Static task
static1
Behavioral task
behavioral1
Sample
b2e6a84e8860ede29f0ec87ef9c251f72c3c875282c4318adff3ec9984cf7ecb.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
b2e6a84e8860ede29f0ec87ef9c251f72c3c875282c4318adff3ec9984cf7ecb.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
b2e6a84e8860ede29f0ec87ef9c251f72c3c875282c4318adff3ec9984cf7ecb
-
Size
542KB
-
MD5
20e982e1d33df1a9cd235f093e895c80
-
SHA1
230839eaa0138b7a3517cc91e000092f23ac927d
-
SHA256
b2e6a84e8860ede29f0ec87ef9c251f72c3c875282c4318adff3ec9984cf7ecb
-
SHA512
79d89d5ee0d2c66b4346586bec1cc34b6a8369c5a7af394f4d2fdde612afcfb4d7a3f6018aa96bc5f35767b3655ed7ced6789e943e3aff29f72b81154907eb6e
-
SSDEEP
12288:6NIOWDDWIRhsCgP0c9KiMQq9ptoG7Q3Gl5EeTdIaO6e:6NIOWDDWIjqq7QGl5EuaaON
Malware Config
Signatures
Files
-
b2e6a84e8860ede29f0ec87ef9c251f72c3c875282c4318adff3ec9984cf7ecb.exe windows x86
7c3be0b05c01228a4522808c1477fc4b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
dbghelp
MiniDumpWriteDump
psapi
GetProcessImageFileNameW
GetProcessMemoryInfo
GetModuleFileNameExW
kernel32
FindResourceW
GetModuleFileNameW
CreateEventW
WaitForSingleObject
SetEvent
LoadLibraryW
Process32NextW
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
GetTickCount
GetVersionExW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFileAttributesW
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
Module32NextW
Module32FirstW
WaitForMultipleObjects
Sleep
GetDiskFreeSpaceExW
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
GetModuleHandleW
CreateProcessW
lstrcpynW
UnmapViewOfFile
SizeofResource
CreateFileMappingW
DeleteFileW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetEndOfFile
FileTimeToDosDateTime
GetFileTime
LoadResource
FindFirstFileW
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
FindClose
GetCurrentProcess
GetSystemDefaultLangID
lstrcmpW
GetExitCodeThread
TerminateThread
DuplicateHandle
RaiseException
GetVersion
SetLastError
GetLocalTime
ReleaseMutex
GetCurrentThreadId
HeapDestroy
FindResourceExW
WriteFile
GlobalFree
GetTempFileNameW
GetTempPathW
CreateFileW
LockResource
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
InterlockedCompareExchange
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetVersionExA
lstrlenA
LocalFree
LocalAlloc
LoadLibraryA
DeviceIoControl
CopyFileA
lstrcatA
GetSystemDirectoryA
CreateFileA
lstrcpyA
ReadProcessMemory
GetLastError
OpenProcess
CopyFileW
CreateDirectoryW
CloseHandle
ReadFile
SetFilePointer
GetFileSize
CreateMutexW
SetUnhandledExceptionFilter
InitializeCriticalSection
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
FindNextFileW
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
MapViewOfFile
GetProcAddress
shell32
SHGetFolderPathW
SHGetFolderPathA
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHFileOperationW
ord165
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
utils
?LargeMemAlloc@@YAPAXI@Z
?LargeMemFree@@YAXPAX@Z
msvcp90
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?eof@?$char_traits@_W@std@@SAGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?length@?$char_traits@_W@std@@SAIPB_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?rdbuf@?$basic_fstream@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_filebuf@DU?$char_traits@D@std@@@2@XZ
?rdstate@ios_base@std@@QBEHXZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?setf@ios_base@std@@QAEHHH@Z
?setf@ios_base@std@@QAEHH@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0ABV12@@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$allocator@_W@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0@Z
?rbegin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
?rend@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
shlwapi
PathFileExistsW
StrCmpW
StrRChrW
PathRemoveFileSpecW
PathCombineW
PathIsDirectoryW
PathFindFileNameW
PathCompactPathW
msvcr90
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
memmove
_cexit
__wgetmainargs
_amsg_exit
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
strnlen
_vswprintf_c_l
sqrt
exp
fabs
strncpy_s
_beginthreadex
_wtoi64
_i64tow_s
wcstok_s
mbstowcs_s
setlocale
wcstombs_s
_ultow_s
_itoa_s
wcsncpy_s
iswspace
towupper
iswalpha
towlower
_i64toa_s
_ecvt_s
_wfopen_s
fseek
ftell
fread
fclose
tolower
abs
strcpy_s
_wcsdup
_waccess_s
wcsrchr
_mkgmtime64
_mktime64
wcsftime
strcat_s
_vscwprintf
wcsnlen
isxdigit
strtol
atoi
calloc
iswdigit
wcstol
_wcsnicmp
wcsncmp
_wcslwr_s
vswprintf_s
wcslen
wcsstr
memcpy_s
wcscmp
swprintf_s
wcscpy_s
wcschr
_wcsicmp
strpbrk
sprintf
memmove_s
strcmp
free
strlen
malloc
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_CxxThrowException
vsprintf_s
srand
rand
memcpy
_purecall
??_V@YAXPAX@Z
_vsnwprintf
_time64
_localtime64_s
_itow_s
wcscat_s
memset
sprintf_s
??2@YAPAXI@Z
__CxxFrameHandler3
_wtoi
??3@YAXPAX@Z
_decode_pointer
sscanf
??0exception@std@@QAE@ABV01@@Z
_exit
winhttp
WinHttpAddRequestHeaders
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpSetOption
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpOpen
WinHttpSetTimeouts
WinHttpQueryHeaders
wininet
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestW
InternetConnectA
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetGetConnectedState
HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetCrackUrlW
HttpQueryInfoW
GetUrlCacheEntryInfoW
iphlpapi
GetIpForwardTable
crypt32
CryptStringToBinaryA
CryptBinaryToStringW
CryptBinaryToStringA
CryptStringToBinaryW
gdiplus
GdipGetFontStyle
GdipGetFamily
GdipDeleteFont
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCreateFont
GdipDeleteFontFamily
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipFillPath
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCloneImage
GdipBitmapLockBits
GdipGetFontSize
GdipAddPathString
GdipDeletePath
GdipCreatePath
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDrawImageRectRectI
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsI
GdipBitmapUnlockBits
GdipFree
GdipAlloc
GdipCreateTexture
GdipDeleteBrush
GdipAddPathArcI
GdipGetPathWorldBounds
GdipClosePathFigure
GdipCloneBitmapAreaI
GdipCreateFromHDC
GdipGraphicsClear
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipCloneBrush
ws2_32
WSAAddressToStringA
getaddrinfo
WSAStartup
freeaddrinfo
user32
wsprintfA
IsCharAlphaNumericA
wsprintfW
GetWindowDC
CharLowerBuffW
FindWindowW
IsWindowVisible
GetDesktopWindow
GetShellWindow
GetWindowThreadProcessId
GetSystemMetrics
WindowFromPoint
SendMessageW
GetDC
ReleaseDC
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
PostThreadMessageW
PeekMessageW
GetMessageW
gdi32
GetTextExtentPoint32W
GetObjectW
GetDIBits
CreateDIBSection
SelectObject
BitBlt
DeleteDC
DeleteObject
GetStockObject
SetDIBitsToDevice
StretchBlt
CreateCompatibleDC
CreateDCW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
CheckTokenMembership
RegCreateKeyExW
RegCloseKey
FreeSid
AllocateAndInitializeSid
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CryptHashData
CryptGetHashParam
CryptSetKeyParam
CryptImportKey
CryptDestroyKey
CryptEncrypt
CryptDecrypt
ole32
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoCreateGuid
StringFromGUID2
CoUninitialize
CoTaskMemFree
oleaut32
VariantClear
SysAllocString
SysStringLen
SysAllocStringByteLen
VariantInit
SysStringByteLen
SysFreeString
Sections
.text Size: 369KB - Virtual size: 368KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rrdata Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE