FormatExtFs
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
51040e0f2c3a5d870bc7d041141d39485be72a9e6489a4071d32059984eb0b0d.exe
Resource
win7-20230831-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
51040e0f2c3a5d870bc7d041141d39485be72a9e6489a4071d32059984eb0b0d.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
51040e0f2c3a5d870bc7d041141d39485be72a9e6489a4071d32059984eb0b0d
-
Size
11.6MB
-
MD5
1a205d214612566a468de4c0fa5a0dd4
-
SHA1
3fb3fc3a807f1fe02a8a7dde4f46b93a81684812
-
SHA256
51040e0f2c3a5d870bc7d041141d39485be72a9e6489a4071d32059984eb0b0d
-
SHA512
92d14896aeaa698c699340d2f1fcaabfe856bbebfd1a96f7d419cf8d72ad813596cfbdb6f42b4773347f5add8742a95cfc904253eeca71a5ffcc9fd19aa05511
-
SSDEEP
98304:7yQSbIaV45e55CBuW8mzV4KZrSBGb+FjRfkDJA/R/d7wRGpj3:ybIaV4M5EAhm/pV6FRfO8dhF9
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 51040e0f2c3a5d870bc7d041141d39485be72a9e6489a4071d32059984eb0b0d
Files
-
51040e0f2c3a5d870bc7d041141d39485be72a9e6489a4071d32059984eb0b0d.exe windows x86
ffbffea3189b83f46d9712dc3fdaea67
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
strncmp
vsprintf
memset
ZwClose
_chkstk
_alldiv
memcpy
ZwQueryVolumeInformationFile
_allmul
NtLoadDriver
NtUnloadDriver
ZwQuerySymbolicLinkObject
ZwOpenSymbolicLinkObject
ZwQueryDirectoryObject
ZwOpenDirectoryObject
_allrem
_aulldiv
wcsncmp
ZwUnloadKey
_aullrem
RtlNtStatusToDosError
ZwSetInformationFile
ZwOpenFile
_strlwr
strrchr
atoi
wcsrchr
sprintf
_allshl
wcstoul
mbstowcs
wcsstr
_wcsupr
wcstombs
NtQueryInformationFile
NtQuerySystemTime
NtReadFile
NtWriteFile
NtDeviceIoControlFile
NtFsControlFile
NtCreateFile
RtlAnsiStringToUnicodeString
NtClose
RtlTimeToSecondsSince1970
_strnicmp
_stricmp
_wcsnicmp
ZwCreateFile
RtlInitUnicodeString
_wcsicmp
strchr
strncpy
_itow
_wtoi64
_wcslwr
_vsnprintf
wcsncpy
_wtoi
wcschr
strstr
scanpartition
DeletePartList
SearchLosePartition
GetDiskCurPartList
DeleteDiskList
SearchCancel
InitDiskList
pe
GetUSBBootLogicObj
GetObjGAHelp
GetObjGATrackingData
IsSupportMakePE
ClsWinrePath
GetPOLoigcObject
wimmgr
Del_File
PackToolToRecovery
GetToolNeedSpace
ssdsecurityerase
ord1
exfat
ord2
upgradeshow
PAGetGlobalDataObject
PAShowRegisterDlg
diskinfo
CreateDiskInfo
mfc80u
ord3903
ord5943
ord3900
ord3108
ord5940
ord5567
ord3393
ord2712
ord4108
ord4111
ord6062
ord3754
ord2647
ord5798
ord4118
ord6060
ord6085
ord3982
ord2154
ord5827
ord5828
ord2137
ord1303
ord4117
ord3995
ord3198
ord4026
ord2648
ord502
ord3281
ord5637
ord777
ord3990
ord5558
ord5524
ord266
ord265
ord3678
ord3395
ord3570
ord2361
ord6061
ord6161
ord3983
ord4078
ord860
ord6133
ord1476
ord1176
ord1178
ord6140
ord385
ord630
ord2012
ord3082
ord1182
ord347
ord602
ord3155
ord1270
ord5638
ord1957
ord6033
ord5723
ord1058
ord2076
ord3156
ord4010
ord6089
ord2981
ord3877
ord3322
ord6751
ord754
ord416
ord651
ord6749
ord2364
ord1555
ord3590
ord5633
ord5884
ord326
ord5636
ord1609
ord1355
ord4193
ord4664
ord4357
ord3930
ord6075
ord2793
ord6083
ord3785
ord6253
ord2139
ord4361
ord4494
ord5511
ord6147
ord3058
ord2674
ord2723
ord6157
ord2257
ord3434
ord1384
ord985
ord5388
ord3706
ord350
ord3698
ord604
ord2812
ord3894
ord1975
ord2632
ord4573
ord4120
ord3634
ord2709
ord1634
ord1572
ord3286
ord715
ord3150
ord578
ord2313
ord310
ord5973
ord4921
ord4259
ord2463
ord4271
ord1297
ord2164
ord5144
ord3939
ord2136
ord4013
ord635
ord2418
ord2419
ord2986
ord5352
ord1039
ord940
ord4898
ord2933
ord4129
ord5201
ord4303
ord5006
ord5003
ord2609
ord1904
ord2237
ord3201
ord2932
ord5855
ord1548
ord2135
ord1994
ord5161
ord3070
ord395
ord1637
ord1579
ord3306
ord5965
ord736
ord3922
ord421
ord655
ord5105
ord1434
ord384
ord629
ord5083
ord6284
ord1430
ord4461
ord4463
ord6293
ord3677
ord5327
ord566
ord757
ord3176
ord2239
ord3327
ord547
ord2832
ord5562
ord956
ord5209
ord5226
ord4562
ord3942
ord5222
ord334
ord5220
ord593
ord2925
ord5113
ord1911
ord1096
ord5221
ord3826
ord3824
ord5378
ord1121
ord6215
ord5096
ord4025
ord6282
ord1007
ord1172
ord3800
ord5316
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord3249
ord3034
ord4216
ord1913
ord4733
ord4846
ord4251
ord5491
ord2736
ord5408
ord1370
ord5588
ord5152
ord2042
ord2007
ord6234
ord2615
ord2608
ord4560
ord3444
ord3639
ord368
ord616
ord4699
ord4258
ord4476
ord6039
ord5930
ord2762
ord3676
ord565
ord756
ord5170
ord567
ord758
ord1352
ord5147
ord4855
ord4858
ord4771
ord4585
ord4175
ord4166
ord3585
ord3599
ord4743
ord3914
ord1403
ord2362
ord4882
ord1719
ord2049
ord2151
ord563
ord1006
ord3417
ord4109
ord5607
ord2521
ord6058
ord3174
ord5715
ord5917
ord5397
ord5410
ord5584
ord5519
ord5643
ord6053
ord4155
ord6050
ord5604
ord6056
ord3875
ord1396
ord5485
ord1765
ord2489
ord658
ord1921
ord2867
ord2877
ord2876
ord3873
ord2788
ord5869
ord5742
ord3869
ord2083
ord4232
ord2952
ord3224
ord2656
ord287
ord5398
ord2460
ord3627
ord2132
ord3596
ord6077
ord2066
ord1953
ord5157
ord5198
ord6265
ord5141
ord1343
ord2030
ord2072
ord1903
ord3981
ord5351
ord3923
ord4190
ord6010
ord1920
ord2268
ord2068
ord1156
ord3289
ord6001
ord4290
ord3857
ord3103
ord3946
ord6301
ord3079
ord5710
ord3499
ord4902
ord530
ord722
ord1334
ord5058
ord5493
ord3426
ord336
ord595
ord3631
ord3500
ord2784
ord1416
ord4754
ord3666
ord4300
ord5984
ord6087
ord5616
ord4929
ord3561
ord544
ord732
ord3331
ord3415
ord3436
ord357
ord606
ord753
ord3636
ord5909
ord1338
ord4980
ord1543
ord2826
ord2791
ord6142
ord6138
ord2067
ord6006
ord3296
ord6104
ord6106
ord4275
ord4715
ord1581
ord1727
ord1735
ord3569
ord5357
ord4600
ord1725
ord552
ord1937
ord740
ord6100
ord6098
ord1927
ord3668
ord1912
ord2423
ord5700
ord1358
ord944
ord4930
ord4391
ord2008
ord4632
ord4658
ord2043
ord2044
ord3791
ord3571
ord553
ord742
ord3669
ord3073
ord5168
ord4235
ord1341
ord4984
ord1344
ord4191
ord1583
ord1639
ord2087
ord3577
ord4237
ord1585
ord1641
ord2089
ord748
ord3670
ord3471
ord3644
ord6115
ord3448
ord435
ord1087
ord3250
ord5673
ord1946
ord423
ord3227
ord2254
ord965
ord4057
ord862
ord2368
ord5462
ord3503
ord660
ord1000
ord3497
ord5477
ord723
ord669
ord3290
ord4100
ord5166
ord609
ord5353
ord4094
ord5440
ord314
ord1565
ord4074
ord330
ord2085
ord1633
ord589
ord3460
ord1564
ord2261
ord3238
ord3240
ord2121
ord531
ord3508
ord1941
ord277
ord444
msvcr80
exit
system
setlocale
_wfreopen
_open_osfhandle
_wfdopen
__iob_func
srand
wcscpy_s
_mktime64
printf
rename
swscanf_s
free
rand
_localtime64_s
_time64
malloc
_resetstkoflw
_wtof
wprintf
fopen
fclose
fread
fopen_s
sprintf_s
strcat_s
strcpy_s
swscanf
_beginthreadex
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
memcpy_s
memmove_s
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
swprintf_s
?what@exception@std@@UBEPBDXZ
_vswprintf
??1exception@std@@UAE@XZ
_swprintf
_CIcos
calloc
wcscat_s
fgets
feof
_purecall
realloc
_vswprintf_c_l
_localtime64
_endthread
__CxxFrameHandler3
wcsncpy_s
_CxxThrowException
isdigit
memmove
qsort
ceil
fprintf
fflush
_endthreadex
memcmp
_isatty
_fileno
fputs
fputc
wcslen
fgetc
wcscpy
sin
cos
_beginthread
_msize
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_crt_debugger_hook
_vsnwprintf
_CIsin
kernel32
SetEvent
CreateEventW
lstrlenW
WinExec
lstrcpyW
OutputDebugStringW
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
OutputDebugStringA
FlushFileBuffers
QueryDosDeviceW
LocalAlloc
CreateMutexW
GetVersion
DefineDosDeviceW
GetSystemDirectoryW
IsBadWritePtr
GetCurrentThread
CreateFileA
FreeEnvironmentStringsW
SetFileTime
GetEnvironmentStringsW
SystemTimeToFileTime
RemoveDirectoryW
SetFileAttributesW
MoveFileW
GetDiskFreeSpaceW
LocalFree
GetFileSizeEx
FormatMessageW
FindNextFileW
SetFilePointer
SetFileAttributesA
SetThreadExecutionState
GlobalFree
LockResource
LoadResource
SizeofResource
FindResourceW
GetThreadContext
GetSystemWow64DirectoryW
GetConsoleWindow
SetConsoleTitleW
FreeConsole
ReleaseMutex
GetStdHandle
AttachConsole
GetLocalTime
CreateThread
GetSystemWindowsDirectoryA
GetPrivateProfileIntW
CopyFileW
GetDriveTypeW
GetWindowsDirectoryW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetPrivateProfileStringW
GetPrivateProfileIntA
MulDiv
GetSystemDefaultLangID
ReadFile
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentThreadId
LoadLibraryW
SetLastError
InterlockedExchange
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
CreateProcessW
VirtualFree
InitializeCriticalSection
GetVolumeInformationW
VirtualAlloc
GetDiskFreeSpaceExW
SetEndOfFile
SetFilePointerEx
GetVolumeNameForVolumeMountPointW
CreateDirectoryW
GetTickCount
WriteFile
DeleteFileW
GetCurrentProcessId
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryA
FindClose
FindFirstFileW
GetLogicalDrives
Sleep
GetSystemWindowsDirectoryW
GetVersionExW
WideCharToMultiByte
MultiByteToWideChar
GetExitCodeThread
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
DeleteFileA
GetFileAttributesA
TerminateThread
GetLastError
GetFileAttributesW
CloseHandle
WritePrivateProfileStringW
CreateFileW
DeviceIoControl
GetSystemPowerStatus
GetModuleFileNameW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
GetFullPathNameA
GetTempPathA
GetTempPathW
GetFullPathNameW
MoveFileExW
HeapAlloc
HeapSize
LockFileEx
HeapFree
HeapDestroy
InterlockedCompareExchange
HeapReAlloc
HeapCreate
UnlockFile
HeapValidate
CreateFileMappingA
LockFile
HeapCompact
WaitForSingleObjectEx
CreateFileMappingW
UnlockFileEx
GetDiskFreeSpaceA
TryEnterCriticalSection
GetProcessHeap
GetSystemTimeAsFileTime
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
IsBadReadPtr
GetSystemInfo
GetVersionExA
GetDriveTypeA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
CreateDirectoryA
AllocConsole
WriteConsoleW
CreatePipe
DuplicateHandle
GetWindowsDirectoryA
GetCurrentDirectoryW
SuspendThread
ResumeThread
GetFileAttributesExW
SetVolumeMountPointW
DeleteVolumeMountPointW
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
OpenEventW
OpenFileMappingW
SetHandleInformation
GetSystemTime
SetVolumeLabelW
ResetEvent
CreateEventA
GetTimeZoneInformation
DeleteCriticalSection
QueryPerformanceCounter
GetFileSize
LoadLibraryExA
AreFileApisANSI
OpenFileMappingA
OpenEventA
GetLogicalDriveStringsW
lstrlenA
FormatMessageA
RaiseException
GetACP
GetLocaleInfoA
GetThreadLocale
MoveFileA
CopyFileA
user32
IntersectRect
AppendMenuW
GetMenuDefaultItem
WindowFromDC
IsWindow
DrawStateW
GetWindowTextW
IsWindowVisible
GetDCEx
OffsetRect
ReleaseCapture
ClientToScreen
RedrawWindow
SetCapture
GetWindow
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
SystemParametersInfoW
GetSysColorBrush
InflateRect
GetSysColor
IsChild
GetKeyState
ReleaseDC
ExitWindowsEx
GetPropW
RemovePropW
SetPropW
SetForegroundWindow
FrameRect
GetFocus
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CopyRect
DispatchMessageW
ChangeDisplaySettingsW
TranslateMessage
PeekMessageW
EnumDisplaySettingsW
UpdateWindow
PtInRect
DeleteMenu
wsprintfW
FindWindowW
GetMenuItemID
GetMenuItemCount
EnableMenuItem
CreatePopupMenu
GetActiveWindow
DrawMenuBar
IsZoomed
SetMenu
IsIconic
LoadImageW
MessageBeep
OpenClipboard
GetClassNameW
DestroyIcon
InsertMenuW
CallNextHookEx
ModifyMenuW
GetIconInfo
IsMenu
SetMenuInfo
GetMenuItemRect
LoadMenuW
GetMenuItemInfoW
GetMenuState
SetWindowsHookExW
SetWindowPos
UnhookWindowsHookEx
GetMessagePos
DrawEdge
LoadBitmapW
WaitForInputIdle
GetDC
GetWindowDC
CallWindowProcW
DrawFocusRect
SetRect
GetMenuInfo
UnregisterClassA
WindowFromPoint
SetWindowRgn
GetAsyncKeyState
DestroyCursor
CharLowerW
CopyIcon
GetDlgItem
EndDialog
GetDlgItemTextA
GetCapture
CharPrevA
CharUpperA
CharUpperW
CloseClipboard
SetClipboardData
FillRect
EmptyClipboard
ShowWindow
GetWindowLongW
MessageBoxW
InvalidateRect
SetWindowLongW
LoadCursorW
SetCursor
ShowScrollBar
PostMessageW
GetSystemMenu
DestroyMenu
GetCursorPos
GetMenu
GetParent
DrawIconEx
LoadIconW
MoveWindow
ScreenToClient
GetClientRect
KillTimer
EnableWindow
GetDesktopWindow
GetWindowRect
GetSystemMetrics
SetTimer
SendMessageW
CharNextA
TrackMouseEvent
IsWindowEnabled
CreateWindowExW
RegisterClassW
SetParent
CreateDialogParamW
GetMessageW
DefWindowProcW
GetDlgCtrlID
SetScrollInfo
GetScrollInfo
IsDlgButtonChecked
GetSubMenu
gdi32
ExcludeClipRect
GetGlyphOutlineW
GetTextMetricsW
GetCurrentObject
SetTextJustification
MoveToEx
SetBkMode
CreateRoundRectRgn
FrameRgn
CreatePolygonRgn
Arc
Pie
StrokeAndFillPath
EndPath
BeginPath
SelectClipRgn
SetBrushOrgEx
GetNearestColor
UnrealizeObject
RoundRect
SetPixel
FillRgn
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
GetPixel
PatBlt
EnumFontFamiliesW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateSolidBrush
CreateFontW
DeleteDC
GetTextExtentPoint32W
CreateCompatibleDC
GetBkColor
BitBlt
GetDeviceCaps
CreateDIBSection
DeleteObject
GetObjectW
SelectObject
CreatePatternBrush
GetTextColor
CreateCompatibleBitmap
CreateBitmap
StretchBlt
SetBkColor
SetTextColor
GetStockObject
DPtoLP
GetMapMode
CreatePen
Rectangle
CreateDCW
LineTo
CreateFontIndirectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegCloseKey
RegQueryValueExW
RegOpenKeyExA
SetSecurityInfo
RegOpenKeyW
RegCreateKeyExW
ConvertStringSidToSidW
RegSetValueExW
AdjustTokenPrivileges
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetEntriesInAclW
AllocateAndInitializeSid
OpenThreadToken
OpenProcessToken
FreeSid
GetTokenInformation
EqualSid
OpenSCManagerW
CloseServiceHandle
LookupPrivilegeValueW
ControlService
EnumServicesStatusW
QueryServiceConfigW
RegSaveKeyW
RegFlushKey
RegOpenKeyA
RegDeleteValueW
RegSetKeySecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegGetKeySecurity
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegLoadKeyW
RegQueryValueExA
RegQueryValueW
StartServiceW
QueryServiceStatus
OpenServiceW
RegOpenKeyExW
shell32
SHGetFileInfoW
DragQueryFileW
SHGetSpecialFolderPathW
ShellExecuteA
SHGetFolderPathW
DragAcceptFiles
SHBrowseForFolderW
ShellExecuteW
CommandLineToArgvW
SHAppBarMessage
ExtractIconW
SHGetPathFromIDListW
comctl32
InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
shlwapi
StrStrIW
PathAppendW
PathFindExtensionW
ole32
CreateStreamOnHGlobal
CoCreateInstance
CoCreateGuid
CoInitialize
CoUninitialize
oleaut32
SysAllocString
VariantCopy
VariantInit
SysStringByteLen
VariantClear
urlmon
URLDownloadToFileA
msvcp80
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@0@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
gdiplus
GdipGetImageHeight
GdipReleaseDC
GdipGetImageWidth
GdipDeleteGraphics
GdipCreateFromHDC
GdipLoadImageFromStreamICM
GdipDrawImageRectRect
GdipCreateBitmapFromScan0
GdiplusShutdown
GdiplusStartup
GdipSaveImageToFile
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromHBITMAP
wininet
DeleteUrlCacheEntryA
netapi32
NetUserEnum
mpr
WNetGetUniversalNameW
rpcrt4
UuidCreate
psapi
GetProcessImageFileNameW
Exports
Exports
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 972KB - Virtual size: 969KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 100KB - Virtual size: 32.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7.4MB - Virtual size: 7.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE