Static task
static1
Behavioral task
behavioral1
Sample
NEAS.a73acb0fb5454f6f92344fe3ca49e800.exe
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral2
Sample
NEAS.a73acb0fb5454f6f92344fe3ca49e800.exe
Resource
win10v2004-20231025-en
windows10-2004-x64
General
-
Target
NEAS.a73acb0fb5454f6f92344fe3ca49e800.exe
-
Size
1.1MB
-
MD5
a73acb0fb5454f6f92344fe3ca49e800
-
SHA1
2455c4ebed95b4f48e301efd5ee839ee6d11b545
-
SHA256
fb4f3c3d91c3da9d08b214e4d365c208bc1208d5612ede6cb03cbcaf0486c647
-
SHA512
5fbed674da00d99e89551e217a8a4094b6cd853aac77758cb04e6b48268174a740b00357f133b2b6d50448ccaa893e615fb1adeeee636d018d61e9953fd769d2
-
SSDEEP
12288:r2x9c3dRYsEq9AEliTgPOXBvodATToSTX44Zqo4nspsaFT:4c3dnEQAElhGTTVo4ZqohsaFT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.a73acb0fb5454f6f92344fe3ca49e800.exe
Files
-
NEAS.a73acb0fb5454f6f92344fe3ca49e800.exe.exe windows:4 windows x86
255ca2545b0540b0be22da80ba5424d9
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
sense3
SENSE3
jskhz
?Draw_LeftE_QuXian@@YAHPAVCHuaPo@@PAVCBase_SGT@@@Z
?TuiLiJiSuan@@YAHPAVCHuaPo@@@Z
?AfterDataChange@CEasyTableWnd@@UAEXHH@Z
?DealMenuCmdPaste@CTableWnd@@UAEHH@Z
?DealMenuCmdCopy@CTableWnd@@UAEHH@Z
?DealMenuCmdIns@CTableWnd@@UAEHH@Z
?DealMenuCmdDel@CTableWnd@@UAEHH@Z
?DealMenuCmdAdd@CTableWnd@@UAEHXZ
?Draw_DangTuQiang@@YAHPAVCKHZ_KangHuaZhuang@@PAVCBase_SGT@@@Z
?Draw_MGJianTu@CKHZ_KangHuaZhuang@@QAEHPAVCBase_SGT@@H@Z
??1CKHZ_JiSuan_KangHuaZhuang@@QAE@XZ
?JiSuan@CKHZ_JiSuan_KangHuaZhuang@@QAEHPAVCKHZ_KangHuaZhuang@@@Z
??0CKHZ_JiSuan_KangHuaZhuang@@QAE@XZ
?IsDataValid@CKHZ_KangHuaZhuang@@QAEHXZ
?Cal_RepMaoGan@CKHZ_KangHuaZhuang@@QAEHXZ
?Cal_MaoGanXuanJin@CKHZ_KangHuaZhuang@@QAEHXZ
?Cal_Soil_PoLJ@CKHZ_KangHuaZhuang@@QAEHXZ
?MaoGan_NeiLi@CKHZ_KangHuaZhuang@@QAEHXZ
?MaoGan_NeiLi2@CKHZ_KangHuaZhuang@@QAEHXZ
?Draw_DangTuQiang@@YAHPAVCKHZ_YuYingLi@@PAVCBase_SGT@@@Z
??1CKHZ_JiSuan_YuYingLi@@QAE@XZ
?JiSuan@CKHZ_JiSuan_YuYingLi@@QAEHPAVCKHZ_YuYingLi@@@Z
??0CKHZ_JiSuan_YuYingLi@@QAE@XZ
?Draw_DangTuQiang@@YAHPAVCKHZ_ZhongLi@@PAVCBase_SGT@@@Z
??1CKHZ_JiSuan_ZhongLi@@QAE@XZ
?JiSuan@CKHZ_JiSuan_ZhongLi@@QAEHPAVCKHZ_ZhongLi@@@Z
??0CKHZ_JiSuan_ZhongLi@@QAE@XZ
?Draw_DangTuQiang@@YAHPAVCKHZ_ZhuangBan@@PAVCBase_SGT@@@Z
??1CKHZ_JiSuan_ZhuangBan@@QAE@XZ
?JiSuan@CKHZ_JiSuan_ZhuangBan@@QAEHPAVCKHZ_ZhuangBan@@@Z
??0CKHZ_JiSuan_ZhuangBan@@QAE@XZ
?khzset@@YAXM@Z
??0CHuaPo@@QAE@XZ
??1CHuaPo@@QAE@XZ
??0CKHZ_KangHuaZhuang@@QAE@XZ
??1CKHZ_KangHuaZhuang@@QAE@XZ
??0CKHZ_ZhongLi@@QAE@XZ
??1CKHZ_ZhongLi@@QAE@XZ
??0CKHZ_YuYingLi@@QAE@XZ
??1CKHZ_YuYingLi@@QAE@XZ
??0CKHZ_ZhuangBan@@QAE@XZ
??1CKHZ_ZhuangBan@@QAE@XZ
??0CZhuangMaoData@@QAE@XZ
?Draw_HuaPo@@YAHPAVCHuaPo@@PAVCBase_SGT@@@Z
?LoadData@CKHZ_Option@@QAEHXZ
?G_KHZ_Option@@3VCKHZ_Option@@A
?SaveData@CKHZ_KangHuaZhuang@@UAEHPAD@Z
?LoadData@CKHZ_KangHuaZhuang@@UAEHPAD@Z
?SetFileName@CKHZ_KangHuaZhuang@@UAEHVCString@@@Z
?SaveData@CKHZ_ZhongLi@@UAEHPAD@Z
?LoadData@CKHZ_ZhongLi@@UAEHPAD@Z
?SetFileName@CKHZ_ZhongLi@@UAEHVCString@@@Z
?SaveData@CKHZ_YuYingLi@@UAEHPAD@Z
?LoadData@CKHZ_YuYingLi@@UAEHPAD@Z
?SetFileName@CKHZ_YuYingLi@@UAEHVCString@@@Z
?SaveData@CKHZ_ZhuangBan@@UAEHPAD@Z
?LoadData@CKHZ_ZhuangBan@@UAEHPAD@Z
?SetFileName@CKHZ_ZhuangBan@@UAEHVCString@@@Z
?SaveData@CZhuangMaoData@@UAEHPAD@Z
?LoadData@CZhuangMaoData@@UAEHPAD@Z
?SetFileName@CZhuangMaoData@@UAEHVCString@@@Z
?SaveData@CKHZ_Option@@QAEHXZ
??0CKHZ_Option@@QAE@XZ
?SaveData@CHuaPo@@UAEHPAD@Z
?LoadData@CHuaPo@@UAEHPAD@Z
?SetFileName@CHuaPo@@UAEHVCString@@@Z
??4CZhuangMaoData@@QAEXABV0@@Z
??4CKHZ_ZhuangBan@@QAEAAV0@AAV0@@Z
??4CKHZ_YuYingLi@@QAEAAV0@AAV0@@Z
??4CKHZ_ZhongLi@@QAEAAV0@AAV0@@Z
??4CKHZ_KangHuaZhuang@@QAEAAV0@AAV0@@Z
??4CHuaPo@@QAEAAV0@AAV0@@Z
??0CFCoor@@QAE@XZ
?DealTitleClicked@CTableWnd@@UAEHH@Z
?IsTextUnderLine@CTableWnd@@UAEHHH@Z
?GetHangLieSelectList@CTableWnd@@UAE?AVCString@@HH@Z
?GetCheckValue@CTableWnd@@UAEHHH@Z
?GetCheckImage@CTableWnd@@UAEHHHH@Z
?GetButtonID@CTableWnd@@UAEHHH@Z
?IsButton@CTableWnd@@UAEHHH@Z
?SetCheck@CTableWnd@@UAEHHH@Z
?IsCheck@CTableWnd@@UAEHHH@Z
?Cal_MaoGanKt@CKHZ_KangHuaZhuang@@QAEHXZ
?GetAs@CGangJin_T@@QAEMH@Z
?GetString@CGangJin_T@@QAE?AVCString@@H@Z
?SetDegree@CGangJin_T@@QAEXH@Z
?ResolveString@CGangJin_T@@QAEHVCString@@@Z
?GetOrigin@CFCoor@@QBEABVCFPoint@@XZ
??0CFPoint@@QAE@ABV0@@Z
??1CZhuangMaoData@@QAE@XZ
?SetScale@CFCoor@@QAEXM@Z
?GetScale@CFCoor@@QBEMXZ
?SetOrigin@CFCoor@@QAEXABVCFPoint@@@Z
??0CFPoint@@QAE@MMM@Z
?DPtoFP@CFCoor@@QBENH@Z
jstools3d
?open_file_no_comment@@YAPAU_iobuf@@PAD0@Z
?vsscanf@@YAHPAD0ZZ
?G_strWorkPath@@3VCString@@A
?G_strExePath@@3VCString@@A
?open_file@@YAPAU_iobuf@@PAD0@Z
?classCDtView@CDtView@@2UCRuntimeClass@@B
?PrepareDraw@CDrawTool@@UAEXPBVCPoint@@0@Z
?DrawCursor@CDtView@@UAEXAAVCDC@@H@Z
?SwitchCursor@CDtView@@UAEXXZ
?ShowOffset@CDtView@@UBEXXZ
?ShowLocate@CDtView@@UBEXXZ
?ShowStep@CDtView@@UBEXXZ
?GetCatchOne@CDtView@@UAEHAAVCFPoint@@@Z
?GetCatchAll@CDtView@@UAEHAAVCFPoint@@@Z
?SetCatchOneObject@CDtView@@UAEXXZ
?SetCatchAllObject@CDtView@@UAEXXZ
?SetOffset@CDtView@@UAEHAAVCFPoint@@@Z
?SetLocate@CDtView@@UAEHAAVCFPoint@@@Z
?SetStep@CDtView@@UAEHAAMH@Z
?GetBeiJin@CDtView@@UAEPAVCBeiJing@@XZ
?GetContain@CDtView@@UAEPAVCObjectUndoContain@@XZ
?IsVisible@CDtView@@UAEHPAVCGouJian@@@Z
?HitTest@CDtView@@UAEHAAVCFRect@@AAPAV?$CList@PAVCGouJian@@PAV1@@@HH@Z
?HitTest@CDtView@@UAEHAAVCFRegion@@AAPAV?$CList@PAVCGouJian@@PAV1@@@H@Z
?InFilter@CDtView@@UAEHPAVCGouJian@@@Z
?Drawm_pSelectedList@CDtView@@UBEXPAVCDC@@PAVCFCoor@@@Z
?Clearm_pSelectedList@CDtView@@UAEXXZ
?GetCatchPointOne@CDtView@@UAEHVCFRect@@IAAVCFPoint@@@Z
?GetCatchPointAll@CDtView@@UAEHIAAVCFPoint@@@Z
?SetPromptText@CDtView@@UAEXVCString@@@Z
?OnUpdate@CDtView@@UAEXPAVCView@@JPAVCObject@@@Z
??0CDtView@@IAE@XZ
??1CDtView@@UAE@XZ
?messageMap@CDtView@@1UAFX_MSGMAP@@B
?OnDraw@CDtView@@UAEXPAVCDC@@@Z
?Draw@DXF@@QAEXPAVCDC@@PAVCFCoor@@VCRect@@@Z
?G_ConCoor_bak@@3VCFCoor@@A
?JS_OpenFileNum@@3HA
?GetFRect@DXF@@QAE?AVCFRect@@XZ
?IsJsxxVisible@@YAHXZ
?OnShowAll@CDtView@@IAEXXZ
?OnInitialUpdate@CDtView@@UAEXXZ
?RButtonDown@CDtView@@QAEXIVCPoint@@@Z
?Write_MemDxf_To_File@DXF@@QAEHPAD@Z
?OnShowPre@CDtView@@IAEXXZ
?OnShowRect@CDtView@@IAEXXZ
?OnShowAgain@CDtView@@IAEXXZ
?OnShowMove@CDtView@@IAEXXZ
?OnShowZoomOut@CDtView@@IAEXXZ
?OnShowZoomIn@CDtView@@IAEXXZ
?G_RatioText@@3MA
?Height@CFRect@@QBEMXZ
?Width@CFRect@@QBEMXZ
??0CFRect@@QAE@XZ
?Create@CTableWnd@@QAEXABUtagRECT@@PAVCWnd@@I@Z
??1CDxfWnd@@UAE@XZ
??0CDxfWnd@@QAE@XZ
??1CEasyTableWnd@@UAE@XZ
?Create@CDxfWnd@@QAEXABUtagRECT@@PAVCWnd@@I@Z
?GetRtfFileName@CJsBaseData@@QAE?AVCString@@H@Z
?All@CDxfWnd@@QAEHXZ
?Write_Tables@DXF@@QAEHXZ
?Add_STyle@DXF@@QAEPAVACAD_STYLE@@PAD00MM@Z
?New_MemDxf@DXF@@QAEHXZ
?InsertDxf@DXF@@QAEHPAV1@MMMMM@Z
?SetCurStyle@CBase_SGT@@QAEXPAD@Z
?Remove_Result_Files@CJsBaseData@@QAEHXZ
?DealTitleClicked@CEasyTableWnd@@UAEHH@Z
?GetHPageSize@CTableWnd@@MAEHXZ
?GetNeedWidth@CTableWnd@@UAEHXZ
?GetComboText@CEasyTableWnd@@UAE?AVCString@@HHH@Z
?GetComboPtr@CEasyTableWnd@@UAEPAVCComboBox@@HH@Z
?UpdateTable@CTableWnd@@UAEXXZ
?GetHUnitPoint@CTableWnd@@UAEHXZ
?EnableHScroll@CTableWnd@@UAEHXZ
?IsTextUnderLine@CEasyTableWnd@@UAEHHH@Z
?OutPutTable@CTableWnd@@UAEHPAU_iobuf@@HHH@Z
?OutPutTitle@CTableWnd@@UAEHPAU_iobuf@@HH@Z
?GetOutPutLen@CTableWnd@@UAEHHHHAAH@Z
?GetTitleLineNumber@CTableWnd@@UAEHXZ
?GetHangLieBkColor@CEasyTableWnd@@UAEKHH@Z
?GetHangLieTextColor@CEasyTableWnd@@UAEKHH@Z
?GetComboHeight@CTableWnd@@UAEHHH@Z
?GetComboCurSel@CEasyTableWnd@@UAEHHHVCString@@@Z
?GetCanScrollRect@CTableWnd@@UAEXAAUtagRECT@@@Z
?DealChangeData@CEasyTableWnd@@UAEXHHVCString@@@Z
?GetHangLieSelectList@CEasyTableWnd@@UAE?AVCString@@HH@Z
?GetHangLieTiShi@CEasyTableWnd@@UAE?AVCString@@HH@Z
?GetHangLieString@CEasyTableWnd@@UAE?AVCString@@HH@Z
?GetCheckValue@CEasyTableWnd@@UAEHHH@Z
?GetCheckImage@CEasyTableWnd@@UAEHHHH@Z
?GetButtonID@CEasyTableWnd@@UAEHHH@Z
?IsButton@CEasyTableWnd@@UAEHHH@Z
?SetCheck@CEasyTableWnd@@UAEHHH@Z
?IsCheck@CEasyTableWnd@@UAEHHH@Z
?CanEdit@CEasyTableWnd@@UAEHHH@Z
?DrawACell@CTableWnd@@UAEXPAVCDC@@HHVCString@@@Z
?DrawContent@CTableWnd@@UAEXPAVCDC@@@Z
?DrawGrib@CTableWnd@@UAEXPAVCDC@@@Z
?DrawSelectTag@CTableWnd@@UAEXPAVCDC@@HH@Z
?DrawTitle@CEasyTableWnd@@UAEXPAVCDC@@@Z
?DrawTable@CTableWnd@@UAEXPAVCDC@@@Z
?UseCombo@CTableWnd@@UAEHHH@Z
?InitialAllData@CEasyTableWnd@@UAEXXZ
?TiShiShift@CEasyTableWnd@@UAE?AVCPoint@@HH@Z
?ClearDirty@CTableWnd@@UAEXH@Z
?Disp_Button@CTableWnd@@UAEXHH@Z
?Disp_Pick@CTableWnd@@UAEXHH@Z
?Disp_Hint@CTableWnd@@UAEXHH@Z
?SetDefaultFont@CTableWnd@@UAEXXZ
?PreTranslateMessage@CTableWnd@@UAEHPAUtagMSG@@@Z
?GetMessageMap@CEasyTableWnd@@MBEPBUAFX_MSGMAP@@XZ
??0CEasyTableWnd@@QAE@XZ
??1CRTF@@QAE@XZ
?Close@CRTF@@QAEXXZ
?InsertTable@CRTF@@QAEHPAVCTableWnd@@HHHHH@Z
?InsertText@CRTF@@QAAHPADZZ
?Open@CRTF@@QAEHPAD@Z
??0CRTF@@QAE@XZ
?CreateEasyTable@@YAHPAVCWnd@@PAVCTableWnd@@KH@Z
?CreateDxfWnd@@YAHPAVCWnd@@PAVCDxfWnd@@KH@Z
?MoveEdit@CTableWnd@@QAEXHH@Z
?GetDxfFileName@CJsBaseData@@QAE?AVCString@@H@Z
?CopyFile_InWorkPath@@YAHPAD0@Z
?MakeDirectory@@YAHVCString@@@Z
?toolset@@YAXM@Z
?G_HightText@@3MA
?SetHzFont@CShx@@QAEHPAD0@Z
?SetTxtFont@CShx@@QAEHPBD0@Z
?G_ShapeFont@@3VCShx@@A
?G_Disp_TableTip@@3HA
??0CJsBaseData@@QAE@XZ
??1CJsBaseData@@QAE@XZ
??1CFCoor@@QAE@XZ
?GetHangLieBkColor@CTableWnd@@UAEKHH@Z
?GetHangLieTextColor@CTableWnd@@UAEKHH@Z
?GetComboCurSel@CTableWnd@@UAEHHHVCString@@@Z
?TiShiShift@CTableWnd@@UAE?AVCPoint@@HH@Z
??0CTableWnd@@QAE@XZ
??1CTableWnd@@UAE@XZ
?messageMap@CTableWnd@@1UAFX_MSGMAP@@B
?DrawBmpTitle@CTableWnd@@QAEXPAVCDC@@I@Z
?OnCreate@CTableWnd@@IAEHPAUtagCREATESTRUCTA@@@Z
?get_line_angle@@YAMMMMM@Z
?get_dist@@YAMMMMM@Z
?InvalidateHang@CTableWnd@@QAEXH@Z
?SetLimit@CETCell@@QAEHMM@Z
?AddCheck@CEasyTableWnd@@QAEPAVCETCell@@HHPAHPAVCString@@@Z
?AddFloat@CEasyTableWnd@@QAEPAVCETCell@@HHPAMPADHPAVCString@@H@Z
?AddInt@CEasyTableWnd@@QAEPAVCETCell@@HHPAHHPAVCString@@01H@Z
?AddText@CEasyTableWnd@@QAAPAVCETCell@@HHPADZZ
?AddReact@CEasyTableWnd@@QAEHW4ETCELL_REACT@@HHH@Z
?IniEasyTable@CEasyTableWnd@@QAEHHIPAHPAVCString@@@Z
?ClearEasyTable@CEasyTableWnd@@QAEHXZ
?InvalidateLie@CTableWnd@@QAEXH@Z
?OnChildNotify@CTabCombo@@UAEHIIJPAJ@Z
?PreTranslateMessage@CTabCombo@@UAEHPAUtagMSG@@@Z
?GetMessageMap@CTabCombo@@MBEPBUAFX_MSGMAP@@XZ
??0CTabCombo@@QAE@XZ
??1CTabCombo@@UAE@XZ
?SetState@CETCell@@QAEHW4ETCELL_STATE@@@Z
?SetButton@CETCell@@QAEHHH@Z
?SetTiShi@CETCell@@QAEHVCString@@@Z
?AddReact@CETCell@@QAEHW4ETCELL_REACT@@HHH@Z
?SetSelectList@CETCell@@QAEHVCString@@@Z
?LieWid2LiePos@CEasyTableWnd@@QAEHPAH@Z
?Add_ZongJin_JiBie@CEasyTableWnd@@QAEPAVCETCell@@HHPAH@Z
?SetTextColor@CETCell@@QAEHK@Z
?SetBkColor@CETCell@@QAEHK@Z
?AddCString@CEasyTableWnd@@QAEPAVCETCell@@HHPAVCString@@H0H@Z
?GetHangLieTiShi@CTableWnd@@UAE?AVCString@@HH@Z
?tell_error@@YAXHPAD@Z
?tell_error1@@YAXHPADZZ
??1CBase_SGT@@UAE@XZ
??0CBase_SGT@@QAE@XZ
?Open_MemDxf@DXF@@QAEHXZ
?Read_FileDxf_To_Mem@DXF@@QAEHPAD@Z
??0CFRect@@QAE@MMMM@Z
??4CFRect@@QAEXABV0@@Z
stools
??1CEnTabCtrl@@UAE@XZ
??0CEnTabCtrl@@QAE@XZ
jsdtq
?dtqset@@YAXM@Z
?IsJinShui@CDTQ_Base@@QAEHXZ
?IsDiZhen@CDTQ_Base@@QAEHXZ
mfc42
ord6082
ord6177
ord2982
ord3147
ord3261
ord4465
ord3136
ord3280
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4623
ord4430
ord514
ord748
ord4825
ord6136
ord3767
ord6134
ord5827
ord2818
ord1200
ord3092
ord4216
ord1175
ord941
ord860
ord1146
ord6215
ord2642
ord540
ord4614
ord4613
ord1918
ord4261
ord2404
ord5341
ord2964
ord2995
ord4882
ord6381
ord4900
ord5062
ord4939
ord4941
ord4630
ord5076
ord4341
ord4722
ord4888
ord4531
ord4545
ord4543
ord4526
ord4093
ord4524
ord4964
ord4961
ord4107
ord6055
ord4078
ord1776
ord4407
ord5240
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3748
ord5065
ord1726
ord2446
ord2124
ord5277
ord3259
ord3282
ord4627
ord4432
ord5828
ord515
ord640
ord654
ord813
ord5257
ord2535
ord4369
ord2247
ord323
ord1168
ord4587
ord3486
ord4462
ord6070
ord5937
ord4160
ord6199
ord3072
ord4898
ord4133
ord4297
ord5788
ord472
ord3693
ord3626
ord2414
ord3663
ord4589
ord6270
ord4220
ord2584
ord3654
ord2438
ord2863
ord1644
ord2379
ord4130
ord4132
ord2514
ord641
ord6069
ord4736
ord5572
ord2915
ord2558
ord4349
ord3763
ord535
ord1915
ord6571
ord5460
ord2014
ord6395
ord5455
ord3298
ord4483
ord1781
ord2793
ord2957
ord2858
ord5652
ord5019
ord5106
ord4921
ord5003
ord4730
ord1576
ord4669
ord4490
ord4345
ord4338
ord1730
ord4647
ord5022
ord4495
ord4492
ord4512
ord4962
ord4655
ord4382
ord972
ord2059
ord4645
ord2548
ord5508
ord5957
ord4037
ord3268
ord3353
ord4622
ord4424
ord5824
ord512
ord780
ord4890
ord4108
ord3262
ord6119
ord5260
ord1233
ord4370
ord4899
ord4588
ord406
ord1640
ord2450
ord5265
ord4998
ord6052
ord1775
ord5241
ord5280
ord3749
ord1727
ord5261
ord4425
ord3597
ord809
ord556
ord324
ord2358
ord4234
ord1088
ord2122
ord6334
ord4710
ord6605
ord2864
ord2086
ord4376
ord4853
ord2362
ord2301
ord2370
ord2302
ord4299
ord5981
ord858
ord2645
ord2652
ord1669
ord2574
ord4396
ord3402
ord3572
ord609
ord3571
ord2575
ord3574
ord567
ord4148
ord3742
ord692
ord939
ord3803
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord6197
ord6379
ord2339
ord2293
ord2366
ord940
ord5710
ord924
ord6283
ord6282
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3738
ord561
ord815
ord986
ord411
ord4159
ord2621
ord1134
ord3521
ord3522
ord2725
ord922
ord3874
ord1859
ord4246
ord3869
ord2127
ord2723
ord2391
ord3059
ord5102
ord5105
ord4468
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2880
ord2878
ord4153
ord4077
ord5237
ord2383
ord5284
ord2649
ord1665
ord4437
ord4428
ord807
ord796
ord554
ord529
ord402
ord674
ord5872
ord6067
ord6000
ord2117
ord2494
ord2627
ord2626
ord5871
ord6625
ord4457
ord1641
ord1270
ord1232
ord5255
ord4501
ord6209
ord4413
ord6403
ord6402
ord4163
ord1858
ord5101
ord2101
ord2390
ord5100
ord5104
ord3351
ord976
ord2879
ord4152
ord2382
ord5283
ord4436
ord5254
ord2445
ord4427
ord794
ord327
ord527
ord401
ord642
ord5852
ord3481
ord2252
ord5031
ord4245
ord4458
ord4995
ord3472
ord2087
ord6144
ord5862
ord3873
ord2411
ord2023
ord4218
ord2578
ord3582
ord2080
ord4129
ord1262
ord665
ord1979
ord3318
ord5773
ord352
ord668
ord2770
ord356
ord5583
ord1228
ord6032
ord3198
ord3454
ord4387
ord2403
ord4860
ord4956
ord4423
ord5654
ord3172
ord5577
ord1747
ord5742
ord5245
ord2542
ord2510
ord6336
ord3066
ord3060
ord4697
ord3251
ord3788
ord3449
ord1003
ord5627
ord6345
ord3515
ord5025
ord3417
ord2991
ord4155
ord5752
ord4657
ord4628
ord5501
ord5090
ord4652
ord4416
ord5000
ord4605
ord3106
ord5021
ord4491
ord4494
ord5002
ord4916
ord4640
ord4517
ord5020
ord2171
ord2437
ord4950
ord3187
ord4826
ord4861
ord4957
ord3853
ord4254
ord1917
ord823
ord825
ord800
ord537
ord4529
ord4389
msvcrt
__dllonexit
_onexit
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strtol
memmove
_getcwd
_errno
_getpid
_endthreadex
_beginthreadex
_purecall
strncpy
strncmp
strchr
_except_handler3
fscanf
mktime
localtime
strrchr
tanh
tan
sqrt
sinh
sin
pow
floor
cosh
cos
atan
asin
acos
gmtime
strcat
malloc
free
difftime
strcmp
memcpy
fabs
abs
time
srand
rand
atof
_mkdir
_chdir
fprintf
atoi
_strdate
sscanf
_strtime
_mbscmp
strcpy
_ftol
fseek
ftell
fread
memset
fopen
fwrite
fgets
strstr
fclose
sprintf
_setmbcp
_strupr
__CxxFrameHandler
_stricmp
tolower
exp
strlen
kernel32
lstrcpynA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
ExitThread
SetEvent
ResetEvent
OpenEventA
CreateThread
CreateFileMappingA
CloseHandle
FlushViewOfFile
lstrlenA
MapViewOfFile
UnmapViewOfFile
MapViewOfFileEx
OpenFileMappingA
GetVolumeInformationA
WriteFile
CreateFileA
ReleaseMutex
WaitForSingleObject
CreateMutexA
DeviceIoControl
SetThreadPriority
InitializeCriticalSection
CreateWaitableTimerA
CreateEventA
InterlockedIncrement
WaitForMultipleObjects
DeleteCriticalSection
TerminateThread
LeaveCriticalSection
EnterCriticalSection
SetWaitableTimer
Sleep
GetLastError
LocalFree
LocalAlloc
GetModuleHandleA
QueryDosDeviceA
GetVersionExA
GetStartupInfoA
LoadLibraryA
FreeLibrary
GetProcAddress
user32
GetClassInfoA
SetTimer
LoadBitmapA
UpdateWindow
FindWindowA
SendMessageA
LoadImageA
SetRect
EnableWindow
GetSystemMetrics
SetDlgItemTextA
GetSubMenu
CloseClipboard
GetDlgItem
GetDlgItemTextA
EndDialog
RedrawWindow
MessageBoxA
SetParent
GetParent
LoadIconA
LoadCursorA
OpenClipboard
EmptyClipboard
SetClipboardData
InvalidateRect
GetClientRect
GetWindowRect
LoadMenuA
gdi32
CreateMetaFileA
GetStockObject
CloseMetaFile
GetTextColor
GetDeviceCaps
comdlg32
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
shell32
ShellExecuteA
ole32
CoCreateGuid
msvcp60
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
setupapi
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
ws2_32
WSAStartup
gethostname
ntohs
ntohl
htons
WSAGetLastError
bind
closesocket
connect
getpeername
getsockname
getsockopt
recv
send
setsockopt
shutdown
socket
inet_addr
inet_ntoa
ioctlsocket
gethostbyaddr
getservbyname
select
__WSAFDIsSet
Sections
.text Size: 384KB - Virtual size: 382KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 72KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 88KB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 572KB - Virtual size: 572KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE