20951876300[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

20951876300.zip
Size

11.7MB
MD5

87269b56e90da7ece10380a2015e26d5
SHA1

8f7a5d941df57eff64ae287da3b589b788eef893
SHA256

d27b7d7734c4f718e09bdd9864771c821607a92b91deb0946c8808ee97a20e06
SHA512

6aface7e8666d6abebe5b83a581249b308f9df69fdcd0511512b53f35f0c2ed88af50ef73d104cf4551ae406c02b1b415bdccee6274857599d23a7c5f1497e16
SSDEEP

196608:p1IIsUyuJh2Xu/Y/tObDkmaDW9JX0ZG+aRKHNRIwqelbIFDV73ARZcq:p11jh2XiYtqD1aDWJXu66y75wR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/New folder/libtika.dll

Files

20951876300.zip
.zip

Password: infected
21325dc19ac88a5b6a7f14f6222249cd5f62c05d787999983fc5ad73e0e1c726
.7z
New folder/ElbyCDIO.dll
.dll windows:5 windows x86 arch:x86

cb5f14e025f6fc6949c0a460bca769be

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:04:1b:e0:8a:5f:cd:47:36:e2:85:04:be:b7:78:6c
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

20-03-2023 00:00

Not After

19-03-2026 23:59

Subject

CN=Mark Straver,O=Mark Straver,ST=Jönköpings län,C=SE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

Issuer

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Not Before

15-01-2024 00:00

Not After

14-04-2035 23:59

Subject

CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

Issuer

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

22-03-2021 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:6d:51:e5:2c:ff:32:53:32:77:bd:60:b5:13:c4:be:cb:f6:36:62:7b:f2:cd:cc:9a:2d:f7:9b:f6:f1:1a:c0
Signer

Actual PE Digest

42:6d:51:e5:2c:ff:32:53:32:77:bd:60:b5:13:c4:be:cb:f6:36:62:7b:f2:cd:cc:9a:2d:f7:9b:f6:f1:1a:c0

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA

Exports

Exports

CloakCDR_SendCommand
ElbyCDIO_ClearAllUsedTitles
ElbyCDIO_ClearAllValidTitles
ElbyCDIO_ClearUsedTitle
ElbyCDIO_ClearUsedTitles
ElbyCDIO_ClearValidTitle
ElbyCDIO_ClearValidTitles
ElbyCDIO_CloseScanTargets
ElbyCDIO_CloseTarget
ElbyCDIO_CreateDevice
ElbyCDIO_CreateFile
ElbyCDIO_DeInitScsi
ElbyCDIO_DisableAutoInsertNotification
ElbyCDIO_DisablePowerSaving
ElbyCDIO_DoScsiIO
ElbyCDIO_Eject
ElbyCDIO_EnableAutoInsertNotification
ElbyCDIO_EnablePowerSaving
ElbyCDIO_EnableUsedTitles
ElbyCDIO_EnableValidTitles
ElbyCDIO_EnumTargets
ElbyCDIO_ExCloseTray
ElbyCDIO_ExDoScsiIO
ElbyCDIO_ExEject
ElbyCDIO_ExToggleTray
ElbyCDIO_Free
ElbyCDIO_GetDllVersion
ElbyCDIO_GetDriveLetter
ElbyCDIO_GetDriveName
ElbyCDIO_GetDriverVersion
ElbyCDIO_GetFileVersion
ElbyCDIO_GetMaxTransferSize
ElbyCDIO_GetOSVersion
ElbyCDIO_GetPerformance
ElbyCDIO_GetScsiAddress
ElbyCDIO_GetUsedTitle
ElbyCDIO_GetValidTitle
ElbyCDIO_InitScsi
ElbyCDIO_InitScsiAspi
ElbyCDIO_InitScsiEx
ElbyCDIO_LockBuffer
ElbyCDIO_LockTarget
ElbyCDIO_Malloc
ElbyCDIO_OpenTarget1
ElbyCDIO_OpenTarget2
ElbyCDIO_OpenTarget3
ElbyCDIO_OpenTargetLetter
ElbyCDIO_Perform
ElbyCDIO_PreventAllowMediumRemoval
ElbyCDIO_ReadItem
ElbyCDIO_RegCreateKeyEx
ElbyCDIO_RegDeleteKey
ElbyCDIO_RegOpenKeyEx
ElbyCDIO_SameBus
ElbyCDIO_ScanAndOpenTargets
ElbyCDIO_SendPrivateCommand
ElbyCDIO_SetUsedTitle
ElbyCDIO_SetValidTitle
ElbyCDIO_UnLockTarget
ElbyCDIO_UnlockBuffer
ElbyCDIO_UsesLockedIO
ElbyCDIO_UsesNoTimedIO
ElbyCDIO_UsesWinASPI32
ElbyCDIO_WriteItem
IoAddSafeHead
IoAddSafeTail
IoCreateList
IoCreateSafeList
IoDeInitSafeList
IoDeleteList
IoDeleteSafeList
IoEnqueue
IoGetSafeHead
IoGetSafeTail
IoInitSafeList
IoIsSafeEmpty
IoObtainSafeList
IoReleaseSafeList
IoRemHead
IoRemSafeHead
IoRemSafeTail
IoRemTail
RegKill_SendCommand

Sections

.text
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.~SE
Size: - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.^?^
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZN.
Size: 10.2MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New folder/ElbyVCD.dll
.dll windows:4 windows x86 arch:x86

ee96c0a1a551a58603cf4b2e5e1d56bd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27-11-2012 14:35

Not After

27-11-2015 16:09

Subject

CN=Elaborate Bytes AG,O=Elaborate Bytes AG,L=Cham,ST=Zug,C=CH

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e
Signer

Actual PE Digest

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

elbycdio

ElbyCDIO_CreateDevice
ElbyCDIO_OpenTarget3
ElbyCDIO_GetScsiAddress
ElbyCDIO_InitScsi
ElbyCDIO_GetOSVersion
ElbyCDIO_ExEject
ElbyCDIO_ExToggleTray
ElbyCDIO_OpenTargetLetter
ElbyCDIO_ExCloseTray
ElbyCDIO_CloseTarget
ElbyCDIO_SendPrivateCommand

cfgmgr32

CM_Locate_DevNodeA
CM_Reenumerate_DevNode

kernel32

FindClose
FindFirstFileA
FindFirstFileW
CreateFileW
CreateFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetPrivateProfileStringA
GetLastError
GetFileSize
ReadFile
SetFilePointer
SetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryA
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
GetFullPathNameW
MultiByteToWideChar
lstrlenW
lstrlenA
WideCharToMultiByte
lstrcmpiA
CloseHandle
DeviceIoControl
GetDriveTypeA
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
RtlUnwind
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
GetStringTypeA
GetStringTypeW
GetCPInfo
GetLocaleInfoA
GetACP
GetOEMCP
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetEndOfFile

user32

wsprintfW
FindWindowA
SendMessageA
wsprintfA

advapi32

RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegSetValueExW
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

CloseVCCD
OpenVCCD
OpenVCCDLetter
PurgeHistory
VCCDCloseDevice
VCCDCloseTray
VCCDEjectTray
VCCDGetDrives
VCCDGetStatus
VCCDInit
VCCDIsInstalled
VCCDIsInstalledEx
VCCDMultiOpenDevice
VCCDMultiOpenDeviceEx
VCCDNop
VCCDOpenDevice
VCCDOpenDeviceW
VCCDOpenLastMountedFile
VCCDOpenLastMountedFiles
VCCDRestoreDrives
VCCDSetDrives
VCCDToggleTray

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New folder/Set-up.exe
.exe windows:4 windows x86 arch:x86

439cea087ae2b8ad67a7f8437f6bbbbe

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

27-11-2012 14:35

Not After

27-11-2015 16:09

Subject

CN=Elaborate Bytes AG,O=Elaborate Bytes AG,L=Cham,ST=Zug,C=CH

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb
Signer

Actual PE Digest

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

elbyvcd

VCCDInit
VCCDRestoreDrives
VCCDGetDrives
VCCDOpenLastMountedFile
VCCDGetStatus
VCCDCloseDevice
VCCDOpenDeviceW
OpenVCCDLetter
VCCDOpenDevice
CloseVCCD

elbycdio

ElbyCDIO_GetOSVersion
ElbyCDIO_InitScsi

kernel32

lstrcpyA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
CreateProcessA
MultiByteToWideChar
lstrlenW
GetDriveTypeA
GetLastError
CreateEventA
GetModuleFileNameW
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
SetEndOfFile
InterlockedExchange
RtlUnwind
GetOEMCP
GetACP
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetCPInfo
GetLocaleInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
lstrcatA
LoadLibraryA
WriteFile
TerminateProcess
ExitProcess
FreeLibrary
GetModuleHandleA
GetProcAddress
GetCurrentProcess
lstrcmpA
lstrlenA
lstrcmpiA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
ReadFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
LCMapStringA
GetSystemTimeAsFileTime

user32

TrackPopupMenu
PostMessageA
LoadImageA
wsprintfA
SetForegroundWindow
wsprintfW
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterWindowMessageA
RegisterClassExA
DestroyWindow
PostQuitMessage
GetMenu
GetSubMenu
DefWindowProcA
GetCursorPos
DestroyMenu
SetTimer
KillTimer
CreateWindowExA
SetMenuDefaultItem
CreatePopupMenu
AppendMenuW
AppendMenuA
MessageBoxW

gdi32

GetStockObject

comdlg32

GetOpenFileNameW
GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExW
RegDeleteValueA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CreateClassMoniker
CoUninitialize
CoInitialize
GetRunningObjectTable

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
New folder/bffdfro
New folder/libtika.dll
.dll windows:4 windows x64 arch:x64

774ecab07074620bb9b400a5ddde5f2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

psapi

GetProcessMemoryInfo

msvcr80

free
_encoded_null
_decode_pointer
_amsg_exit
__CppXcptFilter
_initterm_e
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_initterm
_malloc_crt
_encode_pointer
__C_specific_handler
?terminate@@YAXXZ
memset
atol
vsprintf
printf
qsort
??2@YAPEAX_K@Z
strtoul
sprintf
memcpy
_purecall
__CxxFrameHandler3
??3@YAXPEAX@Z
?_type_info_dtor_internal_method@type_info@@QEAAXXZ

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
GetProcessIoCounters
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentProcessId

libpal

??1SCA_File@@UEAA@XZ
SCA_GetReportFunction
??0SCA_ConfigObj@@IEAA@PEAV0@@Z
?Lock@SCA_ThreadObj@@UEAAHPEBDPEAK@Z
?Unlock@SCA_ThreadObj@@UEAAHPEBD@Z
??0SCA_ThreadObj@@QEAA@H@Z
??1SCA_ThreadObj@@UEAA@XZ
?SCA_StrnCpy@@YAHPEADPEBDK@Z
??1SCA_HttpClientRequest@@UEAA@XZ
??1SCA_HttpPart@@UEAA@XZ
??1SCA_HttpRequest@@UEAA@XZ
??1SCA_HttpParser@@UEAA@XZ
?IsHeaderReady@SCA_HttpParser@@QEAAHPEBDKPEAK@Z
??0SCA_HttpParser@@QEAA@XZ
?InitContentBuffer@SCA_HttpClientRequest@@QEAAHXZ
?ParseHttpHeader@SCA_HttpParser@@QEAAHPEBDKPEAVSCA_HttpClientRequest@@@Z
??0SCA_HttpClientRequest@@QEAA@XZ
??0SCA_File@@QEAA@XZ
?SCA_CreateTcpSock@@YAPEAVSCA_VirtualTcpSock@@H@Z
?SCA_GetAbsTime@@YA_KXZ
?SCA_ListSortCallbackA@@YAHPEBX0@Z
?ReadString@SCA_File@@UEAAHPEADKPEAK@Z
?WriteString@SCA_File@@UEAAHPEBD@Z
?WriteStringEx@SCA_File@@UEAAHPEBDZZ
??0SCA_ConfigObj@@QEAA@AEAV0@@Z
?SCA_CreateMutex@@YAPEAVSCA_VirtualMutex@@XZ
?SCA_FormatSize@@YAH_KPEADK@Z
?SCA_FormatAbsTime@@YAH_KPEADK@Z
?AddField@SCA_ConfigObj@@QEAAHPEBDGH@Z
?AddField@SCA_ConfigObj@@QEAAHPEBD0H@Z
?AddField@SCA_ConfigObj@@QEAAHPEBDKH@Z
?AddConfigObj@SCA_ConfigObj@@QEAAPEAV1@PEBD@Z
?SCA_CreateEvent@@YAPEAVSCA_VirtualEvent@@HH@Z
?ParseHttpHeader@SCA_HttpParser@@QEAAHPEBDKPEAUtagSCA_HTTP_REQUEST@@@Z
?SCA_IsPathExists@@YAHPEBD@Z
?SCA_GetDirName@@YAHPEBDPEADK@Z
?SCA_GetExeFileName@@YAHPEADKPEAK@Z
?AddField@SCA_ConfigObj@@QEAAHPEBDHH@Z
?GetField@SCA_ConfigObj@@QEAAHPEBDPEAG@Z
?GetField@SCA_ConfigObj@@QEAAHPEBDPEADK@Z
?GetField@SCA_ConfigObj@@QEAAHPEBDPEAK@Z
??1SCA_ConfigObj@@UEAA@XZ
?Load@SCA_ConfigObj@@QEAAHPEBD0PEAK@Z
SCA_GetDck
??0SCA_ConfigObj@@QEAA@PEBDPEAV0@@Z
?Save@SCA_ConfigObj@@QEAAHPEBD0PEAK@Z
?GetField@SCA_ConfigObj@@QEAAHPEBDPEAH@Z
?SCA_StrCompareNoCase@@YAHPEBD0@Z
?SCA_GetToken1@@YAHPEBDPEAKPEADK@Z
?SCA_IsFileExists@@YAHPEBD@Z
?SCA_GetUserAppConfDir@@YAHPEADK@Z
?SCA_CreateDirectory@@YAHPEBDPEAK@Z
?SCA_GetUserName@@YAKPEADK@Z
??1SCA_NetMessage@@UEAA@XZ
??0SCA_NetTransport@@QEAA@PEAVSCA_NetLink@@@Z
??1SCA_NetTransport@@UEAA@XZ
?ThreadFunc@SCA_NetServerAgent@@UEAAKXZ
??1SCA_NetServerAgent@@UEAA@XZ
??1SCA_VirtualCmdServer@@UEAA@XZ
?ThreadFunc@SCA_VirtualCmdServer@@UEAAKXZ
?SCA_NormalizePath@@YAHPEBDPEADKH@Z
?SCA_GetCurrentDate@@YAKPEAUtagSCA_DATE@@@Z
?SCA_GetTimeString@@YAHPEADK@Z
?SCA_GetDateString@@YAHPEADK@Z
?AddField@SCA_ConfigObj@@QEAAHPEBD_KH@Z
?GetField@SCA_ConfigObj@@QEAAHPEBDPEA_K@Z
?SCA_CreateProcess@@YAPEAVSCA_VirtualProcess@@XZ
?Connect@SCA_NetTransport@@QEAAHPEBDGKPEAK@Z
?WaitForMessage@SCA_NetTransport@@QEAAHKPEAVSCA_NetMessage@@PEAK@Z
?SendMessageA@SCA_NetTransport@@QEAAHKPEAVSCA_NetMessage@@PEAK@Z
?Init@SCA_NetMessage@@QEAAHPEBD@Z
?RemoveField@SCA_ConfigObj@@QEAAHPEBD@Z
??0SCA_NetMessage@@QEAA@XZ
?SCA_StrCopyToUpper@@YAHPEBDPEADK@Z
??0SCA_VirtualCmdServer@@QEAA@PEBDGPEAK@Z
?StopAll@SCA_VirtualCmdServer@@QEAAHXZ

Exports

Exports

??0?$SCA_List@PEAVSCA_TikaClient@@@@QEAA@AEBV0@@Z
??0?$SCA_List@PEAVSCA_TikaClient@@@@QEAA@K@Z
??0?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAA@AEBV0@@Z
??0?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAA@K@Z
??0?$SCA_List@PEAVSCA_TikaServer@@@@QEAA@AEBV0@@Z
??0?$SCA_List@PEAVSCA_TikaServer@@@@QEAA@K@Z
??0?$SCA_List@PEAVSCA_TikaService@@@@QEAA@AEBV0@@Z
??0?$SCA_List@PEAVSCA_TikaService@@@@QEAA@K@Z
??0?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAA@AEBV0@@Z
??0?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAA@K@Z
??0?$SCA_NetServer@VSCA_TikaServiceServer@@@@QEAA@AEBV0@@Z
??0?$SCA_NetServer@VSCA_TikaServiceServer@@@@QEAA@PEAVSCA_TikaServiceServer@@PEBDGPEAK@Z
??0SCA_FieldList@@QEAA@AEBV0@@Z
??0SCA_FieldList@@QEAA@XZ
??0SCA_File@@QEAA@AEBV0@@Z
??0SCA_HttpClientRequest@@QEAA@AEBV0@@Z
??0SCA_HttpParser@@QEAA@AEBV0@@Z
??0SCA_HttpPart@@QEAA@AEBV0@@Z
??0SCA_HttpRequest@@QEAA@AEAV0@@Z
??0SCA_NetMessage@@QEAA@AEAV0@@Z
??0SCA_NetServerAgent@@QEAA@AEBV0@@Z
??0SCA_NetTransport@@QEAA@AEBV0@@Z
??0SCA_ThreadObj@@QEAA@AEBV0@@Z
??0SCA_TikaClient@@QEAA@AEBV0@@Z
??0SCA_TikaClient@@QEAA@PEAVSCA_TikaConfigDbs@@PEBDG@Z
??0SCA_TikaClientList@@QEAA@AEBV0@@Z
??0SCA_TikaClientList@@QEAA@XZ
??0SCA_TikaClientRequest@@QEAA@AEBV0@@Z
??0SCA_TikaClientRequest@@QEAA@PEBD0@Z
??0SCA_TikaConfig@@QEAA@AEBV0@@Z
??0SCA_TikaConfig@@QEAA@XZ
??0SCA_TikaConfigDbs@@QEAA@AEBV0@@Z
??0SCA_TikaConfigDbs@@QEAA@XZ
??0SCA_TikaConfigUser@@QEAA@AEBV0@@Z
??0SCA_TikaConfigUser@@QEAA@PEAVSCA_TikaConfig@@PEAVSCA_ConfigObj@@@Z
??0SCA_TikaInterface@@QEAA@AEAV0@@Z
??0SCA_TikaInterface@@QEAA@XZ
??0SCA_TikaLog@@QEAA@AEBV0@@Z
??0SCA_TikaLog@@QEAA@PEAVSCA_TikaConfigUser@@KH@Z
??0SCA_TikaRequestList@@QEAA@AEBV0@@Z
??0SCA_TikaRequestList@@QEAA@XZ
??0SCA_TikaServer@@QEAA@AEBV0@@Z
??0SCA_TikaServer@@QEAA@PEAVSCA_TikaConfigUser@@@Z
??0SCA_TikaServerList@@QEAA@AEBV0@@Z
??0SCA_TikaServerList@@QEAA@XZ
??0SCA_TikaService@@QEAA@AEBV0@@Z
??0SCA_TikaService@@QEAA@XZ
??0SCA_TikaServiceClient@@QEAA@AEAV0@@Z
??0SCA_TikaServiceClient@@QEAA@XZ
??0SCA_TikaServiceList@@QEAA@AEBV0@@Z
??0SCA_TikaServiceList@@QEAA@XZ
??0SCA_TikaServiceRequest@@QEAA@AEBV0@@Z
??0SCA_TikaServiceRequest@@QEAA@K@Z
??0SCA_TikaServiceServer@@QEAA@AEBV0@@Z
??0SCA_TikaServiceServer@@QEAA@PEAVSCA_TikaServiceVirtualFactory@@GPEAK@Z
??0SCA_TikaServiceStatus@@QEAA@AEBV0@@Z
??0SCA_TikaServiceStatus@@QEAA@XZ
??0SCA_TikaStatusList@@QEAA@AEBV0@@Z
??0SCA_TikaStatusList@@QEAA@XZ
??0SCA_VirtualCmdServer@@QEAA@AEBV0@@Z
??1?$SCA_List@PEAVSCA_TikaClient@@@@UEAA@XZ
??1?$SCA_List@PEAVSCA_TikaClientRequest@@@@UEAA@XZ
??1?$SCA_List@PEAVSCA_TikaServer@@@@UEAA@XZ
??1?$SCA_List@PEAVSCA_TikaService@@@@UEAA@XZ
??1?$SCA_List@PEAVSCA_TikaServiceStatus@@@@UEAA@XZ
??1?$SCA_NetServer@VSCA_TikaServiceServer@@@@UEAA@XZ
??1SCA_FieldList@@UEAA@XZ
??1SCA_TikaClient@@UEAA@XZ
??1SCA_TikaClientList@@UEAA@XZ
??1SCA_TikaClientRequest@@UEAA@XZ
??1SCA_TikaConfig@@UEAA@XZ
??1SCA_TikaConfigDbs@@UEAA@XZ
??1SCA_TikaConfigUser@@UEAA@XZ
??1SCA_TikaInterface@@UEAA@XZ
??1SCA_TikaLog@@UEAA@XZ
??1SCA_TikaRequestList@@UEAA@XZ
??1SCA_TikaServer@@UEAA@XZ
??1SCA_TikaServerList@@UEAA@XZ
??1SCA_TikaService@@UEAA@XZ
??1SCA_TikaServiceClient@@UEAA@XZ
??1SCA_TikaServiceList@@UEAA@XZ
??1SCA_TikaServiceRequest@@UEAA@XZ
??1SCA_TikaServiceServer@@UEAA@XZ
??1SCA_TikaServiceStatus@@UEAA@XZ
??1SCA_TikaStatusList@@UEAA@XZ
??4?$SCA_List@PEAVSCA_TikaClient@@@@QEAAAEAV0@AEBV0@@Z
??4?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAAEAV0@AEBV0@@Z
??4?$SCA_List@PEAVSCA_TikaServer@@@@QEAAAEAV0@AEBV0@@Z
??4?$SCA_List@PEAVSCA_TikaService@@@@QEAAAEAV0@AEBV0@@Z
??4?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAAEAV0@AEBV0@@Z
??4?$SCA_NetServer@VSCA_TikaServiceServer@@@@QEAAAEAV0@AEBV0@@Z
??4SCA_ConfigObj@@QEAAAEAV0@AEBV0@@Z
??4SCA_FieldList@@QEAAAEAV0@AEBV0@@Z
??4SCA_File@@QEAAAEAV0@AEBV0@@Z
??4SCA_HttpClientRequest@@QEAAAEAV0@AEBV0@@Z
??4SCA_HttpParser@@QEAAAEAV0@AEBV0@@Z
??4SCA_HttpPart@@QEAAAEAV0@AEBV0@@Z
??4SCA_HttpRequest@@QEAAAEAV0@AEBV0@@Z
??4SCA_NetMessage@@QEAAAEAV0@AEBV0@@Z
??4SCA_NetServerAgent@@QEAAAEAV0@AEBV0@@Z
??4SCA_NetTransport@@QEAAAEAV0@AEBV0@@Z
??4SCA_ThreadObj@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaClient@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaClientList@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaClientRequest@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaConfig@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaConfigDbs@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaConfigUser@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaInterface@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaLog@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaRequestList@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServer@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServerList@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaService@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServiceClient@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServiceList@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServiceRequest@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServiceServer@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaServiceStatus@@QEAAAEAV0@AEBV0@@Z
??4SCA_TikaStatusList@@QEAAAEAV0@AEBV0@@Z
??4SCA_VirtualCmdServer@@QEAAAEAV0@AEBV0@@Z
??_7?$SCA_List@PEAVSCA_TikaClient@@@@6B@
??_7?$SCA_List@PEAVSCA_TikaClientRequest@@@@6B@
??_7?$SCA_List@PEAVSCA_TikaServer@@@@6B@
??_7?$SCA_List@PEAVSCA_TikaService@@@@6B@
??_7?$SCA_List@PEAVSCA_TikaServiceStatus@@@@6B@
??_7?$SCA_NetServer@VSCA_TikaServiceServer@@@@6B@
??_7SCA_FieldList@@6B@
??_7SCA_File@@6B@
??_7SCA_HttpClientRequest@@6B@
??_7SCA_HttpParser@@6B@
??_7SCA_HttpPart@@6B@
??_7SCA_HttpRequest@@6B@
??_7SCA_NetMessage@@6B@
??_7SCA_NetServerAgent@@6B@
??_7SCA_NetTransport@@6B@
??_7SCA_ThreadObj@@6B@
??_7SCA_TikaClient@@6B@
??_7SCA_TikaClientList@@6B@
??_7SCA_TikaClientRequest@@6B@
??_7SCA_TikaConfig@@6B@
??_7SCA_TikaConfigDbs@@6B@
??_7SCA_TikaConfigUser@@6B@
??_7SCA_TikaInterface@@6B@
??_7SCA_TikaLog@@6B@
??_7SCA_TikaRequestList@@6B@
??_7SCA_TikaServer@@6B@
??_7SCA_TikaServerList@@6B@
??_7SCA_TikaService@@6B@
??_7SCA_TikaServiceClient@@6B@
??_7SCA_TikaServiceList@@6B@
??_7SCA_TikaServiceRequest@@6B@
??_7SCA_TikaServiceServer@@6B@
??_7SCA_TikaServiceStatus@@6B@
??_7SCA_TikaStatusList@@6B@
??_7SCA_VirtualCmdServer@@6B@
??_F?$SCA_List@PEAVSCA_TikaClient@@@@QEAAXXZ
??_F?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAXXZ
??_F?$SCA_List@PEAVSCA_TikaServer@@@@QEAAXXZ
??_F?$SCA_List@PEAVSCA_TikaService@@@@QEAAXXZ
??_F?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAXXZ
??_FSCA_ConfigObj@@QEAAXXZ
??_FSCA_NetTransport@@QEAAXXZ
??_FSCA_ThreadObj@@QEAAXXZ
??_FSCA_TikaServer@@QEAAXXZ
?AddClient@SCA_TikaClientList@@QEAAHPEAVSCA_TikaClient@@K@Z
?AddClient@SCA_TikaClientList@@QEAAHPEAVSCA_TikaClient@@PEAK@Z
?AddClient@SCA_TikaServiceStatus@@QEAAHPEAVSCA_TikaClient@@PEAK@Z
?AddField@SCA_ConfigObj@@QEAAHPEAVSCA_Field@@@Z
?AddField@SCA_ConfigObj@@QEAAHPEAVSCA_Field@@H@Z
?AddField@SCA_ConfigObj@@QEAAHPEAVSCA_Field@@HH@Z
?AddField@SCA_ConfigObj@@QEAAHPEBDPEAVSCA_Field@@H@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@PEAK@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@PEAK@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@PEAK@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@PEAK@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@@Z
?AddItemAfter@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@PEAK@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@PEAK@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@PEAK@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@PEAK@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@PEAK@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@@Z
?AddItemBefore@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@PEAK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@K@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@KK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@KPEAK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@KPEBD@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@K@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@KK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@KPEAK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@KPEBD@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@K@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@KK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@KPEAK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@KPEBD@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@K@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@KK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@KPEAK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@KPEBD@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@K@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@KK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@KPEAK@Z
?AddItemByPos@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@KPEBD@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@K@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEAK@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEBD@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@K@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEAK@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEBD@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@K@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEAK@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEBD@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@K@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEAK@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEBD@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@K@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEAK@Z
?AddItemToHead@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEBD@Z
?AddItemToHead@SCA_FieldList@@QEAAHPEAVSCA_Field@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@K@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEBD@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEBDK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEBDPEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAVSCA_TikaClient@@PEBDPEAPEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@K@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEBD@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEBDK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEBDPEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAVSCA_TikaClientRequest@@PEBDPEAPEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@K@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEBD@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEBDK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEBDPEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAVSCA_TikaServer@@PEBDPEAPEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@K@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEBD@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEBDK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEBDPEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAVSCA_TikaService@@PEBDPEAPEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@K@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEBD@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEBDK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEBDPEAK@Z
?AddItemToTail@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAVSCA_TikaServiceStatus@@PEBDPEAPEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@@Z
?AddItemToTail@SCA_FieldList@@QEAAHPEAVSCA_Field@@@Z
?AddLogMessage@SCA_TikaServer@@IEAAHPEBDKPEAK@Z
?AddMessage@SCA_TikaLog@@QEAAHKPEBDZZ
?AddMessage@SCA_TikaLog@@QEAAHPEAUtagSCA_ERROR_DESCR@@K@Z
?AddMessage@SCA_TikaLog@@QEAAHPEAVSCA_TikaServer@@KPEBDZZ
?AddPart@SCA_HttpRequest@@QEAAHPEAVSCA_HttpPart@@@Z
?AddRequest@SCA_TikaRequestList@@QEAAHPEAVSCA_TikaClientRequest@@@Z
?AddServer@SCA_TikaServerList@@QEAAHPEAVSCA_TikaConfigUser@@PEBDGK1PEAPEAVSCA_TikaServer@@PEAK@Z
?AddServer@SCA_TikaServiceClient@@UEAAHPEBDGK0PEAK11@Z
?AddServer@SCA_TikaServiceServer@@QEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?AddService@SCA_TikaServiceList@@QEAAHPEAVSCA_TikaService@@PEAK1@Z
?AddService@SCA_TikaServiceList@@QEAAHPEBDPEAPEAVSCA_TikaService@@@Z
?AddStatus@SCA_TikaStatusList@@QEAAHPEAVSCA_TikaService@@PEAPEAVSCA_TikaServiceStatus@@@Z
?AddUser@SCA_TikaClient@@QEAAXXZ
?BuildFullName@SCA_NetServerAgent@@QEAAXPEBD0PEADK@Z
?ChangeItemName@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEBD0@Z
?ChangeItemName@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEBD0@Z
?ChangeItemName@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEBD0@Z
?ChangeItemName@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEBD0@Z
?ChangeItemName@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEBD0@Z
?CheckConfig@SCA_TikaServer@@QEAAHPEBDGK0@Z
?Clear@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHXZ
?Clear@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHXZ
?Clear@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHXZ
?Clear@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHXZ
?Clear@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHXZ
?Clear@SCA_FieldList@@QEAAHXZ
?Clear@SCA_TikaLog@@QEAAHXZ
?ClearAll@SCA_TikaConfigDbs@@QEAAHXZ
?ClearAll@SCA_TikaConfigUser@@IEAAHXZ
?ClearAll@SCA_TikaServerList@@QEAAHXZ
?ClearAll@SCA_TikaServiceList@@QEAAHXZ
?ClearAll@SCA_TikaServiceStatus@@QEAAHXZ
?ClearAll@SCA_TikaStatusList@@QEAAHXZ
?ClearDebugLog@SCA_TikaServiceClient@@UEAAHXZ
?ClearDebugLog@SCA_TikaServiceServer@@QEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?ClearServerLog@SCA_TikaServiceClient@@UEAAHK@Z
?ClearServerLog@SCA_TikaServiceServer@@QEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?Clone@SCA_TikaConfigDbs@@QEAAPEAV1@XZ
?Clone@SCA_TikaConfigUser@@QEAAPEAV1@XZ
?Connect@SCA_TikaClient@@QEAAHKPEAK@Z
?Connect@SCA_TikaServiceClient@@QEAAHPEBDGKPEAK@Z
?ConnectEvent@?$SCA_NetServer@VSCA_TikaServiceServer@@@@UEAAHPEAVSCA_NetServerAgent@@@Z
?ConnectEvent@SCA_TikaServiceServer@@UEAAHPEAVSCA_NetServerAgent@@@Z
?Connected@SCA_NetTransport@@QEAAHXZ
?Count@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAKXZ
?Count@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAKXZ
?Count@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAKXZ
?Count@?$SCA_List@PEAVSCA_TikaService@@@@QEAAKXZ
?Count@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAKXZ
?Count@SCA_FieldList@@QEAAKXZ
?DelUser@SCA_TikaClient@@QEAAXXZ
?DeleteAllServers@SCA_TikaServiceClient@@UEAAHXZ
?DeleteAllServers@SCA_TikaServiceServer@@QEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?DeleteHeadItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHXZ
?DeleteHeadItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHXZ
?DeleteHeadItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHXZ
?DeleteHeadItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHXZ
?DeleteHeadItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHXZ
?DeleteHeadItem@SCA_FieldList@@QEAAHXZ
?DeleteItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHK@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHKPEAPEAVSCA_TikaClient@@@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEBD@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHK@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHKPEAPEAVSCA_TikaClientRequest@@@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEBD@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHK@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHKPEAPEAVSCA_TikaServer@@@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEBD@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHK@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHKPEAPEAVSCA_TikaService@@@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEBD@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHK@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHKPEAPEAVSCA_TikaServiceStatus@@@Z
?DeleteItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEBD@Z
?DeleteItem@SCA_FieldList@@QEAAHPEBD@Z
?DeleteItemByPos@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHK@Z
?DeleteItemByPos@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHK@Z
?DeleteItemByPos@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHK@Z
?DeleteItemByPos@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHK@Z
?DeleteItemByPos@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHK@Z
?DeleteItemByPos@SCA_FieldList@@QEAAHK@Z
?DeleteListItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@@Z
?DeleteListItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@@Z
?DeleteListItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@@Z
?DeleteListItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@@Z
?DeleteListItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@@Z
?DeleteListItem@SCA_FieldList@@IEAAHPEAVSCA_Field@@@Z
?DeleteServer@SCA_TikaServerList@@QEAAHK@Z
?DeleteServer@SCA_TikaServiceClient@@UEAAHK@Z
?DeleteServer@SCA_TikaServiceServer@@QEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?DeleteService@SCA_TikaServiceList@@QEAAHK@Z
?DeleteTailItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHXZ
?DeleteTailItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHXZ
?DeleteTailItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHXZ
?DeleteTailItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHXZ
?DeleteTailItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHXZ
?DeleteTailItem@SCA_FieldList@@QEAAHXZ
?Deserialize@SCA_TikaConfig@@QEAAHPEAVSCA_ConfigObj@@@Z
?Deserialize@SCA_TikaConfigDbs@@QEAAHPEAVSCA_ConfigObj@@@Z
?Deserialize@SCA_TikaConfigUser@@QEAAHPEAVSCA_ConfigObj@@@Z
?Deserialize@SCA_TikaLog@@QEAAHPEAVSCA_ConfigObj@@@Z
?Deserialize@SCA_TikaServer@@QEAAHPEAVSCA_ConfigObj@@@Z
?Deserialize@SCA_TikaServerList@@QEAAHPEAVSCA_ConfigObj@@@Z
?Deserialize@SCA_TikaService@@QEAAHPEAVSCA_ConfigObj@@H@Z
?Deserialize@SCA_TikaServiceList@@QEAAHPEAVSCA_ConfigObj@@H@Z
?Destroy@?$SCA_List@PEAVSCA_TikaClient@@@@UEAAXXZ
?Destroy@?$SCA_List@PEAVSCA_TikaClientRequest@@@@UEAAXXZ
?Destroy@?$SCA_List@PEAVSCA_TikaServer@@@@UEAAXXZ
?Destroy@?$SCA_List@PEAVSCA_TikaService@@@@UEAAXXZ
?Destroy@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@UEAAXXZ
?Destroy@SCA_ConfigObj@@UEAAXXZ
?Destroy@SCA_FieldList@@UEAAXXZ
?Destroy@SCA_File@@UEAAXXZ
?Destroy@SCA_HttpClientRequest@@UEAAXXZ
?Destroy@SCA_HttpParser@@UEAAXXZ
?Destroy@SCA_HttpPart@@UEAAXXZ
?Destroy@SCA_HttpRequest@@UEAAXXZ
?Destroy@SCA_ThreadObj@@UEAAXXZ
?Destroy@SCA_TikaClient@@UEAAXXZ
?Destroy@SCA_TikaClientList@@UEAAXXZ
?Destroy@SCA_TikaClientRequest@@UEAAXXZ
?Destroy@SCA_TikaConfig@@UEAAXXZ
?Destroy@SCA_TikaConfigDbs@@UEAAXXZ
?Destroy@SCA_TikaConfigUser@@UEAAXXZ
?Destroy@SCA_TikaInterface@@UEAAXXZ
?Destroy@SCA_TikaRequestList@@UEAAXXZ
?Destroy@SCA_TikaServer@@UEAAXXZ
?Destroy@SCA_TikaServerList@@UEAAXXZ
?Destroy@SCA_TikaService@@UEAAXXZ
?Destroy@SCA_TikaServiceClient@@UEAAXXZ
?Destroy@SCA_TikaServiceList@@UEAAXXZ
?Destroy@SCA_TikaServiceRequest@@UEAAXXZ
?Destroy@SCA_TikaServiceServer@@UEAAXXZ
?Destroy@SCA_TikaServiceStatus@@UEAAXXZ
?Destroy@SCA_TikaStatusList@@UEAAXXZ
?Disconnect@SCA_TikaClient@@QEAAHXZ
?DisconnectEvent@?$SCA_NetServer@VSCA_TikaServiceServer@@@@UEAAHPEAVSCA_NetServerAgent@@@Z
?DisconnectEvent@SCA_TikaServiceServer@@UEAAHPEAVSCA_NetServerAgent@@@Z
?DoCommand@?$SCA_NetServer@VSCA_TikaServiceServer@@@@UEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?DoConnect@SCA_TikaServiceStatus@@QEAAHPEAK@Z
?DoDisconnect@SCA_TikaServiceStatus@@QEAAHXZ
?DoProcess@SCA_TikaServer@@IEAAHPEAK@Z
?FillBuffer@SCA_TikaLog@@QEAAHPEADK@Z
?FindCRLF@SCA_TikaClient@@IEAAHPEBDKKPEAK@Z
?Flush@SCA_File@@UEAAHXZ
?GetAbsTime@SCA_TikaClientRequest@@QEAA_KXZ
?GetActiveServers@SCA_TikaServerList@@QEAAKXZ
?GetActiveServers@SCA_TikaService@@QEAAKXZ
?GetActiveServers@SCA_TikaServiceList@@QEAAKXZ
?GetAgentCount@SCA_VirtualCmdServer@@QEAAKXZ
?GetBlockRetryCount@SCA_NetTransport@@QEAAKXZ
?GetBufferSize@SCA_TikaClient@@QEAAKXZ
?GetCancelEvent@SCA_HttpClientRequest@@QEAAPEAVSCA_Event@@XZ
?GetChunkLength@SCA_TikaClient@@IEAAHPEBDKKPEAK1@Z
?GetClient@SCA_TikaClientList@@QEAAHKPEAPEAVSCA_TikaClient@@@Z
?GetClient@SCA_TikaClientRequest@@QEAAPEAVSCA_TikaClient@@XZ
?GetClient@SCA_TikaServiceRequest@@QEAAPEAVSCA_TikaClient@@XZ
?GetClientByPort@SCA_TikaServiceStatus@@QEAAHGPEAPEAVSCA_TikaClient@@@Z
?GetClientConnectTime@SCA_NetTransport@@QEAA_KXZ
?GetClientId@SCA_TikaClient@@QEAAKXZ
?GetClientId@SCA_TikaServiceRequest@@QEAAKXZ
?GetClientStartTime@SCA_NetTransport@@QEAA_KXZ
?GetClientStatusCode@SCA_TikaClient@@QEAAKXZ
?GetClients@SCA_TikaServiceStatus@@QEAAPEAV?$SCA_List@PEAVSCA_TikaClient@@@@XZ
?GetCommandName@SCA_NetMessage@@QEAAPEBDXZ
?GetConfig@SCA_TikaConfigUser@@QEAAPEAVSCA_TikaConfig@@XZ
?GetConfigFileName@SCA_TikaConfig@@QEAAPEBDXZ
?GetConnectCount@SCA_TikaClient@@QEAAKXZ
?GetConnectMode@SCA_HttpClientRequest@@QEAAKXZ
?GetConnectTime@SCA_TikaClient@@QEAA_KXZ
?GetContentBuffer@SCA_HttpClientRequest@@QEAAPEADXZ
?GetContentDate@SCA_HttpClientRequest@@QEAAPEBDXZ
?GetContentDisposition@SCA_HttpPart@@QEAAPEBDXZ
?GetContentFileName@SCA_HttpPart@@QEAAPEBDXZ
?GetContentLength@SCA_HttpClientRequest@@QEAAKXZ
?GetContentLength@SCA_HttpRequest@@QEAAKXZ
?GetContentName@SCA_HttpPart@@QEAAPEBDXZ
?GetContentType@SCA_HttpClientRequest@@QEAAPEBDXZ
?GetContentType@SCA_HttpPart@@QEAAPEBDXZ
?GetContentType@SCA_HttpRequest@@QEAAPEBDXZ
?GetControlCode@SCA_NetMessage@@QEAAKXZ
?GetControlFlags@SCA_NetMessage@@QEAAKXZ
?GetControlPort@SCA_TikaConfig@@QEAAGXZ
?GetControlPort@SCA_TikaService@@QEAAGXZ
?GetCurrentPos@SCA_File@@UEAAHPEA_KPEAK@Z
?GetData@SCA_HttpPart@@QEAAPEADXZ
?GetData@SCA_NetMessage@@QEAAPEAVSCA_ConfigObj@@XZ
?GetDataLength@SCA_HttpPart@@QEAAKXZ
?GetDataLength@SCA_TikaLog@@QEAAKXZ
?GetDataPort@SCA_TikaService@@QEAAGXZ
?GetDataSize@SCA_ConfigObj@@UEAAKXZ
?GetDebugLevel@SCA_TikaClient@@QEAAKXZ
?GetDebugLog@SCA_TikaInterface@@QEAAHKKPEAVSCA_TikaLog@@@Z
?GetDebugLog@SCA_TikaServiceClient@@UEAAHKKPEAPEAVSCA_ConfigObj@@@Z
?GetDebugLog@SCA_TikaServiceServer@@QEAAHPEAVSCA_NetServerAgent@@PEAVSCA_NetMessage@@1@Z
?GetDoDelete@SCA_TikaClient@@QEAAHXZ
?GetEnabledServices@SCA_TikaConfigDbs@@QEAAKXZ
?GetEnabledServices@SCA_TikaServiceList@@QEAAKXZ
?GetErrorCount@SCA_TikaLog@@QEAAKXZ
?GetErrorServers@SCA_TikaServerList@@QEAAKXZ
?GetErrorServers@SCA_TikaService@@QEAAKXZ
?GetErrorServers@SCA_TikaServiceList@@QEAAKXZ
?GetExitTimeout@SCA_ThreadObj@@QEAAKXZ
?GetField@SCA_ConfigObj@@QEAAHPEBDPEAPEAV1@@Z
?GetFieldByIndex@SCA_ConfigObj@@UEAAHKPEAPEAVSCA_Field@@@Z
?GetFieldByName@SCA_ConfigObj@@UEAAHPEBDPEAPEAVSCA_Field@@@Z
?GetFieldCount@SCA_ConfigObj@@UEAAKXZ
?GetFieldList@SCA_ConfigObj@@QEAAPEAVSCA_FieldList@@XZ
?GetFileExt@SCA_TikaClientRequest@@QEAAPEBDXZ
?GetFileExtensions@SCA_TikaConfigDbs@@QEAAPEBDXZ
?GetFileExtensions@SCA_TikaService@@QEAAPEBDXZ
?GetFileName@SCA_TikaServer@@QEAAPEBDXZ
?GetFileName@SCA_TikaService@@QEAAPEBDXZ
?GetFileSize@SCA_File@@UEAAHPEA_KPEAK@Z
?GetFileText@SCA_TikaClient@@QEAAHKPEBD0P6AH0KKPEAX@Z1PEAVSCA_Event@@PEAK4@Z
?GetFileTextV1@SCA_TikaClient@@IEAAHPEBD0P6AH0KKPEAX@Z1PEAVSCA_Event@@PEAK4@Z
?GetFileTextV2@SCA_TikaClient@@IEAAHPEBD0P6AH0KKPEAX@Z1PEAVSCA_Event@@PEAK4@Z
?GetFileTextV3@SCA_TikaClient@@IEAAHPEBD0P6AH0KKPEAX@Z1PEAVSCA_Event@@PEAK4@Z
?GetFullName@SCA_TikaServiceClient@@QEAAPEBDXZ
?GetHardLinks@SCA_File@@UEAAKXZ
?GetHead@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAPEAV?$SCA_ListItem@PEAVSCA_TikaClient@@@@XZ
?GetHead@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAPEAV?$SCA_ListItem@PEAVSCA_TikaClientRequest@@@@XZ
?GetHead@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAPEAV?$SCA_ListItem@PEAVSCA_TikaServer@@@@XZ
?GetHead@?$SCA_List@PEAVSCA_TikaService@@@@QEAAPEAV?$SCA_ListItem@PEAVSCA_TikaService@@@@XZ
?GetHead@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAPEAV?$SCA_ListItem@PEAVSCA_TikaServiceStatus@@@@XZ
?GetHead@SCA_FieldList@@QEAAPEAVSCA_Field@@XZ
?GetHeadItem@?$SCA_List@PEAVSCA_TikaClient@@@@QEAAHPEAPEAVSCA_TikaClient@@@Z
?GetHeadItem@?$SCA_List@PEAVSCA_TikaClientRequest@@@@QEAAHPEAPEAVSCA_TikaClientRequest@@@Z
?GetHeadItem@?$SCA_List@PEAVSCA_TikaServer@@@@QEAAHPEAPEAVSCA_TikaServer@@@Z
?GetHeadItem@?$SCA_List@PEAVSCA_TikaService@@@@QEAAHPEAPEAVSCA_TikaService@@@Z
?GetHeadItem@?$SCA_List@PEAVSCA_TikaServiceStatus@@@@QEAAHPEAPEAVSCA_TikaServiceStatus@@@Z

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
New folder/yaibli

Sharing

General

Malware Config

Signatures

Files

Password: infected

cb5f14e025f6fc6949c0a460bca769be

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

6c:04:1b:e0:8a:5f:cd:47:36:e2:85:04:be:b7:78:6cCertificate

Extended Key Usages

Key Usages

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89Certificate

Extended Key Usages

Key Usages

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3fCertificate

Extended Key Usages

Key Usages

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68Certificate

Extended Key Usages

Key Usages

42:6d:51:e5:2c:ff:32:53:32:77:bd:60:b5:13:c4:be:cb:f6:36:62:7b:f2:cd:cc:9a:2d:f7:9b:f6:f1:1a:c0Signer

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: - Virtual size: 49KB

.rdata Size: - Virtual size: 11KB

.data Size: - Virtual size: 10KB

.SHARED Size: 4KB - Virtual size: 682B

.~SE Size: - Virtual size: 5.6MB

.^?^ Size: 4KB - Virtual size: 32B

.ZN. Size: 10.2MB - Virtual size: 10.2MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

ee96c0a1a551a58603cf4b2e5e1d56bd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fbCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

61:0b:7f:6b:00:00:00:00:00:19Certificate

Key Usages

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1eSigner

Headers

File Characteristics

Imports

elbycdio

cfgmgr32

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

439cea087ae2b8ad67a7f8437f6bbbbe

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

6c:04:1b:e0:8a:5f:cd:47:36:e2:85:04:be:b7:78:6c
Certificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

42:6d:51:e5:2c:ff:32:53:32:77:bd:60:b5:13:c4:be:cb:f6:36:62:7b:f2:cd:cc:9a:2d:f7:9b:f6:f1:1a:c0
Signer

.text
Size: - Virtual size: 49KB

.rdata
Size: - Virtual size: 11KB

.data
Size: - Virtual size: 10KB

.SHARED
Size: 4KB - Virtual size: 682B

.~SE
Size: - Virtual size: 5.6MB

.^?^
Size: 4KB - Virtual size: 32B

.ZN.
Size: 10.2MB - Virtual size: 10.2MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

61:0b:7f:6b:00:00:00:00:00:19
Certificate

4a:1e:21:3b:0b:ce:bc:cb:cc:68:18:20:7f:79:a9:2c:6b:03:15:1e
Signer

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:9e:c2:90:16:d7:3f:2c:c8:8e:b9:cc:8b:4f:8e:78:fb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

61:0b:7f:6b:00:00:00:00:00:19
Certificate

6f:3b:e9:54:d7:3b:f1:25:86:3a:3b:c9:55:50:52:12:11:1a:43:eb
Signer

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 28KB - Virtual size: 24KB

.text
Size: 138KB - Virtual size: 137KB

.rdata
Size: 119KB - Virtual size: 118KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 2KB - Virtual size: 1KB