UCContinue.exe

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 0/56 Related 2059
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 616.52 KB (631312 bytes)
Compile time: 2015-05-14 10:43:08
MD5: 704df86a3637b8886540983118bd304b
SHA1: cf4c673a1191833421d37bd820f79a9a115e4c04
SHA256: fd462e3c7b6a789be3fa9e1ecfcf19c2f0c70c560d536ebd3ebe725735b6102f
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 5 import resource debug relocation security
First submission: 2016-10-06 13:26:06
Last submission: 2016-10-06 13:26:06
Filename detected: - UCContinue.exe (1)
URL file hosting
hXXp://liu.lge.com/LGUpdateCenter/Update/VITA/0009/data/UCContinue.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2016-10-05 23:07:43 [0/56] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x513d4 332800 893a31fc4cec70727765c982ba675bf6 a4ccb0c3588177f04f0c73fe28a6af04112e6afd
.rsrc 0x54000 0x46ba0 289792 f728dcd92800339463f115fc62568c2d 596e869912f7b74a0442100e5fc52a3749f8c26d
.reloc 0x9c000 0xc 512 69d87f14e0b34ed7a597707646db7040 5ecf94a40395979cd950b5cd8e9b184e8a5b0c0f
PE Resources
Name Offset Size Language Sublanguage Data
RT_ICON 0x983b8 9640 LANG_NEUTRAL SUBLANG_NEUTRAL
RT_GROUP_ICON 0x9a960 76 LANG_NEUTRAL SUBLANG_NEUTRAL
RT_VERSION 0x541f0 776 LANG_NEUTRAL SUBLANG_NEUTRAL
RT_MANIFEST 0x9a9b0 490 LANG_NEUTRAL SUBLANG_NEUTRAL
  • API Alert
  • Anti Debug
Meta Info
LegalCopyright: Copyright \xa9 Microsoft 2012
Assembly Version: 1.0.0.0
InternalName: UCContinue.exe
FileVersion: 1.0.0.0
CompanyName: Microsoft
OriginalFilename: UCContinue.exe
Translation: 0x0000 0x04b0
FileDescription: UCContinue
ProductVersion: 1.0.0.0
ProductName: UCContinue
XOR
No XOR informations found in this file.
Signature
MD5: 32f1de5c609822aac5bc4dc0e6069115
SHA1: a0adbd1248d819e7c07d4870d0475fd02e21c803
Block Size: 7696
Virtual Address: 623616
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
USER32.dll
mscoree.dll
IP Found
No IP detected
URL(s)
http://ocsp.verisign.com0
https://www.verisign.com/rpa
http://schemas.microsoft.com/winfx/2006/xaml/presentation
https://www.verisign.com/rpa0
https://d.symcb.com/cps0%
http://
http://crl.verisign.com/pca3-g5.crl04
http://ns.adobe.com/xap/1.0/mm/
https://d.symcb.com/rpa0
https://www.verisign.com/cps0
http://ns.adobe.com/xap/1.0/rights/
http://crl.thawte.com/ThawteTimestampingCA.crl0
http://sf.symcb.com/sf.crl0f
http://ocsp.thawte.com0
http://schemas.microsoft.com/winfx/2006/xaml
http://www.w3.org/1999/02/22-rdf-syntax-ns#
http://ns.adobe.com/xap/1.0/
http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
http://sf.symcb.com/sf.crt0
http://ns.adobe.com/xap/1.0/sType/ResourceRef#
http://logo.verisign.com/vslogo.gif0
http://logo.verisign.com/vslogo.gif04
http://sf.symcd.com0&
http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<
http://ts-ocsp.ws.symantec.com07
resources/popup_btn_default_dim_r.png
VarFileInfo
UCUPDATE
LG Update Center Continue
TAKEOVER
FileVersion
update_center.ico
resources/popup_close_d.png
LGUPDATECENTER
InternalName
resources/popup_btn_default_dim_l.png
resources/popup_btn_default_press_l.png
resources/popup_btn_default_press_m.png
LGUpdateCenter
Copyright
Microsoft
1.0.0.0
OriginalFilename
resources/popup_close_n.png
Software\Microsoft\Windows\CurrentVersion\Run
Translation
resources/popup_btn_default_normal_r.png
/UCContinue;component/closemessagebox.xaml
Assembly Version
resources/popup_btn_default_rollover_l.png
UCContinue.exe
VS_VERSION_INFO
resources/popup_close_r.png
StringFileInfo
000004b0
ProductVersion
UCContinue.Properties.Resources
FileDescription
resources/popup_btn_default_rollover_m.png
resources/update_popup_bg.png
resources/popup_btn_default_rollover_r.png
MainWindow.xaml
MSBAML
UCContinu
LegalCopyright
resources/popup_btn_default_normal_m.png
resources/popup_btn_default_normal_l.png
/UCContinue;component/mainwindow.xaml
resources/popup_close_p.png
<<<Obsolete>>
UCRENAME
CompanyName
UCContinue
closemessagebox.baml
ProductName
rXY
resources/popup_btn_default_press_r.png
resources/info_popup_icon.png
Microsoft 2012
resources/popup_btn_default_dim_m.png
mainwindow.baml
\LGUpdateCenter.exe
:7PTB
0V0(
v`0XF
zAe0M
K0I0
iTXtXML:com.adobe.xmp
set_WindowStyle
WM_SYSCOMMAND
PNG
\$@P
.cctor
#http://logo.verisign.com/vslogo.gif0
Object
mscorlib
`F~T
vsnL
ComVisibleAttribute
'Resources/popup_btn_default_press_l.png
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="uuid:517EF225975DE111AAF6C20CA25B3067" xmpMM:DocumentID="xmp.did:EF07B306BFFB11E19490F21A0E3A5774" xmpMM:InstanceID="xmp.iid:EF07B305BFFB11E19490F21A0E3A5774" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:35C29867F6BFE111A17AF555E795716D" stRef:documentID="uuid:517EF225975DE111AAF6C20CA25B3067"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
3System.Resources.Tools.StronglyTypedResourceBuilder
connectionId
q 6F
System.Runtime.InteropServices
RoutedEventHandler
get_Resources
8~^w|R(
C7p3
CenterScreen=
*Resources/popup_btn_default_rollover_m.png
(Resources/popup_btn_default_normal_m.png
resource_str_Cancel#
25&o
d"OoX
EditorBrowsableState
AssemblyConfigurationAttribute
&H"3
CultureInfo
BlockLineHeight=
1.0.0.0
CompilerGeneratedAttribute
bJHHdb```RRRd
WaitForExit
q"W3
RoutedEventArgs
)x24
ResourceDictionary
_contentLoaded
OnStartup
RenderTransformOrigin$
LibGlobal
ButtonStyle#
'Resources/popup_btn_default_press_r.png
set_Owner
sender
38I]
K
iJXO`
System.Collections.ObjectModel
_IDATx
nCmdShow
http://sf.symcb.com/sf.crt0
,IDATx
7IDATx
user32.dll
)yKb
lParam
eIDATx
set_Source
42,14,0,0q
op_Equality
PresentationBuildTasks
Exit
ToUpperInvariant
---a
---c
NWindowsBase, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
x,http://schemas.microsoft.com/winfx/2006/xaml
Application
-1 o
3130
get_Culture
{]KV
AssemblyDescriptionAttribute
Default
%VeriSign Class 3 Code Signing 2010 CA0
SetLanguageDictionary
ZIndex$
360716235959Z0
Symantec Corporation1402
(/
TextBlock
UCContinue.Properties
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:3353192DDAE111E19710FADA3328B19F" xmpMM:DocumentID="xmp.did:3353192EDAE111E19710FADA3328B19F"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3353192BDAE111E19710FADA3328B19F" stRef:documentID="xmp.did:3353192CDAE111E19710FADA3328B19F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
AssemblyCompanyAttribute
GGG_
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BFC8E3B1DAE011E195ABDCB1227D869B" xmpMM:DocumentID="xmp.did:BFC8E3B2DAE011E195ABDCB1227D869B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BFC8E3AFDAE011E195ABDCB1227D869B" stRef:documentID="xmp.did:BFC8E3B0DAE011E195ABDCB1227D869B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
0,0,0,0q
update_center.ico
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:815F21C1C03211E19B40C18AF11AED32" xmpMM:DocumentID="xmp.did:815F21C2C03211E19B40C18AF11AED32"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:815F21BFC03211E19B40C18AF11AED32" stRef:documentID="xmp.did:815F21C0C03211E19B40C18AF11AED32"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
.NETFramework,Version=v4.5
VeriSign Trust Network1:08
set_StartupUri
>mn< n
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo> </assembly>
0,163,28,0q
System.Windows.Markup
System.CodeDom.Compiler
111
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:2C84422FDAE111E1B02ED990C3C6FBB0" xmpMM:DocumentID="xmp.did:2C844230DAE111E1B02ED990C3C6FBB0"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:2C84422DDAE111E1B02ED990C3C6FBB0" stRef:documentID="xmp.did:2C84422EDAE111E1B02ED990C3C6FBB0"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
d:\LG Update Center\LGUpdateCenter\Window\UCContinue\obj\Debug\UCContinue.pdb
g0)2
.kl/
Resources\popup_close_p.png
0L0#
.IDATx
lpWindowName
System.Runtime.CompilerServices
ResourceDictionaryLocation
222~
201229235959Z0b1 0
CIDATx
clsSetting
mscoree.dll
!This program cannot be run in DOS mode. $
PADPADP
AssemblyCultureAttribute
ButtonBase
UriKind
Thawte1
OpenSubKey
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:D0238509DAE011E1AE7DD50BCE9CC40B" xmpMM:DocumentID="xmp.did:D023850ADAE011E1AE7DD50BCE9CC40B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:D0238507DAE011E1AE7DD50BCE9CC40B" stRef:documentID="xmp.did:D0238508DAE011E1AE7DD50BCE9CC40B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>Bk
g0e0*
HWND_TOP
Resources\popup_close_n.png
nhMI
http:// 0
.NET Framework 4.5
MainWindow
SetWindowPos
AssemblyTrademarkAttribute
GetCurrentProcess
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:EAA74BEFDAE011E199FBE3B3F0CA7947" xmpMM:DocumentID="xmp.did:EAA74BF0DAE011E199FBE3B3F0CA7947"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:EAA74BEDDAE011E199FBE3B3F0CA7947" stRef:documentID="xmp.did:EAA74BEEDAE011E199FBE3B3F0CA7947"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>I
auto
StartupEventArgs
LineHeight$
hWndInsertAfter
TargetName$
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="uuid:517EF225975DE111AAF6C20CA25B3067" xmpMM:DocumentID="xmp.did:E87B8190C02111E1B346FD1024D9D1D3" xmpMM:InstanceID="xmp.iid:E87B818FC02111E1B346FD1024D9D1D3" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:5E239B681EC0E111B8CFBAC3C76068F1" stRef:documentID="uuid:517EF225975DE111AAF6C20CA25B3067"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>r
#Blob
MarshalAsAttribute
hVU%I
https://www.verisign.com/rpa0
$J0_b
tb_Desc
p (E
clsCommon
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:C7DE5CD9DAE011E194EBFB90F6DA00B9" xmpMM:DocumentID="xmp.did:C7DE5CDADAE011E194EBFB90F6DA00B9"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:C7DE5CD7DAE011E194EBFB90F6DA00B9" stRef:documentID="xmp.did:C7DE5CD8DAE011E194EBFB90F6DA00B9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
Fill=
BSJB
Type
System.Windows.Controls
i0g0e
****
28,163,0,0q
btn_Ok
$$$H
2oNW
AllowsTransparency
OIDATx
Western Cape1
Copyright
set_Culture
get_ResourceManager
AssemblyTitleAttribute
System.Threading
ShowDialog
SHOWNORMAL
a;EQ
jq{]
UCContinue.Properties.Resources.resources
Left=
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:F22DB7FFDAE011E18A11B565FD03645A" xmpMM:DocumentID="xmp.did:F22DB800DAE011E18A11B565FD03645A"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:F22DB7FDDAE011E18A11B565FD03645A" stRef:documentID="xmp.did:F22DB7FEDAE011E18A11B565FD03645A"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
UCContinue.g.resources
FUYE
Button_Click_2
Button_Click_1
'Symantec Time Stamping Services CA - G2
UCContinue
&J@<
TimeStamp-2048-20
SettingsBase
1&0$
Start
-8IJ
Microsoft.Win32
'Symantec Time Stamping Services CA - G20
set_FileName
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="uuid:517EF225975DE111AAF6C20CA25B3067" xmpMM:DocumentID="xmp.did:A5B71CA8C02F11E19B1DF8C73F26DBDF" xmpMM:InstanceID="xmp.iid:A5B71CA7C02F11E19B1DF8C73F26DBDF" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:FA19779F25C0E111B8CFBAC3C76068F1" stRef:documentID="uuid:517EF225975DE111AAF6C20CA25B3067"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
}E@r
ThemeInfoAttribute
UCContinue.MainWindow
2IDATx
Exception
CcjRK
PresentationCore
+http://ts-aia.ws.symantec.com/tss-ca-g2.cer0<
^'IRw
Wrap=
http://ocsp.thawte.com0
target
y3+.{
UCContinue
!:@n?"U
.ctor
}+Pz
2Terms of use at https://www.verisign.com/rpa (c)101.0,
Connect
j#lB
Idm
http://ts-ocsp.ws.symantec.com07
DllImportAttribute
RegistryKey
Cursor$
11.0.0.0
Window
Mutex
#http://crl.verisign.com/pca3-g5.crl04
Main
.text
'Resources/popup_btn_default_press_m.png
L:G0)
150515005212Z0#
GIDATx
Triggers
WaitHandle
v4.0.30319
170927235959Z0
Button
System.Configuration
ImageSource$#
35Hq
GetTypeFromHandle
c 9D
LineStackingStrategy$
System.Reflection
ay [
+b B
LG Electronics Inc.1
FrameworkDisplayName
get_ProcessName
Z-.j
(Resources/popup_btn_default_normal_r.png
VeriSign, Inc.1
lb_Title
@.reloc
140730000000Z
[0Y0W0U
@!
Resources
z;T0S
resource_str_CancelContinueMsg#
EFAn
Durbanville1
+Symantec Time Stamping Services Signer - G40
CompilationRelaxationsAttribute
GetProcessesByName
https://d.symcb.com/rpa0
get_Is64BitOperatingSystem
handle
[L.)
RuntimeTypeHandle
XPresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
Value
Resources/info_popup_icon.png
@l 5
get_HasExited
SWP_NOSIZE
0W='
System.Windows.Controls.Primitives
Window_LayoutUpdated
image/gif0!0
28,83,28,0q
UnmanagedType
UIElement
`.rsrc
4.0.0.0
(Resources/popup_btn_default_normal_l.png
IDATx
z d
smI[m
get_Default
"/~b
WindowStartupLocation$
add_Click
WaitOne
RSDSQ
Title$
1(c) 2006 VeriSign, Inc. - For authorized use only1E0C
Nullable`1
Settings
*Resources/popup_btn_default_rollover_l.png
DeleteValue
0^1 0
RegistryHive
%VeriSign Class 3 Code Signing 2010 CA
Resources/update_popup_bg.png
IEND
CloseMessageBox
UCContinue.exe
Resources\popup_close_r.png
mz O
NoResize=
add_LayoutUpdated
OpenBaseKey
get_StartupPath
http://sf.symcb.com/sf.crl0f
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BA6C1C6FDFA511E19901E7C79511E56D" xmpMM:DocumentID="xmp.did:BA6C1C70DFA511E19901E7C79511E56D"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BA6C1C6DDFA511E19901E7C79511E56D" stRef:documentID="xmp.did:BA6C1C6EDFA511E19901E7C79511E56D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>+
5 {hN
B5dR
&0$0"
Synchronized
btn_right
nG| !
=W'~
121221000000Z
get_MergedDictionaries
RequestMessage
NSystem.Xaml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
0r0^1 0
resourceDir
resource_str_OK#
RuntimeCompatibilityAttribute
200207235959Z0
Collection`1
btn_Ok_Click_1
AssemblyProductAttribute
QQdf
`cCC5
Symantec Corporation100.
9nJz
btn_text
444U
get_Handle
<Module>
FindWindow
Concat
Light"
061108000000Z
btn_No
Padding$
*Resources/popup_btn_default_rollover_r.png
SPresentationCore, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
#FF101010$
TargetFrameworkAttribute
Process
ShowInTaskbar
value
Culture
$0"0
lSystem.Resources.ResourceReader, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089#System.Resources.RuntimeResourceSet
#http://logo.verisign.com/vslogo.gif04
get_MainWindowHandle
http://sf.symcd.com0&
SetForegroundWindow
LoadComponent
tEXtSoftware
(0&0$
PostMessage
wParam
LG Display)
http://ocsp.verisign.com0
9bbb
9(r$
121018000000Z
>"hcS
Name$
get_Assembly
IsMouseOver
0.491,0.446&
resource_str_Continue#
{IDATx
ProcessWindowStyle
0U=#
R:7bf
Microsoft 2012
#FF28272A$
#GUID
AssemblyFileVersionAttribute
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:6169E538DFA411E18079E32F25A51044" xmpMM:DocumentID="xmp.did:6169E539DFA411E18079E32F25A51044"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6169E536DFA411E18079E32F25A51044" stRef:documentID="xmp.did:6169E537DFA411E18079E32F25A51044"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
B=e6
defaultInstance
PresentationFramework
System.Resources
System.Xaml
GetProcesses
bLHHd
None=
WrapNonExceptionThrows
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:8D42AE77DAE011E1AE34A3044D06254D" xmpMM:DocumentID="xmp.did:8D42AE78DAE011E1AE34A3044D06254D"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:8D42AE75DAE011E1AE34A3044D06254D" stRef:documentID="xmp.did:8D42AE76DAE011E1AE34A3044D06254D"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
get_StartInfo
7Ocl
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:3D4A2D59DAE111E1B934C08CAA52E359" xmpMM:DocumentID="xmp.did:3D4A2D5ADAE111E1B934C08CAA52E359"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:3D4A2D57DAE111E1B934C08CAA52E359" stRef:documentID="xmp.did:3D4A2D58DAE111E1B934C08CAA52E359"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
ProcessStartInfo
lpClassName
ApplicationSettingsBase
>0 0
LG Display-Regular)
11, 0, 11,0q
SC_RESTORE
O =W
^ooo
RegistryView
EventHandler
)<F<
STAThreadAttribute
Thread
+http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="uuid:517EF225975DE111AAF6C20CA25B3067" xmpMM:DocumentID="xmp.did:461FA89EF81411E1AF6DA35206C9E2B1" xmpMM:InstanceID="xmp.iid:461FA89DF81411E1AF6DA35206C9E2B1" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:34D88F6B12F8E111899BDCEC0A1A7967" stRef:documentID="uuid:517EF225975DE111AAF6C20CA25B3067"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
IHDR
System.Runtime.Versioning
HIDATx
TimeStamp-2048-10
System.Globalization
-0+0)
https://www.verisign.com/cps0*
ResourceManager
NIDATx
SWP_NOMOVE
cTi%V
80604
get_CurrentThread
,&c3
get_SessionId
AssemblyVersionAttribute
System
EventArgs
H]5 |q
9999
LG Update Center Continue
cdtg
https://d.symcb.com/cps0%
String
_CorExeMain
DebuggerNonUserCodeAttribute
Adobe ImageReadyq
Y0W03
Center=
WindowStyle$
"W*o
Microsoft
btn_left
E<[Ig
+` v
5X]N
DebuggingModes
Assembly
Property
k;J0
#Strings
LG Electronics Inc.0
o x)
$KdFq
FrameworkElement
999[
AssemblyCopyrightAttribute
LUUa
<VeriSign Class 3 Public Primary Certification Authority - G50
Thawte Timestamping CA0
TargetType"
xYjj
#FFF9F9F9
EditorBrowsableAttribute
201230235959Z0^1 0
Environment
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:58ED1277DFA411E18175FBEE5A5D1EC7" xmpMM:DocumentID="xmp.did:58ED1278DFA411E18175FBEE5A5D1EC7"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:58ED1275DFA411E18175FBEE5A5D1EC7" stRef:documentID="xmp.did:58ED1276DFA411E18175FBEE5A5D1EC7"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>
VeriSignMPKI-2-80
K/~Z
VeriSign Trust Network1;09
Hand
100208000000Z
21,10,0,0q
Right=
iTXtXML:com.adobe.xmp
(
btn_No_Click_1
fxww
<?xpacket begin="
resourceMan
>]#K
Icon$
.http://crl.thawte.com/ThawteTimestampingCA.crl0
2[Oo
\vnO^
ResizeMode$
Top=
UCContinue.CloseMessageBox
_0]0[
" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpRights="http://ns.adobe.com/xap/1.0/rights/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="uuid:517EF225975DE111AAF6C20CA25B3067" xmpMM:DocumentID="xmp.did:41FE7823F81411E1B400B82A5103DDD5" xmpMM:InstanceID="xmp.iid:41FE7822F81411E1B400B82A5103DDD5" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:34D88F6B12F8E111899BDCEC0A1A7967" stRef:documentID="uuid:517EF225975DE111AAF6C20CA25B3067"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>d
System.Diagnostics
System.Windows
EIDATx
HWND_TOPMOST
g_Get_UserSelectedLanguage
System.Windows.Forms
Close
btn_center
e/ $
LG Update Center
:^I
Thawte Certification1
hWnd
set_CurrentCulture
9http://schemas.microsoft.com/winfx/2006/xaml/presentation
EmptyWorkingSet
psapi
RY.{
ShowWindow
]jxdE
KMicrosoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator
50301
DebuggableAttribute
resourceCulture
G8J-l
System.Windows.Markup.IComponentConnector.Connect
GeneratedCodeAttribute
InitializeComponent
y@b%
0,10,19,0q
x|:Y
set_Arguments
Value$0
1 0
b07x
uFlags
~/[ L
System.ComponentModel
IComponentConnector
Sleep

#infosec #automation

TheSystem Itself @ 2016-10-06 13:26:06