d937c092d81e93d1c21a85e2c2bc53233f85fba355bc62cadf5a7d570cc0b58a

Sharing

Copy URL Twitter E-mail

General

Target

d937c092d81e93d1c21a85e2c2bc53233f85fba355bc62cadf5a7d570cc0b58a
Size

15.7MB
MD5

4fcb8340e1801ea9926255702379b936
SHA1

ce06cab19b821314c68258d3b82ff3f6ef7840c9
SHA256

d937c092d81e93d1c21a85e2c2bc53233f85fba355bc62cadf5a7d570cc0b58a
SHA512

36a3602e425a818101ac871fccfda7692701d7699c233ae5aac5d8ea61709678c02ba1fc3cedf3625d476b27001830bbe0c66c04ab04f57fe7eda5b0d1e6fb0c
SSDEEP

393216:UyUKJjDWTUDSOJ8Rxhj4VdldUwFvc11JHg1w5rW:O8aOJmxqDlpk119g14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d937c092d81e93d1c21a85e2c2bc53233f85fba355bc62cadf5a7d570cc0b58a

Files

d937c092d81e93d1c21a85e2c2bc53233f85fba355bc62cadf5a7d570cc0b58a
.exe windows:6 windows x64

0fb6b5478b06d2ebf94bd85046f8cf92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DuplicateHandle
WaitForSingleObject
GetCurrentDirectoryW
Module32FirstW
GetSystemWow64DirectoryW
ExitProcess
LoadLibraryA
GetModuleHandleA
WriteFile
OutputDebugStringW
MultiByteToWideChar
GetTickCount
LoadLibraryW
FreeLibrary
DosDateTimeToFileTime
SizeofResource
LockResource
SetFilePointer
ReadFile
CreateFileW
MulDiv
DeactivateActCtx
FlushInstructionCache
HeapDestroy
HeapCreate
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
WideCharToMultiByte
IsBadReadPtr
InitializeCriticalSection
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetEnvironmentVariableW
ActivateActCtx
ReleaseActCtx
GetTempFileNameW
GetTempPathW
CreateActCtxW
GetFileAttributesW
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
OpenThread
SetThreadContext
GetThreadContext
GetSystemInfo
HeapReAlloc
ResumeThread
SuspendThread
Thread32First
Thread32Next
GetProcAddress
GetModuleHandleW
CreateEventW
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
ConvertFiberToThread
SystemTimeToFileTime
GetSystemTime
DeleteFiber
GetFileType
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
lstrcmpiW
SwitchToThread
lstrlenW
MapViewOfFileEx
GetFileSize
InitializeSRWLock
HeapSize
SetLastError
VirtualLock
VirtualUnlock
GetThreadTimes
GetExitCodeThread
VirtualQueryEx
VirtualFreeEx
CreateRemoteThread
ReadProcessMemory
VirtualAllocEx
VirtualProtectEx
WriteProcessMemory
GetNativeSystemInfo
GetProcessId
TerminateThread
GetCurrentThread
VirtualAlloc
VirtualFree
VirtualProtect
GetModuleFileNameW
FindFirstFileW
FindNextFileW
GetCurrentProcess
InitializeCriticalSectionEx
FindClose
GetSystemDirectoryW
GetLastError
DeleteFileW
GetWindowsDirectoryW
DeleteCriticalSection
lstrcmpW
GetCurrentThreadId
Sleep
HeapFree
TerminateProcess
InitializeProcThreadAttributeList
K32GetModuleFileNameExW
OpenProcess
CreateToolhelp32Snapshot
UpdateProcThreadAttribute
Process32NextW
Process32FirstW
CloseHandle
HeapAlloc
GetProcessHeap
CreateProcessW
IsWow64Process
LocalFree
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
FlsSetValue
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
FreeLibrary
TerminateProcess
GetCurrentProcess
GetSystemInfo
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
GetTickCount
GlobalFree
GetProcAddress
LocalAlloc
LocalFree
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
InitializeCriticalSectionAndSpinCount

user32

CharNextW
GetWindow
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
SetRectEmpty
EqualRect
PtInRect
GetFocus
MapWindowPoints
ScreenToClient
ClientToScreen
HideCaret
CreateCaret
GetCaretBlinkTime
LoadCursorW
GetKeyState
DefWindowProcW
CallWindowProcW
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
RegisterClassExW
GetActiveWindow
MapVirtualKeyW
CreateIconIndirect
OemToCharBuffW
UnionRect
DestroyIcon
DrawTextW
SetCursor
GetWindowRect
GetClientRect
SetWindowTextW
GetSysColor
InvalidateRect
ReleaseDC
GetDC
SetActiveWindow
IsWindowEnabled
EnableWindow
SetTimer
SetCapture
GetDlgItem
IsIconic
IsWindowVisible
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsWindow
PostMessageW
SendMessageW
GetMonitorInfoW
MonitorFromWindow
OffsetRect
IntersectRect
InflateRect
CopyRect
SetRect
GetCursorPos
EndPaint
BeginPaint
UpdateWindow
KillTimer
ReleaseCapture
SetFocus
IsZoomed
SetLayeredWindowAttributes
UpdateLayeredWindow
AnimateWindow
PostQuitMessage
TrackMouseEvent
MessageBoxW
FillRect
PostThreadMessageW
MonitorFromRect
MsgWaitForMultipleObjects
GetAsyncKeyState
GetSystemMetrics
GetUserObjectInformationW
GetProcessWindowStation
SetCaretPos
SystemParametersInfoW
wsprintfW
IsRectEmpty
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW

msvcp140

?_Random_device@std@@YAIXZ
_Mtx_unlock
_Cnd_do_broadcast_at_thread_exit
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0facet@locale@std@@IEAA@_K@Z
?id@?$numpunct@D@std@@2V0locale@2@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_detach
??1facet@locale@std@@MEAA@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
__current_exception
__std_exception_destroy
__std_exception_copy
_purecall
__C_specific_handler
memcmp
strrchr
memchr
strstr
strchr
__current_exception_context
__RTDynamicCast
memmove
wcsrchr
memcpy
_CxxThrowException
memset
wcsstr

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_initialize_onexit_table
_crt_atexit
terminate
strerror_s
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
abort
_exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_initialize_narrow_environment
_configure_narrow_argv
exit
_set_app_type
_seh_filter_exe
_invalid_parameter_noinfo_noreturn
_errno
_invalid_parameter_noinfo
signal
_beginthreadex
raise

api-ms-win-crt-string-l1-1-0

strncmp
wcscpy_s
_wcslwr
_wcsnicmp
strtok_s
strcpy_s
isdigit
_wcsdup
_wcslwr_s
towlower
wcstok_s
_stricmp
strcmp
strnlen
strncpy
strspn
strcspn
isspace
isalnum
_strnicmp
_wcsicmp

api-ms-win-crt-heap-l1-1-0

calloc
free
realloc
_recalloc
malloc
_set_new_mode
_callnewh

api-ms-win-crt-convert-l1-1-0

strtoll
strtod
strtol
_itoa
strtoull
_wtof
atoi
strtoul
wcstol
_wtoi

api-ms-win-crt-utility-l1-1-0

rand
srand
qsort

api-ms-win-crt-math-l1-1-0

__setusermatherr
_dsign
cos
_fdsign
_ldclass
_ldsign
_dclass
ceilf
sin
_fdclass

api-ms-win-crt-stdio-l1-1-0

feof
_setmode
__stdio_common_vswscanf
_set_fmode
fwrite
__stdio_common_vsprintf
fputs
_ftelli64
__p__commode
__stdio_common_vsprintf_s
_fseeki64
__acrt_iob_func
fflush
__stdio_common_vswprintf
__stdio_common_vswprintf_s
fopen
ferror
_wfopen
ftell
fseek
_wfopen_s
__stdio_common_vfprintf
__stdio_common_vsnprintf_s
_fileno
fclose
__stdio_common_vsscanf
fread
fgets

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
localeconv

api-ms-win-crt-time-l1-1-0

_mktime64
_time64
_localtime64_s
_gmtime64_s
_mkgmtime64

imm32

ImmGetContext
ImmReleaseContext
ImmAssociateContext

gdi32

DeleteDC
CreateCompatibleDC
GetClipBox
BitBlt
GetObjectW
CreateCompatibleBitmap
DeleteObject
GetDeviceCaps
SelectObject
GetPixel
CreateDIBSection
SetViewportOrgEx
Polyline
TextOutW
SetTextColor
ExtSelectClipRgn
SaveDC
RoundRect
RestoreDC
Pie
IntersectClipRect
GetTextExtentPoint32W
GetClipRgn
ExcludeClipRect
Ellipse
Arc
SetRectRgn
RectInRegion
PtInRegion
OffsetRgn
GetRgnBox
GetRegionData
CreateRectRgnIndirect
CreateRectRgn
CombineRgn
CreatePatternBrush
CreatePen
SetBkMode
Rectangle
CreateSolidBrush
CreateFontIndirectW
SetPixel
GetStockObject

advapi32

RegSetValueExW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteTreeW
CryptEnumProvidersW
RegQueryValueExW
RegEnumValueW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyW
OpenThreadToken
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
SystemFunction036
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW

shell32

ShellExecuteW
ShellExecuteA

ole32

OleInitialize
CoCreateGuid
CoCreateInstance
PropVariantClear
CoWaitForMultipleHandles
CLSIDFromString
CLSIDFromProgID
CreateBindCtx
OleLockRunning
CoUninitialize
RegisterDragDrop
RevokeDragDrop
CoInitialize

oleaut32

VariantInit
SafeArrayCreate
SysAllocString
SysFreeString
SafeArrayDestroy
VariantClear
SafeArrayPutElement

shlwapi

StrToIntExW
PathFileExistsW
StrChrW
PathCombineW

msimg32

GradientFill
AlphaBlend

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

ws2_32

WSAStartup
WSACleanup
connect
recv
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
htonl
inet_ntoa
gethostbyname
socket
bind
InetNtopW
freeaddrinfo
ntohs
getaddrinfo
WSAStringToAddressW
getsockname
WSAIoctl
WSASetLastError
WSAGetLastError
getpeername
shutdown
setsockopt
send
closesocket
ntohl
htons

crypt32

CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertGetCertificateContextProperty

bcrypt

BCryptGenRandom

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime
timeGetDevCaps

api-ms-win-crt-multibyte-l1-1-0

_ismbcspace
_mbschr
_mbsrchr
_mbscmp
_mbsspn
_mbslwr_s
_mbscspn
_mbsinc
_mbsicmp
_mbsupr_s

api-ms-win-crt-environment-l1-1-0

getenv

wtsapi32

WTSSendMessageW

Exports

Exports

d$3��{l8wx4(�2 6��+ʷ+�S��T� WFـ2/il��b��* �"C��8a/f�&�cQT(loﴞN��L>r��ݗ�d�~ U~�~�hKS�$USN<Z��j��\ᝣ^�߈��\�� 9;�5�B�2aP h�Tjg��,��a��\a��)�YH}֨��e��{-ծ=��g��s�]�m��wn\�阸=�Y�י0�4��{*a�@ ~�~o�NPmʫ�0� 4�`'J`�t�.K�S47�� ؏�f;��$��V��~�ᰣ�LlEqN�*�T�|H��<~O� �Q��w��6&��/�կ�]KW-�g��8�%��뺃D�"��/��,��}�v}��᪊�H�K��f��5t� �U��TL$�k�_ɗn�n _�3�M᥶w�#_b`z%Z�,�{7�e/��3�R��k&g�K��|zHp<m?v�`݃��d6��M�&�8@T�cߪ��'��ꐽ��͆��t�'P:_Pze��S��\�Y��}�r;�� K��N��G��q�LL��:��\"�Z��6�A��p�0��{m�K��aؾ${�Q1*͉9B��ز�*��V�QBT�a1q�#��b��V��cm�z��>RD�4�6�`�3��\��l�Ղ��)��;)\7F 8�]�}��:�Y�R�� {dg��%�� O6��vU��,��#b��D9G��}z�� q��K��X��6&�_��bC��.c*�V��7+�?��@! ��Kp�ï;�_m@5%Q��g0��<�ga=�S_�_�'R� {f$��ye��칒�x� �qi��{��+��x��ǟ�刜#/Y�c׶V�f�4* �qt�ȭu�f��X��j��,F�M?�+��)��8D��c9��5�T��ǌ��>��lγ��\�%�ª�3�Gm��@�H90+�R/��҇jz2�;ɘNX�gNc*[��s��֥d%)[��|yԕ��@�D��5f�E�&�:�%�F��9p��d �o�1(=^��}��In:��d+;�A3-�5��|eT@��қ3��8&͋l�T��]w��c��R#ɉq��g�.<�j+�_nT\s��V]!*(k��}�a��w��"�� ?/O8㭫�z��v��c(�H�F��S��V+��_��تn�K��EQ��|x�U�7?`�'��׀�x%�~��ϵ�l�R��8��g^��o雜$If^^�?W{�K$��g��Λ�j;��c��#y��y^;�YϪ/0ʊ��n5:gw��K3�]@'�FOʺ�])(2�&��Q[-:�X�K ]��^.��̽ �#�=��d�v�pH��+4F1��,(��w�� j&�1T%�P�bX�L=y�cCx��Z��%g�W�A�� \kװ?��M�Wq��0��r�$�͏��n�_��*4Y��Ag��0�d�� Q��V��(k�е�i-�4��iX�z�~��Gd�y�I.w��`T{�ϓ�H!*��Hq\��L$�x�{q0Q�m��E��1�� <,f2[�[a<vu �$�EI�f��J� ��.'��F;�ޘ��)�|�� r]�cU`��:i$�-��S�6�V��F ��v6�֬�Iv�s"u�n��\~�''�/K��2$jh^��7�%��,��q"?��2. �a�|'�!�Q��;��Rq��OM��1"�f��j��ݠv@�>XnC�/�� 0I��ɑB��lV�g�~Ѱ��y��i��.��;�%��農ӳTT��+R�(�M�M�|f��^&��/�ѳT��U%�zT�� \A�2�?�C�Uu3\�>��{�ޭ�Rs}�RM��?3�G��gDN�DN��]>"�$�k�يۢ)�J, ��>m��*X�hR)f�4'3A<�_P^v[��M�a5�,�E��#U��걓ZP�bO;��%1,RQ�w2��ս� d��h��w�C L��Gk�3��gg�2�ʎ}��6�J�� &/��Ȑ��~��$*��ͩ��|��Ɯt�ah]��1bߖ�g�V��Oh�A�;.|0�Vטd�X��}�8Sk�g��LP>�;��$v"��㣮b[�R�v��Lh�%l�.�C� ��i��HHݭ�/h��n�US˓?( �9�P��Y�@Xb�=�f��T�|�<3.H��!r�<��/>s�̰��\�J��^8�V�W 3b��C�ؙ��i��u�/r�\$v;_��rn^Ḇ�,��^��[rZ}��؃*�̾Ü�;F�qc�'2j��v��Ű#vwb,M,.�cr Q4e��=�~��8�-�| ;.I�i�J��_��"��"3ص�%�L��g~��ÊM��3nU�B��2�d }OTp�Obk-�Y��i<��M��e) ��=��.ܠ�-[e��놇c�-�|O��p)vT�+��h��׽f໗�i��Trښe6��`�+��.!74,-gi�n1�FS�Dxj�$!�X=��Q�l��,uk�#��M��'��{Ew�_��V�j))�1?;b)��H�u7�Ow��DQ��_�R�Q��3e�;[Y�J�h$��奐�,*��k�D�CP�q��C6��3�9szA�^UO��(|PF2��U�\�{��%� �R(��#�:it0"��8��E:��{��I��R��Nv� �1��χ��P,�b�y1�e��0n��C�i [��iۮ�q�l�Y�x��$F��H#5��^�5� .B�G��&R(�<�V��!#T�*��J:!mQ�W@"e�?��:�[��E��a��u_��pX`��N��"��Ĺ��no�ɍ�ָJD�:nu^�r1�L�.� ?7��3�

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data0
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0fb6b5478b06d2ebf94bd85046f8cf92

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

imm32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

api-ms-win-crt-filesystem-l1-1-0

ws2_32

crypt32

bcrypt

winmm

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-environment-l1-1-0

wtsapi32

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 132KB - Virtual size: 132KB

.pdata Size: 124KB - Virtual size: 124KB

.data0 Size: 4.5MB - Virtual size: 4.5MB

.data1 Size: 7.0MB - Virtual size: 7.0MB

.rsrc Size: 118KB - Virtual size: 118KB

.l1 Size: 32KB - Virtual size: 32KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 132KB - Virtual size: 132KB

.pdata
Size: 124KB - Virtual size: 124KB

.data0
Size: 4.5MB - Virtual size: 4.5MB

.data1
Size: 7.0MB - Virtual size: 7.0MB

.rsrc
Size: 118KB - Virtual size: 118KB

.l1
Size: 32KB - Virtual size: 32KB