19bdbffd8aed937d182df240acf72aed3aedd28bc04014484bdbbcdcb7371a74

Sharing

Copy URL Twitter E-mail

General

Target

19bdbffd8aed937d182df240acf72aed3aedd28bc04014484bdbbcdcb7371a74
Size

12.3MB
MD5

32c4cef62ae9656d714a32e1e9d231ec
SHA1

3728aea521b4c993ca7b630576f0e8a7c043c8dd
SHA256

19bdbffd8aed937d182df240acf72aed3aedd28bc04014484bdbbcdcb7371a74
SHA512

cc21e15ef35c7ea1d1b01529e997b1ca2f67127d5dbfb0effa7d6f894177858de9d36c439a4add7bbb0e599d73d568a64040565bd40017bce886986321448dd5
SSDEEP

98304:2IYsq//asnUitXqJJ0ee7/qtv2YqLrGhBX0gokqTVtmRJl:rvq/ysUipqJJ0em/qtv22BkTk4gJl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19bdbffd8aed937d182df240acf72aed3aedd28bc04014484bdbbcdcb7371a74

Files

19bdbffd8aed937d182df240acf72aed3aedd28bc04014484bdbbcdcb7371a74
.exe windows x86

ec979741c7f3c2da6f08032c96a76183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

elementskill

?GetNoFightMountCanuse@ElementSkill@GNET@@SA_NI@Z
?AddBuff@ElementSkill@GNET@@SAXHH@Z
?ClearBuff@ElementSkill@GNET@@SAXXZ
?GetMonsterAction@ElementSkill@GNET@@SAPBDI@Z
?GetAction@ElementSkill@GNET@@SAPBDIEHH@Z
?GetExecuteTime@ElementSkill@GNET@@SAHIH@Z
?SkillSpCost@ElementSkill@GNET@@SAHIH@Z
?RequirePlayerSecLevel@ElementSkill@GNET@@SAHIH@Z
?SkillMaxLevel@ElementSkill@GNET@@SAHI@Z
?IsCommonSkill@ElementSkill@GNET@@SA_NI@Z
?Destroy@ElementSkill@GNET@@QAEXXZ
?GetTalentSize@ElementSkill@GNET@@SAHI@Z
?GetTalentList@ElementSkill@GNET@@SAHIH@Z
?GetTalentSum@ElementSkill@GNET@@SAHI@Z
?GetTalentSize2@ElementSkill@GNET@@SAHI@Z
?GetTalentList2@ElementSkill@GNET@@SAHIH@Z
?GetTalentSum2@ElementSkill@GNET@@SAHI@Z
?RefushBeliefData@ElementSkill@GNET@@SAXAAUUseAction@2@@Z
?SetAddonLevel@ElementSkill@GNET@@SAHIH@Z
?GetSkillLearnFrom@ElementSkill@GNET@@SAHI@Z
?LearnCondition@ElementSkill@GNET@@SAHIAAULearnRequirement@2@H@Z
?SetBaseLevel@ElementSkill@GNET@@SAHIH@Z
?LoadSkillData@ElementSkill@GNET@@SAXPAX@Z
?GetVersion@ElementSkill@GNET@@SAHXZ
?GetProfessionSkillList@ElementSkill@GNET@@SAXHHAAV?$vector@HVdefault_alloc@abase@@@abase@@0@Z
?RequirePlayerLevel@ElementSkill@GNET@@SAHIH@Z
?SkillMoneyCost@ElementSkill@GNET@@SAHIHM@Z
?GetDamageType@ElementSkill@GNET@@SAHI@Z
?GetType@ElementSkill@GNET@@SADI@Z
?GetStub@ElementSkill@GNET@@SAPBVSkillStub@2@I@Z
?Create@ElementSkill@GNET@@SAPAV12@IH@Z
?SkillMaxLearnLevel@ElementSkill@GNET@@SAHI@Z

speedtreert

?SetCamera@CSpeedTreeRT@@SAXPBM0@Z
?Authorize@CSpeedTreeRT@@SAXPBD@Z
??1SGeometry@CSpeedTreeRT@@QAE@XZ
??0SGeometry@CSpeedTreeRT@@QAE@XZ
?SetTime@CSpeedTreeRT@@SAXM@Z
??0STextures@CSpeedTreeRT@@QAE@XZ
??1STextures@CSpeedTreeRT@@QAE@XZ
??0CSpeedTreeRT@@QAE@XZ
??1CSpeedTreeRT@@QAE@XZ
??2CSpeedTreeRT@@SAPAXI@Z
??3CSpeedTreeRT@@SAXPAX@Z
?Compute@CSpeedTreeRT@@QAE_NPBMI_N@Z
?MakeInstance@CSpeedTreeRT@@QAEPAV1@XZ
?LoadTree@CSpeedTreeRT@@QAE_NPBEI@Z
?GetTreeSize@CSpeedTreeRT@@QBEXAAM0@Z
?SetTreeSize@CSpeedTreeRT@@QAEXMM@Z
?SetTreePosition@CSpeedTreeRT@@QAEXMMM@Z
?SetBranchLightingMethod@CSpeedTreeRT@@QAEXW4ELightingMethod@1@@Z
?SetLeafLightingMethod@CSpeedTreeRT@@QAEXW4ELightingMethod@1@@Z
?SetFrondLightingMethod@CSpeedTreeRT@@QAEXW4ELightingMethod@1@@Z
?SetLeafRockingState@CSpeedTreeRT@@QAEX_N@Z
?SetNumLeafRockingGroups@CSpeedTreeRT@@QAEXI@Z
?SetLeafWindMethod@CSpeedTreeRT@@QAEXW4EWindMethod@1@@Z
?SetBranchWindMethod@CSpeedTreeRT@@QAEXW4EWindMethod@1@@Z
?SetFrondWindMethod@CSpeedTreeRT@@QAEXW4EWindMethod@1@@Z
?SetWindStrength@CSpeedTreeRT@@QAEMMMM@Z
?ComputeLodLevel@CSpeedTreeRT@@QAEXXZ
?SetLodLevel@CSpeedTreeRT@@QAEXM@Z
?SetDropToBillboard@CSpeedTreeRT@@SAX_N@Z
?SetLodLimits@CSpeedTreeRT@@QAEXMM@Z
?GetDiscreteLeafLodLevel@CSpeedTreeRT@@QBEGM@Z
?GetNumBranchLodLevels@CSpeedTreeRT@@QBEGXZ
?GetNumLeafLodLevels@CSpeedTreeRT@@QBEGXZ
?GetNumFrondLodLevels@CSpeedTreeRT@@QBEGXZ
?GetGeometry@CSpeedTreeRT@@QAEXAAUSGeometry@1@KFFF@Z
?GetTextures@CSpeedTreeRT@@QBEXAAUSTextures@1@@Z
?SetTextureFlip@CSpeedTreeRT@@SAX_N@Z
?GetBoundingBox@CSpeedTreeRT@@QBEXPAM@Z
?SetLightState@CSpeedTreeRT@@SAXI_N@Z
?SetLightAttributes@CSpeedTreeRT@@SAXIPBM@Z

ftdriver

?CreateFTManager@@YAPAVIFTManager@@HHH@Z

ws2_32

bind
__WSAFDIsSet
WSAGetLastError
inet_addr
gethostname
gethostbyname
inet_ntoa
WSAStartup
socket
setsockopt
sendto
send
recv
ntohs
htons
select
ioctlsocket
connect
closesocket
WSACleanup
getsockname

imm32

ImmIsIME
ImmGetProperty
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetCandidateListW
ImmGetDescriptionW

d3d8

Direct3DCreate8

ddraw

DirectDrawCreate

dsound

ord11

shlwapi

PathAppendW
PathFileExistsW
PathFileExistsA
PathFindFileNameA
PathFindExtensionA
PathStripPathW
StrStrIW

wininet

InternetConnectA
InternetReadFile
InternetWriteFile
HttpOpenRequestA
HttpAddRequestHeadersA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoA

kernel32

UnhandledExceptionFilter
WaitForSingleObjectEx
SetUnhandledExceptionFilter
RemoveDirectoryA
InitializeSListHead
GetThreadPriority
DisableThreadLibraryCalls
lstrcpynW
WaitForMultipleObjects
VirtualFree
VirtualAlloc
FindResourceA
LockResource
CreateFileMappingA
GetVersionExA
IsProcessorFeaturePresent
GetTempPathA
GetTempFileNameA
InterlockedDecrement
FormatMessageA
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
HeapValidate
InterlockedIncrement
LoadLibraryExA
SetEnvironmentVariableA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WinExec
GetFileAttributesA
lstrlenW
SetFilePointer
GetFileSize
GetTickCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCommandLineA
CloseHandle
GetLastError
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GetModuleFileNameA
IsBadReadPtr
ReadFile
WriteFile
SetNamedPipeHandleState
WaitForSingleObject
CreateThread
VirtualProtect
GetModuleHandleA
LoadLibraryA
TerminateProcess
OpenProcess
VirtualQueryEx
ReadProcessMemory
CreateToolhelp32Snapshot
Process32First
Process32Next
Sleep
GetSystemInfo
GlobalMemoryStatus
lstrlenA
HeapAlloc
HeapFree
GetProcessHeap
GetSystemTime
SystemTimeToFileTime
FlushInstructionCache
ReleaseMutex
IsBadWritePtr
DecodePointer
RaiseException
InitializeCriticalSectionEx
GlobalAlloc
GlobalLock
GlobalUnlock
CreateDirectoryA
FindClose
DeleteFileA
TerminateThread
IsDBCSLeadByte
SetEvent
CopyFileA
ExitProcess
ResumeThread
GetTimeZoneInformation
GetLocalTime
FindFirstFileA
FindNextFileA
GetExitCodeProcess
GetPrivateProfileIntA
WritePrivateProfileStringA
ResetEvent
SetThreadPriority
SetThreadPriorityBoost
SetLastError
OutputDebugStringA
CreateProcessA
SetCurrentDirectoryA
GetCurrentDirectoryA
IsDebuggerPresent
GetVersion
DuplicateHandle
SuspendThread
CreateFileA
OpenFile
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
QueueUserAPC
LoadResource
SizeofResource
MulDiv
IsDBCSLeadByteEx
QueryPerformanceCounter
QueryPerformanceFrequency
CompareStringA
LocalAlloc
GlobalFree
CreateMutexA
GetWindowsDirectoryA
GetSystemTimeAsFileTime

user32

RedrawWindow
GetSysColor
FillRect
GetParent
CreateCaret
GetKeyboardLayout
SetCaretPos
GetWindowDC
IsWindowUnicode
EnumThreadWindows
CreateWindowExA
WindowFromDC
EnumDisplaySettingsW
SetRect
IntersectRect
LoadCursorFromFileA
DestroyCursor
DrawTextA
PostThreadMessageW
GetQueueStatus
DestroyAcceleratorTable
GetKeyState
GetMenuBarInfo
EnumChildWindows
ClientToScreen
GetClientRect
SetActiveWindow
IsZoomed
IsIconic
KillTimer
InvalidateRgn
SetTimer
keybd_event
GetFocus
SetFocus
GetDlgItem
IsChild
GetAncestor
SetWindowRgn
GetActiveWindow
AdjustWindowRect
SetForegroundWindow
UpdateWindow
LoadImageA
GetDesktopWindow
ReleaseDC
GetDC
SetWindowPlacement
GetWindowPlacement
MoveWindow
DestroyWindow
ReleaseCapture
SetCapture
GetCapture
SetCursorPos
GetMessageTime
GetGUIThreadInfo
SetCursor
MessageBoxA
EndPaint
BeginPaint
GetForegroundWindow
GetAsyncKeyState
FlashWindowEx
IsWindow
TranslateMessage
AdjustWindowRectEx
InvalidateRect
IsWindowVisible
EnumWindows
CallNextHookEx
UnhookWindowsHookEx
FindWindowA
PtInRect
GetWindowRect
GetWindow
GetWindowThreadProcessId
GetTopWindow
GetClassNameA
GetSystemMetrics
ShowWindow
UnregisterHotKey
RegisterHotKey
GetWindowTextA
ScreenToClient
GetCursorPos
PostQuitMessage
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsWindowEnabled
wvsprintfW
SetWindowPos
IsRectEmpty
MsgWaitForMultipleObjects

gdi32

CreateCompatibleDC
CreatePen
CreateFontIndirectA
SetPixel
SetTextAlign
SetBkColor
SetMapMode
GetTextExtentPoint32W
CreateFontW
ExtTextOutW
TextOutA
GetDeviceCaps
CreateSolidBrush
CreateRectRgn
GetStockObject
MoveToEx
GetObjectA
CreateDIBSection
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SelectObject
LineTo
GetPixel
GetDIBits
BitBlt
CreateCompatibleBitmap
GetClipBox
DeleteObject
DeleteDC

advapi32

OpenThreadToken
RegQueryValueExA
RegOpenKeyA
OpenProcessToken
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExA

shell32

SHGetFolderPathW
ShellExecuteA

ole32

CoTaskMemFree
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CoGetClassObject
OleLockRunning
CoUninitialize
CoCreateInstance
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoInitialize
CoFreeUnusedLibraries
CLSIDFromString

oleaut32

SysFreeString
SysAllocString
OleCreateFontIndirect
SysAllocStringLen
SysStringLen
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
VariantCopy
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
DispCallFunc

msvcp140

?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Xlength_error@std@@YAXPBD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

vcruntime140

wcsrchr
wcschr
strstr
_purecall
memcpy
__std_type_info_destroy_list
_except_handler4_common
__current_exception
__current_exception_context
memset
strrchr
__CxxFrameHandler3
__std_terminate
__std_exception_destroy
_CxxThrowException
memmove
__RTDynamicCast
_local_unwind4
wcsstr
strchr
memchr
__std_exception_copy
__CxxFrameHandler
_setjmp3
longjmp

api-ms-win-crt-utility-l1-1-0

qsort
rand
srand

api-ms-win-crt-math-l1-1-0

_CIcosh
_except1
ldexp
_libm_sse2_log_precise
_libm_sse2_exp_precise
_isnan
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_CIfmod
frexp
_libm_sse2_log10_precise
__setusermatherr
floor
_CIsinh
_CIatan2
_libm_sse2_tan_precise
_CIpow
_libm_sse2_sin_precise
_ftol
_libm_sse2_acos_precise
ceil
_libm_sse2_pow_precise
_finite
modf
_libm_sse2_cos_precise
_libm_sse2_sqrt_precise
_CIacos
_CItanh

api-ms-win-crt-stdio-l1-1-0

_fileno
_chsize
ferror
fputs
__stdio_common_vsscanf
__stdio_common_vsprintf
__stdio_common_vfwprintf
fgets
getc
_wfopen
ungetc
setvbuf
_fseeki64
fsetpos
fputc
tmpfile
fgetpos
fgetc
_get_stream_buffer_pointers
__stdio_common_vfscanf
fflush
feof
tmpnam
_popen
__stdio_common_vswprintf
_set_fmode
__stdio_common_vswscanf
_pclose
fopen
fclose
clearerr
__p__commode
__stdio_common_vfprintf
fwrite
ftell
fseek
fread
__acrt_iob_func
__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

_strnicmp
tolower
iscntrl
_wcsicmp
_strlwr
isalnum
_strupr
isxdigit
isalpha
_strdup
islower
strcoll
isspace
_wcsupr
wcscspn
isupper
ispunct
strncat
wcsncat
isdigit
strpbrk
strtok
strcspn
wcsncpy_s
wcsncmp
strncmp
wcsncpy
_stricmp
strncpy
toupper
_wcslwr

api-ms-win-crt-filesystem-l1-1-0

_findnext64i32
_lock_file
_findfirst64i32
_unlock_file
_stat32
_splitpath
_chmod
remove
_findclose
_findnext32
_findfirst32
_stat64i32
_fstat64i32
_access
rename

api-ms-win-crt-convert-l1-1-0

_itoa
strtoul
strtod
atof
_atoi64
_itow
atoi
_wtoi
_wtoi64
atol

api-ms-win-crt-runtime-l1-1-0

_resetstkoflw
_register_onexit_function
_errno
_invalid_parameter_noinfo
_c_exit
_register_thread_local_exe_atexit_callback
_cexit
_controlfp
_execute_onexit_table
_crt_atexit
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo_noreturn
_configure_wide_argv
terminate
_exit
_beginthreadex
_initterm_e
_crt_at_quick_exit
_initialize_wide_environment
_get_wide_winmain_command_line
system
_seh_filter_dll
_controlfp_s
strerror
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
exit
_initterm
_beginthread
perror

api-ms-win-crt-heap-l1-1-0

_recalloc
malloc
free
realloc
_set_new_mode
calloc

api-ms-win-crt-time-l1-1-0

_mktime32
_localtime32
asctime
_gmtime32
_time64
_time32
strftime
_mktime64
_localtime64
_gmtime64
_difftime64
clock

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
setlocale
localeconv

api-ms-win-crt-environment-l1-1-0

getenv

winmm

timeGetDevCaps
timeSetEvent
timeEndPeriod
timeBeginPeriod
timeGetTime
timeKillEvent

immwrapper

??0AMImmWrapper@@QAE@XZ
?ReleaseImmEffect@AMImmWrapper@@QAE_NAAPAVAMImmEffect@@@Z
?Init@AMImmWrapper@@QAE_NPAUHINSTANCE__@@PAUHWND__@@PAD2@Z
?LoadImmEffect@AMImmWrapper@@QAE_NPADPAPAVAMImmEffect@@@Z
?Stop@AMImmEffect@@QAE_NXZ
?Start@AMImmEffect@@QAE_NXZ
?Release@AMImmWrapper@@QAE_NXZ
??1AMImmWrapper@@QAE@XZ

Sections

.text
Size: 9.2MB - Virtual size: 9.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec979741c7f3c2da6f08032c96a76183

Headers

DLL Characteristics

File Characteristics

Imports

elementskill

speedtreert

ftdriver

ws2_32

imm32

d3d8

ddraw

dsound

shlwapi

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcp140

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

winmm

immwrapper

Sections

.text Size: 9.2MB - Virtual size: 9.2MB

.rdata Size: 2.9MB - Virtual size: 2.9MB

.data Size: 203KB - Virtual size: 512KB

.data1 Size: 2KB - Virtual size: 2KB

_RDATA Size: 512B - Virtual size: 48B

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 9.2MB - Virtual size: 9.2MB

.rdata
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 203KB - Virtual size: 512KB

.data1
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 512B - Virtual size: 48B

.rsrc
Size: 21KB - Virtual size: 20KB