Static task
static1
Behavioral task
behavioral1
Sample
PMGRWIN.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
PMGRWIN.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
PMGRWIN.exe.zip
-
Size
922KB
-
MD5
f25397429a2e495c81acf4cb7981c9d1
-
SHA1
7685f31ffa7857a154b7c894bf3b8f435971d4ef
-
SHA256
9501fe646643b3140be26513cb241184f6d9d081ac8e4a4bfdbc3e99e02933ef
-
SHA512
6ffcf866dbd2315286cb1cfca9b7b7a2cdf2ec52cc0b5b13c449ffa66ec4a99a5dca2ea30bbf2f8cf11507053fb325500d7c6f4c4d5f749f5381fe9191146eea
-
SSDEEP
12288:n7/4w/igJSG73z1b6L+66CebX/NxUOuY5KfXKca4yJUItuRp:tSGLz1uuvdcQJUItuRp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/PMGRWIN.exe
Files
-
PMGRWIN.exe.zip.zip
Password: infected
-
PMGRWIN.exe.exe windows:6 windows x86
68187955e9fc4f18bf83a904d92df5f3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mnbasic
ord87
ord7
ord10
ord41
ord82
ord50
ord56
ord57
ord60
ord77
ord80
ord74
ord4
ord43
ord49
ord23
ord24
ord93
ord92
ord91
ord70
ord89
ord75
ord111
ord110
ord132
ord108
ord107
ord104
ord103
ord102
ord148
ord141
ord131
ord17
ord58
ord81
ord13
ord171
ord5
ord3
ord88
ord11
ord78
ord86
ord2
ord72
ord71
ord59
ord16
ord90
ord15
ord14
ord170
ord1
ord35
ord34
ord101
ord65
ord64
ord61
ord97
ord85
ord55
ord54
ord53
ord46
ord45
ord44
ord42
ord95
ord94
ord99
ord98
ord21
ord22
ord12
ord84
ord76
ord40
ord39
ord36
mncrypt
ord11
ord10
ord2
ord1
ord13
mnabout
?ShowRenishawDlg@CCTLAboutDialog@@QAEXJ@Z
ctlabout_version_items_int
ctlabout_get_version
ctlabout_get_ori_edtandvers_str
ctlabout_get_res_entry
ctlabout_get_noof_res_entries
ctlabout_exe_edition_check
ctlabout_add_exe_edition_check
ctlabout_init_edition_check
ctlabout_chk_edition_progtitle_hdl
ctlabout_create_progtitle_hdl
ctlabout_uninit_handle
ctlabout_init_handle
?ShowModal@CCTLAboutDialog@@QAEXXZ
?SetTitle@CCTLAboutDialog@@QAEXPBD@Z
?SetProgName@CCTLAboutDialog@@QAEXK@Z
?SetAllRightsRes@CCTLAboutDialog@@QAEXPBD@Z
?SetButtonTexts@CCTLAboutDialog@@QAEXPBD0@Z
?SetSecondButton@CCTLAboutDialog@@QAEXPAXW4Bool@@P6AXPAUHWND__@@0@Z@Z
??1CCTLAboutDialog@@UAE@XZ
??0CCTLAboutDialog@@QAE@XZ
mnsettings
?SetTracepak@mnSetExp@@QAEX_N@Z
??1mnSetExp@@QAE@XZ
?CallAllSettings@mnSetExp@@QAEXP6AXPAX@Z0@Z
?SetHelpLanguage@mnSetExp@@QAEXV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
??0mnSetExp@@QAE@XZ
mnwin
ord220
ord210
ord217
ord216
ord215
ord214
ord189
ord96
ord95
ord355
ord370
ord289
ord199
ord290
ord346
ord262
ord193
ord98
ord68
ord351
ord411
ord38
ord35
ord376
ord375
ord420
ord59
ord446
ord303
ord302
ord299
ord298
ord297
ord296
ord295
ord294
ord293
ord291
ord288
ord287
ord286
ord285
ord284
ord282
ord281
ord280
ord279
ord305
ord70
ord257
ord206
ord276
ord274
ord270
ord251
ord198
ord195
ord255
ord192
ord208
ord207
ord46
ord48
ord14
ord65
ord62
ord71
ord5
ord422
ord353
ord350
ord430
ord29
ord28
ord26
ord25
ord23
ord19
ord16
ord15
ord11
ord9
ord8
ord6
ord2
ord1
ord228
ord231
ord133
ord130
ord129
ord128
ord125
ord124
ord123
ord121
ord156
ord173
ord106
ord369
ord4
ord32
ord12
ord17
ord18
ord24
ord73
ord141
ord365
ord423
ord22
ord21
ord20
ord7
ord451
ord99
ord100
ord34
ord307
ord64
ord424
ord426
ord429
ord97
ord383
ord387
ord191
ord435
ord300
ord379
ord185
ord101
ord186
ord292
ord368
ord357
ord69
ord47
ord421
ord425
ord37
ord36
ord263
ord342
ord341
ord339
ord332
ord328
ord326
ord324
ord321
ord318
ord316
ord359
ord242
ord241
ord240
ord239
ord237
ord234
ord269
ord232
ord223
mmessage
ord6
ord3
ord7
ord1
ord5
mnctrl
ord22
ord107
ord37
ord38
ord40
ord41
ord43
ord46
ord39
ord54
ord48
ord50
ord51
ord55
ord57
ord58
ord34
ord7
ord8
ord25
ord26
ord27
ord28
ord29
ord30
ord31
ord32
ord33
ord24
mnreport
ord101
mnprotocol
ord9
ord10
ord18
ord1
ord2
ord14
ord4
mnrefpart2
ord8
ord12
ord11
ord5
ord3
ord2
ord1
ord13
ord14
ord10
ord9
mnjpeg
jpeg_free_bmpinfo
jpeg_load_as_bmpinfo
mntogether
ord502
ord501
ord407
ord401
ord400
ord812
ord811
ord824
ord814
ord1001
ord402
ord411
ord408
ord405
ord503
ord404
ord1006
ord1004
ord1005
mnedittol
?SetHelpData@CTolTbExp@@QAEXABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@K@Z
??1CTolTbExp@@QAE@XZ
??0CTolTbExp@@QAE@XZ
?CallDialog@CTolTbExp@@QAEXXZ
wkwin32
ord47
ord38
ord39
ord37
ord48
ord35
ord34
ord31
ord20
ord45
ord46
mngeopprg2
ord56
ord35
ord1
ord34
ord55
ord13
ord3
ord2
ord58
ord36
ord39
ord29
mnmath
NVecR8
ord18
ord17
ord16
mmcserviceaccess
??1CMMCServiceControl@BusinessLayer@@UAE@XZ
?Start@CMMCServiceControl@BusinessLayer@@QAE_NXZ
?Stop@CMMCServiceControl@BusinessLayer@@QAE_NXZ
??0CMMCServiceControl@BusinessLayer@@QAE@XZ
?IsRunning@CMMCServiceControl@BusinessLayer@@QAE_NXZ
mmcdeviceconfigif
??0CMMCDeviceConfiguration@MachineLayer@@QAE@XZ
??1CMMCDeviceConfiguration@MachineLayer@@UAE@XZ
?loadConfig@CMMCDeviceConfiguration@MachineLayer@@QAE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?getConfigurationName@CMMCDeviceConfiguration@MachineLayer@@QBE?BV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?getController@CMMCDeviceConfiguration@MachineLayer@@QBE?BV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@K@Z
?getDeviceName@CMMCDeviceConfiguration@MachineLayer@@QBE?BV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@K@Z
?getCMMType@CMMCDeviceConfiguration@MachineLayer@@QBEKXZ
?IsOfflineConfiguration@CMMCDeviceConfiguration@MachineLayer@@QBE_NXZ
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
cabinet
ord21
ord20
ord14
ord13
ord11
ord23
ord22
ord10
mmcprbaccessif
??1CPrbAccessIF@@QAE@XZ
?cmd@CPrbAccessIF@@QAEKKPBDKPAD@Z
??0CPrbAccessIF@@QAE@XZ
mnsendmcosmosstatus
?send_PLANNED_MAINTENANCE@CSendMCOSMOSStatus@@QAE?AW4Error@1@XZ
?send_SETUP@CSendMCOSMOSStatus@@QAE?AW4Error@1@XZ
?send_IDLE@CSendMCOSMOSStatus@@QAE?AW4Error@1@XZ
??1CSendMCOSMOSStatus@@UAE@XZ
??0CSendMCOSMOSStatus@@QAE@PBD0@Z
?send_UNPLANNED_MAINTENANCE@CSendMCOSMOSStatus@@QAE?AW4Error@1@XZ
mfc120
ord2365
ord4055
ord903
ord5841
ord8877
ord10843
ord6376
ord12596
ord5396
ord3798
ord494
ord10226
ord7666
ord3626
ord3746
ord12522
ord4930
ord6125
ord3643
ord3640
ord3642
ord3754
ord7482
ord9063
ord3007
ord9091
ord2550
ord12035
ord1404
ord10328
ord1880
ord4057
ord3190
ord921
ord919
ord7240
ord12692
ord4447
ord2518
ord14430
ord12219
ord14377
ord12162
ord6822
ord6625
ord2334
ord6257
ord3645
ord7481
ord12034
ord10829
ord1401
ord11754
ord11753
ord11755
ord11752
ord10998
ord10400
ord11155
ord8880
ord10850
ord11063
ord8815
ord911
ord7239
ord4969
ord5466
ord311
ord460
ord13908
ord2199
ord2706
ord12566
ord7341
ord1064
ord10083
ord4308
ord363
ord6372
ord7310
ord7303
ord1645
ord10867
ord12426
ord1963
ord1962
ord12734
ord8599
ord5801
ord305
ord2963
ord14098
ord5005
ord7188
ord1453
ord14320
ord1980
ord980
ord7508
ord11455
ord12840
ord5303
ord4827
ord1063
ord362
ord4119
ord8208
ord8652
ord13094
ord12898
ord3813
ord4822
ord358
ord6366
ord895
ord6669
ord3309
ord3189
ord6675
ord2168
ord2123
ord3765
ord1384
ord887
ord12882
ord1103
ord450
ord2476
ord6363
ord3831
ord2478
ord6443
ord1398
ord6103
ord2255
ord2256
ord1443
ord1961
ord972
ord1442
ord13059
ord971
ord8204
ord8561
ord12697
ord4613
ord4612
ord5012
ord2339
ord265
ord266
ord4433
ord6408
ord9303
ord14281
ord8188
ord7667
ord13914
ord12577
ord1688
ord301
ord5863
ord8970
ord1175
ord7915
ord4173
ord4537
ord13434
ord6466
ord1100
ord7511
ord13836
ord3115
ord6403
ord8966
ord1065
ord3821
ord2946
ord8585
ord4170
ord5761
ord3100
ord6374
ord3782
ord8658
ord4764
ord12374
ord5764
ord5006
ord14009
ord2944
ord1522
ord6193
ord4042
ord1138
ord501
ord1128
ord6426
ord8964
ord1061
ord4167
ord3098
ord6367
ord7348
ord11949
ord6096
ord13537
ord2716
ord9048
ord11990
ord1106
ord8878
ord10844
ord11218
ord10302
ord4041
ord458
ord3353
ord3354
ord3117
ord6971
ord6007
ord6098
ord13541
ord5339
ord3253
ord10088
ord8055
ord2717
ord10118
ord10120
ord10119
ord10117
ord10121
ord5536
ord11546
ord11547
ord8977
ord11907
ord3787
ord11756
ord14361
ord8803
ord12038
ord6844
ord10831
ord9094
ord3217
ord13658
ord12077
ord12075
ord1706
ord1718
ord1726
ord1722
ord1731
ord4863
ord4904
ord4871
ord4883
ord4879
ord4875
ord4912
ord4900
ord4867
ord4916
ord4889
ord4851
ord4858
ord4893
ord4450
ord5672
ord9528
ord4442
ord3008
ord14369
ord7771
ord14367
ord8595
ord6745
ord13267
ord5311
ord13335
ord4425
ord11538
ord13488
ord5814
ord5306
ord2638
ord11942
ord3890
ord8167
ord5241
ord2442
ord12356
ord12355
ord14368
ord7770
ord14366
ord9234
ord4100
ord4039
ord12759
ord7789
ord1985
ord11803
ord11802
ord14240
ord12345
ord7848
ord14440
ord6225
ord14442
ord6227
ord14441
ord6226
ord990
ord6729
ord3801
ord5797
ord12057
ord8062
ord12069
ord12037
ord5646
ord12400
ord259
ord4672
ord6689
ord2224
ord1137
ord8586
ord5654
ord10823
ord9129
ord8958
ord8855
ord10361
ord11556
ord9974
ord10425
ord9975
ord11290
ord14304
ord7717
ord13209
ord5510
ord6994
ord7342
ord3124
ord8617
ord2134
ord2133
ord5602
ord1417
ord2274
ord2259
ord2246
ord8554
ord5470
ord5766
ord4682
ord3321
ord3322
ord3216
ord11986
ord997
ord5136
ord5433
ord5643
ord9186
ord5409
ord5139
ord5295
ord5119
ord7574
ord7575
ord7565
ord5293
ord8064
ord9047
ord3646
ord4662
ord1139
ord503
ord1441
ord970
ord8308
ord4763
ord1691
ord1687
ord1521
ord310
ord8028
ord4272
ord2345
ord2341
ord1524
ord1041
ord300
ord316
ord2839
ord8022
ord14371
ord14373
ord262
ord4798
ord3188
ord2170
ord12455
ord3028
ord13058
ord13743
ord13061
ord13745
ord1040
ord290
ord5763
ord1654
ord14182
ord12399
ord7882
ord2950
ord1525
ord11909
ord6833
ord2418
ord1656
ord1502
ord1504
ord5397
ord6992
ord3633
ord3753
ord3796
ord13444
ord8614
ord4825
ord3135
ord540
ord5278
ord6202
ord6642
ord5401
ord843
ord3267
ord3920
ord12383
ord4823
ord4690
ord8600
ord6707
ord3208
ord4184
ord1438
ord8973
ord12897
ord6465
ord3142
ord6891
ord4172
ord2158
ord8311
ord6006
ord1463
ord8229
ord12065
ord10264
ord13905
ord7658
ord14102
ord7970
ord1050
ord3288
ord3095
ord6347
ord8969
ord3256
ord12677
ord1174
ord2709
ord14346
ord3823
ord7910
ord2947
ord498
ord6186
ord5283
msvcr120
_purecall
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_commode
_fmode
_acmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
__set_app_type
__getmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
?terminate@@YAXXZ
_except1
??1type_info@@UAE@XZ
memcpy
memset
strlen
memmove
_mbscmp
free
_hypot
_CxxThrowException
__CxxFrameHandler3
strcpy_s
strftime
_localtime64_s
strncpy_s
sscanf_s
_mktime64
_time64
strcat_s
_splitpath_s
sprintf_s
_time32
strcmp
rand
_fullpath
_makepath
_splitpath
strcpy
strcat
_strupr
_mbsinc
_mbslen
_mbslwr
_mbsninc
_mbsstr
_setmbcp
sscanf
sprintf
memchr
memcmp
fclose
fopen_s
fprintf_s
vsprintf_s
atoi
strtod
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_tempnam
remove
_errno
malloc
_chmod
_close
_lseek
_read
_write
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
?_open@@YAHPBDHH@Z
_itoa_s
_stricmp
_strnicmp
_mbsrchr
isdigit
strchr
pow
isalpha
memcpy_s
calloc
_recalloc
fputs
_makepath_s
wcslen
strncpy
_mbschr
fread
fwrite
_stat32
_mbslwr_s
_mbsnbcpy
fgets
fopen
fgetws
fputws
atof
atol
fflush
fgetc
fgetpos
fputc
fsetpos
_fseeki64
setvbuf
ungetc
_lock_file
_getpid
vsprintf
_flushall
_mbsnbicmp
_searchenv_s
??0exception@std@@QAE@XZ
floor
_access
labs
strtol
abort
exit
_set_invalid_parameter_handler
wprintf
_searchenv
_strlwr
_gmtime32
toupper
rename
strncat
_findnext32
_strnset
_mktime32
_vscprintf
_wcsdup
_strdup
memmove_s
_mbscspn
_unlock_file
??0bad_cast@std@@QAE@PBD@Z
setlocale
_mbsupr_s
_gmtime32_s
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
_mbsicmp
fprintf
vfprintf
srand
strstr
_difftime32
strncmp
clock
_findfirst32
_findclose
_localtime32
_ismbblead
isupper
islower
_strupr_s
_mbsicoll
_mbsnbcpy_s
_mbclen
log10
localeconv
abs
_stricoll
_mbsupr
div
_controlfp_s
kernel32
LoadLibraryA
DeviceIoControl
DecodePointer
RaiseException
GetLastError
GetProcAddress
FreeLibrary
OpenProcess
TerminateProcess
FileTimeToDosDateTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileInformationByHandle
GetFileAttributesA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
CreateFileA
lstrlenA
lstrcpynA
GetLocalTime
ResumeThread
GetExitCodeThread
TerminateThread
CopyFileA
CreateProcessA
CreateThread
GetExitCodeProcess
CloseHandle
GetDiskFreeSpaceA
OutputDebugStringW
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
lstrlenW
CreateDirectoryA
Sleep
FormatMessageA
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
DeleteCriticalSection
DosDateTimeToFileTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
ExpandEnvironmentStringsA
IsBadWritePtr
VirtualQuery
GetVersionExA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCommandLineA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetDriveTypeA
LoadLibraryExA
DeleteFileA
RemoveDirectoryA
GetVolumeInformationA
OpenSemaphoreA
CreateSemaphoreA
ReleaseSemaphore
SetErrorMode
GetLogicalDrives
LocalAlloc
GetComputerNameA
GetWindowsDirectoryA
CompareFileTime
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetSystemTime
GetFileTime
GetTimeZoneInformation
OutputDebugStringA
SetFilePointer
SetEndOfFile
GetFileSize
MulDiv
SetLastError
GlobalAlloc
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
LockResource
LoadResource
FreeResource
MoveFileA
GetPrivateProfileSectionNamesA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetLocaleInfoA
SuspendThread
WaitForSingleObject
WritePrivateProfileStructA
GetPrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcess
CreatePipe
DuplicateHandle
ReadFile
GetTimeFormatA
GetDateFormatA
WideCharToMultiByte
MultiByteToWideChar
LocalFree
GetTempFileNameA
GetTempPathA
GetModuleHandleA
GetSystemDirectoryA
WriteFile
InitializeCriticalSectionEx
user32
DrawStateA
InvalidateRect
RedrawWindow
ReleaseCapture
GetCapture
GetActiveWindow
PeekMessageA
LoadBitmapW
MessageBoxIndirectA
PostMessageA
MessageBoxA
wsprintfA
GetWindowRect
LoadCursorA
SetCursor
EnableWindow
SendMessageA
SetCapture
SetTimer
GetClientRect
GetCursorPos
ClientToScreen
ScreenToClient
WindowFromPoint
GetSysColor
DrawFocusRect
FillRect
FrameRect
CopyRect
IsDialogMessageA
TranslateAcceleratorA
LoadAcceleratorsA
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
GetMessageA
KillTimer
UnregisterClassA
CallWindowProcA
ShowWindow
MessageBeep
IsWindow
LoadIconA
SetFocus
LoadBitmapA
SetWindowLongA
UpdateWindow
GetDialogBaseUnits
GetClipboardData
CloseClipboard
OpenClipboard
ReleaseDC
GetDC
SetRect
BringWindowToTop
SetWindowContextHelpId
FindWindowA
SetForegroundWindow
DrawIcon
GetSystemMetrics
IsIconic
GetIconInfo
LoadImageA
DestroyIcon
DestroyCursor
GetParent
GetWindowLongA
OffsetRect
InflateRect
gdi32
GetBitmapBits
Rectangle
GetEnhMetaFileA
StretchDIBits
CreateDIBitmap
EnumFontFamiliesExA
GetDeviceCaps
CreateDCA
SetTextColor
SetBkColor
SelectObject
GetStockObject
DeleteObject
DeleteDC
CreateCompatibleBitmap
BitBlt
GetObjectA
CreateCompatibleDC
SetStretchBltMode
StretchBlt
GetTextExtentPoint32A
DeleteEnhMetaFile
CreateDIBSection
SetWinMetaFileBits
SetEnhMetaFileBits
PlayEnhMetaFile
GetCurrentObject
GetDIBColorTable
CreateBitmap
advapi32
RegQueryValueExA
RegCloseKey
CryptGetUserKey
CryptGetProvParam
CryptDestroyKey
CryptGenKey
CryptReleaseContext
CryptAcquireContextA
OpenProcessToken
AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation
RegQueryValueA
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
shell32
ShellExecuteA
SHFileOperationA
FindExecutableA
comctl32
ImageList_AddMasked
ImageList_ReplaceIcon
ole32
CoCreateInstance
CoInitialize
OleRun
CoUninitialize
oleaut32
VariantChangeType
VariantInit
VariantClear
GetErrorInfo
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
SetErrorInfo
CreateErrorInfo
ws2_32
listen
getnameinfo
freeaddrinfo
getaddrinfo
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
socket
shutdown
setsockopt
sendto
recvfrom
ntohs
recv
htons
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
WSAGetLastError
gethostname
send
select
msvcp120
?pubsetbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PAD_J@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
?id@?$codecvt@DDH@std@@2V0locale@2@A
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
??Bios_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?fail@ios_base@std@@QBE_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
wibucm32
ord130
ord50
ord52
ord126
ord74
ord76
ord100
ord1
ord54
secur32
DeleteSecurityContext
CompleteAuthToken
InitializeSecurityContextA
AcquireCredentialsHandleA
QuerySecurityPackageInfoA
AcceptSecurityContext
ApplyControlToken
QueryContextAttributesA
FreeContextBuffer
EncryptMessage
FreeCredentialsHandle
DecryptMessage
crypt32
CryptBinaryToStringA
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertVerifyRevocation
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CertGetCertificateChain
CertOpenStore
rpcrt4
UuidCreate
UuidToStringA
RpcStringFreeA
wininet
InternetAutodialHangup
InternetAttemptConnect
InternetGetConnectedState
dnsapi
DnsFree
DnsQuery_A
imagehlp
MakeSureDirectoryPathExists
Sections
.text Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 328KB - Virtual size: 327KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 137B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 738KB - Virtual size: 738KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ