privateloader | ae4fd4096015476a60ad0e1d78cfbc2c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae4fd4096015476a60ad0e1d78cfbc2c_JaffaCakes118
Size

13.6MB
MD5

ae4fd4096015476a60ad0e1d78cfbc2c
SHA1

2ee69fc1742e66b741628b2aa08f3bbe380f9301
SHA256

adacc03ecf3c2a0196c96067db10114b80f7ca106ffdcd849f05bb859641d1dd
SHA512

d89c21b9e02b2b2b2308f79330c82156fb4f64ba740b9a7d1842f7eccafd235880306db37434730020256fab591679835df0f54f45232732cd4a403595877532
SSDEEP

393216:LOzFavOYTmDrLUqRRXFI/An39Kt9x3KwwV44qe7BihsJ:2Fa1mDUq3XFIq+xawe4Hjhw

Score

10^/10

upx privateloader

Malware Config

Signatures

Privateloader family
privateloader

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/LockedList.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/LockedList.dll	upx

Unsigned PE 35 IoCs

Checks for missing Authenticode signature.

resource
ae4fd4096015476a60ad0e1d78cfbc2c_JaffaCakes118
unpack001/$PLUGINSDIR/HwInfo.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/LockedList.dll
unpack002/out.upx
unpack001/$PLUGINSDIR/ShellLink.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/newadvsplash.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/$PLUGINSDIR/nsProcess.dll
unpack001/$PLUGINSDIR/textreplace.dll
unpack001/$PLUGINSDIR/time.dll
unpack001/ATextOut64.dll
unpack001/DChat64.dll
unpack001/DaumCrashHandler64.dll
unpack001/DesktopHook.dll
unpack001/DesktopHook.exe
unpack001/DesktopHook64.dll
unpack001/DesktopHook64.exe
unpack001/GameCaptureHook.dll
unpack001/GameCaptureHook64.dll
unpack001/LogManager.exe
unpack001/MP3Lame64.dll
unpack001/PotIcons64.dll
unpack001/PotPlayer64.dll
unpack001/QuickSync64.dll
unpack001/Uninstall.exe
unpack001/bass.dll
unpack001/bass_alac.dll
unpack001/bass_ape.dll
unpack001/bass_flac.dll
unpack001/bass_mpc.dll
unpack001/bass_wv.dll
unpack001/ffcodec64.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/Uninstall.exe	nsis_installer_1
static1/unpack001/Uninstall.exe	nsis_installer_2

Files

ae4fd4096015476a60ad0e1d78cfbc2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/CUDA.txt
$PLUGINSDIR/HwInfo.dll
.dll windows:4 windows x86 arch:x86

4e6a4062a56dafcc8b54b60996e9ff37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\My Dev Projects\HwInfo\Release\HwInfo.pdb

Imports

ddraw

DirectDrawCreateEx

kernel32

GetPriorityClass
GetCurrentProcess
GlobalMemoryStatus
GetThreadPriority
SetPriorityClass
CloseHandle
GetCurrentThread
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcpyA
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
HeapSize
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
RaiseException
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
FlushFileBuffers

user32

GetDesktopWindow
GetDC
GetSystemMetrics

gdi32

GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

??0CHardwareInfo@@QAE@ABV0@@Z
??0CHardwareInfo@@QAE@XZ
??1CHardwareInfo@@UAE@XZ
??4CHardwareInfo@@QAEAAV0@ABV0@@Z
??_7CHardwareInfo@@6B@
?GetCPUDescription@CHardwareInfo@@QAEXPAD@Z
?GetCPUSpeed@CHardwareInfo@@QAEXAAH@Z
?GetTotalSystemMemory@CHardwareInfo@@QAEXAAH@Z
?GetVideoAdapterDescription@CHardwareInfo@@QAEXPAD@Z
?GetVideoAdapterTotalMemory@CHardwareInfo@@QAEXAAH@Z
GetCpuNameAndSpeed
GetCpuSpeed
GetSystemMemory
GetVideoCardMemory
GetVideoCardName

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GetACP
lstrlenA
lstrcmpA
lstrcpynA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LockedList.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AddApplications
AddCaption
AddClass
AddCustom
AddFile
AddFolder
AddModule
Dialog
EnumProcesses
FindProcess
InitDialog
IsFileLocked
Show
SilentPercentComplete
SilentSearch
SilentWait

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ShellLink.dll
.dll windows:5 windows x86 arch:x86

50112fdd20200a51dbedeae8f1f33cdb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
MultiByteToWideChar
LocalAlloc
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc

user32

wsprintfA

ole32

CoCreateInstance

Exports

Exports

GetShortCutArgs
GetShortCutDescription
GetShortCutHotkey
GetShortCutIconIndex
GetShortCutIconLocation
GetShortCutShowMode
GetShortCutTarget
GetShortCutWorkingDirectory
SetRunAsAdministrator
SetShortCutArgs
SetShortCutDescription
SetShortCutHotkey
SetShortCutIconIndex
SetShortCutIconLocation
SetShortCutShowMode
SetShortCutTarget
SetShortCutWorkingDirectory

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/newadvsplash.dll
.dll windows:4 windows x86 arch:x86

2e363db44011ed76701ec6ce62db36f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
CloseHandle
MultiByteToWideChar
lstrcpynA
lstrlenA
GetCurrentThreadId
CreateThread
Sleep
lstrcpyA
lstrcmpiA
GlobalAlloc
GlobalFree
WaitForSingleObject

user32

DefWindowProcA
DestroyWindow
IsWindowVisible
UnregisterClassA
EnumDisplaySettingsA
SendMessageA
wsprintfA
SystemParametersInfoA
BeginPaint
SetWindowPos
LoadCursorA
RegisterClassA
CreateWindowExA
IsWindow
GetMessageA
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetWindowLongA
EndPaint
TranslateMessage
DispatchMessageA
PostMessageA
SetWindowRgn
GetClientRect

gdi32

CombineRgn
GetObjectA
CreateCompatibleDC
SelectObject
GetDIBits
CreateRectRgn
DeleteObject

winmm

timeSetEvent
PlaySoundA
timeKillEvent

oleaut32

OleLoadPicturePath

msvcrt

_lseek
memset
memcmp
_read
memcpy
_close
_open
strtol

Exports

Exports

hwnd
play
show
stop

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 598B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:5 windows x86 arch:x86

a49b0342971aa199fc6349725b90146d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
lstrcpynA
lstrlenA
LoadLibraryA
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExA
GlobalFree
GlobalAlloc

user32

GetWindowThreadProcessId
EnumWindows
wsprintfA
PostMessageA

Exports

Exports

_CloseProcess
_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/spl.bmp
$PLUGINSDIR/textreplace.dll
.dll windows:4 windows x86 arch:x86

c9b875d3f7604775d782afcb308d92df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
lstrcpynA
GlobalFree
CloseHandle
GlobalAlloc
GetFileSize
SetFilePointer
ReadFile
CreateFileA
WriteFile
SetFileAttributesA
GetFileAttributesA
CopyFileA
lstrcmpiA

user32

CharUpperA

Exports

Exports

_FillReadBuffer
_FindInFile
_FreeReadBuffer
_ReplaceInFile
_Unload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 669B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/time.dll
.dll windows:4 windows x86 arch:x86

52d8e191fc300dee721dd8473cf053f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
lstrlenW
lstrlenA
GetWindowsDirectoryW
GlobalAlloc
WideCharToMultiByte
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
GetLocalTime
SetSystemTime
SetLocalTime
CreateFileA
CreateFileW
FindFirstFileA
FindFirstFileW
FindClose
CloseHandle
SetFileTime

user32

SendMessageA
MessageBoxW

Exports

Exports

_GetFileTime
_GetFileTimeUTC
_GetLocalTime
_GetLocalTimeUTC
_MathTime
_SetFileTime
_SetFileTimeUTC
_SetLocalTime
_SetLocalTimeUTC
_TimeString
_Unload

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/PotPlayerLauncher64.ocx
.dll regsvr32 windows:5 windows x64 arch:x64

367e08cb989e7a85945eb5ef4fdfde13

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:c9:6b:68:d1:b8:4f:29:f8:bc:bf:f3:6e:69:40:51
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-10-2012 00:00

Not After

26-12-2013 23:59

Subject

CN=Daum Communications Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Daum Communications Corp.,L=Yongsan-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\DMBS\Street_2008\DaumLiveLauncher\x64\Release\PotPlayerLauncher64.pdb

Imports

comctl32

ord17

wininet

HttpAddRequestHeadersA
InternetOpenA
HttpSendRequestA
HttpQueryInfoA
InternetOpenW
InternetConnectA
HttpOpenRequestA
HttpQueryInfoW
InternetReadFile
InternetCloseHandle
InternetOpenUrlW

kernel32

HeapSize
HeapQueryInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSetInformation
HeapCreate
HeapDestroy
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
ExitProcess
LCMapStringW
LCMapStringA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
Sleep
GetCommandLineA
FlsSetValue
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
RtlPcToFileHeader
RaiseException
HeapReAlloc
HeapAlloc
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
GetProfileIntW
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetUserDefaultLCID
IsDBCSLeadByte
FreeResource
GlobalFindAtomW
GetVersionExW
LoadLibraryA
GetVersionExA
GetModuleHandleA
CompareStringW
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
lstrcmpW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
SetLastError
CreateFileMappingW
MapViewOfFile
OpenFileMappingW
UnmapViewOfFile
LocalFree
GetModuleFileNameW
GetVersion
GetExitCodeThread
TerminateThread
GetCurrentThreadId
CreateProcessW
GetModuleHandleW
WaitForSingleObject
GetTempPathW
GetLocalTime
GetCurrentProcessId
CreateFileW
WriteFile
DeleteFileW
FindFirstFileW
FindClose
lstrlenA
GetCurrentProcess
CreateDirectoryW
CloseHandle
MultiByteToWideChar
FindResourceExW
GetProcessHeap
LoadLibraryExW
OutputDebugStringW
GetProcAddress
lstrlenW
WideCharToMultiByte
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GetModuleFileNameA

user32

RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
GetWindowLongPtrW
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
PtInRect
GetMenu
SetWindowLongW
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetPropW
SetWindowLongPtrW
DestroyWindow
GetDesktopWindow
InvalidateRect
UpdateWindow
GetWindowRect
OffsetRect
InflateRect
DefWindowProcW
CopyRect
ShowWindow
DrawEdge
SetParent
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
IsWindowVisible
FillRect
SendMessageW
FindWindowW
SetForegroundWindow
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
IsWindow
PeekMessageW
PostThreadMessageW
MessageBoxW
GetMessageW
TranslateMessage
SetPropW
GetClassLongPtrW
GetClassNameW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageW
SendDlgItemMessageA
RegisterWindowMessageW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CallWindowProcW
EnableWindow
DispatchMessageW
IsDialogMessageW
GetDCEx
GetDialogBaseUnits
GetTabbedTextExtentA
DestroyIcon
GetSysColorBrush
UnregisterClassW
LockWindowUpdate
EnumChildWindows
CharUpperW
RegisterClipboardFormatW
SetRect
SetWindowRgn
IsRectEmpty
CreateMenu
DestroyMenu
SetRectEmpty
LoadCursorW
SetCapture
ReleaseCapture
MoveWindow
SetWindowPos
SetWindowTextW
LoadIconW

gdi32

CreateRectRgn
GetObjectW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
SelectClipRgn
CreatePatternBrush
CreatePen
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
GetTextExtentPoint32W
GetTextAlign
GetTextMetricsW
SetRectRgn
EnumFontFamiliesExW
Rectangle
UnrealizeObject
DeleteObject
MoveToEx
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteDC
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
CreateBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetStockObject
Ellipse

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
GetTokenInformation
OpenProcessToken
SetSecurityInfo
GetSecurityDescriptorSacl
RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

ShellExecuteExW
ExtractIconW

shlwapi

PathAddBackslashW
PathRemoveBackslashW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW

ole32

CoTaskMemAlloc
ReleaseStgMedium
ReadFmtUserTypeStg
OleSaveToStream
StringFromCLSID
CoRevokeClassObject
StringFromGUID2
CreateDataAdviseHolder
ReadClassStm
CoDisconnectObject
CreateStreamOnHGlobal
OleDuplicateData
CoRegisterClassObject
CoTaskMemFree
CoCreateInstance
CreateDataCache
CreateOleAdviseHolder
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

VariantClear
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysFreeString
SysStringLen
LoadRegTypeLi
SysAllocStringLen
VariantChangeType
VariantInit
OleLoadPicture
VariantCopy
SysAllocString
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame

imagehlp

ImageGetCertificateHeader
ImageGetCertificateData
ImageEnumerateCertificates

crypt32

CertGetNameStringW
CertFreeCertificateChainEngine
CertFreeCertificateChain
CertGetCertificateChain
CertCreateCertificateChainEngine
CertFreeCertificateContext
CryptMsgControl
CertGetSubjectCertificateFromStore
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CryptVerifyMessageSignature
CryptMsgClose
CertCloseStore
CertOpenStore

wintrust

WinVerifyTrust

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ATextOut64.dll
.dll windows:5 windows x64 arch:x64

6d479c74ee8f9a5a3246c4e230e10e82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\FreeTypeTextOut\x64\Release\ATextOut64.pdb

Imports

kernel32

GetProcessHeap
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SuspendThread
GetLastError
OutputDebugStringA
GetThreadContext
SetThreadContext
FlushInstructionCache
ResumeThread
GetCurrentThreadId
VirtualAlloc
VirtualProtect
GetModuleHandleW
SetLastError
VirtualQuery
GetCurrentProcess
LoadLibraryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
MulDiv
GetProcAddress
LoadLibraryW
FreeLibrary
TlsFree
TlsAlloc
TlsSetValue
HeapFree
HeapAlloc
HeapReAlloc
IsDebuggerPresent
GetCurrentThread
TlsGetValue
WideCharToMultiByte
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FlsSetValue
GetCommandLineA
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CloseHandle
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
CreateFileA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

FillRect
IntersectRect
DrawTextExW
DrawTextExA
IsRectEmpty

gdi32

ExtTextOutW
GetTextCharacterExtra
GetBkColor
GetTextAlign
GetTextColor
GetDIBits
GetCurrentObject
GetPaletteEntries
GetOutlineTextMetricsW
GetObjectW
MoveToEx
BitBlt
MaskBlt
GetBkMode
CreateDIBSection
GetCurrentPositionEx
CreateSolidBrush
DeleteObject
DeleteDC
CreateFontIndirectW
SelectObject
CreateCompatibleDC
GetFontData
GetGlyphIndicesW
BeginPath
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextExtentExPointI
GetDeviceCaps
AbortPath
GetMapMode
GetTextExtentExPointA
EndPath
GetTextExtentPointI
GetTextExtentExPointW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCloseKey
RegFlushKey
RegDeleteValueA

Exports

Exports

FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Get_Char_Index
FT_Get_Glyph
FT_Get_Sfnt_Table
FT_Glyph_Copy
FT_Init_FreeType
FT_Load_Glyph
FT_New_Face
FT_New_Memory_Face
FT_Outline_Decompose
FT_Outline_Embolden
FT_Outline_Transform
FT_Render_Glyph
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Pixel_Sizes
FinalTextOut
InitTextOut

Sections

.text
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Alarm.wav
AviSynth/AviSynth.txt
AviSynth/ColorBars.avs
AviSynth/FastTrueMotion.avs
AviSynth/FastTrueMotionNoGPU.avs
AviSynth/FasterTrueMotion.avs
AviSynth/FastestTrueMotion.avs
AviSynth/OverlayText.avs
AviSynth/TrueMotion.avs
AviSynth/TrueMotion2.avs
AviSynth/TrueMotion2NoGPU.avs
AviSynth/TrueMotionNoGPU.avs
CmdLine.txt
DChat64.dll
.dll windows:5 windows x64 arch:x64

6c89ccfba18f254b418bbeab1564bb52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\MyProject\Street2008\DChat\x64\Release\DChat64.pdb

Imports

ws2_32

connect
inet_ntoa
select
setsockopt
socket
__WSAFDIsSet
WSASetLastError
closesocket
gethostbyname
getsockopt
ioctlsocket
inet_addr
WSAGetLastError
htons
recv
send

wininet

InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetReadFile
InternetConnectA
HttpQueryInfoA

kernel32

RtlVirtualUnwind
FlushFileBuffers
CreateFileA
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
GetLocaleInfoA
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
FindResourceA
lstrlenA
LoadResource
FindResourceExA
WideCharToMultiByte
SizeofResource
LockResource
OutputDebugStringA
WaitForSingleObject
SetEvent
CreateEventA
GetLastError
ResetEvent
CloseHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
ExitThread
GetCurrentThreadId
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
RtlCaptureContext
FlsSetValue
GetCommandLineA
RtlUnwindEx
HeapSetInformation
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlPcToFileHeader
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

PostMessageA

Exports

Exports

GetFunction

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTDrop64.exe
.exe windows:5 windows x64 arch:x64

4a27b013f8b2ffcf5b1f3229440f544c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:c9:6b:68:d1:b8:4f:29:f8:bc:bf:f3:6e:69:40:51
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-10-2012 00:00

Not After

26-12-2013 23:59

Subject

CN=Daum Communications Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Daum Communications Corp.,L=Yongsan-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\MyProject\Street2008\DropTarget\x64\Release_Unicode_EXE\DTDrop64.pdb

Imports

kernel32

GetModuleHandleW
SizeofResource
GetModuleFileNameW
lstrlenW
GlobalUnlock
GetTempPathW
GetProcAddress
GlobalFree
LockResource
CreateEventW
CloseHandle
WideCharToMultiByte
SetEvent
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
WaitForSingleObject
GlobalLock
LoadResource
FindResourceW
FindResourceExW
MultiByteToWideChar
GetCommandLineW
FlushFileBuffers
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetStartupInfoW
GetLastError
SetFilePointer
GetFileType
CreateFileW
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
RtlUnwindEx
SetUnhandledExceptionFilter
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
RtlPcToFileHeader
SetStdHandle
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
InitializeCriticalSectionAndSpinCount

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW

ole32

CoResumeClassObjects
CoRevokeClassObject
CoInitializeEx
CoReleaseServerProcess
CoAddRefServerProcess
CLSIDFromString
CoUninitialize
CoRegisterClassObject

shell32

ShellExecuteW
DragQueryFileW

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DaumCrashHandler64.dll
.dll windows:5 windows x64 arch:x64

eaca2696080e42b730f851932da6bc02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\MyProject\Street2008\DaumCrashHandler\x64\Release\DaumCrashHandler64.pdb

Imports

shlwapi

PathFindExtensionA
wnsprintfA
PathRemoveExtensionA

kernel32

FlsGetValue
lstrlenA
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleHandleA
ReadProcessMemory
FreeLibrary
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetProcessHeap
IsBadWritePtr
IsBadReadPtr
VirtualQuery
lstrcpynA
CloseHandle
lstrcpyA
lstrcmpiA
IsBadStringPtrA
WriteFile
SetFilePointer
CreateFileA
FormatMessageA
IsBadCodePtr
OutputDebugStringA
GetCurrentThread
GetVersionExA
GetCurrentThreadId
TerminateProcess
GetLocalTime
GetCurrentProcessId
CreateFileW
IsBadStringPtrW
MultiByteToWideChar
GetACP
WideCharToMultiByte
Module32Next
Module32First
CreateToolhelp32Snapshot
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
RtlUnwindEx
RtlLookupFunctionEntry
GetLastError
GetFileAttributesA
FlsSetValue
GetCommandLineA
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsFree
SetLastError
FlsAlloc
Sleep
HeapSize
GetModuleHandleW
ExitProcess
RaiseException
RtlPcToFileHeader
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

user32

MessageBoxA
wsprintfA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

Exports

Exports

GetDumpFilePath
GetReportFilePath
GetZipFilePath
ResetCrashHandler
SetCrashHandler
SetDumpFilePath
SetEmailConf
SetReportFilePath
SetZipFilePath
defaultExceptionCallBack

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHook.dll
.dll windows:5 windows x86 arch:x86

2b07108b299116d767891d897458fdef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\MyProject\Street2008\DesktopHook\Release\DesktopHook.pdb

Imports

kernel32

HeapSize
LCMapStringW
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetModuleFileNameA
LCMapStringA
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
RtlUnwind

user32

UnhookWindowsHookEx
CallWindowProcA
FillRect
PostMessageA
SetWindowLongA
InvalidateRect
CallNextHookEx
GetClassNameA
FindWindowA
EnumChildWindows
GetWindowThreadProcessId
SetWindowsHookExA
SendMessageA

gdi32

DeleteObject
CreateSolidBrush

Exports

Exports

CloseDesktopHook
Function
OpenDesktopHook

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHook.exe
.exe windows:5 windows x86 arch:x86

9214a523c479160ee826126037a9dfcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MyProject\Street2008\DesktopHook\ReleaseEXE\DesktopHook.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
HeapSize
SetFilePointer
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

user32

IsWindow

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DesktopHook64.dll
.dll windows:5 windows x64 arch:x64

4077c501380dfba3cf5a0988f90154b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\MyProject\Street2008\DesktopHook\x64\Release\DesktopHook64.pdb

Imports

kernel32

HeapSize
LCMapStringW
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetModuleFileNameA
LCMapStringA
LoadLibraryA
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
GetLastError
FlsAlloc
HeapFree
Sleep
GetModuleHandleW
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount

user32

UnhookWindowsHookEx
CallWindowProcA
FillRect
PostMessageA
SetWindowLongPtrA
InvalidateRect
CallNextHookEx
GetClassNameA
FindWindowA
EnumChildWindows
GetWindowThreadProcessId
SetWindowsHookExA
SendMessageA

gdi32

DeleteObject
CreateSolidBrush

Exports

Exports

CloseDesktopHook
Function
OpenDesktopHook

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHook64.exe
.exe windows:5 windows x64 arch:x64

04748a5cfe6233741e0febb4f9533c99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\MyProject\Street2008\DesktopHook\x64\ReleaseEXE\DesktopHook64.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapAlloc
HeapReAlloc
ReadFile
HeapSize
SetFilePointer
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

user32

IsWindow

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GameCaptureHook.dll
.dll windows:5 windows x86 arch:x86

9d44f5e910b8d6f32e75b398b3a77e0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\MyProject\Street2008\GameCapture\GameCaptureHook\Release\GameCaptureHook.pdb

Imports

kernel32

LoadLibraryW
TerminateThread
Sleep
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
CreateEventW
VirtualProtect
DeleteCriticalSection
DuplicateHandle
ReleaseMutex
CloseHandle
CreateThread
MapViewOfFile
UnmapViewOfFile
FreeLibrary
QueryPerformanceCounter
FreeLibraryAndExitThread
OpenMutexW
DisableThreadLibraryCalls
OpenThread
InitializeCriticalSection
QueryPerformanceFrequency
GetCurrentThreadId
GetCurrentProcessId
GetLastError
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetTickCount
GetModuleHandleW
SetEvent
WaitForSingleObject
CreateFileMappingW
GetCurrentProcess
LoadLibraryA
HeapFree
HeapAlloc
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

user32

GetClientRect
GetDC
ReleaseDC
WindowFromDC
DestroyWindow
GetMessageW
UnregisterClassW
wsprintfW
TranslateMessage
CreateWindowExW
RegisterClassW
SendMessageW
DefWindowProcW
DispatchMessageW
IsWindow
PostMessageW

gdi32

DescribePixelFormat
ChoosePixelFormat
SetPixelFormat
SwapBuffers
GetPixelFormat

shell32

SHGetFolderPathW

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GameCaptureHook64.dll
.dll windows:5 windows x64 arch:x64

c936c7ad72a853274ac71fde9e36e776

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\MyProject\Street2008\GameCapture\GameCaptureHook\x64\Release\GameCaptureHook64.pdb

Imports

kernel32

LoadLibraryW
TerminateThread
Sleep
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
CreateEventW
VirtualProtect
DeleteCriticalSection
DuplicateHandle
ReleaseMutex
CloseHandle
CreateThread
MapViewOfFile
UnmapViewOfFile
FreeLibrary
QueryPerformanceCounter
FreeLibraryAndExitThread
OpenMutexW
DisableThreadLibraryCalls
OpenThread
InitializeCriticalSection
QueryPerformanceFrequency
GetCurrentThreadId
GetCurrentProcessId
GetLastError
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetTickCount
GetModuleHandleW
SetEvent
WaitForSingleObject
CreateFileMappingW
GetCurrentProcess
HeapReAlloc
HeapFree
HeapAlloc
FlsSetValue
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
HeapSize
ExitProcess
RtlUnwindEx
HeapSetInformation
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

user32

GetClientRect
GetDC
ReleaseDC
WindowFromDC
DestroyWindow
GetMessageW
UnregisterClassW
wsprintfW
TranslateMessage
CreateWindowExW
RegisterClassW
SendMessageW
DefWindowProcW
DispatchMessageW
IsWindow
PostMessageW

gdi32

DescribePixelFormat
ChoosePixelFormat
SetPixelFormat
SwapBuffers
GetPixelFormat

shell32

SHGetFolderPathW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
History.txt
Html/ErrorList.htm
Html/InitList.htm
.html
Html/ie_bn01.gif
.gif
Html/ie_bn02.gif
.gif
Html/ie_err.gif
.gif
Html/loading.gif
.gif
Html/loadtext.gif
.gif
LGPL.TXT
License.txt
Loading.swf
LogManager.exe
.exe windows:5 windows x86 arch:x86

bab7410a13e309e38273bc83ee0fe918

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\LogManager\Release\LogManager.pdb

Imports

advapi32

OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
SetTokenInformation
GetLengthSid
CreateProcessAsUserW

kernel32

GetStartupInfoW
HeapFree
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
Sleep
ExitProcess
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetModuleHandleA
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
InterlockedExchange
GetCurrentThreadId
MultiByteToWideChar
GetLastError
GetModuleFileNameW
GetVersionExW
LocalFree
CloseHandle
GetCurrentProcess
FindResourceW
LoadResource
LockResource
SizeofResource
FlushFileBuffers
SetFilePointer
LoadLibraryW
GlobalAddAtomW
GlobalFlags
lstrcmpW
lstrcmpA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
GetProcAddress
WideCharToMultiByte
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
lstrlenA
VirtualAlloc
WriteFile

user32

DestroyMenu
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageW
SetWindowPos
SetWindowLongW
IsWindow
GetDlgItem
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
GetKeyState
PeekMessageW
ValidateRect
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
RectVisible
DeleteDC
GetStockObject
ExtTextOutW
GetDeviceCaps
PtVisible
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
TextOutW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

oleaut32

VariantInit
VariantClear
VariantChangeType

wininet

HttpEndRequestW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetCloseHandle
InternetOpenW
InternetReadFile

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Logo.swf
LogoMini.swf
Logos/PotPlayer.png
.png
MP3Lame64.dll
.dll windows:4 windows x64 arch:x64

0f36de0952fa70e0898199f70a48fb7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ffcodec64

av_default_item_name
av_dict_free
av_dict_get
av_dict_parse_string
av_free
av_freep
av_malloc
av_reduce
av_strdup
av_vlog
ff_alloc_packet2

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
ReleaseSemaphore
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW

msvcrt

__dllonexit
__doserrno
__iob_func
__mb_cur_max
__pioinfo
__setusermatherr
_amsg_exit
_beginthreadex
_errno
_filelengthi64
_fileno
_fstat64
_ftime64
_initterm
_lock
_lseeki64
_onexit
_unlock
_vsnprintf
_wfopen
_wrename
_write
_wstat64
_wunlink
abort
atoi
calloc
fclose
fflush
fgetpos
fputc
fread
free
fsetpos
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
log10
malloc
memcmp
memcpy
memmove
memset
realloc
setlocale
signal
strchr
strcpy
strcspn
strerror
strlen
strncmp
strspn
strtok
strtol
strtoul
tolower
ungetc
vfprintf
wcslen
_strdup
_fileno

Exports

Exports

GetCodec

Sections

.text
Size: 949KB - Virtual size: 949KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 497KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaInfo64.dll
.dll windows:5 windows x64 arch:x64

ada7dc47a8c79583e43e53fc935df387

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

37:22:0b:5b:1e:8c:5c:de:dd:07:2a:b1:df:5c:f3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

19-10-2012 00:00

Not After

19-10-2013 23:59

Subject

CN=MediaArea.net,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=MediaArea.net,L=Curienne,ST=France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e9:38:79:71:13:98:40:f3:90:45:6b:e4:d9:d4:55:06:96:53:47:22
Signer

Actual PE Digest

e9:38:79:71:13:98:40:f3:90:45:6b:e4:d9:d4:55:06:96:53:47:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetLastError
Sleep
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSizeEx
GetFileTime
GetTimeZoneInformation
GetFileAttributesW
GetStringTypeW
EncodePointer
DecodePointer
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetSystemTimeAsFileTime
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
GetCPInfo
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
FlsGetValue
FlsFree
SetLastError
FlsAlloc
InitializeCriticalSectionAndSpinCount
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetModuleFileNameW
HeapReAlloc
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
WriteConsoleW
ResumeThread
GetFullPathNameW
FindFirstFileW
FindNextFileW
FindClose
ExitThread
CreateThread

Exports

Exports

MediaInfoA_Close
MediaInfoA_Count_Get
MediaInfoA_Delete
MediaInfoA_Get
MediaInfoA_GetI
MediaInfoA_Inform
MediaInfoA_New
MediaInfoA_New_Quick
MediaInfoA_Open
MediaInfoA_Open_Buffer
MediaInfoA_Open_Buffer_Continue
MediaInfoA_Open_Buffer_Continue_GoTo_Get
MediaInfoA_Open_Buffer_Finalize
MediaInfoA_Open_Buffer_Init
MediaInfoA_Open_NextPacket
MediaInfoA_Option
MediaInfoA_Output_Buffer_Get
MediaInfoA_Output_Buffer_GetI
MediaInfoA_Save
MediaInfoA_Set
MediaInfoA_SetI
MediaInfoA_State_Get
MediaInfoListA_Close
MediaInfoListA_Count_Get
MediaInfoListA_Count_Get_Files
MediaInfoListA_Delete
MediaInfoListA_Get
MediaInfoListA_GetI
MediaInfoListA_Inform
MediaInfoListA_New
MediaInfoListA_New_Quick
MediaInfoListA_Open
MediaInfoListA_Open_Buffer
MediaInfoListA_Option
MediaInfoListA_Save
MediaInfoListA_Set
MediaInfoListA_SetI
MediaInfoListA_State_Get
MediaInfoList_Close
MediaInfoList_Count_Get
MediaInfoList_Count_Get_Files
MediaInfoList_Delete
MediaInfoList_Get
MediaInfoList_GetI
MediaInfoList_Inform
MediaInfoList_New
MediaInfoList_New_Quick
MediaInfoList_Open
MediaInfoList_Open_Buffer
MediaInfoList_Option
MediaInfoList_Save
MediaInfoList_Set
MediaInfoList_SetI
MediaInfoList_State_Get
MediaInfo_Close
MediaInfo_Count_Get
MediaInfo_Delete
MediaInfo_Get
MediaInfo_GetI
MediaInfo_Info_Version
MediaInfo_Inform
MediaInfo_New
MediaInfo_New_Quick
MediaInfo_Open
MediaInfo_Open_Buffer
MediaInfo_Open_Buffer_Continue
MediaInfo_Open_Buffer_Continue_GoTo_Get
MediaInfo_Open_Buffer_Finalize
MediaInfo_Open_Buffer_Init
MediaInfo_Open_NextPacket
MediaInfo_Option
MediaInfo_Output_Buffer_Get
MediaInfo_Output_Buffer_GetI
MediaInfo_Save
MediaInfo_Set
MediaInfo_SetI
MediaInfo_State_Get

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 901KB - Virtual size: 901KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PotIcons64.dll
.dll windows:5 windows x64 arch:x64

957cc134bfd5e231dbbc85925c378924

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\build\Street\Street_2008\PotIcons\x64\Release\PotIcons64.pdb

Imports

kernel32

GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
GetLastError
FlsAlloc
HeapFree
Sleep
GetModuleHandleW
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PotPlayer64.dll
.dll windows:5 windows x64 arch:x64

02ae53fbd4f1ca44a2f5032eabd62bdf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\build\PotPlayer\Street_2008\x64\Release_DLL_Unicode\PotPlayer64.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetReadFile
InternetCloseHandle
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
InternetFindNextFileA
FtpFindFirstFileA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
InternetConnectW
HttpSendRequestW
HttpSendRequestExW
HttpEndRequestW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetGetCookieW
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA
InternetOpenA
FtpGetFileSize
FtpOpenFileA
InternetCreateUrlW
InternetGetLastResponseInfoW
FtpCommandA
InternetQueryOptionW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetQueryDataAvailable
HttpAddRequestHeadersA

winmm

mixerGetControlDetailsW
timeBeginPeriod
waveOutGetVolume
PlaySoundW
timeGetTime
mixerSetControlDetails
mixerClose
mixerGetLineControlsW
mixerGetLineInfoW
mixerOpen
mixerGetNumDevs
waveOutSetVolume
timeGetDevCaps
timeSetEvent
timeKillEvent
timeEndPeriod

pdh

PdhOpenQueryW
PdhAddCounterW
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhRemoveCounter
PdhCloseQuery

kernel32

SetFileAttributesW
GetFileAttributesW
GetFileSizeEx
GetFileTime
WritePrivateProfileStringW
GetThreadLocale
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
GetShortPathNameW
CompareStringA
EnumResourceLanguagesW
ConvertDefaultLocale
GetProfileIntW
LocalAlloc
TlsGetValue
TlsAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
LocalFileTimeToFileTime
GlobalFlags
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader
ExitThread
SetEnvironmentVariableW
GetCurrentDirectoryA
SetCurrentDirectoryA
FlsSetValue
GetCommandLineA
WriteConsoleW
GetFileType
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
ExitProcess
HeapSize
HeapQueryInformation
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetTimeZoneInformation
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetDriveTypeA
LCMapStringA
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleCP
GetConsoleMode
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
lstrcmpA
GetModuleHandleA
CopyFileW
GlobalSize
FormatMessageW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
CreateSemaphoreW
lstrcmpW
CreateSemaphoreA
ReleaseSemaphore
GetWindowsDirectoryW
DebugBreak
GetModuleFileNameA
CreateThread
GetSystemDefaultLangID
IsDBCSLeadByteEx
GetUserDefaultLCID
lstrcmpiW
SetPriorityClass
GetFileSize
GlobalReAlloc
VirtualProtectEx
FlushInstructionCache
GetThreadPriority
OpenThread
SuspendThread
GetThreadContext
VirtualQuery
PulseEvent
RaiseException
GetSystemTimeAsFileTime
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
OpenEventW
InitializeCriticalSectionAndSpinCount
GetFileInformationByHandle
SetFilePointer
ReadFile
FlushFileBuffers
WaitForMultipleObjects
IsValidCodePage
lstrcatW
GetLongPathNameW
LoadLibraryExW
IsBadReadPtr
ReleaseMutex
CreateMutexW
GetExitCodeThread
IsBadWritePtr
CreateProcessW
CreateEventW
DuplicateHandle
ResumeThread
DeviceIoControl
CreateFileA
IsDebuggerPresent
GetPrivateProfileStringW
GetPrivateProfileIntW
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTime
CreateFileMappingW
MapViewOfFile
OpenFileMappingW
UnmapViewOfFile
LocalFree
VirtualProtect
VirtualFree
VirtualAlloc
MoveFileW
GlobalMemoryStatusEx
lstrcpyW
OutputDebugStringW
CreateDirectoryW
GetModuleFileNameW
SetSystemPowerState
TerminateThread
GetFileAttributesExW
GetVersionExW
TerminateProcess
GetCurrentProcess
SetProcessWorkingSetSize
GetTempFileNameW
GetLocaleInfoA
GetNumberFormatW
GetCurrentThread
SetThreadPriority
SetThreadExecutionState
lstrcpynW
ResetEvent
GetCurrentThreadId
SetEvent
DeleteFileW
GetCurrentDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetDriveTypeW
GetVersion
SetCurrentDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
EnumSystemLocalesW
GetLocaleInfoW
FreeLibrary
GetCurrentProcessId
OpenProcess
SetLastError
LoadLibraryW
GetDiskFreeSpaceW
GetTempPathW
CreateFileW
WriteFile
SetFileTime
GetLocalTime
MulDiv
lstrlenW
Sleep
GetTickCount
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
FindResourceExW
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemInfo
SizeofResource
SystemTimeToFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
GlobalFree
FreeResource
AreFileApisANSI
IsDBCSLeadByte
CreateHardLinkW
RemoveDirectoryW
GetProcessAffinityMask
DeleteFileA
SetErrorMode

user32

SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongPtrW
GetWindowTextLengthW
GetLastActivePopup
GetDlgItem
UnhookWindowsHookEx
GetMessageTime
TrackPopupMenu
SetMenu
MessageBoxW
GetClassInfoExW
AdjustWindowRectEx
SystemParametersInfoA
GetQueueStatus
MsgWaitForMultipleObjects
GetShellWindow
CharLowerBuffW
GetTopWindow
SetPropW
GetPropW
SetScrollInfo
ShowScrollBar
GetScrollInfo
RemovePropW
DrawEdge
GetSysColorBrush
IsWindowEnabled
PeekMessageW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IntersectRect
WaitForInputIdle
EnumThreadWindows
SendMessageTimeoutW
RegisterClassW
UnregisterClassW
FindWindowExW
SetWindowPlacement
wsprintfW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
SetWindowTextW
GetCapture
EnumChildWindows
GetClipboardData
GetDlgCtrlID
CheckMenuItem
GetWindowPlacement
GetIconInfo
GetDoubleClickTime
EndMenu
ExitWindowsEx
ClipCursor
GetCursorInfo
ShowCursor
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
GetMessagePos
GetForegroundWindow
SetFocus
TranslateAcceleratorW
MonitorFromRect
LoadCursorFromFileW
GetClassInfoW
DestroyCursor
SystemParametersInfoW
UnregisterHotKey
RegisterHotKey
RegisterClipboardFormatW
PostQuitMessage
AdjustWindowRect
SetCursorPos
GetMessageExtraInfo
GetMenu
GetActiveWindow
SetWindowRgn
GetSystemMenu
CheckMenuRadioItem
RemoveMenu
ModifyMenuW
InsertMenuW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuStringW
EnableMenuItem
GetNextDlgGroupItem
CreateMenu
UnionRect
InflateRect
GetSystemMetrics
SetForegroundWindow
SetActiveWindow
BringWindowToTop
RegisterWindowMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
DrawFrameControl
DrawIconEx
DestroyIcon
GetMenuState
GetMenuItemID
GetMenuItemCount
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgItemTextW
GetWindowLongW
SetWindowLongW
LoadIconW
LoadAcceleratorsW
CopyAcceleratorTableW
DestroyAcceleratorTable
LoadMenuW
GetSubMenu
AppendMenuW
CreatePopupMenu
GetDesktopWindow
IsIconic
GetWindowTextW
GetWindowThreadProcessId
GetAsyncKeyState
FrameRect
SetWindowPos
LoadBitmapW
GetFocus
GrayStringW
DrawTextExW
TabbedTextOutW
OffsetRect
MoveWindow
IsRectEmpty
RegisterClassExW
CreateWindowExW
ShowWindow
EqualRect
GetWindowDC
InvalidateRgn
MessageBeep
SetWindowContextHelpId
CharNextW
IsClipboardFormatAvailable
ValidateRect
WaitMessage
BeginPaint
EndPaint
SetWindowLongPtrW
DestroyWindow
ScreenToClient
IsZoomed
IsDialogMessageW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CharUpperW
MapDialogRect
GetWindowLongPtrW
DefWindowProcW
CallWindowProcW
GetCursor
SetCursor
FindWindowW
GetClassNameW
ClientToScreen
MonitorFromWindow
GetMonitorInfoW
GetCursorPos
WindowFromPoint
GetDC
ReleaseDC
KillTimer
SetTimer
GetWindowRect
SendMessageW
CopyRect
SetParent
GetParent
UpdateWindow
IsWindowVisible
MapWindowPoints
GetWindow
IsWindow
LoadCursorW
GetSysColor
EnableWindow
ReleaseCapture
SetCapture
InvalidateRect
GetClientRect
PostMessageW
DrawTextW
FillRect
SetRectEmpty
SetRect
PtInRect
OemToCharBuffA
CharToOemA
CharToOemBuffW
CharLowerW
OemToCharA
DeleteMenu
DestroyMenu
PostThreadMessageW

gdi32

CreateRectRgnIndirect
GetMapMode
GetOutlineTextMetricsW
GetBkColor
EnumFontFamiliesExW
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
ExcludeClipRect
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleBitmap
CreateDIBSection
CopyMetaFileW
GetClipBox
SwapBuffers
ChoosePixelFormat
SetPixelFormat
DescribePixelFormat
SetMapMode
GetDeviceCaps
DeleteDC
SelectObject
CreatePen
Rectangle
DeleteObject
GetStockObject
StretchBlt
BitBlt
CreateCompatibleDC
CreateRectRgn
CreateSolidBrush
GetCurrentObject
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
SetPixel
GetTextColor
AddFontResourceW
GetICMProfileW
CreateBitmap
CreatePatternBrush
UnrealizeObject
SetBrushOrgEx
PatBlt
TranslateCharsetInfo
GetRegionData
ExtCreateRegion
CreateFontW
SetBkMode
SetTextColor
SetBkColor
SelectClipRgn
GetTextMetricsW
SaveDC
RestoreDC
CombineRgn
OffsetRgn
CreateDCW
Ellipse
MoveToEx
LineTo
TextOutA
SetStretchBltMode
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
SetTextCharacterExtra

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
GetTokenInformation
SetFileSecurityW
RegSetValueA
RegSetValueW
RegQueryValueW
RegQueryValueA
RegOpenKeyA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
SetSecurityDescriptorOwner
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegEnumKeyW
OpenProcessToken
RegOpenKeyW
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
RegDeleteKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegCreateKeyExW
IsTextUnicode
RegDeleteValueW

shell32

SHBrowseForFolderW
ord62
ExtractIconW
SHChangeNotify
Shell_NotifyIconW
DragAcceptFiles
ShellExecuteExW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
ShellExecuteW
DragQueryFileW
DragFinish

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Create
InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathIsUNCW
PathRemoveFileSpecA
PathAddBackslashA
PathCanonicalizeW
PathRemoveArgsW
PathCombineW
PathRemoveBackslashW
PathAppendW
PathRenameExtensionW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathAddExtensionW
PathStripToRootW
PathAddBackslashW
PathStripPathW
PathRemoveExtensionW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
OleFlushClipboard
CLSIDFromString
OleDraw
CoCreateInstance
OleSetContainedObject
OleCreate
CoTaskMemFree
PropVariantClear
OleCreateStaticFromData
ReleaseStgMedium
OleDuplicateData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemAlloc
OleSaveToStream
StgCreateDocfile
StgOpenStorage
CoCreateGuid
OleLoadFromStream
CoInitialize
CreateItemMoniker
GetRunningObjectTable
StgOpenStorageOnILockBytes
MkParseDisplayName
CreateBindCtx
CoFreeLibrary
StringFromGUID2
CoLoadLibrary
CoFreeUnusedLibraries
CoInitializeEx
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CLSIDFromProgID
OleUninitialize
OleInitialize
CoGetClassObject

oleaut32

VariantCopy
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrCmp
SysStringLen
OleLoadPicture
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCreateVector
SafeArrayAccessData
SysAllocString
SafeArrayUnaccessData
SafeArrayDestroy
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
GetErrorInfo

ws2_32

WSASetLastError
ioctlsocket
setsockopt
WSASend
WSACloseEvent
getsockopt
WSAEventSelect
WSACreateEvent
sendto
recvfrom
WSAWaitForMultipleEvents
WSAAsyncSelect
ntohl
getsockname
shutdown
listen
WSASocketW
bind
__WSAFDIsSet
accept
WSAGetLastError
getpeername
inet_ntoa
ntohs
WSAStartup
WSACleanup
htons
inet_addr
htonl
select
closesocket
recv
send
connect
WSAResetEvent
socket
gethostbyname

imagehlp

ImageGetCertificateData
ImageEnumerateCertificates
ImageGetCertificateHeader

crypt32

CertFreeCertificateChain
CertGetCertificateChain
CertCreateCertificateChainEngine
CryptMsgClose
CryptMsgControl
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CryptVerifyMessageSignature
CertGetNameStringW
CertOpenStore
CertFreeCertificateChainEngine
CertGetSubjectCertificateFromStore
CertCloseStore
CertFreeCertificateContext

wintrust

WinVerifyTrust

msvfw32

ICInfo
ICGetInfo
ICOpen
ICSendMessage
ICClose
ICCompress

Exports

Exports

CreatePotPlayerA
CreatePotPlayerExA
CreatePotPlayerExW
CreatePotPlayerW
DestroyPotPlayer
GetPlayerFunctions
GetPotPlayerControl
GetPotWindowLong
GetProgramVersion
OpenPotPlayerUrlA
OpenPotPlayerUrlW
PreprocessCmdLineA
PreprocessCmdLineExA
PreprocessCmdLineExW
PreprocessCmdLineW
RegisterCB
ResizeWindow
RunPotPlayer
SendChatA
SendChatW
SendPotPlayerCmd
SetPotPlayIniFileA
SetPotPlayIniFileW
SetPotPlayRegKeyA
SetPotPlayRegKeyW
SetPotPlayerVolume
SetUIOption
SetupBroadcastLogoA
SetupBroadcastLogoW
SetupLogoLoadingA
SetupLogoLoadingW
ShowPotPlayerUI
UninitPotPlayer

Sections

.text
Size: 9.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text.un
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 512B - Virtual size: 375B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 472KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata.u
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata.u
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drectve
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 875KB - Virtual size: 875KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PotPlayer64.exe
.exe windows:5 windows x64 arch:x64

9067ff20e3c9e9cd383beadb9771e140

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:c9:6b:68:d1:b8:4f:29:f8:bc:bf:f3:6e:69:40:51
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-10-2012 00:00

Not After

26-12-2013 23:59

Subject

CN=Daum Communications Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Daum Communications Corp.,L=Yongsan-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\MyProject\Street2008\PotPlayer\x64\Release_Unicode\PotPlayer64.pdb

Imports

kernel32

LoadLibraryW
FreeLibrary
GetProcAddress
TerminateProcess
GetCurrentProcess
GetModuleFileNameW
LCMapStringW
GetStartupInfoW
GetLastError
HeapFree
HeapAlloc
RaiseException
RtlPcToFileHeader
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

MessageBoxW

ole32

CoInitialize

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PotPlayerMini64.exe
.exe windows:5 windows x64 arch:x64

9067ff20e3c9e9cd383beadb9771e140

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:c9:6b:68:d1:b8:4f:29:f8:bc:bf:f3:6e:69:40:51
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-10-2012 00:00

Not After

26-12-2013 23:59

Subject

CN=Daum Communications Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Daum Communications Corp.,L=Yongsan-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\MyProject\Street2008\PotPlayer\x64\Release_Mini_Unicode\PotPlayerMini64.pdb

Imports

kernel32

LoadLibraryW
FreeLibrary
GetProcAddress
TerminateProcess
GetCurrentProcess
GetModuleFileNameW
LCMapStringW
GetStartupInfoW
GetLastError
HeapFree
HeapAlloc
RaiseException
RtlPcToFileHeader
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

MessageBoxW

ole32

CoInitialize

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PxShader/3D OAU GreenMagenta.txt
PxShader/3D OAU RedCyan.txt
PxShader/3D OAU to 2D.txt
PxShader/3D SBS GreenMagenta.txt
PxShader/3D SBS RedCyan.txt
PxShader/3D SBS to 2D.txt
PxShader/BT601BT709.txt
PxShader/Contour.txt
PxShader/Deinterlace (blend).txt
PxShader/Denoise.txt
PxShader/DisplayLessThan16 v1_1.txt
PxShader/EdgeSharpen v1_1(jim ro).txt
PxShader/EdgeSharpen v1_1.txt
PxShader/Emboss.txt
PxShader/GrayScale.txt
PxShader/Invert.txt
PxShader/Letterbox.txt
PxShader/Levels.txt
PxShader/Levels2.txt
PxShader/NightVision.txt
PxShader/Procamp.txt
PxShader/Remap_16_235.txt
PxShader/Sharpen.txt
PxShader/SharpenComplex (jim ro).txt
PxShader/SharpenComplex2.txt
PxShader/SharpenFlou (jim ro).txt
PxShader/Sharpen_3x3.txt
PxShader/Sharpen_5x5.txt
PxShader/Sphere.txt
PxShader/Spotlight.txt
PxShader/Undot.txt
PxShader/Unsharp mask.txt
PxShader/Wave.txt
PxShader/YV12 Chroma Upsampling.txt
QuickSync64.dll
.dll windows:5 windows x64 arch:x64

a841e34243d0ed723e54ddeb6d954d35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\MyProject\Street2008\Codec\QuickSync\x64\Release\QuickSync.pdb

Imports

dxva2

DXVA2CreateDirect3DDeviceManager9

d3d9

Direct3DCreate9
Direct3DCreate9Ex

kernel32

LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersion
Sleep
RaiseException
InitializeCriticalSection
LoadLibraryW
SetErrorMode
GetProcAddress
FreeLibrary
GetCurrentThreadId
CreateFileW
SwitchToThread
TlsAlloc
DecodePointer
EncodePointer
GetLastError
HeapFree
HeapAlloc
SetLastError
TlsGetValue
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetModuleHandleA
CreateThread
FreeLibraryAndExitThread
GetThreadTimes
GetCurrentThread
RtlPcToFileHeader
FlsSetValue
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
WriteFile
GetStdHandle
HeapSize
HeapReAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleHandleW
ExitProcess
TlsFree
ReleaseSemaphore
InitializeSListHead
InterlockedPushEntrySList
QueryDepthSList
CreateSemaphoreW
SetEvent
InterlockedPopEntrySList
InterlockedFlushSList
DuplicateHandle
CloseHandle
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
FlsGetValue
FlsFree
FlsAlloc
TlsSetValue
CreateTimerQueue
DeleteTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetVersionExW
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
VirtualFree
VirtualAlloc
GetTickCount
SetThreadPriority
SetThreadAffinityMask
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetThreadPriority
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SignalObjectAndWait
SleepEx
WriteConsoleW
SetFilePointer
SetStdHandle

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW

Exports

Exports

CreateQuickSync
DestroyQuickSync

Sections

.text
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Skins/BlackBox2_en.dsf
.zip
1
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
ChildSkin.xml
Control.png
.png
Loading.swf
Logo.bmp
Logo.swf
Main.png
.png
PlayList.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
SubCommon.txt
SubCommonAudio.txt
VideoMore.xml
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Window2.png
.png
Skins/BlackBox3_en.dsf
.zip
1
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
ChildSkin.xml
Control.png
.png
Loading.swf
Logo.bmp
Logo.swf
Main.png
.png
PlayList.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
SubCommon.txt
SubCommonAudio.txt
VideoMore.xml
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Window2.png
.png
Skins/BlackBox_en.dsf
.zip
1
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
BRList.png
.png
BRTool.png
.png
Chat.png
.png
ChildSkin.xml
Control.png
.png
Loading.swf
Logo.bmp
Logo.swf
Main.png
.png
PlayList.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
SubCommon.txt
SubCommonAudio.txt
VideoMore.xml
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Window2.png
.png
Skins/BlackSpace_en.dsf
.zip
1
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
BRList.png
.png
BRTool.png
.png
Chat.png
.png
ChildSkin.xml
Control.png
.png
Loading.swf
Logo.bmp
Logo.swf
Main.png
.png
PlayList.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
SubCommon.txt
SubCommonAudio.txt
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Window2.png
.png
Skins/Olddefault.dsf
.zip
1
Control.png
.png
brtool.png
.png
main.png
.png
scrollbar.bmp
videoskin.xml
Skins/SkinSupport.txt
Skins/default.dsf
.zip
1
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
ChildSkin.xml
Control.png
.png
Loading.swf
Logo.bmp
Logo.swf
Main.png
.png
PlayList.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
SubCommon.txt
SubCommonAudio.txt
VideoMore.xml
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Window2.png
.png
Skins/original_en.dsf
.zip
AdvClick.png
.png
AudioMini.xml
AudioSkin.xml
BRList.png
.png
BRTool.png
.png
Chat.png
.png
ChildSkin.xml
Control.png
.png
Loading.swf
Logo.swf
LogoMini.swf
Main.png
.png
PlayList.png
.png
Prepare.bmp
ScrCapture.png
.png
ScrollBar.bmp
SubCommon.txt
SubCommonAudio.txt
VideoSkin.xml
WdmSkin.xml
Window.png
.png
Uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Urllist/Radio.asx
Urllist/TV.asx
adProxy.swf
bass.dll
.dll windows:4 windows x64 arch:x64

3d4b47a00dfd1a3ddd5640ba55823c62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime
mixerClose
mixerGetNumDevs
mixerGetControlDetailsA
mixerGetLineInfoA
timeBeginPeriod
mixerOpen
mixerSetControlDetails
mixerGetDevCapsA
mixerGetLineControlsA
timeEndPeriod

msacm32

acmStreamClose
acmStreamUnprepareHeader
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert

kernel32

Sleep
GetSystemTimeAsFileTime
AreFileApisANSI
SetThreadPriority
GetVersionExA
EnterCriticalSection
TlsSetValue
TlsGetValue
ResumeThread
FreeLibraryAndExitThread
LeaveCriticalSection
TlsFree
ReadFile
InitializeCriticalSection
GetExitCodeThread
DeviceIoControl
SetEvent
MultiByteToWideChar
TlsAlloc
WaitForMultipleObjects
CreateThread
GetLastError
MapViewOfFile
CreateFileW
UnmapViewOfFile
QueryPerformanceCounter
CloseHandle
CreateFileMappingA
GetModuleFileNameA
QueryPerformanceFrequency
GetProcAddress
WaitForSingleObjectEx
DeleteCriticalSection
WideCharToMultiByte
CreateEventA
CreateFileA
SetFilePointer
WaitForSingleObject
GetCurrentThreadId
GetTickCount
SetThreadAffinityMask
TryEnterCriticalSection
FreeLibrary
GetCurrentThread
QueueUserAPC
GetFileSize
LoadLibraryW
LoadLibraryA
GetCurrentProcessId

user32

GetDesktopWindow

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
PropVariantClear
CoInitialize

msvcrt

_initterm
cos
atanf
cosf
sprintf
strstr
_strdup
strrchr
strpbrk
memmove
_clearfp
_strnicmp
malloc
_control87
ldexp
??3@YAXPEAX@Z
_statusfp
memchr
free
realloc
qsort
??2@YAPEAX_K@Z
strchr
strtoul
_XcptFilter
pow
_amsg_exit
__C_specific_handler
expf
logf
_stricmp
_wcsdup
log
memcpy
memset
sin
memcmp
exp
powf

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelFlags
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttribute
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelGetTags
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelLock
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttribute
BASS_ChannelSetDSP
BASS_ChannelSetDevice
BASS_ChannelSetFX
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttribute
BASS_ChannelStop
BASS_ChannelUpdate
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXReset
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetConfigPtr
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceInfo
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicLoad
BASS_Pause
BASS_PluginFree
BASS_PluginGetInfo
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceInfo
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetChannels
BASS_SampleGetData
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetData
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetConfigPtr
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamPutData
BASS_StreamPutFileData
BASS_Update
_

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bass_alac.dll
.dll windows:4 windows x64 arch:x64

b18fa1b3a1fe95631f285cb37e20e3c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
Sleep
GetSystemTimeAsFileTime

user32

MessageBoxA

bass

BASS_GetVersion
_

msvcrt

malloc
__C_specific_handler
_initterm
calloc
free
realloc
_XcptFilter
_amsg_exit
memcpy
memset

Exports

Exports

BASS_ALAC_StreamCreateFile
BASS_ALAC_StreamCreateFileUser
BASS_ALAC_StreamCreateURL
BASSplugin

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bass_ape.dll
.dll windows:4 windows x64 arch:x64

63d599ceca8a6d6881842e559cc8db32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
Sleep
VirtualProtect
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
MultiByteToWideChar
GetSystemTimeAsFileTime

user32

MessageBoxA

bass

_
BASS_GetVersion

msvcrt

memcpy
memset
__C_specific_handler
_CxxThrowException
_XcptFilter
_initterm
_amsg_exit
sprintf
??1type_info@@UEAA@XZ
strncmp
_wcsicmp
malloc
??3@YAXPEAX@Z
_purecall
calloc
free
??2@YAPEAX_K@Z
__CxxFrameHandler
memmove
?terminate@@YAXXZ

Exports

Exports

BASS_APE_StreamCreateFile
BASS_APE_StreamCreateFileUser
BASSplugin
FillWaveFormatEx
FillWaveHeader

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bass_flac.dll
.dll windows:4 windows x64 arch:x64

8fe2dae27d055c45d48b67de9e9d8548

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
Sleep
GetSystemTimeAsFileTime

user32

MessageBoxA

bass

BASS_GetVersion
_

msvcrt

__iob_func
fclose
malloc
_strdup
_XcptFilter
_initterm
_amsg_exit
calloc
free
memmove
__C_specific_handler
realloc
memchr
memset
memcpy

Exports

Exports

BASS_FLAC_StreamCreateFile
BASS_FLAC_StreamCreateFileUser
BASS_FLAC_StreamCreateURL
BASSplugin

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bass_mpc.dll
.dll windows:4 windows x64 arch:x64

349d322b55b5cc022be90ed0cfe0e2db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

user32

MessageBoxA

bass

_
BASS_GetConfig
BASS_GetVersion

msvcrt

memmove
free
malloc
sprintf
realloc
calloc
memcpy
memset
log10

Exports

Exports

BASS_MPC_StreamCreateFile
BASS_MPC_StreamCreateFileUser
BASS_MPC_StreamCreateURL
BASSplugin

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bass_wv.dll
.dll windows:4 windows x64 arch:x64

5e2d4a1f9166497eee9c756863e761e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
Sleep
GetSystemTimeAsFileTime

user32

MessageBoxA

bass

BASS_GetVersion
_

msvcrt

strncmp
__C_specific_handler
_initterm
malloc
realloc
free
_XcptFilter
_amsg_exit
memset
memcpy

Exports

Exports

BASS_WV_StreamCreateFile
BASS_WV_StreamCreateFileUser
BASS_WV_StreamCreateURL
BASSplugin

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ffcodec64.dll
.dll windows:4 windows x64 arch:x64

b6e16b7cbfedfdf806f5d15c82845163

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

CloseHandle
CreateEventA
CreateFileMappingA
CreateSemaphoreA
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResetEvent
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleTextAttribute
SetEvent
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
__iob_func
__mb_cur_max
__setusermatherr
_amsg_exit
_beginthreadex
_errno
_exit
_fstat64
_get_osfhandle
_gmtime64
_initterm
_localtime64
_lock
_lseeki64
_mktime64
_onexit
_setjmp
_sopen
_time64
_unlock
_vsnprintf
_wsopen
abort
acos
asin
atan
atan2
atof
atoi
bsearch
calloc
clock
cosh
exit
fclose
ferror
fflush
fgetc
fopen
fprintf
fputc
fputs
fread
free
frexp
fwprintf
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
log10
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
raise
rand
realloc
setlocale
signal
sinh
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strrchr
strspn
strstr
strtol
strtoul
tan
tanh
tolower
ungetc
wcscpy
wcslen
_snwprintf
longjmp
_write
_unlink
_tempnam
_setmode
_read
_open
_fileno
_fdopen
_close
_access

user32

MessageBoxW

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

av_default_item_name
av_dict_free
av_dict_get
av_dict_parse_string
av_dict_set
av_find_input_format
av_free
av_free_packet
av_freep
av_get_bytes_per_sample
av_guess_format
av_init_packet
av_interleaved_write_frame
av_log_get_level
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_new_packet
av_opt_set
av_opt_set_double
av_opt_set_int
av_opt_set_q
av_packet_new_side_data
av_parser_close
av_parser_init
av_parser_parse2
av_read_frame
av_realloc
av_reduce
av_register_all
av_sample_fmt_is_planar
av_samples_get_buffer_size
av_strdup
av_vlog
av_write_frame
av_write_trailer
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio4
avcodec_decode_video2
avcodec_default_get_buffer2
avcodec_encode_audio2
avcodec_encode_video2
avcodec_fill_audio_frame
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_flush_buffers
avcodec_get_frame_defaults
avcodec_h264_search_recovery_point
avcodec_open2
avcodec_register_all
avformat_alloc_context
avformat_close_input
avformat_find_stream_info
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_seek_file
avformat_write_header
avio_alloc_context
avio_close
avio_open
avpicture_deinterlace
avresample_alloc_context
avresample_available
avresample_build_matrix
avresample_close
avresample_convert
avresample_free
avresample_get_delay
avresample_open
avresample_set_matrix
ff_alloc_packet2
ff_dsputil_init
ff_fft_end
ff_fft_init
ffurl_register_protocol
swr_alloc
swr_alloc_set_opts
swr_convert
swr_free
swr_init

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 96KB

.rsrc Size: 23KB - Virtual size: 23KB

4e6a4062a56dafcc8b54b60996e9ff37

Headers

File Characteristics

PDB Paths

Imports

ddraw

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 10KB

.reloc Size: 8KB - Virtual size: 4KB

9b6b6a7858e17fb0b17e1c1428330343

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 320B

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 44KB

UPX1 Size: 12KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

50112fdd20200a51dbedeae8f1f33cdb

Headers

File Characteristics

Imports

kernel32

user32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 96KB

.rsrc
Size: 23KB - Virtual size: 23KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 10KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 320B

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 1014B

.data
Size: - Virtual size: 12B

.reloc
Size: 512B - Virtual size: 262B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 269B

.reloc
Size: 1024B - Virtual size: 598B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 3KB - Virtual size: 2KB