Static task
static1
Behavioral task
behavioral1
Sample
Protocol-11.03.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
Protocol-11.03.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
Protocol-11.03.exe
-
Size
6.4MB
-
MD5
0ecbf46d12168d6f95bc77c5c3b02a4a
-
SHA1
a1c5cb124ff95ea1be832de36feac16f97ff3f27
-
SHA256
02b8574d072c593576cf33218232a3e5d8c31d4519150dff1a152a7251400b03
-
SHA512
bd1f37442164c1e65c197933b32ae8d8dabba01a6539d4dc17f1f5da75b0df20d603b70e20c62ec76084bedba002c949855f713a8842847bd945e7a076323ddf
-
SSDEEP
24576:KRCsxVsQxpXRwJT6ysMXUZCk7KGRMkmyZyy7pGU3+bfUh++G5lD:As+p9zMEok7ZNUUGUZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Protocol-11.03.exe
Files
-
Protocol-11.03.exe.exe windows x64
5dc19191b4977cfe52c44230b2e08b82
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
libprotobuf
?CheckedSsizeTFromSizeT@StringPiece@protobuf@google@@CA_J_K@Z
?Set@ArenaStringPtr@internal@protobuf@google@@QEAAXUEmptyDefault@1234@$$QEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAVArena@34@@Z
?UnpackTo@Any@protobuf@google@@QEBA_NPEAVMessage@23@@Z
?SerializeToString@MessageLite@protobuf@google@@QEBA_NPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ParseFromArray@MessageLite@protobuf@google@@QEAA_NPEBXH@Z
?EnsureSpace@EpsCopyOutputStream@io@protobuf@google@@QEAAPEAEPEAE@Z
?WriteRaw@EpsCopyOutputStream@io@protobuf@google@@QEAAPEAEPEBXHPEAE@Z
?WriteStringMaybeAliased@EpsCopyOutputStream@io@protobuf@google@@QEAAPEAEIAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAE@Z
?WriteBytesMaybeAliased@EpsCopyOutputStream@io@protobuf@google@@QEAAPEAEIAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAE@Z
?TagSize@EpsCopyOutputStream@io@protobuf@google@@CAHI@Z
?WriteLengthDelim@EpsCopyOutputStream@io@protobuf@google@@AEAAPEAEHIPEAE@Z
?Encode32@EpsCopyOutputStream@io@protobuf@google@@CAII@Z
?Encode64@EpsCopyOutputStream@io@protobuf@google@@CA_K_K@Z
?WriteVarint32ToArray@CodedOutputStream@io@protobuf@google@@SAPEAEIPEAE@Z
?AllocateInternal@Arena@protobuf@google@@AEAAPEAX_K0P6AXPEAX@ZPEBVtype_info@@@Z
??0ArenaStringPtr@internal@protobuf@google@@QEAA@PEBV?$ExplicitlyConstructed@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@123@@Z
?Get@ArenaStringPtr@internal@protobuf@google@@QEBAAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?UnsafeSetDefault@ArenaStringPtr@internal@protobuf@google@@QEAAXPEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?DestroyNoArena@ArenaStringPtr@internal@protobuf@google@@QEAAXPEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetEmptyStringAlreadyInited@internal@protobuf@google@@YAAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetArena@MessageLite@protobuf@google@@QEBAPEAVArena@23@XZ
?InternalGetTable@MessageLite@protobuf@google@@EEBAPEBXXZ
??1RepeatedPtrFieldBase@internal@protobuf@google@@IEAA@XZ
?GetArena@RepeatedPtrFieldBase@internal@protobuf@google@@IEBAPEAVArena@34@XZ
??0RepeatedPtrFieldBase@internal@protobuf@google@@IEAA@XZ
??0RepeatedPtrFieldBase@internal@protobuf@google@@IEAA@PEAVArena@23@@Z
?size@RepeatedPtrFieldBase@internal@protobuf@google@@IEBAHXZ
?MergeFromInternal@RepeatedPtrFieldBase@internal@protobuf@google@@AEAAXAEBV1234@P81234@EAAXPEAPEAX1HH@Z@Z
?raw_data@RepeatedPtrFieldBase@internal@protobuf@google@@IEBAPEBQEAXXZ
?WriteTagToArray@WireFormatLite@internal@protobuf@google@@SAPEAEHW4WireType@1234@PEAE@Z
?WriteInt32ToArray@WireFormatLite@internal@protobuf@google@@SAPEAEHHPEAE@Z
?WriteInt64ToArray@WireFormatLite@internal@protobuf@google@@SAPEAEH_JPEAE@Z
?WriteUInt32ToArray@WireFormatLite@internal@protobuf@google@@SAPEAEHIPEAE@Z
?WriteUInt64ToArray@WireFormatLite@internal@protobuf@google@@SAPEAEH_KPEAE@Z
?descriptor_table_google_2fprotobuf_2fany_2eproto@@3UDescriptorTable@internal@protobuf@google@@B
?WriteFloatToArray@WireFormatLite@internal@protobuf@google@@SAPEAEHMPEAE@Z
?WriteDoubleToArray@WireFormatLite@internal@protobuf@google@@SAPEAEHNPEAE@Z
?WriteBoolToArray@WireFormatLite@internal@protobuf@google@@SAPEAEH_NPEAE@Z
?Int32Size@WireFormatLite@internal@protobuf@google@@SA_KH@Z
?Int64Size@WireFormatLite@internal@protobuf@google@@SA_K_J@Z
?UInt32Size@WireFormatLite@internal@protobuf@google@@SA_KI@Z
?UInt64Size@WireFormatLite@internal@protobuf@google@@SA_K_K@Z
?StringSize@WireFormatLite@internal@protobuf@google@@SA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?BytesSize@WireFormatLite@internal@protobuf@google@@SA_KAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LengthDelimitedSize@WireFormatLite@internal@protobuf@google@@SA_K_K@Z
?PushLimit@EpsCopyInputStream@internal@protobuf@google@@QEAAHPEBDH@Z
?PopLimit@EpsCopyInputStream@internal@protobuf@google@@QEAA_NH@Z
?SetLastTag@EpsCopyInputStream@internal@protobuf@google@@QEAAXI@Z
?DataAvailable@EpsCopyInputStream@internal@protobuf@google@@QEAA_NPEBD@Z
?Done@ParseContext@internal@protobuf@google@@QEAA_NPEAPEBD@Z
?Get@CachedSize@internal@protobuf@google@@QEBAHXZ
?Set@CachedSize@internal@protobuf@google@@QEAAXH@Z
?PackFrom@Any@protobuf@google@@QEAA_NAEBVMessage@23@@Z
??1UnknownFieldSet@protobuf@google@@QEAA@XZ
?Clear@UnknownFieldSet@protobuf@google@@QEAAXXZ
??0Message@protobuf@google@@QEAA@XZ
?GetReflection@Message@protobuf@google@@QEBAPEBVReflection@23@XZ
??0Message@protobuf@google@@IEAA@PEAVArena@12@@Z
??1Message@protobuf@google@@UEAA@XZ
?GetCachedSize@Any@protobuf@google@@UEBAHXZ
??0CachedSize@internal@protobuf@google@@QEAA@XZ
??$CreateMaybeMessage@VAny@protobuf@google@@$$V@Arena@protobuf@google@@CAPEAVAny@12@PEAV012@@Z
??0?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEAA@PEAVArena@12@@Z
??0?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEAA@XZ
??1?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEAA@XZ
?size@?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEBAHXZ
?Get@?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEBAAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?Add@?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEAAPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?Clear@?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEAAXXZ
?MergeFrom@?$RepeatedPtrField@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@protobuf@google@@QEAAXAEBV123@@Z
?InitializationErrorString@Message@protobuf@google@@UEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?DiscardUnknownFields@Message@protobuf@google@@UEAAXXZ
?SpaceUsedLong@Message@protobuf@google@@UEBA_KXZ
?GetTypeName@Message@protobuf@google@@UEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?CheckTypeAndMergeFrom@Message@protobuf@google@@UEAAXAEBVMessageLite@23@@Z
?_Any_default_instance_@protobuf@google@@3UAnyDefaultTypeInternal@12@A
??0?$RepeatedField@I@protobuf@google@@QEAA@PEAVArena@12@@Z
??0?$RepeatedField@I@protobuf@google@@QEAA@XZ
??1?$RepeatedField@I@protobuf@google@@QEAA@XZ
?size@?$RepeatedField@I@protobuf@google@@QEBAHXZ
?Add@?$RepeatedField@I@protobuf@google@@QEAAXAEBI@Z
?Clear@?$RepeatedField@I@protobuf@google@@QEAAXXZ
?MergeFrom@?$RepeatedField@I@protobuf@google@@QEAAXAEBV123@@Z
?data@?$RepeatedField@I@protobuf@google@@QEBAPEBIXZ
?MergeFrom@UnknownFieldSet@protobuf@google@@QEAAXAEBV123@@Z
?default_instance@UnknownFieldSet@protobuf@google@@SAAEBV123@XZ
??0?$RepeatedField@M@protobuf@google@@QEAA@PEAVArena@12@@Z
??0?$RepeatedField@M@protobuf@google@@QEAA@XZ
??1?$RepeatedField@M@protobuf@google@@QEAA@XZ
?size@?$RepeatedField@M@protobuf@google@@QEBAHXZ
?Add@?$RepeatedField@M@protobuf@google@@QEAAXAEBM@Z
?Clear@?$RepeatedField@M@protobuf@google@@QEAAXXZ
?MergeFrom@?$RepeatedField@M@protobuf@google@@QEAAXAEBV123@@Z
?data@?$RepeatedField@M@protobuf@google@@QEBAPEBMXZ
?VerifyUtf8String@WireFormatLite@internal@protobuf@google@@SA_NPEBDHW4Operation@1234@0@Z
?UInt32Size@WireFormatLite@internal@protobuf@google@@SA_KAEBV?$RepeatedField@I@34@@Z
?UInt64Size@WireFormatLite@internal@protobuf@google@@SA_KAEBV?$RepeatedField@_K@34@@Z
?VerifyUTF8@internal@protobuf@google@@YA_NVStringPiece@23@PEBD@Z
?ReadSizeFallback@internal@protobuf@google@@YA?AU?$pair@PEBDH@std@@PEBDI@Z
??0LogMessage@internal@protobuf@google@@QEAA@W4LogLevel@23@PEBDH@Z
??1LogMessage@internal@protobuf@google@@QEAA@XZ
??6LogMessage@internal@protobuf@google@@QEAAAEAV0123@PEBD@Z
?PackedUInt64Parser@internal@protobuf@google@@YAPEBDPEAXPEBDPEAVParseContext@123@@Z
?ReadTagFallback@internal@protobuf@google@@YA?AU?$pair@PEBDI@std@@PEBDI@Z
?Set@ArenaStringPtr@internal@protobuf@google@@QEAAXUEmptyDefault@1234@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAVArena@34@@Z
?Mutable@ArenaStringPtr@internal@protobuf@google@@QEAAPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEmptyDefault@1234@PEAVArena@34@@Z
?ClearToEmpty@ArenaStringPtr@internal@protobuf@google@@QEAAXXZ
?Reserve@RepeatedPtrFieldBase@internal@protobuf@google@@IEAAXH@Z
?Merge@ReflectionOps@internal@protobuf@google@@SAXAEBVMessage@34@PEAV534@@Z
?InlineGreedyStringParser@internal@protobuf@google@@YAPEBDPEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDPEAVParseContext@123@@Z
?PackedDoubleParser@internal@protobuf@google@@YAPEBDPEAXPEBDPEAVParseContext@123@@Z
?PackedUInt32Parser@internal@protobuf@google@@YAPEBDPEAXPEBDPEAVParseContext@123@@Z
?ComputeUnknownFieldsSize@internal@protobuf@google@@YA_KAEBVInternalMetadata@123@_KPEAVCachedSize@123@@Z
??0AddDescriptorsRunner@internal@protobuf@google@@QEAA@PEBUDescriptorTable@123@@Z
?InternalSerializeUnknownFieldsToArray@WireFormat@internal@protobuf@google@@SAPEAEAEBVUnknownFieldSet@34@PEAEPEAVEpsCopyOutputStream@io@34@@Z
?fixed_address_empty_string@internal@protobuf@google@@3V?$ExplicitlyConstructed@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@123@A
?VarintParseSlow64@internal@protobuf@google@@YA?AU?$pair@PEBD_K@std@@PEBDI@Z
?VarintParseSlow32@internal@protobuf@google@@YA?AU?$pair@PEBDI@std@@PEBDI@Z
?UnknownFieldParse@internal@protobuf@google@@YAPEBD_KPEAVUnknownFieldSet@23@PEBDPEAVParseContext@123@@Z
??4LogFinisher@internal@protobuf@google@@QEAAXAEAVLogMessage@123@@Z
?PackedFloatParser@internal@protobuf@google@@YAPEBDPEAXPEBDPEAVParseContext@123@@Z
?AssignDescriptors@internal@protobuf@google@@YAXPEBUDescriptorTable@123@_N@Z
??0?$RepeatedField@_K@protobuf@google@@QEAA@PEAVArena@12@@Z
??0?$RepeatedField@_K@protobuf@google@@QEAA@XZ
??1?$RepeatedField@_K@protobuf@google@@QEAA@XZ
?size@?$RepeatedField@_K@protobuf@google@@QEBAHXZ
?Add@?$RepeatedField@_K@protobuf@google@@QEAAXAEB_K@Z
?Clear@?$RepeatedField@_K@protobuf@google@@QEAAXXZ
?MergeFrom@?$RepeatedField@_K@protobuf@google@@QEAAXAEBV123@@Z
?data@?$RepeatedField@_K@protobuf@google@@QEBAPEB_KXZ
?WriteStringOutline@EpsCopyOutputStream@io@protobuf@google@@AEAAPEAEIAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAE@Z
??1Any@protobuf@google@@UEAA@XZ
?MergeFrom@Any@protobuf@google@@QEAAXAEBV123@@Z
?Clear@Any@protobuf@google@@UEAAXXZ
?ByteSizeLong@Any@protobuf@google@@UEBA_KXZ
?_InternalParse@Any@protobuf@google@@UEAAPEBDPEBDPEAVParseContext@internal@23@@Z
?_InternalSerialize@Any@protobuf@google@@UEBAPEAEPEAEPEAVEpsCopyOutputStream@io@23@@Z
??0?$RepeatedField@N@protobuf@google@@QEAA@PEAVArena@12@@Z
??0?$RepeatedField@N@protobuf@google@@QEAA@XZ
??1?$RepeatedField@N@protobuf@google@@QEAA@XZ
?size@?$RepeatedField@N@protobuf@google@@QEBAHXZ
?Add@?$RepeatedField@N@protobuf@google@@QEAAXAEBN@Z
?Clear@?$RepeatedField@N@protobuf@google@@QEAAXXZ
?MergeFrom@?$RepeatedField@N@protobuf@google@@QEAAXAEBV123@@Z
?data@?$RepeatedField@N@protobuf@google@@QEBAPEBNXZ
??0UnknownFieldSet@protobuf@google@@QEAA@XZ
mfc140
ord11761
ord8693
ord10657
ord11037
ord3300
ord3299
ord3066
ord5980
ord13327
ord3205
ord3202
ord7881
ord2695
ord14279
ord9933
ord9935
ord9934
ord9932
ord9936
ord5435
ord11365
ord11366
ord8792
ord11719
ord3710
ord11575
ord14128
ord8618
ord11803
ord6703
ord10644
ord8888
ord3166
ord13438
ord11888
ord1695
ord1717
ord1743
ord1729
ord1750
ord4765
ord4832
ord4777
ord4795
ord4789
ord4783
ord4842
ord4826
ord4771
ord4848
ord4803
ord4741
ord4756
ord4817
ord4351
ord9343
ord4343
ord2962
ord14136
ord7620
ord14134
ord6607
ord11357
ord13284
ord5704
ord2627
ord11754
ord3804
ord3271
ord3270
ord3165
ord11798
ord5566
ord9903
ord8863
ord6266
ord12913
ord5221
ord9016
ord3705
ord9069
ord10680
ord1367
ord878
ord7519
ord305
ord5691
ord2917
ord13872
ord5656
ord2473
ord10117
ord7206
ord5224
ord13689
ord2207
ord2182
ord450
ord8025
ord12510
ord8131
ord8050
ord12490
ord7989
ord5167
ord2437
ord12170
ord12171
ord14135
ord7619
ord14133
ord9049
ord4002
ord3941
ord12571
ord7637
ord2004
ord11614
ord11615
ord14007
ord12160
ord7688
ord14207
ord6100
ord14209
ord6102
ord14208
ord6101
ord3723
ord5687
ord11869
ord11877
ord4436
ord7888
ord10079
ord11881
ord11849
ord12552
ord5064
ord5347
ord5536
ord9001
ord5323
ord5539
ord5067
ord5213
ord5049
ord7430
ord7431
ord7420
ord5211
ord7890
ord9898
ord8862
ord6590
ord1089
ord1087
ord6292
ord6229
ord6299
ord3748
ord2264
ord3943
ord13469
ord940
ord2173
ord7685
ord1670
ord4648
ord300
ord1504
ord1639
ord12189
ord4937
ord1032
ord316
ord1446
ord981
ord7363
ord10026
ord964
ord1427
ord6241
ord2344
ord2348
ord266
ord265
ord1485
ord2368
ord1487
ord11892
kernel32
EnterCriticalSection
CreateFileA
SetFilePointer
GetFileSize
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeCriticalSectionEx
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateDirectoryA
GetLocalTime
GetModuleFileNameA
SetEvent
GetSystemTime
WaitForMultipleObjects
ResetEvent
ReleaseSemaphore
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateEventA
GetSystemInfo
InitializeCriticalSectionAndSpinCount
GetLastError
FreeConsole
AllocConsole
GetConsoleWindow
TerminateThread
WaitForSingleObject
CreateThread
LeaveCriticalSection
OutputDebugStringW
DeleteCriticalSection
InitializeCriticalSection
Sleep
WriteFile
DeleteFileA
CloseHandle
user32
EnableWindow
DrawIcon
GetClientRect
GetSystemMetrics
SetTimer
SendMessageA
LoadIconW
PostMessageA
BringWindowToTop
IsIconic
gdi32
CreateSolidBrush
CreateFontA
GetStockObject
comctl32
InitCommonControlsEx
cloudnetdataio
?DelJrjNetStockIO@JrjNetDataIO@Finance@@YAXPEAVICloudNetDataIO@@@Z
?NewJrjNetStockIO@JrjNetDataIO@Finance@@YAPEAVICloudNetDataIO@@XZ
jsonirpc
DeleteJsonICERPC
CreateJsonICEServer
JsonBinSrvComplete
JsonBinSrvPopfront
msvcp140
_Nan
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
libmongoc-1.0
mongoc_uri_destroy
mongoc_client_pool_destroy
mongoc_client_pool_new
mongoc_uri_new
mongoc_collection_count_with_opts
mongoc_cleanup
mongoc_init
mongoc_collection_count
mongoc_collection_find
mongoc_cursor_destroy
mongoc_cursor_next
mongoc_cursor_more
mongoc_cursor_error
mongoc_collection_find_with_opts
mongoc_collection_destroy
mongoc_client_get_collection
mongoc_client_pool_push
mongoc_client_pool_pop
libbson-1.0
bson_append_int64
bson_append_utf8
bson_append_int32
bson_bcon_magic
bson_destroy
bson_append_document_begin
bson_iter_double
bson_iter_int64
bcon_new
bson_iter_int32
bson_iter_utf8
bson_iter_find
bson_iter_init
bson_append_document_end
datamanage
DelDataManage
NewDataManage
dbghelp
MiniDumpWriteDump
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
vcruntime140
__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
_CxxThrowException
__C_specific_handler
memcmp
memset
memchr
_purecall
memmove
__std_exception_destroy
__std_exception_copy
api-ms-win-crt-runtime-l1-1-0
_seh_filter_exe
_initterm
_cexit
_crt_atexit
_set_app_type
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
exit
_exit
_c_exit
_register_thread_local_exe_atexit_callback
_get_narrow_winmain_command_line
terminate
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsnprintf_s
_set_fmode
__p__commode
__stdio_common_vsprintf
__stdio_common_vsscanf
freopen_s
api-ms-win-crt-heap-l1-1-0
malloc
_set_new_mode
free
api-ms-win-crt-string-l1-1-0
_stricmp
strncmp
_strnicmp
strncpy
api-ms-win-crt-time-l1-1-0
_localtime64_s
_time64
_mktime64
_strtime
_strdate
api-ms-win-crt-convert-l1-1-0
atoi
atof
api-ms-win-crt-math-l1-1-0
__setusermatherr
_dtest
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
_setmbcp
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 443KB - Virtual size: 442KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 151KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 44B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4.3MB - Virtual size: 4.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ