Static task
static1
Behavioral task
behavioral1
Sample
bb317292c3c7bd1c7d53ead694b4b5de3c67ed954e49dfec8d37e4197bf917fc.exe
Resource
win7-20231023-en
windows7-x64
Behavioral task
behavioral2
Sample
bb317292c3c7bd1c7d53ead694b4b5de3c67ed954e49dfec8d37e4197bf917fc.exe
Resource
win10v2004-20231023-en
windows10-2004-x64
General
-
Target
bb317292c3c7bd1c7d53ead694b4b5de3c67ed954e49dfec8d37e4197bf917fc
-
Size
4.0MB
-
MD5
cdca40b2ba7d167bb6ab2cb2e95db0ff
-
SHA1
aa5a93c0bc4dc771850bc2aa250f6c11f3df2909
-
SHA256
bb317292c3c7bd1c7d53ead694b4b5de3c67ed954e49dfec8d37e4197bf917fc
-
SHA512
62a5f9a72914f015aafaa9374e51c36c376c502cad162f0424452d28fb9e341423e8575bfc482731a872270843e6383989dd601c0d866ecd6e9ea0538f138210
-
SSDEEP
98304:nm0pOyfO0N2eaZ8pu5amnCY6wGzj2peEJf2dZLPfiQPh:mSOyHN2eaZf5amCY6wGzj2peEJfULni2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bb317292c3c7bd1c7d53ead694b4b5de3c67ed954e49dfec8d37e4197bf917fc
Files
-
bb317292c3c7bd1c7d53ead694b4b5de3c67ed954e49dfec8d37e4197bf917fc.exe windows:5 windows x86
a04fb5ffe860dd6bb150401455f8dffa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
psapi
GetModuleFileNameExA
d3dx9d_36
D3DXMatrixRotationZ
D3DXLoadMeshHierarchyFromXA
D3DXLoadMeshHierarchyFromXInMemory
D3DXFrameDestroy
D3DXComputeBoundingBox
D3DXIntersectTri
D3DXIntersect
D3DXFrameFind
D3DXCreateTextureFromFileA
D3DXCreateFontIndirectA
D3DXCreateTextureFromFileExA
D3DXCreateEffectFromFileA
D3DXMatrixTranspose
D3DXGetImageInfoFromFileA
D3DXMatrixOrthoLH
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXDeclaratorFromFVF
D3DXSaveTextureToFileA
D3DXCreateTexture
D3DXLoadSurfaceFromSurface
D3DXMatrixRotationY
D3DXVec3TransformNormal
D3DXMatrixTranslation
D3DXMatrixRotationX
D3DXMatrixScaling
D3DXMatrixRotationAxis
D3DXVec3Transform
D3DXFillTexture
D3DXCreateTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileInMemory
D3DXVec3Normalize
D3DXPlaneFromPointNormal
D3DXMatrixReflect
D3DXSphereBoundProbe
D3DXMatrixRotationYawPitchRoll
D3DXMatrixMultiply
D3DXCreateLine
D3DXVec3CatmullRom
D3DXVec3TransformCoord
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveFovLH
odbc32
ord24
ord13
ord36
ord9
ord31
ord26
ord75
ord7
ord11
winmm
mmioAscend
mmioGetInfo
mmioDescend
mmioClose
mmioCreateChunk
mmioSeek
mmioSetInfo
mmioAdvance
mmioWrite
mmioRead
timeGetTime
timeBeginPeriod
mmioOpenA
dsound
ord11
capsdk12
CAP_GetCaptureDoneMask
gdiplus
GdiplusShutdown
GdiplusStartup
avifil32
AVIStreamGetFrameClose
AVIFileRelease
AVIFileOpenA
AVIFileExit
AVIStreamRelease
AVIStreamAddRef
AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrame
AVIFileInit
AVIStreamSetFormat
AVIMakeCompressedStream
AVIFileCreateStreamA
AVIStreamWrite
AVIFileInfoA
AVIStreamGetFrameOpen
msvfw32
DrawDibOpen
DrawDibClose
avicap32
capCreateCaptureWindowA
msvcp90
?setf@ios_base@std@@QAEHH@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?setf@ios_base@std@@QAEHHH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?is_open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QBE_NXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@0@Z
?eq@?$char_traits@D@std@@SA_NABD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
?capacity@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??7ios_base@std@@QBE_NXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
?infinity@?$numeric_limits@N@std@@SANXZ
?quiet_NaN@?$numeric_limits@N@std@@SANXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
msvcr90
_CIcos
_CIsin
_CIsqrt
clock
_CIatan2
_CItan
_chdir
_getcwd
toupper
tolower
ceil
_strnicmp
qsort
wcsncpy
_CIexp
_CIfmod
_CIpow
_fullpath
_vsnwprintf
vsprintf
asin
fwrite
exp
wcscmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__clean_type_info_names_internal
_vsnprintf_s
_except_handler4_common
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
strftime
fflush
_stat64i32
strtok
strpbrk
_finite
modf
abort
localeconv
sprintf_s
isspace
ispunct
_mbscmp
strncmp
_vscprintf
memcpy_s
_mbschr
wcscat
strrchr
_itoa
strchr
sscanf_s
wcslen
vsprintf_s
fopen_s
_access
remove
_vswprintf_c_l
strstr
_getdrive
srand
atan
?before@type_info@@QBEHABV1@@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??1bad_typeid@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
__RTtypeid
??0exception@std@@QAE@ABQBD@Z
_time64
_localtime64
fread
_vswprintf
exit
??_V@YAXPAX@Z
floor
_stricmp
__RTDynamicCast
memmove
sscanf
_mbsrchr
_snprintf
strcpy
strncpy
_mbsnbcpy
strcat
??2@YAPAXI@Z
memset
sprintf
fseek
ftell
fscanf
_errno
strerror
strcmp
fopen
fclose
fmod
atan2
memcmp
tan
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
sqrt
pow
_purecall
memmove_s
malloc
free
__iob_func
fprintf
atof
atoi
strlen
_vsnprintf
printf
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
fabs
sin
cos
acos
rand
??3@YAXPAX@Z
memcpy
__CxxFrameHandler3
log
_gmtime64
_beginthreadex
_recalloc
kernel32
RaiseException
HeapSize
TlsAlloc
TlsFree
TlsGetValue
GetSystemInfo
ResetEvent
HeapReAlloc
GetSystemTimeAsFileTime
TlsSetValue
ResumeThread
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
InterlockedIncrement
IsDebuggerPresent
CreateFileA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
OutputDebugStringW
DebugBreak
HeapCreate
OutputDebugStringA
HeapDestroy
VirtualFree
lstrcmpA
VirtualAlloc
GetCurrentThread
SetThreadPriority
GetModuleHandleA
GetSystemDirectoryA
MoveFileExA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
RemoveDirectoryA
FindResourceExA
OpenProcess
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
SystemTimeToFileTime
CompareFileTime
GetFileSize
HeapAlloc
GetProcessHeap
HeapFree
CreateDirectoryA
DeleteCriticalSection
InitializeCriticalSection
GetProfileStringA
WriteProfileStringA
WaitCommEvent
TransmitCommChar
WriteFile
EscapeCommFunction
ClearCommError
ReadFile
GetOverlappedResult
GetCommState
SetCommState
SetCommMask
SetupComm
PurgeComm
SetCommTimeouts
CreateThread
WaitForSingleObject
GetSystemTime
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CreateMutexA
GetLastError
ReleaseMutex
GetCurrentDirectoryA
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteFileA
CreateEventA
SetEvent
SetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileAttributesA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameA
lstrcpynA
InterlockedDecrement
CloseHandle
lstrcatA
lstrcpyA
lstrlenA
FindResourceA
LoadResource
SizeofResource
LockResource
GetLocalTime
Sleep
GetTickCount
FindFirstFileA
FindNextFileA
FindClose
user32
SendDlgItemMessageA
GetDlgItem
GetWindowTextW
DialogBoxParamA
GetDC
wvsprintfA
EnableWindow
DefWindowProcA
PostQuitMessage
DestroyWindow
GetWindowRect
GetDesktopWindow
AdjustWindowRectEx
GetMenu
GetKeyState
SetRect
CreateWindowExA
RegisterClassA
LoadCursorA
ScreenToClient
SetWindowTextW
DispatchMessageA
TranslateMessage
PeekMessageA
IsWindow
InflateRect
MessageBoxW
GetForegroundWindow
BeginPaint
EndPaint
wsprintfA
GetWindowThreadProcessId
SetWindowPos
AllowSetForegroundWindow
SetForegroundWindow
ShowWindow
UpdateWindow
SetFocus
ReleaseDC
MessageBoxA
InvalidateRect
EndDialog
DrawTextW
GetCursorPos
FindWindowA
GetAsyncKeyState
SendMessageA
GetWindowLongA
advapi32
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ole32
CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
shell32
ShellExecuteA
ShellExecuteExA
oleaut32
OleCreatePropertyFrame
SysFreeString
rockey4nd
Rockey
dbghelp
MiniDumpWriteDump
sqlite3
sqlite3_open_v2
sqlite3_open
sqlite3_close
sqlite3_free
sqlite3_exec
mfc90
ord5608
ord1446
ord3218
ord6356
ord5389
ord3671
ord6782
ord4160
ord6784
ord1644
ord2368
ord2375
ord2625
ord2607
ord2605
ord2623
ord2635
ord2612
ord2628
ord2633
ord2616
ord2618
ord2620
ord2614
ord2630
ord2610
ord2139
ord965
ord967
ord963
ord958
ord5666
ord1792
ord6446
ord1729
ord4688
ord5139
ord3732
ord5636
ord4589
ord6780
ord5497
ord2074
ord5585
ord4650
ord1496
ord4331
ord1752
ord1755
ord6388
ord3344
ord1678
ord1809
ord1810
ord2208
ord4993
ord5309
ord5152
ord4617
ord5615
ord639
ord6613
ord1791
ord1728
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4668
ord374
ord3783
ord3987
ord2501
ord4308
ord3013
ord1603
ord3213
ord305
ord1611
ord5963
ord4392
ord3178
ord899
ord3534
ord2106
ord1183
ord3612
ord525
ord6078
ord310
ord5924
ord311
ord2539
ord300
ord316
ord6640
ord817
ord406
ord910
ord2490
ord665
ord601
ord969
ord5668
gdi32
DeleteDC
SelectObject
SetROP2
MoveToEx
LineTo
GetStockObject
Rectangle
BitBlt
SetBkColor
SetMapMode
GetMapMode
CreateCompatibleBitmap
CreateBitmap
DPtoLP
TextOutW
PolyBezier
CreatePen
GetObjectA
Ellipse
DeleteObject
StretchDIBits
SetStretchBltMode
GetDeviceCaps
CreateCompatibleDC
iphlpapi
GetAdaptersInfo
d3d9
Direct3DCreate9
Sections
.textbss Size: - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 815KB - Virtual size: 814KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 81KB - Virtual size: 221.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 514B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ