Static task
static1
Behavioral task
behavioral1
Sample
b816294a1e74361531c042c4d1eafb49d40b4e7265d8bc7c1ad64652efbc0e95.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
b816294a1e74361531c042c4d1eafb49d40b4e7265d8bc7c1ad64652efbc0e95.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
b816294a1e74361531c042c4d1eafb49d40b4e7265d8bc7c1ad64652efbc0e95
-
Size
859KB
-
MD5
623eaec09a68ed4623932a3409f8e54a
-
SHA1
c2023bafc31362ac279a9be0188d7c811584058a
-
SHA256
b816294a1e74361531c042c4d1eafb49d40b4e7265d8bc7c1ad64652efbc0e95
-
SHA512
b4b2f0d7cc9aee278feceebade40bdb297eb481400a2b756e5d2e80a3ab269f70421920f878fd7167d5b753ac231c8deaa2c9ba75082b0df7c7dd2e33dc4177f
-
SSDEEP
6144:hiyeG5FMLQjdQ6KecuHyDb4ik8zXx97QXOGahbVdOZDBVt192KxKeCCPm1J4MrPz:h5ekonecuSDZLryah0Vr93xKeClgoz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b816294a1e74361531c042c4d1eafb49d40b4e7265d8bc7c1ad64652efbc0e95
Files
-
b816294a1e74361531c042c4d1eafb49d40b4e7265d8bc7c1ad64652efbc0e95.exe windows:5 windows x64
a2e72c64f05c3511572e23345b4cd058
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mfc90u
ord947
ord943
ord938
ord5365
ord5367
ord6101
ord1635
ord4393
ord5093
ord6027
ord3014
ord1389
ord5307
ord2010
ord1699
ord1698
ord1634
ord4949
ord5332
ord2602
ord2797
ord2904
ord4419
ord2780
ord2932
ord2605
ord2711
ord2598
ord3818
ord3819
ord3809
ord2709
ord4051
ord4601
ord4372
ord266
ord1209
ord265
ord3751
ord777
ord3584
ord2140
ord4557
ord4556
ord4913
ord4313
ord4903
ord4499
ord5107
ord4281
ord4290
ord4710
ord4899
ord4498
ord4514
ord4843
ord3494
ord5346
ord4294
ord6421
ord5201
ord1954
ord5284
ord4355
ord4986
ord4983
ord4077
ord296
ord4350
ord5283
ord3435
ord1388
ord5299
ord4384
ord608
ord348
ord479
ord707
ord1310
ord2017
ord4418
ord4222
ord3975
ord6264
ord2860
ord5506
ord2597
ord1287
ord4464
ord3492
ord2946
ord3895
ord2936
ord1949
ord6006
ord5966
ord791
ord789
ord286
ord280
ord911
ord5285
ord2067
ord2880
ord2902
ord2057
ord469
ord702
ord1963
ord3255
ord4596
ord3023
ord4954
ord2719
ord2725
ord1840
ord6183
ord722
ord512
ord914
ord1516
ord2347
ord5658
ord4213
ord4103
ord6184
ord3786
ord5743
ord4699
ord1512
ord945
ord4096
ord2188
ord5874
ord2560
ord5876
ord5936
ord2722
ord6008
ord6000
ord3979
ord2956
ord2562
ord6263
ord5938
ord4145
ord4121
ord6422
ord3901
ord6424
ord4438
ord2110
ord2065
ord5713
ord3906
ord1025
ord5230
ord6363
ord5511
ord3932
ord1966
ord3005
ord5356
ord5358
ord4050
ord4687
ord5362
ord5345
ord5696
ord2907
ord3072
ord3424
ord2303
ord1040
ord1152
ord1071
ord3930
ord1080
ord772
ord577
ord2185
ord6309
ord272
ord784
ord2973
ord3862
ord2184
ord1366
ord2307
ord2308
ord2305
ord1061
ord320
ord3720
ord3428
ord2218
ord6234
ord4233
ord6288
ord4465
ord1103
ord3161
ord6209
ord1307
ord1631
ord2436
ord1422
ord6207
ord2437
ord664
ord424
ord767
ord3417
ord3067
ord3249
ord583
ord3297
ord1980
ord1149
ord6322
ord5618
ord5548
ord6002
ord2958
ord1289
ord3173
ord2068
ord642
ord393
ord2937
ord3899
ord2949
ord4463
ord2435
ord5305
ord3686
ord3781
ord4870
ord316
ord589
ord877
ord5839
ord916
ord6319
ord1519
ord285
ord3008
ord267
ord781
ord5314
ord5013
ord1714
ord1713
ord1582
ord3135
ord6053
ord1429
ord4373
ord3269
ord5003
ord4944
ord949
ord2455
ord2475
ord2459
ord2465
ord2463
ord2461
ord2478
ord2473
ord2457
ord2480
ord2468
ord2450
ord2452
ord2470
ord2233
ord2226
ord1553
ord6423
ord3902
ord6425
ord2559
ord3436
ord1430
ord4048
ord1658
ord1661
ord6056
ord3137
ord2378
ord588
ord1211
ord1215
ord1233
ord779
msvcr90
__CxxFrameHandler3
_CxxThrowException
memset
memcpy
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
_amsg_exit
_itoa_s
atol
strtol
memmove
iswalpha
_wcsicmp
_mbscmp
_ismbcspace
_mbsinc
_mbscspn
_mbsspn
atoi
_wtoi64
_strdup
swprintf_s
_itow_s
vsprintf_s
_vscprintf
strnlen
_vscwprintf
vswprintf_s
_purecall
malloc
iswspace
wcschr
wcscspn
wcsspn
_wcsdup
_time64
qsort
bsearch
calloc
memmove_s
free
_wtoi
memcpy_s
kernel32
LockResource
SizeofResource
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
lstrcpynW
LocalAlloc
EnterCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
GetPrivateProfileStringW
GetPrivateProfileIntW
TerminateThread
SetEvent
CreateThread
CreateEventW
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
LocalFree
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
lstrcmpW
Sleep
GetFileSize
ReadFile
FindNextFileW
FindClose
FindFirstFileW
FileTimeToLocalFileTime
GetLocalTime
LocalFileTimeToFileTime
SystemTimeToFileTime
WideCharToMultiByte
DeleteFileW
GetExitCodeProcess
TerminateProcess
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetCurrentThreadId
lstrlenA
lstrcpyA
GetModuleFileNameW
lstrcpyW
MultiByteToWideChar
lstrlenW
CreateFileW
WriteFile
GetLastError
GetTickCount
CloseHandle
FindResourceExW
lstrcpynA
GetSystemDirectoryW
lstrcmpiW
FindResourceW
LoadResource
user32
EnableMenuItem
CreateWindowExW
RegisterClassExW
DestroyWindow
DefWindowProcW
InflateRect
GetFocus
SetDlgItemTextA
LoadIconW
EnumThreadWindows
GetClassNameW
UpdateWindow
GetLastInputInfo
GetMenuItemID
SetForegroundWindow
GetMenuItemCount
ModifyMenuW
LoadAcceleratorsW
FillRect
RemoveMenu
GetSubMenu
SystemParametersInfoW
GetParent
GetLastActivePopup
InvalidateRect
PostMessageW
GetClientRect
GetWindowLongW
PeekMessageW
LoadCursorW
SetCursor
CheckMenuItem
SetWindowLongPtrW
GetKeyState
DispatchMessageW
KillTimer
SetTimer
ScreenToClient
PtInRect
GetWindowRect
ClientToScreen
CheckMenuRadioItem
DeleteMenu
CreatePopupMenu
SendMessageW
EnableWindow
gdi32
CreateSolidBrush
advapi32
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
shell32
ShellExecuteW
comctl32
InitCommonControlsEx
shlwapi
PathSkipRootW
StrCmpNIW
PathAddBackslashW
StrRChrW
ole32
CoCreateInstance
shdpub
?ShdFormatTime@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@_J@Z
?ShdFormatSize@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@_K@Z
?ShdTrace@@YAXKKPEB_W0K0ZZ
?SetStringValue@CShdIni@@QEAAHPEB_W00@Z
?GetInt32Value@CShdIni@@QEAAHPEB_W0H@Z
?GetStringValue@CShdIni@@QEAAXPEB_W0AEAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?g_AppPath@@3V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@A
?WStrToUTF8@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PEB_W@Z
?UTF8ToWStr@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PEBD@Z
?ReplaceEntityChar@CShdXml@@SAAEAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AEAV23@@Z
?Digest@CShdMd5@@QEAAXPEBEIPEAE@Z
??0CShdMd5@@QEAA@XZ
?ShdRunProgram@@YAPEAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@HH@Z
?ShdGetModulePath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PEAUHINSTANCE__@@@Z
?QueryBinValue@CShdKey@@QEAAJPEB_WAEAPEAEAEAK@Z
?Open@CShdKey@@QEAAJPEAUHKEY__@@PEB_WKK@Z
??1CShdKey@@QEAA@XZ
??0CShdKey@@QEAA@XZ
?ShdAChar2Bin@@YAHPEBD@Z
?ShdFormatTime@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AEAU_FILETIME@@@Z
?ShdFormatTime@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AEAU_SYSTEMTIME@@@Z
?RemoveKey@CShdIni@@QEAAHPEB_W0@Z
?ShdBin2AStr@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PEBEH@Z
?SetFileName@CShdIni@@QEAAXPEB_WZZ
?GetVerString@@YAPEB_WXZ
?GetChild@CXmlElem@@QEAAPEAV1@PEB_W@Z
??0CShdDump@@QEAA@H@Z
??1CShdIni@@QEAA@XZ
??0CShdIni@@QEAA@XZ
?RemoveSection@CShdIni@@QEAAHPEB_W@Z
?GetChildData@CXmlElem@@QEAAPEB_WPEB_WH@Z
?Load@CShdXml@@QEAAPEAVCXmlElem@@PEAEJPEB_WI@Z
??1CShdXml@@QEAA@XZ
??0CShdXml@@QEAA@XZ
?ShdShowPreInstanceWnd@@YAHPEB_W0@Z
?ShdGetSwitchParam@@YAHPEB_WAEAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@Z
?SetInt32Value@CShdIni@@QEAAHPEB_W0HH@Z
?ShdFindSwitch@@YAHPEB_W@Z
sqlite3
sqlite3_finalize
sqlite3_step
sqlite3_column_int64
sqlite3_column_type
sqlite3_prepare_v2
sqlite3_free
sqlite3_vmprintf
sqlite3_column_text
sqlite3_errcode
sqlite3_extended_errcode
sqlite3_errmsg
sqlite3_close
sqlite3_open
sqlite3_bind_blob
sqlite3_changes
sqlite3_mprintf
sqlite3_column_bytes
sqlite3_column_blob
shdapi
?ShdGetFileSysString@@YAPEB_WI@Z
?ShdGetCurLangId@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?ShdGetLangInfos@@YAXAEAV?$CAtlArray@ULANGINFO@@V?$CElementTraits@ULANGINFO@@@ATL@@@ATL@@@Z
?ShdQueryLicence@@YAJAEAV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@AEAV?$CAtlMap@V?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@V12@V?$CElementTraits@V?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@@2@V32@@2@@Z
?ShdGetBuildNumber@@YAKXZ
?ShdIsValidCode@@YAHPEBD@Z
?ShdDigestPassword@@YAXPEB_WPEAE@Z
?ShdFormatMsg@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?ShdGetTaskTypeString@@YAPEB_WE@Z
?ShdAdjustSnapshotName@@YAXPEAU_ARCHIVE_POINT@@G@Z
?SysTime2ShdTime@@YAXAEBU_SYSTEMTIME@@AEAU_SHDTIME@@@Z
?ShdTime2Time64@@YAHAEBU_SHDTIME@@AEA_J@Z
?Count2ShdTime@@YAXKAEAU_SHDTIME@@@Z
?ShdClose@@YAJXZ
?ShdGetActivateInfo@@YAJAEAV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@0@Z
?ShdOpen@@YAJXZ
?ShdGetWindowsUpdateStatusString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@_J@Z
?ShdGetString@@YAPEB_WPEB_W@Z
?ShdGetTaskDescription@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AEAU_SHIELD_TASK@@@Z
?ShdGetSnapTypeIcon@@YAHEE@Z
?ShdGetSnapTypeString@@YAPEB_WE@Z
?ShdFormatTime@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AEBU_SHDTIME@@@Z
?ShdInitLang@@YAPEAVCXmlElem@@PEB_W000@Z
?ShdGetLogTypeString@@YAPEB_WI@Z
?ShdIsConflictTask@@YAHPEAU_SHIELD_TASK@@0@Z
?ShdIsValidSerial@@YAJPEBD@Z
shdui
??1CShdBtn@@UEAA@XZ
??0CShdBtn@@QEAA@XZ
??1CShdDialog@@UEAA@XZ
??0CFlatEdit@@QEAA@XZ
??1CFlatEdit@@UEAA@XZ
??1CRadioBox@@UEAA@XZ
??1CCheckBox@@UEAA@XZ
??1CIntEdit@@UEAA@XZ
??0CFlatCombo@@QEAA@XZ
??1CFlatCombo@@UEAA@XZ
??1CFlatListBox@@UEAA@XZ
??1CShdMenu@@UEAA@XZ
??1CShdSheet@@UEAA@XZ
?GetMessageMap@CShdBaseDlg@@MEBAPEBUAFX_MSGMAP@@XZ
?OnCancel@CShdBaseDlg@@MEAAXXZ
?OnOK@CShdBaseDlg@@MEAAXXZ
?GetMessageMap@CShdDialog@@MEBAPEBUAFX_MSGMAP@@XZ
?OnCancel@CShdDialog@@MEAAXXZ
?OnOK@CShdDialog@@MEAAXXZ
?PreTranslateMessage@CShdBaseDlg@@MEAAHPEAUtagMSG@@@Z
?DoModal@CShdSheet@@UEAA_JXZ
??0CShdMenuBar@@QEAA@XZ
??0CShdSheet@@QEAA@PEB_W_J@Z
?ShdRestrictDlg@@YAHAEAK@Z
?ShdMsgBox@@YAIPEB_WIKPEAVCWnd@@@Z
?SetSortColumn@CFlatHdr@@QEAAHHH@Z
?SetOwnerDraw@CFlatHdr@@QEAAXXZ
?InsertMenuEx@CShdMenu@@QEAAHII_KPEB_WI@Z
??0CShdMenu@@QEAA@XZ
?SetItemData@CFlatHdr@@QEAAHH_K@Z
?GetItemData@CFlatHdr@@QEAA_KH@Z
??1CProgressBar@@UEAA@XZ
??0CFlatListBox@@QEAA@XZ
??0CShdBaseDlg@@QEAA@IPEAVCWnd@@@Z
??0CIntEdit@@QEAA@XZ
??0CCheckBox@@QEAA@XZ
??1CFlatList@@UEAA@XZ
??0CFlatHdr@@QEAA@XZ
??1CFlatHdr@@UEAA@XZ
??0CFlatList@@QEAA@XZ
??0CRadioBox@@QEAA@XZ
??1CShdBaseDlg@@UEAA@XZ
??0CShdDialog@@QEAA@IPEAVCWnd@@H@Z
?GetThisMessageMap@CShdFrame@@KAPEBUAFX_MSGMAP@@XZ
??0CShdFrame@@QEAA@XZ
??0CFlatSplitter@@QEAA@XZ
?SetText@CShdStatusBar@@QEAAHHPEB_W@Z
?Create@CShdMenuBar@@QEAAHPEAVCWnd@@HI@Z
?SetImageList@CShdMenu@@QEAAHPEAU_IMAGELIST@@H@Z
?SetMenuItem@CShdMenu@@QEAAHIPEB_WIIH@Z
?LayoutMenuBtn@CShdMenuBar@@QEAAHXZ
?ShdCreateImageList@@YAHAEAVCImageList@@IPEAUHINSTANCE__@@KPEAI@Z
?OnCreate@CShdFrame@@IEAAHPEAUtagCREATESTRUCTW@@@Z
?OnSize@CShdFrame@@IEAAXIHH@Z
?GetClientPos@CShdFrame@@IEAAXAEAVCRect@@@Z
?OnKeyMenu@CShdMenuBar@@QEAAHI_J@Z
?GetTextExtent@CShdStatusBar@@QEAAHPEB_W@Z
?SetParts@CShdStatusBar@@QEAAHHPEAH@Z
?PreCreateWindow@CShdFrame@@MEAAHAEAUtagCREATESTRUCTW@@@Z
?PreTranslateMessage@CShdFrame@@MEAAHPEAUtagMSG@@@Z
??1CShdStatusBar@@UEAA@XZ
??0CShdStatusBar@@QEAA@XZ
??1CFlatSplitter@@UEAA@XZ
??1CShdFrame@@UEAA@XZ
??1CShdMenuBar@@UEAA@XZ
??1CFlatDateTime@@UEAA@XZ
??0CFlatDateTime@@QEAA@XZ
??1CFlatChkList@@UEAA@XZ
??0CFlatChkList@@QEAA@XZ
?ShdSetAppIcon@@YAHPEAUHICON__@@H@Z
??0CProgressBar@@QEAA@XZ
?GetThisMessageMap@CShdDialog@@KAPEBUAFX_MSGMAP@@XZ
?OnInitDialog@CShdDialog@@MEAAHXZ
?SetDlgLang@CShdBaseDlg@@IEAAXPEB_W0H@Z
?GetDlgString@CShdBaseDlg@@IEAAPEB_WPEB_W@Z
?AddSpin@CIntEdit@@QEAAHXZ
?SetRange@CIntEdit@@QEAAXHHH@Z
?GetValue@CIntEdit@@QEAAHXZ
?ShdEnableCtrls@@YAXPEAVCWnd@@IIH@Z
?SetDlgCtrlText@CShdBaseDlg@@IEAAXIZZ
?GetColumnCount@CFlatList@@QEAAHXZ
?InsertColumn@CFlatList@@QEAAHHPEB_WHH@Z
?OnDestroy@CShdDialog@@IEAAXXZ
?FindItemData@CFlatList@@QEAAH_J@Z
?SetPos@CProgressBar@@QEAAHH@Z
?ShdMoveCtrlsEx@@YAXPEAVCWnd@@IIIHH@Z
?SetValue@CIntEdit@@QEAAXH@Z
?ShdEnableCtrlsV@@YAXPEAVCWnd@@HHZZ
?ShdShowCtrls@@YAXPEAVCWnd@@IIH@Z
?AdjustBtnInArea@CShdDialog@@IEAAXAEAVCShdBtn@@I@Z
?GetThisMessageMap@CShdBaseDlg@@KAPEBUAFX_MSGMAP@@XZ
?AddString@CFlatListBox@@QEAAHPEB_W@Z
?SetMenuBrush@CShdMenu@@QEAAHXZ
?GetRange@CIntEdit@@QEAAHPEAH@Z
?ShdGetOpenPath@@YAHPEAUHWND__@@AEAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?ShdMsgBox@@YAIIKPEB_WZZ
?GetParam@CShdSheet@@SA_JPEAVCWnd@@@Z
?ShdGetCtrlRect@@YAHPEAVCWnd@@IAEAVCRect@@@Z
?ShdDrawBox@@YAXPEAUHDC__@@HHHHK@Z
?ShdDrawPie@@YAXPEAUHDC__@@HHKKN@Z
??0CCheckTree@@QEAA@XZ
??1CCheckTree@@UEAA@XZ
?SetCheckState@CCheckTree@@QEAAHPEAU_TREEITEM@@I@Z
?InitTree@CCheckTree@@QEAAHI@Z
?GetCheckState@CCheckTree@@QEAAIPEAU_TREEITEM@@@Z
?ShdMoveCtrls@@YAXPEAVCWnd@@IIHH@Z
?FindItem@CFlatCombo@@QEAAH_K@Z
?GetCurSelData@CFlatCombo@@QEAA_K_K@Z
?GetClientPos@CShdDialog@@IEAAXAEAVCRect@@@Z
?DisableMenuBtn@CShdMenuBar@@QEAAXHH@Z
?SelectItem@CFlatList@@QEAAHHH@Z
?GetSelectedData@CFlatList@@QEAA_K_K@Z
?GetSelectedItem@CFlatList@@QEAAHXZ
?ShdTaskInfoDlg@@YAHAEAU_SHIELD_TASK@@H@Z
?OnCtlColor@CShdBaseDlg@@IEAAPEAUHBRUSH__@@PEAVCDC@@PEAVCWnd@@I@Z
?AddPage@CShdSheet@@QEAAHPEAVCShdBaseDlg@@PEB_W@Z
ws2_32
WSASetBlockingHook
connect
htons
freeaddrinfo
getaddrinfo
sendto
setsockopt
closesocket
WSAAddressToStringA
getsockname
getpeername
WSAAddressToStringW
WSAIoctl
recv
send
WSACleanup
WSAStartup
WSAAsyncSelect
socket
WSAGetLastError
WSACancelBlockingCall
crypt32
CryptProtectData
CryptUnprotectData
Sections
.text Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 160KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 69KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 345KB - Virtual size: 344KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ