Behavioral task
behavioral1
Sample
8d8c7b708a428f3ae9f9d7aa1d37d22f73f21818cf3f57cd987a83cbeb8aec86.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
8d8c7b708a428f3ae9f9d7aa1d37d22f73f21818cf3f57cd987a83cbeb8aec86.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
8d8c7b708a428f3ae9f9d7aa1d37d22f73f21818cf3f57cd987a83cbeb8aec86
-
Size
7.2MB
-
MD5
192f465c64058a84f1d60a1221a9f0b6
-
SHA1
42adc3b371d6b318ca3fdd778ecb966a795db53c
-
SHA256
8d8c7b708a428f3ae9f9d7aa1d37d22f73f21818cf3f57cd987a83cbeb8aec86
-
SHA512
3e31b9258667755739ad94e59065928393096447961e273ef93abf38982b2169e5adfd12de9e062cb2f998219ba28e27c6ce3cafe72806bae28394203521e541
-
SSDEEP
196608:YU3T2Zx/H7KICm5CHR/0L+JRVdzVRiQF:YU3qmICwAWLoDV
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8d8c7b708a428f3ae9f9d7aa1d37d22f73f21818cf3f57cd987a83cbeb8aec86
Files
-
8d8c7b708a428f3ae9f9d7aa1d37d22f73f21818cf3f57cd987a83cbeb8aec86.exe windows x86
23433e98dbbf658c4be483cc314215bd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord3803
ord1848
ord4243
ord6696
ord3301
ord2862
ord6762
ord3293
ord2582
ord6215
ord3996
ord4299
ord3797
ord1795
ord2575
ord3574
ord4396
ord609
ord6197
ord3874
ord3752
ord6377
ord1929
ord2827
ord1949
ord6442
ord6283
ord6379
ord6605
ord6170
ord5788
ord472
ord5787
ord4200
ord1941
ord3398
ord3733
ord810
ord4271
ord3706
ord3297
ord3296
ord5781
ord2971
ord1768
ord6282
ord4160
ord3499
ord2515
ord355
ord1200
ord4204
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3028
ord950
ord807
ord809
ord686
ord2621
ord1134
ord1205
ord4220
ord2584
ord3654
ord2438
ord4402
ord693
ord2725
ord589
ord826
ord260
ord824
ord593
ord324
ord4476
ord3092
ord6199
ord3370
ord3640
ord384
ord556
ord554
ord2370
ord2302
ord2086
ord2096
ord2645
ord4163
ord6625
ord2453
ord2078
ord1087
ord2122
ord5655
ord6655
ord6146
ord1158
ord4203
ord1644
ord2919
ord2863
ord5981
ord6134
ord1105
ord5937
ord3061
ord2639
ord3914
ord6904
ord3283
ord3763
ord3754
ord4130
ord6334
ord4224
ord6270
ord3089
ord6136
ord3771
ord6905
ord3767
ord6453
ord6927
ord4774
ord2935
ord2516
ord360
ord2299
ord665
ord1979
ord5442
ord3318
ord5186
ord354
ord2642
ord2340
ord6007
ord3998
ord2513
ord293
ord3286
ord663
ord348
ord6907
ord2587
ord4406
ord3394
ord3729
ord804
ord6785
ord3302
ord3305
ord3311
ord3011
ord3319
ord4644
ord4217
ord2576
ord4397
ord3352
ord3577
ord4234
ord5890
ord2937
ord3097
ord5953
ord4287
ord6241
ord2243
ord816
ord562
ord1269
ord3708
ord781
ord6129
ord4133
ord4297
ord3329
ord6128
ord4132
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord540
ord1576
ord2614
ord941
ord858
ord4278
ord6662
ord535
ord5683
ord4129
ord2764
ord825
ord823
ord1802
ord4275
ord2578
ord3582
ord4219
ord2581
ord3402
ord3639
ord3619
ord3693
ord3626
ord3663
ord2411
ord2023
ord4218
ord4398
ord2385
ord5290
ord5277
ord1771
ord6366
ord2413
ord2024
ord6055
ord4078
ord1776
ord4401
ord5241
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord692
ord616
ord818
ord1641
ord2860
ord567
ord2414
ord795
ord537
ord1146
ord1168
ord3317
ord2452
ord3571
ord3573
ord640
ord2405
ord5789
ord5875
ord6172
ord2754
ord2450
ord1847
ord470
ord755
ord3721
ord2116
ord4284
ord2071
ord3303
ord4125
ord3287
ord4202
ord5710
ord6930
ord641
ord3597
ord4425
ord5280
ord1775
ord6052
ord4710
ord4998
ord4853
ord4376
ord5265
ord2514
ord356
ord2770
ord2781
ord4058
ord3178
ord3181
ord1980
ord668
ord940
ord2763
ord6008
ord4000
ord6663
ord6778
ord543
ord803
ord3584
ord289
ord613
ord656
ord4407
ord3610
ord1829
ord6394
ord5834
ord6383
ord5440
ord5450
ord3903
ord2915
ord5572
ord2841
ord6929
ord6876
ord2107
ord2044
ord6648
ord6779
ord6874
ord924
ord5856
ord939
ord926
ord2818
ord2448
ord6877
ord922
ord860
ord2859
ord6242
ord2864
ord6880
ord2379
ord323
ord1640
ord5785
ord283
ord800
msvcrt
strstr
??0exception@@QAE@ABV0@@Z
rename
atoi
_ftol
fwrite
sscanf
strncmp
memmove
tolower
_pctype
__mb_cur_max
_isctype
qsort
_errno
_setmode
fgets
wcsstr
strcmp
strtoul
gmtime
_itoa
_strnicmp
_fileno
_getch
toupper
_purecall
_setmbcp
strspn
strtol
_mbscmp
fopen
fseek
ftell
fclose
fread
realloc
_vsnprintf
_snprintf
strncpy
malloc
free
_iob
__getmainargs
_acmdln
_XcptFilter
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
time
srand
rand
_mbsstr
_mbsnbcpy
isdigit
strtok
strrchr
islower
isupper
mbstowcs
wcstombs
calloc
rewind
isspace
_mbslen
__CxxLongjmpUnwind
_setjmp3
longjmp
raise
signal
isxdigit
abort
_exit
exit
?what@exception@@UBEPBDXZ
getenv
fputs
scanf
freopen
_open_osfhandle
_fdopen
_stricmp
fprintf
printf
vfprintf
strchr
isprint
memchr
wcslen
sprintf
_mbsicmp
isgraph
_stat
__CxxFrameHandler
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
fflush
_controlfp
isalnum
_mbsnbicmp
_except_handler3
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
kernel32
GetVersion
GetFileType
GlobalMemoryStatus
QueryPerformanceCounter
GetVersionExA
FlushConsoleInputBuffer
SetLastError
VirtualAlloc
VirtualFree
VirtualQuery
CreateProcessA
GetLocalTime
GetFileInformationByHandle
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFilePointer
GetCurrentProcessId
CreateToolhelp32Snapshot
Thread32First
Thread32Next
ReleaseMutex
CreateMutexA
lstrcpyA
SetCurrentDirectoryA
FileTimeToLocalFileTime
GetCurrentDirectoryA
PulseEvent
GetTickCount
VirtualProtect
FileTimeToSystemTime
SetThreadPriority
ResumeThread
InterlockedDecrement
GetExitCodeThread
GetCurrentThreadId
GetLastError
FreeLibrary
LocalFree
FreeConsole
InterlockedIncrement
GetVolumeInformationA
WideCharToMultiByte
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetFileAttributesA
CreateFileA
SetFileTime
FindFirstFileA
GetSystemDirectoryA
GetConsoleWindow
SetConsoleTextAttribute
AllocConsole
GetStdHandle
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetPrivateProfileStringA
MulDiv
GetSystemInfo
GetPrivateProfileIntA
GetSystemTime
lstrcpynA
WritePrivateProfileStringA
LoadLibraryA
GetProcAddress
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
GetTempPathA
DeleteFileA
CreateDirectoryA
CopyFileA
GetFileAttributesA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
IsBadReadPtr
lstrlenA
SetEvent
PeekNamedPipe
ReadFile
GetExitCodeProcess
Sleep
TerminateProcess
WaitForSingleObject
WriteFile
CreatePipe
GetStartupInfoA
CloseHandle
CreateThread
CreateEventA
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
OffsetRect
GetProcessWindowStation
GetUserObjectInformationW
CopyRect
DestroyIcon
LoadImageA
GetSystemMetrics
RedrawWindow
GetKeyState
ReleaseDC
GetDC
GetSysColor
GetScrollBarInfo
IsWindowVisible
LoadCursorA
SetCapture
IsWindow
ReleaseCapture
SetTimer
KillTimer
GetWindow
MessageBoxA
SetMenuInfo
PostMessageA
IsZoomed
SystemParametersInfoA
LoadBitmapA
CreatePopupMenu
InsertMenuA
RemoveMenu
GetMenuItemCount
GetMenuStringA
GetSubMenu
SetMenu
CheckMenuItem
GetMenuItemInfoA
CreateMenu
SetWindowsHookExA
GetCursorPos
SetWindowLongA
GetWindowLongA
GetWindowRect
InflateRect
GetParent
InvalidateRect
DrawIcon
IsIconic
AppendMenuA
ClientToScreen
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
UpdateWindow
LockWindowUpdate
SetCursor
EqualRect
GetFocus
IsMenu
GetClipboardData
GetUpdateRect
HideCaret
SetParent
SetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetMessagePos
SetForegroundWindow
SetClassLongA
GetClassLongA
GetCapture
MonitorFromWindow
FindWindowA
SetWindowRgn
SetMenuItemBitmaps
GetClientRect
FillRect
DrawIconEx
ScreenToClient
LoadIconA
SendMessageA
EnableWindow
GetDlgCtrlID
GetWindowDC
GetDesktopWindow
ShowWindow
CloseWindow
DestroyWindow
SetWindowPos
CreateWindowExA
DefWindowProcA
RegisterClassExA
wsprintfA
GrayStringA
DrawTextA
TabbedTextOutA
LoadMenuA
GetMenuItemID
PtInRect
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
gdi32
GetDeviceCaps
CreateRectRgnIndirect
Rectangle
SelectObject
StretchBlt
DeleteObject
GetTextExtentPoint32A
GetObjectA
CreateCompatibleDC
CreateFontA
CreateCompatibleBitmap
BitBlt
CreateFontIndirectA
GetStockObject
CreatePen
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateRectRgn
Ellipse
Polygon
DeleteDC
GetTextMetricsA
RoundRect
CreateSolidBrush
CreateDCA
advapi32
RegQueryValueExA
CryptDestroyHash
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegCreateKeyA
CryptDestroyKey
CryptExportKey
CryptReleaseContext
shell32
ShellExecuteA
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetSpecialFolderLocation
SHChangeNotify
SHGetFileInfoA
SHFileOperationA
StrStrIA
SHGetPathFromIDListA
comctl32
ImageList_Draw
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_AddMasked
ole32
OleDuplicateData
CoInitialize
OleSetContainedObject
StgCreateDocfileOnILockBytes
OleCreateStaticFromData
CreateStreamOnHGlobal
ReleaseStgMedium
CreateILockBytesOnHGlobal
gdiplus
GdipCreateBitmapFromHBITMAP
GdipCloneBitmapAreaI
GdipDeletePen
GdipCreatePen1
GdipSetPenColor
GdipDrawArcI
GdipDrawArc
GdipDrawLine
GdipSetLineColors
GdipAddPathPieI
GdipAddPathEllipseI
GdipDeleteRegion
GdipGetRegionHRgn
GdipCreateRegionPath
GdipDrawLineI
GdipFillPolygonI
GdipDrawEllipseI
GdipDisposeImage
GdipFillEllipseI
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateFontFamilyFromName
GdipCreateFont
GdipCreateLineBrushFromRectWithAngle
GdipCreateStringFormat
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetTextRenderingHint
GdipDrawString
GdipDeleteStringFormat
GdipDeleteFont
GdipDeleteFontFamily
GdipAddPathArc
GdipAddPathLine
GdipSetInterpolationMode
GdipCreateMatrix
GdipCreatePath
GdipAddPathRectangleI
GdipTranslateMatrix
GdipRotateMatrix
GdipTransformPath
GdipSetSolidFillColor
GdipFillPath
GdipSetMatrixElements
GdipDeletePath
GdipDeleteMatrix
GdipCloneImage
GdipCloneBrush
GdipAlloc
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipSetSmoothingMode
GdipCreateHBITMAPFromBitmap
GdipFree
GdipFillPieI
GdipFillRectangleI
GdipCreateSolidFill
GdipFillPolygon
GdipDeleteBrush
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFromHDC
GdipDrawImageRectI
GdipReleaseDC
GdipDeleteGraphics
GdipFillRectangle
msvcp60
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIID@Z
??_7bad_alloc@std@@6B@
wctype
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
??0bad_alloc@std@@QAE@PBD@Z
??1bad_alloc@std@@UAE@XZ
??0bad_alloc@std@@QAE@ABV01@@Z
?what@logic_error@std@@UBEPBDXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1logic_error@std@@UAE@XZ
??_7out_of_range@std@@6B@
??_7logic_error@std@@6B@
?_Xlen@std@@YAXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Xran@std@@YAXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?clear@ios_base@std@@QAEXH_N@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0Init@ios_base@std@@QAE@XZ
ws2_32
WSASetLastError
shutdown
recv
send
closesocket
WSAGetLastError
wininet
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
imm32
ImmGetConversionStatus
ImmGetOpenStatus
ImmGetContext
ImmSetConversionStatus
crypt32
CertNameToStrA
CertCreateCertificateContext
CryptImportPublicKeyInfo
CertFreeCertificateContext
wtsapi32
WTSSendMessageW
Sections
.text Size: - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 340KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 305KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 5.9MB - Virtual size: 5.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CXV0 Size: 924KB - Virtual size: 923KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 344KB - Virtual size: 342KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ