Static task
static1
Behavioral task
behavioral1
Sample
e0e5e548f0c32b1a081bca47dd88b35401409c9d7e3e691446d17b0802d6c178.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
e0e5e548f0c32b1a081bca47dd88b35401409c9d7e3e691446d17b0802d6c178.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
e0e5e548f0c32b1a081bca47dd88b35401409c9d7e3e691446d17b0802d6c178
-
Size
2.5MB
-
MD5
7a727a7b635ca67298e00ca8138aab6e
-
SHA1
d26362ca4a5db6c80616ef74f0474986a7d61091
-
SHA256
e0e5e548f0c32b1a081bca47dd88b35401409c9d7e3e691446d17b0802d6c178
-
SHA512
64e84532e84059e1c01c9a2bb3052e4ccb42b5334c67c68690a44430051175b724625f2363c47ed8eb9f1e294151b17d7ca80a261d3ca75b86dd983d5b3d62d4
-
SSDEEP
24576:BDUQ20qEO3/+yySjpKHDjvpttQHjU+4cx2hJwmlTwCZVHptGrchc2cccccpccccs:BDV20klMD6YojmlTwCZVHpaDpvH/+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e0e5e548f0c32b1a081bca47dd88b35401409c9d7e3e691446d17b0802d6c178
Files
-
e0e5e548f0c32b1a081bca47dd88b35401409c9d7e3e691446d17b0802d6c178.exe windows:6 windows x86
0e7694bedc0674c3352ed1845370529a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
IsWow64Process
VirtualFreeEx
MoveFileW
GetCommandLineW
WritePrivateProfileSectionW
FileTimeToLocalFileTime
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetPrivateProfileSectionW
QueryDosDeviceW
GetProcessTimes
QueryPerformanceFrequency
VerifyVersionInfoW
VerSetConditionMask
GetLogicalDriveStringsW
GetThreadPriority
K32EnumProcesses
CreateRemoteThread
QueryPerformanceCounter
GetThreadTimes
OpenThread
MapViewOfFileEx
GetTickCount64
GlobalGetAtomNameW
GlobalDeleteAtom
PulseEvent
lstrcmpiW
WinExec
GetPrivateProfileStructW
TerminateProcess
ResumeThread
GetLastError
LoadLibraryExA
VirtualFree
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
WaitForSingleObjectEx
SetCurrentDirectoryW
GlobalUnlock
GlobalLock
LocalAlloc
InitializeCriticalSectionAndSpinCount
CreateThread
Module32FirstW
CloseHandle
VirtualAllocEx
GlobalFree
GlobalAlloc
lstrlenW
SetThreadPriority
ReadProcessMemory
CreateProcessW
GetCurrentProcess
VirtualAlloc
GetCurrentThreadId
GetCurrentThread
FlushInstructionCache
VirtualQuery
SetLastError
WriteFile
SetFilePointer
UnmapViewOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
LoadLibraryA
GetProcAddress
GetModuleHandleW
FreeLibrary
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
LoadLibraryExW
ReadFile
CreateFileW
GetModuleFileNameW
SizeofResource
MultiByteToWideChar
LockResource
FindResourceExW
LoadResource
FindResourceW
WideCharToMultiByte
CreateDirectoryW
GetFileSizeEx
SetEndOfFile
CreateMutexW
WaitForSingleObject
ReleaseMutex
Sleep
DeleteFileW
GetLocalTime
GetCurrentProcessId
GetTickCount
FindFirstFileW
InitializeCriticalSection
FindClose
FileTimeToSystemTime
LoadLibraryW
GetFullPathNameW
GetSystemPowerStatus
LocalFree
GlobalMemoryStatusEx
WriteProcessMemory
FindNextFileW
RemoveDirectoryW
GetFileAttributesW
SystemTimeToFileTime
GetPrivateProfileIntW
GetPrivateProfileStringW
MoveFileExW
CopyFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
OpenEventW
FreeEnvironmentStringsW
GlobalAddAtomW
GetEnvironmentStringsW
K32GetModuleFileNameExW
EnterCriticalSection
LeaveCriticalSection
OpenFileMappingW
WaitNamedPipeW
OutputDebugStringW
OpenProcess
GetExitCodeProcess
OpenMutexW
WTSGetActiveConsoleSessionId
TerminateThread
FlushFileBuffers
SetFilePointerEx
ProcessIdToSessionId
GetWindowsDirectoryW
SetFileAttributesW
GetFileTime
GetTempPathW
GetDiskFreeSpaceExW
GetSystemDirectoryW
GetComputerNameA
lstrcpyW
FreeResource
GetExitCodeThread
ResetEvent
SetEvent
CreateEventW
WaitForMultipleObjects
WritePrivateProfileStringW
GetModuleHandleA
GetSystemInfo
GetVersionExW
OutputDebugStringA
K32GetProcessImageFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetSystemTime
ExpandEnvironmentStringsW
GetModuleFileNameA
user32
SetCursor
PtInRect
SetRect
InflateRect
UnionRect
CharLowerBuffW
IsRectEmpty
GetWindowTextLengthW
GetWindow
GetFocus
ScreenToClient
SetWindowTextW
GetDlgCtrlID
IsChild
MoveWindow
SetRectEmpty
GetClassNameW
SetCapture
GetDlgItem
LoadImageW
InvalidateRect
GetWindowThreadProcessId
LoadBitmapW
UnregisterClassW
DrawIconEx
DestroyIcon
CopyRect
DrawTextW
UnhookWindowsHookEx
SetWindowsHookExW
GetDesktopWindow
SetWindowRgn
OffsetRect
ClientToScreen
GetClientRect
UpdateLayeredWindow
ReleaseDC
GetDC
BringWindowToTop
UpdateWindow
wsprintfW
EqualRect
KillTimer
IntersectRect
IsDialogMessageW
GetNextDlgTabItem
GetCursorPos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
SetTimer
GetForegroundWindow
AttachThreadInput
SetForegroundWindow
IsWindowEnabled
EnableWindow
GetActiveWindow
SetActiveWindow
WindowFromPoint
ExitWindowsEx
IsIconic
GetLastInputInfo
CallNextHookEx
GetScrollPos
GetKeyState
IsClipboardFormatAvailable
GetClipboardOwner
GetWindowTextA
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetAncestor
EnumDisplayMonitors
UnregisterDeviceNotification
PostQuitMessage
FindWindowA
GetPropW
SetPropW
RemovePropW
FrameRect
SetFocus
LoadStringW
PostMessageW
GetMessageW
GetWindowRect
IsWindowVisible
ShowWindow
EndPaint
BeginPaint
GetParent
SendMessageW
SetWindowPos
FindWindowW
CharNextW
CharLowerW
SystemParametersInfoW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
DestroyWindow
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
RegisterWindowMessageW
FindWindowExW
DispatchMessageW
PeekMessageW
TranslateMessage
PostThreadMessageW
GetShellWindow
IsWindow
SendMessageTimeoutW
LoadIconW
GetSystemMetrics
ReleaseCapture
GetWindowTextW
gdi32
GetViewportOrgEx
GetClipRgn
CreateRectRgnIndirect
SaveDC
SelectClipRgn
GetTextExtentPoint32W
TextOutW
RestoreDC
RectInRegion
GetWorldTransform
SetWorldTransform
GetTextColor
CreateDCW
CreateSolidBrush
SetStretchBltMode
RoundRect
ExtTextOutW
SetBkColor
GetWindowOrgEx
MoveToEx
Rectangle
CreatePen
GetDIBits
SetTextColor
GetObjectW
CreateFontIndirectW
OffsetRgn
CombineRgn
CreateRectRgn
SetViewportOrgEx
GetStockObject
SetBkMode
CreateDIBSection
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
BitBlt
SelectObject
DeleteDC
DeleteObject
GetRgnBox
SetWindowOrgEx
CreateRoundRectRgn
SetGraphicsMode
ExtSelectClipRgn
CreateBitmap
GetTextMetricsW
CreatePolygonRgn
FillRgn
LineTo
GetCurrentObject
advapi32
RegSetValueExW
CloseEventLog
ReadEventLogW
OpenEventLogW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegQueryInfoKeyW
GetAclInformation
AddAce
InitializeAcl
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountNameW
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
GetUserNameW
GetTokenInformation
IsValidSid
GetLengthSid
ConvertSidToStringSidW
CopySid
ImpersonateLoggedOnUser
RevertToSelf
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
DeleteAce
GetAce
GetNamedSecurityInfoW
RegEnumKeyExW
RegDeleteKeyW
CloseServiceHandle
OpenSCManagerW
OpenProcessToken
CreateProcessAsUserW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
DuplicateTokenEx
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
shell32
SHAppBarMessage
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW
ord680
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHFileOperationW
ole32
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoCreateGuid
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
oleaut32
VarUI4FromStr
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysFreeString
VariantClear
msvcp140
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?readsome@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_JPA_W_J@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
_Thrd_id
_Thrd_join
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
shlwapi
PathStripPathW
PathRemoveFileSpecA
PathIsUNCW
StrToIntW
SHGetValueW
PathFindExtensionW
StrToIntA
PathRemoveBackslashW
PathAppendA
PathAddBackslashW
PathRemoveArgsW
AssocCreate
StrStrIA
StrStrIW
PathUnquoteSpacesW
PathIsDirectoryW
PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathQuoteSpacesW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
comctl32
_TrackMouseEvent
InitCommonControlsEx
DrawShadowText
msimg32
AlphaBlend
TransparentBlt
gdiplus
GdipCreateFromHDC
GdipBitmapLockBits
GdipGetImageHeight
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipCloneFontFamily
GdipBitmapUnlockBits
GdipGetImageWidth
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdiplusStartup
GdiplusShutdown
GdipGetImagePixelFormat
GdipMeasureString
GdipSetStringFormatAlign
GdipDrawImageRectI
GdipDeleteFont
GdipCreateFontFromLogfontW
GdipDeleteGraphics
GdipCreateFont
GdipGetImageGraphicsContext
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipDeleteBrush
GdipCreateBitmapFromScan0
GdipCloneBrush
GdipCreateSolidFill
GdipFillRectangleI
GdipResetWorldTransform
GdipDrawImageRectRectI
GdipCreateBitmapFromHBITMAP
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromFile
GdipDrawImageRectRect
GdipCreateLineBrushFromRectWithAngleI
GdipSetClipPath
GdipSetSmoothingMode
GdipAddPathRectangleI
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipCloneBitmapArea
GdipImageRotateFlip
GdipLoadImageFromStream
GdipFillRectangle
GdipDrawLinesI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGetFamily
GdipAddPathStringI
GdipGetFontSize
GdipGraphicsClear
GdipDrawImageI
GdipFillPath
GdipSetPenDashStyle
GdipDrawPath
GdipAddPathArcI
GdipDrawRectangleI
GdipDrawLine
GdipAlloc
GdipSetPenMode
GdipSetPenStartCap
GdipSetPenEndCap
GdipDeletePen
GdipDeleteFontFamily
GdipCreatePen1
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathPieI
GdipClosePathFigure
powrprof
PowerReadACValue
PowerGetActiveScheme
wtsapi32
WTSQueryUserToken
WTSEnumerateSessionsW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
dxgi
CreateDXGIFactory
wininet
HttpSendRequestW
HttpQueryInfoW
InternetCanonicalizeUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetCloseHandle
InternetReadFile
InternetCrackUrlW
userenv
DestroyEnvironmentBlock
UnloadUserProfile
CreateEnvironmentBlock
LoadUserProfileW
crypt32
CertFreeCertificateContext
CertCloseStore
CertGetCertificateContextProperty
CertVerifyTimeValidity
CertEnumCertificatesInStore
CertOpenStore
setupapi
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
imm32
ImmDisableIME
framework
XDllGetClassObject
vcruntime140
wcsrchr
memcmp
__std_type_info_compare
memchr
_purecall
wcschr
memset
_except_handler4_common
__CxxFrameHandler3
_CxxThrowException
__current_exception
wcsstr
__std_exception_copy
__std_exception_destroy
strchr
memmove
_except_handler3
__current_exception_context
__std_terminate
strstr
__RTDynamicCast
memcpy
api-ms-win-crt-string-l1-1-0
strcpy_s
iscntrl
strncat_s
ispunct
strcat_s
_wcsupr_s
wcsspn
wcscat_s
_stricmp
wcscspn
_wcsnicmp
isblank
isxdigit
tolower
isalpha
isupper
wcsncpy
isgraph
strncmp
toupper
isspace
isdigit
isprint
_wcsicmp
__isascii
isalnum
towupper
strnlen
strncpy_s
wcscmp
_wcslwr_s
iswspace
wcsncmp
wmemcpy_s
wcsnlen
wcsncat
strlen
wcscpy_s
_wcsdup
strcmp
wcspbrk
wcscat
wcsncpy_s
islower
iswdigit
wcslen
api-ms-win-crt-heap-l1-1-0
free
_recalloc
_callnewh
calloc
malloc
realloc
_set_new_mode
api-ms-win-crt-runtime-l1-1-0
_controlfp_s
_beginthreadex
_register_thread_local_exe_atexit_callback
_cexit
_crt_atexit
_set_app_type
_c_exit
_configure_wide_argv
_exit
_initialize_wide_environment
_register_onexit_function
terminate
_initialize_onexit_table
_resetstkoflw
_get_wide_winmain_command_line
_seh_filter_exe
_initterm
_initterm_e
exit
_invalid_parameter_noinfo
_errno
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-convert-l1-1-0
_strtoui64
_strtoi64
atol
_wtoi
_wtoi64
_wtol
_itow_s
atoi
atof
wcstol
_wcstoi64
wcstoul
_wcstoui64
_wtof
api-ms-win-crt-stdio-l1-1-0
_get_stream_buffer_pointers
ungetc
fgetpos
_fseeki64
fsetpos
setvbuf
fopen
__stdio_common_vswprintf_s
fflush
__stdio_common_vswprintf
__stdio_common_vfwprintf
fwrite
__stdio_common_vsprintf_s
__p__commode
_wfopen_s
fclose
fread
fputc
__stdio_common_vsscanf
fopen_s
__stdio_common_vsnprintf_s
fputws
__stdio_common_vswscanf
__stdio_common_vfprintf
fgetc
fseek
__acrt_iob_func
ferror
ftell
_wfopen
_set_fmode
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
api-ms-win-crt-time-l1-1-0
_mkgmtime64
strftime
_time64
_mktime64
_localtime64_s
_time32
api-ms-win-crt-math-l1-1-0
_finite
_dclass
pow
asin
sqrt
sin
cos
floor
fabs
_isnan
modf
__setusermatherr
ceil
api-ms-win-crt-utility-l1-1-0
rand
abs
srand
_abs64
labs
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
_wrename
_waccess
_mkdir
_waccess_s
api-ms-win-crt-multibyte-l1-1-0
_mbsrchr
_mbscspn
_mbsspn
_mbsinc
_mbschr
_mbsstr
_mbsicmp
_mbscmp
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
setlocale
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 697KB - Virtual size: 696KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 33KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 577KB - Virtual size: 577KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ