__FineObjUsed
Static task
static1
Behavioral task
behavioral1
Sample
cdb33570cbd4a42419536e9db816f73f50ce70b55a6100f22f65ac3c18eb861e.exe
Resource
win7-20220812-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
cdb33570cbd4a42419536e9db816f73f50ce70b55a6100f22f65ac3c18eb861e.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
cdb33570cbd4a42419536e9db816f73f50ce70b55a6100f22f65ac3c18eb861e
-
Size
1000KB
-
MD5
a205b51a5f656251e22c7bf87c95ee60
-
SHA1
33184c100127a4e01008b99eac608a41552b5c15
-
SHA256
cdb33570cbd4a42419536e9db816f73f50ce70b55a6100f22f65ac3c18eb861e
-
SHA512
a6b6cc18f9e4c7af12fd7339c3a383f1d1be73fe5c0699684510499838629424579e6c35a2bacc5071a860e2c97d22e182c0e86d0b8708b3d1dd7e8cdff6b6a2
-
SSDEEP
12288:gorXRgx7xWylVbirMl3wYrpgoZsfY181gnPOG+jHzyaCqspOi:vbRicyzbiAl3/XsQ181hjHhC
Score
N/A
Malware Config
Signatures
Files
-
cdb33570cbd4a42419536e9db816f73f50ce70b55a6100f22f65ac3c18eb861e.exe windows x86
d9421136f22b8d64802a98804bc38bc5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msi
ord67
ord172
ord112
fineobj
?upperPrimeNumber@FObj@@YAHH@Z
?LoadStringA@FObj@@YAHHAAVCString@1@@Z
?Delete@CException@FObj@@QAEXXZ
?Warning@FObj@@YAXPAVCException@1@@Z
?MessageBoxA@FObj@@YAHAAVCMessage@1@H@Z
?InflateRect@CRect@FObj@@QAEXHHHH@Z
?GetMainWindow@FObj@@YAPAUHWND__@@XZ
??1CUnicodeString@FObj@@QAE@XZ
?destroy@CUnicodeStringBody@FObj@@QAEXXZ
?CreateString@CUnicodeString@FObj@@QBE?AVCString@2@I@Z
??0CUnicodeString@FObj@@QAE@PBG@Z
?LoadStringA@FObj@@YAHHAAVCUnicodeString@1@@Z
?emptyStringBody@CUnicodeStringBody@FObj@@2V12@A
?SetAppTitle@FObj@@YAXABVCString@1@@Z
?Value@CString@FObj@@QBEHAAIH@Z
?Mid@CString@FObj@@QBE?AV12@HH@Z
?CreateUnicodeString@CString@FObj@@QBE?AVCUnicodeString@2@I@Z
?CmpNoCase@CUnicodeString@FObj@@SAHPBV12@0@Z
?DecRef@CUnicodeStringBody@FObj@@QAEXXZ
??1CSetupBase@FObj@@MAE@XZ
??_7CSetupBase@FObj@@6B@
?MessageBoxA@FObj@@YAHPBGH@Z
?MessageBoxA@FObj@@YAHPBDH@Z
?DecRef@CStringBody@FObj@@QAEXXZ
?Str@FObj@@YA?AVCString@1@HH@Z
?Value@CUnicodeString@FObj@@QBEHAAHH@Z
?CommonPref@CString@FObj@@QBEHPBDH@Z
?TrimLeft@CString@FObj@@QAEXXZ
?GetBuffer@CString@FObj@@QAEPADH@Z
?ReleaseBuffer@CString@FObj@@QAEXH@Z
?GetBufferSetLength@CString@FObj@@QAEPADH@Z
?GetLength@CFile@FObj@@UBEHXZ
?Open@CFile@FObj@@QAEXABVCUnicodeString@2@I@Z
??0CFile@FObj@@QAE@XZ
?GetSystemLanguageIdFromInterfaceCode@FObj@@YAGH@Z
?GetCurrentLanguageCode@FObj@@YAHXZ
?GetString@CSetupBase@FObj@@QBE?AVCString@2@XZ
?SetString@CSetupBase@FObj@@QAEXABVCString@2@@Z
?CreateObject@FObj@@YA?AV?$CPtr@VIObject@FObj@@@1@ABVCString@1@@Z
?Value@FObj@@YAHABVCString@1@AAVCUnicodeString@1@@Z
?Str@FObj@@YA?AVCString@1@ABVCUnicodeString@1@@Z
??1CCriticalSectionLock@FObj@@QAE@XZ
??1CMemoryManagerSwitcher@FObj@@QAE@XZ
??0CMemoryManagerSwitcher@FObj@@QAE@PAVIMemoryManager@1@@Z
??0CCriticalSectionLock@FObj@@QAE@PAVCCriticalSection@1@H@Z
?cacheSetupSection@FObj@@3VCCriticalSection@1@A
??0CSetupBase@FObj@@IAE@ABVCString@1@00@Z
??0CSetupBase@FObj@@IAE@ABVCString@1@0W4TSetupType@1@@Z
??0CString@FObj@@QAE@XZ
??0CCacheSetupBool@FObj@@QAE@ABVCString@1@0HW4TSetupType@1@@Z
??1CCacheSetupBool@FObj@@UAE@XZ
??0CCacheSetupEnum@FObj@@QAE@ABVCString@1@0HPBUCEnumItem@1@W4TSetupType@1@@Z
??1CCacheSetupEnum@FObj@@UAE@XZ
??4CString@FObj@@QAEAAV01@ABV01@@Z
?Set@CCacheSetupBool@FObj@@UAEXH@Z
?Value@CString@FObj@@QBEHAAHH@Z
??0CString@FObj@@QAE@ABV01@@Z
?Value@CString@FObj@@QBEHAAKH@Z
?Read@CFile@FObj@@UAEHPAXH@Z
??1CFile@FObj@@UAE@XZ
?Str@FObj@@YA?AVCString@1@KH@Z
?SetCurrentLanguageCode@FObj@@YAXH@Z
?GetLanguageCode@FObj@@YAHH@Z
?FindLanguageIndex@FObj@@YAHH@Z
?Initialize@FObj@@YAHPBD0@Z
?AddResourceModule@FObj@@YAXPAUHINSTANCE__@@@Z
?AddResourcePrefix@FObj@@YAXPBD0@Z
?AccessFile@FileSystem@FObj@@YAHABVCString@2@I@Z
?Merge@FileSystem@FObj@@YA?AVCString@2@ABV32@000@Z
?assignStr@CString@FObj@@AAEXPBDH@Z
?Split@FileSystem@FObj@@YAXABVCString@2@AAV32@111@Z
?GetEXEFileName@FileSystem@FObj@@YA?AVCString@2@XZ
?LoadModule@FObj@@YAPAUHINSTANCE__@@PBD@Z
?Clean@FObj@@YAXXZ
?GetEXEDir@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@XZ
??0CUnicodeString@FObj@@QAE@XZ
?Trim@CString@FObj@@QAEXXZ
??0CUnicodeString@FObj@@QAE@ABV01@@Z
??0CError@FObj@@QAE@PBDH@Z
??1CError@FObj@@QAE@XZ
?CompareNoCase@CUnicodeString@FObj@@QBEHPBG@Z
?Mid@CUnicodeString@FObj@@QBE?AV12@H@Z
?GetExt@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?SubstParam@CMessage@FObj@@QBE?AVCUnicodeString@2@ABV32@@Z
?SubstParam@CMessage@FObj@@QBE?AVCString@2@ABV32@@Z
?concatStr@CUnicodeString@FObj@@AAEXPBGH@Z
?GetEXEFileName@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@XZ
?concatStr@CUnicodeString@FObj@@CAPAVCUnicodeStringBody@2@PBGH0H@Z
?Cmp@CUnicodeString@FObj@@SAHPBV12@0@Z
?Str@CMessage@FObj@@QBE?AVCString@2@XZ
?RegisterCreateObjectFunction@FObj@@YAXP6A?AV?$CPtr@VIObject@FObj@@@1@XZABVtype_info@@ABVCString@1@@Z
?UnregisterCreateObjectFunction@FObj@@YAXABVtype_info@@@Z
?Merge@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@0@Z
?CanonicalizePath@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?GetTemporaryDir@UnicodeTempFile@FObj@@YA?AVCUnicodeString@2@XZ
?DelTree@UnicodeFileSystem@FObj@@YAXABVCUnicodeString@2@@Z
?AccessDir@UnicodeFileSystem@FObj@@YAHABVCUnicodeString@2@@Z
?MergePath@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@0@Z
?UnicodeStr@FObj@@YA?AVCUnicodeString@1@JH@Z
?SubstParam@CMessage@FObj@@QBE?AVCUnicodeString@2@ABV32@00@Z
??0CSetupBool@FObj@@QAE@ABVCString@1@0HW4TSetupType@1@@Z
??1CSetupBool@FObj@@UAE@XZ
?Set@CSetupBool@FObj@@UAEXH@Z
?UnicodeStr@CMessage@FObj@@QBE?AVCUnicodeString@2@XZ
?ERR_RATIONAL_OVERFLOW@FObj@@3VCError@1@A
?IntersectRect@CRect@FObj@@QAEHABUtagRECT@@0@Z
?UnionRect@CRect@FObj@@QAEHABUtagRECT@@0@Z
?reduce@rational@FObj@@CAXAA_J0@Z
?ERR_DIVIDE_ZERO@FObj@@3VCError@1@A
??0CPoint@FObj@@QAE@UtagSIZE@@@Z
??GCPoint@FObj@@QBE?AVCSize@1@UtagPOINT@@@Z
??0CSize@FObj@@QAE@HH@Z
?CopyObject@FObj@@YAXPBVIObject@1@PAV21@@Z
?DeleteAll@CListBase@FObj@@QAEXXZ
??0CRect@FObj@@QAE@UtagPOINT@@UtagSIZE@@@Z
??_7CListBase@FObj@@6B@
??_7CListNodeBase@FObj@@6B@
?GenCheck@FObj@@YAXAAVCError@1@PBG11@Z
?Detach@CListNodeBase@FObj@@QAEXXZ
?NumberOfChildren@CListBase@FObj@@QBEHXZ
?FindResourceA@FObj@@YAPAUHINSTANCE__@@PBD0@Z
?emptyStringBody@CStringBody@FObj@@2V12@A
?DetachAll@CListBase@FObj@@QAEXXZ
??0CUnicodeString@FObj@@QAE@PBGH@Z
?SetAt@CUnicodeString@FObj@@QAEXHG@Z
?ERR_NO_GDI_RESOURCE@FObj@@3VCError@1@A
?IsWindows95@FObj@@YAHXZ
?concatStr@CString@FObj@@AAEXPBDH@Z
?replaceStr@CString@FObj@@AAEXHHPBDH@Z
??0CString@FObj@@AAE@PBGI@Z
??0CUnicodeString@FObj@@AAE@PBDI@Z
?GenCheck@FObj@@YAXAAVCError@1@PBD11@Z
?ERR_BAD_TEXT_FILE@FObj@@3VCError@1@A
?Name@CFile@FObj@@QBE?AVCString@2@XZ
?StrDel@CString@FObj@@QAEXHH@Z
?ReadRecord@CFile@FObj@@QAEXPAXH@Z
?Open@CFile@FObj@@QAEXABVCString@2@I@Z
?StrDel@CString@FObj@@QAEXH@Z
?AccessDir@FileSystem@FObj@@YAHABVCString@2@@Z
?RemoveIgnoreErrors@FileSystem@FObj@@YAXABVCString@2@@Z
?Abort@CFile@FObj@@UAEXXZ
?Write@CFile@FObj@@UAEXPBXH@Z
?Open@CFile@FObj@@QAEXABVCString@2@IK@Z
?Merge@FileSystem@FObj@@YA?AVCString@2@ABV32@00@Z
?Format@FObj@@YA?AVCString@1@PBDZZ
?GetExt@FileSystem@FObj@@YA?AVCString@2@ABV32@@Z
?GetName@FileSystem@FObj@@YA?AVCString@2@ABV32@@Z
?GetTemporaryDir@TempFile@FObj@@YA?AVCString@2@XZ
?IsWindowsNT@FObj@@YAHXZ
?Str@FObj@@YA?AVCString@1@IH@Z
?ReplaceExt@FileSystem@FObj@@YAXAAVCString@2@ABV32@@Z
?Value@CUnicodeString@FObj@@QBEHAAKH@Z
?Mid@CUnicodeString@FObj@@QBE?AV12@HH@Z
?MakeUpper@CUnicodeString@FObj@@QAEXXZ
?CmpNames@UnicodeFileSystem@FObj@@YAHPBVCUnicodeString@2@0@Z
?NormalizePath@UnicodeFileSystem@FObj@@YAXAAVCUnicodeString@2@@Z
?GetDrivePath@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?ZeroTime@FObj@@3VCTime@1@B
?GetTickCount@CTime@FObj@@SA?AV12@XZ
??0CTime@FObj@@AAE@_J@Z
?CreateFromFileTimeGmt@CTime@FObj@@SA?AV12@ABU_FILETIME@@@Z
?Str@FObj@@YA?AVCString@1@_KH@Z
?GetAsFileTimeGmt@CTime@FObj@@QBEXAAU_FILETIME@@@Z
?CreateZeroTime@CTime@FObj@@SA?AV12@XZ
?ReleaseBuffer@CUnicodeString@FObj@@QAEXH@Z
?GetBuffer@CUnicodeString@FObj@@QAEPAGH@Z
?Right@CUnicodeString@FObj@@QBE?AV12@H@Z
?Left@CUnicodeString@FObj@@QBE?AV12@H@Z
?getWritePtr@CArchive@FObj@@AAEPAXH@Z
?Flush@CArchive@FObj@@QAEXXZ
?fillBuffer@CArchive@FObj@@AAEXH@Z
?make@rational@FObj@@CA?AV12@_J0@Z
?GenCheckLastError@FObj@@YAXK@Z
?NormalizePath@FileSystem@FObj@@YAXAAVCString@2@@Z
?ThrowUserException@FObj@@YAXXZ
?CompareNoCase@CString@FObj@@QBEHPBD@Z
?Str@FObj@@YA?AVCString@1@JH@Z
?MessageID@FObj@@YAHABVCMessage@1@@Z
?GetNameExt@FileSystem@FObj@@YA?AVCString@2@ABV32@@Z
?SetBufferLength@CString@FObj@@QAEXH@Z
?Warning@CException@FObj@@UBEXXZ
??3CException@FObj@@SAXPAX@Z
??0CException@FObj@@QAE@XZ
??2CException@FObj@@SAPAXI@Z
??1CException@FObj@@UAE@XZ
?GetDrivePath@FileSystem@FObj@@YA?AVCString@2@ABV32@@Z
?Trim@CUnicodeString@FObj@@QAEXXZ
?StrDel@CUnicodeString@FObj@@QAEXHH@Z
?CommonPref@CUnicodeString@FObj@@QBEHPBGH@Z
?GetPath@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?GetRoot@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?GetNameExt@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
??0CFile@FObj@@QAE@ABVCUnicodeString@1@I@Z
??0CString@FObj@@QAE@PBDH@Z
?CharPos@CUnicodeString@FObj@@QBEHGH@Z
?MakeUpper@CString@FObj@@QAEXXZ
?Sprintf@FObj@@YA?AVCString@1@PBDZZ
?IsWindowsXP@FObj@@YA_NXZ
??0CCriticalSection@FObj@@QAE@XZ
??1CCriticalSection@FObj@@QAE@XZ
?Lock@CCriticalSection@FObj@@QAEXXZ
?Unlock@CCriticalSection@FObj@@QAEXXZ
?Body@CStringBody@FObj@@QAEPADXZ
?HashKey@@YAHPBD@Z
??0CTreeBase@FObj@@QAE@XZ
?Cmp@CString@FObj@@SAHPBV12@0@Z
?SetMainWindow@FObj@@YAXPAUHWND__@@@Z
?ThrowCOMException@FObj@@YAXJPAUIErrorInfo@@@Z
??0CString@FObj@@QAE@PBD@Z
?Merge@FileSystem@FObj@@YA?AVCString@2@ABV32@0@Z
?SubstParam@CMessage@FObj@@QBE?AVCString@2@ABV32@0@Z
??1CString@FObj@@QAE@XZ
?destroy@CStringBody@FObj@@QAEXXZ
??3@YAXPAX@Z
??1CMessage@FObj@@QAE@XZ
??0CMessage@FObj@@QAE@PBDH@Z
?Left@CString@FObj@@QBE?AV12@H@Z
?Mid@CString@FObj@@QBE?AV12@H@Z
?CompareSubstrNoCase@CString@FObj@@QBEHHPBDH@Z
??2@YAPAXI@Z
??0CString@FObj@@QAE@DH@Z
?concatStr@CString@FObj@@CAPAVCStringBody@2@PBDH0H@Z
?CharPos@CString@FObj@@QBEHDH@Z
?GenAssert@FObj@@YAXPBDJ@Z
?InsertPrev@CListNodeBase@FObj@@QAEXPAV12@@Z
?GetEXEDir@FileSystem@FObj@@YA?AVCString@2@XZ
?InsertNext@CListNodeBase@FObj@@QAEXPAV12@@Z
??1CListNodeBase@FObj@@UAE@XZ
?GetAt@CString@FObj@@QBEDH@Z
?GetModuleFileNameA@FileSystem@FObj@@YA?AVCString@2@PAUHINSTANCE__@@@Z
?GetModuleFileNameA@UnicodeFileSystem@FObj@@YA?AVCUnicodeString@2@PAUHINSTANCE__@@@Z
??1CArchive@FObj@@QAE@XZ
??0CArchive@FObj@@QAE@PAVCBaseFile@1@W4TDirection@01@H@Z
?Close@CFile@FObj@@UAEXXZ
?Close@CArchive@FObj@@QAEXXZ
?SetAttributes@UnicodeFileSystem@FObj@@YAXABVCUnicodeString@2@K@Z
?GetAttributes@UnicodeFileSystem@FObj@@YAKABVCUnicodeString@2@@Z
?AccessFile@UnicodeFileSystem@FObj@@YAHABVCUnicodeString@2@I@Z
?Body@CUnicodeStringBody@FObj@@QAEPAGXZ
?HashKey@@YAHPBG@Z
?UnicodeStr@FObj@@YA?AVCUnicodeString@1@KH@Z
?getReadPtr@CArchive@FObj@@AAEPBXH@Z
??0CUnicodeString@FObj@@QAE@GH@Z
?assignStr@CUnicodeString@FObj@@AAEXPBGH@Z
?Format@FObj@@YA?AVCUnicodeString@1@PBGZZ
??0CUnicodeSet@FObj@@QAE@PBG@Z
??1CUnicodeSet@FObj@@QAE@XZ
?insertStr@CUnicodeString@FObj@@AAEXPBGHH@Z
?GetAt@CUnicodeString@FObj@@QBEGH@Z
?UnicodeStr@FObj@@YA?AVCUnicodeString@1@_KH@Z
?GetDrive@FileSystem@FObj@@YA?AVCString@2@ABV32@@Z
fineobjfc
ord5360
ord3959
ord3892
ord2117
ord4941
ord1539
ord1545
ord5958
ord1606
ord5123
ord6299
ord5163
ord4669
ord4239
ord5137
ord2172
ord4220
ord875
ord727
ord636
??0CString@MFC@@QAE@ABV0FObj@@@Z
ord5764
ord3057
ord5662
ord2591
ord282
ord1241
ord6601
ord6149
ord6147
ord6061
ord2287
ord6187
ord6190
ord2984
ord3022
ord3750
ord2261
ord2260
ord2226
ord1070
ord1561
ord5726
ord2614
ord2127
ord2148
ord6141
ord6143
ord2159
ord1944
ord4551
ord5366
ord1954
ord5174
ord4668
ord4238
ord3533
ord546
ord856
ord2109
ord4885
ord4346
ord6407
ord6576
ord2449
ord2247
ord4157
ord4955
ord4958
ord4098
ord3124
ord4855
ord1066
ord5361
ord2811
ord2610
ord2609
ord3992
ord3914
ord5126
ord5166
ord2373
ord1492
ord4234
ord712
ord368
ord1273
ord5141
ord1946
ord1953
ord2594
ord5381
ord1798
ord4256
ord4902
ord4538
ord4593
ord4343
ord4298
ord3708
ord4209
ord6132
ord4224
ord2839
ord2364
ord5838
ord5727
ord5678
ord1469
ord2184
ord1247
ord3921
ord1281
ord5763
ord2659
ord4063
ord2306
ord3460
ord2166
ord1678
ord3471
ord6612
ord3179
ord3534
ord857
ord588
ord2360
ord1797
ord4091
ord3282
ord2595
ord3621
ord6263
ord2118
ord3180
ord844
ord889
ord5870
ord1793
ord6116
ord1922
ord4493
ord1393
ord1198
ord6520
ord6611
ord4281
ord2271
ord2227
ord5603
ord3762
ord1186
ord5059
ord2125
ord3120
ord5189
ord5191
ord3917
ord4512
ord5196
ord5173
ord5586
ord4432
ord582
ord885
ord1309
ord1082
ord539
ord4002
ord1235
ord2336
ord1381
ord2451
ord1324
ord4155
ord4939
ord1538
ord1543
ord6303
ord4916
ord6602
ord2307
ord4156
ord4940
ord1537
ord1544
ord4199
ord5147
ord3535
ord858
ord548
ord3062
ord1677
ord5969
ord3268
ord5970
ord3269
ord5896
ord4253
ord4886
ord5971
ord6013
ord3056
ord284
ord4514
ord3953
ord3271
ord6391
ord6572
ord4510
ord2810
ord2817
ord6264
ord2225
ord2259
ord5132
ord5612
ord1565
ord5465
ord2924
ord5545
ord4796
ord2128
ord4184
ord3235
ord2951
ord5983
ord6090
ord4433
ord4223
ord686
ord336
ord3961
ord4652
ord4216
ord1477
ord3270
ord3228
ord2949
ord4455
ord4060
ord2298
ord4192
ord3126
ord3379
ord1601
ord6289
ord2143
ord1692
ord4062
ord2303
ord4196
ord3445
ord733
ord5770
ord2675
ord1840
ord2890
ord5633
ord2140
ord1691
ord4193
ord3430
ord642
ord3063
ord6066
ord5842
ord2842
ord6519
ord6610
ord4392
ord4395
ord4734
ord4162
ord4726
ord2174
ord4132
ord4140
ord4547
ord4723
ord4335
ord4350
ord4348
ord4330
ord4333
ord4328
ord4807
ord4804
ord3948
ord5129
ord3569
ord1556
ord4230
ord581
ord883
ord5149
ord300
ord656
ord3373
ord5658
ord1466
ord1465
ord3375
ord6012
ord5661
ord5660
ord482
ord560
ord5009
ord4308
ord4263
ord4706
ord3650
ord5785
ord1534
ord1533
ord437
ord3502
ord5754
ord3974
ord4089
ord3519
ord5672
ord3284
ord6037
ord5641
ord5654
?WM_QUERYUNICODECHAR@FObj@@3IB
ord806
ord479
ord5642
ord2702
ord5631
ord6109
ord5628
ord6103
ord4122
ord6106
ord5922
ord6084
ord5750
ord5667
ord5570
ord5608
ord5467
ord5458
ord5963
ord5740
ord3380
ord2181
ord2459
ord2219
ord3423
ord6082
ord3967
ord6111
ord3573
ord2746
ord1614
ord3891
ord6578
ord2304
ord4197
ord3446
ord734
ord6158
ord4315
ord3054
ord5907
ord3839
ord5903
ord3843
ord3876
ord2973
ord2778
ord4334
ord4329
ord4349
ord5577
ord3042
ord3127
ord3381
ord785
ord447
ord4191
ord3376
ord632
ord1750
ord3952
ord5655
ord2368
ord436
ord5396
ord1375
ord4309
ord3564
ord2297
ord6563
ord4445
ord4569
ord4861
ord4170
ord4671
ord4666
ord1609
ord4672
ord6354
ord6069
ord6365
ord4061
ord2300
ord3384
ord2615
ord887
ord585
ord3075
ord6114
ord4076
ord2590
ord1356
ord1304
ord5675
ord6382
ord6568
ord323
ord324
ord2229
ord4528
ord2598
ord6262
ord4501
ord6399
ord3130
ord354
ord2230
ord3286
ord3233
ord4534
ord4417
ord1631
ord3652
ord2377
ord1496
ord5928
ord5927
ord6189
ord6479
ord6595
ord1517
ord5172
ord1725
ord4229
ord825
ord511
ord3315
ord4637
ord1105
ord2244
ord3260
ord4905
ord2613
ord4237
ord5725
ord4533
ord2612
ord6477
ord6594
ord4789
ord4172
ord5171
ord821
ord501
ord5929
ord4667
ord4149
ord4673
ord4819
ord4742
ord6512
ord6605
ord389
ord574
ord1838
ord4006
ord2658
ord3969
ord2292
ord6344
ord2437
ord4651
ord2593
ord6059
ord2770
ord1772
ord2182
ord4901
ord4860
ord4917
ord6483
ord6596
msvcrt
wcscmp
free
malloc
realloc
_strdup
wcslen
qsort
_purecall
iswspace
bsearch
sscanf
wcsstr
_mbscmp
??1type_info@@UAE@XZ
wcsncpy
__RTDynamicCast
strstr
memmove
_CxxThrowException
__CxxFrameHandler
_setmbcp
strchr
strncpy
strtoul
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
kernel32
SetLastError
CreateMutexA
SetEvent
GetStartupInfoA
ReleaseMutex
LocalFree
FormatMessageA
WaitForSingleObject
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
CloseHandle
GetSystemDirectoryA
GetVolumeInformationA
ResetEvent
CreateEventA
MultiByteToWideChar
WideCharToMultiByte
LockResource
GetVersion
ExpandEnvironmentStringsA
GetProfileIntA
SearchPathA
GetLocaleInfoA
GetSystemDefaultLangID
GetUserDefaultLangID
GetCurrentThreadId
GlobalFree
GlobalMemoryStatus
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetProcAddress
lstrcatA
lstrcpyA
GetVersionExA
HeapDestroy
LoadLibraryA
GetTickCount
Sleep
GetCommandLineW
IsDBCSLeadByte
lstrcpynA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
lstrcmpiA
FreeLibrary
InitializeCriticalSection
GetModuleFileNameA
GetShortPathNameA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrlenA
lstrlenW
CreateProcessA
user32
GetKeyState
GetCursorPos
ScreenToClient
SetCursor
LoadCursorA
SetCursorPos
ReleaseCapture
SetCapture
ShowScrollBar
PeekMessageA
GetActiveWindow
GetCapture
SetActiveWindow
AppendMenuA
RemoveMenu
KillTimer
SetTimer
SetForegroundWindow
UpdateWindow
BringWindowToTop
CharNextA
IsWindow
GetScrollInfo
SetScrollPos
GetParent
InsertMenuItemA
RegisterClipboardFormatA
DestroyCursor
DefWindowProcA
EnumWindows
GetClassInfoExA
RegisterClassExA
GetWindowRect
GetMenuItemID
IsWindowVisible
IsIconic
DestroyCaret
HideCaret
SetMenuDefaultItem
GetMenu
PostMessageA
RegisterWindowMessageA
GetClientRect
GetSysColorBrush
DrawFrameControl
GetDC
ReleaseDC
FillRect
PostQuitMessage
ShowWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsChild
MapVirtualKeyA
SetScrollInfo
GetScrollPos
GetScrollRange
InvalidateRect
GetDlgItem
ClientToScreen
GetAsyncKeyState
GetKeyNameTextA
CopyAcceleratorTableA
GetDesktopWindow
FindWindowA
LoadImageA
IsWindowEnabled
DrawFocusRect
GetLastActivePopup
ModifyMenuA
LoadMenuA
SystemParametersInfoA
GetWindow
GetFocus
CreateCaret
ShowCaret
SetCaretPos
GetMenuState
GetMenuDefaultItem
DeleteMenu
GetDlgCtrlID
AdjustWindowRect
GetSystemMetrics
DrawTextA
GetSubMenu
SetMenuItemInfoA
GetSysColor
GetMenuItemInfoA
GetMenuItemCount
EnableWindow
LoadIconA
SendMessageA
DrawEdge
DrawCaption
IsDlgButtonChecked
LoadBitmapA
SetWindowLongA
SetWindowPos
EnumThreadWindows
GetWindowLongA
SetFocus
GetDoubleClickTime
CopyRect
GrayStringA
TabbedTextOutA
GetClassNameA
SendMessageTimeoutA
gdi32
CreateFontIndirectA
GetStockObject
CreateCompatibleDC
CreateSolidBrush
GetTextExtentPoint32A
DPtoLP
Rectangle
SelectObject
CreateBitmapIndirect
CreateDCA
GetRgnBox
CombineRgn
CreateRectRgnIndirect
LPtoDP
GetClipRgn
CreateRectRgn
GetWindowOrgEx
CreatePen
SetRectRgn
GetRegionData
PtInRegion
OffsetRgn
InvertRgn
PtVisible
RectVisible
FillRgn
TextOutA
ExtTextOutA
Escape
FrameRgn
SetBrushOrgEx
GetMapMode
TextOutW
GetTextExtentPoint32W
GetTextColor
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
SetBkMode
GetTextMetricsA
RealizePalette
SelectPalette
CreateDIBSection
StretchBlt
GetDIBits
SetMapMode
CreatePalette
CreateDIBitmap
StretchDIBits
PatBlt
GetObjectA
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
SetTextColor
SetBkColor
comdlg32
CommDlgExtendedError
advapi32
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
shell32
SHGetMalloc
SHGetPathFromIDListA
DragQueryFileA
ShellExecuteExA
SHBrowseForFolderA
ShellExecuteA
comctl32
ImageList_Add
ImageList_Create
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_SetBkColor
ImageList_AddMasked
_TrackMouseEvent
ImageList_Remove
ImageList_DrawIndirect
ImageList_Destroy
ole32
CoRegisterClassObject
CoTaskMemRealloc
ReleaseStgMedium
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateGuid
oleaut32
CreateErrorInfo
LoadRegTypeLi
SysStringLen
GetErrorInfo
SysAllocString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SetErrorInfo
langinfo
?GetUnicodeFromLetter@LangInfo@@SIGF@Z
?DigitLetters@LangInfo@@2VCLetterSet@@A
?GetLetterFromUnicode@LangInfo@@SIFG@Z
??0CLetterSet@@QAE@PBD@Z
?LinguisticUpperCase@LangInfo@@SIFFFK@Z
?IsValidLetter@LangInfo@@SIHF@Z
?IsValidLanguageId@LangInfo@@SIHF@Z
?LinguisticLetters@LangInfo@@2VCLetterSet@@B
Exports
Exports
Sections
.text Size: 744KB - Virtual size: 740KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 144KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 44KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE