Static task
static1
Behavioral task
behavioral1
Sample
fa263534065c858630109a82d6b8397292313f5cb5e362db897304187d8ec450.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
fa263534065c858630109a82d6b8397292313f5cb5e362db897304187d8ec450.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
fa263534065c858630109a82d6b8397292313f5cb5e362db897304187d8ec450
-
Size
1.4MB
-
MD5
47c57699b146ff88b194e7af2f128c36
-
SHA1
de9e2ba21658e4f4e4f933ce9d047d5342d5d3d0
-
SHA256
fa263534065c858630109a82d6b8397292313f5cb5e362db897304187d8ec450
-
SHA512
79b9af1f8fb6a7ad01ab5be0a8f1c7af42b2416806dbaf84035a9c1d06ae57e35bc240ff0c2b40b36943d70b5c9974c109836867ea0f71a712eff7184ec5c823
-
SSDEEP
12288:7SV4y0l7ss4EP6c5SdMQfFeUPa9iLyNF:mV4y0lIs4K5WhfFeUPgiLyN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fa263534065c858630109a82d6b8397292313f5cb5e362db897304187d8ec450
Files
-
fa263534065c858630109a82d6b8397292313f5cb5e362db897304187d8ec450.exe windows:6 windows x64
5e4fbe7714dde36d81a70ae2e28731bc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
miktex230900-dvi
?Create@Dvi@DVI@MiKTeX@@SAPEAV123@PEBD0HHW4DviAccess@23@W4DviPageMode@23@AEBUPaperSizeInfo@Core@3@_NPEAVIDviCallback@23@PEAVTraceCallback@Trace@3@@Z
miktex230900-log4cxx
?getInfo@Level@log4cxx@@SA?AV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@XZ
?getDebug@Level@log4cxx@@SA?AV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@XZ
?getTrace@Level@log4cxx@@SA?AV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@XZ
??1ObjectPtrBase@helpers@log4cxx@@UEAA@XZ
?configure@DOMConfigurator@xml@log4cxx@@SAXAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?isTraceEnabled@Logger@log4cxx@@QEBA_NXZ
?isFatalEnabled@Logger@log4cxx@@QEBA_NXZ
?isErrorEnabled@Logger@log4cxx@@QEBA_NXZ
?isWarnEnabled@Logger@log4cxx@@QEBA_NXZ
?isInfoEnabled@Logger@log4cxx@@QEBA_NXZ
?isDebugEnabled@Logger@log4cxx@@QEBA_NXZ
?getLogger@Logger@log4cxx@@SA?AV?$ObjectPtrT@VLogger@log4cxx@@@helpers@2@QEBD@Z
?getError@Level@log4cxx@@SA?AV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@XZ
?forcedLog@Logger@log4cxx@@QEBAXAEBV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBVLocationInfo@spi@2@@Z
?str@MessageBuffer@helpers@log4cxx@@QEAAAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV?$basic_ostream@DU?$char_traits@D@std@@@5@@Z
?str@MessageBuffer@helpers@log4cxx@@QEAAAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAVCharMessageBuffer@23@@Z
??6MessageBuffer@helpers@log4cxx@@QEAAAEAVCharMessageBuffer@12@PEBD@Z
??6MessageBuffer@helpers@log4cxx@@QEAAAEAVCharMessageBuffer@12@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getFatal@Level@log4cxx@@SA?AV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@XZ
??1MessageBuffer@helpers@log4cxx@@QEAA@XZ
??0MessageBuffer@helpers@log4cxx@@QEAA@XZ
??6CharMessageBuffer@helpers@log4cxx@@QEAAAEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@H@Z
??6CharMessageBuffer@helpers@log4cxx@@QEAAAEAV012@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0LocationInfo@spi@log4cxx@@QEAA@QEBD0H@Z
??1?$ObjectPtrT@VLevel@log4cxx@@@helpers@log4cxx@@UEAA@XZ
?getWarn@Level@log4cxx@@SA?AV?$ObjectPtrT@VLevel@log4cxx@@@helpers@2@XZ
?getLogger@Logger@log4cxx@@SA?AV?$ObjectPtrT@VLogger@log4cxx@@@helpers@2@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??BMessageBuffer@helpers@log4cxx@@QEAAAEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@XZ
miktex230900-popt
poptGetArgs
poptSetOtherOptionHelp
poptGetOptArg
poptFreeContext
poptGetNextOpt
poptGetContext
miktex230900-core
?GetInvokerNames@Process@Core@MiKTeX@@SA?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?GetOSVersionString@Utils@Core@MiKTeX@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetMiKTeXVersionString@Utils@Core@MiKTeX@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetErrorMessage@MiKTeXException@Core@MiKTeX@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??1MiKTeXException@Core@MiKTeX@@UEAA@XZ
??0MiKTeXException@Core@MiKTeX@@QEAA@XZ
?GetDefPrinter@Utils@Core@MiKTeX@@SA_NAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetTimes@File@Core@MiKTeX@@SAXAEBVPathName@Util@3@AEA_J11@Z
?FatalWindowsError@Session@Core@MiKTeX@@SAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@K000AEBVKVMAP@MiKTeXException@23@AEBUSourceLocation@23@@Z
?TryGet@Session@Core@MiKTeX@@SA?AV?$shared_ptr@VSession@Core@MiKTeX@@@std@@XZ
?ToString@HResult@Core@MiKTeX@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??1HResult@Core@MiKTeX@@UEAA@XZ
?FatalMiKTeXError@Session@Core@MiKTeX@@SAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@000AEBVKVMAP@MiKTeXException@23@AEBUSourceLocation@23@@Z
?Exists@File@Core@MiKTeX@@SA_NAEBVPathName@Util@3@@Z
??0SourceLocation@Core@MiKTeX@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0H@Z
??1KeyIterator@Cfg@Core@MiKTeX@@UEAA@XZ
??DKeyIterator@Cfg@Core@MiKTeX@@QEBA?AV?$shared_ptr@VKey@Cfg@Core@MiKTeX@@@std@@XZ
??EKeyIterator@Cfg@Core@MiKTeX@@QEAAAEAV0123@XZ
??9KeyIterator@Cfg@Core@MiKTeX@@QEAA_NAEBV0123@@Z
?Create@Directory@Core@MiKTeX@@SAXAEBVPathName@Util@3@@Z
?GetFolderPath@Utils@Core@MiKTeX@@SA?AVPathName@Util@3@HH_N@Z
?Add@Fndb@Core@MiKTeX@@SAXAEBV?$vector@URecord@Fndb@Core@MiKTeX@@V?$allocator@URecord@Fndb@Core@MiKTeX@@@std@@@std@@@Z
?FileExists@Fndb@Core@MiKTeX@@SA_NAEBVPathName@Util@3@@Z
?Run@Process@Core@MiKTeX@@SA_NAEBVPathName@Util@3@AEBV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@PEAVIRunProcessCallback@23@PEAHPEAVMiKTeXException@23@PEBD@Z
?Parse@VersionNumber@Core@MiKTeX@@SA?AU123@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?MakeProgramVersionString@Utils@Core@MiKTeX@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV45@AEBUVersionNumber@23@@Z
??0COMInitializer@Core@MiKTeX@@QEAA@XZ
?SetEnvironmentString@Utils@Core@MiKTeX@@SAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?MakeProgId@Utils@Core@MiKTeX@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV45@@Z
??1Argv@Core@MiKTeX@@UEAA@XZ
??0Argv@Core@MiKTeX@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetArgv@Argv@Core@MiKTeX@@QEBAPEBQEBDXZ
?GetArgc@Argv@Core@MiKTeX@@QEBAHXZ
?GetCurrentProcess@Process@Core@MiKTeX@@SA?AV?$unique_ptr@VProcess@Core@MiKTeX@@U?$default_delete@VProcess@Core@MiKTeX@@@std@@@std@@XZ
?Create@Session@Core@MiKTeX@@SA?AV?$shared_ptr@VSession@Core@MiKTeX@@@std@@AEBVInitInfo@123@@Z
?Create@Cfg@Core@MiKTeX@@SA?AV?$unique_ptr@VCfg@Core@MiKTeX@@U?$default_delete@VCfg@Core@MiKTeX@@@std@@@std@@XZ
miktex230900-trace
?SetOptions@TraceStream@Trace@MiKTeX@@SAXAEBV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z
?MakeOption@TraceStream@Trace@MiKTeX@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV45@0W4TraceLevel@23@@Z
?Open@TraceStream@Trace@MiKTeX@@SA?AV?$unique_ptr@VTraceStream@Trace@MiKTeX@@U?$default_delete@VTraceStream@Trace@MiKTeX@@@std@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@PEAVTraceCallback@23@@Z
miktex230900-util
?AppendString@StringUtil@Util@MiKTeX@@SA_KPEAD_KPEBD@Z
?CutOffLastComponent@PathName@Util@MiKTeX@@QEAAAEAV123@_N@Z
?Split@StringUtil@Util@MiKTeX@@SA?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@D@Z
?GetExtension@PathName@Util@MiKTeX@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?AppendDirectoryDelimiter@PathName@Util@MiKTeX@@QEAAAEAV123@XZ
?CopyString@StringUtil@Util@MiKTeX@@SA_KPEAD_KPEB_W@Z
?CopyString@StringUtil@Util@MiKTeX@@SA_KPEAD_KPEBD@Z
?CopyString@StringUtil@Util@MiKTeX@@SA_KPEA_W_KPEBD@Z
??ETokenizer@Util@MiKTeX@@QEAAAEAV012@XZ
??DTokenizer@Util@MiKTeX@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??BTokenizer@Util@MiKTeX@@QEBA_NXZ
??0Tokenizer@Util@MiKTeX@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??1Tokenizer@Util@MiKTeX@@UEAA@XZ
?Convert@PathName@Util@MiKTeX@@QEAAAEAV123@V?$OptionSet@W4ConvertPathNameOption@Util@MiKTeX@@$0CA@@23@@Z
?Split@PathName@Util@MiKTeX@@CAXAEBV123@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?UTF8ToWideChar@StringUtil@Util@MiKTeX@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEBD@Z
?Contains@StringUtil@Util@MiKTeX@@SA_NPEBD00_N@Z
?Flatten@StringUtil@Util@MiKTeX@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@5@D@Z
?Compare@PathName@Util@MiKTeX@@SAHPEBD0@Z
miktex230900-fmt
?vformat@v9@fmt@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$basic_string_view@D@12@V?$basic_format_args@V?$basic_format_context@Vappender@v9@fmt@@D@v9@fmt@@@12@@Z
kernel32
OutputDebugStringA
SetLastError
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
OutputDebugStringW
RaiseException
CreateProcessW
CloseHandle
GetVersion
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SearchPathW
GlobalLock
GlobalUnlock
GlobalFree
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
DecodePointer
user32
LoadMenuW
GetSubMenu
ClientToScreen
PtInRect
SetCapture
ReleaseCapture
UpdateWindow
GetClientRect
ShowCursor
SetCursor
OffsetRect
LoadCursorW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetWindowRect
AdjustWindowRectEx
CopyRect
GetDesktopWindow
SendMessageTimeoutW
ShowWindow
GetSystemMetrics
SetWindowTextW
SetLayeredWindowAttributes
GetWindowLongPtrW
SetWindowLongPtrW
SetTimer
GetSysColor
IntersectRect
IsIconic
SetForegroundWindow
FindWindowW
GetLastActivePopup
LoadIconW
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdeClientTransaction
DdeCreateDataHandle
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeFreeStringHandle
DefWindowProcW
FillRect
PostMessageW
InvalidateRect
SendMessageW
GetDlgItem
UnregisterClassW
EnableWindow
gdi32
CreateCompatibleDC
DPtoLP
GetObjectW
SetBkColor
CreateBitmap
Rectangle
GetStockObject
GetDeviceCaps
Ellipse
CreatePen
PatBlt
CreateCompatibleBitmap
SetMapMode
SelectPalette
SelectObject
RealizePalette
GetMapMode
DeleteObject
DeleteDC
CreateSolidBrush
CreatePalette
CreateDIBitmap
BitBlt
winspool.drv
GetPrinterW
OpenPrinterW
ClosePrinter
EnumPrintersW
shell32
DragAcceptFiles
ShellExecuteW
comdlg32
GetOpenFileNameW
advapi32
RegCloseKey
RegOpenKeyExW
RegQueryValueW
RegQueryValueExW
mfc140u
ord7912
ord8904
ord11484
ord5189
ord3723
ord4443
ord8928
ord11763
ord11184
ord10093
ord6916
ord546
ord3098
ord7432
ord11788
ord8097
ord3811
ord11862
ord1767
ord11486
ord5744
ord11491
ord3714
ord7251
ord4656
ord3596
ord6588
ord3164
ord4095
ord1424
ord8826
ord6258
ord3058
ord4081
ord8439
ord2906
ord3746
ord1057
ord8819
ord4947
ord286
ord6343
ord7775
ord4084
ord1158
ord8823
ord5771
ord7928
ord3728
ord2212
ord8433
ord2222
ord6862
ord469
ord13697
ord13468
ord2779
ord5408
ord5981
ord8772
ord3735
ord10665
ord10956
ord8888
ord12466
ord5376
ord12256
ord10941
ord8093
ord7395
ord2767
ord13023
ord2511
ord12100
ord12341
ord4549
ord9175
ord2662
ord12642
ord11775
ord1106
ord3997
ord3947
ord14132
ord7450
ord5188
ord10122
ord9942
ord10411
ord10827
ord10828
ord9054
ord11432
ord9670
ord8903
ord7241
ord5557
ord6320
ord2475
ord3756
ord6250
ord12761
ord12746
ord6247
ord2473
ord438
ord1086
ord878
ord1369
ord6619
ord8507
ord13864
ord1454
ord7394
ord2311
ord6361
ord3803
ord4725
ord2479
ord3832
ord13999
ord4086
ord8441
ord2187
ord2860
ord5631
ord7380
ord2514
ord4357
ord4726
ord6634
ord3713
ord13368
ord8003
ord9200
ord9215
ord9205
ord9677
ord9682
ord9217
ord10199
ord8614
ord8604
ord11435
ord9739
ord6630
ord8917
ord11805
ord11770
ord9840
ord7136
ord935
ord13573
ord6637
ord5215
ord12717
ord1405
ord2627
ord10806
ord7518
ord10964
ord10967
ord7372
ord14111
ord912
ord3967
ord1905
ord1389
ord13869
ord1503
ord3685
ord3678
ord3595
ord13199
ord2715
ord1670
ord3655
ord6251
ord3056
ord4078
ord1053
ord8817
ord6342
ord3096
ord4083
ord8440
ord2907
ord3748
ord14194
ord2689
ord1157
ord8822
ord3686
ord8161
ord6724
ord5347
ord8468
ord13761
ord7541
ord13758
ord10074
ord4878
ord6729
ord3879
ord4631
ord8085
ord12626
ord8961
ord8993
ord8866
ord10067
ord6919
ord11790
ord7254
ord12956
ord4239
ord2510
ord972
ord8173
ord3687
ord3587
ord9941
ord5749
ord5555
ord4730
ord6622
ord448
ord6618
ord988
ord3537
ord12607
ord11901
ord11933
ord10125
ord7920
ord4447
ord11930
ord11921
ord1129
ord1453
ord3731
ord964
ord1430
ord480
ord1119
ord6262
ord942
ord8179
ord14073
ord6555
ord3144
ord3266
ord1383
ord5674
ord357
ord12967
ord8501
ord8063
ord2686
ord4722
ord6549
ord12762
ord2685
ord3989
ord8702
ord10835
ord9738
ord2340
ord12030
ord14225
ord4638
ord4472
ord6505
ord1643
ord316
ord1034
ord4658
ord1501
ord2903
ord4510
ord12600
ord8058
ord1766
ord5743
ord549
ord3185
ord7539
ord8098
ord9044
ord11864
ord11493
ord8907
ord11487
ord3725
ord4874
ord13361
ord13359
ord3715
ord8930
ord365
ord11718
ord11719
ord1059
ord6614
ord983
ord8159
ord4307
ord13545
ord12923
ord12217
ord6122
ord14289
ord6123
ord14290
ord6121
ord14288
ord7719
ord12212
ord14088
ord1844
ord5401
ord5971
ord11664
ord11665
ord2011
ord11928
ord7668
ord12625
ord3949
ord4011
ord9089
ord14216
ord7650
ord14210
ord12222
ord12223
ord2439
ord9838
ord9842
ord5183
ord8023
ord4317
ord7716
ord4445
ord12544
ord12606
ord10124
ord11929
ord8084
ord1450
ord7393
ord8167
ord804
ord2269
ord2287
ord2571
ord3972
ord4038
ord4068
ord4110
ord4144
ord4114
ord3722
ord8037
ord12139
ord7883
ord3810
ord11853
ord11760
ord14199
ord13612
ord13613
ord6589
ord956
ord3165
ord3271
ord4096
ord1425
ord2596
ord11803
ord2600
ord8682
ord11464
ord8827
ord1438
ord10691
ord5227
ord7922
ord8947
ord3173
ord13513
ord8900
ord3599
ord3697
ord4466
ord11826
ord4511
ord1033
ord290
ord296
ord7893
ord1641
ord2350
ord2344
ord2346
ord266
ord265
ord1491
ord1489
ord11944
ord11940
ord1700
ord5726
ord13358
ord5727
ord13360
ord13351
ord5722
ord1722
ord1748
ord1734
ord1755
ord4776
ord4843
ord4788
ord4806
ord4800
ord4794
ord4853
ord4837
ord4782
ord4859
ord4814
ord4752
ord4767
ord4828
ord4360
ord5582
ord9384
ord12142
ord5917
ord4873
ord4872
ord3081
ord7366
ord11898
ord10689
ord1386
ord6083
ord11623
ord11622
ord11624
ord11621
ord10858
ord10260
ord11022
ord8733
ord10710
ord10924
ord8668
ord13370
ord9043
ord902
ord6556
ord3598
ord2270
ord1111
ord6303
ord7233
ord11813
ord6000
ord13397
ord8521
ord2697
ord8901
ord11854
ord11119
ord1089
ord8731
ord10704
ord5706
ord11085
ord10163
ord3951
ord446
ord3307
ord3308
ord3071
ord6285
ord5916
ord6002
ord13401
ord3212
ord3209
ord9946
ord7913
ord2698
ord14360
ord9976
ord9978
comctl32
InitCommonControlsEx
shlwapi
SHDeleteKeyW
SHAutoComplete
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
vcruntime140
memchr
memcmp
strchr
_purecall
memset
__C_specific_handler
__RTDynamicCast
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__current_exception
memcpy
memmove
__std_type_info_destroy_list
__current_exception_context
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
_errno
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
terminate
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_crt_at_quick_exit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
api-ms-win-crt-string-l1-1-0
_strnicmp
isdigit
_stricmp
_wcsdup
api-ms-win-crt-heap-l1-1-0
_recalloc
malloc
_set_new_mode
calloc
free
api-ms-win-crt-convert-l1-1-0
strtol
atof
strtod
_wtoi
wcstol
atoi
api-ms-win-crt-math-l1-1-0
ceilf
__setusermatherr
pow
cos
sin
sqrt
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__p__commode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
oleaut32
SysFreeString
Sections
.text Size: 592KB - Virtual size: 591KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 175KB - Virtual size: 175KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 1024B - Virtual size: 777B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 373B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 594KB - Virtual size: 593KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ