bazarbackdoor | 9721704252[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

9721704252.zip
Size

50.4MB
MD5

148761097499e7f359a8290abe28c203
SHA1

58044c953fe0fd5857f6021cf68b776575d1cb54
SHA256

2435b13ad555ea5f5baf034cdb318f396ce75d0f6edaf28907fa5eee79134890
SHA512

2ac9a01fa78bdabf1d4a183abaae031f0de79f1de35dc0cf3f35d36f34dd5c33af860ff6a09874b6c81163a17e617b22c021a73cb77d18844f92d7efd35e0d9d
SSDEEP

1572864:du76VH9xRnv2o91x9gMx4WklowFRqCQyHX:A7WMo919DCNDqTmX

Score

10^/10

bazarbackdoor

Malware Config

Signatures

Bazar/Team9 Backdoor payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack001/2fdff7eb8d11d93b42e5fb6cc86f596289180f2770f4cc2f1d6951f765873cbe	BazarBackdoorVar3

Bazarbackdoor family
bazarbackdoor

Files

9721704252.zip
.zip

Password: infected
2fdff7eb8d11d93b42e5fb6cc86f596289180f2770f4cc2f1d6951f765873cbe
.exe windows x64

5e9a1fb9fb6dbe5837ebbeeae609b7c0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:88:3b:fb:88:38:ac:27:c4:5b:74:c5:0f:42:b2:5b
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

11-07-2018 00:00

Not After

10-07-2021 23:59

Subject

CN=Unity Technologies Aps,OU=Core Developer Services,O=Unity Technologies Aps,L=København K,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ec:91:9e:e2:12:dc:c9:ff:1e:32:e3:b5:c7:78:fd:b7:ac:e7:b4:5e
Signer

Actual PE Digest

ec:91:9e:e2:12:dc:c9:ff:1e:32:e3:b5:c7:78:fd:b7:ac:e7:b4:5e

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Unity Technologies Aps,OU=Core Developer Services,O=Unity Technologies Aps,L=København K,C=DK

12-12-2019 07:39
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

crypt32

CryptEncodeObject
CertOpenStore
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertAddCertificateContextToStore
CertStrToNameW
CertCreateSelfSignCertificate
PFXImportCertStore
PFXExportCertStoreEx
CertAddEncodedCertificateToStore
CertGetCertificateChain
CertFreeCertificateChain
CryptDecodeObjectEx

libfbxsdk

??1FbxPropertyHandle@fbxsdk@@QEAA@XZ
??8FbxPropertyHandle@fbxsdk@@QEBA_NAEBV01@@Z
?Is@FbxPropertyHandle@fbxsdk@@QEBA_NAEBV12@@Z
?Find@FbxPropertyHandle@fbxsdk@@QEBA?AV12@PEBD_N@Z
??1FbxDataType@fbxsdk@@QEAA@XZ
?ObjectType@FbxCriteria@fbxsdk@@SA?AV12@AEBVFbxClassId@2@@Z
??1FbxCriteria@fbxsdk@@QEAA@XZ
??0FbxProperty@fbxsdk@@QEAA@XZ
??0FbxProperty@fbxsdk@@QEAA@AEBV01@@Z
??0FbxProperty@fbxsdk@@QEAA@AEBVFbxPropertyHandle@1@@Z
??1FbxProperty@fbxsdk@@QEAA@XZ
?GetPropertyDataType@FbxProperty@fbxsdk@@QEBA?AVFbxDataType@2@XZ
?GetName@FbxProperty@fbxsdk@@QEBA?AVFbxString@2@XZ
?GetNameAsCStr@FbxProperty@fbxsdk@@QEBAPEBDXZ
?GetFlag@FbxProperty@fbxsdk@@QEBA_NW4EFlags@FbxPropertyFlags@2@@Z
??4FbxProperty@fbxsdk@@QEAAAEAV01@AEBV01@@Z
?IsValid@FbxProperty@fbxsdk@@QEBA_NXZ
?Modified@FbxProperty@fbxsdk@@QEBA_NXZ
?GetFirstDescendent@FbxProperty@fbxsdk@@QEBA?AV12@XZ
?GetNextDescendent@FbxProperty@fbxsdk@@QEBA?AV12@AEBV12@@Z
?Find@FbxProperty@fbxsdk@@QEBA?AV12@PEBD_N@Z
?FindHierarchical@FbxProperty@fbxsdk@@QEBA?AV12@PEBD_N@Z
?GetAnimationEvaluator@FbxProperty@fbxsdk@@QEBAPEAVFbxAnimEvaluator@2@XZ
?Get@FbxPropertyValue@fbxsdk@@QEAA_NPEAXW4EFbxType@2@@Z
?FbxSetMallocHandler@fbxsdk@@YAXP6APEAX_K@Z@Z
?FbxSetCallocHandler@fbxsdk@@YAXP6APEAX_K0@Z@Z
?FbxSetReallocHandler@fbxsdk@@YAXP6APEAXPEAX_K@Z@Z
?FbxSetFreeHandler@fbxsdk@@YAXP6AXPEAX@Z@Z
?FbxFree@fbxsdk@@YAXPEAX@Z
??0FbxString@fbxsdk@@QEAA@XZ
??0FbxString@fbxsdk@@QEAA@AEBV01@@Z
??0FbxString@fbxsdk@@QEAA@PEBD@Z
??1FbxString@fbxsdk@@QEAA@XZ
?Buffer@FbxString@fbxsdk@@QEAAPEADXZ
?Buffer@FbxString@fbxsdk@@QEBAPEBDXZ
??8FbxString@fbxsdk@@QEBA_NPEBD@Z
??BFbxString@fbxsdk@@QEBAPEBDXZ
?Mid@FbxString@fbxsdk@@QEBA?AV12@_K@Z
?Left@FbxString@fbxsdk@@QEBA?AV12@_K@Z
?Find@FbxString@fbxsdk@@QEBAHPEBD_K@Z
?GetTokenCount@FbxString@fbxsdk@@QEBAHPEBD@Z
?GetToken@FbxString@fbxsdk@@QEBA?AV12@HPEBD@Z
?GetErrorString@FbxStatus@fbxsdk@@QEBAPEBDXZ
?GetFrameRate@FbxTime@fbxsdk@@SANW4EMode@12@@Z
?SetSecondDouble@FbxTime@fbxsdk@@QEAAXN@Z
?GetSecondDouble@FbxTime@fbxsdk@@QEBANXZ
?GetDuration@FbxTimeSpan@fbxsdk@@QEBA?AVFbxTime@2@XZ
?IsInside@FbxTimeSpan@fbxsdk@@QEBA_NVFbxTime@2@@Z
?IsAnimated@FbxProperty@fbxsdk@@QEBA_NPEAVFbxAnimLayer@2@@Z
?GetCurveNode@FbxProperty@fbxsdk@@QEAAPEAVFbxAnimCurveNode@2@_N@Z
?GetCurve@FbxProperty@fbxsdk@@QEAAPEAVFbxAnimCurve@2@PEAVFbxAnimLayer@2@_N@Z
?GetCurve@FbxProperty@fbxsdk@@QEAAPEAVFbxAnimCurve@2@PEAVFbxAnimLayer@2@PEBD1_N@Z
?GetSrcObjectCount@FbxProperty@fbxsdk@@QEBAHXZ
?GetSrcObjectCount@FbxProperty@fbxsdk@@QEBAHAEBVFbxCriteria@2@@Z
?GetSrcObject@FbxProperty@fbxsdk@@QEBAPEAVFbxObject@2@AEBVFbxCriteria@2@H@Z
?FindSrcObject@FbxProperty@fbxsdk@@QEBAPEAVFbxObject@2@AEBVFbxCriteria@2@PEBDH@Z
?Set@FbxProperty@fbxsdk@@IEAA_NPEBXAEBW4EFbxType@2@_N@Z
?Get@FbxProperty@fbxsdk@@IEBA_NPEAXAEBW4EFbxType@2@@Z
?Destroy@FbxObject@fbxsdk@@QEAAX_N@Z
?GetName@FbxObject@fbxsdk@@QEBAPEBDXZ
?GetNameWithoutNameSpacePrefix@FbxObject@fbxsdk@@QEBA?AVFbxString@2@XZ
?GetUniqueID@FbxObject@fbxsdk@@QEBAAEB_KXZ
?GetNextProperty@FbxObject@fbxsdk@@QEBA?AVFbxProperty@2@AEBV32@@Z
?FindProperty@FbxObject@fbxsdk@@QEBA?AVFbxProperty@2@PEBD_N@Z
?FindPropertyHierarchical@FbxObject@fbxsdk@@QEBA?AVFbxProperty@2@PEBD_N@Z
?Create@FbxManager@fbxsdk@@SAPEAV12@XZ
?Create@FbxIOSettings@fbxsdk@@SAPEAV12@PEAVFbxManager@2@PEBD@Z
?SetBoolProp@FbxIOSettings@fbxsdk@@QEAAXPEBD_N@Z
??0FbxAxisSystem@fbxsdk@@QEAA@W4EUpVector@01@W4EFrontVector@01@W4ECoordSystem@01@@Z
??1FbxAxisSystem@fbxsdk@@UEAA@XZ
??9FbxAxisSystem@fbxsdk@@QEBA_NAEBV01@@Z
?ConvertScene@FbxAxisSystem@fbxsdk@@QEBAXPEAVFbxScene@2@@Z
?Create@FbxImporter@fbxsdk@@SAPEAV12@PEAVFbxManager@2@PEBD@Z
?GetFileVersion@FbxImporter@fbxsdk@@QEAAXAEAH00@Z
?GetFileHeaderInfo@FbxImporter@fbxsdk@@QEAAPEAVFbxIOFileHeaderInfo@2@XZ
?Import@FbxImporter@fbxsdk@@QEAA_NPEAVFbxDocument@2@_N@Z
?SetEmbeddingExtractionFolder@FbxImporter@fbxsdk@@QEAAXPEBD@Z
?GetSceneInfo@FbxImporter@fbxsdk@@QEAAPEAVFbxDocumentInfo@2@XZ
?IsFBX@FbxImporter@fbxsdk@@QEAA_NXZ
?GetDocumentInfo@FbxDocument@fbxsdk@@QEBAPEAVFbxDocumentInfo@2@XZ
?GetParent@FbxNode@fbxsdk@@QEAAPEAV12@XZ
?GetChildCount@FbxNode@fbxsdk@@QEBAH_N@Z
?GetChild@FbxNode@fbxsdk@@QEAAPEAV12@H@Z
?GetTarget@FbxNode@fbxsdk@@QEBAPEAV12@XZ
?GetTargetUp@FbxNode@fbxsdk@@QEBAPEAV12@XZ
?GetNodeAttribute@FbxNode@fbxsdk@@QEAAPEAVFbxNodeAttribute@2@XZ
?GetNodeAttributeCount@FbxNode@fbxsdk@@QEBAHXZ
?GetNodeAttributeByIndex@FbxNode@fbxsdk@@QEAAPEAVFbxNodeAttribute@2@H@Z
?GetSkeleton@FbxNode@fbxsdk@@QEAAPEAVFbxSkeleton@2@XZ
?GetMesh@FbxNode@fbxsdk@@QEAAPEAVFbxMesh@2@XZ
?GetCamera@FbxNode@fbxsdk@@QEAAPEAVFbxCamera@2@XZ
?GetLight@FbxNode@fbxsdk@@QEAAPEAVFbxLight@2@XZ
?SetPivotState@FbxNode@fbxsdk@@QEAAXW4EPivotSet@12@W4EPivotState@12@@Z
?SetRotationOrder@FbxNode@fbxsdk@@QEAAXW4EPivotSet@12@W4EOrder@FbxEuler@2@@Z
?GetRotationOrder@FbxNode@fbxsdk@@QEBAXW4EPivotSet@12@AEAW4EOrder@FbxEuler@2@@Z
?SetRotationPivot@FbxNode@fbxsdk@@QEAAXW4EPivotSet@12@VFbxVector4@2@@Z
?GetPreRotation@FbxNode@fbxsdk@@QEBAAEBVFbxVector4@2@W4EPivotSet@12@@Z
?GetPostRotation@FbxNode@fbxsdk@@QEBAAEBVFbxVector4@2@W4EPivotSet@12@@Z
?SetScalingPivot@FbxNode@fbxsdk@@QEAAXW4EPivotSet@12@VFbxVector4@2@@Z
?ResetPivotSet@FbxNode@fbxsdk@@QEAAXW4EPivotSet@12@@Z
?ConvertPivotAnimationRecursive@FbxNode@fbxsdk@@QEAAXPEAVFbxAnimStack@2@W4EPivotSet@12@N_N@Z
?ResetPivotSetAndConvertAnimation@FbxNode@fbxsdk@@QEAAXN_N00@Z
?GetAnimationInterval@FbxNode@fbxsdk@@QEAA_NAEAVFbxTimeSpan@2@PEAVFbxAnimStack@2@H@Z
?GetMaterialCount@FbxNode@fbxsdk@@QEBAHXZ
?GetMaterial@FbxNode@fbxsdk@@QEBAPEAVFbxSurfaceMaterial@2@H@Z
?GetLocalTimeSpan@FbxAnimStack@fbxsdk@@QEBA?AVFbxTimeSpan@2@XZ
?BakeLayers@FbxAnimStack@fbxsdk@@QEAA_NPEAVFbxAnimEvaluator@2@VFbxTime@2@11@Z
?ValidateTime@FbxAnimEvaluator@fbxsdk@@QEAA?AVFbxTime@2@AEBV32@@Z
?GetPropertyEvalState@FbxAnimEvaluator@fbxsdk@@IEAAPEAVFbxPropertyEvalState@2@AEAVFbxProperty@2@AEBVFbxTime@2@_N@Z
?GetTranslationU@FbxTexture@fbxsdk@@QEBANXZ
?GetTranslationV@FbxTexture@fbxsdk@@QEBANXZ
?GetScaleU@FbxTexture@fbxsdk@@QEBANXZ
?GetScaleV@FbxTexture@fbxsdk@@QEBANXZ
?GetCount@FbxLayerElementArray@fbxsdk@@QEBAHXZ
?GetAt@FbxLayerElementArray@fbxsdk@@QEBA_NHPEAPEAXW4EFbxType@2@@Z
?GetFirst@FbxLayerElementArray@fbxsdk@@QEBA_NPEAPEAXW4EFbxType@2@@Z
?GetNormals@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementNormal@2@XZ
?GetTangents@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementTangent@2@XZ
?GetBinormals@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementBinormal@2@XZ
?GetMaterials@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementMaterial@2@XZ
?GetUVs@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementUV@2@W4EType@FbxLayerElement@2@@Z
?GetVertexColors@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementVertexColor@2@XZ
?GetSmoothing@FbxLayer@fbxsdk@@QEAAPEAVFbxLayerElementSmoothing@2@XZ
?GetNode@FbxNodeAttribute@fbxsdk@@QEBAPEAVFbxNode@2@H@Z
?GetAxisSystem@FbxGlobalSettings@fbxsdk@@QEAA?AVFbxAxisSystem@2@XZ
?GetSystemUnit@FbxGlobalSettings@fbxsdk@@QEBA?AVFbxSystemUnit@2@XZ
?GetTimeMode@FbxGlobalSettings@fbxsdk@@QEBA?AW4EMode@FbxTime@2@XZ
?GetCustomFrameRate@FbxGlobalSettings@fbxsdk@@QEBANXZ
?Create@FbxScene@fbxsdk@@SAPEAV12@PEAVFbxManager@2@PEBD@Z
?GetRootNode@FbxScene@fbxsdk@@QEBAPEAVFbxNode@2@XZ
?FillTextureArray@FbxScene@fbxsdk@@QEAAXAEAV?$FbxArray@PEAVFbxTexture@fbxsdk@@@2@@Z
?GetGlobalSettings@FbxScene@fbxsdk@@QEAAAEAVFbxGlobalSettings@2@XZ
?GetAnimationEvaluator@FbxScene@fbxsdk@@QEAAPEAVFbxAnimEvaluator@2@XZ
?GetMaterialCount@FbxScene@fbxsdk@@QEBAHXZ
?GetMaterial@FbxScene@fbxsdk@@QEAAPEAVFbxSurfaceMaterial@2@H@Z
??1FbxAnimCurveKey@fbxsdk@@UEAA@XZ
?GetValue@FbxAnimCurveKey@fbxsdk@@QEBAMXZ
?GetInterpolation@FbxAnimCurveKey@fbxsdk@@QEAA?AW4EInterpolationType@FbxAnimCurveDef@2@XZ
?GetTangentMode@FbxAnimCurveKey@fbxsdk@@QEAA?AW4ETangentMode@FbxAnimCurveDef@2@_N@Z
?GetConstantMode@FbxAnimCurveKey@fbxsdk@@QEBA?AW4EConstantMode@FbxAnimCurveDef@2@XZ
?GetChannelsCount@FbxAnimCurveNode@fbxsdk@@QEBAIXZ
?GetCurve@FbxAnimCurveNode@fbxsdk@@QEAAPEAVFbxAnimCurve@2@IIPEBD@Z
?GetChannel@FbxAnimCurveNode@fbxsdk@@AEAA?AVFbxProperty@2@I@Z
?GetSourceWeight@FbxConstraint@fbxsdk@@QEBANPEBVFbxObject@2@@Z
?GetWorldUpObject@FbxConstraintAim@fbxsdk@@QEBAPEAVFbxObject@2@XZ
?GetTranslationOffset@FbxConstraintParent@fbxsdk@@QEBA?AVFbxVector4@2@PEBVFbxObject@2@@Z
?GetRotationOffset@FbxConstraintParent@fbxsdk@@QEBA?AVFbxVector4@2@PEBVFbxObject@2@@Z
?GetBlendShapeChannelCount@FbxBlendShape@fbxsdk@@QEBAHXZ
?GetBlendShapeChannel@FbxBlendShape@fbxsdk@@QEAAPEAVFbxBlendShapeChannel@2@H@Z
?GetBlendShapeChannel@FbxBlendShape@fbxsdk@@QEBAPEBVFbxBlendShapeChannel@2@H@Z
?GetTargetShapeCount@FbxBlendShapeChannel@fbxsdk@@QEBAHXZ
?GetTargetShape@FbxBlendShapeChannel@fbxsdk@@QEBAPEBVFbxShape@2@H@Z
?GetTargetShapeFullWeights@FbxBlendShapeChannel@fbxsdk@@QEAAPEANXZ
?GetApertureMode@FbxCamera@fbxsdk@@QEBA?AW4EApertureMode@12@XZ
?GetApertureWidth@FbxCamera@fbxsdk@@QEBANXZ
?GetApertureHeight@FbxCamera@fbxsdk@@QEBANXZ
?ComputeFieldOfView@FbxCamera@fbxsdk@@QEBANN@Z
?GetLinkMode@FbxCluster@fbxsdk@@QEBA?AW4ELinkMode@12@XZ
?GetLink@FbxCluster@fbxsdk@@QEAAPEAVFbxNode@2@XZ
?GetControlPointIndicesCount@FbxCluster@fbxsdk@@QEBAHXZ
?GetControlPointIndices@FbxCluster@fbxsdk@@QEBAPEAHXZ
?GetControlPointWeights@FbxCluster@fbxsdk@@QEBAPEANXZ
?GetTransformMatrix@FbxCluster@fbxsdk@@QEBAAEAVFbxAMatrix@2@AEAV32@@Z
?GetTransformLinkMatrix@FbxCluster@fbxsdk@@QEBAAEAVFbxAMatrix@2@AEAV32@@Z
?GetLayerCount@FbxLayerContainer@fbxsdk@@QEBAHXZ
?GetLayer@FbxLayerContainer@fbxsdk@@QEAAPEAVFbxLayer@2@H@Z
?GetElementNormal@FbxGeometryBase@fbxsdk@@QEBAPEBVFbxLayerElementNormal@2@H@Z
?GetDeformerCount@FbxGeometry@fbxsdk@@QEBAHW4EDeformerType@FbxDeformer@2@@Z
?GetDeformer@FbxGeometry@fbxsdk@@QEBAPEAVFbxDeformer@2@HW4EDeformerType@32@PEAVFbxStatus@2@@Z
?GetShapeCount@FbxGeometry@fbxsdk@@QEBAHXZ
?GetShapeChannel@FbxGeometry@fbxsdk@@QEAAPEAVFbxAnimCurve@2@HHPEAVFbxAnimLayer@2@_NPEAVFbxStatus@2@@Z
?GetPolygonCount@FbxMesh@fbxsdk@@QEBAHXZ
?GetPolygonSize@FbxMesh@fbxsdk@@QEBAHH@Z
?GetPolygonVertices@FbxMesh@fbxsdk@@QEBAPEAHXZ
?GetClusterCount@FbxSkin@fbxsdk@@QEBAHXZ
?GetCluster@FbxSkin@fbxsdk@@QEAAPEAVFbxCluster@2@H@Z
?GetSource@FbxBindingTableEntry@fbxsdk@@QEBAPEBDXZ
?GetEntryForDestination@FbxBindingTableBase@fbxsdk@@QEBAPEBVFbxBindingTableEntry@2@PEBD@Z
?GetFileName@FbxFileTexture@fbxsdk@@QEBAPEBDXZ
?GetRelativeFileName@FbxFileTexture@fbxsdk@@QEBAPEBDXZ
?GetRootTable@FbxImplementation@fbxsdk@@QEBAPEBVFbxBindingTable@2@XZ
?GetImplementation@fbxsdk@@YAPEBVFbxImplementation@1@PEBVFbxObject@1@PEBD@Z
?Triangulate@FbxGeometryConverter@fbxsdk@@QEAAPEAVFbxNodeAttribute@2@PEAV32@_N1@Z
?ComputePolygonSmoothingFromEdgeSmoothing@FbxGeometryConverter@fbxsdk@@QEBA_NPEAVFbxMesh@2@H@Z
??0FbxGeometryConverter@fbxsdk@@QEAA@PEAVFbxManager@1@@Z
??1FbxGeometryConverter@fbxsdk@@QEAA@XZ
?cm@FbxSystemUnit@fbxsdk@@2V12@B
?DefaultConversionOptions@FbxSystemUnit@fbxsdk@@2UConversionOptions@12@B
?FbxBoolDT@fbxsdk@@3VFbxDataType@1@A
?FbxIntDT@fbxsdk@@3VFbxDataType@1@A
?FbxFloatDT@fbxsdk@@3VFbxDataType@1@A
?FbxHalfFloatDT@fbxsdk@@3VFbxDataType@1@A
?FbxDoubleDT@fbxsdk@@3VFbxDataType@1@A
?FbxDouble2DT@fbxsdk@@3VFbxDataType@1@A
?FbxDouble3DT@fbxsdk@@3VFbxDataType@1@A
?FbxDouble4DT@fbxsdk@@3VFbxDataType@1@A
?FbxEnumDT@fbxsdk@@3VFbxDataType@1@A
?FbxStringDT@fbxsdk@@3VFbxDataType@1@A
?FbxDistanceDT@fbxsdk@@3VFbxDataType@1@A
?FbxColor3DT@fbxsdk@@3VFbxDataType@1@A
?FbxColor4DT@fbxsdk@@3VFbxDataType@1@A
?FbxVisibilityDT@fbxsdk@@3VFbxDataType@1@A
?FbxTranslationDT@fbxsdk@@3VFbxDataType@1@A
?FbxRotationDT@fbxsdk@@3VFbxDataType@1@A
?FbxScalingDT@fbxsdk@@3VFbxDataType@1@A
?FbxQuaternionDT@fbxsdk@@3VFbxDataType@1@A
?FbxLocalTranslationDT@fbxsdk@@3VFbxDataType@1@A
?FbxLocalRotationDT@fbxsdk@@3VFbxDataType@1@A
?FbxLocalScalingDT@fbxsdk@@3VFbxDataType@1@A
?FbxCharPtrDT@fbxsdk@@3VFbxDataType@1@A
?FbxConeAngleDT@fbxsdk@@3VFbxDataType@1@A
?FbxFieldOfViewDT@fbxsdk@@3VFbxDataType@1@A
?FbxFieldOfViewXDT@fbxsdk@@3VFbxDataType@1@A
?FbxFieldOfViewYDT@fbxsdk@@3VFbxDataType@1@A
?FbxIntensityDT@fbxsdk@@3VFbxDataType@1@A
?FbxRealDT@fbxsdk@@3VFbxDataType@1@A
?FbxWeightDT@fbxsdk@@3VFbxDataType@1@A
?ClassId@FbxNode@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxAnimStack@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxSurfaceMaterial@fbxsdk@@2VFbxClassId@2@A
?sAmbient@FbxSurfaceMaterial@fbxsdk@@2PEBDEB
?sDiffuse@FbxSurfaceMaterial@fbxsdk@@2PEBDEB
?sNormalMap@FbxSurfaceMaterial@fbxsdk@@2PEBDEB
?sTransparentColor@FbxSurfaceMaterial@fbxsdk@@2PEBDEB
?sTransparencyFactor@FbxSurfaceMaterial@fbxsdk@@2PEBDEB
?ClassId@FbxAnimLayer@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxConstraint@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxCamera@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxFileTexture@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxLayeredTexture@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxSurfaceLambert@fbxsdk@@2VFbxClassId@2@A
?ClassId@FbxSurfacePhong@fbxsdk@@2VFbxClassId@2@A
??1?$FbxVectorTemplate2@N@fbxsdk@@QEAA@XZ
??0FbxVector2@fbxsdk@@QEAA@XZ
??1FbxVector2@fbxsdk@@QEAA@XZ
??1?$FbxVectorTemplate4@N@fbxsdk@@QEAA@XZ
??4?$FbxVectorTemplate4@N@fbxsdk@@QEAAAEAV01@AEBN@Z
??0FbxVector4@fbxsdk@@QEAA@XZ
??0FbxVector4@fbxsdk@@QEAA@AEBV01@@Z
??0FbxVector4@fbxsdk@@QEAA@NNNN@Z
??0FbxVector4@fbxsdk@@QEAA@AEBV?$FbxVectorTemplate3@N@1@@Z
??DFbxVector4@fbxsdk@@QEBA?AV01@N@Z
??GFbxVector4@fbxsdk@@QEBA?AV01@AEBV01@@Z
??8FbxVector4@fbxsdk@@QEBA_NAEBV01@@Z
?Length@FbxVector4@fbxsdk@@QEBANXZ
??1FbxVector4@fbxsdk@@QEAA@XZ
??0FbxAMatrix@fbxsdk@@QEAA@XZ
??0FbxAMatrix@fbxsdk@@QEAA@AEBV01@@Z
??1FbxAMatrix@fbxsdk@@QEAA@XZ
?GetQ@FbxAMatrix@fbxsdk@@QEBA?AVFbxQuaternion@2@XZ
?SetR@FbxAMatrix@fbxsdk@@QEAAXAEBVFbxVector4@2@@Z
??4FbxAMatrix@fbxsdk@@QEAAAEAV01@AEBV01@@Z
??XFbxAMatrix@fbxsdk@@QEAAAEAV01@AEBV01@@Z
?Inverse@FbxAMatrix@fbxsdk@@QEBA?AV12@XZ
??BFbxAMatrix@fbxsdk@@QEAAPEANXZ
??1?$FbxVectorTemplate3@N@fbxsdk@@QEAA@XZ
??4?$FbxVectorTemplate3@N@fbxsdk@@QEAAAEAV01@AEBN@Z
??1FbxQuaternion@fbxsdk@@QEAA@XZ
??AFbxQuaternion@fbxsdk@@QEAAAEANH@Z
?Is@FbxClassId@fbxsdk@@QEBA_NAEBV12@@Z
??0FbxSystemUnit@fbxsdk@@QEAA@NN@Z
??1FbxSystemUnit@fbxsdk@@QEAA@XZ
?ConvertScene@FbxSystemUnit@fbxsdk@@QEBAXPEAVFbxScene@2@AEBUConversionOptions@12@@Z
?GetScaleFactor@FbxSystemUnit@fbxsdk@@QEBANXZ
?GetScaleFactorAsString@FbxSystemUnit@fbxsdk@@QEBA?AVFbxString@2@_N@Z
??0FbxColor@fbxsdk@@QEAA@XZ
??1FbxColor@fbxsdk@@QEAA@XZ
?GetRotationOffset@FbxNode@fbxsdk@@QEBAAEBVFbxVector4@2@W4EPivotSet@12@@Z

optix.6.0.0

rtCommandListGetContext
rtCommandListExecute
rtCommandListFinalize
rtCommandListAppendPostprocessingStage
rtCommandListDestroy
rtCommandListCreate
rtPostProcessingStageQueryVariable
rtPostProcessingStageGetContext
rtPostProcessingStageDeclareVariable
rtPostProcessingStageDestroy
rtPostProcessingStageCreateBuiltin
rtBufferUnmapEx
rtBufferDestroy
rtBufferMapEx
rtBufferSetSize2D
rtBufferSetFormat
rtBufferGetContext
rtProgramGetVariable
rtProgramGetVariableCount
rtProgramRemoveVariable
rtProgramQueryVariable
rtProgramDeclareVariable
rtProgramGetContext
rtProgramValidate
rtProgramDestroy
rtProgramCreateFromPTXString
rtContextGetVariable
rtContextGetVariableCount
rtContextRemoveVariable
rtContextQueryVariable
rtContextDeclareVariable
rtContextSetMissProgram
rtContextSetRayTypeCount
rtContextSetExceptionProgram
rtContextSetRayGenerationProgram
rtContextSetEntryPointCount
rtContextGetDeviceCount
rtContextGetDevices
rtContextSetDevices
rtContextGetAttribute
rtContextGetErrorString
rtContextValidate
rtContextDestroy
rtContextCreate
rtVariableGetContext
rtVariableSetObject
rtVariableSet1ui
rtVariableSet1f
rtDeviceGetAttribute
rtDeviceGetDeviceCount
rtGlobalSetAttribute
rtBufferValidate
rtBufferCreate

openimagedenoise

oidnSetFilter1b
oidnCommitFilter
oidnSetSharedFilterImage
oidnReleaseFilter
oidnNewFilter
oidnCommitDevice
oidnGetDeviceError
oidnReleaseDevice
oidnNewDevice
oidnExecuteFilter

openrl

rlUniformp
rlUniformBlockBuffer
rlUniform4f
rlUniform3f
rlUniform2fv
rlUniform2f
rlGetError
rlGenFramebuffers
rlGetIntegerv
rlGenBuffers
rlDrawElements
rlDeleteFramebuffers
rlGetProgramString
rlGetShaderString
rlUseProgram
rlMapBuffer
rlUnmapBuffer
rlViewport
rlBindFramebuffer
rlFramebufferTexture2D
rlFrameParameter1i
rlUniform4fv
rlPrimitiveParameter1i
rlBindBuffer
rlBufferData
rlBufferParameterString
rlCheckFramebufferStatus
rlUniform1iv
rlUniform1fv
rlShaderString
rlShaderSource
rlProgramString
rlLinkProgram
rlGetUniformBlockIndex
rlGetUniformBlockFieldOffset
rlGetShaderiv
rlGetProgramiv
rlGetAttribLocation
rlGetActiveUniformBlockField
rlGetActiveUniformBlock
rlGetActiveUniform
rlCreateShader
rlCreateProgram
rlCompileShader
OpenRLSetCurrentContext
OpenRLDestroyContext
OpenRLCreateContext
rlVertexAttribBuffer
rlTexParameterString
rlTexParameteri
rlTexImage2D
rlPrimitiveParameterString
rlPrimitiveParameterMatrixf
rlPixelStorei
rlGenTextures
rlGenPrimitives
rlDeleteTextures
rlDeletePrimitives
rlBindTexture
rlUniformMatrix4fv
rlUniformt
rlUniform3fv
rlUniform1i
rlUniform1f
rlRenderFrame
rlGetUniformLocation
rlGetLongv
rlClearColor
rlClear
rlBindPrimitive
rlAttachShader
rlDeleteBuffers

umbraoptimizer64

?getTome@Task@Umbra@@QEBAPEBVTome@2@PEAXI@Z
?getTomeSize@Task@Umbra@@QEBAIXZ
?getErrorString@Task@Umbra@@QEAAPEBDXZ
?getError@Task@Umbra@@QEAA?AW4Error@12@XZ
?getProgress@Task@Umbra@@QEAAMXZ
?isFinished@Task@Umbra@@QEAA_NXZ
?waitForFinish@Task@Umbra@@QEAAXXZ
?abort@Task@Umbra@@QEAAXXZ
?start@Task@Umbra@@QEAAXPEBD0@Z
?setCacheSize@Task@Umbra@@QEAAXH@Z
?visualize@Task@Umbra@@QEBAXW4VisualizationFlags@12@PEAVDebugRenderer@2@@Z
?release@Task@Umbra@@QEAAXXZ
?create@Task@Umbra@@SAPEAV12@PEAVScene@2@PEBVVector3@2@1PEAVAllocator@2@@Z
??1ComputationParams@Umbra@@QEAA@XZ
??0ComputationParams@Umbra@@QEAA@PEAVAllocator@1@@Z
?setParam@ComputationParams@Umbra@@QEAA_NW4ParamName@12@I@Z
?setParam@ComputationParams@Umbra@@QEAA_NW4ParamName@12@M@Z
?insertViewVolume@Scene@Umbra@@QEAAPEBVSceneVolume@2@AEBVVector3@2@0I@Z
?insertObject@Scene@Umbra@@QEAAPEBVSceneObject@2@PEBVSceneModel@2@AEBVMatrix4x4@2@IIW4MatrixFormat@2@W4TriangleWinding@2@PEBVVector2@2@PEBVVector3@2@5@Z
?insertModel@Scene@Umbra@@QEAAPEBVSceneModel@2@PEBMPEBIHHHM@Z
?release@Scene@Umbra@@QEAAXXZ
?create@Scene@Umbra@@SAPEAV12@PEBD@Z
?setComputationParams@Task@Umbra@@QEAAXAEBVComputationParams@2@@Z

libcef

cef_parse_url
cef_api_hash
cef_browser_host_create_browser
cef_log
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_list_free
cef_do_message_loop_work
cef_shutdown
cef_initialize
cef_execute_process
cef_register_scheme_handler_factory
cef_string_list_copy
cef_string_utf8_to_utf16
cef_string_list_alloc
cef_process_message_create
cef_string_userfree_utf16_free
cef_stream_reader_create_for_data
cef_post_task
cef_currently_on
cef_string_map_size
cef_cookie_manager_get_global_manager
cef_string_map_alloc
cef_string_map_free
cef_string_multimap_alloc
cef_string_multimap_free
cef_string_utf8_clear
cef_string_utf16_clear
cef_string_utf16_to_utf8
cef_time_to_timet
cef_string_utf16_cmp
cef_time_from_timet
cef_string_ascii_to_utf16
cef_string_utf16_set

freeimage

FreeImage_LoadFromMemory
FreeImage_OpenMemory
FreeImage_Unload
FreeImage_AllocateT
FreeImage_SaveToMemory
FreeImage_AcquireMemory
FreeImage_GetFileTypeFromMemory
FreeImage_GetBits
FreeImage_GetImageType
FreeImage_GetBPP
FreeImage_GetWidth
FreeImage_GetHeight
FreeImage_GetPitch
FreeImage_GetColorType
FreeImage_ConvertTo24Bits
FreeImage_ConvertTo32Bits
FreeImage_ColorQuantize
FreeImage_ConvertFromRawBits
FreeImage_ConvertToStandardType
FreeImage_PreMultiplyWithAlpha
FreeImage_Save
FreeImage_CloseMemory
FreeImage_Initialise

hid

HidD_FreePreparsedData
HidD_GetProductString
HidD_GetManufacturerString
HidD_GetSerialNumberString
HidD_GetAttributes
HidP_GetCaps
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidP_GetData
HidP_SetUsages
HidP_SetUsageValue
HidD_GetPreparsedData
HidD_GetHidGuid

ispc_texcomp

GetProfile_alpha_basic
GetProfile_alpha_slow
GetProfile_alpha_ultrafast
GetProfile_slow
GetProfile_ultrafast
CompressBlocksASTC
GetProfile_astc_alpha_slow
GetProfile_astc_alpha_fast
GetProfile_astc_fast
CompressBlocksBC7
CompressBlocksBC6H
CompressBlocksBC3
CompressBlocksBC1
GetProfile_bc6h_veryslow
GetProfile_bc6h_slow
GetProfile_bc6h_veryfast
GetProfile_basic

winpixeventruntime

PIXEventsReplaceBlock
PIXGetThreadInfo

kernel32

GetModuleHandleExA
SetThreadIdealProcessor
GetStringTypeW
ReadConsoleInputW
RtlUnwindEx
GetModuleHandleExW
ExitProcess
UnregisterWaitEx
QueryDepthSList
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
GetVersionExW
lstrcmpA
LoadLibraryExA
ExpandEnvironmentStringsA
InitializeCriticalSectionEx
FlushConsoleInputBuffer
GlobalMemoryStatus
GetFileType
ExitThread
InterlockedFlushSList
CreateWaitableTimerA
OpenEventA
GetCommandLineA
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
SetThreadAffinityMask
GetProcessAffinityMask
GetNativeSystemInfo
CreateSemaphoreExW
CreateMutexExW
IsDebuggerPresent
GetThreadId
AreFileApisANSI
HeapCreate
GetDiskFreeSpaceW
GetFullPathNameA
UnlockFileEx
CreateMutexW
HeapValidate
HeapSize
GetDiskFreeSpaceA
DeleteFileA
HeapReAlloc
HeapCompact
HeapDestroy
CreateFileMappingW
OpenMutexA
FlushViewOfFile
MapViewOfFileEx
GetVersion
SignalObjectAndWait
UnlockFile
LockFileEx
LockFile
GetFileSize
GetFileInformationByHandle
GetTimeZoneInformation
GetLocalTime
TryEnterCriticalSection
AttachConsole
CreateFileMappingA
CreateSemaphoreA
GetDriveTypeW
MapViewOfFile
ReleaseMutex
GetWindowsDirectoryW
QueryPerformanceFrequency
GetTickCount
ResetEvent
CancelIo
Module32Next
Module32First
K32GetProcessMemoryInfo
GetSystemPowerStatus
GetComputerNameW
GetSystemDirectoryA
GlobalMemoryStatusEx
OutputDebugStringW
DebugBreak
ExpandEnvironmentStringsW
GetUserDefaultUILanguage
ReadProcessMemory
GetThreadContext
CreateMutexA
GetShortPathNameW
GetFileAttributesA
GetCurrentDirectoryA
GetModuleFileNameA
RtlVirtualUnwind
RtlLookupFunctionEntry
LocalAlloc
GetSystemTimeAsFileTime
GetErrorMode
SetUnhandledExceptionFilter
RtlCaptureContext
ChangeTimerQueueTimer
ReplaceFileW
CopyFileW
GetSystemTime
SetFileTime
SetFilePointerEx
SetFilePointer
SetEndOfFile
GetFileAttributesExW
GetDiskFreeSpaceExW
FindFirstFileExW
GetCommandLineW
SetErrorMode
CreateTimerQueueTimer
VirtualQuery
FlushInstructionCache
GetThreadPriority
SetThreadPriority
SwitchToThread
RaiseException
GetThreadTimes
SetDllDirectoryW
VirtualProtect
GetSystemInfo
LoadLibraryExW
VerifyVersionInfoA
QueueUserAPC
WaitForMultipleObjects
SetWaitableTimer
CreateEventW
SleepEx
InitializeCriticalSectionAndSpinCount
SetLastError
MoveFileExW
QueryPerformanceCounter
VerifyVersionInfoW
lstrlenW
lstrcmpW
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetProcessHeap
HeapFree
HeapAlloc
VerSetConditionMask
GetFileSizeEx
GetNamedPipeServerProcessId
GetNamedPipeClientProcessId
CreateNamedPipeA
SetNamedPipeHandleState
SetCurrentDirectoryA
GetTempPathA
GetTempPathW
RemoveDirectoryW
GetTempFileNameW
DeleteFileW
CreateDirectoryW
CreateDirectoryA
K32GetModuleFileNameExA
GetTickCount64
CancelIoEx
GetOverlappedResult
DeviceIoControl
CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe
CreateFileA
CreateEventExW
OpenProcess
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
SetHandleInformation
GlobalFree
Thread32Next
Thread32First
Process32Next
Process32First
CreateToolhelp32Snapshot
MoveFileA
FindResourceA
FormatMessageW
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
CreateProcessW
ResumeThread
SuspendThread
OpenThread
GetExitCodeProcess
TerminateProcess
PeekNamedPipe
CreatePipe
DuplicateHandle
SearchPathW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetEnvironmentVariableW
SetStdHandle
GetStdHandle
SetFileAttributesW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
GetCurrentThread
GetCurrentProcess
RtlCaptureStackBackTrace
OutputDebugStringA
WriteFile
ReadFile
FlushFileBuffers
CreateFileW
LoadLibraryA
VirtualFree
VirtualAlloc
TlsFree
TlsAlloc
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetEnvironmentVariableA
FindNextFileA
FindFirstFileA
FindClose
TerminateThread
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
GetCurrentProcessId
CreateSemaphoreW
Sleep
WaitForSingleObjectEx
ReleaseSemaphore
CloseHandle
TlsSetValue
GetLastError
TlsGetValue
DeleteTimerQueueTimer
GetLogicalProcessorInformation
CreateTimerQueue
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
DecodePointer
EncodePointer
RtlPcToFileHeader
GetProcessId
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetConsoleCtrlHandler
HeapQueryInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetEnvironmentVariableW
SetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
UnmapViewOfFile
RtlUnwind

user32

UnregisterClassW
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SendMessageTimeoutA
RegisterWindowMessageA
GetUserObjectInformationA
GetThreadDesktop
CreateIconIndirect
DestroyCursor
MessageBoxA
EnumDisplayDevicesA
GetDesktopWindow
CreateWindowExA
EnumDisplaySettingsW
SetCursorPos
LoadIconA
MessageBoxW
UpdateLayeredWindow
RegisterClassExW
MonitorFromPoint
EnumWindows
SetWindowTextA
SendMessageA
AdjustWindowRectEx
GetWindowInfo
SystemParametersInfoW
LoadCursorA
GetWindow
GetWindowThreadProcessId
EnumChildWindows
SetParent
GetParent
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
FillRect
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
RegisterClassW
CopyRect
GetKeyboardLayoutNameW
GetMessagePos
GetMessageTime
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetDoubleClickTime
GetAsyncKeyState
GetKeyNameTextW
GetRawInputData
GetRawInputDeviceInfoW
RegisterRawInputDevices
GetRawInputDeviceList
GetMonitorInfoW
GetProcessWindowStation
SetCursor
GetUserObjectInformationW
SetDlgItemTextA
MessageBeep
EnumDisplaySettingsA
GetCaretBlinkTime
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
DefWindowProcA
PostQuitMessage
CreateWindowExW
DestroyWindow
ShowWindowAsync
GetForegroundWindow
SendMessageW
RegisterWindowMessageW
DispatchMessageW
PeekMessageA
PeekMessageW
RegisterDeviceNotificationA
ShowWindow
FlashWindow
CreateDialogParamW
GetDlgItem
SetDlgItemTextW
SendDlgItemMessageW
GetKeyState
EnableWindow
GetSystemMetrics
UpdateWindow
SetActiveWindow
GetDC
ReleaseDC
SetWindowTextW
ShowCursor
GetCursorPos
ClipCursor
OffsetRect
GetClassNameA
DestroyIcon
DrawIconEx
IsDialogMessageW
MonitorFromWindow
GetMonitorInfoA
EnumDisplayMonitors
GetCursorInfo
GetKeyboardLayout
TrackMouseEvent
GetMessageExtraInfo
DefWindowProcW
IsWindow
SetLayeredWindowAttributes
SetWindowPos
IsWindowVisible
IsIconic
IsZoomed
DialogBoxParamW
EndDialog
SendDlgItemMessageA
RegisterClipboardFormatA
SetFocus
GetFocus
VkKeyScanExW
SetCapture
ReleaseCapture
IsWindowEnabled
CreateAcceleratorTableA
DestroyAcceleratorTable
GetMenu
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
GetMenuItemCount
AppendMenuA
DeleteMenu
TrackPopupMenuEx
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
DrawTextW
SetForegroundWindow
AllowSetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
ValidateRect
RedrawWindow
GetClientRect
GetWindowRect

gdi32

SetPixelFormat
ChoosePixelFormat
SwapBuffers
DeleteDC
BitBlt
CreateBitmap
CreateCompatibleDC
DeleteObject
GetDIBits
GetPixel
SelectObject
CreateSolidBrush
SetPixel
CreateDIBSection
GetDeviceCaps

advapi32

CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
ReportEventW
RegisterEventSourceW
DeregisterEventSource
CryptGenRandom
CryptAcquireContextA
RegSetValueExW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthority
OpenProcessToken
GetUserNameW
GetUserNameA
EventUnregister
EventRegister
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyW
LookupAccountNameA
GetFileSecurityA
SetFileSecurityA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
GetLengthSid
GetAclInformation
GetAce
EventWrite
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptAcquireContextW
CryptReleaseContext
CryptGenKey
AddAce
AddAccessAllowedAce
EqualSid

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetFileInfoW
SHCreateShellItem
ord74
SHParseDisplayName
ShellExecuteW
ord680
SHFileOperationW
FindExecutableW
ShellExecuteExW
CommandLineToArgvW

shlwapi

ord219
PathIsDirectoryW
PathFileExistsW
PathCanonicalizeW
PathIsDirectoryEmptyW
SHDeleteKeyW
PathCombineW

ole32

CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoInitialize
CoLockObjectExternal
CoCreateInstance
CLSIDFromProgID
CoRegisterMessageFilter
CreateBindCtx
GetRunningObjectTable
OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
DoDragDrop
ReleaseStgMedium
PropVariantClear
PropVariantCopy
StringFromGUID2
CoSetProxyBlanket
CoCreateGuid

opengl32

wglCreateContext
wglDeleteContext
wglGetCurrentContext
wglGetCurrentDC
wglMakeCurrent
wglGetProcAddress

glu32

gluTessCallback
gluTessEndPolygon
gluNewTess
gluDeleteTess
gluTessBeginPolygon
gluTessBeginContour
gluTessVertex
gluTessEndContour

imm32

ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmGetConversionStatus
ImmSetOpenStatus
ImmGetContext

iphlpapi

GetAdaptersAddresses
GetIpAddrTable

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo
CM_Get_Parent
SetupDiOpenDeviceInfoA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDA

winhttp

WinHttpGetIEProxyConfigForCurrentUser

winmm

waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
timeGetTime
waveOutReset
waveOutGetDevCapsW
waveInGetNumDevs
waveInUnprepareHeader
waveInPrepareHeader
waveInClose
waveOutGetDevCapsA
timeEndPeriod
timeBeginPeriod
waveOutGetPosition
waveOutGetNumDevs
waveInReset
waveOutWrite
waveInOpen
waveInGetDevCapsW
waveInGetDevCapsA
waveInStart
waveInAddBuffer

bcrypt

BCryptGenRandom

sketchupapi

SUComponentDefinitionGetName
SUStringGetUTF8
SUStringGetUTF8Length
SUStringRelease
SUStringCreate
SUTerminate
SUInitialize
SUImageRepRelease
SULayerGetVisibility
SUComponentDefinitionGetEntities
SUFaceToDrawingElement
SUFaceGetFrontMaterial
SUFaceGetBackMaterial
SUFaceGetUVHelper
SUFaceGetUVHelperWithTextureHandle
SUTextureWriterCreate
SUTextureWriterRelease
SUTextureWriterLoadEntity
SUTextureWriterLoadFace
SUTextureWriterWriteTexture
SUMeshHelperCreateWithTextureWriter
SUMeshHelperRelease
SUMeshHelperGetNumTriangles
SUMeshHelperGetNumVertices
SUMeshHelperGetVertexIndices
SUMeshHelperGetVertices
SUMeshHelperGetNormals
SUModelCreateFromFile
SUModelRelease
SUModelGetEntities
SUModelGetNumScenes
SUModelGetNumLayers
SUModelGetLayers
SUModelGetLocation
SUModelGetNorthCorrection
SUModelMergeCoplanarFaces
SUModelGetScenes
SUModelGetName
SUCameraGetOrientation
SUCameraGetPerspectiveFrustumFOV
SUCameraGetAspectRatio
SUCameraGetOrthographicFrustumHeight
SUCameraGetPerspective
SUCameraGetFOVIsHeight
SUCameraGetImageWidth
SUCameraGet2D
SUCameraGetCenter2D
SUComponentInstanceToEntity
SUComponentInstanceFromEntity
SUComponentInstanceToDrawingElement
SUComponentInstanceGetName
SUComponentInstanceGetTransform
SUComponentInstanceGetDefinition
SUDrawingElementGetMaterial
SUDrawingElementGetLayer
SUDrawingElementGetHidden
SUEntitiesGetNumFaces
SUEntitiesGetFaces
SUEntitiesGetNumGroups
SUEntitiesGetGroups
SUEntitiesGetNumImages
SUEntitiesGetImages
SUEntitiesGetNumInstances
SUEntitiesGetInstances
SUEntityGetType
SUGroupToEntity
SUGroupFromEntity
SUGroupToDrawingElement
SUGroupGetName
SUGroupGetTransform
SUGroupGetEntities
SUImageToEntity
SUImageFromEntity
SUImageToDrawingElement
SUImageGetName
SUImageGetTransform
SUImageGetFileName
SUImageGetPixelDimensions
SULayerGetName
SULocationGetLatLong
SUMaterialGetName
SUMaterialGetColor
SUMaterialGetTexture
SUMaterialGetOpacity
SUMaterialGetUseOpacity
SUMaterialGetType
SUSceneGetCamera
SUSceneGetName
SUTextureCreateFromImageRep
SUTextureWriteToFile
SUTextureGetFileName
SUTextureGetUseAlphaChannel
SUTextureGetColorizedImageRep
SUUVHelperRelease
SUUVHelperGetFrontUVQ
SUUVHelperGetBackUVQ
SUImageRepCreate

oleaut32

VariantChangeType
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayDestroy
SysFreeString
SysAllocString
VariantInit

wintrust

WinVerifyTrust
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain

ws2_32

setsockopt
WSAStartup
WSACleanup
WSASetLastError
WSAGetLastError
WSAIoctl
WSARecv
getsockopt
WSASocketW
WSAStringToAddressW
inet_addr
inet_ntoa
recvfrom
send
sendto
shutdown
socket
gethostname
WSASocketA
getaddrinfo
freeaddrinfo
getnameinfo
ntohs
getprotobyname
WSARecvFrom
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSASetEvent
WSAWaitForMultipleEvents
WSAAsyncGetHostByName
getsockname
WSACancelAsyncRequest
gethostbyaddr
WSASendDisconnect
getpeername
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
gethostbyname
htons
select
ntohl
listen
recv
htonl
WSASend

mswsock

AcceptEx
GetAcceptExSockaddrs

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeW

Exports

Exports

GetNvClothAllocator
GetNvClothAssertHandler
InitializeNvCloth
PAL_Debug_IsDebuggerAttached
PAL_Identification_GetPlatformName
PAL_Memory_AlignedAllocate
PAL_Memory_AlignedFree
PAL_Memory_AlignedReallocate
PAL_Memory_Allocate
PAL_Memory_AllocatePages
PAL_Memory_AllocatePagesAligned
PAL_Memory_Free
PAL_Memory_GetPageSizeInfo
PAL_Memory_Reallocate
PAL_Memory_ReleasePages
PAL_Memory_SetPageState
PAL_Monitor_Create
PAL_Monitor_Free
PAL_Monitor_Lock
PAL_Monitor_Notify
PAL_Monitor_NotifyAll
PAL_Monitor_TryLock
PAL_Monitor_Unlock
PAL_Monitor_Wait
PAL_Process_Abort
PAL_Semaphore_Create
PAL_Semaphore_Free
PAL_Semaphore_Post
PAL_Semaphore_Wait
PAL_TLS_Alloc
PAL_TLS_Free
PAL_Thread_ConfigCreate
PAL_Thread_Create
PAL_Thread_GetCurrentThreadId
PAL_Thread_GetId
PAL_Thread_Join
PAL_Thread_SupportsThreads
PAL_Thread_YieldExecution
PAL_Timer_GetHighPrecisionTimerTicks
PAL_Timer_GetTicksToNanosecondsConversionRatio
PAL_Timer_GetTimeSinceStartupInSeconds
PAL_Timer_WaitForAtLeast
g_Detail_ToNanosecondsConversionFactor

Sections

.text
Size: 73.5MB - Virtual size: 73.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39.2MB - Virtual size: 39.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.6MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

5e9a1fb9fb6dbe5837ebbeeae609b7c0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

03:88:3b:fb:88:38:ac:27:c4:5b:74:c5:0f:42:b2:5bCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

ec:91:9e:e2:12:dc:c9:ff:1e:32:e3:b5:c7:78:fd:b7:ac:e7:b4:5eSigner

Signature Validations

Verification

12-12-2019 07:39 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

libfbxsdk

optix.6.0.0

openimagedenoise

openrl

umbraoptimizer64

libcef

freeimage

hid

ispc_texcomp

winpixeventruntime

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

opengl32

glu32

imm32

iphlpapi

setupapi

winhttp

winmm

bcrypt

sketchupapi

oleaut32

wintrust

ws2_32

mswsock

version

Exports

Exports

Sections

.text Size: 73.5MB - Virtual size: 73.5MB

.rdata Size: 39.2MB - Virtual size: 39.2MB

.data Size: 3.6MB - Virtual size: 5.3MB

.pdata Size: 3.3MB - Virtual size: 3.3MB

.rodata Size: 3KB - Virtual size: 2KB

_RDATA Size: 44KB - Virtual size: 44KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 389KB - Virtual size: 389KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

03:88:3b:fb:88:38:ac:27:c4:5b:74:c5:0f:42:b2:5b
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

ec:91:9e:e2:12:dc:c9:ff:1e:32:e3:b5:c7:78:fd:b7:ac:e7:b4:5e
Signer

12-12-2019 07:39
Valid: false

.text
Size: 73.5MB - Virtual size: 73.5MB

.rdata
Size: 39.2MB - Virtual size: 39.2MB

.data
Size: 3.6MB - Virtual size: 5.3MB

.pdata
Size: 3.3MB - Virtual size: 3.3MB

.rodata
Size: 3KB - Virtual size: 2KB

_RDATA
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 389KB - Virtual size: 389KB