sub_cpt
__kmpc_atomic_float4_sub_float8
__kmpc_atomic_float4_sub_fp
__kmpc_atomic_float4_wr
__kmpc_atomic_float8_add
__kmpc_atomic_float8_add_cpt
__kmpc_atomic_float8_add_fp
__kmpc_atomic_float8_div
__kmpc_atomic_float8_div_cpt
__kmpc_atomic_float8_div_fp
__kmpc_atomic_float8_max
__kmpc_atomic_float8_max_cpt
__kmpc_atomic_float8_min
__kmpc_atomic_float8_min_cpt
__kmpc_atomic_float8_mul
__kmpc_atomic_float8_mul_cpt
__kmpc_atomic_float8_mul_fp
__kmpc_atomic_float8_rd
__kmpc_atomic_float8_sub
__kmpc_atomic_float8_sub_cpt
__kmpc_atomic_float8_sub_fp
__kmpc_atomic_float8_wr
__kmpc_barrier
__kmpc_barrier_master
__kmpc_barrier_master_nowait
__kmpc_begin
__kmpc_bound_num_threads
__kmpc_bound_thread_num
__kmpc_copyprivate
__kmpc_critical
__kmpc_destroy_lock
__kmpc_destroy_nest_lock
__kmpc_dispatch_fini_4
__kmpc_dispatch_fini_4u
__kmpc_dispatch_fini_8
__kmpc_dispatch_fini_8u
__kmpc_dispatch_init_4
__kmpc_dispatch_init_4u
__kmpc_dispatch_init_8
__kmpc_dispatch_init_8u
__kmpc_dispatch_next_4
__kmpc_dispatch_next_4u
__kmpc_dispatch_next_8
__kmpc_dispatch_next_8u
__kmpc_end
__kmpc_end_barrier_master
__kmpc_end_critical
__kmpc_end_master
__kmpc_end_ordered
__kmpc_end_reduce
__kmpc_end_reduce_nowait
__kmpc_end_serialized_parallel
__kmpc_end_single
__kmpc_end_taskq
__kmpc_end_taskq_task
__kmpc_flush
__kmpc_for_static_fini
__kmpc_for_static_init_4
__kmpc_for_static_init_4u
__kmpc_for_static_init_8
__kmpc_for_static_init_8u
__kmpc_fork_call
__kmpc_get_parent_taskid
__kmpc_get_taskid
__kmpc_global_num_threads
__kmpc_global_thread_num
__kmpc_in_parallel
__kmpc_in_ssp
__kmpc_init_lock
__kmpc_init_nest_lock
__kmpc_invoke_task_func
__kmpc_master
__kmpc_ok_to_fork
__kmpc_omp_task
__kmpc_omp_task_alloc
__kmpc_omp_task_begin_if0
__kmpc_omp_task_complete_if0
__kmpc_omp_task_parts
__kmpc_omp_taskwait
__kmpc_omp_taskyield
__kmpc_ordered
__kmpc_pop_num_threads
__kmpc_push_num_threads
__kmpc_reduce
__kmpc_reduce_nowait
__kmpc_serialized_parallel
__kmpc_set_lock
__kmpc_set_nest_lock
__kmpc_single
__kmpc_ssp_begin
__kmpc_ssp_distance_4
__kmpc_ssp_distance_8
__kmpc_ssp_end
__kmpc_ssp_fork
__kmpc_ssp_get_max_threads
__kmpc_ssp_init_thread
__kmpc_ssp_num_threads
__kmpc_ssp_post_4
__kmpc_ssp_post_8

Sections

.text
Size: 564KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfc100u.dll
.dll windows:5 windows x86 arch:x86

6ecbd31f78660e8af99e665d8a5ae336

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

df:6c:64:48:8a:e0:ae:cf:a5:43:28:a3:7c:5e:54:2c:cb:eb:fb:b8
Signer

Actual PE Digest

df:6c:64:48:8a:e0:ae:cf:a5:43:28:a3:7c:5e:54:2c:cb:eb:fb:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc100u.i386.pdb

Imports

kernel32

LoadLibraryA
EncodePointer
DecodePointer
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetEnvironmentVariableA
FormatMessageA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
VirtualProtect
RaiseException
lstrcpyA
GetVersion
CompareStringW
IsDBCSLeadByte
GetUserDefaultLCID
FindResourceExW
lstrlenA
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalAddAtomW
GetCurrentProcessId
SetErrorMode
GlobalDeleteAtom
CompareStringA
lstrcmpA
WideCharToMultiByte
GetCurrentThread
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
LoadLibraryExW
SearchPathW
GlobalSize
GetFileAttributesW
GetFileSize
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GetLocaleInfoW
GetNumberFormatW
lstrcmpiW
GetWindowsDirectoryW
GetTickCount
GlobalFree
lstrcmpW
GetCurrentDirectoryW
Sleep
InterlockedDecrement
InterlockedIncrement
SetFilePointer
CreateFileW
GetTempFileNameW
GetTempPathW
CloseHandle
InterlockedExchange
FreeLibrary
GetVersionExW
GetSystemDirectoryW
MulDiv
lstrlenW
DeleteFileW
InitializeCriticalSection
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyW
MultiByteToWideChar
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
DeactivateActCtx
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
FindResourceW
LoadResource
LockResource
SizeofResource
IsProcessorFeaturePresent

msvcr100

memmove_s
wcslen
memset
_wcslwr_s
memcpy_s
wcsnlen
_purecall
wmemcpy_s
wcscspn
abort
toupper
__CxxFrameHandler3
wcsspn
_wcsicmp
wcscmp
vswprintf_s
_vscwprintf
wcschr
iswspace
wcsstr
free
malloc
labs
ldiv
_wtoi
_wcsupr_s
calloc
sqrt
atan2
wcspbrk
wcsrchr
clock
memcpy
abs
cos
sin
floor
fabs
ceil
exp
_wsplitpath_s
wcscoll
_wcsicoll
wcscat_s
wcsncmp
wcscpy_s
iswdigit
iswalpha
iswalnum
iswprint
towupper
towlower
_wtol
memcmp
swscanf_s
_localtime64_s
_endthread
_beginthread
_wcsdup
strlen
_wmakepath_s
_time64
wcstod
_resetstkoflw
_recalloc
_errno
_snwprintf_s
wcstoul
__argc
__wargv
_strnicmp
wcsncpy_s
swprintf_s
_itow_s
_ltow_s
_wcsnicmp
strnlen
_mktime64
_mbscmp
_snwscanf_s
_vsnwprintf_s
wcstol
realloc
_wfullpath
_get_osfhandle
_fileno
_open_osfhandle
_fdopen
__doserrno
fread
feof
ferror
clearerr_s
fwrite
fputws
fgetws
fseek
ftell
fflush
fclose
_ultow_s
strcpy_s
_endthreadex
_beginthreadex
_msize
_expand
_mbspbrk
_mbslwr_s
_mbsicmp
memmove
_mbsrev
_mbsicoll
_mbsstr
_ismbcspace
vsprintf_s
_mbschr
_mbsrchr
_mbscoll
_mbsspn
_wcsrev
_mbsupr_s
_mbsinc
_vscprintf
_mbscspn
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_CxxThrowException

user32

GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
SendDlgItemMessageW
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
SetActiveWindow
BeginPaint
EndPaint
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
GetSysColorBrush
SetClassLongW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageW
InvalidateRect
RedrawWindow
IsWindow
SetRect
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
CallWindowProcW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetWindowLongW
MessageBoxW
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassW
PostQuitMessage
DrawEdge
CharUpperBuffW
RegisterClipboardFormatW
GetActiveWindow
InsertMenuW
GetTabbedTextExtentW
ShowScrollBar
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextW
EnumChildWindows
InvertRect
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
SetFocus
GetMessageW
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoW
CheckMenuItem
GetMenuState
SetWindowTextW
CharUpperW
MapVirtualKeyW
ToUnicodeEx
GetKeyboardState
CopyAcceleratorTableW
CreateAcceleratorTableW
DestroyCursor
IsClipboardFormatAvailable
GetClassLongW
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuW
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuW
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetLayeredWindowAttributes
ValidateRect
SystemParametersInfoW
MonitorFromPoint
GetMonitorInfoW
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcW
GetClassInfoW
PostThreadMessageW
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
GetCapture
EqualRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
GetWindowTextLengthW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
InvalidateRgn
MoveWindow
IsWindowEnabled
CreateMenu
CopyImage
GetIconInfo
FillRect
LoadImageW
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
GetWindowDC
DeferWindowPos
DrawStateW

gdi32

Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
GetPixel
CreatePolygonRgn
PtInRegion
FrameRgn
CreateCompatibleBitmap
SetPixelV
BitBlt
GetRgnBox
CreateRectRgnIndirect
OffsetRgn
CreateDIBSection
SetPixel
Ellipse
GetBkColor
CreateFontIndirectW
GetDeviceCaps
GetTextCharsetInfo
EnumFontFamiliesW
CreatePen
CreatePatternBrush
CreateDIBitmap
SetPaletteEntries
ExtFloodFill
StartPage
EndPage
EndDoc
DeleteDC
GetCurrentObject
PatBlt
CreateRectRgn
CombineRgn
GetBoundsRect
FillRgn
SetRectRgn
CreateRoundRectRgn
EnumFontFamiliesExW
StretchBlt
SetDIBColorTable
CreateBitmap
SetBkColor
SelectPalette
GetDIBits
Polyline
ExtTextOutW
CreateHatchBrush
CreateEllipticRgn
RoundRect
StretchDIBits
CreateFontW
GetCharWidthW
LPtoDP
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
PtVisible
RectVisible
TextOutW
Escape
GetClipBox
Polygon
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
GetTextColor
GetObjectType
SelectObject
DeleteObject
CreateCompatibleDC
CreateSolidBrush
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW
GetTextAlign

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
SHStrDupW
UrlUnescapeW

comctl32

ImageList_GetIcon
ImageList_DrawEx
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize
ImageList_GetImageCount

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfcm100u.dll
.dll windows:5 windows x86 arch:x86

14f441155cdf87b0712255b2d9febd04

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a4:a1:2f:49:3c:08:4a:78:a3:7f:0e:0a:f1:95:79:2e:e3:93:d8:3f
Signer

Actual PE Digest

a4:a1:2f:49:3c:08:4a:78:a3:7f:0e:0a:f1:95:79:2e:e3:93:d8:3f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFCM100U.i386.pdb

Imports

msvcr100

_onexit
_lock
__FrameUnwindFilter
_cexit
??_V@YAXPAX@Z
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
memset
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
_except_handler4_common
_purecall

mfc100u

ord13045
ord7511
ord3977
ord12411
ord12412
ord3909
ord2224
ord2234
ord11325
ord3170
ord6865
ord408
ord2053
ord1953
ord1934
ord12947
ord7972
ord4801
ord7004
ord12950
ord7931
ord7928
ord4908
ord11850
ord12707
ord7299
ord7302
ord3474
ord2876
ord2877
ord4642
ord4923
ord5115
ord8483
ord4901
ord5130
ord4645
ord4794
ord4623
ord5302
ord6931
ord6932
ord6922
ord4792
ord7393
ord9328
ord8346
ord5807
ord12710
ord2062
ord12346
ord3512
ord2029
ord3679
ord2883
ord5688
ord6241
ord2205
ord1186
ord734
ord6655
ord11160
ord5637
ord6899
ord11210
ord11115
ord3397
ord351
ord8363
ord2880
ord9562
ord2852
ord10750
ord8073
ord1944
ord1943
ord900
ord1312
ord269
ord902
ord1450

kernel32

EncodePointer
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
DecodePointer
InterlockedExchange
Sleep
UnhandledExceptionFilter

user32

CopyRect
GetClientRect
SendMessageW
PostMessageW
GetWindow
SetWindowPos

mscoree

_CorDllMain

Exports

Exports

AfxmReleaseManagedReferences

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkl_custom.dll
.dll windows:5 windows x86 arch:x86

166176cf3232057579adf2f5e032dd77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
TlsSetValue
TlsGetValue
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsFree
GetModuleHandleA
GetThreadLocale
FormatMessageA
LocalFree
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
Sleep
ExitProcess
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CreateFileA
CloseHandle
RaiseException
GetEnvironmentVariableA
SetThreadAffinityMask
GetProcessAffinityMask

libiomp5md

ord126
ord707
ord706
ord710
ord703
ord705
ord150
ord138
ord148
ord145
ord141
ord113
ord123

Exports

Exports

DftiCommitDescriptor
DftiComputeBackward
DftiComputeForward
DftiCreateDescriptor
DftiCreateDescriptor_d_1d
DftiCreateDescriptor_d_md
DftiCreateDescriptor_s_1d
DftiCreateDescriptor_s_md
DftiErrorMessage
DftiFreeDescriptor
DftiSetValue

Sections

.text
Size: 21.7MB - Virtual size: 21.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 992KB - Virtual size: 991KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 590KB - Virtual size: 590KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp100.dll
.dll windows:5 windows x86 arch:x86

7a0d9f66efd1839f136ca6896fa52dfa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a7:21:d1:9b:3f:b9:03:98:98:4f:d3:16:37:f9:36:ae:51:91:65:b9
Signer

Actual PE Digest

a7:21:d1:9b:3f:b9:03:98:98:4f:d3:16:37:f9:36:ae:51:91:65:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp100.i386.pdb

Imports

msvcr100

rand_s
memset
memmove
fgetc
ungetc
_lock_file
_unlock_file
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
_fsopen
_wfsopen
fseek
ldexp
wcslen
memchr
memmove_s
sprintf_s
_Strftime
strcspn
setlocale
_realloc_crt
strcmp
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_purecall
strerror
fgetwc
fputwc
ungetwc
__uncaught_exception
towlower
towupper
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
memcmp
___lc_collate_cp_func
__crtLCMapStringA
__iob_func
?Alloc@Concurrency@@YAPAXI@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?Yield@Context@Concurrency@@SAXXZ
??1critical_section@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0bad_target@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
?set@event@Concurrency@@QAEXXZ
?wait@event@Concurrency@@QAEII@Z
??1event@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
isupper
_calloc_crt
islower
__crtLCMapStringW
isspace
tolower
strtod
__crtCompareStringW
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
fputs
fputc
abort
log
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_Getmonths
_Getdays
malloc
__CxxFrameHandler3
??2@YAPAXI@Z
___mb_cur_max_func
memcpy
strlen
??_V@YAXPAX@Z
_Gettnames
localeconv
free
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
??0operation_timed_out@Concurrency@@QAE@XZ
??0exception@std@@QAE@XZ

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
Sleep
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime

Exports

Exports

??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??0_Mutex@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Mutex@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4?$numeric_limits@C@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@D@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@E@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@F@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@G@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@H@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@I@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@M@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@O@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_W@std@@QAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Num_base@std@@QAEAAU01@ABU01@@Z
??4_Num_float_base@std@@QAEAAU01@ABU01@@Z
??4_Num_int_base@std@@QAEAAU01@ABU01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??4ios_base@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBEPAXXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locimp@locale@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_GetCurrentThreadId@details@Concurrency@@YAKXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAH@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAH@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAH@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Hexdig@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHDDDD@Z
?_Hexdig@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHGGGG@Z
?_Hexdig@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAH_W000@Z
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@QAEXXZ

Sections

.text
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:02

Not After

25-07-2013 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6
Signer

Actual PE Digest

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
reg_dataextractor.bat
reg_dataextractorMC.bat
reg_vlogger.bat
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:d8:13:92:5c:ef:52:cf:3d:80:c1:ca:7a:4c:ca:5e:bb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

31-10-2012 14:45

Not After

01-11-2015 14:45

Subject

CN=iba AG,OU=IT-Infrastructure,O=iba AG,L=Fuerth,ST=Bayern,C=DE,1.2.840.113549.1.9.1=#0c12646576656c6f70406962612d61672e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

49:2e:69:74:a1:3e:eb:b9:23:bc:2c:cf:fe:bb:da:42:5c:b9:9e:eb
Signer

Actual PE Digest

49:2e:69:74:a1:3e:eb:b9:23:bc:2c:cf:fe:bb:da:42:5c:b9:9e:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
lstrcpynA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
versions.htm
.html

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

11:21:d8:13:92:5c:ef:52:cf:3d:80:c1:ca:7a:4c:ca:5e:bbCertificate

Extended Key Usages

Key Usages

7e:b4:fe:29:55:06:b8:ee:a2:48:d3:4f:73:ee:56:c0:33:ea:5a:d2Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 44KB

.rsrc Size: 25KB - Virtual size: 25KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 47KB - Virtual size: 47KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 1024B - Virtual size: 950B

.reloc Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 741B

.rdata Size: 1024B - Virtual size: 673B

.data Size: 512B - Virtual size: 88B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

11:21:d8:13:92:5c:ef:52:cf:3d:80:c1:ca:7a:4c:ca:5e:bb
Certificate

7e:b4:fe:29:55:06:b8:ee:a2:48:d3:4f:73:ee:56:c0:33:ea:5a:d2
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 44KB

.rsrc
Size: 25KB - Virtual size: 25KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

CODE
Size: 47KB - Virtual size: 47KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 1024B - Virtual size: 950B

.reloc
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 741B

.rdata
Size: 1024B - Virtual size: 673B

.data
Size: 512B - Virtual size: 88B

.reloc
Size: 512B - Virtual size: 190B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate

.text
Size: 710KB - Virtual size: 709KB

.rdata
Size: 143KB - Virtual size: 142KB

.data
Size: 131KB - Virtual size: 171KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 64KB - Virtual size: 64KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

08:49:f1:23:f8:f5:71:f2:63:8a:6f:c8:e1:a4:f5:88
Certificate