Static task
static1
Behavioral task
behavioral1
Sample
38e3ea0665b94d8f17fe2f0da2ee74f1f7b9c2d5547e4cee36d7dce34cb8e553.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
38e3ea0665b94d8f17fe2f0da2ee74f1f7b9c2d5547e4cee36d7dce34cb8e553.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
38e3ea0665b94d8f17fe2f0da2ee74f1f7b9c2d5547e4cee36d7dce34cb8e553
-
Size
3.3MB
-
MD5
3e1119e9d1ce61ab5b9aeb26c9a92b16
-
SHA1
4b6f4b715a5c7698392d2cc013a00e550aa3126d
-
SHA256
38e3ea0665b94d8f17fe2f0da2ee74f1f7b9c2d5547e4cee36d7dce34cb8e553
-
SHA512
7f7b2034654fcc2d0f9030d76c0b05f7400ebc2add2fcda80cf89d3fa14f0dfe8e70b345de6a988cdaa027501d72fb2c72be49e6fbf8afdc41cb735b94ae7e9f
-
SSDEEP
49152:r7OC39IV7LPgFNK202y3++qTBQuYuSwIbFLOAkGy3zdnErPSCTomFDS+BHEuSlVT:r7fIV7TAz/SFLOAkGkzdnEVomFHKnP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 38e3ea0665b94d8f17fe2f0da2ee74f1f7b9c2d5547e4cee36d7dce34cb8e553
Files
-
38e3ea0665b94d8f17fe2f0da2ee74f1f7b9c2d5547e4cee36d7dce34cb8e553.exe windows:6 windows x86
2f4df9228515da2afc5958370a22e22d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
iphlpapi
IcmpCloseHandle
IcmpCreateFile
GetBestInterfaceEx
GetBestRoute2
IcmpSendEcho
GetAdaptersInfo
CreateIpForwardEntry
ConvertInterfaceIndexToLuid
IpReleaseAddress
AddIPAddress
FlushIpNetTable
GetAdapterIndex
GetPerAdapterInfo
IpRenewAddress
GetInterfaceInfo
DeleteIPAddress
GetIpForwardTable
SetIpInterfaceEntry
InitializeIpInterfaceEntry
GetIpInterfaceEntry
DeleteIpForwardEntry
ws2_32
WSAEventSelect
WSAStartup
WSACleanup
getnameinfo
WSAGetOverlappedResult
ntohs
WSARecvFrom
getsockopt
WSAEnumNetworkEvents
inet_pton
WSASendTo
WSASetLastError
WSASend
bind
accept
WSAWaitForMultipleEvents
getservbyname
inet_ntoa
ntohl
listen
WSARecv
getsockname
__WSAFDIsSet
WSAIoctl
htons
closesocket
connect
freeaddrinfo
inet_ntop
getaddrinfo
setsockopt
inet_addr
ioctlsocket
WSAGetLastError
socket
send
select
recv
htonl
getpeername
lzo2
lzo1x_1_15_compress
__lzo_init_v2
lzo1x_decompress_safe
lzo_version_string
fwpuclnt
FwpmFilterAdd0
FwpmEngineClose0
FwpmSubLayerGetByKey0
FwpmGetAppIdFromFileName0
FwpmFreeMemory0
FwpmEngineOpen0
FwpmSubLayerAdd0
libcrypto-1_1
ERR_put_error
DSA_bits
DH_size
X509_OBJECT_get_type
CRYPTO_get_ex_new_index
OPENSSL_sk_new
EVP_CIPHER_flags
RSA_set0_key
X509_INFO_free
BIO_new_mem_buf
X509_free
ERR_clear_error
PEM_read_bio_DHparams
RSA_get_method
DES_set_odd_parity
EVP_MD_size
HMAC_Final
EVP_CIPHER_CTX_iv_length
OBJ_nid2sn
EVP_CipherUpdate
EVP_get_cipherbyname
ENGINE_ctrl_cmd_string
ENGINE_free
EVP_CIPHER_CTX_new
RSA_meth_set_priv_dec
EVP_CIPHER_CTX_key_length
X509_NAME_entry_count
RSA_bits
BN_bn2dec
OBJ_txt2nid
ASN1_BIT_STRING_free
X509_STORE_CTX_get_ex_data
X509_STORE_CTX_get_current_cert
X509_check_purpose
X509_get_ext_d2i
X509_get_serialNumber
X509_NAME_print_ex
X509_NAME_ENTRY_get_object
EVP_sha1
OpenSSL_version
X509_verify_cert_error_string
X509_STORE_CTX_get_error_depth
OBJ_obj2txt
X509_NAME_ENTRY_get_data
PEM_write_X509
X509_STORE_CTX_get_error
BN_free
HMAC_Update
EVP_PKEY_meth_find
EVP_PKEY_meth_add0
ERR_load_strings
RSA_meth_get0_app_data
X509_new
X509_dup
DSA_meth_set_sign
DSA_meth_set1_name
DSA_meth_dup
DSA_meth_free
DSA_get_ex_data
DSA_set_ex_data
DSA_free
DSA_set_method
DSA_get_default_method
DSA_SIG_set0
DSA_SIG_free
DSA_SIG_new
RSA_meth_set_flags
RSA_meth_set1_name
RSA_meth_dup
RSA_get_ex_data
RSA_set_ex_data
RSA_get_default_method
EVP_PKEY_get1_DSA
EVP_PKEY_get1_RSA
BN_bin2bn
d2i_PKCS12_fp
OPENSSL_init_crypto
OPENSSL_sk_delete
X509_NAME_cmp
X509_LOOKUP_ctrl
RSA_meth_free
PEM_X509_INFO_read_bio
RSA_size
OPENSSL_sk_pop_free
RSA_meth_set_init
RSA_meth_set_pub_dec
X509_STORE_add_crl
BIO_free
BIO_write
BIO_test_flags
X509_OBJECT_free
d2i_X509
OPENSSL_sk_find
EVP_PKEY_meth_set_sign
EVP_PKEY_free
X509_cmp_time
OPENSSL_sk_value
OPENSSL_sk_push
d2i_PKCS12_bio
EVP_PKEY_get0_RSA
EVP_PKEY_meth_new
PEM_read_bio_PrivateKey
EVP_PKEY_CTX_get0_pkey
RSA_get0_key
BIO_free_all
RSA_meth_set_finish
RSA_pkey_ctx_ctrl
BIO_s_mem
EVP_PKEY_id
EVP_PKEY_meth_get_sign
RSA_set_method
OPENSSL_sk_free
X509_CRL_free
PEM_read_bio_X509
EVP_PKEY_CTX_ctrl
EVP_PKEY_meth_copy
PEM_read_bio_X509_CRL
i2a_ASN1_INTEGER
RSA_meth_set0_app_data
X509_get_ext
X509_get_subject_name
X509_NAME_get_entry
RSA_flags
OPENSSL_sk_num
X509_STORE_add_cert
DH_free
ERR_get_error
BIO_read
X509_get0_pubkey
OBJ_txt2obj
ASN1_INTEGER_to_BN
PKCS12_free
X509_NAME_dup
RSA_free
X509V3_EXT_print
X509_digest
RSA_meth_new
X509_NAME_get_index_by_OBJ
RSA_new
X509_getm_notAfter
ASN1_STRING_to_UTF8
X509_LOOKUP_hash_dir
RSA_set_flags
PKCS12_parse
ASN1_BIT_STRING_get_bit
OBJ_obj2nid
BIO_f_base64
BIO_push
X509_NAME_get_index_by_NID
X509_get_ext_by_NID
X509_STORE_set_flags
BN_clear_free
ERR_peek_error
BIO_new_file
EVP_PKEY_get0_DSA
X509_STORE_add_lookup
BIO_ctrl
RSA_meth_set_priv_enc
EVP_CIPHER_block_size
ENGINE_load_builtin_engines
RSA_meth_set_pub_enc
BIO_new
X509_get_pubkey
X509_STORE_get0_objects
ASN1_OBJECT_free
BN_dup
X509_getm_notBefore
EVP_MD_type
EVP_CIPHER_key_length
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_block_size
EVP_CIPHER_nid
ENGINE_get_next
EVP_CIPHER_CTX_reset
ENGINE_get_id
DES_check_key_parity
ENGINE_set_default
EVP_CIPHER_CTX_set_key_length
EVP_CIPHER_CTX_ctrl
HMAC_size
EVP_DigestInit
DES_set_key_unchecked
ENGINE_get_name
EVP_CIPHER_CTX_cipher
EVP_DigestFinal
EVP_MD_CTX_new
PEM_read_bio
EVP_get_digestbyname
EVP_CipherFinal
EVP_MD_CTX_reset
DES_ecb_encrypt
HMAC_CTX_free
EVP_CipherInit
EVP_DigestUpdate
HMAC_Init_ex
EVP_Digest
PEM_write_bio
ENGINE_get_first
ENGINE_register_all_complete
CRYPTO_free
EVP_MD_CTX_free
EVP_CipherInit_ex
ERR_error_string
RAND_bytes
ENGINE_by_id
HMAC_CTX_new
HMAC_CTX_reset
DES_is_weak_key
EVP_CIPHER_iv_length
EVP_sha256
libssl-1_1
SSL_get_ex_data
SSL_get1_supported_ciphers
BIO_f_ssl
SSL_state_string_long
SSL_CTX_get_default_passwd_cb
SSL_CTX_set_default_passwd_cb
SSL_alert_desc_string_long
TLS_method
SSL_free
SSL_CTX_get_cert_store
SSL_CTX_set_options
SSL_get_peer_certificate
SSL_new
SSL_CTX_free
SSL_CTX_ctrl
SSL_get_version
SSL_export_keying_material
SSL_CTX_use_PrivateKey
SSL_set_ex_data
SSL_CTX_new
SSL_CTX_set_client_CA_list
SSL_CTX_set_ciphersuites
TLS_client_method
SSL_set_bio
SSL_CTX_set_verify
SSL_CTX_use_RSAPrivateKey
SSL_CTX_set_info_callback
SSL_CTX_use_certificate
SSL_alert_type_string_long
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_CIPHER_get_version
SSL_CTX_set_cipher_list
SSL_set_accept_state
SSL_CIPHER_get_name
SSL_CTX_get_default_passwd_cb_userdata
SSL_CTX_check_private_key
SSL_get_current_cipher
SSL_CTX_get0_certificate
TLS_server_method
SSL_CTX_add_client_CA
SSL_set_connect_state
crypt32
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptAcquireCertificatePrivateKey
CertVerifyTimeValidity
CertOpenStore
ncrypt
NCryptFreeObject
NCryptSignHash
imm32
ImmGetContext
ImmAssociateContext
ImmReleaseContext
kernel32
GetExitCodeProcess
CloseHandle
CreateThread
CreateProcessA
GetSystemInfo
GetModuleHandleA
GetProcAddress
GetStartupInfoA
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
ReleaseMutex
CreateMutexA
GetModuleFileNameA
GetSystemDefaultLangID
GetThreadUILanguage
SetConsoleOutputCP
GetStartupInfoW
SetConsoleCtrlHandler
Process32First
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
ReleaseSemaphore
WriteFile
ReadFile
GetModuleFileNameW
GetTempPathW
GetEnvironmentVariableA
OpenProcess
CreateToolhelp32Snapshot
GetConsoleMode
ReadConsoleInputA
SetEvent
GetCurrentThread
Process32Next
GetConsoleTitleA
ResetEvent
VerSetConditionMask
GetNumberOfConsoleInputEvents
CreateProcessW
VerifyVersionInfoW
CreateSemaphoreA
CreateEventA
WriteConsoleInputA
IsWow64Process
DuplicateHandle
SetFilePointer
CreateFileW
DeleteFileW
GetCurrentProcessId
SetLastError
CancelIo
DeviceIoControl
UnmapViewOfFile
CreateFileA
GetOverlappedResult
CreateFileMappingA
MapViewOfFile
LoadLibraryW
FreeLibrary
ReadConsoleW
GetFileType
LocalFree
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetTickCount
FileTimeToSystemTime
LoadLibraryA
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
WaitForSingleObject
UnhandledExceptionFilter
Sleep
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
OutputDebugStringW
SetConsoleMode
user32
LoadMenuW
CheckMenuItem
EnableMenuItem
GetSubMenu
ModifyMenuA
GetFocus
IsIconic
GetSystemMetrics
DrawIcon
GetClientRect
MessageBoxA
GetMessagePos
LoadIconW
EnableWindow
GetWindowRect
KillTimer
SetTimer
GetKeyState
SetFocus
IsWindow
SendMessageA
RemoveMenu
advapi32
RegEnumKeyExA
OpenThreadToken
CryptSignHashA
DuplicateToken
InitializeSecurityDescriptor
SetThreadToken
CryptCreateHash
CryptSetHashParam
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
RegCloseKey
OpenProcessToken
ImpersonateSelf
LookupPrivilegeValueA
RevertToSelf
AdjustTokenPrivileges
RegQueryValueExA
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExW
SetKernelObjectSecurity
msvcp140
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
_Strcoll
_Strxfrm
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?pubseekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?pubseekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?sgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPAD_J@Z
_Xtime_get_ticks
_Thrd_sleep
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
_Thrd_start
_Thrd_detach
_Mtx_init
_Mtx_destroy
_Cnd_init
_Cnd_destroy
_Cnd_wait
_Cnd_signal
_Cnd_do_broadcast_at_thread_exit
?_Throw_Cpp_error@std@@YAXH@Z
?_XGetLastError@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
_Mtx_current_owns
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_timedwait
_Cnd_broadcast
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
?_Xbad_function_call@std@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPAU_Threadpool_chore@12@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z
?_Reset@_ContextCallback@details@Concurrency@@AAEXXZ
?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ
??0task_continuation_context@Concurrency@@AAE@XZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QAEX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QAEXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QAEXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ
?_Throw_future_error@std@@YAXABVerror_code@1@@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
_Mtx_trylock
_Wcscoll
_Wcsxfrm
?is@?$ctype@_W@std@@QBE_NF_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$collate@_W@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??Bid@locale@std@@QAEIXZ
winmm
timeBeginPeriod
timeGetTime
timeEndPeriod
mfc140
ord6831
ord993
ord6323
ord14582
ord6324
ord14583
ord6322
ord14581
ord7964
ord12474
ord14380
ord11927
ord11928
ord2027
ord7905
ord12888
ord4082
ord4143
ord9353
ord14507
ord7886
ord14509
ord12484
ord12485
ord2484
ord5336
ord8285
ord7961
ord4580
ord12806
ord12869
ord10383
ord12190
ord8347
ord1468
ord7618
ord8429
ord14149
ord890
ord1389
ord10986
ord6471
ord3142
ord5858
ord4213
ord8703
ord2988
ord3864
ord1068
ord9085
ord5095
ord12503
ord12826
ord8322
ord12162
ord5742
ord10202
ord9094
ord1445
ord4229
ord7379
ord7619
ord1174
ord5028
ord3337
ord3181
ord6559
ord1440
ord3355
ord3248
ord6803
ord3844
ord5894
ord12182
ord6097
ord1460
ord8036
ord13576
ord5808
ord6822
ord13582
ord1131
ord6523
ord9092
ord1443
ord4227
ord3250
ord6806
ord13405
ord5404
ord4870
ord8705
ord4218
ord14291
ord2524
ord4869
ord3924
ord6581
ord1526
ord6507
ord5960
ord9089
ord1178
ord8031
ord4216
ord8026
ord13584
ord5826
ord13574
ord6563
ord3252
ord2210
ord9083
ord1064
ord8180
ord6464
ord6104
ord6195
ord13681
ord2759
ord3825
ord12163
ord9213
ord13407
ord5406
ord13475
ord4468
ord8306
ord14054
ord5401
ord1000
ord8735
ord9166
ord3689
ord1169
ord4868
ord3177
ord540
ord2241
ord310
ord300
ord5096
ord2459
ord7461
ord9192
ord12116
ord462
ord7078
ord1111
ord2298
ord12074
ord6193
ord13677
ord2758
ord9167
ord2407
ord8997
ord10963
ord10421
ord4084
ord3395
ord3396
ord3159
ord3298
ord3295
ord10207
ord8173
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord12032
ord3830
ord11881
ord14502
ord8922
ord6947
ord10950
ord3259
ord13798
ord12205
ord12201
ord1717
ord1739
ord1765
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4958
ord4896
ord4911
ord4972
ord4493
ord5769
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord11663
ord13628
ord5911
ord2680
ord12067
ord3933
ord3363
ord3364
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord5231
ord5390
ord5210
ord7687
ord7688
ord7677
ord5388
ord8182
ord6463
ord3874
ord6540
ord4807
ord1044
ord3140
ord316
ord12194
ord4210
ord11343
ord1109
comctl32
ImageList_ReplaceIcon
setupapi
SetupDiGetClassDevsExA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_Device_Interface_List_SizeA
CM_Get_Device_Interface_ListA
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdA
vcruntime140
memcpy
_except_handler4_common
strrchr
strstr
_purecall
__std_exception_destroy
__std_exception_copy
strchr
__std_terminate
memchr
__CxxFrameHandler3
memmove
memset
_CxxThrowException
api-ms-win-crt-runtime-l1-1-0
_initterm
_get_narrow_winmain_command_line
_set_app_type
exit
_seh_filter_exe
_initterm_e
_register_thread_local_exe_atexit_callback
_errno
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
strerror
_exit
_controlfp_s
terminate
_invalid_parameter_noinfo_noreturn
_c_exit
api-ms-win-crt-heap-l1-1-0
_callnewh
malloc
realloc
_set_new_mode
free
calloc
api-ms-win-crt-stdio-l1-1-0
ferror
_wsopen_dispatch
_close
_commit
_write
fputs
_read
_lseeki64
fputc
fopen
_eof
fgetpos
__stdio_common_vsnprintf_s
__stdio_common_vswprintf_s
_ftelli64
fgetc
_lseek
__stdio_common_vsscanf
_chsize
_fseeki64
__stdio_common_vsprintf_s
__acrt_iob_func
fread
ftell
fseek
__stdio_common_vfwprintf
fsetpos
fgets
__stdio_common_vswprintf
_get_stream_buffer_pointers
fclose
_wfopen
__stdio_common_vsprintf
_open_osfhandle
_wopen
_dup2
_set_fmode
fopen_s
fwrite
__stdio_common_vfprintf
ungetc
__p__commode
setvbuf
fflush
api-ms-win-crt-convert-l1-1-0
_atoi64
_wtoi
strtol
atoi
strtoul
strtoll
api-ms-win-crt-filesystem-l1-1-0
_waccess
remove
_fstat64i32
_wstat64i32
_wchdir
_wfullpath
rename
_access
_lock_file
_unlock_file
_wremove
api-ms-win-crt-time-l1-1-0
_mktime64
_time64
_ctime64
_localtime64
_difftime64
asctime
_gmtime64
api-ms-win-crt-string-l1-1-0
strncpy
_strdup
strncat
isalpha
isgraph
isalnum
iscntrl
_strnicmp
isspace
strtok
isxdigit
_stricmp
strcspn
toupper
isprint
ispunct
isdigit
tolower
strncmp
api-ms-win-crt-environment-l1-1-0
_wgetcwd
getenv
api-ms-win-crt-math-l1-1-0
_fdopen
_dtest
__setusermatherr
_except1
modf
api-ms-win-crt-utility-l1-1-0
rand
srand
qsort
api-ms-win-crt-locale-l1-1-0
_setmbcp
_configthreadlocale
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 348KB - Virtual size: 347KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 17KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ