Static task
static1
Behavioral task
behavioral1
Sample
293b506acd18d839af69842a4db9aa457ed30d0b27918e50aaf7c311255a6580.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
293b506acd18d839af69842a4db9aa457ed30d0b27918e50aaf7c311255a6580.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
293b506acd18d839af69842a4db9aa457ed30d0b27918e50aaf7c311255a6580
-
Size
2.5MB
-
MD5
bcc126ee8fd94bb784f25a6b0b21d758
-
SHA1
5f7c72f92bc22f09c5797ced38361ebc695ee3b6
-
SHA256
293b506acd18d839af69842a4db9aa457ed30d0b27918e50aaf7c311255a6580
-
SHA512
95a06e3331183734d033bd21fe54b32319bb2480b396d2d4a2493621d8cdf3ef3b74545a7074ca074ec4641488f89bbb3f2b92e1b181ef6f53f3ca8df2fc29a5
-
SSDEEP
49152:m7mMznl9H2Yjbp0j12CGoTCPsiAw1DpvH/jTE:mqMznfH2gVKpGvPVh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 293b506acd18d839af69842a4db9aa457ed30d0b27918e50aaf7c311255a6580
Files
-
293b506acd18d839af69842a4db9aa457ed30d0b27918e50aaf7c311255a6580.exe windows:6 windows x86
e46b95c39de73c8a1bf364d2d86dea05
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetCurrentDirectoryW
IsWow64Process
VirtualFreeEx
MoveFileW
GetCommandLineW
WritePrivateProfileSectionW
FileTimeToLocalFileTime
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetPrivateProfileSectionW
QueryDosDeviceW
GetProcessTimes
QueryPerformanceFrequency
VerifyVersionInfoW
VerSetConditionMask
GetLogicalDriveStringsW
GetThreadPriority
GetFileAttributesExW
K32EnumProcesses
CreateRemoteThread
QueryPerformanceCounter
GetThreadTimes
OpenThread
MapViewOfFileEx
GetTickCount64
GlobalGetAtomNameW
GlobalDeleteAtom
PulseEvent
lstrcmpiW
WinExec
GetPrivateProfileStructW
TerminateProcess
ResumeThread
LoadLibraryExA
VirtualFree
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
WaitForSingleObjectEx
GlobalUnlock
GetLastError
CloseHandle
GlobalLock
LocalAlloc
InitializeCriticalSectionAndSpinCount
CreateThread
Module32FirstW
GlobalFree
GlobalAlloc
VirtualAllocEx
ReadProcessMemory
lstrlenW
SetThreadPriority
WTSGetActiveConsoleSessionId
TerminateThread
CreateProcessW
GetCurrentProcess
VirtualAlloc
GetCurrentThreadId
GetCurrentThread
FlushInstructionCache
VirtualQuery
SetLastError
WriteFile
SetFilePointer
UnmapViewOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
LoadLibraryA
GetProcAddress
GetModuleHandleW
FreeLibrary
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
LoadLibraryExW
ReadFile
CreateFileW
GetModuleFileNameW
SizeofResource
MultiByteToWideChar
LockResource
FindResourceExW
LoadResource
FindResourceW
WideCharToMultiByte
CreateDirectoryW
GetFileSizeEx
SetEndOfFile
CreateMutexW
WaitForSingleObject
ReleaseMutex
Sleep
DeleteFileW
GetLocalTime
GetCurrentProcessId
GetTickCount
FileTimeToSystemTime
LoadLibraryW
GetFullPathNameW
GetSystemPowerStatus
LocalFree
GlobalMemoryStatusEx
FindFirstFileW
WriteProcessMemory
FindNextFileW
RemoveDirectoryW
FindClose
GetFileAttributesW
SystemTimeToFileTime
GetPrivateProfileIntW
GetPrivateProfileStringW
MoveFileExW
CopyFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
OpenEventW
FreeEnvironmentStringsW
GlobalAddAtomW
GetEnvironmentStringsW
K32GetModuleFileNameExW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
OpenFileMappingW
WaitNamedPipeW
OutputDebugStringW
OpenProcess
GetExitCodeProcess
OpenMutexW
FlushFileBuffers
SetFilePointerEx
ProcessIdToSessionId
GetWindowsDirectoryW
SetFileAttributesW
GetFileTime
GetTempPathW
GetDiskFreeSpaceExW
GetSystemDirectoryW
GetComputerNameA
lstrcpyW
FreeResource
GetExitCodeThread
ResetEvent
SetEvent
CreateEventW
WaitForMultipleObjects
WritePrivateProfileStringW
GetModuleHandleA
GetSystemInfo
GetVersionExW
OutputDebugStringA
K32GetProcessImageFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemTime
ExpandEnvironmentStringsW
GetModuleFileNameA
user32
SetRectEmpty
SetCursor
PtInRect
SetRect
InflateRect
UnionRect
CharLowerBuffW
IsRectEmpty
GetWindowTextLengthW
GetWindow
GetFocus
LoadImageW
wsprintfW
SetWindowTextW
GetDlgCtrlID
IsChild
MoveWindow
SetFocus
GetClassNameW
DispatchMessageW
GetDlgItem
ReleaseCapture
InvalidateRect
GetWindowTextW
LoadBitmapW
LoadIconW
DrawIconEx
DestroyIcon
CopyRect
DrawTextW
UnhookWindowsHookEx
SetWindowsHookExW
GetDesktopWindow
SetWindowRgn
OffsetRect
ClientToScreen
GetClientRect
UpdateLayeredWindow
ReleaseDC
GetDC
BringWindowToTop
EqualRect
KillTimer
IntersectRect
IsDialogMessageW
GetNextDlgTabItem
GetCursorPos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
SetTimer
GetForegroundWindow
AttachThreadInput
SetForegroundWindow
IsWindowEnabled
EnableWindow
GetActiveWindow
SetActiveWindow
WindowFromPoint
ExitWindowsEx
IsIconic
GetLastInputInfo
CallNextHookEx
GetScrollPos
GetKeyState
IsClipboardFormatAvailable
GetClipboardOwner
GetWindowTextA
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetAncestor
EnumDisplayMonitors
UnregisterDeviceNotification
PostQuitMessage
FindWindowA
GetPropW
SetPropW
RemovePropW
FrameRect
GetWindowRect
FindWindowW
CharNextW
CharLowerW
SystemParametersInfoW
FindWindowExW
RegisterWindowMessageW
PostMessageW
LoadStringW
UnregisterClassW
SetWindowPos
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
DestroyWindow
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
UpdateWindow
IsWindowVisible
ShowWindow
EndPaint
BeginPaint
GetParent
SendMessageW
SendMessageTimeoutW
PeekMessageW
TranslateMessage
PostThreadMessageW
GetShellWindow
GetSystemMetrics
SetCapture
IsWindow
GetWindowThreadProcessId
ScreenToClient
GetMessageW
gdi32
GetViewportOrgEx
GetClipRgn
CreateRectRgnIndirect
SaveDC
SelectClipRgn
GetTextExtentPoint32W
TextOutW
RestoreDC
RectInRegion
GetWorldTransform
SetWorldTransform
GetTextColor
CreateDCW
CreateSolidBrush
SetStretchBltMode
RoundRect
ExtTextOutW
SetBkColor
GetWindowOrgEx
MoveToEx
Rectangle
CreatePen
GetDIBits
SetTextColor
GetObjectW
CreateFontIndirectW
OffsetRgn
CombineRgn
CreateRectRgn
SetViewportOrgEx
GetStockObject
SetBkMode
CreateDIBSection
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
BitBlt
SelectObject
DeleteDC
DeleteObject
GetRgnBox
SetWindowOrgEx
CreateRoundRectRgn
SetGraphicsMode
ExtSelectClipRgn
CreateBitmap
GetTextMetricsW
CreatePolygonRgn
FillRgn
LineTo
GetCurrentObject
advapi32
RegSetValueExW
CloseEventLog
ReadEventLogW
OpenEventLogW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegQueryInfoKeyW
GetAclInformation
AddAce
InitializeAcl
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountNameW
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
GetUserNameW
GetTokenInformation
IsValidSid
GetLengthSid
ConvertSidToStringSidW
CopySid
ImpersonateLoggedOnUser
RevertToSelf
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
DeleteAce
GetAce
GetNamedSecurityInfoW
RegEnumKeyExW
RegDeleteKeyW
CloseServiceHandle
OpenSCManagerW
OpenProcessToken
CreateProcessAsUserW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
DuplicateTokenEx
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
shell32
ShellExecuteW
SHGetKnownFolderPath
SHAppBarMessage
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW
ord680
SHFileOperationW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ole32
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoCreateGuid
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
oleaut32
VarUI4FromStr
VariantInit
VariantClear
SysStringLen
SystemTimeToVariantTime
SysFreeString
SysAllocString
VariantTimeToSystemTime
msvcp140
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?readsome@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_JPA_W_J@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
_Thrd_id
_Thrd_join
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
shlwapi
PathCombineW
PathQuoteSpacesW
PathStripPathW
PathRemoveFileSpecA
PathIsUNCW
StrToIntW
SHGetValueW
PathFindExtensionW
StrToIntA
PathRemoveBackslashW
PathAppendA
PathAddBackslashW
PathRemoveArgsW
AssocCreate
StrStrIA
StrStrIW
PathUnquoteSpacesW
PathIsDirectoryW
PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
powrprof
PowerReadACValue
PowerGetActiveScheme
wtsapi32
WTSFreeMemory
WTSEnumerateSessionsW
WTSQueryUserToken
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
dxgi
CreateDXGIFactory
comctl32
_TrackMouseEvent
InitCommonControlsEx
DrawShadowText
msimg32
AlphaBlend
TransparentBlt
gdiplus
GdipDeleteGraphics
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateFromHDC
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdiplusStartup
GdiplusShutdown
GdipGetImagePixelFormat
GdipCloneImage
GdipMeasureString
GdipSetStringFormatAlign
GdipDeleteFont
GdipDisposeImage
GdipAlloc
GdipCreateFontFromLogfontW
GdipCreateFont
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipDeleteFontFamily
GdipFree
GdipSetStringFormatFlags
GdipDeleteBrush
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipCloneBitmapArea
GdipImageRotateFlip
GdipLoadImageFromStream
GdipFillRectangle
GdipDrawLinesI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGetFamily
GdipAddPathStringI
GdipGetFontSize
GdipGraphicsClear
GdipDrawImageI
GdipFillPath
GdipSetPenDashStyle
GdipDrawPath
GdipAddPathArcI
GdipDrawRectangleI
GdipDrawLine
GdipSetPenMode
GdipSetPenStartCap
GdipSetPenEndCap
GdipDeletePen
GdipCreatePen1
GdipCreatePath
GdipDeletePath
GdipAddPathPieI
GdipAddPathRectangleI
GdipClosePathFigure
GdipSetSmoothingMode
GdipSetClipPath
GdipCreateLineBrushFromRectWithAngleI
GdipDrawImageRectRect
GdipCloneBrush
GdipLoadImageFromFile
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipCreateImageAttributes
GdipCreateBitmapFromScan0
GdipDisposeImageAttributes
GdipSetStringFormatLineAlign
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRectI
GdipResetWorldTransform
GdipCreateSolidFill
wininet
HttpSendRequestW
HttpQueryInfoW
InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
InternetReadFile
InternetCanonicalizeUrlW
userenv
CreateEnvironmentBlock
UnloadUserProfile
DestroyEnvironmentBlock
LoadUserProfileW
crypt32
CertFreeCertificateContext
CertCloseStore
CertGetCertificateContextProperty
CertVerifyTimeValidity
CertEnumCertificatesInStore
CertOpenStore
setupapi
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
imm32
ImmDisableIME
framework
XDllGetClassObject
vcruntime140
wcsstr
memcmp
wcsrchr
__std_type_info_compare
memchr
_purecall
strchr
__std_exception_copy
_except_handler4_common
__CxxFrameHandler3
_CxxThrowException
__current_exception
__current_exception_context
__std_terminate
__std_exception_destroy
__RTDynamicCast
wcschr
memmove
memset
strstr
memcpy
_except_handler3
api-ms-win-crt-string-l1-1-0
strcpy_s
wcsspn
strncat_s
wcscspn
strcat_s
_wcsupr_s
_wcsnicmp
wcscat_s
_stricmp
tolower
wcsncpy
_wcsicmp
strncpy_s
wcscmp
isalpha
_wcslwr_s
iswspace
wmemcpy_s
strncmp
wcsnlen
isspace
isdigit
wcscpy_s
wcslen
strcmp
isalnum
strlen
strnlen
wcsncat
__isascii
isprint
toupper
wcsncmp
isgraph
isupper
isxdigit
isblank
iscntrl
ispunct
towupper
wcspbrk
wcscat
wcsncpy_s
iswdigit
_wcsdup
islower
api-ms-win-crt-heap-l1-1-0
_recalloc
realloc
calloc
malloc
free
_set_new_mode
_callnewh
api-ms-win-crt-runtime-l1-1-0
exit
terminate
_crt_atexit
_initterm_e
_c_exit
_initterm
_exit
_resetstkoflw
_register_thread_local_exe_atexit_callback
_get_wide_winmain_command_line
_initialize_wide_environment
_initialize_onexit_table
_controlfp_s
_register_onexit_function
_configure_wide_argv
_set_app_type
_seh_filter_exe
_beginthreadex
_cexit
_invalid_parameter_noinfo
_errno
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-convert-l1-1-0
atol
_wtof
_strtoi64
_strtoui64
_wtoi
_wtoi64
_wtol
_itow_s
atoi
atof
wcstol
_wcstoi64
wcstoul
_wcstoui64
api-ms-win-crt-stdio-l1-1-0
fputc
__stdio_common_vsscanf
ungetc
__stdio_common_vsnwprintf_s
fopen_s
__stdio_common_vsnprintf_s
__stdio_common_vswprintf_s
__p__commode
__stdio_common_vfprintf
__stdio_common_vswprintf
fgetc
fseek
__acrt_iob_func
__stdio_common_vsprintf_s
_wfopen_s
fclose
fread
ferror
_set_fmode
fwrite
__stdio_common_vfwprintf
fputws
__stdio_common_vswscanf
ftell
_get_stream_buffer_pointers
_wfopen
fflush
fgetpos
_fseeki64
setvbuf
fsetpos
fopen
__stdio_common_vsprintf
api-ms-win-crt-time-l1-1-0
_mkgmtime64
_time32
_time64
_mktime64
_localtime64_s
api-ms-win-crt-math-l1-1-0
cos
sin
sqrt
_isnan
ceil
asin
modf
_dclass
fabs
pow
_finite
__setusermatherr
floor
api-ms-win-crt-utility-l1-1-0
_abs64
labs
abs
rand
srand
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
_mkdir
_wrename
_waccess_s
_waccess
api-ms-win-crt-multibyte-l1-1-0
_mbschr
_mbsspn
_mbsinc
_mbsicmp
_mbscmp
_mbsstr
_mbsrchr
_mbscspn
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
setlocale
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 700KB - Virtual size: 699KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 34KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 577KB - Virtual size: 577KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 73KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ