?AllowLoadDll@@YGHPAU_UNICODE_STRING@@@Z
?QMIsJustMyMachine@@YAHXZ
GetCSSendOpt
GetProtcolAddr
Behavioral task
behavioral1
Sample
c440080742219c8382eabef9b59465c12dfa4b344824fb4d31534ad6f00df749.exe
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
c440080742219c8382eabef9b59465c12dfa4b344824fb4d31534ad6f00df749.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
c440080742219c8382eabef9b59465c12dfa4b344824fb4d31534ad6f00df749
-
Size
8.1MB
-
MD5
1f4c0ab5f7a5b09d56544777191f1403
-
SHA1
f0ed45e459c3266c0018f75dd6218807d768536b
-
SHA256
c440080742219c8382eabef9b59465c12dfa4b344824fb4d31534ad6f00df749
-
SHA512
8abf69ee26544879cffa9120eaa8005de48f58977e9c7827e773f3f648aa177aac28d7185e998366ade1e20acfd031627d24a45ec12fb88b86c99a9866951db7
-
SSDEEP
196608:Fe7TlzBebMef6SvrgzQx3Cv024+inc2RTGQO:FeJTefS03B8ic2dO
Score
7/10
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c440080742219c8382eabef9b59465c12dfa4b344824fb4d31534ad6f00df749
Files
-
c440080742219c8382eabef9b59465c12dfa4b344824fb4d31534ad6f00df749.exe windows:5 windows x86
501d2125af839ffb8d06b31f8c13ac71
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
CommandLineToArgvW
SHGetFolderPathW
Shell_NotifyIconW
SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW
SHFileOperationW
SHChangeNotify
ShellExecuteExW
imm32
ImmGetContext
ImmSetCompositionWindow
iphlpapi
GetNetworkParams
ws2_32
WSCGetProviderPath
WSAEventSelect
WSASetEvent
WSACreateEvent
WSARecv
WSAGetOverlappedResult
WSASend
WSAResetEvent
WSAEnumNetworkEvents
WSAConnect
WSASocketW
WSACloseEvent
GetAddrInfoW
FreeAddrInfoW
common
??0CTXStringW@@QAE@PB_W@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
?GetLength@CTXStringW@@QBEHXZ
??0CTXStringW@@QAE@PA_W@Z
?Find@CTXStringW@@QBEH_WH@Z
?Trim@CTXStringW@@QAEAAV1@XZ
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?Format@CTXStringW@@QAAXPB_WZZ
??ACTXStringW@@QBE_WH@Z
??0CTXStringW@@QAE@ABV0@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?GetString@CTXStringW@@QBEPB_WXZ
?SetAt@CTXStringW@@QAEXH_W@Z
??9@YA_NPB_WABVCTXStringW@@@Z
?Empty@CTXStringW@@QAEXXZ
??4CTXStringW@@QAEAAV0@_W@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
?GetBufferSetLength@CTXStringW@@QAEPA_WH@Z
??YCTXStringW@@QAEAAV0@_W@Z
?Delete@CTXStringW@@QAEHHH@Z
?AppendChar@CTXStringW@@QAEX_W@Z
?MakeLower@CTXStringW@@QAEAAV1@XZ
?Find@CTXStringW@@QBEHPB_WH@Z
??M@YA_NABVCTXStringW@@0@Z
??0CTXStringW@@QAE@ABU_GUID@@@Z
??0CTXStringA@@QAE@XZ
??1CTXStringA@@QAE@XZ
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??7CTXStringW@@QBE_NXZ
??H@YA?AVCTXStringW@@ABV0@0@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
?AppendFormat@CTXStringW@@QAAXPB_WZZ
??0CTXTime@@QAE@XZ
??4CTXTime@@QAEAAV0@V0@@Z
?GetTickCount@CTXTime@@SA?AV1@XZ
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?Tokenize@CTXStringW@@QBE?AV1@PB_WAAH@Z
?LoadStringW@CTXStringW@@QAEHPAUHINSTANCE__@@I@Z
?GetAt@CTXStringW@@QBE_WH@Z
?Append@CTXStringW@@QAEXPB_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??4CTXStringA@@QAEAAV0@PBD@Z
?CompareNoCase@CTXStringA@@QBEHPBD@Z
?GetString@CTXStringA@@QBEPBDXZ
?IsEmpty@CTXStringA@@QBE_NXZ
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?Format@CTXStringA@@QAAXPBDZZ
?MakeLower@CTXStringA@@QAEAAV1@XZ
??BCTXStringA@@QBEPBDXZ
??0CTXStringA@@QAE@PBD@Z
?Replace@CTXStringA@@QAEHDD@Z
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??0CTXTime@@QAE@_J@Z
??GCTXTime@@QBE?AVCTXTimeSpan@@V0@@Z
??0CTXTime@@QAE@ABV0@@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?Append@CTXStringW@@QAEXABV1@@Z
?NotifyIdle@TXTimer@@YAXXZ
?TrimLeft@CTXStringW@@QAEAAV1@XZ
?TrimRight@CTXStringW@@QAEAAV1@XZ
?Remove@CTXStringW@@QAEH_W@Z
?Trim@CTXStringW@@QAEAAV1@_W@Z
?FormatV@CTXStringW@@QAEXPB_WPAD@Z
?Insert@CTXStringW@@QAEHHPB_W@Z
??M@YA_NABVCTXStringA@@0@Z
?GetYear@CTXTime@@QBEHXZ
?GetMonth@CTXTime@@QBEHXZ
?GetDay@CTXTime@@QBEHXZ
?GetMinute@CTXTime@@QBEHXZ
?GetHour@CTXTime@@QBEHXZ
?GetBSTR@CTXStringW@@QBEPA_WXZ
??0CTXTimeSpan@@QAE@JHHH@Z
??YCTXTime@@QAEAAV0@VCTXTimeSpan@@@Z
??0CTXTimeSpan@@QAE@ABV0@@Z
?GetAsSystemTime@CTXTime@@QBE_NAAU_SYSTEMTIME@@@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?Right@CTXStringW@@QBE?AV1@H@Z
??BCTXBSTR@@QBEPA_WXZ
??0CTXBSTR@@QAE@PB_W@Z
??1CTXBSTR@@QAE@XZ
?SetString@CTXStringW@@QAEXPB_WH@Z
??0CTXBSTR@@QAE@XZ
??ICTXBSTR@@QAEPAPA_WXZ
?Length@CTXBSTR@@QBEIXZ
?Compare@CTXStringW@@QBEHPB_W@Z
?GetSecond@CTXTime@@QBEHXZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?IsEmpty@CTXBSTR@@QAEHXZ
??OCTXTimeSpan@@QBE_NV0@@Z
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?TXAssert@@YAHPB_W0H@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?RemoveFileSystem@FS@@YAHPB_W@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??8CTXBSTR@@QBE_NPB_W@Z
?GetPlatformCore@CoreCenter@Util@@YAHPAPAUITXPlatformCore@@@Z
?GetPlatformTpc@CoreCenter@Util@@YAHPAPAUITXDataRead@@@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
?GetParentDir@File@Util@@YA?AVCTXStringW@@ABV3@@Z
?GetFileName@FS@Util@@YA?AVCTXStringW@@ABV3@@Z
?IsEmpty@CTXStringW@@QBE_NXZ
??1CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@XZ
?IsDirectoryExist@FS@@YAHPB_W@Z
?SplitQNC@FS@@YAHPB_WAAVCTXStringW@@1@Z
?GetLocalePath@TXI18N@@YA?AVCTXStringW@@PB_W@Z
?TrimLeft@CTXStringW@@QAEAAV1@PB_W@Z
?DelIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?ClearDeadQueue@Misc@Util@@YAXXZ
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?Format@CTXTime@@QBE?AVCTXStringW@@PB_W@Z
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
gf
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@PAUITXCore@@H@Z
xgraphic32
FillSolidRect
GetCanvasHandle
kernel32
GetLogicalDriveStringsW
QueryDosDeviceW
Process32NextW
Process32FirstW
RaiseException
GetTickCount
LocalFree
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
ResetEvent
GetVersionExW
GlobalMemoryStatusEx
GetSystemInfo
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExA
MoveFileExW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetFileAttributesExW
lstrcmpiA
DeleteFileW
CreateDirectoryW
TerminateThread
lstrcmpA
InterlockedExchangeAdd
LocalAlloc
CreateMutexW
GetModuleFileNameA
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WritePrivateProfileStringW
GetLocalTime
lstrlenW
GetPrivateProfileStructW
WritePrivateProfileStructW
CreateThread
CreateFileMappingW
MapViewOfFile
SetFilePointer
GetFileSizeEx
ReleaseMutex
MoveFileW
CopyFileW
OpenMutexW
LoadLibraryA
DebugBreak
SetDllDirectoryW
GetVersion
DecodePointer
MulDiv
WritePrivateProfileStringA
GetPrivateProfileStringA
UnmapViewOfFile
FileTimeToSystemTime
lstrcmpiW
LoadLibraryExW
SwitchToThread
GetWindowsDirectoryW
OpenEventW
GetNativeSystemInfo
VirtualProtect
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
SuspendThread
lstrcmpW
GlobalLock
GlobalUnlock
SetEndOfFile
GetExitCodeProcess
QueueUserWorkItem
CreateFileA
GetLongPathNameW
FormatMessageW
FreeLibrary
OpenProcess
IsDebuggerPresent
GetModuleHandleExW
GetFileAttributesW
OpenFileMappingW
IsBadWritePtr
IsBadReadPtr
UnhandledExceptionFilter
MapViewOfFileEx
GetSystemDefaultLangID
CreateToolhelp32Snapshot
GetCommandLineW
lstrcpynW
VirtualAllocEx
WriteProcessMemory
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
DuplicateHandle
CreateEventW
InitializeCriticalSection
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
VirtualQuery
GlobalFree
GlobalAlloc
InterlockedDecrement
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
WaitForSingleObject
CloseHandle
WriteFile
InterlockedCompareExchange
SetLastError
InterlockedExchange
Sleep
GetLastError
LoadLibraryW
GetModuleFileNameW
GetCurrentProcess
GetCurrentThread
GetProcAddress
GetModuleHandleW
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
SetEvent
VirtualFree
VirtualAlloc
ReadFile
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
LoadLibraryExA
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetFileSize
CreateFileW
SearchPathW
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
PostMessageW
SetWindowLongW
EndPaint
GetFocus
DrawTextW
SetPropW
GetSysColor
InvalidateRect
GetPropW
GetWindowRect
OffsetRect
BeginPaint
FillRect
IsRectEmpty
IsWindow
GetWindowLongW
PostThreadMessageW
ShowWindow
SetWindowTextW
SetTimer
WaitMessage
FindWindowA
SetParent
CreateAcceleratorTableW
DestroyAcceleratorTable
GetDlgItem
IsChild
GetWindow
SetCapture
RedrawWindow
InvalidateRgn
ClientToScreen
MoveWindow
GetWindowTextLengthW
GetWindowTextW
SendMessageA
ExitWindowsEx
EnumWindows
GetSystemMetrics
GetForegroundWindow
GetKeyState
ReleaseCapture
CharNextW
GetAsyncKeyState
InflateRect
SetLayeredWindowAttributes
GetMonitorInfoW
MonitorFromRect
SendInput
EnableWindow
SystemParametersInfoW
GetDesktopWindow
GetParent
WindowFromPoint
LoadImageW
BringWindowToTop
ScreenToClient
PtInRect
SetFocus
AttachThreadInput
GetWindowThreadProcessId
EnumChildWindows
GetClassNameW
ReleaseDC
GetDC
RegisterWindowMessageW
SendMessageW
InSendMessage
TrackPopupMenuEx
SetForegroundWindow
GetCursorPos
AppendMenuW
CreatePopupMenu
LoadIconW
SendMessageTimeoutW
GetMessageW
UnhookWinEvent
SetWinEventHook
GetAncestor
SetWindowPos
GetClientRect
KillTimer
CreateWindowExW
LoadCursorW
GetClassInfoExW
IsIconic
CopyRect
RegisterClassExW
IsWindowVisible
DestroyWindow
DefWindowProcW
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
UnregisterClassW
CallWindowProcW
GetProcessWindowStation
GetUserObjectInformationW
gdi32
GetObjectW
CreateCompatibleBitmap
StretchBlt
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
CreateDIBSection
GetDeviceCaps
SetTextColor
SetBkMode
GetStockObject
CreateSolidBrush
DeleteObject
comdlg32
GetOpenFileNameW
advapi32
OpenSCManagerW
RegSetKeySecurity
RegGetKeySecurity
RegFlushKey
OpenServiceW
CloseServiceHandle
ControlService
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
DeleteService
RegOpenKeyExW
RegQueryValueExW
ConvertStringSidToSidW
IsValidSid
RegQueryValueExA
RegDeleteKeyW
RegNotifyChangeKeyValue
SetSecurityDescriptorSacl
RegEnumKeyExW
RegQueryInfoKeyW
GetLengthSid
InitializeAcl
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
ole32
CoTaskMemRealloc
CoTaskMemAlloc
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoTaskMemFree
CLSIDFromString
StringFromGUID2
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize
CoLoadLibrary
CoFreeLibrary
oleaut32
shlwapi
PathMakePrettyW
PathStripPathW
PathRenameExtensionW
StrCmpW
SHDeleteKeyW
SHSetValueW
SHGetValueW
PathRemoveFileSpecA
PathFileExistsA
PathAppendA
SHSetValueA
SHGetValueA
PathCombineW
StrCmpIW
PathAppendW
PathIsDirectoryW
PathRemoveFileSpecW
StrStrIW
PathAddBackslashW
PathMatchSpecW
PathFindFileNameW
PathFileExistsW
comctl32
InitCommonControlsEx
msimg32
AlphaBlend
msvcp140
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_BADOFF@std@@3_JB
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
psapi
GetModuleBaseNameW
EnumProcesses
GetProcessImageFileNameW
EnumProcessModules
GetModuleFileNameExW
GetProcessMemoryInfo
dbghelp
MakeSureDirectoryPathExists
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
pdh
PdhCloseQuery
PdhOpenQueryW
PdhAddCounterW
PdhCollectQueryData
PdhGetFormattedCounterValue
winhttp
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
setupapi
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
wininet
InternetSetCookieExW
vcruntime140
memcpy
__RTDynamicCast
_except_handler4_common
__CxxFrameHandler3
memmove
memset
memcmp
memchr
strchr
__std_exception_copy
__std_exception_destroy
wcschr
_purecall
__std_type_info_name
strstr
wcsrchr
wcsstr
_CxxThrowException
__std_terminate
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo
_errno
_initialize_onexit_table
_set_errno
_register_onexit_function
__p___wargv
__p___argc
_get_errno
_invalid_parameter_noinfo_noreturn
_beginthreadex
_cexit
terminate
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_controlfp_s
_get_wide_winmain_command_line
_initterm
_initterm_e
_exit
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
exit
api-ms-win-crt-string-l1-1-0
strncmp
wcslen
_strlwr_s
wcsnlen
wcscpy_s
wcsncmp
_wcsnicmp
wmemcpy_s
wcstok_s
tolower
strlen
wcsncpy_s
strpbrk
isdigit
iswdigit
towlower
wcscat_s
strncpy_s
_wcsicmp
strcpy_s
wcscmp
wcsncat_s
strcmp
_stricmp
strtok
towupper
toupper
isspace
api-ms-win-crt-heap-l1-1-0
_set_new_mode
_callnewh
free
malloc
calloc
_recalloc
realloc
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__acrt_iob_func
__stdio_common_vfwprintf
ungetc
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__p__commode
__stdio_common_vsscanf
fgetc
__stdio_common_vswprintf
_wfopen_s
fwrite
fgetpos
_fseeki64
setvbuf
fseek
ftell
fread
fflush
fputwc
ungetwc
fgetwc
__stdio_common_vsnprintf_s
__stdio_common_vswscanf
__stdio_common_vswprintf_s
__stdio_common_vsnwprintf_s
fputc
_get_stream_buffer_pointers
putchar
putwchar
fclose
fsetpos
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
_wsplitpath_s
_wrename
api-ms-win-crt-convert-l1-1-0
_strtoi64
atoi
_wtoi64
atol
_itow
_itow_s
wcstol
strtol
_wtoi
_wtof
_ultoa_s
_wtol
api-ms-win-crt-utility-l1-1-0
labs
_byteswap_ushort
srand
rand
_byteswap_ulong
abs
api-ms-win-crt-time-l1-1-0
_time64
_localtime64_s
wcsftime
api-ms-win-crt-multibyte-l1-1-0
_mbsspn
_mbscspn
_mbsstr
api-ms-win-crt-math-l1-1-0
_except1
_libm_sse2_sqrt_precise
__setusermatherr
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Exports
Exports
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 628KB - Virtual size: 628KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 280KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ShareDat Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 319KB - Virtual size: 319KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.l1 Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE