Static task
static1
Behavioral task
behavioral1
Sample
7ef8558a5254e43e1e66ea32affcaa15dc10ba60310d8e4381c6d44961650c36.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
7ef8558a5254e43e1e66ea32affcaa15dc10ba60310d8e4381c6d44961650c36.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
7ef8558a5254e43e1e66ea32affcaa15dc10ba60310d8e4381c6d44961650c36
-
Size
4.8MB
-
MD5
7707748e2d5e81e84db2f6dfee6b3619
-
SHA1
09ec7248c523b9614c9952a0b5f31e0124e75849
-
SHA256
7ef8558a5254e43e1e66ea32affcaa15dc10ba60310d8e4381c6d44961650c36
-
SHA512
0361e44b9467b85c11e95798ac41d1ea0f7deeb830e23b952aa0bba51563e1fd332a0d720a49774c199a7a92256c406d2dd95a1fb3c93f523cdb5d58dbc02b22
-
SSDEEP
98304:Etf5yAOnemkGGFgB6TM6FqUAnMV8VLcaVP:CYRnedPL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7ef8558a5254e43e1e66ea32affcaa15dc10ba60310d8e4381c6d44961650c36
Files
-
7ef8558a5254e43e1e66ea32affcaa15dc10ba60310d8e4381c6d44961650c36.exe windows:6 windows x86
3897ef8012e46038f99f1d396a7e7c36
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmGetConversionStatus
ImmGetCandidateListA
ImmGetDescriptionA
ImmAssociateContextEx
ImmGetCompositionStringA
ImmCreateContext
ImmGetContext
mindpower3d_d8r
?EnableAlpha@MPRender@@QAEXH@Z
?GetHelperObject@MPSceneObject@MindPower@@QAEPAVlwIHelperObject@2@XZ
?CleanVectPartArr@CMPResManger@@QAE_NXZ
?Load@MPMap@@QAEHPBDH@Z
??1MPMap@@QAE@XZ
??0MPMap@@QAE@XZ
?_Instance@MPTerrainSet@@1PAV1@A
?lwRegisterOutputResetDeviceProc@MindPower@@YAJP6AJXZ@Z
?lwRegisterOutputLoseDeviceProc@MindPower@@YAJP6AJXZ@Z
?SetTextureLOD@MPCharacter@MindPower@@QAEXK@Z
?ShowHelperObject@MPCharacter@MindPower@@QAEXH@Z
?HitTestPrimitive@MPCharacter@MindPower@@QAEJPAUlwPickInfo@2@PBUD3DXVECTOR3@@1@Z
?SetTextureLOD@MPSceneItem@MindPower@@QAEXK@Z
?HitTestPrimitive@MPSceneItem@MindPower@@QAEJPAUlwPickInfo@2@PBUD3DXVECTOR3@@1@Z
?SetTextureLOD@MPSceneObject@MindPower@@QAEXK@Z
?ShowHelperMesh@MPSceneObject@MindPower@@QAEXH@Z
?GetPrimitive@MPSceneObject@MindPower@@QAEPAVlwIPrimitive@2@K@Z
?HitTestPrimitive@MPSceneObject@MindPower@@QAEJPAUlwPickInfo@2@PBUD3DXVECTOR3@@1@Z
??1MPSceneObject@MindPower@@UAE@XZ
?GetTileHeight@MPMap@@QAEMHH@Z
?Destroy@MPSceneItem@MindPower@@QAEXXZ
?GetPrimitiveNum@MPSceneObject@MindPower@@QBEKXZ
?Destroy@MPSceneObject@MindPower@@QAEXXZ
?FrameMove@MPMap@@QAEXK@Z
?DynamicLoading@MPMap@@QAEXK@Z
?ClearPrint@MPRender@@QAEXH@Z
?lwPrimitiveTexLit@MindPower@@YAJPAVlwIPrimitive@1@PBD1KK@Z
?GetPrimitive@MPSceneItem@MindPower@@QAEPAVlwIPrimitive@2@XZ
?GetOpacity@MPSceneItem@MindPower@@QAEMXZ
?setBlock@MPTile@@QAEXEH@Z
?lwPrimitiveGetObjHeight@MindPower@@YAJPAVlwIPrimitive@1@PAM@Z
?GetLightID@CMagicCtrl@@QAEHXZ
?lwVec3Mat44Mul@MindPower@@YAPAUD3DXVECTOR3@@PAU2@PBUD3DXMATRIX@@@Z
?Render@MPSceneObject@MindPower@@QAEXXZ
?FrameMove@MPSceneObject@MindPower@@QAEXXZ
?Load@MPSceneObject@MindPower@@QAEJPBDK@Z
??0MPSceneObject@MindPower@@QAE@XZ
?RenderSea@MPMap@@QAEXXZ
?Render@MPMap@@QAEXXZ
?AddLine@MPRender@@QAEXAAUD3DXVECTOR3@@0K@Z
?GetTransparentFlag@MPSceneObject@MindPower@@QBEKXZ
?Render@CMPResManger@@QAEXXZ
?LightEnable@MPRender@@QAEXKK@Z
?GetLightEnable@MPRender@@QAEXKPAH@Z
?GetLight@MPRender@@QAEXKPAU_D3DLIGHT8@@@Z
?SetLight@MPRender@@QAEXKPAU_D3DLIGHT8@@@Z
?lwLoadTex@MindPower@@YAJPAPAVlwITex@1@PAVlwIResourceMgr@1@PBD2W4_D3DFORMAT@@@Z
?lwLoadTex@MindPower@@YAJPAPAVlwITex@1@PAVlwIResourceMgr@1@PBUlwTexInfo@1@@Z
?Instance@UIClip@ui@@SAPAV12@XZ
?ClearCacheInArr@CMPFont@@SAXE@Z
?SetClipRect@UIClip@ui@@QAEXHHHH@Z
??1MPCamera@@QAE@XZ
?getObjHeight@MPTile@@QAEME@Z
?setObjHeight@MPTile@@QAEXEM@Z
?setRegion@MPTile@@QAEXHH@Z
??0MPCamera@@QAE@XZ
?LookAt@MPRender@@QAEXUD3DXVECTOR3@@0K@Z
?SetCurrentView@MPRender@@QAEXHH@Z
?ResMgr@@3VCMPResManger@@A
?g_Render@@3VMPRender@@A
?SetShowSize@MPMap@@QAEXHH@Z
?HitTestHelperMesh@MPSceneObject@MindPower@@QAEJPAUlwPickInfo@2@PBUD3DXVECTOR3@@1PBD@Z
?ShowBoundingObject@MPSceneObject@MindPower@@QAEXH@Z
?g_nTemp@@3HA
?Offset@MPTile@@2PAY01HA
?AddTexLayer@MPTile@@QAEXEE@Z
?SetSectionTileData@MPMap@@QAEXHHE@Z
?GetPickPosEditor@MPMap@@QAEHHHAAUD3DXVECTOR3@@@Z
?GetPickPos@MPMap@@QAEHHHAAUD3DXVECTOR3@@@Z
?Init@MPGameApp@@QAEHPAUHINSTANCE__@@PBDHHHH@Z
?lwQuaternionRotationAxis@MindPower@@YAPAUD3DXQUATERNION@@PAU2@PBUD3DXVECTOR3@@M@Z
?lwGUIDCreateObject@MindPower@@YAJPAPAX_J@Z
?setFontEffectCom@CMPPartCtrl@@QAEXAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@HPAVCMPResManger@@PAUD3DXVECTOR3@@HUD3DXCOLOR@@_N4@Z
?RestoreEffect@CMPResManger@@QAEXXZ
?SetTransformView@MPRender@@QAEXPBUD3DXMATRIX@@@Z
?RenderAllLines@MPRender@@QAEXXZ
?SetAlpha@CMPPartCtrl@@QAEXM@Z
?SetDirectLightDir@MPRender@@QAEXMMM@Z
?SetDirectLightColor@MPRender@@QAEXMMMM@Z
?GetLGConfig@MPGameApp@@QAEPAULGInfo@@XZ
?AddText@MPConsole@@QAEXPBD@Z
?OnCharEvent@MPConsole@@QAEHDK@Z
?OnKeyDownEvent@MPConsole@@QAEHH@Z
?Show@MPConsole@@QAEXH@Z
?_Instance@CEff_ParamSet@@1PAV1@A
?ToggleFullScreen@MPRender@@QAEHHHW4_D3DFORMAT@@H@Z
?MoveForward@MPCamera@@QAEXMH@Z
?MoveRight@MPCamera@@QAEXMH@Z
?Turn@MPCamera@@QAEXMPAUD3DXVECTOR3@@@Z
??0MPResourceSet@@QAE@HH@Z
?SetTransformProj@MPRender@@QAEXPBUD3DXMATRIX@@@Z
??0MPTerrainSet@@QAE@HH@Z
??0CEff_ParamSet@@QAE@HH@Z
??0CGroup_ParamSet@@QAE@HH@Z
?FrameMove@MPGameApp@@QAEXK@Z
?Render@MPGameApp@@QAEXXZ
?SetCaption@MPGameApp@@QAEXPBD@Z
?SetInputActive@MPGameApp@@QAEX_N@Z
?LG_Config@MPGameApp@@UAEXABULGInfo@@@Z
?CaptureScreen@MPRender@@QAEXPAD@Z
?HandleKeyUp@MPGameApp@@UAEXXZ
??0MPGameApp@@QAE@XZ
??1MPGameApp@@QAE@XZ
?End@MPGameApp@@UAEXXZ
?LoadTerrainSet@MPGameApp@@QAEHPBDH@Z
?UnloadTerrainSet@MPGameApp@@QAEHXZ
?LoadResourceSet@MPGameApp@@QAEHPBDHH@Z
?UnloadResourceSet@MPGameApp@@QAEHXZ
?LoadResource@MPGameApp@@QAEHXZ
?LoadRes2@MPGameApp@@QAEHXZ
?LoadRes3@MPGameApp@@QAEHXZ
??0CMPFont@@QAE@XZ
??1CMPFont@@QAE@XZ
?CreateFontA@CMPFont@@QAE_NPAVMPRender@@PADHHK@Z
?BindingRes@CMPFont@@QAEXPAVCMPResManger@@@Z
?ReleaseFont@CMPFont@@QAEXXZ
?FrameMove@CMPResManger@@QAEXK@Z
?Print@MPRender@@QAAXHHHPBDZZ
?IsAltPress@MPGameApp@@QAEHXZ
?GetHeight@MPMap@@QAEMMM@Z
?WorldToScreen@MPRender@@QAEHMMMPAH0@Z
?Play@CMPShadeCtrl@@QAEXH@Z
?End@CMPPartCtrl@@QAEXXZ
?MoveTo@CMPPartCtrl@@QAEXPAUD3DXVECTOR3@@PAVMPMap@@@Z
?BindingBone@CMPPartCtrl@@QAEXPAUD3DXMATRIX@@@Z
?setYaw@CMPPartCtrl@@QAEXM@Z
?setPitch@CMPPartCtrl@@QAEXM@Z
?setRoll@CMPPartCtrl@@QAEXM@Z
?setScale@CMPPartCtrl@@QAEXMMM@Z
?setFontEffect@CMPPartCtrl@@QAEXPADPAVCMPFont@@@Z
?IsPlay@CMPModelEff@@QAE_NXZ
?Scaling@CMPModelEff@@QAEXMMM@Z
?MoveTo@CMPModelEff@@QAEXMMM@Z
?SetAlpha@CMPModelEff@@QAEXM@Z
?IsPointVisible@MPMap@@QAEHMM@Z
?Reset@CMPEffectCtrl@@QAEXXZ
?Clear@CMPEffectCtrl@@QAEXXZ
?CopyPartCtrl@CMPEffectCtrl@@QAEXPAVCMPPartCtrl@@@Z
?BindingRes@CMPEffectCtrl@@QAEXPAVCMPResManger@@@Z
?SetItemDummy@CMPEffectCtrl@@QAEXPAVMPSceneItem@MindPower@@HH@Z
?setUseZBuff@CMPEffectCtrl@@QAEX_N@Z
?setDir@CMPEffectCtrl@@QAEXPAUD3DXVECTOR3@@@Z
?Stop@CMagicCtrl@@QAEXXZ
?GetModelEff@CMagicCtrl@@QAEPAVCMPModelEff@@H@Z
?GetPartCtrlID@CMPResManger@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetPartCtrlByID@CMPResManger@@QAEPAVCMPPartCtrl@@H@Z
?_Instance@CGroup_ParamSet@@1PAV1@A
?SetStripCharacter@CMPPartCtrl@@QAEXPAVMPCharacter@MindPower@@@Z
?SetStripItem@CMPPartCtrl@@QAEXPAVMPSceneItem@MindPower@@_N@Z
?SetPlayType@CMPPartCtrl@@QAEXH@Z
?Play@CMPPartCtrl@@QAEXH@Z
?IsPlaying@CMPPartCtrl@@QAE_NXZ
??0CMagicCtrl@@QAE@XZ
??1CMagicCtrl@@QAE@XZ
?Create@CMagicCtrl@@QAE_NHPAVCMPResManger@@@Z
?MoveTo@CMagicCtrl@@QAEXPAUD3DXVECTOR3@@@Z
?FrameMove@CMagicCtrl@@QAEXK@Z
?Render@CMagicCtrl@@QAEXXZ
?Emission@CMagicCtrl@@QAEXPAUD3DXVECTOR3@@0@Z
?Reset@CMagicCtrl@@QAEXXZ
?ResetDir@CMagicCtrl@@QAEXPAUD3DXVECTOR3@@@Z
??0CMPShadeCtrl@@QAE@XZ
??1CMPShadeCtrl@@QAE@XZ
?Create@CMPShadeCtrl@@QAE_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVCMPResManger@@M_NHH@Z
?MoveTo@CMPShadeCtrl@@QAEXUD3DXVECTOR3@@PAVMPMap@@M@Z
?FrameMove@CMPShadeCtrl@@QAEXK@Z
?Render@CMPShadeCtrl@@QAEXXZ
??0CMPEffectCtrl@@QAE@XZ
??1CMPEffectCtrl@@QAE@XZ
?FrameMove@CMPEffectCtrl@@QAEXK@Z
?Render@CMPEffectCtrl@@QAEXXZ
?BindingBone@CMPEffectCtrl@@QAEXPAUD3DXMATRIX@@@Z
?SetTransformWorld@MPRender@@QAEXPBUD3DXMATRIX@@@Z
?SetVertexShader@MPRender@@QAEXK@Z
?SetStreamSource@MPRender@@QAEJIPAUIDirect3DVertexBuffer8@@II@Z
?SetIndices@MPRender@@QAEJPAUIDirect3DIndexBuffer8@@I@Z
?DrawIndexedPrimitive@MPRender@@QAEJW4_D3DPRIMITIVETYPE@@HIIII@Z
?SetTexture@MPRender@@QAEXHPAUIDirect3DTexture8@@@Z
?Draw3DText@CMPFont@@QAE_NPADAAUD3DXVECTOR3@@UD3DXCOLOR@@M@Z
?PlayDefaultPose@lwINodeObjectA@MindPower@@SAJPAVlwINodeObject@2@@Z
?setFrameTime@CMPShadeCtrl@@QAEXM@Z
?setTexFrameTime@CMPShadeCtrl@@QAEXM@Z
?SetAlphaType@CMPShadeCtrl@@QAEXW4_D3DBLEND@@0@Z
?_Instance@MPTexSet@@1PAV1@A
?GetInvViewMatrix@MPRender@@QAEXPAUD3DXMATRIX@@@Z
?SetTextureStageState@MPRender@@QAEXHW4_D3DTEXTURESTAGESTATETYPE@@H@Z
?SetRenderState@MPRender@@QAEXW4_D3DRENDERSTATETYPE@@H@Z
?SetRenderStateForced@MPRender@@QAEXW4_D3DRENDERSTATETYPE@@H@Z
?SetTextureStageStateForced@MPRender@@QAEXHW4_D3DTEXTURESTAGESTATETYPE@@H@Z
?GetRenderState@MPRender@@QAEXW4_D3DRENDERSTATETYPE@@PAK@Z
??0MPSceneItem@MindPower@@QAE@XZ
??1MPSceneItem@MindPower@@UAE@XZ
?Load@MPSceneItem@MindPower@@QAEJPBDH@Z
?FrameMove@MPSceneItem@MindPower@@QAEXXZ
?Render@MPSceneItem@MindPower@@QAEXXZ
?PlayObjImpPose@MPSceneItem@MindPower@@QAEJKKKMM@Z
??0MPCharacter@MindPower@@QAE@XZ
?StartLoad@MPCharacter@MindPower@@QAEXXZ
?EndLoad@MPCharacter@MindPower@@QAEXXZ
?LoadPart@MPCharacter@MindPower@@QAEJKPBD@Z
?DestroyPart@MPCharacter@MindPower@@QAEJK@Z
?PlayPose@MPCharacter@MindPower@@QAEJKKMMKK@Z
?PlayPose@MPCharacter@MindPower@@QAEJPBUlwPlayPoseInfo@2@@Z
?GetTextSize@CMPFont@@QAEPAUtagSIZE@@PADPAU2@M@Z
?SetPoseKeyFrameProc@MPCharacter@MindPower@@QAEJP6AXKKKKPAX@Z0@Z
?PlayDefaultAnimation@MPSceneItem@MindPower@@QAEJMK@Z
?PlayDefaultAnimation@MPSceneObject@MindPower@@QAEJMK@Z
?SetObjImpPoseKeyFrameProc@MPCharacter@MindPower@@QAEJKKP6AXKKKKPAX@Z0@Z
?PlayObjImpPose@MPCharacter@MindPower@@QAEJKKKKMM@Z
?PlayObjImpPose@MPCharacter@MindPower@@QAEJKKPBUlwPlayPoseInfo@2@@Z
?GetPlayPoseInfo@MPCharacter@MindPower@@QAEPAUlwPlayPoseInfo@2@XZ
?GetObjImpPlayPoseInfo@MPCharacter@MindPower@@QAEPAUlwPlayPoseInfo@2@KK@Z
?GetPoseCtrl@MPCharacter@MindPower@@QAEPAVlwIPoseCtrl@2@XZ
?GetObjImpPoseCtrl@MPCharacter@MindPower@@QAEPAVlwIPoseCtrl@2@KK@Z
?FrameMove@MPCharacter@MindPower@@QAEXXZ
?Render@MPCharacter@MindPower@@QAEXXZ
?Destroy@MPCharacter@MindPower@@QAEXXZ
?AttachItem@MPCharacter@MindPower@@QAEJPBUMPItemLinkInfo@2@@Z
?SetMaterial@MPCharacter@MindPower@@QAEXPBU_D3DMATERIAL8@@@Z
?lwUpdateSceneTransparentObject@MindPower@@YAXXZ
?lwPrimitiveTexLitA@MindPower@@YAJPAVlwIPrimitive@1@PBD11K@Z
?lwPrimitiveSetVertexShader@MindPower@@YAJPAVlwIPrimitive@1@K@Z
?GetPickRayVector@MPRender@@QAEXHHPAUD3DXVECTOR3@@0@Z
?EnableZBuffer@MPRender@@QAEXH@Z
?GetTile@MPMap@@QAEPAUMPTile@@HH@Z
?SetSkillCtrl@CMPEffectCtrl@@QAEXPAUSkillCtrl@@@Z
?SetSkillCtrl@CMagicCtrl@@QAEXPAUSkillCtrl@@@Z
?GetObjDummyRunTimeMatrix@MPSceneItem@MindPower@@QAEJPAUD3DXMATRIX@@K@Z
??1MPCharacter@MindPower@@UAE@XZ
?LoadBone@MPCharacter@MindPower@@QAEJPBD@Z
?GetObjDummyRunTimeMatrix@MPCharacter@MindPower@@QAEJPAUD3DXMATRIX@@K@Z
?GetObjDummyRunTimeMatrix@MPCharacter@MindPower@@QAEJPAUD3DXMATRIX@@KK@Z
?SetOpacity@MPCharacter@MindPower@@QAEXM@Z
?GetOpacity@MPCharacter@MindPower@@QAEMXZ
?SetPos@lwMatrixCtrl@MindPower@@QAEXPAM@Z
?SetYaw@lwMatrixCtrl@MindPower@@QAEXM@Z
?SetPitch@lwMatrixCtrl@MindPower@@QAEXM@Z
?SetRoll@lwMatrixCtrl@MindPower@@QAEXM@Z
?SetScale@lwMatrixCtrl@MindPower@@QAEXABUD3DXVECTOR3@@@Z
?UpdateYawPitchRoll@lwMatrixCtrl@MindPower@@QAEXXZ
?setColor@CMPShadeCtrl@@QAEXUD3DXCOLOR@@@Z
?DrawTextA@CMPFont@@QAE_NPADHHUD3DXCOLOR@@MPAK@Z
?DrawTextShadow@CMPFont@@QAE_NPADHHHHUD3DXCOLOR@@1@Z
?SetOpacity@MPSceneItem@MindPower@@QAEXM@Z
calua
CLU_RegisterFunction
CLU_DllFree
CLU_CallScriptFunction
CLU_LoadState
CLU_Init
CLU_LoadScript
ws2_32
setsockopt
WSAGetLastError
closesocket
htons
recvfrom
inet_ntoa
ntohs
socket
inet_addr
WSAStartup
WSACleanup
getservbyname
getservbyport
gethostbyaddr
__WSAFDIsSet
connect
ioctlsocket
select
shutdown
gethostbyname
htonl
ntohl
getsockname
getsockopt
send
recv
WSASetLastError
pai
ipPAI_Init
ipPAI_Login
ipPAI_Passport
ipPAI_Reply
sdl
SDL_Init
SDL_RWFromFile
SDL_Quit
sdl_mixer
Mix_HaltMusic
Mix_Paused
Mix_PlayMusic
Mix_OpenAudio
Mix_CloseAudio
Mix_FreeMusic
Mix_VolumeMusic
Mix_FadeOutMusic
Mix_RewindMusic
Mix_Volume
Mix_FadeOutChannel
Mix_VolumeChunk
Mix_PauseMusic
Mix_Pause
Mix_ResumeMusic
Mix_Playing
Mix_PausedMusic
Mix_PlayChannelTimed
Mix_FadeInMusic
Mix_HaltChannel
Mix_PlayingMusic
Mix_FreeChunk
Mix_LoadMUS
Mix_FadeInChannelTimed
Mix_Resume
Mix_LoadWAV_RW
kernel32
AreFileApisANSI
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
GetTempPathW
SetFileAttributesW
GetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
CreateDirectoryW
LocalFree
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
FindNextFileW
FindFirstFileW
LoadLibraryW
WakeAllConditionVariable
SleepConditionVariableSRW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
RaiseException
LoadLibraryExW
ExitProcess
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDriveTypeW
PeekNamedPipe
SetConsoleCtrlHandler
GetFullPathNameW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetUnhandledExceptionFilter
IsBadReadPtr
FreeLibrary
ReadProcessMemory
lstrcpynA
IsBadCodePtr
SetLastError
IsBadWritePtr
GetModuleFileNameA
HeapAlloc
GetStdHandle
MoveFileA
GetLocalTime
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
SetThreadPriority
HeapFree
CreateFileW
GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
LoadLibraryA
WriteFile
ReadFile
GetProcessHeap
GetVersionExA
IsProcessorFeaturePresent
WideCharToMultiByte
InitializeCriticalSection
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
ResumeThread
SuspendThread
InterlockedIncrement
FindClose
FindNextFileA
FindFirstFileA
GetSystemDirectoryA
GetVolumeInformationA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
CreateThread
UnmapViewOfFile
CreatePipe
OutputDebugStringA
SetFileAttributesA
DeleteFileA
GetCurrentProcessId
TerminateThread
CreateToolhelp32Snapshot
Module32First
Module32Next
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
WinExec
CloseHandle
GetCurrentThread
CreateFileA
GetProcessAffinityMask
GetCurrentProcess
SetThreadAffinityMask
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
lstrlenA
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA
GetTickCount
Sleep
RemoveDirectoryW
DeleteFileW
MoveFileExW
GetModuleFileNameW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
HeapReAlloc
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
CreateProcessW
HeapSize
SetEndOfFile
WriteConsoleW
GetACP
VirtualFree
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetFileType
GetModuleHandleW
FormatMessageA
GetModuleHandleExW
GetSystemTimeAsFileTime
FlushInstructionCache
GetEnvironmentVariableW
user32
GetProcessWindowStation
GetUserObjectInformationW
LoadCursorFromFileA
GetCaretBlinkTime
MessageBoxW
SetClassLongA
ScreenToClient
SetRect
GetCursorPos
LoadStringA
SetWindowLongA
CallWindowProcA
LoadAcceleratorsA
MoveWindow
DefWindowProcA
CreateWindowExA
LoadIconA
RegisterClassExA
GetWindowRect
IsWindowVisible
GetWindowTextA
SetWindowTextA
GetClientRect
GetMessageA
LoadImageA
DestroyWindow
SetWindowPos
PostMessageA
ShowWindow
CreateDialogParamA
GetDlgItem
PostQuitMessage
GetDesktopWindow
GetKeyState
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
DispatchMessageA
GetSystemMetrics
GetAsyncKeyState
TranslateMessage
SendMessageA
PeekMessageA
GetFocus
SetFocus
MessageBoxA
SetCursor
gdi32
DeleteObject
CreateSolidBrush
AddFontResourceA
GetObjectA
comdlg32
ChooseColorA
advapi32
CryptReleaseContext
RegOpenKeyA
RegQueryValueExA
RegCloseKey
CryptGetProvParam
CryptGetUserKey
CryptExportKey
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptSetHashParam
CryptDestroyKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
shell32
ShellExecuteExA
ShellExecuteA
ole32
CoUninitialize
CoInitialize
oleaut32
SysAllocString
VariantClear
SysFreeString
winmm
timeGetTime
iphlpapi
GetAdaptersInfo
dbghelp
StackWalk
SymSetOptions
SymInitialize
SymGetModuleBase
SymFunctionTableAccess
SymGetSymFromAddr
SymGetOptions
SymGetLineFromAddr
SymCleanup
SymLoadModule
bcrypt
BCryptGenRandom
crypt32
CertOpenStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
Sections
.text Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 855KB - Virtual size: 855KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 82KB - Virtual size: 411KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 203KB - Virtual size: 202KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ