Static task
static1
Behavioral task
behavioral1
Sample
f8e091cd0eb8e44d61b35a6587ecb29169e9ea575e3a7cd4bb9aaf40340bc971.exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral2
Sample
f8e091cd0eb8e44d61b35a6587ecb29169e9ea575e3a7cd4bb9aaf40340bc971.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
f8e091cd0eb8e44d61b35a6587ecb29169e9ea575e3a7cd4bb9aaf40340bc971
-
Size
3.7MB
-
MD5
b812ba4b6fac495d958639f9b035bda0
-
SHA1
4563f5c8094c996b8ff8c2fcdf3bbe2800a1cc62
-
SHA256
f8e091cd0eb8e44d61b35a6587ecb29169e9ea575e3a7cd4bb9aaf40340bc971
-
SHA512
122eb36bae812c709107c5343fba9b56cc19cb91216ccd6ea42279cca2bd4bcf383fa7a2eed2b8ba4d8aacc6a0810f9465714c44163d8ad55e1090523fa7bc35
-
SSDEEP
98304:kPRbDUmJQqdE/P2BpTCXjA+Jd2SiejeOAuweK:kPRbDUxqdiGCXjA+zjjAT
Malware Config
Signatures
Files
-
f8e091cd0eb8e44d61b35a6587ecb29169e9ea575e3a7cd4bb9aaf40340bc971.exe windows x86
16311d18df705b4894ce95566ea2cef2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ogremain
?getOverlayElement@OverlayManager@Ogre@@QAEPAVOverlayElement@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?toString@StringConverter@Ogre@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@MGGDH@Z
?toString@StringConverter@Ogre@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@KGDH@Z
?toString@StringConverter@Ogre@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IGDH@Z
?getDebugText@RenderTarget@Ogre@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??_7FrameListener@Ogre@@6B@
?getSingleton@Root@Ogre@@SAAAV12@XZ
?addFrameListener@Root@Ogre@@QAEXPAVFrameListener@2@@Z
??1FrameListener@Ogre@@UAE@XZ
?getRenderSystem@Root@Ogre@@QAEPAVRenderSystem@2@XZ
?clearEventTimes@Root@Ogre@@QAEXXZ
?getSingleton@PlatformManager@Ogre@@SAAAV12@XZ
?messagePump@PlatformManager@Ogre@@QAEXPAVRenderWindow@2@@Z
?renderOneFrame@Root@Ogre@@QAE_NXZ
??0Root@Ogre@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
?getAvailableRenderers@Root@Ogre@@QAEPAV?$vector@PAVRenderSystem@Ogre@@V?$allocator@PAVRenderSystem@Ogre@@@std@@@std@@XZ
?setRenderSystem@Root@Ogre@@QAEXPAVRenderSystem@2@@Z
?initialise@Root@Ogre@@QAEPAVRenderWindow@2@_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?createRenderWindow@Root@Ogre@@QAEPAVRenderWindow@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@II_NPBV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@5@@Z
??0Exception@Ogre@@QAE@HABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??1Exception@Ogre@@QAE@XZ
?getSingleton@TextureManager@Ogre@@SAAAV12@XZ
?initialiseAllResourceGroups@ResourceGroupManager@Ogre@@QAEXXZ
?setDefaultInterpolationMode@Animation@Ogre@@SAXW4InterpolationMode@12@@Z
?setDefaultRotationInterpolationMode@Animation@Ogre@@SAXW4RotationInterpolationMode@12@@Z
?destroySceneManager@Root@Ogre@@QAEXPAVSceneManager@2@@Z
?addResourceLocation@ResourceGroupManager@Ogre@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00_N@Z
?setBackgroundColour@Viewport@Ogre@@QAEXABVColourValue@2@@Z
?lookAt@Camera@Ogre@@QAEXABVVector3@2@@Z
?createSceneManager@Root@Ogre@@QAEPAVSceneManager@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??1Root@Ogre@@QAE@XZ
?getFullDescription@Exception@Ogre@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?unloadResourceGroup@ResourceGroupManager@Ogre@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?pitch@Camera@Ogre@@QAEXABVRadian@2@@Z
?yaw@Camera@Ogre@@QAEXABVRadian@2@@Z
?moveRelative@Camera@Ogre@@QAEXABVVector3@2@@Z
?getPosition@Camera@Ogre@@QBEABVVector3@2@XZ
?getDirection@Camera@Ogre@@QBE?AVVector3@2@XZ
?getSingleton@OverlayManager@Ogre@@SAAAV12@XZ
?getByName@OverlayManager@Ogre@@QAEPAVOverlay@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?hide@Overlay@Ogre@@QAEXXZ
?show@Overlay@Ogre@@QAEXXZ
?setPosition@Camera@Ogre@@QAEXABVVector3@2@@Z
?setDirection@Camera@Ogre@@QAEXABVVector3@2@@Z
?fDeg2Rad@Math@Ogre@@2MB
?getMesh@Entity@Ogre@@QBEABVMeshPtr@2@XZ
??0MeshPtr@Ogre@@QAE@ABV01@@Z
??1MeshPtr@Ogre@@UAE@XZ
?getSingleton@ResourceGroupManager@Ogre@@SAAAV12@XZ
?resourceExists@ResourceGroupManager@Ogre@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?setPosition@Camera@Ogre@@QAEXMMM@Z
?lookAt@Camera@Ogre@@QAEXMMM@Z
?setAmbientLight@SceneManager@Ogre@@QAEXABVColourValue@2@@Z
?addTime@AnimationState@Ogre@@QAEXM@Z
?getWeight@AnimationState@Ogre@@QBEMXZ
?getTimePosition@AnimationState@Ogre@@QBEMXZ
?getAnimationName@AnimationState@Ogre@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?setWeight@AnimationState@Ogre@@QAEXM@Z
?getAnimationState@Entity@Ogre@@QBEPAVAnimationState@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getLength@AnimationState@Ogre@@QBEMXZ
?setLength@AnimationState@Ogre@@QAEXM@Z
?setTimePosition@AnimationState@Ogre@@QAEXM@Z
?setEnabled@AnimationState@Ogre@@QAEX_N@Z
mk2_data
?RemoveThis@?$MEM_THIS@VMK_NET_DATA@@@@SAXXZ
?GetThis@?$MEM_THIS@VMK_NET_DATA@@@@SAAAVMK_NET_DATA@@XZ
?CreateThis@?$MEM_THIS@VMK_NET_DATA@@@@SAXXZ
?RemoveThis@MK_SOUND@@SAXXZ
?CreateThis@MK_SOUND@@SAXPAUHWND__@@@Z
?RemoveThis@?$MEM_THIS@VMK_MOVIE@@@@SAXXZ
?GetThis@?$MEM_THIS@VMK_MOVIE@@@@SAAAVMK_MOVIE@@XZ
?GetThisPtr@?$MEM_THIS@VMK_MOVIE@@@@SAPAVMK_MOVIE@@XZ
?RemoveGame@MK_GAME@@SAXXZ
?CreateGame@MK_GAME@@SAXH@Z
?SetGameState@MK_GAME_DATA@@QAEXABW4GAME_STATE@@@Z
?RequestInit@MK_PK_DATA@@QAEHXZ
?Connect@MK_PK_DATA@@QAEHXZ
?IsRunning@MK_PK_DATA@@QAEHXZ
?GetThis@?$MEM_THIS@VMK_PK_DATA@@@@SAAAVMK_PK_DATA@@XZ
?GetThisPtr@?$MEM_THIS@VMK_PK_DATA@@@@SAPAVMK_PK_DATA@@XZ
?GetThisPtr@?$MEM_THIS@VMK_MATCH_DATA@@@@SAPAVMK_MATCH_DATA@@XZ
?GetGameState@MK_GAME_DATA@@QAE?AW4GAME_STATE@@XZ
?RemoveThis@?$MEM_THIS@VMK_LOADING@@@@SAXXZ
?RemoveThis@?$MEM_THIS@VMK_MATCH_DATA@@@@SAXXZ
?MatchEnd@MK_MATCH_DATA@@QAEHABW4MATCH_END_TYPE@@@Z
?GetThis@?$MEM_THIS@VMK_MATCH_DATA@@@@SAAAVMK_MATCH_DATA@@XZ
?CreateThis@?$MEM_THIS@VMK_LOADING@@@@SAXXZ
?GetMinScale@MK_LOADING@@QAEHH@Z
?AddTime@MK_LOADING@@QAEXABM@Z
?GetThisPtr@?$MEM_THIS@VMK_LOADING@@@@SAPAVMK_LOADING@@XZ
?GetThis@?$MEM_THIS@VMK_LOADING@@@@SAAAVMK_LOADING@@XZ
?SetMMAdjust@MK_LOADING@@QAEXHHM@Z
?GetThis@MK_GAME@@SAAAVMK_GAME_DATA@@XZ
?GetThis@MK_SOUND@@SAAAV1@XZ
?PlayMusic@MK_SOUND@@QAEXH@Z
mk2gui
?CreateLobby@MK2GUI@@SAXXZ
?RemoveLobby@MK2GUI@@SAXXZ
?Init@MK2GUI@@SAXPAVMK2GUI_CALLBACK@@@Z
?CreateLobbyNew@MK2GUI@@SAXXZ
?RemoveLobbyNew@MK2GUI@@SAXXZ
?ShowChatDialog@MK2GUI@@SAXXZ
?Init@MK2GUI@@SAXPAVRenderWindow@Ogre@@PAVMK2GUI_CALLBACK@@@Z
?Destroy@MK2GUI@@SAXXZ
mk2train
?InitGame@MK2TRAIN_MGR@@QAEHPAVMK2GUI_CALLBACK@@@Z
?GetThis@?$MEM_THIS@VMK2TRAIN_MGR@@@@SAAAVMK2TRAIN_MGR@@XZ
?AddTime@MK2TRAIN_MGR@@QAEXABUFrameEvent@Ogre@@@Z
?RemoveThis@?$MEM_THIS@VMK2TRAIN_MGR@@@@SAXXZ
?GetThisPtr@?$MEM_THIS@VMK2TRAIN_MGR@@@@SAPAVMK2TRAIN_MGR@@XZ
?LoadGame@MK2TRAIN_MGR@@QAEHHPAVMK2GUI_CALLBACK@@@Z
?NewGame@MK2TRAIN_MGR@@QAEHPAVMK2GUI_CALLBACK@@@Z
?CreateThis@?$MEM_THIS@VMK2TRAIN_MGR@@@@SAXXZ
?SaveGame@MK2TRAIN_MGR@@QAEHH@Z
kernel32
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
SleepEx
ExitProcess
Sleep
GetTickCount
SetEnvironmentVariableA
GetLocaleInfoW
ReleaseSemaphore
CreateSemaphoreA
VirtualProtectEx
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
GetFileSize
FileTimeToLocalFileTime
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetFullPathNameA
WriteConsoleA
QueryPerformanceFrequency
GetLocalTime
GetSystemTime
HeapAlloc
HeapFree
VirtualProtect
GetProcessHeap
CreateFileA
WriteFile
CloseHandle
GetLastError
SetNamedPipeHandleState
WaitNamedPipeA
ReleaseMutex
WaitForSingleObject
CreateMutexA
LeaveCriticalSection
GetShortPathNameA
GetProcAddress
EnterCriticalSection
IsBadReadPtr
CreateThread
GetCurrentProcess
SetLastError
InitializeCriticalSection
OpenEventA
VirtualQuery
GetSystemInfo
FreeLibrary
LoadLibraryA
GetVersionExA
VirtualAlloc
SetErrorMode
lstrlenW
OpenProcess
FlushInstructionCache
lstrcmpiA
lstrlenA
ReadFile
SetFilePointer
GetFileAttributesA
ResumeThread
SuspendThread
IsBadWritePtr
CompareStringW
SetUnhandledExceptionFilter
GetVolumeInformationA
GetModuleFileNameA
CreateProcessA
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetCurrentThread
SetThreadPriority
OutputDebugStringA
GetLocaleInfoA
GetWindowsDirectoryA
FileTimeToSystemTime
TerminateProcess
GetDriveTypeA
DeleteFileA
DeviceIoControl
CreateFileMappingA
FindClose
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
OpenMutexA
QueryDosDeviceA
FormatMessageA
CreateDirectoryA
GetThreadContext
SetThreadContext
GetUserDefaultLangID
LCMapStringA
LoadResource
FindResourceA
GetLogicalDrives
CreateEventA
ResetEvent
GetTempPathA
GetExitCodeThread
GetOverlappedResult
WaitForMultipleObjects
ConnectNamedPipe
CreateNamedPipeA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
FlushFileBuffers
CompareFileTime
LocalFree
SetFileAttributesA
GetFileTime
CopyFileA
MultiByteToWideChar
DuplicateHandle
MapViewOfFile
GlobalAlloc
GlobalLock
LocalAlloc
LocalLock
UnmapViewOfFile
GlobalUnlock
GlobalFree
LocalUnlock
CompareStringA
SetEndOfFile
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetSystemDirectoryA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
lstrcmpA
SetEvent
SetPriorityClass
GetThreadPriority
GetPriorityClass
LCMapStringW
VirtualFree
LockResource
GetTempFileNameA
MoveFileExA
RtlUnwind
RaiseException
WideCharToMultiByte
GetTimeZoneInformation
DeleteCriticalSection
FatalAppExitA
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
InterlockedExchange
user32
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
InvalidateRect
GetWindowLongA
SetWindowLongA
PostQuitMessage
CallWindowProcA
BeginPaint
EndPaint
MessageBoxA
FindWindowA
LoadCursorFromFileA
SetSystemCursor
LoadImageA
CopyImage
GetProcessWindowStation
GetUserObjectInformationW
LoadStringA
GetSysColorBrush
SendDlgItemMessageA
DialogBoxIndirectParamA
DestroyWindow
UnregisterClassA
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetForegroundWindow
GetDlgItem
UpdateWindow
EndDialog
SetDlgItemTextW
SetDlgItemTextA
GetSysColor
ShowWindow
SetWindowTextA
SetWindowTextW
GetSystemMetrics
wsprintfA
GetDesktopWindow
SendMessageA
GetSubMenu
CharLowerBuffA
GetMenuState
GetMenu
EnableMenuItem
CheckMenuItem
LoadCursorA
EnableWindow
SetFocus
GetClientRect
SetWindowPos
FlashWindow
SetForegroundWindow
CharLowerA
GetWindowTextA
GetParent
GetClassNameA
FindWindowExA
EnumWindows
SetCursor
mk2battle
?NewGame@MK2BATTLE_MGR@@QAEHPAVMK2GUI_CALLBACK@@@Z
?NewGameTest@MK2BATTLE_MGR@@QAEHPAVMK2GUI_CALLBACK@@@Z
?CreateThis@?$MEM_THIS@VMK2BATTLE_MGR@@@@SAXXZ
?GetThis@?$MEM_THIS@VMK2BATTLE_MGR@@@@SAAAVMK2BATTLE_MGR@@XZ
?LoadGame@MK2BATTLE_MGR@@QAEHPAVMK2GUI_CALLBACK@@@Z
?AddTime@MK2BATTLE_MGR@@QAEXABUFrameEvent@Ogre@@@Z
?RemoveThis@?$MEM_THIS@VMK2BATTLE_MGR@@@@SAXXZ
ttimelib
?TDeleteGDI@TWIN@@SAXPAUHDC__@@AAVTTEXTURE@@@Z
?Close@TTEXTURE@@QAEXXZ
?SetRect@TSCR@@QAEXABVTRECT@@@Z
?TCreateGDI@TWIN@@SAPAUHDC__@@PAUHWND__@@AAVTTEXTURE@@HHH@Z
?dump@TPIC@@QAEHAAVTTEXTURE@@HH@Z
??0TTEXTURE@@QAE@XZ
??1TTHREAD@@QAE@XZ
??0TTHREAD@@QAE@XZ
?CreateThis@?$TMEM_THIS@VTEVENT@@@@SAXXZ
?RemoveThis@?$TMEM_THIS@VTEVENT@@@@SAXXZ
?uiHeight@TOGRE@@2IA
?uiWidth@TOGRE@@2IA
?mHwnd@TOGRE@@2PAUHWND__@@A
?PlayMovie@TMOVIE@@SAXPAUHINSTANCE__@@PAUHWND__@@HHHHPADH@Z
?GetThis@TMUSIC@@SAAAV1@XZ
?SetVolume@TMUSIC@@QAEXH@Z
?GetVolume@TMUSIC@@QAEHXZ
?RemoveNodeMesh@TOGRE@@SAXPAPAVSceneNode@Ogre@@PAPAVEntity@3@@Z
?pSceneMgr@TOGRE@@2PAVSceneManager@Ogre@@A
?pCamera@TOGRE@@2PAVCamera@Ogre@@A
?CreateEntity@TOGRE@@SAPAVEntity@Ogre@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AB_N@Z
?CreateSceneNode@TOGRE@@SAPAVSceneNode@Ogre@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VVector3@3@@Z
??4TTCHAR@@QAEXPBD@Z
??0TTCHAR@@QAA@PBDZZ
??1TENVAR@@QAE@XZ
?RND@TRAND@@SAHK@Z
??0TENVAR@@QAE@XZ
?Print@TLOG@@SAHPADZZ
?FindCDFile@TDIR@@SAHPAD0@Z
?GETSTR@TLOG@@SAHHPAD0@Z
??0TMOVIE@@QAE@XZ
??1TMOVIE@@QAE@XZ
?Run@TMOVIE@@QAEXPAUHWND__@@HHHHPADHM@Z
?Start@TTHREAD@@QAEHH@Z
?IsRunning@TTHREAD@@QAEHXZ
?Init@TENVAR@@QAEHPAD@Z
?Close@TENVAR@@QAEXXZ
?Init@TOGRE@@SAXPAVSceneManager@Ogre@@PAVRenderWindow@3@PAVCamera@3@PAUHWND__@@II@Z
?Close@TOGRE@@SAXXZ
?SetRandSeed@TRAND@@SAXK@Z
?SetRandSeed0@TRAND@@SAXK@Z
?SetRandSeed1@TRAND@@SAXK@Z
?SetRandSeed2@TRAND@@SAXK@Z
?SetRandSeed3@TRAND@@SAXK@Z
?SetRandSeed4@TRAND@@SAXK@Z
??1TTEXTURE@@QAE@XZ
msvcp71
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?uncaught_exception@std@@YA_NXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Nomemory@std@@YAXXZ
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
msvcr71
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
malloc
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
??3@YAXPAX@Z
__CxxFrameHandler
mk2_client
?MK2Client_connect@MK2NET@@QAEHXZ
?MK2Client_disconnect@MK2NET@@QAEXXZ
ttimegui
?GetPic@TGUI@@SAAAVTPIC@@PADH@Z
gdi32
BitBlt
CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA
shell32
ShellExecuteA
advapi32
RegisterEventSourceA
DeregisterEventSource
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueA
RegQueryValueA
ReportEventA
RegDeleteValueA
GetSidSubAuthorityCount
RegSetValueExA
GetSidSubAuthority
GetSidIdentifierAuthority
IsValidSid
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RevertToSelf
ImpersonateNamedPipeClient
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyA
CreateServiceA
StartServiceA
ControlService
DeleteService
QueryServiceConfigA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
GetUserNameA
GetSidLengthRequired
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
wsock32
closesocket
WSASetLastError
send
WSAGetLastError
recv
shutdown
Sections
.text Size: 28KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
nunc Size: 2.8MB - Virtual size: 5.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bibendum Size: 52KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
est Size: 564KB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.securom Size: 276KB - Virtual size: 276KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE