pandastealer | USB Safe[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

USB Safe.rar
Size

15.4MB
MD5

d287e12e0c59883d2b2c5d89c960a480
SHA1

c292c149267d83a9b3097957d0567cf0c7c882b8
SHA256

9188d34a4ab1316f3f5e47287a32bec55b33a56b45a4aee8a99a2fff7a95b4e6
SHA512

149da0498f0958527f993b075ba53e8f013169c3d91c9726b45a1c26330c7a73a85892f7cb4faa549015302194ec4f2bed88b6b30ff5b5f0cb2c5169a5e69ef1
SSDEEP

393216:JsqlmA1q6DjN6V9MvUi6WuNq0cPN/PGYsEFigiwYkIfgjQ:eqlt1qIja9XWuIvF/ElBDkIfGQ

Score

10^/10

pandastealer

Malware Config

Signatures

Panda Stealer payload 1 IoCs

resource	yara_rule
static1/unpack001/ProgramData/splayer/splayer.exe	family_pandastealer

Pandastealer family
pandastealer

Unsigned PE 47 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ProgramData/splayer/CSMX.dll
unpack001/ProgramData/splayer/Esdll.dll
unpack001/ProgramData/splayer/IVMSource.ax
unpack001/ProgramData/splayer/PmpSplitter.ax
unpack001/ProgramData/splayer/RadGtSplitter.ax
unpack001/ProgramData/splayer/atrc.dll
unpack001/ProgramData/splayer/binkw32.dll
unpack001/ProgramData/splayer/csfcodec/ijl15.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mcucltu.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mcufilecu.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mdssockc.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mtcontain.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mtcontrol.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxaudio.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxrender.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxscreen.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxshbasu.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxshmaiu.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxshsour.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxsource.dll
unpack001/ProgramData/splayer/csfcodec/mpc_mxvideo.dll
unpack001/ProgramData/splayer/csfcodec/mpc_wtlvcl.dll
unpack001/ProgramData/splayer/dh264.ax
unpack001/ProgramData/splayer/haalis.ax
unpack001/ProgramData/splayer/ir41_32.ax
unpack001/ProgramData/splayer/ir50_32.dll
unpack001/ProgramData/splayer/ivm.dll
unpack001/ProgramData/splayer/lang/splayer.cht.dll
unpack001/ProgramData/splayer/lang/splayer.en.dll
unpack001/ProgramData/splayer/lang/splayer.fr.dll
unpack001/ProgramData/splayer/lang/splayer.ge.dll
unpack001/ProgramData/splayer/lang/splayer.ru.dll
unpack001/ProgramData/splayer/mkunicode.dll
unpack001/ProgramData/splayer/mkzlib.dll
unpack001/ProgramData/splayer/mmamrdmx.ax
unpack001/ProgramData/splayer/mp4.dll
unpack001/ProgramData/splayer/ogm.dll
unpack001/ProgramData/splayer/rlapedec.ax
unpack001/ProgramData/splayer/sinet.dll
unpack001/ProgramData/splayer/smackw32.dll
unpack001/ProgramData/splayer/sphash.dll
unpack001/ProgramData/splayer/ts.dll
unpack001/ProgramData/splayer/unrar.dll
unpack001/ProgramData/splayer/vp6dec.ax
unpack001/ProgramData/splayer/vp8decoder.dll
unpack001/ProgramData/splayer/wmasf.dll
unpack001/ProgramData/splayer/wmvcore.dll

Files

USB Safe.rar
.rar
Client.exe
.exe windows:5 windows x86 arch:x86

68a93ee452aef0b9d2d5e1f1b7acba57

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:69:bc:05:29:dd:e1:7e:a3:62:96:36:12:eb:b9:53:26:9d:a6:f4:cb:12:83:fc:a1:db:35:47:56:87:c5:05
Signer

Actual PE Digest

bb:69:bc:05:29:dd:e1:7e:a3:62:96:36:12:eb:b9:53:26:9d:a6:f4:cb:12:83:fc:a1:db:35:47:56:87:c5:05

Digest Algorithm

sha256

PE Digest Matches

true

41:6b:44:57:46:15:3a:23:88:85:a5:e7:5d:46:c9:a1:3b:b8:f2:59
Signer

Actual PE Digest

41:6b:44:57:46:15:3a:23:88:85:a5:e7:5d:46:c9:a1:3b:b8:f2:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
GetErrorInfo
SetErrorInfo
GetActiveObject
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetTokenInformation
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
GetLengthSid
DuplicateTokenEx
AdjustTokenPrivileges
StartServiceW
OpenServiceW
OpenSCManagerW
ControlService
CloseServiceHandle
ChangeServiceConfigW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA

user32

LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
wvsprintfA
WindowFromPoint
WaitMessage
ValidateRect
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
TabbedTextOutW
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardViewer
SetClipboardData
SetClassLongW
SetCaretPos
SetCapture
SetActiveWindow
SendMessageTimeoutW
SendMessageA
SendMessageW
SendDlgItemMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MoveWindow
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadImageA
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsClipboardFormatAvailable
IsChild
IsCharAlphaNumericW
IsCharAlphaW
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextLengthW
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItemTextA
GetDlgItemTextW
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextA
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateCaret
CreateAcceleratorTableW
CountClipboardFormats
CopyImage
CopyIcon
CloseWindow
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
ChangeClipboardChain
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrlenA
lstrcpyW
lstrcmpW
lstrcatA
WritePrivateProfileStringW
WriteFile
WinExec
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
WaitForMultipleObjects
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
UnmapViewOfFile
TryEnterCriticalSection
TerminateProcess
SwitchToThread
SuspendThread
Sleep
SizeofResource
SignalObjectAndWait
SetThreadPriority
SetThreadLocale
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
QueryDosDeviceW
IsDebuggerPresent
OutputDebugStringW
OpenProcess
OpenMutexW
OpenFileMappingW
OpenEventW
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryExW
LoadLibraryA
LoadLibraryW
LeaveCriticalSection
IsBadReadPtr
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalMemoryStatus
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryA
GetVolumeInformationW
GetVersionExW
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetTempPathW
GetSystemInfo
GetSystemDirectoryW
GetStdHandle
GetProcAddress
GetPrivateProfileStringW
GetModuleHandleW
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesA
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetComputerNameW
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FlushFileBuffers
FindResourceA
FindResourceW
FindNextFileW
FindNextChangeNotification
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumResourceTypesA
EnumResourceNamesA
EnumCalendarInfoW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
DefineDosDeviceW
CreateThread
CreateProcessW
CreateMutexW
CreateFileMappingW
CreateFileA
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
TextOutW
StretchDIBits
StretchBlt
StartPage
StartDocW
SetWorldTransform
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetTextAlign
SetStretchBltMode
SetROP2
SetPixel
SetPaletteEntries
SetMapMode
SetGraphicsMode
SetEnhMetaFileBits
SetDIBitsToDevice
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
OffsetRgn
MoveToEx
ModifyWorldTransform
MaskBlt
LineTo
LineDDA
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetViewportOrgEx
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectType
GetObjectW
GetNearestPaletteIndex
GetGraphicsMode
GetGlyphOutlineW
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetClipRgn
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExtFloodFill
ExtCreateRegion
ExtCreatePen
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExW
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectA
CreateFontIndirectW
CreateEnhMetaFileW
CreateEllipticRgn
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineRgn
CloseEnhMetaFile
Chord
BitBlt
Arc
AbortDoc

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetGetConnectionW
WNetCancelConnection2W
WNetAddConnectionW

ole32

CreateStreamOnHGlobal
OleRegEnumVerbs
IsAccelerator
OleDraw
OleSetMenuDescriptor
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
ProgIDFromCLSID
StringFromCLSID
CoCreateInstance
CoGetClassObject
CoUninitialize
CoInitialize
IsEqualGUID
IsEqualGUID
CLSIDFromString
CoUninitialize
CoInitialize
IsEqualGUID
StgCreateDocfile
CoTaskMemFree
OleUninitialize
OleInitialize
CoCreateInstance
OleUninitialize
OleInitialize
CoCreateInstance
CoCreateGuid
FreePropVariantArray
CoTaskMemFree
OleUninitialize
OleInitialize
CoCreateInstance

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

shell32

SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
DragQueryPoint
DragQueryFileW
DragFinish
DragAcceptFiles
SHGetFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
SHChangeNotify
SHBrowseForFolderW
ord62
SHGetMalloc

comdlg32

PrintDlgW
ChooseFontW
ReplaceTextW
FindTextW
ChooseColorW
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameA
GetOpenFileNameW

winspool.drv

OpenPrinterW
EnumPrintersW
DocumentPropertiesW
ClosePrinter
GetDefaultPrinterW

wsock32

WSACleanup
WSAStartup
gethostname
gethostbyname
send
inet_ntoa

msvcrt

_gcvt

shlwapi

StrCmpLogicalW

psapi

GetProcessImageFileNameW

winmm

timeGetTime

olepro32

OleCreatePropertyFrame

avifil32

AVIMakeCompressedStream
AVISaveOptionsFree
AVISaveOptions
AVIStreamGetFrameClose
AVIStreamGetFrame
AVIStreamGetFrameOpen
AVIStreamWrite
AVIStreamSetFormat
AVIStreamInfoW
AVIStreamRelease
AVIFileCreateStreamW
AVIFileGetStream
AVIFileOpenW
AVIFileRelease
AVIFileExit
AVIFileInit

msvfw32

DrawDibRealize
DrawDibOpen
DrawDibDraw
DrawDibClose

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 78KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 72B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DKey.dll
.dll windows:6 windows x86 arch:x86

e5085f92d6b76226dc3fbceae9a500d1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5a:58:7b:61:3f:66:28:f5:2d:59:5c:19:24:7b:4b:95:70:ed:d7:f1:94:71:61:49:fe:fe:82:3d:e0:e2:15:01
Signer

Actual PE Digest

5a:58:7b:61:3f:66:28:f5:2d:59:5c:19:24:7b:4b:95:70:ed:d7:f1:94:71:61:49:fe:fe:82:3d:e0:e2:15:01

Digest Algorithm

sha256

PE Digest Matches

true

7f:4b:dd:a6:8d:0a:f9:1c:16:fa:07:6c:5d:b4:76:59:40:a4:4d:34
Signer

Actual PE Digest

7f:4b:dd:a6:8d:0a:f9:1c:16:fa:07:6c:5d:b4:76:59:40:a4:4d:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\chaoshiddai\source\DKey\Release\DKey.pdb

Imports

kernel32

GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
IsValidCodePage
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineA
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
Sleep
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
lstrcpyA
GetACP
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
CompareStringW
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVersionExA
RtlUnwind
TerminateProcess
GlobalFindAtomA
FindResourceA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
GetVolumeInformationA
LoadLibraryA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
CloseHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
GlobalAddAtomA
GlobalFlags
FreeLibrary
GetModuleFileNameA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CompareStringA
FileTimeToSystemTime
GlobalGetAtomNameA
lstrcmpA
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
OutputDebugStringA
SetLastError
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetLastError
GetDriveTypeA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLogicalDriveStringsA
DeviceIoControl
CreateFileA
LCMapStringW

user32

SetClassLongA
LockWindowUpdate
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
LoadBitmapW
SetMenuItemInfoA
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsIconic
PostQuitMessage
GetMonitorInfoA
MonitorFromWindow
RegisterClipboardFormatA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CharUpperA
DestroyIcon
RealChildWindowFromPoint
GetClassNameA
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
IsDialogMessageA
SetWindowLongA
DrawIcon
GetWindowRgn
DestroyCursor
MapDialogRect
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
GetMenuCheckMarkDimensions
CharUpperBuffA
SetWindowTextA
GetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
ModifyMenuA
SetMenuDefaultItem
CopyIcon
WinHelpA
GetDoubleClickTime
IsWindow
GetWindow
GetScrollPos
SetScrollPos
SetFocus
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
ReleaseCapture

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
SetTextColor
SetROP2
ExtTextOutA
TextOutA
SetTextAlign
MoveToEx
GetObjectA
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
CopyMetaFileA
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
DeleteObject
GetDeviceCaps
CreateDCA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA

shell32

SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileA

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
PathFindFileNameA
StrFormatKBSizeA

uxtheme

GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetThemePartSize

cfgmgr32

CM_Get_Parent
CM_Get_Device_IDA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleDuplicateData
CoDisconnectObject

oleaut32

SysFreeString
SysAllocString
VariantInit
LoadTypeLi
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysAllocStringByteLen

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

GetAllUSBDriveSerialNum
GetUSBDriveInfo

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HPSafeBox/con.{d3e34b21-9d75-101a-8c3d-00aa001a1652}
HPSafeBox/desktop.ini
ProgramData/EasyHook32.dll
.dll windows:5 windows x86 arch:x86

a379858a05210a88e29413155d399fa1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

49:b1:e9:0d:ab:f5:70:03:a1:88:7e:69:a8:bf:d4:49:57:f9:8e:bd:8e:04:db:03:c1:de:52:66:b9:a5:76:75
Signer

Actual PE Digest

49:b1:e9:0d:ab:f5:70:03:a1:88:7e:69:a8:bf:d4:49:57:f9:8e:bd:8e:04:db:03:c1:de:52:66:b9:a5:76:75

Digest Algorithm

sha256

PE Digest Matches

true

db:6e:8a:02:af:32:fc:39:49:a7:9f:fa:03:55:d7:46:da:ec:e9:38
Signer

Actual PE Digest

db:6e:8a:02:af:32:fc:39:49:a7:9f:fa:03:55:d7:46:da:ec:e9:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\搜狗高速下载\EasyHook-2.7.6035.0\EasyHook-2.7.6035.0\Build\netfx3.5-Debug\x86\EasyHook32.pdb

Imports

psapi

GetModuleInformation
EnumProcessModules

kernel32

LoadLibraryA
GetCurrentThreadId
GetSystemInfo
GetLastError
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
GetFullPathNameW
SetEvent
CloseHandle
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetEnvironmentVariableW
SetEnvironmentVariableW
MultiByteToWideChar
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
VirtualAllocEx
OpenProcess
OpenThread
ReadProcessMemory
WriteProcessMemory
GetThreadContext
SetThreadContext
SuspendThread
ResumeThread
WaitForSingleObject
DuplicateHandle
CreateEventW
CreateToolhelp32Snapshot
TlsFree
Thread32Next
GetCurrentProcessId
TerminateProcess
CreateRemoteThread
GetExitCodeThread
SetLastError
WaitForMultipleObjects
lstrlenW
TlsGetValue
TlsSetValue
CreateProcessW
WideCharToMultiByte
Module32FirstW
Module32NextW
LocalFree
DebugBreak
FormatMessageW
FatalAppExitW
OutputDebugStringW
GetModuleFileNameW
CreateFileW
InterlockedIncrement
VirtualProtect
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
IsBadReadPtr
InterlockedExchange
SetEndOfFile
CompareStringW
GetTimeFormatW
TlsAlloc
HeapDestroy
HeapCreate
FreeLibrary
LCMapStringW
SetStdHandle
Thread32First
GetVersionExW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
HeapValidate
GetModuleHandleExW
RtlUnwind
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
LoadLibraryExW
FatalAppExitA
ExitProcess
AreFileApisANSI
GetStdHandle
GetFileType
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetCurrentThread
HeapAlloc
GetProcessHeap
SetConsoleCtrlHandler
WaitForSingleObjectEx
CreateThread
WriteFile
OutputDebugStringA
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTickCount
CreateSemaphoreW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
VirtualQuery
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetFilePointerEx
GetStringTypeW
GetLocaleInfoW
IsValidLocale

user32

UnregisterClassW

advapi32

StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
CloseServiceHandle
OpenProcessToken

ole32

CoTaskMemAlloc
CoTaskMemFree

Exports

Exports

_DbgAttachDebugger@0
_DbgDetachDebugger@0
_DbgGetProcessIdByHandle@8
_DbgGetThreadIdByHandle@8
_DbgHandleToObjectName@16
_DbgIsAvailable@0
_DbgIsEnabled@0
_GacCreateContext@0
_GacInstallAssembly@16
_GacReleaseContext@4
_GacUninstallAssembly@16
_GetRemoteModuleExportDirectory@324
_HookCompleteInjection@4
_LhBarrierBeginStackTrace@4
_LhBarrierCallStackTrace@12
_LhBarrierEndStackTrace@4
_LhBarrierGetAddressOfReturnAddress@4
_LhBarrierGetCallback@4
_LhBarrierGetCallingModule@4
_LhBarrierGetReturnAddress@4
_LhBarrierPointerToModule@8
_LhEnumModules@12
_LhInstallHook@16
_LhIsThreadIntercepted@12
_LhSetExclusiveACL@12
_LhSetGlobalExclusiveACL@8
_LhSetGlobalInclusiveACL@8
_LhSetInclusiveACL@12
_LhUninstallAllHooks@0
_LhUninstallHook@4
_LhUpdateModuleInformation@0
_LhWaitForPendingRemovals@0
_ReleaseTestFuncHookResults@8
_RhCreateAndInject@36
_RhCreateStealthRemoteThread@16
_RhGetProcessToken@8
_RhInjectLibrary@28
_RhInstallDriver@8
_RhInstallSupportDriver@0
_RhIsAdministrator@0
_RhIsX64Process@8
_RhIsX64System@0
_RhWakeUpProcess@0
_RtlCreateSuspendedProcess@20
_RtlGetLastError@0
_RtlGetLastErrorString@0
_RtlGetLastErrorStringCopy@0
_RtlInstallService@12
_TestFuncHooks@24

Sections

.textbss
Size: - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/EasyHook64.dll
.dll windows:6 windows x64 arch:x64

7c733a77800d92600b3d036b64da29bb

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

14:38:58:c5:06:87:dc:89:83:6a:73:bd:1f:10:cb:cd
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

09/12/2015, 00:00

Not After

08/12/2017, 23:59

Subject

CN=深圳市超时代软件有限公司,OU=技术,O=深圳市超时代软件有限公司,L=深圳,ST=广东,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5c:23:8e:4c:1b:47:04:80:9f:93:21:05:79:2a:ad:0f:d0:03:2f:90
Signer

Actual PE Digest

5c:23:8e:4c:1b:47:04:80:9f:93:21:05:79:2a:ad:0f:d0:03:2f:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\DIY\Desktop\EasyHook-2.7.6035.0\Build\netfx4-Release\x64\EasyHook64.pdb

Imports

psapi

EnumProcessModules
GetModuleInformation

kernel32

TlsFree
GetCurrentThreadId
VirtualFree
VirtualAlloc
GetSystemInfo
GetLastError
GetCurrentProcess
GetProcAddress
GetModuleFileNameA
LoadLibraryW
GetCurrentProcessId
GetFullPathNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
SetEvent
GetModuleHandleW
GetModuleHandleA
CloseHandle
InitializeCriticalSectionEx
RaiseException
DecodePointer
DeleteCriticalSection
GetThreadContext
SetThreadContext
WaitForSingleObject
OpenProcess
Thread32First
ReadProcessMemory
Thread32Next
VirtualAllocEx
OpenThread
TlsAlloc
CreateToolhelp32Snapshot
DuplicateHandle
WriteProcessMemory
SuspendThread
ResumeThread
TlsGetValue
CreateProcessW
CreateRemoteThread
TlsSetValue
WideCharToMultiByte
TerminateProcess
lstrlenW
SetLastError
GetExitCodeThread
Module32FirstW
WaitForMultipleObjects
Module32NextW
FatalAppExitW
GetModuleFileNameW
CreateFileW
HeapAlloc
HeapFree
IsBadReadPtr
InitializeCriticalSection
Sleep
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
GetVersionExW
RtlPcToFileHeader
SetStdHandle
OutputDebugStringW
LoadLibraryA
HeapCreate
HeapDestroy
FreeLibrary
WriteConsoleW
SetEndOfFile
CreateEventW
LCMapStringW
EncodePointer
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
RtlUnwindEx
GetStdHandle
GetFileType
GetStartupInfoW
GetProcessHeap
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
HeapReAlloc
LoadLibraryExW
ReadFile
ReadConsoleW
GetStringTypeW

advapi32

StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
OpenProcessToken

ole32

CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

?GetRemoteModuleExportDirectory@@YAHPEAXPEAUHINSTANCE__@@PEAU_IMAGE_EXPORT_DIRECTORY@@U_IMAGE_DOS_HEADER@@U_IMAGE_NT_HEADERS64@@@Z
DbgAttachDebugger
DbgDetachDebugger
DbgGetProcessIdByHandle
DbgGetThreadIdByHandle
DbgHandleToObjectName
DbgIsAvailable
DbgIsEnabled
GacCreateContext
GacInstallAssembly
GacReleaseContext
GacUninstallAssembly
HookCompleteInjection
LhBarrierBeginStackTrace
LhBarrierCallStackTrace
LhBarrierEndStackTrace
LhBarrierGetAddressOfReturnAddress
LhBarrierGetCallback
LhBarrierGetCallingModule
LhBarrierGetReturnAddress
LhBarrierPointerToModule
LhEnumModules
LhInstallHook
LhIsThreadIntercepted
LhSetExclusiveACL
LhSetGlobalExclusiveACL
LhSetGlobalInclusiveACL
LhSetInclusiveACL
LhUninstallAllHooks
LhUninstallHook
LhUpdateModuleInformation
LhWaitForPendingRemovals
ReleaseTestFuncHookResults
RhCreateAndInject
RhCreateStealthRemoteThread
RhGetProcessToken
RhInjectLibrary
RhInstallDriver
RhInstallSupportDriver
RhIsAdministrator
RhIsX64Process
RhIsX64System
RhWakeUpProcess
RtlCreateSuspendedProcess
RtlGetLastError
RtlGetLastErrorString
RtlGetLastErrorStringCopy
RtlInstallService
TestFuncHooks

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/FP/FP.exe
.exe windows:4 windows x86 arch:x86

e72358aec3dbf7aee3585e6d58b4d383

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:73:d3:31:3c:f6:51:55:90:7c:a5:70:0f:46:0d:eb
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

30/05/2006, 00:00

Not After

29/05/2008, 23:59

Subject

CN=Foxit Software Company,OU=SECURE APPLICATION DEVELOPMENT,O=Foxit Software Company,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

61:95:c3:45:50:a9:51:1f:42:6c:74:7c:e3:7e:b1:ab:38:e5:b6:88
Signer

Actual PE Digest

61:95:c3:45:50:a9:51:1f:42:6c:74:7c:e3:7e:b1:ab:38:e5:b6:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
LCMapStringW
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringA
CompareStringW
CompareStringA
FatalAppExitA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapSize
GetFileType
SetStdHandle
TerminateProcess
HeapReAlloc
ExitThread
CreateThread
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
lstrcpyW
GlobalSize
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetProcessVersion
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetFileTime
SetFileTime
lstrlenW
GetCurrentDirectoryA
GetCurrentThread
GetProfileIntA
SuspendThread
SetThreadPriority
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
SetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersionExA
lstrlenA
WriteProfileStringA
TerminateThread
GetShortPathNameA
ResumeThread
GetTickCount
GetExitCodeThread
SetEvent
CreateEventA
GetProfileStringA
GetTempFileNameA
Sleep
GetACP
lstrcatA
FormatMessageA
LocalFree
GetSystemDirectoryA
lstrcmpA
lstrcmpiA
CreateProcessA
WaitForSingleObject
lstrcpynA
GetVersion
WriteFile
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
lstrcpyA
CloseHandle
SetCurrentDirectoryA
GetTempPathA
GetWindowsDirectoryA
DeleteFileA
GetFullPathNameA
GetFileAttributesA
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree

user32

ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoA
GetWindowPlacement
GetLastActivePopup
IsIconic
GetDlgItem
UnpackDDElParam
ReuseDDElParam
WinHelpA
GetClassInfoA
ShowWindow
GetDesktopWindow
IsWindowEnabled
PeekMessageA
GetCapture
LoadAcceleratorsA
AdjustWindowRectEx
RedrawWindow
SetWindowLongA
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
LoadImageA
DrawStateA
FrameRect
DrawFocusRect
TrackPopupMenuEx
WindowFromPoint
GetActiveWindow
EndDeferWindowPos
DestroyIcon
DestroyCursor
DestroyMenu
GetCaretPos
DrawTextA
SendMessageTimeoutA
IsWindow
SetWindowTextW
GetWindowTextLengthA
GetWindowTextW
LoadIconA
ShowScrollBar
GetMessageA
TranslateMessage
DispatchMessageA
GetClipboardData
GetMessagePos
GetCursorPos
OpenClipboard
EmptyClipboard
LoadMenuIndirectA
LookupIconIdFromDirectory
CreateIconFromResource
LoadStringA
CharUpperA
GetWindowDC
SendMessageA
ReleaseDC
IsDialogMessageA
GetDC
SetActiveWindow
BeginDeferWindowPos
DeferWindowPos
MapWindowPoints
SendDlgItemMessageA
MessageBoxW
MessageBoxA
SetMenuItemBitmaps
AppendMenuA
SetClipboardData
CloseClipboard
RegisterWindowMessageA
GetFocus
SetFocus
SetScrollRange
KillTimer
SetTimer
UpdateWindow
CheckMenuItem
InsertMenuA
LoadMenuA
DeleteMenu
SetMenu
FindWindowA
SetWindowPos
GetSystemMetrics
InsertMenuItemA
DrawMenuBar
GetMenu
CheckDlgButton
CheckRadioButton
SetDlgItemTextA
IsDlgButtonChecked
GetWindowLongA
IsWindowVisible
GetWindowRect
OffsetRect
InflateRect
EqualRect
GetMenuItemID
GetMenuStringA
ModifyMenuA
CreatePopupMenu
PostMessageA
HideCaret
CreateCaret
SetCaretPos
wsprintfA
EnumChildWindows
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
GetSubMenu
SetWindowTextA
GetDlgCtrlID
SetRectEmpty
IsRectEmpty
IntersectRect
GetClientRect
PtInRect
SetRect
InvalidateRect
GetParent
GetSysColor
SetCursor
LoadCursorA
CreateAcceleratorTableA
LoadBitmapA
CopyRect
WindowFromDC
ClientToScreen
GetKeyState
UnregisterClassA
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
DestroyCaret
TrackMouseEvent
InvalidateRgn
EnumClipboardFormats
GetCursor
DrawFrameControl
FindWindowExA
IsCharAlphaNumericA
ScrollDC
CopyIcon
MapVirtualKeyA
GetKeyNameTextA
DrawEdge
ReleaseCapture
SetCapture
ScreenToClient
EnableWindow
ShowCaret
BeginPaint
EndPaint
TabbedTextOutA
MoveWindow
GetNextDlgTabItem
FillRect
EnableMenuItem
GrayStringA
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
RemoveMenu
LockWindowUpdate
GetDCEx
GetClassNameA
GetSysColorBrush
ClipCursor
CopyAcceleratorTableA
PostThreadMessageA
CreateMenu
SetCursorPos
GetMenuState
CheckMenuRadioItem
GetMenuCheckMarkDimensions
InSendMessage
wvsprintfA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
IsClipboardFormatAvailable
IsZoomed
EndDialog
CreateDialogIndirectParamA
InvertRect
UnionRect
CharNextA
ValidateRect
GetSystemMenu
GetWindow
SetParent

gdi32

GetClipBox
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
PolyBezierTo
GetClipRgn
SelectClipPath
GetObjectType
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
PtVisible
ExtTextOutA
Escape
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
StretchDIBits
GetCharWidthA
GetTextMetricsA
AbortDoc
SetAbortProc
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
LPtoDP
CopyMetaFileA
Rectangle
GetTextAlign
CreateBitmap
GetStockObject
GetTextColor
GetBkColor
RectVisible
CreateDCA
StartDocA
StartPage
EndPage
EndDoc
TextOutA
BeginPath
PolyBezier
EndPath
StrokeAndFillPath
SetTextColor
SetBkColor
GetTextExtentPoint32A
GetBitmapDimensionEx
GetObjectA
CreateFontIndirectA
CreateRectRgn
SetViewportOrgEx
BitBlt
GetDIBits
SetDIBitsToDevice
CreatePen
CreatePatternBrush
UnrealizeObject
SetBrushOrgEx
GetDeviceCaps
CreateCompatibleDC
Ellipse
RealizePalette
CreatePalette
GetDIBColorTable
CreateHalftonePalette
EnumFontFamiliesA
CreateDIBitmap
EnumFontFamiliesExA
CreateDIBSection
FillPath
StrokePath
SetMiterLimit
CloseFigure
WidenPath
ExtEscape
GetOutlineTextMetricsA
TextOutW
GetRegionData
GetFontData
GetTextFaceA
CreateBrushIndirect
GetROP2
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
DeleteObject
CreateFontA
GetTextExtentPointA
InvertRgn
Polyline
CreatePolygonRgn
Polygon
DeleteDC

comdlg32

ReplaceTextA
PrintDlgA
FindTextA
ChooseFontA
ChooseColorA
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

EnumMonitorsA
EnumPrinterDriversA
ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetPrinterA
EnumPrintersA
SetPrinterA

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
FreeSid
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegCloseKey

shell32

SHGetFileInfoA
DragAcceptFiles
DragFinish
ShellExecuteExA
SHChangeNotify
DragQueryFileA
ShellExecuteA
ExtractIconA

comctl32

ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent
ord17
ImageList_Destroy
ImageList_Create
ImageList_GetImageInfo
ImageList_Draw
ImageList_GetIcon

oledlg

ord8

ole32

CreateOleAdviseHolder
CreateGenericComposite
OleSaveToStream
WriteClassStm
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoGetMalloc
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleIsRunning
OleRun
CreateItemMoniker
WriteClassStg
GetRunningObjectTable
CreateFileMoniker
OleRegGetMiscStatus
OleRegEnumVerbs
CoDisconnectObject
StringFromCLSID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
OleGetClipboard
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CreateStreamOnHGlobal
CreateDataAdviseHolder
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleDuplicateData
CreateBindCtx
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CoGetClassObject
OleRegGetUserType

olepro32

ord251
ord253

oleaut32

SysAllocStringByteLen
SysStringLen
VariantCopy
VariantTimeToSystemTime
SysAllocString
VariantClear
VariantChangeType
SysAllocStringLen
SysStringByteLen
SysFreeString

wininet

HttpOpenRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpSetCurrentDirectoryA
FtpPutFileA

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

msimg32

TransparentBlt
AlphaBlend

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 376KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 600KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/Key.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

26:e6:af:3c:39:10:b7:7f:f1:0f:eb:61:86:d4:e0:32
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/12/2012, 00:00

Not After

11/12/2013, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Technical department,O=Kakasoft Software Co. Ltd.,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e5:0a:64:11:f0:95:d7:f4:8b:50:49:12:c8:9f:a3:37:ad:3b:3d:fa
Signer

Actual PE Digest

e5:0a:64:11:f0:95:d7:f4:8b:50:49:12:c8:9f:a3:37:ad:3b:3d:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookOff
HookOn

Sections

CODE
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 83B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/WndHook.dll
.dll windows:6 windows x86 arch:x86

430a9ceff9e3a4b408ffe416fbb9c29b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:c0:11:04:7c:46:e3:30:26:d9:1e:07:92:48:8b:a2:77:d6:7f:d6:c8:a8:ea:ff:be:87:62:34:c6:ef:14:ac
Signer

Actual PE Digest

2e:c0:11:04:7c:46:e3:30:26:d9:1e:07:92:48:8b:a2:77:d6:7f:d6:c8:a8:ea:ff:be:87:62:34:c6:ef:14:ac

Digest Algorithm

sha256

PE Digest Matches

true

9e:22:8f:d8:d0:2e:13:17:a2:e1:38:6b:13:cb:27:51:45:01:ba:79
Signer

Actual PE Digest

9e:22:8f:d8:d0:2e:13:17:a2:e1:38:6b:13:cb:27:51:45:01:ba:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\csdwork\source\VideoEncrypt\epcore\Release\WndHook.pdb

Imports

kernel32

CreateFileMappingW
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
CloseHandle
CreateMutexW
FreeLibrary
WaitForSingleObject
ReleaseMutex
Sleep
LoadLibraryW
GetProcAddress
CreateProcessA
WriteConsoleW
SetFilePointerEx
SetStdHandle
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetLastError
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetModuleFileNameW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
OutputDebugStringW
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
CreateFileW

user32

RegisterHotKey
UnregisterHotKey

Exports

Exports

InstallHook
UninstallHook

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/cscore.dll
.dll windows:5 windows x86 arch:x86

96b8d6c2812e678e1f94476f7e95e2ee

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:bc:99:bc:16:56:15:93:47:0a:f6:04:a5:07:7b:cc:ab:be:8f:47:0b:b7:af:26:16:f6:aa:fb:40:e7:6a:58
Signer

Actual PE Digest

6a:bc:99:bc:16:56:15:93:47:0a:f6:04:a5:07:7b:cc:ab:be:8f:47:0b:b7:af:26:16:f6:aa:fb:40:e7:6a:58

Digest Algorithm

sha256

PE Digest Matches

true

f3:f0:b6:e7:0e:b7:e3:6a:de:8f:49:4b:eb:58:69:2a:28:71:e0:4a
Signer

Actual PE Digest

f3:f0:b6:e7:0e:b7:e3:6a:de:8f:49:4b:eb:58:69:2a:28:71:e0:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\csdwork\source\VideoEncrypt\epcore\Release\cscore.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
GetLastError
HeapSize
DecodePointer
DeleteCriticalSection
MapViewOfFile
UnmapViewOfFile
GetVersionExW
CloseHandle
OpenFileMappingA
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryA
GetCurrentProcessId
CreateMutexW
GetLogicalDriveStringsW
WaitForSingleObject
OpenProcess
MultiByteToWideChar
QueryDosDeviceW
GetProcessHeap
WideCharToMultiByte
EncodePointer
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
IsDebuggerPresent
OutputDebugStringW
GetSystemInfo
VirtualProtect
InitializeCriticalSection
IsBadReadPtr
HeapCreate
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
ReadConsoleW
LoadLibraryExW
FreeEnvironmentStringsW
HeapFree
HeapAlloc
ReleaseMutex
HeapReAlloc
GetEnvironmentStringsW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetFileType
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
QueryPerformanceCounter
InterlockedExchange

user32

GetClassNameW
GetWindowThreadProcessId
CallNextHookEx
SetWindowsHookExW
GetWindowTextW
GetWindowRgnBox
GetWindowRgn
GetDesktopWindow
WindowFromDC
PostMessageW
UnhookWindowsHookEx

gdi32

RectInRegion
CreateRectRgn
DeleteObject

psapi

GetProcessImageFileNameW

Exports

Exports

InstallHook
InstallWndHook
LoadConfig
Protecton_off
SetProtecthWnd
UninstallHook
UninstallWndHook

Sections

.text
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

datashar
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

flag_dat
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/cscore.ini
ProgramData/cscore64.dll
.dll windows:6 windows x64 arch:x64

596505dda09a804102278a51ddeb9fc4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

88:50:de:cb:51:1e:1c:91:19:56:b0:14:0d:13:43:05:15:f5:11:c9:3d:53:c3:e0:62:23:ec:6c:34:8d:70:b4
Signer

Actual PE Digest

88:50:de:cb:51:1e:1c:91:19:56:b0:14:0d:13:43:05:15:f5:11:c9:3d:53:c3:e0:62:23:ec:6c:34:8d:70:b4

Digest Algorithm

sha256

PE Digest Matches

true

8e:49:20:c5:54:eb:43:77:60:cd:fa:df:d0:f0:80:c4:57:20:0e:44
Signer

Actual PE Digest

8e:49:20:c5:54:eb:43:77:60:cd:fa:df:d0:f0:80:c4:57:20:0e:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\csdwork\source\VideoEncrypt\epcore\Release\cscore64.pdb

Imports

kernel32

DeleteCriticalSection
MapViewOfFile
UnmapViewOfFile
GetVersionExW
CloseHandle
OpenFileMappingA
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryA
GetCurrentProcessId
CreateMutexW
K32GetProcessImageFileNameW
GetLogicalDriveStringsW
WaitForSingleObject
OpenProcess
MultiByteToWideChar
QueryDosDeviceW
ReleaseMutex
WideCharToMultiByte
DecodePointer
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
IsDebuggerPresent
OutputDebugStringW
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
ReadConsoleW
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
HeapSize
GetLastError
InitializeCriticalSectionEx
RaiseException
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
HeapReAlloc
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetFileType
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile

user32

PostMessageW
GetWindowTextW
GetClassNameW
GetWindowThreadProcessId
CallNextHookEx
UnhookWindowsHookEx
GetWindowRgnBox
GetWindowRgn
GetDesktopWindow
WindowFromDC
SetWindowsHookExW

gdi32

RectInRegion
CreateRectRgn
DeleteObject

easyhook64

LhUninstallAllHooks
LhWaitForPendingRemovals
LhInstallHook
LhUninstallHook
LhSetExclusiveACL

Exports

Exports

InstallHook
InstallWndHook
LoadConfig
Protecton_off
SetProtecthWnd
UninstallHook
UninstallWndHook

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

datashar
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

flag_dat
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/CSMX.dll
.dll windows:4 windows x86 arch:x86

e37f7efe98ea725b5013810ca8514b87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
MultiByteToWideChar
FreeEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

MessageBoxA

esdll

?SwapSize@CMamaz@@QAEHPAXH@Z
??0CUesz@@QAE@PAXH@Z
??0CEsz@@QAE@PAXH@Z

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/Esdll.dll
.dll windows:4 windows x86 arch:x86

727122a5be2245cc72b0c6152b3d74d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
FatalAppExitA
HeapFree
SetUnhandledExceptionFilter
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
ReadFile
HeapAlloc
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadCodePtr
SetFilePointer
SetConsoleCtrlHandler
UnhandledExceptionFilter
FlushFileBuffers
RtlUnwind
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
Sleep
LCMapStringA
LCMapStringW
CloseHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
GetLocaleInfoW
DeleteFileA

Exports

Exports

??0CEsz@@QAE@ABV0@@Z
??0CEsz@@QAE@PAXH@Z
??0CEszException@@QAA@PBDZZ
??0CMamaz@@QAE@ABV0@@Z
??0CMamaz@@QAE@PAXH@Z
??0CUesz@@QAE@ABV0@@Z
??0CUesz@@QAE@PAXH@Z
??4CEsz@@QAEAAV0@ABV0@@Z
??4CEszException@@QAEAAV0@ABV0@@Z
??4CMamaz@@QAEAAV0@ABV0@@Z
??4CUesz@@QAEAAV0@ABV0@@Z
??_7CEsz@@6B@
??_7CMamaz@@6B@
??_7CUesz@@6B@
?EsDll@@YAHPAFPAIH@Z
?EsDllD@@YAHPAIPAFH@Z
?EsDllInit@@YAXXZ
?EsDllInitD@@YAXXZ
?GetString@CEszException@@QAEPBDXZ
?HardWork@CEsz@@MAEHPAX0@Z
?HardWork@CUesz@@MAEHPAX0@Z
?SwapSize@CMamaz@@QAEHPAXH@Z

Sections

.text
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/IVMSource.ax
.dll regsvr32 windows:4 windows x86 arch:x86

1ae61317dec34b6d2bc750d4a7e31465

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

wininet

InternetQueryOptionA
HttpSendRequestA
InternetConnectA
HttpOpenRequestA
InternetSetOptionA
InternetReadFile
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle

ws2_32

bind
inet_addr
socket
WSAStartup
shutdown
recv
select
accept
send
__WSAFDIsSet
getsockname
ntohs
ioctlsocket
listen
closesocket
htons

mc

DestroyWindows
InitMc
DestroyMCWindow
ResiteLogoWIndowInVideo
NewWindow
NotifyVideoCoordinateEx
SWParent

ivm

?ProcessDrmLogic@DrmCtrl@@UAEHPAD0K@Z
?WriteByte@Basic_Stream@@UAEHAAE@Z
?WriteWord@Basic_Stream@@UAEHAAG@Z
?GetErrorString@DrmCtrl@@QAEPADXZ
??1DrmCtrl@@UAE@XZ
??1DrmPayPerView@@UAE@XZ
??1DrmCopyCtrlObject@@UAE@XZ
??1DrmAreaTimeZoneObject@@UAE@XZ
??1DrmExpirationObject@@UAE@XZ
?GetDynamicVideoDecrypt@PropertyObject@@QAEEXZ
??0BlowFish@@QAE@HPAE@Z
?Decrypt@BlowFish@@QAEXPAE0@Z
??1BlowFish@@UAE@XZ
?CreateFromFile@IVMContainer@@QAEHPAD@Z
?GetAVDataObject@IVMContainer@@QAEHPAPAVAVDataObject@@@Z
?WriteBuffer@Basic_Stream@@UAEHPAEH@Z
?FlushBuffer@FileStream@@UAEHXZ
?WriteDword@Basic_Stream@@UAEHAAK@Z
??1FileStream@@UAE@XZ
??0FileStream@@QAE@PADHPAE@Z
?ReadBuffer@FileStream@@UAEHPAEH@Z
?ReadEncryptBuffer@Basic_Stream@@UAEHPAEHE@Z
?ReadSSLEncryptBuffer@Basic_Stream@@UAEHPAEH@Z
?ReadByte@Basic_Stream@@UAEEXZ
?ReadWord@Basic_Stream@@UAEGXZ
?ReadDword@Basic_Stream@@UAEKXZ
?GetSupervisor@PropertyObject@@QAEEXZ
?CreateAVReadStream@IVMContainer@@QAEPAVBasic_Stream@@PAE@Z
?GetFormatObject@IVMContainer@@QAEHPAPAVFormatObject@@@Z
?GetPropertyObject@IVMContainer@@QAEHPAPAVPropertyObject@@@Z
?GetDrmEnable@PropertyObject@@QAEEXZ
?GetExDataObject@IVMContainer@@QAEHPAPAVExDataObject@@@Z
?ExFrame@ExDataObject@@QAEPAU_EX_FRAME@@H@Z
??0IVMContainer@@QAE@XZ
??1IVMContainer@@UAE@XZ
?ReadQword@Basic_Stream@@UAE_KXZ
?ReadGUID@Basic_Stream@@UAE?AU_GUID@@XZ
?Forward@FileStream@@UAEX_J@Z
?WriteQword@Basic_Stream@@UAEHAA_K@Z
?Tellp@FileStream@@UAE_KXZ
?Release@FileStream@@UAEXXZ
?SetReadMax@FileStream@@UAEX_K@Z
?GetReadMax@FileStream@@UAE_KXZ
?SetReadStart@FileStream@@UAEX_K@Z
?SetPointer@FileStream@@UAEH_K@Z
?Tellrp@FileStream@@UAE_KXZ
?CreateExSrcReadStream@IVMContainer@@QAEPAVBasic_Stream@@PAD@Z
?GetDistributor@DrmCtrl@@QAEPADXZ
??0DrmExpirationObject@@QAE@XZ
??0DrmAreaTimeZoneObject@@QAE@XZ
??0DrmCopyCtrlObject@@QAE@XZ
??0DrmPayPerView@@QAE@XZ
??0DrmCtrl@@QAE@XZ
?AddDrmObject@DrmCtrl@@UAEXPAVDrmObject@@@Z
?SetIvmFilePath@DrmExpirationObject@@QAEXPAD@Z

winmm

timeSetEvent
timeGetTime

msvcrt

atoi
strtok
__CxxFrameHandler
??2@YAPAXI@Z
memmove
isalnum
strchr
time
sscanf
_mkdir
fclose
fread
fopen
fseek
_strlwr
strstr
strncmp
_purecall
localtime
isspace
atol
_atoi64
fwrite
memchr
wcscmp
_ltoa
atof
_fstat
mktime
ftell
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
srand
rand
??3@YAXPAX@Z
_itoa
??1type_info@@UAE@XZ
sprintf
wcslen
_CxxThrowException

kernel32

CloseHandle
SetEvent
WaitForSingleObject
CreateProcessA
InterlockedDecrement
CreateThread
TerminateThread
GetPrivateProfileIntA
SetThreadPriority
InterlockedExchange
OutputDebugStringA
DeleteCriticalSection
InterlockedIncrement
GetLastError
DeleteFileA
FindNextFileA
ResetEvent
WaitForMultipleObjects
lstrlenA
DisableThreadLibraryCalls
FindClose
FindFirstFileA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetSystemDirectoryA
DuplicateHandle
GetCurrentProcess
CreateSemaphoreA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
WritePrivateProfileStringA
GetCurrentProcessId
lstrlenW
LocalFree
Sleep
GetTickCount
GetVersionExA
InitializeCriticalSection
EnterCriticalSection
GetCurrentThreadId
CreateEventA
GetCurrentThread
GetThreadPriority
GetACP
GetModuleHandleA
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualFree
VirtualAlloc
GetSystemInfo
ReleaseSemaphore
LeaveCriticalSection

user32

SetWindowPos
SendMessageA
MessageBoxA
IsWindow
PostThreadMessageA
SetWindowLongA
UnhookWindowsHookEx
CallNextHookEx
GetWindow
GetWindowTextA
GetClassNameA
DispatchMessageA
GetWindowLongA
GetWindowThreadProcessId
GetQueueStatus
RegisterWindowMessageA
wvsprintfA
MsgWaitForMultipleObjects
wsprintfA
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxParamA
ClientToScreen
ShowCursor
GetParent
SetWindowsHookExA
PeekMessageA
SetTimer
GetMessageA
KillTimer
GetWindowRect
GetDesktopWindow
GetDC
IsWindowVisible
TranslateMessage

gdi32

GetDeviceCaps

comdlg32

GetOpenFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA

shell32

ShellExecuteA

ole32

CoFreeUnusedLibraries
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
GetErrorInfo
SetErrorInfo
VariantChangeType
VariantInit
CreateErrorInfo
VariantClear
SysFreeString

crypt32

CertCloseStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertFindCertificateInStore

msvcp60

?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?_Xlen@std@@YAXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/PmpSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

3b061fad8266f6f03923cff87f660920

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\workspace\cooleyes\PmpSplitter\Release Unicode\PmpSplitter.pdb

Imports

kernel32

TlsSetValue
LocalReAlloc
TlsFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
lstrcatW
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
ExitProcess
TlsAlloc
HeapFree
HeapAlloc
GetCommandLineA
VirtualProtect
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFullPathNameW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
Sleep
GetModuleFileNameW
GetVersion
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcessId
WideCharToMultiByte
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
CreateThread
GetLastError
GetTickCount
lstrcpyW
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
lstrcmpW
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrlenW
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
FreeLibrary
InterlockedIncrement
DisableThreadLibraryCalls
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RtlUnwind

user32

CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageW
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
CopyRect
GrayStringW
DrawTextW
TabbedTextOutW
SetWindowPos
SetWindowLongW
GetDlgItem
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextW
GetClassNameW
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SendMessageW
MessageBoxW
GetParent
PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
ModifyMenuW
GetWindowPlacement
EnableMenuItem
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageW
RegisterWindowMessageW
wsprintfW
PeekMessageW
UnregisterClassW
DrawTextExW

gdi32

DeleteDC
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SelectObject

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueW
RegCreateKeyW
RegDeleteKeyW

comctl32

ord17

shlwapi

PathStripToRootW
PathFindFileNameW
PathIsUNCW

ole32

CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/RadGtSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

635acae72f0a325d4d8ee6a93ca09305

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\MediaPlayerClasic\src\filters\parser\radgtsplitter\Release\RadGtSplitter.pdb

Imports

kernel32

ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcpyA
GetFullPathNameA
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcatA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualQuery
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrcmpA
SetLastError
lstrcpynA
DeleteFileA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcessId
CreateThread
GetTickCount
SetThreadPriority
GetModuleHandleA
DisableThreadLibraryCalls
GetModuleFileNameA
VirtualAlloc
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
RaiseException
MultiByteToWideChar
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FreeLibrary
SetFilePointer
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection

user32

SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
PtInRect
GetWindow
SetWindowsHookExA
CallNextHookEx
GetKeyState
ValidateRect
GetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
PostMessageA
GetSystemMetrics
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
PostQuitMessage
DestroyMenu
IsWindowEnabled
EnableWindow
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
wsprintfA
UnregisterClassA
CharUpperA
MessageBoxA
CopyRect
GetClassInfoExA

gdi32

ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
SetWindowExtEx
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

shlwapi

PathIsUNCA
PathFindFileNameA
PathStripToRootA

ole32

CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CLSIDFromString

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/SVPDebug.log
ProgramData/splayer/atrc.dll
.dll windows:4 windows x86 arch:x86

5132cde9ac8899a69f40dfaacc320c4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_ftol
??3@YAXPAX@Z
memmove
calloc
free
malloc
_CIpow
floor
??2@YAPAXI@Z
_assert
_except_handler3
_purecall
_initterm
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/binkw32.dll
.dll windows:4 windows x86 arch:x86

863844ad7aa759748e31329c65f10f35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Devel\Projects\bink\build\binkw32.pdb

Imports

user32

SetCursor
GetClassLongA
RegisterClassA
ChangeDisplaySettingsA
IsWindowVisible
GetSystemMetrics
GetCursorPos
DefWindowProcA
ReleaseDC
PeekMessageA
CreateWindowExA
GetTopWindow
GetWindowLongA
GetActiveWindow
GetWindowThreadProcessId
GetWindow
EndPaint
ClientToScreen
DestroyWindow
MessageBoxA
ScreenToClient
GetWindowRect
IsIconic
GetClientRect
BeginPaint
GetDC
ShowCursor
UnregisterClassA

gdi32

CreateDIBSection
GetDeviceCaps
StretchBlt
GetDIBits
SetPixel
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
GetPixel
DeleteDC

kernel32

GetOEMCP
GetACP
LCMapStringW
MultiByteToWideChar
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetCPInfo
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
HeapSize
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlUnwind
GetLastError
CreateEventA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
CreateFileA
SetFilePointer
ReadFile
CloseHandle
WaitForSingleObject
SetEvent
RaiseException
SetThreadPriority
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
ResumeThread
CreateThread
GetCurrentProcess
TerminateProcess
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetCommandLineA
HeapFree
HeapAlloc

winmm

waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutSetVolume
waveOutReset
waveOutRestart
waveOutPause
waveOutWrite
waveOutClose
timeGetTime

Exports

Exports

_BinkBufferBlit@12
_BinkBufferCheckWinPos@12
_BinkBufferClear@8
_BinkBufferClose@4
_BinkBufferGetDescription@4
_BinkBufferGetError@0
_BinkBufferLock@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferSetHWND@8
_BinkBufferSetOffset@12
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferUnlock@4
_BinkCheckCursor@20
_BinkClose@4
_BinkCloseTrack@4
_BinkCopyToBuffer@28
_BinkCopyToBufferRect@44
_BinkDDSurfaceType@4
_BinkDX8SurfaceType@4
_BinkDoFrame@4
_BinkGetError@0
_BinkGetKeyFrame@12
_BinkGetRealtime@12
_BinkGetRects@8
_BinkGetSummary@8
_BinkGetTrackData@8
_BinkGetTrackID@8
_BinkGetTrackMaxSize@8
_BinkGetTrackType@8
_BinkGoto@12
_BinkIsSoftwareCursor@8
_BinkLogoAddress@0
_BinkNextFrame@4
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkOpenMiles@4
_BinkOpenTrack@8
_BinkOpenWaveOut@4
_BinkPause@8
_BinkRestoreCursor@4
_BinkService@4
_BinkSetError@4
_BinkSetFrameRate@8
_BinkSetIO@4
_BinkSetIOSize@4
_BinkSetMixBinVolumes@20
_BinkSetMixBins@16
_BinkSetPan@12
_BinkSetSimulate@4
_BinkSetSoundOnOff@8
_BinkSetSoundSystem@8
_BinkSetSoundTrack@8
_BinkSetVideoOnOff@8
_BinkSetVolume@12
_BinkWait@4
_RADSetMemory@8
_RADTimerRead@0
_YUV_blit_16a1bpp@52
_YUV_blit_16a1bpp_mask@60
_YUV_blit_16a4bpp@52
_YUV_blit_16a4bpp_mask@60
_YUV_blit_16bpp@48
_YUV_blit_16bpp_mask@56
_YUV_blit_24bpp@48
_YUV_blit_24bpp_mask@56
_YUV_blit_24rbpp@48
_YUV_blit_24rbpp_mask@56
_YUV_blit_32abpp@52
_YUV_blit_32abpp_mask@60
_YUV_blit_32bpp@48
_YUV_blit_32bpp_mask@56
_YUV_blit_32rabpp@52
_YUV_blit_32rabpp_mask@60
_YUV_blit_32rbpp@48
_YUV_blit_32rbpp_mask@56
_YUV_blit_UYVY@48
_YUV_blit_UYVY_mask@56
_YUV_blit_YUY2@48
_YUV_blit_YUY2_mask@56
_YUV_blit_YV12@52
_YUV_init@4
_radfree@4
_radmalloc@4

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK4444
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK5551
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32A
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16X2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32X2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16MX
Size: 1024B - Virtual size: 515B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32MX
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16M
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32M
Size: 1024B - Virtual size: 547B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 361B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYUY2
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32R
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32RA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32RX
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24X2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24M
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24R
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24RX
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK24RM
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 369B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKUYVY
Size: 512B - Virtual size: 327B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKYV12
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKDATA
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/ijl15.dll
.dll windows:4 windows x86 arch:x86

43fd8fd13d2d05654de14de52b9d512d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
CloseHandle
ReadFile
WriteFile
SetFilePointer
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA
GetCurrentThreadId
GetModuleFileNameA
lstrlenA
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetModuleHandleA
HeapAlloc
HeapFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CreateFileA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers

Exports

Exports

ijlErrorStr
ijlFree
ijlGetLibVersion
ijlInit
ijlRead
ijlWrite

Sections

.text
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mcucltu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d7936f92318430ce8624f42c4041836f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kybase\source\network\mcuclient\ReleaseMpc\mcuclient.pdb

Imports

ws2_32

htonl
ntohl
htons

kernel32

GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
lstrlenW
CloseHandle
GetTickCount
CreateEventW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
InterlockedExchange
InterlockedDecrement
GetModuleFileNameW
OutputDebugStringW
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
GetSystemTimeAsFileTime
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetVersionExA
ExitProcess
RtlUnwind
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapReAlloc
HeapAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetModuleFileNameA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
SetFilePointer
SetStdHandle

user32

IsWindow
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects
PostMessageW

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mcufilecu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4324400c9d632fe833a1b2a058534034

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kybase\source\network\mcufilec\ReleaseMpc\mcufilec.pdb

Imports

kernel32

WaitForSingleObject
CloseHandle
GetTickCount
CreateEventW
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
DeleteFileW
GetLastError
SetFilePointer
CreateFileW
WriteFile
SetEvent
ReadFile
ResetEvent
WaitForMultipleObjects
GetVersionExW
GetFileSize
RaiseException
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
GetModuleFileNameW
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteCriticalSection
CreateThread
InitializeCriticalSection
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetVersionExA
RtlUnwind
ExitProcess
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapReAlloc
HeapAlloc
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetStringTypeA

user32

PostMessageW

advapi32

RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
StringFromCLSID
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mdssockc.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9914558a7a38407454d235202796d25a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeKillEvent
timeSetEvent

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr
WSAIoctl
htons
htonl
getsockname
WSASendTo
WSARecvFrom
ntohs
WSAGetOverlappedResult
WSASend
WSARecv
inet_ntoa
WSAStartup
gethostname
gethostbyname
ntohl
WSAEnumProtocolsA
WSAGetLastError
WSACleanup
WSAEnumNetworkEvents
WSASocketA
WSACloseEvent
WSACreateEvent
WSAConnect
bind
WSAEventSelect
closesocket
setsockopt

kernel32

GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
HeapSize
IsBadWritePtr
HeapReAlloc
InitializeCriticalSection
CreateEventA
DeleteCriticalSection
CloseHandle
WaitForMultipleObjectsEx
SetEvent
ResetEvent
EnterCriticalSection
LeaveCriticalSection
GetLastError
CreateThread
WaitForSingleObject
GetCurrentThreadId
SetThreadPriority
InterlockedExchange
SetFilePointer
InterlockedDecrement
WideCharToMultiByte
WaitForMultipleObjects
GlobalFree
GlobalAlloc
GetTickCount
lstrlenA
GetVersionExA
WriteFile
OutputDebugStringA
GetModuleFileNameA
VirtualAlloc
VirtualQuery
UnhandledExceptionFilter
VirtualFree
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
VirtualProtect
GetSystemInfo
FlushFileBuffers
InterlockedIncrement
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

user32

PostThreadMessageA
PeekMessageA
PostMessageA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
StringFromCLSID
CoTaskMemAlloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mtcontain.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3315a8ec8b3a582cafff8a545edf4e1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kybase\source\application\mtcontain\ReleaseMpc\mtcontain.pdb

Imports

kernel32

GetProcAddress
OutputDebugStringW
CloseHandle
FlushFileBuffers
GetSystemInfo
VirtualProtect
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
GetVersionExA
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
IsBadWritePtr
VirtualAlloc
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
FindResourceExW
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
lstrcpynW
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
GetModuleFileNameW
GetModuleHandleW
lstrcpyW
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
GetCPInfo
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
ExitProcess
RtlUnwind
HeapReAlloc
GetCommandLineA
QueryPerformanceCounter

user32

UnregisterClassW
CharNextW
IsWindow
SendMessageW
SetWindowLongW
CreateWindowExW
SystemParametersInfoA
GetSystemMetrics
PostMessageW
InflateRect
IntersectRect
GetWindowDC
ClientToScreen
ScreenToClient
SystemParametersInfoW
DrawTextW
SetCapture
GetCapture
GetDlgCtrlID
SetCursor
InvalidateRect
ReleaseCapture
RegisterClassExW
CallWindowProcW
GetWindowLongW
DefWindowProcW
EndPaint
BeginPaint
LoadBitmapW
DestroyWindow
DestroyCursor
LoadImageW
GetDC
ReleaseDC
GetParent
LoadCursorW
wsprintfW
GetClassInfoExW
SetWindowRgn
SetParent
EnableWindow
ShowWindow
GetClientRect
GetWindowRect
SetWindowPos

gdi32

CreateBitmap
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
SelectClipRgn
GetClipBox
PatBlt
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateCompatibleDC
BitBlt
PtInRegion
DeleteDC
CombineRgn
CreateFontIndirectW
CreateRectRgn
GetObjectW
DeleteObject
GetDIBits
SelectObject

advapi32

RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mtcontrol.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7870771ba65489879970c819013eb8ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kybase\source\application\mtcontrol\ReleaseMpc\mtcontrol.pdb

Imports

winmm

timeSetEvent
timeKillEvent
timeGetTime
waveInOpen
waveInClose

ws2_32

WSACancelAsyncRequest
ntohl
inet_addr
htonl
htons
WSAAsyncGetHostByName

kernel32

lstrlenA
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
WideCharToMultiByte
GetTickCount
lstrlenW
GetCurrentProcess
GetFileAttributesExW
CreateDirectoryW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WaitForSingleObject
SetEvent
WaitForMultipleObjects
CreateEventW
GetLastError
CreateThread
RaiseException
InterlockedIncrement
GetStringTypeA
LockResource
LoadResource
FindResourceW
FindResourceExW
InterlockedDecrement
FreeResource
MultiByteToWideChar
GetModuleFileNameW
OutputDebugStringW
LocalFree
LoadLibraryA
WriteFile
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
TerminateProcess
IsBadWritePtr
VirtualAlloc
GetStringTypeW
IsBadReadPtr
GetOEMCP
IsBadCodePtr
GetCPInfo
SetFilePointer
SizeofResource
VirtualFree
FlushFileBuffers
SetStdHandle
HeapCreate
SetUnhandledExceptionFilter
VirtualQuery
GetModuleHandleA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress

user32

GetClassInfoW
RegisterClassW
CreateWindowExW
ShowWindow
SetWindowLongW
GetWindowLongW
DefWindowProcW
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
wsprintfW
PostQuitMessage

gdi32

GetDeviceCaps
DeleteDC
CreateDCW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
OleRun
StringFromCLSID
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
GetErrorInfo
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxaudio.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0b96ee7a874474914092aaf0295b8d4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\mpc\mxaudio\Release\mxaudio.pdb

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
IsDBCSLeadByte
RaiseException
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
lstrcpyA
lstrcatA
CloseHandle
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
FreeLibrary
InterlockedExchange
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
SetFilePointer

user32

CharNextA

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance

oleaut32

SysFreeString
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxrender.dll
.dll regsvr32 windows:4 windows x86 arch:x86

107db36d92280f8e4f340dd812750d92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\multimedia\mxrender\Release_Mpc\mxrender.pdb

Imports

winmm

waveOutGetVolume
timeKillEvent
timeBeginPeriod
timeEndPeriod
timeGetTime
timeSetEvent
waveOutSetVolume

kernel32

ReleaseSemaphore
GetSystemInfo
VirtualFree
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
Sleep
lstrcpyW
MulDiv
FreeLibrary
LoadLibraryW
GetProcAddress
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetTickCount
VirtualProtect
LoadLibraryA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WaitForSingleObject
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
HeapSize
TerminateProcess
GetModuleHandleA
IsBadWritePtr
HeapCreate
HeapDestroy
VirtualQuery
HeapAlloc
HeapReAlloc
GetCommandLineA
ExitProcess
HeapFree
RtlUnwind
GetVersionExA
GetStringTypeA
GetStringTypeW
WaitForMultipleObjects
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrcpynW
DisableThreadLibraryCalls
GetModuleFileNameA
GetLastError
lstrlenA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetVersionExW
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetFilePointer
SetStdHandle
FlushFileBuffers
WriteFile
ReadFile
LCMapStringW
LCMapStringA

user32

DispatchMessageW
MsgWaitForMultipleObjects
GetWindowPlacement
SystemParametersInfoW
SetParent
IsZoomed
GetWindowTextW
SetWindowTextW
GetSystemMetrics
MoveWindow
InSendMessage
GetWindowThreadProcessId
DestroyWindow
RegisterWindowMessageW
IsWindow
SetForegroundWindow
PostMessageW
GetClassInfoW
LoadCursorW
RegisterClassW
CreateWindowExW
GetDC
ReleaseDC
SetWindowLongW
GetClientRect
MapWindowPoints
GetParent
GetWindowRect
GetWindowLongW
AdjustWindowRectEx
SetWindowPos
ShowWindow
PeekMessageW
GetQueueStatus
PostThreadMessageW
wsprintfW
DefWindowProcW
SetCursor
InvalidateRect
CharNextW
LoadStringW
SendMessageW
IsWindowVisible
IsIconic

gdi32

RealizePalette
SelectPalette
CreateCompatibleDC
SetStretchBltMode
GdiFlush
DeleteDC

advapi32

RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxscreen.dll
.dll regsvr32 windows:4 windows x86 arch:x86

27efafc89669d831ec33842d36fc3284

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\mpc\mxscreen\Release\mxscreen.pdb

Imports

ijl15

ord2
ord3
ord4
ord5

kernel32

LoadLibraryExA
GetModuleHandleA
GlobalFree
GlobalAlloc
CloseHandle
ReadFile
FindResourceA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadResource
SizeofResource
FreeLibrary
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrcatA
GetModuleFileNameA
lstrcpyA
lstrcpynA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WriteFile
SetStdHandle
SetFilePointer
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
GetProcAddress
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
FlushFileBuffers
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter

user32

ReleaseDC
DestroyCursor
GetDC
CharNextA
CreateIconIndirect

gdi32

CreateCompatibleBitmap
SetDIBits
DeleteObject
CreateBitmap

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr

rpcrt4

CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerRelease

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 115B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxshbasu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

50afe3a74e93b027483ceebef38966a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\multimedia\mxshbase\Unicode_Mpc\mxshbase.pdb

Imports

wininet

HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetCrackUrlW
InternetCloseHandle
InternetReadFile
InternetErrorDlg
HttpQueryInfoW
InternetConnectW
InternetOpenW

kernel32

SystemTimeToFileTime
GetSystemTime
GetTickCount
EnterCriticalSection
LeaveCriticalSection
lstrlenA
lstrlenW
InitializeCriticalSection
FlushFileBuffers
DeleteCriticalSection
RaiseException
InterlockedIncrement
lstrcpyW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
WaitForMultipleObjects
WaitForSingleObject
SetEvent
CreateThread
CreateEventW
ReadFile
DisableThreadLibraryCalls
GetModuleFileNameA
WriteFile
VirtualFree
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
GetProcAddress
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
TerminateProcess
CloseHandle
CreateFileW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedDecrement
SetFilePointer
GetSystemInfo
GetFileSize
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
VirtualProtect
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
ExitProcess
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
VirtualQuery

user32

CharNextW
wsprintfW

advapi32

RegQueryInfoKeyW
RegCreateKeyW
RegSetValueW
CryptDecrypt
CryptEncrypt
CryptVerifySignatureW
CryptSignHashW
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptImportKey
CryptExportKey
CryptDestroyKey
CryptGenKey
CryptReleaseContext
CryptAcquireContextW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoTaskMemRealloc
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize

oleaut32

VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxshmaiu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a1817a287b4885d47e7c26c3fcc2e4fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\multimedia\mxshmain\Unicode_Mpc\mxshmain.pdb

Imports

winmm

timeGetTime
timeKillEvent
timeSetEvent

ws2_32

htonl
htons
ntohl

ddraw

DirectDrawEnumerateExW
DirectDrawCreate

dsound

ord3
ord1

kernel32

GetModuleFileNameW
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
GetTickCount
HeapFree
GetProcAddress
LoadLibraryW
HeapAlloc
InterlockedCompareExchange
SetThreadPriority
WriteFile
GetCurrentThreadId
GetThreadPriority
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleFileNameA
GetSystemInfo
VirtualFree
GetCurrentProcess
VirtualAlloc
RtlUnwind
GetVersionExA
TlsGetValue
SetUnhandledExceptionFilter
VirtualQuery
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
IsBadWritePtr
TerminateProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
lstrcpyW
lstrlenW
lstrlenA
RaiseException
WideCharToMultiByte
MultiByteToWideChar
TlsFree
InterlockedIncrement
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentProcessId
lstrcpynW
GetVersionExW
ResetEvent
CreateThread
GetLastError
CreateEventW
WaitForMultipleObjects
CloseHandle
SetEvent
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
ExitProcess
HeapReAlloc
GetCommandLineA
GetModuleHandleA
TlsAlloc
SetLastError
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetCurrentThread
TlsSetValue

user32

GetDesktopWindow
SetTimer
BeginPaint
ClientToScreen
OffsetRect
GetClientRect
MonitorFromWindow
GetMonitorInfoW
InvalidateRect
DrawIcon
DestroyWindow
GetClassInfoW
LoadCursorW
RegisterClassW
CreateWindowExW
DefWindowProcW
PeekMessageW
DispatchMessageW
GetForegroundWindow
GetQueueStatus
GetDC
ReleaseDC
wsprintfW
SetCursor
GetWindowPlacement
SystemParametersInfoW
SendMessageW
SetParent
IsIconic
IsZoomed
GetWindowLongW
IsWindowVisible
GetWindowRect
SetWindowLongW
SetWindowPos
MoveWindow
ShowWindow
GetParent
MapWindowPoints
GetWindowTextW
SetWindowTextW
InSendMessage
GetSystemMetrics
FillRect
MsgWaitForMultipleObjects
RegisterWindowMessageW
IsWindow
PostMessageW
AdjustWindowRectEx
SetForegroundWindow
GetWindowThreadProcessId
PostThreadMessageW
CharNextW
EndPaint

gdi32

SetStretchBltMode
GdiFlush
CreateSolidBrush
GetPixel
SetPixel
StretchBlt
DeleteObject
CreateCompatibleDC
RealizePalette
SelectPalette
BitBlt
SelectObject
SetDIBitsToDevice
DeleteDC
CreateDIBSection
GetDeviceCaps
PatBlt

advapi32

RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegCreateKeyW

ole32

CoTaskMemRealloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoFreeUnusedLibraries

oleaut32

VarUI4FromStr
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxshsour.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1484867acca44d86b2d845db04e0c9f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeGetTime

ws2_32

htonl
htons
gethostbyname
ntohl
inet_addr

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
GetTempPathW
SetEvent
WaitForSingleObject
ResetEvent
CloseHandle
WaitForMultipleObjects
GetLastError
CreateThread
WideCharToMultiByte
GetTickCount
CreateEventW
DeleteFileW
ReadFile
SetFilePointer
WriteFile
SetEndOfFile
CreateFileW
GetTempFileNameW
lstrcpynW
InterlockedIncrement
InterlockedDecrement
GetTimeZoneInformation
GetSystemInfo
VirtualFree
lstrcmpW
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
lstrcpyW
lstrcmpiW
SetThreadPriority
GetThreadPriority
GetCurrentThread
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
VirtualProtect
SetConsoleCtrlHandler
LoadLibraryA
VirtualQuery
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
QueryPerformanceCounter
GetCurrentProcessId
SetEnvironmentVariableA
GetSystemTimeAsFileTime
HeapSize
GetLocaleInfoW
CompareStringA
CompareStringW
ReleaseSemaphore
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
RtlUnwind
GetCommandLineA
GetVersionExA
HeapFree
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
HeapAlloc
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FatalAppExitA

user32

PeekMessageW
MsgWaitForMultipleObjects
wvsprintfW
wsprintfW
PostThreadMessageW
RegisterWindowMessageW
GetQueueStatus
DispatchMessageW

advapi32

RegSetValueExW
RegCreateKeyW
RegSetValueW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxsource.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0ed9c32523266815d8702f2f18643290

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\multimedia\mxsource\Release_Mpc\mxsource.pdb

Imports

kernel32

GetLocaleInfoA
GetThreadLocale
GetVersionExW
lstrcpynW
InterlockedIncrement
InterlockedDecrement
CloseHandle
WaitForSingleObject
ReleaseSemaphore
GetSystemInfo
VirtualFree
lstrcmpW
GetCurrentProcess
GetCurrentThreadId
CreateSemaphoreW
VirtualAlloc
FreeLibrary
GetACP
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
GetProcAddress
GetTickCount
HeapReAlloc
GetCPInfo
GetOEMCP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GetStringTypeA
GetStringTypeW
DisableThreadLibraryCalls
VirtualProtect
HeapSize
LCMapStringW
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
ExitProcess
RtlUnwind
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
HeapFree
HeapAlloc
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
UnhandledExceptionFilter
WriteFile
LoadLibraryA
VirtualQuery
SetUnhandledExceptionFilter
LCMapStringA

user32

wsprintfW

advapi32

RegOpenKeyExW
RegCreateKeyW
RegSetValueW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW

ole32

StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_mxvideo.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fa2ee8ebe446184e5eb4bd56e98a1e60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kycore\source\mpc\mxvideo\Release\mxvideo.pdb

Imports

kernel32

lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrcmpiA
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
lstrcpyA
lstrcatA
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FreeLibrary
LoadLibraryA
IsDBCSLeadByte
GetProcAddress
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
IsBadCodePtr
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCurrentThreadId
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr

user32

CharNextA

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemRealloc
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VarUI4FromStr

shlwapi

PathFindExtensionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/csfcodec/mpc_wtlvcl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f1344e5402d45176281f313f4dc5b0cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Kysource_v2\kybase\source\wtlui\wtlvcl_mpc\Release\wtlvcl.pdb

Imports

user32

EnableWindow
ShowWindow
InvalidateRect
ScreenToClient
ClientToScreen
GetClientRect
GetWindowRect
SetWindowPos
SendMessageW
GetWindowLongW
CreateWindowExW
SetWindowLongW
IsWindow
DestroyAcceleratorTable
GetWindow
IsChild
GetFocus
SetFocus
GetDlgItem
GetClassNameW
CreateAcceleratorTableW
GetDesktopWindow
InvalidateRgn
FillRect
GetSysColor
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetScrollInfo
ShowScrollBar
GetCursorPos
SetScrollPos
PostMessageW
SetTimer
KillTimer
DestroyCursor
SetRect
CopyRect
RedrawWindow
GetUpdateRect
CharNextW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadBitmapW
SystemParametersInfoW
BeginPaint
EndPaint
GetCapture
GetDlgCtrlID
SetCursor
RegisterClassExW
ReleaseCapture
IntersectRect
CallWindowProcW
DefWindowProcW
DrawTextW
DestroyWindow
GetDC
ReleaseDC
OffsetRect
InflateRect
PtInRect
LoadCursorW
wsprintfW
GetClassInfoExW
SetWindowRgn
SetParent
GetParent
SetCapture
UnregisterClassW

kernel32

VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
VirtualQuery
GetCommandLineA
HeapReAlloc
ExitProcess
RtlUnwind
IsBadWritePtr
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
TerminateProcess
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
RaiseException
SetHandleCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetVersionExA
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
lstrcpyW
GetLastError
lstrcmpiW
lstrcpynW
GetTickCount
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
lstrcatW
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
lstrcmpW
LocalFree
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
InitializeCriticalSection

gdi32

PtInRegion
CreateBitmap
CreatePatternBrush
SetRectRgn
CreateRectRgnIndirect
PatBlt
SelectClipRgn
GetClipBox
CreateFontIndirectW
SetTextColor
SetBkMode
CombineRgn
CreateRectRgn
GetObjectW
DeleteObject
SelectObject
CreateCompatibleDC
GetDIBits
ExtSelectClipRgn
OffsetRgn
StretchBlt
SetViewportOrgEx
FillRgn
CreateSolidBrush
ExtTextOutW
SetBkColor
CreateCompatibleBitmap
GetTextExtentPoint32W
GetDeviceCaps
GetStockObject
BitBlt
DeleteDC

advapi32

RegQueryInfoKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysFreeString
DispCallFunc
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysStringLen
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString

shlwapi

PathFindExtensionW

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
ImageList_Create
InitializeFlatSB

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/d3dx9_41.dll
.dll windows:6 windows x86 arch:x86

8a679459baa9c700c6d9673a38beaffa

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

40:28:4f:4b:3e:34:4a:e8:a0:1a:47:ae:72:b1:c7:27:f9:00:8d:e5
Signer

Actual PE Digest

40:28:4f:4b:3e:34:4a:e8:a0:1a:47:ae:72:b1:c7:27:f9:00:8d:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx9_41.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_amsg_exit
_initterm
_XcptFilter
_CIcosh
_CIsinh
_CItan
_CItanh
getenv
_mbstrlen
strncmp
_fpclass
_strnicmp
strrchr
tolower
srand
strtod
fread
fflush
fwrite
abort
_tempnam
exit
atof
atol
isxdigit
_ultoa
wcstombs
_CIexp
_isnan
rand
isalnum
isalpha
atoi
toupper
floor
_strtime
_strdate
sscanf
isspace
isdigit
_setjmp3
longjmp
ldexp
frexp
calloc
realloc
_CIlog
setlocale
_strdup
free
_clearfp
ceil
_controlfp
malloc
_CIatan
_CIcos
_CIasin
_finite
_CIsin
_CIatan2
_CIacos
memmove
qsort
_CIfmod
_purecall
_stricmp
modf
iswspace
iswalpha
iswdigit
iswpunct
_CIsqrt
memcpy
memset
_CIpow
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob
strchr
_vsnprintf
_vsnwprintf
_errno
_CxxThrowException
__CxxFrameHandler

gdi32

GetObjectA
GetTextMetricsA
GetGlyphOutlineA
CreateDIBSection
DeleteDC
DeleteObject
SelectObject
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
TranslateCharsetInfo
GetCurrentObject
GetOutlineTextMetricsA
GetGlyphOutlineW
GetObjectW

kernel32

IsBadReadPtr
IsBadCodePtr
ExpandEnvironmentStringsA
SetEndOfFile
GlobalMemoryStatus
GetTempFileNameW
MoveFileW
MoveFileA
DeleteFileW
SetFilePointer
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageA
LocalFree
CreateFileW
GetFileSizeEx
GetFullPathNameW
IsBadWritePtr
IsDBCSLeadByte
WriteFile
GetTempPathA
GetTempFileNameA
CreateFileA
ReadFile
CloseHandle
DeleteFileA
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
VirtualFree
GetACP
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
GetVersion
GetSystemInfo
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapFree
HeapAlloc
DisableThreadLibraryCalls
WaitForSingleObject
ReleaseMutex
CreateMutexA
Sleep
InterlockedCompareExchange
TlsAlloc
InterlockedExchange
TlsSetValue
HeapDestroy
TlsGetValue
GetEnvironmentVariableA
HeapCreate
lstrcmpiA
GetFullPathNameA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
FindResourceW

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

D3DXAssembleShader
D3DXAssembleShaderFromFileA
D3DXAssembleShaderFromFileW
D3DXAssembleShaderFromResourceA
D3DXAssembleShaderFromResourceW
D3DXBoxBoundProbe
D3DXCheckCubeTextureRequirements
D3DXCheckTextureRequirements
D3DXCheckVersion
D3DXCheckVolumeTextureRequirements
D3DXCleanMesh
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXCompileShader
D3DXCompileShaderFromFileA
D3DXCompileShaderFromFileW
D3DXCompileShaderFromResourceA
D3DXCompileShaderFromResourceW
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXComputeIMTFromPerTexelSignal
D3DXComputeIMTFromPerVertexSignal
D3DXComputeIMTFromSignal
D3DXComputeIMTFromTexture
D3DXComputeNormalMap
D3DXComputeNormals
D3DXComputeTangent
D3DXComputeTangentFrame
D3DXComputeTangentFrameEx
D3DXConcatenateMeshes
D3DXConvertMeshSubsetToSingleStrip
D3DXConvertMeshSubsetToStrips
D3DXCreateAnimationController
D3DXCreateBox
D3DXCreateBuffer
D3DXCreateCompressedAnimationSet
D3DXCreateCubeTexture
D3DXCreateCubeTextureFromFileA
D3DXCreateCubeTextureFromFileExA
D3DXCreateCubeTextureFromFileExW
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileW
D3DXCreateCubeTextureFromResourceA
D3DXCreateCubeTextureFromResourceExA
D3DXCreateCubeTextureFromResourceExW
D3DXCreateCubeTextureFromResourceW
D3DXCreateCylinder
D3DXCreateEffect
D3DXCreateEffectCompiler
D3DXCreateEffectCompilerFromFileA
D3DXCreateEffectCompilerFromFileW
D3DXCreateEffectCompilerFromResourceA
D3DXCreateEffectCompilerFromResourceW
D3DXCreateEffectEx
D3DXCreateEffectFromFileA
D3DXCreateEffectFromFileExA
D3DXCreateEffectFromFileExW
D3DXCreateEffectFromFileW
D3DXCreateEffectFromResourceA
D3DXCreateEffectFromResourceExA
D3DXCreateEffectFromResourceExW
D3DXCreateEffectFromResourceW
D3DXCreateEffectPool
D3DXCreateFontA
D3DXCreateFontIndirectA
D3DXCreateFontIndirectW
D3DXCreateFontW
D3DXCreateFragmentLinker
D3DXCreateFragmentLinkerEx
D3DXCreateKeyframedAnimationSet
D3DXCreateLine
D3DXCreateMatrixStack
D3DXCreateMesh
D3DXCreateMeshFVF
D3DXCreateNPatchMesh
D3DXCreatePMeshFromStream
D3DXCreatePRTBuffer
D3DXCreatePRTBufferTex
D3DXCreatePRTCompBuffer
D3DXCreatePRTEngine
D3DXCreatePatchMesh
D3DXCreatePolygon
D3DXCreateRenderToEnvMap
D3DXCreateRenderToSurface
D3DXCreateSPMesh
D3DXCreateSkinInfo
D3DXCreateSkinInfoFVF
D3DXCreateSkinInfoFromBlendedMesh
D3DXCreateSphere
D3DXCreateSprite
D3DXCreateTeapot
D3DXCreateTextA
D3DXCreateTextW
D3DXCreateTexture
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileExW
D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW
D3DXCreateTextureFromResourceA
D3DXCreateTextureFromResourceExA
D3DXCreateTextureFromResourceExW
D3DXCreateTextureFromResourceW
D3DXCreateTextureGutterHelper
D3DXCreateTextureShader
D3DXCreateTorus
D3DXCreateVolumeTexture
D3DXCreateVolumeTextureFromFileA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateVolumeTextureFromFileExW
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateVolumeTextureFromFileW
D3DXCreateVolumeTextureFromResourceA
D3DXCreateVolumeTextureFromResourceExA
D3DXCreateVolumeTextureFromResourceExW
D3DXCreateVolumeTextureFromResourceW
D3DXDebugMute
D3DXDeclaratorFromFVF
D3DXDisassembleEffect
D3DXDisassembleShader
D3DXFVFFromDeclarator
D3DXFileCreate
D3DXFillCubeTexture
D3DXFillCubeTextureTX
D3DXFillTexture
D3DXFillTextureTX
D3DXFillVolumeTexture
D3DXFillVolumeTextureTX
D3DXFilterTexture
D3DXFindShaderComment
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFrameAppendChild
D3DXFrameCalculateBoundingSphere
D3DXFrameDestroy
D3DXFrameFind
D3DXFrameNumNamedMatrices
D3DXFrameRegisterNamedMatrices
D3DXFresnelTerm
D3DXGatherFragments
D3DXGatherFragmentsFromFileA
D3DXGatherFragmentsFromFileW
D3DXGatherFragmentsFromResourceA
D3DXGatherFragmentsFromResourceW
D3DXGenerateOutputDecl
D3DXGeneratePMesh
D3DXGetDeclLength
D3DXGetDeclVertexSize
D3DXGetDriverLevel
D3DXGetFVFVertexSize
D3DXGetImageInfoFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXGetImageInfoFromFileW
D3DXGetImageInfoFromResourceA
D3DXGetImageInfoFromResourceW
D3DXGetPixelShaderProfile
D3DXGetShaderConstantTable
D3DXGetShaderConstantTableEx
D3DXGetShaderInputSemantics
D3DXGetShaderOutputSemantics
D3DXGetShaderSamplers
D3DXGetShaderSize
D3DXGetShaderVersion
D3DXGetVertexShaderProfile
D3DXIntersect
D3DXIntersectSubset
D3DXIntersectTri
D3DXLoadMeshFromXA
D3DXLoadMeshFromXInMemory
D3DXLoadMeshFromXResource
D3DXLoadMeshFromXW
D3DXLoadMeshFromXof
D3DXLoadMeshHierarchyFromXA
D3DXLoadMeshHierarchyFromXInMemory
D3DXLoadMeshHierarchyFromXW
D3DXLoadPRTBufferFromFileA
D3DXLoadPRTBufferFromFileW
D3DXLoadPRTCompBufferFromFileA
D3DXLoadPRTCompBufferFromFileW
D3DXLoadPatchMeshFromXof
D3DXLoadSkinMeshFromXof
D3DXLoadSurfaceFromFileA
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromFileW
D3DXLoadSurfaceFromMemory
D3DXLoadSurfaceFromResourceA
D3DXLoadSurfaceFromResourceW
D3DXLoadSurfaceFromSurface
D3DXLoadVolumeFromFileA
D3DXLoadVolumeFromFileInMemory
D3DXLoadVolumeFromFileW
D3DXLoadVolumeFromMemory
D3DXLoadVolumeFromResourceA
D3DXLoadVolumeFromResourceW
D3DXLoadVolumeFromVolume
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXOptimizeFaces
D3DXOptimizeVertices
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXPreprocessShader
D3DXPreprocessShaderFromFileA
D3DXPreprocessShaderFromFileW
D3DXPreprocessShaderFromResourceA
D3DXPreprocessShaderFromResourceW
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXRectPatchSize
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHPRTCompSplitMeshSC
D3DXSHPRTCompSuperCluster
D3DXSHProjectCubeMap
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSaveMeshHierarchyToFileA
D3DXSaveMeshHierarchyToFileW
D3DXSaveMeshToXA
D3DXSaveMeshToXW
D3DXSavePRTBufferToFileA
D3DXSavePRTBufferToFileW
D3DXSavePRTCompBufferToFileA
D3DXSavePRTCompBufferToFileW
D3DXSaveSurfaceToFileA
D3DXSaveSurfaceToFileInMemory
D3DXSaveSurfaceToFileW
D3DXSaveTextureToFileA
D3DXSaveTextureToFileInMemory
D3DXSaveTextureToFileW
D3DXSaveVolumeToFileA
D3DXSaveVolumeToFileInMemory
D3DXSaveVolumeToFileW
D3DXSimplifyMesh
D3DXSphereBoundProbe
D3DXSplitMesh
D3DXTessellateNPatches
D3DXTessellateRectPatch
D3DXTessellateTriPatch
D3DXTriPatchSize
D3DXUVAtlasCreate
D3DXUVAtlasPack
D3DXUVAtlasPartition
D3DXValidMesh
D3DXValidPatchMesh
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray
D3DXWeldVertices

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/dh264.ax
.dll regsvr32 windows:4 windows x86 arch:x86

e0a178f6e8386f5645f237a968c75451

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetCursor

gdi32

RealizePalette

advapi32

RegCreateKeyA

shell32

ShellExecuteA

ole32

CoUninitialize

oleaut32

OleCreatePropertyFrame

winmm

timeGetTime

Exports

Exports

Config
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 607KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ProgramData/splayer/haalis.ax
.dll regsvr32 windows:5 windows x86 arch:x86

414ec1bc0de0d85027929ca19e0d6be5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

gdi32

BitBlt
AddFontResourceW
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateFontW
GetDeviceCaps
GetTextMetricsW
SetBkColor
SetBkMode
ExtTextOutW
DeleteDC
GdiFlush
SetTextColor
SetTextAlign
CreateDCA
RemoveFontResourceW

kernel32

GetModuleFileNameW
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
DeleteFileW
GetTempPathW
GetTempFileNameW
CreateFileW
WriteFile
GetLastError
GetSystemTime
SystemTimeToFileTime
CreateFileA
SetFilePointer
ReadFile
CreateThread
VirtualFree
VirtualAlloc
SetEndOfFile
GetVersion
InterlockedExchange
SetThreadPriority
GetCurrentThread
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
MulDiv
lstrlenW
EnterCriticalSection
FindFirstFileW
FindNextFileW
FindClose
lstrlenA
VirtualQuery
FreeLibrary
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LeaveCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
LoadLibraryA
GetModuleHandleA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
LoadResource
LockResource
SizeofResource
WaitForSingleObject
HeapAlloc
WaitForMultipleObjects
HeapFree
InterlockedDecrement
HeapDestroy
CreateEventW
HeapCreate
InterlockedIncrement
CloseHandle
ResetEvent
SetEvent
FindResourceExW
GetTickCount
Sleep
SetLastError
TlsFree
TlsSetValue
GetCurrentProcess
TlsAlloc
TlsGetValue
GetStdHandle
RtlUnwind
lstrcpynW
lstrcmpW
ReleaseSemaphore
CreateSemaphoreW
GetSystemInfo
DuplicateHandle
GetVersionExW
DisableThreadLibraryCalls
lstrcmpiA
RaiseException
OutputDebugStringA
FormatMessageW
HeapReAlloc
HeapSize
GetCommandLineA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetProcessHeap
LoadLibraryW

user32

GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
ShowWindow
GetWindowThreadProcessId
IsWindowVisible
MessageBoxW
EnumWindows
CreatePopupMenu
SendDlgItemMessageW
GetDesktopWindow
LoadStringW
DestroyWindow
InvalidateRect
CreateDialogParamW
GetMenuItemCount
CheckMenuRadioItem
DestroyMenu
GetDlgItem
SendMessageW
AppendMenuW
PostMessageW
TrackPopupMenu
GetCursorPos
SetForegroundWindow
LoadIconW
PostQuitMessage
DefWindowProcW
GetSystemMetrics
CreateWindowExW
RegisterClassW
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer
RegisterWindowMessageW
CallWindowProcW
EndPaint
BeginPaint
RedrawWindow
ReleaseDC
GetDC
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
SetWindowLongW
GetWindowLongW
KillTimer
GetSysColor

advapi32

RegEnumKeyExW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumValueA
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegSetValueW
RegQueryValueExW

shell32

Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoInitialize
CoFreeUnusedLibraries
CoInitializeEx
CoTaskMemFree
CoUninitialize

oleaut32

SafeArrayDestroy
SafeArrayCreateVector
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysAllocString
VariantInit
OleCreatePropertyFrame
SysFreeString
SysAllocStringLen
OleLoadPicture
SafeArrayCreate
SafeArrayGetDim

mkzlib

deflateBound
deflate
deflateInit_
deflateEnd
crc32
deflateReset
compress

mkunicode

iso_getlcid
iso_codetoname
iso_getentry
Utf8ToUtf16
Utf16ToUtf8
iso_getsyslang

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

rpcrt4

UuidToStringA
UuidFromStringA
RpcStringFreeA

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/ir41_32.ax
.dll regsvr32 windows:4 windows x86 arch:x86

1927d0db3b7884104ff5f0a44713b4b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

DefDriverProc
timeGetTime

kernel32

CreateSemaphoreA
CloseHandle
GlobalReAlloc
OutputDebugStringA
UnmapViewOfFile
OpenFileMappingA
GetSystemInfo
ReleaseSemaphore
WaitForSingleObject
MultiByteToWideChar
DeleteCriticalSection
GetCommandLineA
GetLastError
EnterCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
LeaveCriticalSection
lstrlenA
GetModuleFileNameA
InitializeCriticalSection
Sleep
InterlockedIncrement
InterlockedDecrement
VirtualAlloc
VirtualFree
GetModuleHandleA
GetACP
GetVersion
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetVersionExA
TlsAlloc
TlsFree
SetLastError
TlsGetValue
DisableThreadLibraryCalls
WideCharToMultiByte
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
HeapFree
HeapAlloc
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadWritePtr
HeapDestroy
LCMapStringA
LCMapStringW
HeapReAlloc
HeapSize
FlushFileBuffers
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
SetFilePointer
MapViewOfFile
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
IsBadReadPtr
LocalHandle
LocalUnlock
LocalFree
LocalAlloc
LocalLock
CreateFileMappingA
HeapCreate
TlsSetValue
IsBadCodePtr
RaiseException

advapi32

RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

LoadStringA
MessageBoxA
DialogBoxParamA
SetDlgItemInt
GetDlgItemTextA
IsRectEmpty
GetDlgItemInt
IsDlgButtonChecked
SetWindowLongA
GetWindowLongA
CheckDlgButton
SendMessageA
GetDlgItem
EnableWindow
ShowWindow
EndDialog
CheckRadioButton
SetDlgItemTextA
PostMessageA
EndPaint
GetWindowRect
LoadBitmapA
BeginPaint
WinHelpA
ReleaseDC
wsprintfA
wvsprintfA
CreateDialogParamA
MoveWindow
InvalidateRect
DestroyWindow
DefWindowProcA
LoadStringW
GetDesktopWindow
GetDC

gdi32

GetSystemPaletteEntries
DeleteDC
BitBlt
CreateCompatibleDC
SelectObject
GetObjectA

ole32

CoCreateInstance
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

AboutDialogProc
ConfigureDialogProc
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
DriverDialogProc
DriverProc

Sections

.text
Size: 467KB - Virtual size: 466KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/ir50_32.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a27070539407160f6a16064876e70fed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime
DefDriverProc

kernel32

OpenFileMappingA
GlobalUnlock
GlobalHandle
MapViewOfFile
GlobalAlloc
GlobalFree
GlobalReAlloc
UnmapViewOfFile
CloseHandle
CreateSemaphoreA
CreateFileMappingA
WaitForSingleObject
OutputDebugStringA
Sleep
GetLastError
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
WritePrivateProfileStringA
GetVersion
ReleaseSemaphore
GetSystemDirectoryA
GetModuleFileNameA
GetShortPathNameA
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
VirtualAlloc
VirtualFree
WideCharToMultiByte
GetACP
GetCurrentThreadId
GetVersionExA
DisableThreadLibraryCalls
lstrlenA
InitializeCriticalSection
RtlUnwind
RaiseException
GetCommandLineA
TlsSetValue
TlsAlloc
IsBadReadPtr
GlobalLock
TlsGetValue
ExitProcess
HeapFree
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
WriteFile
IsBadWritePtr
IsBadCodePtr
HeapAlloc
LocalAlloc
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
SetFilePointer
LocalLock
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
FindResourceA
LoadResource
LockResource
FreeResource
EnterCriticalSection
LeaveCriticalSection
LocalHandle
LocalUnlock
LocalFree
TlsFree
SetLastError

user32

PostMessageA
SendMessageA
EnableWindow
GetDlgItem
SetWindowTextA
WinHelpA
ShowWindow
SetFocus
MessageBoxA
SetWindowPos
OffsetRect
MapWindowPoints
GetClientRect
CheckRadioButton
IsRectEmpty
CreateDialogParamA
BeginPaint
wsprintfA
DestroyWindow
DefWindowProcA
LoadStringW
GetDesktopWindow
LoadBitmapA
EndPaint
SetDlgItemTextA
EndDialog
GetDC
ReleaseDC
SetDlgItemInt
CheckDlgButton
GetFocus
GetDlgCtrlID
IsDlgButtonChecked
GetDlgItemInt
GetWindowLongA
SetWindowLongA
wvsprintfA
DialogBoxParamA
LoadStringA
MoveWindow
InvalidateRect
GetWindowRect

gdi32

GetSystemPaletteEntries
BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC

advapi32

RegCreateKeyExA
RegSetValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegCreateKeyA
RegDeleteValueA
RegEnumKeyExA

ole32

CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

oleaut32

LoadTypeLi
RegisterTypeLi

Exports

Exports

AboutDialogProc
ConfigureDialogProc
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
DriverProc

Sections

.text
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/ivm.dll
.dll windows:4 windows x86 arch:x86

aeb197e7e6584ffaf9e62283b82c11d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindFirstFileA
CloseHandle
GetFileTime
CreateFileA
DeviceIoControl
FreeLibrary
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetFileSize
GetLastError
ReadFile
SetFilePointer
GetSystemTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
GetPrivateProfileStringA
lstrlenA
WriteFile
GetSystemDirectoryA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetLocalTime
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
DeleteCriticalSection
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
RaiseException

ole32

CoUninitialize
CoCreateGuid
CoInitialize

wininet

HttpQueryInfoA
InternetCloseHandle
InternetQueryOptionA
HttpSendRequestA
InternetSetOptionA
InternetOpenA
InternetConnectA
HttpOpenRequestA

crypt32

CertOpenSystemStoreA
CertFreeCertificateContext
CertCloseStore
CertFindCertificateInStore

Exports

Exports

??0AVDataObject@@QAE@ABV0@@Z
??0AVDataObject@@QAE@XZ
??0Basic_Stream@@QAE@ABV0@@Z
??0Basic_Stream@@QAE@HPAE@Z
??0BlowFish@@QAE@ABV0@@Z
??0BlowFish@@QAE@HPAE@Z
??0CryptFileStream@@QAE@ABV0@@Z
??0CryptFileStream@@QAE@PADH@Z
??0DrmAreaTimeZoneObject@@QAE@ABV0@@Z
??0DrmAreaTimeZoneObject@@QAE@XZ
??0DrmCopyCtrlObject@@QAE@ABV0@@Z
??0DrmCopyCtrlObject@@QAE@XZ
??0DrmCtrl@@QAE@ABV0@@Z
??0DrmCtrl@@QAE@XZ
??0DrmCtrlBase@@QAE@ABV0@@Z
??0DrmCtrlBase@@QAE@XZ
??0DrmCtrlUtility@@QAE@ABV0@@Z
??0DrmCtrlUtility@@QAE@XZ
??0DrmExpirationObject@@QAE@ABV0@@Z
??0DrmExpirationObject@@QAE@XZ
??0DrmObject@@QAE@ABV0@@Z
??0DrmObject@@QAE@XZ
??0DrmPayPerView@@QAE@ABV0@@Z
??0DrmPayPerView@@QAE@XZ
??0ExDataObject@@QAE@ABV0@@Z
??0ExDataObject@@QAE@XZ
??0ExSource@@QAE@ABV0@@Z
??0ExSource@@QAE@XZ
??0FileStream@@QAE@ABV0@@Z
??0FileStream@@QAE@PADHPAE@Z
??0FileStream@@QAE@XZ
??0FormatObject@@QAE@ABV0@@Z
??0FormatObject@@QAE@XZ
??0IVM@@QAE@ABV0@@Z
??0IVM@@QAE@XZ
??0IVMContainer@@QAE@ABV0@@Z
??0IVMContainer@@QAE@XZ
??0MediaElement@@QAE@ABV0@@Z
??0MediaElement@@QAE@H@Z
??0PropertyObject@@QAE@ABV0@@Z
??0PropertyObject@@QAE@XZ
??1AVDataObject@@UAE@XZ
??1Basic_Stream@@UAE@XZ
??1BlowFish@@UAE@XZ
??1CryptFileStream@@UAE@XZ
??1DrmAreaTimeZoneObject@@UAE@XZ
??1DrmCopyCtrlObject@@UAE@XZ
??1DrmCtrl@@UAE@XZ
??1DrmExpirationObject@@UAE@XZ
??1DrmPayPerView@@UAE@XZ
??1ExDataObject@@UAE@XZ
??1ExSource@@UAE@XZ
??1FileStream@@UAE@XZ
??1FormatObject@@UAE@XZ
??1IVM@@UAE@XZ
??1IVMContainer@@UAE@XZ
??1MediaElement@@UAE@XZ
??1PropertyObject@@UAE@XZ
??4AVDataObject@@QAEAAV0@ABV0@@Z
??4Basic_Stream@@QAEAAV0@ABV0@@Z
??4BlowFish@@QAEAAV0@ABV0@@Z
??4CryptFileStream@@QAEAAV0@ABV0@@Z
??4DrmAreaTimeZoneObject@@QAEAAV0@ABV0@@Z
??4DrmCopyCtrlObject@@QAEAAV0@ABV0@@Z
??4DrmCtrl@@QAEAAV0@ABV0@@Z
??4DrmCtrlBase@@QAEAAV0@ABV0@@Z
??4DrmCtrlUtility@@QAEAAV0@ABV0@@Z
??4DrmExpirationObject@@QAEAAV0@ABV0@@Z
??4DrmObject@@QAEAAV0@ABV0@@Z
??4DrmPayPerView@@QAEAAV0@ABV0@@Z
??4ExDataObject@@QAEAAV0@ABV0@@Z
??4ExSource@@QAEAAV0@ABV0@@Z
??4FileStream@@QAEAAV0@ABV0@@Z
??4FormatObject@@QAEAAV0@ABV0@@Z
??4IVM@@QAEAAV0@ABV0@@Z
??4IVMContainer@@QAEAAV0@ABV0@@Z
??4MediaElement@@QAEAAV0@ABV0@@Z
??4PropertyObject@@QAEAAV0@ABV0@@Z
??_7AVDataObject@@6B@
??_7Basic_Stream@@6B@
??_7BlowFish@@6B@
??_7CryptFileStream@@6B@
??_7DrmAreaTimeZoneObject@@6B@
??_7DrmCopyCtrlObject@@6B@
??_7DrmCtrl@@6B@
??_7DrmCtrlBase@@6B@
??_7DrmCtrlUtility@@6B@
??_7DrmExpirationObject@@6B@
??_7DrmObject@@6B@
??_7DrmPayPerView@@6B@
??_7ExDataObject@@6B@
??_7ExSource@@6B@
??_7FileStream@@6B@
??_7FormatObject@@6B@
??_7IVM@@6B@
??_7IVMContainer@@6B@
??_7MediaElement@@6B@
??_7PropertyObject@@6B@
??_FMediaElement@@QAEXXZ
?AddDrmObject@DrmCtrl@@UAEXPAVDrmObject@@@Z
?AddExFrame@ExDataObject@@QAEHPAU_EX_FRAME@@@Z
?AddExMedia@ExSource@@QAEHPAVMediaElement@@@Z
?AddMedia@IVM@@QAEHPAVMediaElement@@@Z
?AdviseOnProcess@FileStream@@QAEXP6GHH@Z_K@Z
?AdviseOnProcess@IVM@@QAEXP6GHH@Z@Z
?Create@ExSource@@QAEHPAVIVMContainer@@@Z
?Create@IVM@@QAEHEPADK0EEPAU_GUID@@E@Z
?Create@IVMContainer@@QAEHXZ
?Create@MediaElement@@QAEHGKGG_KMPAD1111@Z
?Create@MediaElement@@QAEHKPADK00JJK_K1MMMM_N20GPAE00@Z
?CreateAVReadStream@IVMContainer@@QAEPAVBasic_Stream@@PAE@Z
?CreateExSrcReadStream@IVMContainer@@QAEPAVBasic_Stream@@PAD@Z
?CreateFromFile@IVMContainer@@QAEHPAD@Z
?CreateVerifyInfo@DrmAreaTimeZoneObject@@IAEXXZ
?CreateVerifyInfo@DrmCopyCtrlObject@@IAEXXZ
?CreateVerifyInfo@DrmCtrl@@IAEXXZ
?CreateVerifyInfo@DrmExpirationObject@@IAEXXZ
?CreateVerifyInfo@DrmPayPerView@@IAEXXZ
?Decrypt@BlowFish@@QAEXPAE0@Z
?Encrypt@BlowFish@@QAEXPAE0@Z
?Errno@FileStream@@QAEHXZ
?ExFrame@ExDataObject@@QAEPAU_EX_FRAME@@H@Z
?FlushBuffer@FileStream@@UAEHXZ
?Forward@FileStream@@UAEX_J@Z
?GetAVDataObject@IVMContainer@@QAEHPAPAVAVDataObject@@@Z
?GetAVObject@MediaElement@@QAEPAU_AV_DATA_OBJECT@@XZ
?GetAdAmount@PropertyObject@@QAEGXZ
?GetAdDefault@PropertyObject@@QAEGXZ
?GetAdPositionAmount@PropertyObject@@QAEGXZ
?GetCPID@PropertyObject@@QAEPADXZ
?GetContainerLen@IVMContainer@@QAE_KXZ
?GetCpuID@DrmCopyCtrlObject@@IAEXPAE@Z
?GetCpuID@DrmPayPerView@@IAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetDataLen@AVDataObject@@QAE_KXZ
?GetDataStart@AVDataObject@@QAE_KXZ
?GetDistributor@DrmCtrl@@QAEPADXZ
?GetDistributor@MediaElement@@QAEPADXZ
?GetDistributor@PropertyObject@@QAEPADXZ
?GetDrmEnable@PropertyObject@@QAEEXZ
?GetDuration@AVDataObject@@QAE_KXZ
?GetDynamicVideoDecrypt@PropertyObject@@QAEEXZ
?GetEnablePlay@DrmCtrl@@UAEHXZ
?GetEncryptBase@AVDataObject@@QAEEXZ
?GetErrorString@DrmCtrl@@QAEPADXZ
?GetExDataObject@IVMContainer@@QAEHPAPAVExDataObject@@@Z
?GetExFrame@MediaElement@@QAEPAU_EX_FRAME@@XZ
?GetExFrameCount@ExDataObject@@QAEKXZ
?GetExSourceLen@ExSource@@QAE_KXZ
?GetFileSize@PropertyObject@@QAE_KXZ
?GetFormatObject@IVMContainer@@QAEHPAPAVFormatObject@@@Z
?GetGUID@DrmAreaTimeZoneObject@@UAE?AU_GUID@@XZ
?GetGUID@DrmCopyCtrlObject@@UAE?AU_GUID@@XZ
?GetGUID@DrmExpirationObject@@UAE?AU_GUID@@XZ
?GetGUID@DrmPayPerView@@UAE?AU_GUID@@XZ
?GetGuidLic@PropertyObject@@QAE?AU_GUID@@XZ
?GetKey@MediaElement@@QAEPADXZ
?GetKey@PropertyObject@@QAEPADXZ
?GetLicGuid@DrmCtrl@@UAE?AU_GUID@@XZ
?GetMajorVersion@FormatObject@@QAEGXZ
?GetMediaLen@MediaElement@@QAE_KXZ
?GetMediaType@MediaElement@@QAEHXZ
?GetMinorVersion@FormatObject@@QAEGXZ
?GetMovieID@DrmCtrl@@UAEKXZ
?GetObjectCount@FormatObject@@QAEKXZ
?GetObjectLen@AVDataObject@@QAE_KXZ
?GetObjectLen@ExDataObject@@QAE_KXZ
?GetObjectLen@FormatObject@@QAE_KXZ
?GetObjectLen@PropertyObject@@QAE_KXZ
?GetOriginalName@MediaElement@@QAEPADXZ
?GetOriginalName@PropertyObject@@QAEPADXZ
?GetPropertyObject@IVMContainer@@QAEHPAPAVPropertyObject@@@Z
?GetProprietorID@DrmCtrl@@UAEHPADH@Z
?GetProprietorId@PropertyObject@@QAEPADXZ
?GetReadMax@FileStream@@UAE_KXZ
?GetSerialNo@PropertyObject@@QAEKXZ
?GetSupervisor@PropertyObject@@QAEEXZ
?GetType@FormatObject@@QAEEXZ
?GetVideoBitrate@AVDataObject@@QAEKXZ
?GetVideoCodec@AVDataObject@@QAEGXZ
?GetVideoFramerate@AVDataObject@@QAEMXZ
?GetVideoHeight@AVDataObject@@QAEGXZ
?GetVideoWidth@AVDataObject@@QAEGXZ
?Init@AVDataObject@@QAEHXZ
?Init@DrmAreaTimeZoneObject@@QAEHPAU__DRM_AREA_INFO@@H_K@Z
?Init@DrmCopyCtrlObject@@QAEH_K@Z
?Init@DrmCtrl@@QAEHPAD00ABU_GUID@@PAKH@Z
?Init@DrmCtrl@@QAEHPAD00KABU_GUID@@@Z
?Init@DrmExpirationObject@@QAEHIJJI@Z
?Init@DrmPayPerView@@QAEH_KPAD@Z
?Init@ExDataObject@@QAEHXZ
?Init@FormatObject@@QAEHXZ
?Init@PropertyObject@@QAEHXZ
?IsChineseOs@DrmCtrl@@IAEHXZ
?IsEOF@Basic_Stream@@QAE_NXZ
?ProcessDrmLogic@DrmAreaTimeZoneObject@@UAEHPAVBasic_Stream@@@Z
?ProcessDrmLogic@DrmCopyCtrlObject@@UAEHPAVBasic_Stream@@@Z
?ProcessDrmLogic@DrmCtrl@@UAEHPAD0K@Z
?ProcessDrmLogic@DrmExpirationObject@@UAEHPAVBasic_Stream@@@Z
?ProcessDrmLogic@DrmPayPerView@@UAEHPAVBasic_Stream@@@Z
?PutAdAmount@PropertyObject@@QAEHG@Z
?PutAdDefault@PropertyObject@@QAEHG@Z
?PutAdPositionAmount@PropertyObject@@QAEHG@Z
?PutCPID@PropertyObject@@QAEHPAD@Z
?PutDataLen@AVDataObject@@QAEH_K@Z
?PutDistributor@PropertyObject@@QAEHPAD@Z
?PutDrmEnable@PropertyObject@@QAEHE@Z
?PutDuration@AVDataObject@@QAEH_K@Z
?PutDynamicVideoDecrypt@PropertyObject@@QAEHE@Z
?PutEnablePlay@DrmCtrl@@UAEXH@Z
?PutEncryptBase@AVDataObject@@QAEHE@Z
?PutErrorString@DrmCtrl@@UAEXH@Z
?PutFileSize@PropertyObject@@QAEH_K@Z
?PutGuidLic@PropertyObject@@QAEHU_GUID@@@Z
?PutKey@PropertyObject@@QAEHPAD@Z
?PutOriginalName@PropertyObject@@QAEHPAD@Z
?PutProprietorId@PropertyObject@@QAEHPAD@Z
?PutSerialNo@PropertyObject@@QAEHK@Z
?PutSupervisor@PropertyObject@@QAEHE@Z
?PutType@FormatObject@@QAEHE@Z
?PutVideoBitrate@AVDataObject@@QAEHK@Z
?PutVideoCodec@AVDataObject@@QAEHG@Z
?PutVideoFramerate@AVDataObject@@QAEHM@Z
?PutVideoHeight@AVDataObject@@QAEHG@Z
?PutVideoWidth@AVDataObject@@QAEHG@Z
?ReadBuffer@CryptFileStream@@UAEHPAEH@Z
?ReadBuffer@FileStream@@UAEHPAEH@Z
?ReadByte@Basic_Stream@@UAEEXZ
?ReadDword@Basic_Stream@@UAEKXZ
?ReadEncryptBuffer@Basic_Stream@@UAEHPAEHE@Z
?ReadGUID@Basic_Stream@@UAE?AU_GUID@@XZ
?ReadInternetFile@DrmCopyCtrlObject@@IAEHPADPAKPBD22@Z
?ReadLadData@DrmExpirationObject@@IAEH_K@Z
?ReadObject@AVDataObject@@QAEHAAVBasic_Stream@@@Z
?ReadObject@ExDataObject@@QAEHAAVBasic_Stream@@@Z
?ReadObject@FormatObject@@QAEHAAVBasic_Stream@@@Z
?ReadObject@PropertyObject@@QAEHAAVBasic_Stream@@@Z
?ReadObjectSSL@AVDataObject@@QAEHAAVBasic_Stream@@@Z
?ReadObjectSSL@ExDataObject@@QAEHAAVBasic_Stream@@@Z
?ReadObjectSSL@PropertyObject@@QAEHAAVBasic_Stream@@@Z
?ReadPrivateData@DrmExpirationObject@@IAEHXZ
?ReadQword@Basic_Stream@@UAE_KXZ
?ReadSSLEncryptBuffer@Basic_Stream@@UAEHPAEH@Z
?ReadWord@Basic_Stream@@UAEGXZ
?Release@FileStream@@UAEXXZ
?SetDrmCtrl@DrmAreaTimeZoneObject@@UAEXPAVDrmCtrlUtility@@@Z
?SetDrmCtrl@DrmCopyCtrlObject@@UAEXPAVDrmCtrlUtility@@@Z
?SetDrmCtrl@DrmExpirationObject@@UAEXPAVDrmCtrlUtility@@@Z
?SetDrmCtrl@DrmPayPerView@@UAEXPAVDrmCtrlUtility@@@Z
?SetIvmFilePath@DrmExpirationObject@@QAEXPAD@Z
?SetPointer@FileStream@@UAEH_K@Z
?SetPointera@FileStream@@IAEH_K@Z
?SetReadMax@FileStream@@UAEX_K@Z
?SetReadStart@FileStream@@UAEX_K@Z
?Tellp@FileStream@@UAE_KXZ
?Tellrp@FileStream@@UAE_KXZ
?Type@Basic_Stream@@QAEHXZ
?Verify@FormatObject@@QAEHXZ
?Verify@IVMContainer@@QAEHXZ
?Write2IVM@IVM@@QAEHPAD@Z
?Write2Lic@DrmAreaTimeZoneObject@@UAEHPAVBasic_Stream@@@Z
?Write2Lic@DrmCopyCtrlObject@@UAEHPAVBasic_Stream@@@Z
?Write2Lic@DrmExpirationObject@@UAEHPAVBasic_Stream@@@Z
?Write2Lic@DrmPayPerView@@UAEHPAVBasic_Stream@@@Z
?WriteBuffer@Basic_Stream@@UAEHPAEH@Z
?WriteBuffer@CryptFileStream@@UAEHPAEH@Z
?WriteByte@Basic_Stream@@UAEHAAE@Z
?WriteContainer@IVMContainer@@QAEHAAVBasic_Stream@@_K1@Z
?WriteDrmInfo2Lic@DrmCtrl@@UAEHXZ
?WriteDword@Basic_Stream@@UAEHAAK@Z
?WriteExSource@ExSource@@QAEHAAVBasic_Stream@@_K@Z
?WriteLadData@DrmExpirationObject@@IAEXXZ
?WriteMediaElement@MediaElement@@QAEHAAVBasic_Stream@@_KE@Z
?WriteObject@AVDataObject@@QAEHAAVBasic_Stream@@_K@Z
?WriteObject@ExDataObject@@QAEHAAVBasic_Stream@@_K@Z
?WriteObject@FormatObject@@QAEHAAVBasic_Stream@@@Z
?WriteObject@PropertyObject@@QAEHAAVBasic_Stream@@@Z
?WritePrivateData@DrmExpirationObject@@IAEXXZ
?WriteQword@Basic_Stream@@UAEHAA_K@Z
?WriteWord@Basic_Stream@@UAEHAAG@Z

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/lang/default
ProgramData/splayer/lang/splayer.cht.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\svn\lang\splayer.cht.pdb

Sections

.rdata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/splayer/lang/splayer.en.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/splayer/lang/splayer.fr.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/splayer/lang/splayer.ge.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/splayer/lang/splayer.ru.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/splayer/mkunicode.dll
.dll windows:5 windows x86 arch:x86

1da5d5aea5082cc09bfa84c92764c4f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocaleInfoA
MultiByteToWideChar

Exports

Exports

Utf16ToUtf8
Utf8ToUtf16
iso_code2tocode3
iso_code3tocode2
iso_code3tocode3
iso_codetoname
iso_getentry
iso_getlcid
iso_getsyslang
iso_nametocode3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/mkzlib.dll
.dll windows:5 windows x86 arch:x86

efcc761811aa76f93e9c981878270d69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
inflate
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/mmamrdmx.ax
.dll regsvr32 windows:4 windows x86 arch:x86

cf22c0c7ff7ad0f5db3ffbc40fed2717

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
FlushFileBuffers
HeapFree
HeapAlloc
GetCommandLineA
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapReAlloc
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
HeapCreate
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetModuleHandleA
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
GetVersionExA
GetThreadLocale
GetVersion
GetCurrentProcessId
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetModuleFileNameW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
SetLastError
SetErrorMode
DisableThreadLibraryCalls
lstrlenA
GetModuleFileNameA
MultiByteToWideChar
lstrcmpW
GetCurrentProcess
VirtualFree
VirtualAlloc
GetTickCount
GetModuleHandleW
CreateThread
GetVersionExW
GetCurrentThreadId
CreateEventW
GetProcAddress
GetLastError
InterlockedDecrement
InterlockedIncrement
LoadLibraryW
FreeLibrary
lstrlenW
WaitForMultipleObjects
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSection
InterlockedExchange
ResetEvent
SetEvent
HeapDestroy

user32

GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
UnregisterClassA
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
SendMessageW
GetKeyState
ValidateRect
PostQuitMessage
DestroyMenu
GetClientRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowRect
GetDesktopWindow
LoadStringW
SetWindowLongW
ShowWindow
DefWindowProcW
DestroyWindow
CreateDialogParamW
MoveWindow
InvalidateRect
GetWindowLongW
DispatchMessageW
PeekMessageW
RegisterWindowMessageW
SetTimer
KillTimer
GetDlgItem
SetWindowTextW
GetWindow

gdi32

ScaleWindowExtEx
DeleteDC
GetStockObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegSetValueW
RegEnumKeyExW
RegCreateKeyW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

StringFromGUID2
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/mp4.dll
.dll regsvr32 windows:5 windows x86 arch:x86

300402277af0c7024c23e778e66ea696

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
GetProcAddress
GetThreadLocale
FreeLibrary
LoadLibraryExW
lstrlenW
InterlockedDecrement
InterlockedIncrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetThreadLocale
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetFilePointer
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
VirtualQuery
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SafeArrayUnaccessData
VariantClear
SysFreeString
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysAllocStringLen

mkunicode

Utf16ToUtf8
Utf8ToUtf16

mkzlib

inflateInit_
inflateEnd
inflate

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/ogm.dll
.dll regsvr32 windows:5 windows x86 arch:x86

b917edfd761f1ce9e8e8288156f4e023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleFileNameW
SetThreadLocale
GetModuleHandleW
FreeLibrary
LoadLibraryExW
GetProcAddress
GetLastError
lstrlenW
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetThreadLocale
RaiseException
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
lstrlenA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
RtlUnwind
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount

user32

CharNextW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

VariantChangeType
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocStringLen
VariantClear
VariantInit
SafeArrayCreate
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SafeArrayAccessData
SysFreeString

mkunicode

iso_nametocode3
Utf8ToUtf16
iso_code3tocode3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/rlapedec.ax
.dll regsvr32 windows:4 windows x86 arch:x86

368725cbc26491f4c1eba4496db1bb3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

_wcsnicmp
?terminate@@YAXXZ
_except_handler3
calloc
_CxxThrowException
_strnicmp
atoi
wcsrchr
wcscpy
_wcsicmp
strncpy
sprintf
_wtoi
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
malloc
strstr
sscanf
qsort
memmove
wcslen
strncmp
??1type_info@@UAE@XZ

kernel32

DeleteFileW
CreateFileW
GetFileSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
DisableThreadLibraryCalls
lstrlenA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
CreateEventA
CloseHandle
WaitForSingleObject
InterlockedExchange
CreateThread
SetEvent
ResetEvent
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
FreeLibrary
Sleep
ReadFile
SetEndOfFile
SetFilePointer
WriteFile

user32

wsprintfA

advapi32

RegSetValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumValueA
RegCreateKeyA
RegSetValueExA
RegCloseKey

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance

oleaut32

SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
_FillWaveFormatEx@16
_FillWaveHeader@16

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/sinet.dll
.dll windows:5 windows x86 arch:x86

c540e8f5e47fa9c3891759f32609a3ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\svn\svplayer\Thirdparty\sinet\trunk\Release\sinet.pdb

Imports

kernel32

ReadConsoleInputA
SetConsoleMode
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
FlushConsoleInputBuffer
GetVersionExA
GlobalMemoryStatus
GetVersion
CreateFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CloseHandle
WaitForSingleObject
SetEvent
WideCharToMultiByte
MultiByteToWideChar
SleepEx
GetLastError
SetLastError
GetTickCount
Sleep
PeekNamedPipe
FreeLibrary
ReadFile
GetStdHandle
GetProcAddress
LoadLibraryA
GetFileType
WaitForMultipleObjects
ExpandEnvironmentStringsA
FormatMessageA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
ExitThread
ResumeThread
CreateThread
DeleteFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetSystemTimeAsFileTime
SetFilePointer
GetFileInformationByHandle
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
WriteFile
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
ExitProcess
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetFullPathNameA
CreateFileA
GetCurrentDirectoryA
SetStdHandle
HeapSize
SetConsoleCtrlHandler
GetUserDefaultLCID

ws2_32

freeaddrinfo
getaddrinfo
gethostname
ioctlsocket
listen
accept
select
__WSAFDIsSet
WSASetLastError
recvfrom
sendto
send
getpeername
connect
WSAGetLastError
htons
ntohs
getsockname
setsockopt
recv
bind
socket
getsockopt
closesocket
WSAStartup
WSACleanup
shutdown

wldap32

ord33
ord79
ord30
ord60
ord26
ord41
ord27
ord50
ord22
ord35
ord32
ord200
ord301
ord211
ord46
ord143

user32

GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW

gdi32

GetObjectA
SelectObject
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateDCA
GetBitmapBits
DeleteObject
GetDeviceCaps
DeleteDC

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource

Exports

Exports

_buffer_alloc
_buffer_free
_buffer_get
_buffer_size
_config_create_instance
_intlist_alloc
_intlist_free
_intlist_get
_intlist_size
_pool_create_instance
_postdata_create_instance
_postdataelem_create_instance
_request_create_instance
_string_alloc
_string_alloc_length
_string_free
_string_length
_string_realloc
_string_realloc_length
_stringmap_alloc
_stringmap_append
_stringmap_free
_stringmap_get_find
_stringmap_get_key
_stringmap_get_size
_stringmap_get_value
_task_create_instance
sinet_urldecode
sinet_urlencode

Sections

.text
Size: 804KB - Virtual size: 803KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/smackw32.dll
.dll windows:4 windows x86 arch:x86

bf0ee0de6cbd5865762c575dc8f8545c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
GetWindowThreadProcessId
GetTopWindow
GetFocus
IsWindow
LoadStringA
IsWindowVisible
GetForegroundWindow
IsChild
SystemParametersInfoA
GetWindowRect
GetParent
ClientToScreen
GetClassInfoA
GetWindowLongA
CreateWindowExA
GetDC
ReleaseDC
GetClassLongA
LoadCursorA
SetWindowLongA
ShowWindow
GetSystemMetrics
SetWindowPos
SetFocus
CallWindowProcA
GetWindow
GetActiveWindow
GetCursorPos
MessageBoxA
RegisterClassA
ShowCursor
PeekMessageA
ScreenToClient
SetCursor
DestroyWindow
UnregisterClassA
EndPaint
DefWindowProcA
BeginPaint
InvalidateRect

winmm

waveOutUnprepareHeader
timeKillEvent
timeSetEvent
waveOutGetID
waveOutSetVolume
waveOutReset
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutWrite
timeGetTime

kernel32

FreeLibrary
lstrcpyA
GetCurrentProcessId
ReadFile
GetOEMCP
CloseHandle
GetCPInfo
GetStartupInfoA
GetACP
GetFileType
SetHandleCount
GetStdHandle
TerminateProcess
ExitProcess
GetCurrentProcess
HeapCreate
GetCommandLineA
HeapDestroy
GetProcAddress
GetModuleHandleA
GetVersion
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFile
DisableThreadLibraryCalls
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
SetFilePointer
GetProfileIntA
LoadLibraryA
SetErrorMode
LoadModule
HeapFree
GetModuleFileNameA
OutputDebugStringA
HeapAlloc
CreateFileA

gdi32

StretchBlt
GetPixel
SetPixel
CreateCompatibleBitmap
GetDIBits
SetStretchBltMode
StretchDIBits
BitBlt
PatBlt
DeleteDC
GetDeviceCaps
CreatePalette
SelectPalette
RealizePalette
DeleteObject
GetSystemPaletteUse
GetSystemPaletteEntries
CreateCompatibleDC
SelectObject

Exports

Exports

_CopyData@20
_SmackBlit@44
_SmackBlitClear@32
_SmackBlitClose@4
_SmackBlitMask@52
_SmackBlitMerge@52
_SmackBlitOpen@4
_SmackBlitSetFlags@8
_SmackBlitSetPalette@12
_SmackBlitString@8
_SmackBlitTrans@48
_SmackBufferBlit@32
_SmackBufferClear@8
_SmackBufferClose@4
_SmackBufferCopyPalette@12
_SmackBufferEndMultipleBlits@4
_SmackBufferFocused@4
_SmackBufferFromScreen@16
_SmackBufferNewPalette@12
_SmackBufferOpen@24
_SmackBufferSetPalette@4
_SmackBufferStartMultipleBlits@4
_SmackBufferString@8
_SmackBufferToBuffer@32
_SmackBufferToBufferMask@40
_SmackBufferToBufferMerge@40
_SmackBufferToBufferTrans@36
_SmackCheckCursor@20
_SmackClose@4
_SmackColorRemapWithTrans@20
_SmackColorTrans@8
_SmackDDSurfaceType@4
_SmackDoFrame@4
_SmackFrameRate@4
_SmackGetTrackData@12
_SmackGoto@8
_SmackIsSoftwareCursor@8
_SmackNextFrame@4
_SmackOpen@12
_SmackRestoreCursor@4
_SmackSetSystemRes@4
_SmackSimulate@4
_SmackSoundCheck@0
_SmackSoundInTrack@8
_SmackSoundOnOff@8
_SmackSoundSetDirectSoundHWND@4
_SmackSoundUseDW@12
_SmackSoundUseDirectSound@4
_SmackSoundUseMSS@4
_SmackSoundUseWin@0
_SmackSummary@8
_SmackToBuffer@28
_SmackToBufferRect@8
_SmackToScreen@28
_SmackUseMMX@4
_SmackVolumePan@16
_SmackWait@4
_TimerFunc@20
_ailcallback@4
_radfree@4
_radmalloc@4

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_UNSTEXT
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/sphash.dll
.dll windows:5 windows x86 arch:x86

69eb3b6ebe4cae86f24a356e5c4de784

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\svn\svplayer\Thirdparty\pkg\trunk\sphash\Release\sphash.pdb

Imports

kernel32

LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
CloseHandle
GetFileType
CreateFileW
SetFilePointer
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
GetCommandLineA
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
HeapAlloc
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetFullPathNameW
GetCurrentDirectoryA
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
SetEndOfFile
GetProcessHeap
SetHandleCount
GetStdHandle
GetStartupInfoA
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleHandleA

Exports

Exports

hash_data
hash_file

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/splayer.exe
.exe windows:5 windows x86 arch:x86

6d0f4e5f310f6ab7019ae03a7f3aee31

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6c:58:77:15:ee:87:07:2e:7e:b8:81:68:07:e4:bd:39
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

15/07/2010, 00:00

Not After

14/07/2012, 23:59

Subject

CN=Sagittarius Technology Co.Ltd,O=Sagittarius Technology Co.Ltd,POSTALCODE=NA,STREET=724-4\, No. 710\, Siping Road,L=Hongkou District,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:1f:45:80:1f:cc:db:3d:4e:e7:ae:62:97:2d:98:5a:66:2c:9f:09
Signer

Actual PE Digest

63:1f:45:80:1f:cc:db:3d:4e:e7:ae:62:97:2d:98:5a:66:2c:9f:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\svn\splayer.pdb

Imports

ddraw

DirectDrawCreateEx

rpcrt4

RpcStringFreeW
UuidCreateSequential
RpcStringFreeA
UuidCreate
UuidToStringA
UuidToStringW

winmm

timeGetDevCaps
mixerSetControlDetails
timeGetTime
timeEndPeriod
timeSetEvent
waveOutGetVolume
timeBeginPeriod
waveOutSetVolume
timeKillEvent

dsound

ord1
ord3

imm32

ImmAssociateContextEx

unrar

ord15
ord14
ord3
ord16
ord6
ord5
ord2
ord13

sphash

hash_file
hash_data

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

CreateMutexA
GetSystemDirectoryA
GetModuleHandleA
InterlockedExchangeAdd
FormatMessageA
SetEndOfFile
GetThreadPriority
CreateSemaphoreW
lstrcmpW
ReleaseSemaphore
GetSystemInfo
VirtualFree
DuplicateHandle
CreateSemaphoreA
IsDBCSLeadByteEx
SetFilePointerEx
GetFileSizeEx
ReleaseMutex
GetVolumeInformationW
LoadLibraryA
GetSystemDirectoryW
SetFileTime
FlushFileBuffers
UnlockFile
LockFile
LockFileEx
GetVersionExA
AreFileApisANSI
GetFileAttributesA
DeleteFileA
GetFileAttributesW
GetTempPathA
GetFullPathNameA
LocalAlloc
GlobalSize
GlobalFree
CompareStringW
GlobalFindAtomW
FreeResource
lstrcmpA
GetProfileIntW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetStringTypeExW
GetThreadLocale
CompareStringA
SetThreadContext
ConvertDefaultLocale
FileTimeToLocalFileTime
SuspendThread
FindResourceExW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
ExitProcess
ExitThread
HeapReAlloc
GetFileType
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
SetStdHandle
HeapSize
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
HeapDestroy
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
OpenEventA
IsProcessorFeaturePresent
InterlockedCompareExchange
VirtualAlloc
VirtualQuery
GetACP
GetPrivateProfileSectionW
VirtualProtect
GetLocaleInfoA
SetFilePointer
GetThreadContext
SizeofResource
LockResource
LoadResource
FindResourceW
CreateThread
WaitForMultipleObjects
GlobalGetAtomNameW
GlobalAddAtomW
GlobalDeleteAtom
WriteFile
GetFileSize
ReadFile
LeaveCriticalSection
EnterCriticalSection
GetSystemTime
FormatMessageW
LocalFree
GetTempFileNameW
GetFileTime
OutputDebugStringW
DebugBreak
GetEnvironmentVariableW
CreateEventW
GetTickCount
HeapAlloc
GetProcessHeap
HeapFree
GetSystemTimeAsFileTime
GetComputerNameW
lstrlenA
lstrcpyW
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
RemoveDirectoryW
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GetPrivateProfileSectionA
GetSystemPowerStatus
DeleteFileW
GetFileAttributesExW
GlobalUnlock
GlobalLock
GlobalAlloc
RaiseException
WritePrivateProfileStringA
GetPrivateProfileStringA
DeviceIoControl
GetModuleFileNameA
CreateFileA
IsDebuggerPresent
GetCurrentThreadId
GetModuleFileNameW
CreateDirectoryW
GetVersionExW
GetExitCodeThread
TerminateProcess
GetUserDefaultLCID
SetUnhandledExceptionFilter
QueryPerformanceFrequency
ResetEvent
GetSystemDefaultLangID
GetFullPathNameW
CreateFileW
GetCurrentProcessId
CreateEventA
QueryPerformanceCounter
lstrcmpiW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
TerminateThread
GetCurrentThread
SetThreadPriority
LoadLibraryW
GetTempPathW
ReadProcessMemory
WriteProcessMemory
LoadLibraryExW
GetProcAddress
FreeLibrary
VirtualAllocEx
VirtualProtectEx
VirtualFreeEx
CreateMutexW
FindNextFileW
GetCurrentDirectoryW
FindFirstFileW
FindClose
GetDiskFreeSpaceExW
CopyFileW
WaitForSingleObject
Sleep
OpenProcess
CloseHandle
SetThreadExecutionState
GetLocaleInfoW
SetEvent
MulDiv
OpenMutexW
GetVersion
GetLogicalDriveStringsW
GetDriveTypeW
SetLastError
MultiByteToWideChar
lstrcpynW
SetPriorityClass
WideCharToMultiByte
ResumeThread
FlushInstructionCache
SetSystemPowerState
GetCurrentProcess
GetLastError
EnumResourceLanguagesW

ole32

OleGetClipboard
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
CoRevokeClassObject
CoCreateInstance
CoTaskMemFree
OleSaveToStream
CoTaskMemAlloc
OleLoadFromStream
CoTaskMemRealloc
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
StringFromGUID2
CoInitializeSecurity
CoInitializeEx
CLSIDFromString
MkParseDisplayName
CreateBindCtx
CreateItemMoniker
GetRunningObjectTable
CoFreeUnusedLibraries
CoFreeLibrary
CoLoadLibrary
CoSetProxyBlanket
RevokeDragDrop
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleDuplicateData
RegisterDragDrop
CoLockObjectExternal
CoRegisterMessageFilter

user32

UnregisterClassW
LockWindowUpdate
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
UnhookWindowsHookEx
TrackPopupMenu
GetScrollPos
GetClassInfoW
RegisterClassW
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuStringW
GetMenu
CharLowerBuffW
AdjustWindowRectEx
GetWindowRgn
GetScrollInfo
EnumWindows
GetClassNameW
GetQueueStatus
MsgWaitForMultipleObjects
wsprintfA
IntersectRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetClassInfoExW
DialogBoxParamW
DrawEdge
DialogBoxIndirectParamW
ValidateRect
GetUpdateRect
GetWindowTextLengthW
GetWindowTextW
SetFocus
SetParent
SetDlgItemTextW
IsDlgButtonChecked
TrackMouseEvent
SetWindowTextW
EndDialog
GetMessageTime
MessageBeep
GetMessagePos
SetRectEmpty
DestroyIcon
GetSysColor
CreateWindowExW
PostQuitMessage
MonitorFromPoint
GetCursor
wsprintfW
GetClassLongW
SetClassLongW
GetCapture
SetRect
EndPaint
BeginPaint
SetActiveWindow
GetDlgCtrlID
TranslateMessage
DispatchMessageW
ClientToScreen
GetWindow
GetDlgItemTextW
CallWindowProcW
LoadBitmapA
LoadIconA
LoadStringW
LoadStringA
LoadImageA
MessageBoxW
MessageBoxA
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
FindWindowExW
CreateAcceleratorTableW
UnregisterHotKey
RegisterHotKey
DestroyAcceleratorTable
DrawFocusRect
DestroyWindow
SetWindowsHookExW
PeekMessageW
UpdateWindow
LoadIconW
RegisterWindowMessageW
SetWindowPos
GetWindowModuleFileNameW
GetWindowThreadProcessId
RegisterClassExW
IsMenu
CreateDialogParamW
EnumDisplayMonitors
SetMenu
GetAsyncKeyState
GetDC
GetMenuBarInfo
MonitorFromWindow
GetMonitorInfoW
ExitWindowsEx
RegisterClipboardFormatW
DefWindowProcW
PostThreadMessageW
GetForegroundWindow
WindowFromPoint
IsChild
GetDesktopWindow
RedrawWindow
GetDCEx
ReleaseDC
GetWindowDC
ScreenToClient
SetWindowRgn
IsIconic
LoadMenuW
RemoveMenu
InsertMenuW
GetSubMenu
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
EnableMenuItem
AppendMenuW
DeleteMenu
CreatePopupMenu
LoadBitmapW
UnionRect
OffsetRect
InflateRect
PtInRect
IsRectEmpty
GetWindowLongW
SetWindowLongW
EmptyClipboard
SetClipboardData
CloseClipboard
SetLayeredWindowAttributes
OpenClipboard
GetFocus
FrameRect
GetDlgItem
GetSysColorBrush
CopyRect
FindWindowW
IsWindow
ShowWindow
IsWindowVisible
SetForegroundWindow
ChangeDisplaySettingsW
EnumDisplayDevicesA
GetSystemMetrics
SystemParametersInfoW
FillRect
GetActiveWindow
SendMessageW
EnableWindow
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadImageW
ReleaseCapture
GetKeyState
SetCursor
MapWindowPoints
WaitMessage
SetWindowContextHelpId
CharUpperW
ShowOwnedPopups
GetSystemMenu
MapDialogRect
IsClipboardFormatAvailable
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
GetParent
SetCapture
KillTimer
SetTimer
InvalidateRect
GetClientRect
CreateDialogIndirectParamW
GetNextDlgTabItem
MoveWindow
IsDialogMessageW
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
CheckMenuItem
IsWindowEnabled
GetMessageW
SendDlgItemMessageW
SendDlgItemMessageA
SendMessageCallbackW
WinHelpW
GetWindowRect
PostMessageW
LoadCursorW
EqualRect
CallNextHookEx
SetPropW
GetPropW
UnregisterClassA
RemovePropW
GetLastActivePopup
CharNextW
GetTopWindow
GetCursorPos

gdi32

OffsetRgn
CreateBitmap
CreatePolygonRgn
GetPixel
AddFontResourceW
TranslateCharsetInfo
SetMapMode
EndPath
AbortPath
GetPath
BeginPath
CloseFigure
PatBlt
GetTextColor
CancelDC
EnumFontFamiliesW
CreateDCW
CopyMetaFileW
GetClipBox
SaveDC
RestoreDC
IntersectClipRect
GetTextMetricsW
SetColorAdjustment
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetRectRgn
ExtSelectClipRgn
CreatePatternBrush
CreateHatchBrush
GetMapMode
DPtoLP
GetBkColor
GetCharWidthW
StretchDIBits
GetRgnBox
SetStretchBltMode
EnumFontFamiliesExW
EqualRgn
CombineRgn
GetCurrentObject
SetBkColor
GetRegionData
FillRgn
FrameRgn
SetPixel
ExcludeClipRect
SetViewportOrgEx
AddFontResourceExW
CreateFontW
GetColorAdjustment
SetBrushOrgEx
GetDeviceCaps
CreateICW
PtInRegion
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
GetTextExtentPoint32W
CreateFontIndirectW
CreatePen
Rectangle
LineTo
MoveToEx
SetTextColor
SetBkMode
CreateSolidBrush
Escape
ExtTextOutW
TextOutW
GetStockObject
GetDIBits
RectVisible
PtVisible
CreateDIBSection
DeleteObject
GetKerningPairsW
BitBlt
GetObjectW
CreateCompatibleBitmap
StretchBlt
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC

msimg32

GradientFill
AlphaBlend

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyA
RegEnumKeyW
RegSetValueA
RegSetValueW
RegQueryValueW
RegQueryValueA
RegOpenKeyW
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
GetUserNameW
RegQueryInfoKeyW
RegDeleteKeyW
CloseServiceHandle
RegDeleteValueW
OpenProcessToken
ControlService
OpenServiceA
OpenSCManagerW
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyExW

shell32

SHChangeNotify
Shell_NotifyIconW
ord680
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
DragQueryFileW
DragAcceptFiles
ShellExecuteExW
ExtractIconExW
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteW

comctl32

InitCommonControlsEx
_TrackMouseEvent
DestroyPropertySheetPage
CreatePropertySheetPageW
PropertySheetW

shlwapi

PathAddExtensionW
PathAddBackslashW
PathCombineW
PathFindExtensionW
PathRemoveBackslashW
PathRemoveFileSpecW
PathStripPathW
PathFindFileNameW
PathIsDirectoryW
PathRenameExtensionW
PathFileExistsW
PathRemoveExtensionW
PathStripToRootW
PathCanonicalizeW
PathIsRootW
PathIsUNCW
PathAppendW
UrlUnescapeW

oledlg

OleUIBusyW

oleaut32

SafeArrayDestroy
OleLoadPicture
VariantTimeToSystemTime
VariantCopy
SysAllocStringLen
VarBstrCmp
VariantChangeType
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
SafeArrayUnaccessData
SystemTimeToVariantTime
OleCreatePropertyFrame
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
LoadTypeLi
SysAllocString
VariantClear
VariantInit
SysFreeString
SysStringLen

urlmon

UrlMkSetSessionOption

uxtheme

OpenThemeData
DrawThemeBackground

ws2_32

__WSAFDIsSet
WSACleanup
select
WSAStartup
WSAGetLastError
accept
listen
WSASocketA
send
closesocket
socket
bind
recv
setsockopt
getsockname
htonl
connect
ioctlsocket
freeaddrinfo
htons
getaddrinfo
getsockopt
recvfrom
inet_addr
WSAAsyncSelect
sendto
WSASetLastError
gethostbyname

wintrust

WinVerifyTrust

wininet

InternetReadFile
HttpQueryInfoW
InternetCloseHandle
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetOpenUrlW
InternetOpenW
InternetSetOptionW
HttpQueryInfoA
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW

Sections

.text
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text.un
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 523KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_i
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_l
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_f
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_l
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_p
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_p
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_a
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_r
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_s
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug_l
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_i
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_a
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_f
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_l
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_p
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug_r
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/splayer/ts.dll
.dll regsvr32 windows:5 windows x86 arch:x86

282ab4084f47e3d52f7361377f375f8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleA
GetProcAddress
GetThreadLocale
GetLastError
SetThreadLocale
lstrlenW
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
DeleteCriticalSection
LockResource
EnterCriticalSection
RaiseException
MultiByteToWideChar
GetFileAttributesW
LeaveCriticalSection
SizeofResource
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LoadResource
FindResourceW
FindResourceExW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
lstrlenA
OutputDebugStringA
GetTickCount
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
VirtualAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
LCMapStringA
GetStringTypeA
GetStringTypeW
VirtualQuery

user32

CharNextW

advapi32

RegOpenKeyExW
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW

ole32

CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VariantInit
SysAllocStringLen
SafeArrayUnaccessData
VarUI4FromStr
SysFreeString
VariantChangeType
SafeArrayCreate
SafeArrayDestroy
SafeArrayAccessData
VariantClear

mkunicode

Utf8ToUtf16

rpcrt4

RpcStringFreeA
UuidToStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/unrar.dll
.dll windows:5 windows x86 arch:x86

d40363c7ef8bb596c83c90482d2c056c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\[researches]\unrar\build\unrardll32\Release\unrar.pdb

Imports

kernel32

SetEndOfFile
GetFileType
CreateFileA
CreateFileW
ReadFile
GetStdHandle
WriteFile
GetProcAddress
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
GetFullPathNameA
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
SetFilePointer
FindNextFileW
FindFirstFileW
GetVersionExA
GetModuleFileNameA
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
WideCharToMultiByte
MultiByteToWideChar
IsDBCSLeadByte
GetCPInfo
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
MoveFileA
SetFileTime
GetCurrentProcess
GetLastError
CloseHandle
FindFirstFileA
Sleep
GetConsoleMode
WriteConsoleW
GetConsoleCP
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
DeleteFileA
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetACP
GetOEMCP
IsValidCodePage
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

CharLowerA
CharUpperA
OemToCharA
CharToOemBuffA
OemToCharBuffA
CharToOemA

advapi32

SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/vp6dec.ax
.dll regsvr32 windows:4 windows x86 arch:x86

ff1fa4ec04e991f4a598878a4c461e63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
CloseHandle
GetCurrentProcess
GetCurrentThreadId
VirtualAlloc
VirtualFree
FreeLibrary
LoadLibraryA
lstrlenA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetVersionExA
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetACP
GetCommandLineA
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GlobalAlloc
GlobalFree
RtlUnwind
GetVersion
HeapAlloc
HeapReAlloc
HeapFree
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
MulDiv
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
WriteFile
LCMapStringA
LCMapStringW
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CreateFileA
SetFilePointer
SetStdHandle
FlushFileBuffers
GetCPInfo
GetOEMCP
GetStringTypeA
GetStringTypeW
SetEndOfFile
ReadFile
GetStartupInfoA

user32

ShowWindow
CreateDialogParamA
DefWindowProcA
InvalidateRect
MoveWindow
DestroyWindow
wvsprintfA
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
GetWindowLongA
wsprintfA
MessageBoxA
SetWindowLongA
GetDlgItem
SendDlgItemMessageA
GetDlgItemInt
SetDlgItemTextA
CheckRadioButton
EnableWindow
CheckDlgButton
SetDlgItemInt
SendMessageA
IsRectEmpty

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegDeleteKeyA

ole32

CoFreeUnusedLibraries
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

winmm

timeGetTime

gdi32

CreateCompatibleDC
CreateBitmap
SelectObject
CreateFontA
SetTextColor
SetBkColor
DeleteDC
SetBkMode
BitBlt
ExtTextOutA
DeleteObject
GetPixel

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 228KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WILK_DX_
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/vp8decoder.dll
.dll regsvr32 windows:5 windows x86 arch:x86

199b07b9d7ffa0b7b507692853b9bdfa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\-=D0wNL0ADS=-\dll\webmdshow\Release\vp8decoder.pdb

Imports

kernel32

CreateEventW
GetModuleFileNameW
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
WaitForSingleObject
CloseHandle
ReleaseMutex
GetLastError
CreateMutexW
InterlockedDecrement
Sleep
InterlockedIncrement
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
WideCharToMultiByte
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapReAlloc
RtlUnwind
ExitThread
CreateThread
RaiseException
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetModuleHandleA
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount

user32

SetRectEmpty

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

ole32

CoWaitForMultipleHandles
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleRun
StringFromGUID2

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

shlwapi

SHDeleteKeyW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/wmasf.dll
.dll windows:6 windows x86 arch:x86

77f167c035bacf665ee78fb91862238d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\WINDOWS\TEMP\Hpolaris_beta1\optPolaris\baseline\WMASF.pdb

Imports

msvcrt

_XcptFilter
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_wcsicmp
_purecall
memcpy
memmove
memset
??2@YAPAXI@Z
??3@YAXPAX@Z

ntdll

RtlUnwind

kernel32

HeapAlloc
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
CloseHandle
GetLastError
WriteFile
FlushFileBuffers
WideCharToMultiByte
CreateFileA
SetFilePointer
ReadFile
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
SetUnhandledExceptionFilter
GetProcessHeap
HeapFree
MultiByteToWideChar
MulDiv
InitializeCriticalSection

ole32

CoCreateGuid

Exports

Exports

ASFAddPresDelta
ASFAddSendDelta
ASFCalculatePresDelta
ASFCreateBitrateTracker
ASFCreateIOMonitor
ASFCreateIndexMaker
ASFCreateIndexMakerFileSink
ASFCreateLibrary
ASFCreateMediaObjectIndexMaker
ASFCreateStreamSelector
ASFFindHeaderObject
ASFFindRootObject
ASFFindStreamPropertiesObject
ASFGUIDFromCodecID
ASFGUIDToCodecID
ASFGetDataUnitInfo
ASFGetHeaderObject
ASFGetRootObject
ASFGetStreamPropertiesObject
ASFGetTimeBase
ASFPresDeltaTimeToTime
ASFPresDeltaToFull
ASFPresFullToDelta
ASFPresTimeToSendTime
ASFPresTimeToTime
ASFReadHeaderFromFile
ASFReadHeaderFromFileHandle
ASFSendTimeToPresTime
ASFSendTimeToTime
ASFSetDataUnitInfo
ASFTimeToPresDeltaTime
ASFTimeToPresTime
ASFTimeToSendTime
ASFWriteHeaderToFile
CreateAsfCellPoolAllocator

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ProgramData/splayer/wmvcore.dll
.dll regsvr32 windows:6 windows x86 arch:x86

ccda24035f47a3ade8f338ab525f9080

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

wmvcore.pdb

Imports

wmasf

ord9
ord8
ord6
ord10
ASFTimeToPresTime
ASFTimeToSendTime
ASFSendTimeToTime
ASFPresTimeToTime
ord18
ASFCreateStreamSelector
ASFGetTimeBase
ASFSetDataUnitInfo
ord24
ord11
ord7
ord17
ord5

msvcrt

_ultoa
_wtol
_ultow
_itow
wcstombs
memchr
strpbrk
_setjmp3
longjmp
_wcslwr
memmove
_beginthreadex
srand
rand
iswdigit
iswspace
setlocale
swscanf
wcstoul
_wtoi
wcsstr
wcstol
_vsnwprintf
_vsnprintf
_strnicmp
wcsrchr
time
_CIsqrt
_CIpow
iswctype
wcstok
calloc
isxdigit
wctomb
malloc
mbtowc
strncmp
__mb_cur_max
localeconv
_unlock
_iob
_lock
ungetc
isleadbyte
__badioinfo
__pioinfo
sscanf
_read
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
isspace
wcschr
wcspbrk
strcspn
strspn
ceil
floor
_CIsin
_CIcos
exit
fprintf
getenv
toupper
iswcntrl
iswascii
wcsspn
wcscspn
_ltoa
isalpha
wcsftime
gmtime
perror
_ftol
printf
wcsncmp
??_U@YAPAXI@Z
??_V@YAXPAX@Z
_wcsicmp
_purecall
_set_error_mode
??2@YAPAXI@Z
memset
memcpy
??3@YAXPAX@Z
__CxxFrameHandler
_wcsnicmp
strstr
_stricmp
isalnum
realloc
free
_waccess
_wcsupr
_ui64toa
_itoa
towupper
iswprint
_errno
strtoul
isdigit
_fileno
strchr

ntdll

RtlUnwind

advapi32

RegSetValueExA
RegOpenKeyW
RegCreateKeyExA
RegQueryValueExA
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
TraceEvent
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

kernel32

InitializeCriticalSectionAndSpinCount
FlushInstructionCache
OutputDebugStringA
RaiseException
LocalAlloc
GetLocalTime
GetDiskFreeSpaceA
GetEnvironmentStringsW
GetEnvironmentStrings
lstrlenW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeviceIoControl
GetVersionExA
LocalFree
LoadLibraryA
HeapReAlloc
SetLastError
CreateThread
GetExitCodeThread
GetCurrentThread
GetThreadPriority
SetThreadPriority
CreateSemaphoreA
SetEndOfFile
GetFileTime
FileTimeToSystemTime
GetLocaleInfoW
FindAtomW
GetModuleFileNameW
GetUserDefaultLCID
GetSystemDefaultLangID
GetSystemInfo
GlobalAlloc
GlobalLock
LoadLibraryW
WaitForSingleObjectEx
ReleaseMutex
CreateMutexW
GlobalMemoryStatus
VirtualAlloc
VirtualFree
MulDiv
ResetEvent
WaitForMultipleObjects
SetThreadAffinityMask
GetComputerNameW
GetVolumeInformationW
FreeLibrary
CreateEventW
Sleep
DeleteFileW
CompareFileTime
lstrlenA
WideCharToMultiByte
GetDiskFreeSpaceExW
SetFilePointer
MultiByteToWideChar
CreateSemaphoreW
ReleaseSemaphore
GetFileSize
WaitForSingleObject
GetSystemTime
SystemTimeToFileTime
SetEvent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetFileType
ReadFile
InterlockedDecrement
HeapFree
GetProcessHeap
HeapAlloc
InterlockedIncrement
GetVersion
VirtualProtect
HeapSize
GetTempPathW
SetProcessAffinityMask
GetProcessAffinityMask
GetExitCodeProcess
OpenProcess
InterlockedExchangeAdd
SignalObjectAndWait
SleepEx
DuplicateHandle
SetFilePointerEx
GetFileSizeEx
GetVersionExW
DisableThreadLibraryCalls
FreeResource
CloseHandle
WriteFile
CreateFileW
GetLastError
GetFileAttributesW
GetSystemDirectoryW
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
GetProcAddress
GetModuleHandleA
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedCompareExchange

user32

CharUpperW
GetDesktopWindow
GetDC
ReleaseDC
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW
PostThreadMessageW

ole32

CoGetTreatAsClass
CLSIDFromString
StringFromCLSID
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx

oleaut32

VariantTimeToSystemTime
VariantChangeType
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocStringLen
VariantClear
SysStringByteLen
SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantCopy

gdi32

GetSystemPaletteEntries

Exports

Exports

DllRegisterServer
WMCheckURLExtension
WMCheckURLScheme
WMCreateBackupRestorer
WMCreateBackupRestorerPrivate
WMCreateEditor
WMCreateIndexer
WMCreateLicenseRevocationAgentPrivate
WMCreateProfileManager
WMCreateReader
WMCreateReaderPriv
WMCreateSyncReader
WMCreateSyncReaderPriv
WMCreateWriter
WMCreateWriterFileSink
WMCreateWriterNetworkSink
WMCreateWriterPriv
WMCreateWriterPushSink
WMIsAvailableOffline
WMIsContentProtected
WMValidateData

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_DATA
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProgramData/spload.exe
.exe windows:6 windows x64 arch:x64

a4df9ecc730e9927046e345432c3bccd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

08/07/2016, 00:00

Not After

08/07/2018, 23:59

Subject

CN=Kakasoft Software Co. Ltd.,OU=IT,O=Kakasoft Software Co. Ltd.,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

63:e6:5f:cd:60:96:0f:c6:6a:3d:a6:62:e8:9f:b8:e1:df:2b:53:f9:88:f0:b0:37:9f:fe:75:ed:35:9c:a1:25
Signer

Actual PE Digest

63:e6:5f:cd:60:96:0f:c6:6a:3d:a6:62:e8:9f:b8:e1:df:2b:53:f9:88:f0:b0:37:9f:fe:75:ed:35:9c:a1:25

Digest Algorithm

sha256

PE Digest Matches

true

b7:6f:e6:14:62:03:81:74:1f:39:3e:2f:81:ad:90:de:1e:04:6f:7b
Signer

Actual PE Digest

b7:6f:e6:14:62:03:81:74:1f:39:3e:2f:81:ad:90:de:1e:04:6f:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\csdwork\source\VideoEncrypt\epcore\Release\spload.pdb

Imports

kernel32

CloseHandle
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCurrentProcessId
OpenProcess
WaitForSingleObject
ExitProcess
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
OpenFileMappingA
MapViewOfFile
OpenMutexA
ReleaseMutex
Sleep
UnmapViewOfFile
FreeLibrary
GetLastError
CreateThread
ExitThread
ResumeThread
EncodePointer
DecodePointer
GetCommandLineA
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
SetLastError
GetCurrentThreadId
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
HeapSize
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
desktop.ini

Sharing

General

Malware Config

Signatures

Files

68a93ee452aef0b9d2d5e1f1b7acba57

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2Certificate

Extended Key Usages

Key Usages

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

Extended Key Usages

Key Usages

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

bb:69:bc:05:29:dd:e1:7e:a3:62:96:36:12:eb:b9:53:26:9d:a6:f4:cb:12:83:fc:a1:db:35:47:56:87:c5:05Signer

41:6b:44:57:46:15:3a:23:88:85:a5:e7:5d:46:c9:a1:3b:b8:f2:59Signer

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

mpr

ole32

comctl32

shell32

comdlg32

winspool.drv

wsock32

msvcrt

shlwapi

psapi

winmm

olepro32

avifil32

msvfw32

Sections

.text Size: 5.7MB - Virtual size: 5.7MB

.itext Size: 8KB - Virtual size: 7KB

.data Size: 244KB - Virtual size: 244KB

.bss Size: - Virtual size: 78KB

.idata Size: 20KB - Virtual size: 20KB

.didata Size: 1024B - Virtual size: 934B

.tls Size: - Virtual size: 72B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 351KB - Virtual size: 351KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

e5085f92d6b76226dc3fbceae9a500d1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91Certificate

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

bb:69:bc:05:29:dd:e1:7e:a3:62:96:36:12:eb:b9:53:26:9d:a6:f4:cb:12:83:fc:a1:db:35:47:56:87:c5:05
Signer

41:6b:44:57:46:15:3a:23:88:85:a5:e7:5d:46:c9:a1:3b:b8:f2:59
Signer

.text
Size: 5.7MB - Virtual size: 5.7MB

.itext
Size: 8KB - Virtual size: 7KB

.data
Size: 244KB - Virtual size: 244KB

.bss
Size: - Virtual size: 78KB

.idata
Size: 20KB - Virtual size: 20KB

.didata
Size: 1024B - Virtual size: 934B

.tls
Size: - Virtual size: 72B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 351KB - Virtual size: 351KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

5a:58:7b:61:3f:66:28:f5:2d:59:5c:19:24:7b:4b:95:70:ed:d7:f1:94:71:61:49:fe:fe:82:3d:e0:e2:15:01
Signer

7f:4b:dd:a6:8d:0a:f9:1c:16:fa:07:6c:5d:b4:76:59:40:a4:4d:34
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 296KB - Virtual size: 295KB

.data
Size: 23KB - Virtual size: 51KB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 113KB - Virtual size: 112KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

56:14:de:8e:a4:e8:a5:1d:26:c5:9b:0a:99:9e:0c:a2
Certificate