Static task
static1
General
-
Target
reverse.zip
-
Size
5.8MB
-
MD5
1f7e8bc5beffce6a3aece21f1575def3
-
SHA1
b63a828b2a7f2787d02f1d041c717ec0f6c0a78d
-
SHA256
1469b8acc562d0f3f0c981d36048fa86b92481b0c61c769817d3f0595770d44d
-
SHA512
3d7eb42ffef6ff46cff4c7409055215a5c5540460e232a73be86dcda90e21e64c87f6f6dae4303f692ef1a56c3772f0c4e92e240c8df05af8e937f1f832cc77a
-
SSDEEP
98304:2WQO8/88qaxFAFpgbY7BXicf9PTpDwGkl4v4qO3yqsIs3RorrKRFC4qjsCyBugQW:tCyeiswXikFTp564v4qOd9sh4MFMoePW
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack002/build/Zchairs fn paid ext.exe unpack002/build/driver.sys unpack002/build/mapper.exe
Files
-
reverse.zip.zip
-
PasterWorld.sln
-
reverse/FVector.h
-
reverse/Imgui/imconfig.h
-
reverse/Imgui/imgui.cpp
-
reverse/Imgui/imgui.h
-
reverse/Imgui/imgui_demo.cpp
-
reverse/Imgui/imgui_draw.cpp
-
reverse/Imgui/imgui_impl_dx9.cpp
-
reverse/Imgui/imgui_impl_dx9.h
-
reverse/Imgui/imgui_impl_win32.cpp
-
reverse/Imgui/imgui_impl_win32.h
-
reverse/Imgui/imgui_internal.h
-
reverse/Imgui/imgui_widgets.cpp.vbs
-
reverse/Imgui/imstb_rectpack.h
-
reverse/Imgui/imstb_textedit.h
-
reverse/Imgui/imstb_truetype.h
-
reverse/Keybind.h
-
reverse/Print.hpp
-
reverse/Skicript.hpp
-
reverse/auth.hpp
-
reverse/build.rar.rar
-
build/Zchairs fn paid ext.exe.exe windows x64
134c7a87d572de94963b89db536843ae
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
dwmapi
DwmExtendFrameIntoClientArea
kernel32
QueryPerformanceCounter
QueryPerformanceFrequency
GetStdHandle
CreateFileA
FlushFileBuffers
Beep
CloseHandle
Sleep
GetCurrentProcessId
CreateThread
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleTitleA
GetConsoleWindow
CreateToolhelp32Snapshot
Process32Next
LeaveCriticalSection
GlobalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
GlobalLock
GlobalUnlock
ResetEvent
SetEvent
GlobalAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
user32
SetClipboardData
GetClipboardData
EmptyClipboard
GetActiveWindow
GetKeyState
MoveWindow
SetWindowPos
SetWindowDisplayAffinity
CloseClipboard
mouse_event
GetSystemMetrics
UpdateWindow
GetForegroundWindow
GetWindowRect
GetWindowLongA
SetWindowLongA
FindWindowA
GetWindow
OpenClipboard
GetAsyncKeyState
SetCapture
DestroyWindow
CreateWindowExA
ReleaseCapture
GetCapture
UnregisterClassA
RegisterClassA
PostQuitMessage
DefWindowProcA
PeekMessageA
ShowWindow
DispatchMessageA
TranslateMessage
LoadCursorA
ScreenToClient
ClientToScreen
GetCursorPos
GetClientRect
SetCursorPos
SetCursor
gdi32
GetStockObject
imm32
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
msvcp140
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
_Xtime_get_ticks
_Query_perf_counter
_Query_perf_frequency
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
??Bios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?xalloc@ios_base@std@@SAHXZ
?iword@ios_base@std@@QEAAAEAJH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Random_device@std@@YAIXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
_Thrd_sleep
d3d9
Direct3DCreate9Ex
ntdll
ZwQueryValueKey
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ZwCreateKey
ZwSetValueKey
ZwOpenKey
ZwClose
vcruntime140
memcmp
_CxxThrowException
__std_exception_destroy
memcpy
__current_exception
__std_terminate
__current_exception_context
__std_exception_copy
memset
memmove
__C_specific_handler
memchr
strstr
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-string-l1-1-0
strcmp
strncpy
wcscpy_s
isprint
api-ms-win-crt-stdio-l1-1-0
_isatty
_wfopen
fseek
__acrt_iob_func
__stdio_common_vsprintf_s
_fileno
fclose
ftell
fflush
fread
fwrite
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
__p__commode
_set_fmode
api-ms-win-crt-heap-l1-1-0
malloc
_callnewh
free
_set_new_mode
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-math-l1-1-0
fabs
powf
pow
sqrtf
sinf
floorf
cosf
ceilf
tanf
__setusermatherr
fmodf
api-ms-win-crt-runtime-l1-1-0
_cexit
_crt_atexit
_seh_filter_exe
_set_app_type
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_invalid_parameter_noinfo_noreturn
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
exit
system
terminate
_initialize_onexit_table
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-filesystem-l1-1-0
remove
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 260KB - Virtual size: 259KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
build/driver.sys.exe windows x64
1e0880cb1fc7ed162fe94a0792b7bb1a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
ntoskrnl.exe
IoGetCurrentProcess
ObfDereferenceObject
KeAttachProcess
KeDetachProcess
PsLookupProcessByProcessId
ZwAllocateVirtualMemory
ZwFreeVirtualMemory
MmCopyVirtualMemory
PsGetProcessSectionBaseAddress
ZwProtectVirtualMemory
MmHighestUserAddress
RtlInitUnicodeString
DbgPrintEx
ExAllocatePool
ExFreePoolWithTag
IofCompleteRequest
ObReferenceObjectByHandle
ZwClose
ZwOpenKey
ZwQueryValueKey
ZwOpenProcess
RtlRandomEx
ObReferenceObjectByName
PsProcessType
IoDriverObjectType
RtlCompareUnicodeString
RtlGetVersion
MmUnmapIoSpace
MmMapIoSpaceEx
ZwSetValueKey
MmCopyMemory
PsGetProcessPeb
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 109B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1024B - Virtual size: 972B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
build/mapper.exe.exe windows x64
87877434cc5ccb8c3f984e3dd6b73bb9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
DeviceIoControl
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentProcessId
HeapDestroy
VirtualAlloc
VirtualFree
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
GetTempPathW
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
SetLastError
GetLastError
CloseHandle
DecodePointer
GetCurrentThreadId
CreateFileW
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
OutputDebugStringW
IsDebuggerPresent
WideCharToMultiByte
MultiByteToWideChar
CreateSymbolicLinkW
GetFileInformationByHandleEx
CreateHardLinkW
MoveFileExW
CopyFileW
CreateDirectoryExW
GetModuleHandleW
AreFileApisANSI
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFullPathNameW
GetFinalPathNameByHandleW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetLocaleInfoEx
FormatMessageA
LocalFree
FreeLibrary
user32
UnregisterClassW
advapi32
RegSetKeyValueW
RegOpenKeyW
RegCreateKeyW
RegCloseKey
RegDeleteTreeW
msvcp140d
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0_Lockit@std@@QEAA@H@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??1_Lockit@std@@QEAA@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
_Mbrtowc
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??7ios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?setf@ios_base@std@@QEAAHHH@Z
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
ntdll
NtQuerySystemInformation
RtlInitUnicodeString
vcruntime140d
__std_type_info_destroy_list
__C_specific_handler_noexcept
__current_exception_context
__current_exception
memcmp
__C_specific_handler
__std_exception_destroy
__std_exception_copy
memset
memmove
memcpy
__vcrt_GetModuleHandleW
__vcrt_GetModuleFileNameW
_CxxThrowException
__vcrt_LoadLibraryExW
vcruntime140_1d
__CxxFrameHandler4
ucrtbased
__setusermatherr
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
exit
_exit
_set_fmode
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_wmakepath_s
_wsplitpath_s
_set_app_type
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_callnewh
_recalloc
_errno
_invalid_parameter_noinfo
terminate
_seh_filter_exe
_malloc_dbg
_free_dbg
system
_wcsicmp
_unlock_file
_lock_file
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fputc
fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf_s
__stdio_common_vswprintf
_wremove
_CrtDbgReportW
_CrtDbgReport
_calloc_dbg
rand
srand
malloc
free
strlen
_stricmp
wcslen
wcscpy_s
_invalid_parameter
_cexit
_crt_at_quick_exit
_crt_atexit
___lc_codepage_func
_execute_onexit_table
_time64
Sections
.textbss Size: - Virtual size: 159KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 359KB - Virtual size: 359KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 141KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 777B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 373B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
build/shit/Zchairs fn paid ext.exe.recipe
-
build/shit/Zchairs paid fn.tlog/CL.command.1.tlog
-
build/shit/Zchairs paid fn.tlog/CL.read.1.tlog
-
build/shit/Zchairs paid fn.tlog/CL.write.1.tlog
-
build/shit/Zchairs paid fn.tlog/Cl.items.tlog
-
build/shit/Zchairs paid fn.tlog/Zchairs paid fn.lastbuildstate
-
build/shit/Zchairs paid fn.tlog/link.command.1.tlog
-
build/shit/Zchairs paid fn.tlog/link.read.1.tlog
-
build/shit/Zchairs paid fn.tlog/link.write.1.tlog
-
build/shit/imgui.obj
-
build/shit/imgui_draw.obj
-
build/shit/imgui_impl_dx9.obj
-
build/shit/imgui_impl_win32.obj
-
build/shit/imgui_widgets.obj
-
build/shit/main.obj
-
build/shit/reverse.log
-
build/shit/vc143.pdb
-
reverse/color.hpp
-
reverse/d3d9_x.h
-
reverse/defs.h
-
reverse/directx9/d3dx9.h
-
reverse/directx9/d3dx9.lib
-
reverse/directx9/d3dx9anim.h
-
reverse/directx9/d3dx9core.h
-
reverse/directx9/d3dx9effect.h
-
reverse/directx9/d3dx9math.h
-
reverse/directx9/d3dx9math.inl
-
reverse/directx9/d3dx9mesh.h
-
reverse/directx9/d3dx9shader.h
-
reverse/directx9/d3dx9shape.h
-
reverse/directx9/d3dx9tex.h
-
reverse/directx9/d3dx9xof.h
-
reverse/driver.h
-
reverse/driverdefs.h
-
reverse/impl/include.hpp
-
reverse/impl/vortex/asm/direct_io.asm
-
reverse/impl/vortex/vortex.cpp
-
reverse/impl/vortex/vortex.hpp
-
reverse/json.hpp
-
reverse/lazy.h
-
reverse/libcurl.lib
-
reverse/library_x64.lib
-
reverse/main.cpp
-
reverse/offsets.h
-
reverse/resource.h
-
reverse/reverse.aps.ps1
-
reverse/reverse.rc
-
reverse/reverse.vcxproj
-
reverse/reverse.vcxproj.filters
-
reverse/reverse.vcxproj.user
-
reverse/skStr.h
-
reverse/stb_image.h
-
reverse/ud.h
-
reverse/utils.hpp
-
reverse/vactor.h
-
reverse/xor.hpp
-
reverse/xstring.h
-
reverse/zcheats.h