Static task
static1
Behavioral task
behavioral1
Sample
74222f082a58fa3535e9f128b811300927938ad21483d35290c69f46fff59385.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
74222f082a58fa3535e9f128b811300927938ad21483d35290c69f46fff59385.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
74222f082a58fa3535e9f128b811300927938ad21483d35290c69f46fff59385
-
Size
4.8MB
-
MD5
e0bea5e16820e0d2e7e6220380569058
-
SHA1
c3df86783db56559177f728f8cca08a22c4969aa
-
SHA256
74222f082a58fa3535e9f128b811300927938ad21483d35290c69f46fff59385
-
SHA512
91f41e5931dff2fe04e4c761e68bb9a25ae01cdfa7b9f691e17765b64f1cea1c7739e394b4cf2beecae4f462fb64b841e304bbcc0d5c9351e4da3082d8899ab9
-
SSDEEP
98304:qY+ICAHKWbQkriukOIS2PyAqCQMEO76G1G5+QlXtXWgT:qYvC+KWbQkriPOIS2rqCQMEO76G1G5/X
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 74222f082a58fa3535e9f128b811300927938ad21483d35290c69f46fff59385
Files
-
74222f082a58fa3535e9f128b811300927938ad21483d35290c69f46fff59385.exe windows x86
3ba7cc0acdf3dfb1e7e5f09201aaaa16
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetCurrentDirectoryW
IsWow64Process
GetVersion
VirtualFreeEx
MoveFileW
GetCommandLineW
WritePrivateProfileSectionW
FileTimeToLocalFileTime
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetPrivateProfileSectionW
QueryDosDeviceW
GetProcessTimes
K32GetProcessMemoryInfo
GetProcessId
GetProcessIoCounters
K32QueryWorkingSet
QueryPerformanceFrequency
VerifyVersionInfoW
VerSetConditionMask
GetLogicalDriveStringsW
lstrcpynW
GetVolumeInformationW
GetThreadPriority
FindFirstChangeNotificationW
FindNextChangeNotification
FindCloseChangeNotification
K32EnumProcesses
CreateRemoteThread
QueryPerformanceCounter
GetThreadTimes
OpenThread
MapViewOfFileEx
GetTickCount64
GetSystemTimes
GlobalGetAtomNameW
GlobalDeleteAtom
PulseEvent
lstrcmpiW
WinExec
QueueUserWorkItem
GetPrivateProfileStructW
TerminateProcess
ResumeThread
LoadLibraryExA
VirtualFree
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
WaitForSingleObjectEx
lstrcmpW
GlobalUnlock
GetLastError
CloseHandle
GlobalLock
LocalAlloc
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
MulDiv
GetDriveTypeW
CreateThread
Module32FirstW
GlobalFree
GlobalAlloc
VirtualAllocEx
ReadProcessMemory
lstrlenW
SetThreadPriority
WTSGetActiveConsoleSessionId
TerminateThread
CreateProcessW
VirtualProtect
GetCurrentProcess
VirtualAlloc
GetCurrentThreadId
GetCurrentThread
FlushInstructionCache
VirtualQuery
SetLastError
WriteFile
SetFilePointer
UnmapViewOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
LoadLibraryA
GetProcAddress
GetModuleHandleW
FreeLibrary
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
LoadLibraryExW
ReadFile
CreateFileW
GetUserDefaultLangID
GetModuleFileNameW
SizeofResource
MultiByteToWideChar
LockResource
FindResourceExW
LoadResource
FindResourceW
WideCharToMultiByte
CreateDirectoryW
GetFileSizeEx
SetEndOfFile
CreateMutexW
WaitForSingleObject
ReleaseMutex
Sleep
FormatMessageW
DeleteFileW
GetLocalTime
GetCurrentProcessId
GetTickCount
FindFirstFileW
InitializeCriticalSection
FindClose
FileTimeToSystemTime
LoadLibraryW
GetFullPathNameW
GetSystemPowerStatus
WriteProcessMemory
LocalFree
GlobalMemoryStatusEx
FindNextFileW
RemoveDirectoryW
GetFileAttributesW
SystemTimeToFileTime
GetPrivateProfileIntW
GetPrivateProfileStringW
MoveFileExW
CopyFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
OpenEventW
FreeEnvironmentStringsW
GlobalAddAtomW
GetEnvironmentStringsW
K32GetModuleFileNameExW
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
OpenFileMappingW
WaitNamedPipeW
OutputDebugStringW
OpenProcess
GetExitCodeProcess
OpenMutexW
FlushFileBuffers
SetFilePointerEx
ProcessIdToSessionId
GetWindowsDirectoryW
SetFileAttributesW
GetFileTime
GetTempPathW
GetDiskFreeSpaceExW
GetSystemDirectoryW
GetComputerNameA
lstrcpyW
FreeResource
GetExitCodeThread
ResetEvent
SetEvent
CreateEventW
WaitForMultipleObjects
WritePrivateProfileStringW
GetModuleHandleExW
IsBadWritePtr
GetModuleHandleA
GetSystemInfo
GetVersionExW
OutputDebugStringA
K32GetProcessImageFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemTime
ExpandEnvironmentStringsW
GetModuleFileNameA
user32
LoadImageW
SetRectEmpty
SetCursor
PtInRect
SetRect
InflateRect
UnionRect
CharLowerBuffW
IsRectEmpty
GetWindowTextLengthW
GetWindow
GetFocus
EqualRect
ScreenToClient
SetWindowTextW
InvalidateRgn
RedrawWindow
GetDlgCtrlID
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
GetClassNameW
TranslateMessage
GetDlgItem
ReleaseCapture
InvalidateRect
PostMessageW
LoadBitmapW
LoadIconW
DrawIconEx
DrawIcon
DestroyIcon
CopyRect
DrawTextW
UnhookWindowsHookEx
SetWindowsHookExW
GetDesktopWindow
SetWindowRgn
OffsetRect
ClientToScreen
GetClientRect
UpdateLayeredWindow
ReleaseDC
GetDC
BringWindowToTop
KillTimer
IntersectRect
IsDialogMessageW
GetNextDlgTabItem
GetCursorPos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
SetTimer
GetForegroundWindow
AttachThreadInput
SetForegroundWindow
IsWindowEnabled
EnableWindow
GetActiveWindow
SetActiveWindow
WindowFromPoint
ExitWindowsEx
IsIconic
GetLastInputInfo
CallNextHookEx
GetScrollPos
GetKeyState
IsClipboardFormatAvailable
GetClipboardOwner
GetWindowTextA
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetAncestor
EnumDisplayMonitors
UnregisterDeviceNotification
PostQuitMessage
FindWindowA
GetPropW
SetPropW
RemovePropW
FrameRect
UnregisterClassW
FillRect
DispatchMessageW
LoadStringW
PostThreadMessageW
SetWindowPos
UpdateWindow
IsWindowVisible
ShowWindow
EndPaint
BeginPaint
GetParent
SendMessageW
GetWindowRect
FindWindowW
CharNextW
CharLowerW
SystemParametersInfoW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
DestroyWindow
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
SendMessageTimeoutW
GetShellWindow
GetSystemMetrics
GetWindowThreadProcessId
wsprintfW
FindWindowExW
GetMessageW
IsWindow
PeekMessageW
SetCapture
RegisterWindowMessageW
GetWindowTextW
gdi32
GetViewportOrgEx
GetClipRgn
CreateRectRgnIndirect
SaveDC
SelectClipRgn
GetTextExtentPoint32W
TextOutW
RestoreDC
RectInRegion
GetWorldTransform
SetWorldTransform
GetTextColor
CreateDCW
GetDeviceCaps
CreateSolidBrush
SetStretchBltMode
RoundRect
CreateBrushIndirect
ExtTextOutW
SetBkColor
GetWindowOrgEx
MoveToEx
Rectangle
CreatePen
GetDIBits
SetTextColor
GetObjectW
CreateFontIndirectW
OffsetRgn
CombineRgn
CreateRectRgn
SetViewportOrgEx
GetStockObject
SetBkMode
CreateDIBSection
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
BitBlt
SelectObject
DeleteDC
DeleteObject
GetRgnBox
SetWindowOrgEx
CreateRoundRectRgn
SetGraphicsMode
ExtSelectClipRgn
CreateBitmap
GetTextMetricsW
CreatePolygonRgn
FillRgn
LineTo
GetCurrentObject
advapi32
RegSetValueExW
StartServiceW
QueryServiceStatus
CloseEventLog
ReadEventLogW
OpenEventLogW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegQueryInfoKeyW
GetAclInformation
AddAce
InitializeAcl
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountNameW
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenCurrentUser
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
GetUserNameW
GetTokenInformation
IsValidSid
GetLengthSid
ConvertSidToStringSidW
CopySid
ImpersonateLoggedOnUser
RevertToSelf
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
DeleteAce
GetAce
GetNamedSecurityInfoW
RegEnumKeyExW
RegDeleteKeyW
CloseServiceHandle
OpenSCManagerW
OpenProcessToken
CreateProcessAsUserW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
DuplicateTokenEx
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
shell32
SHCreateDirectoryExW
SHAppBarMessage
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
ord680
ShellExecuteW
SHGetSpecialFolderPathA
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetSpecialFolderPathW
SHFileOperationW
ole32
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoCreateGuid
CreateStreamOnHGlobal
CoGetClassObject
OleUninitialize
CoTaskMemAlloc
StringFromGUID2
CLSIDFromProgID
CoTaskMemFree
OleInitialize
CLSIDFromString
OleLockRunning
CoUninitialize
CoTaskMemRealloc
CoCreateInstance
oleaut32
VarUI4FromStr
VarBstrCmp
LoadRegTypeLi
VariantInit
LoadTypeLi
OleCreateFontIndirect
DispCallFunc
SysAllocStringLen
VariantClear
SysStringLen
VariantTimeToSystemTime
SysAllocString
SysFreeString
SystemTimeToVariantTime
msvcp140
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?readsome@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_JPA_W_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
_Thrd_id
_Thrd_join
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
shlwapi
PathQuoteSpacesW
PathStripPathW
PathRemoveFileSpecA
PathIsUNCW
StrToIntW
SHGetValueW
PathAddExtensionW
PathFindExtensionW
SHEnumKeyExW
PathStripToRootW
StrToIntA
PathRemoveBackslashW
PathFileExistsA
PathAppendA
PathAddBackslashW
PathRemoveArgsW
AssocCreate
StrStrIA
StrStrIW
PathUnquoteSpacesW
PathIsDirectoryW
PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
comctl32
_TrackMouseEvent
InitCommonControlsEx
DrawShadowText
msimg32
AlphaBlend
TransparentBlt
gdiplus
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateFromHDC
GdipGetImageWidth
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipPrivateAddFontFile
GdipDrawImageRectI
GdipGetImageHeight
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdiplusStartup
GdiplusShutdown
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipGetImagePixelFormat
GdipMeasureString
GdipDeleteGraphics
GdipSetStringFormatAlign
GdipDeleteFont
GdipCreateFontFromDC
GdipGetImageGraphicsContext
GdipCreateFontFromLogfontW
GdipCreateBitmapFromScan0
GdipCreateFont
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipCreateBitmapFromHBITMAP
GdipDeleteBrush
GdipCloneBrush
GdipCreateSolidFill
GdipFillRectangleI
GdipResetWorldTransform
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipLoadImageFromFile
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromFileICM
GdipDrawImageRectRect
GdipCreateLineBrushFromRectWithAngleI
GdipSetClipPath
GdipSetSmoothingMode
GdipClosePathFigure
GdipAddPathRectangleI
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipCloneBitmapArea
GdipImageRotateFlip
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipFillRectangle
GdipDrawLinesI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGetFamily
GdipAddPathStringI
GdipGetFontSize
GdipGraphicsClear
GdipDrawImageI
GdipFillPath
GdipSetPenDashStyle
GdipDrawPath
GdipAddPathArcI
GdipAlloc
GdipDrawRectangleI
GdipDrawLine
GdipSetPenMode
GdipSetPenStartCap
GdipDeleteFontFamily
GdipSetPenEndCap
GdipFree
GdipDeletePen
GdipCreatePen1
GdipCreatePath
GdipDeletePath
GdipAddPathPieI
powrprof
PowerGetActiveScheme
PowerReadACValue
wtsapi32
WTSQueryUserToken
WTSEnumerateSessionsW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
dxgi
CreateDXGIFactory
wininet
HttpSendRequestW
InternetCloseHandle
InternetReadFile
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetConnectW
HttpQueryInfoW
InternetOpenW
HttpOpenRequestW
userenv
DestroyEnvironmentBlock
UnloadUserProfile
CreateEnvironmentBlock
LoadUserProfileW
ws2_32
WSAEnumNetworkEvents
WSAConnect
WSAGetLastError
WSASocketW
WSACloseEvent
WSACleanup
WSAStartup
WSAEventSelect
WSASetEvent
WSACreateEvent
WSARecv
WSASetLastError
FreeAddrInfoW
GetAddrInfoW
WSAResetEvent
WSAGetOverlappedResult
WSASend
closesocket
iphlpapi
GetIfEntry
GetAdaptersInfo
crypt32
CertFreeCertificateContext
CertCloseStore
CertGetCertificateContextProperty
CertVerifyTimeValidity
CertEnumCertificatesInStore
CertOpenStore
setupapi
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyW
imm32
ImmDisableIME
rpcrt4
UuidFromStringW
framework
XDllGetClassObject
vcruntime140
wcsrchr
memcmp
__std_type_info_compare
memchr
_purecall
strchr
wcschr
memset
_except_handler4_common
__CxxFrameHandler3
_CxxThrowException
__current_exception
__current_exception_context
wcsstr
__std_exception_copy
__std_exception_destroy
memmove
_local_unwind2
__std_terminate
strstr
__RTDynamicCast
_except_handler3
memcpy
api-ms-win-crt-string-l1-1-0
strcpy_s
strncat_s
iscntrl
strcat_s
ispunct
islower
isblank
_stricmp
wcsspn
wcscspn
_wcsnicmp
isxdigit
isupper
isalpha
tolower
isgraph
wcsncpy
strncmp
toupper
isspace
isdigit
isprint
__isascii
_wcsicmp
isalnum
_strlwr_s
towupper
strnlen
_strnicmp
strcpy
strncpy_s
wcscmp
_wcslwr_s
wcsncmp
iswspace
wcsncat
wmemcpy_s
wcsnlen
strlen
strcmp
_wcsdup
_wcsrev
wcscpy_s
wcspbrk
wcscat
wcscpy
wcsncpy_s
iswdigit
wcscat_s
towlower
wcslen
_wcsupr_s
api-ms-win-crt-heap-l1-1-0
_callnewh
free
malloc
realloc
_recalloc
_set_new_mode
calloc
api-ms-win-crt-runtime-l1-1-0
_endthreadex
terminate
_controlfp_s
exit
_initterm_e
_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_set_app_type
_set_errno
_c_exit
_resetstkoflw
_seh_filter_exe
_exit
_cexit
_crt_atexit
_register_onexit_function
_get_errno
_initialize_onexit_table
_invalid_parameter_noinfo
_errno
_beginthreadex
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-convert-l1-1-0
strtol
_ultoa_s
_strtoui64
_strtoi64
atol
_wtoi
_wtoi64
_wtol
_itow_s
atoi
atof
wcstol
_wcstoi64
wcstoul
_wcstoui64
_wtof
api-ms-win-crt-stdio-l1-1-0
_get_stream_buffer_pointers
ungetc
fgetpos
_fseeki64
fsetpos
setvbuf
__stdio_common_vswprintf_s
fopen
__stdio_common_vswprintf
fflush
__stdio_common_vfwprintf
fwrite
__stdio_common_vsprintf_s
_wfopen_s
fclose
fread
__p__commode
fputc
__stdio_common_vsscanf
fopen_s
fputws
__stdio_common_vswscanf
__stdio_common_vsnprintf_s
__stdio_common_vfprintf
fgetc
fseek
__acrt_iob_func
ferror
ftell
_wfopen
_set_fmode
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
api-ms-win-crt-time-l1-1-0
_mkgmtime64
_time32
_time64
_mktime64
_localtime64_s
api-ms-win-crt-math-l1-1-0
_isnan
_finite
_dclass
floor
pow
asin
sqrt
sin
cos
__setusermatherr
fabs
modf
ceil
api-ms-win-crt-utility-l1-1-0
_abs64
srand
qsort
rand
labs
abs
api-ms-win-crt-filesystem-l1-1-0
_wrename
_waccess_s
_unlock_file
_lock_file
_wsplitpath
_waccess
_mkdir
api-ms-win-crt-multibyte-l1-1-0
_mbsinc
_mbschr
_mbsstr
_mbsrchr
_mbsicmp
_mbscspn
_mbsspn
_mbscmp
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
setlocale
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 49KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 577KB - Virtual size: 577KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 114KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ