Static task
static1
Behavioral task
behavioral1
Sample
873332c2c4efc0308150279a06b7cc59267c6216fb9cf91c7a4d1fdc983c9456.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral2
Sample
873332c2c4efc0308150279a06b7cc59267c6216fb9cf91c7a4d1fdc983c9456.exe
Resource
win10v2004-20231020-en
windows10-2004-x64
General
-
Target
873332c2c4efc0308150279a06b7cc59267c6216fb9cf91c7a4d1fdc983c9456
-
Size
932KB
-
MD5
7021d0704d653eb84e31514ea967a514
-
SHA1
55a3d9cf9694c5af016cbaa9096fa6961da40bc8
-
SHA256
873332c2c4efc0308150279a06b7cc59267c6216fb9cf91c7a4d1fdc983c9456
-
SHA512
bf984f3e4420e54244d9a0dc433bdbc357d10758ef8cbd0a37cf36609ceca74d0fc0072c65654cb98165faaa49f3c93f1fd67229d964f6f811ee661e9ddaac1c
-
SSDEEP
24576:JBlI1q3kRxqHQ2nKSbE/fbsCvVBeLTvmc38W:JBe1rRMHQCuHbJVBeLTOcMW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 873332c2c4efc0308150279a06b7cc59267c6216fb9cf91c7a4d1fdc983c9456
Files
-
873332c2c4efc0308150279a06b7cc59267c6216fb9cf91c7a4d1fdc983c9456.exe windows:4 windows x86 arch:x86
5a485ae882e4a997949286252dde7ec6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetGetCookieExW
gdiplus
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdiplusShutdown
GdipFree
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc
GdipCloneImage
GdipLoadImageFromFile
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageThumbnail
GdipCreateBitmapFromGdiDib
GdipLoadImageFromStream
GdipGetImageEncoders
GdiplusStartup
xlue
_XLUE_PushBitmap@8
_XLUE_PushColor2@8
_XLUE_GetHostWndWindowHandle@4
_XLUE_InitLoader@4
_XLUE_AddXARSearchPath@4
_XLUE_LoadXAR@4
_XLUE_Stat@4
_XLUE_GetHostWndByID@4
_XLUE_GC@4
xlgraphic
_XL_BindMaskSource@20
_XL_ReleaseTexture@4
_XL_SetTextureBitmap@12
_XL_SetMaskBmpStretch@8
_XL_SetMaskSize@16
_XL_BuildMaskCache@20
_XL_ClipSubBindBitmap@8
_XL_GetBitmapInfo@8
_XL_StretchBitmap@12
_XL_LoadBitmapFromMemory@12
_XL_GetColorVariance@8
_XL_RGB2HSV@4
_XL_HSV2RGB@8
_XL_ReleaseMask@4
_XL_AddRefMask@4
_XL_DefaultGraphicHint@0
_XL_CloneBitmap@4
_XL_CreateBitmap@12
_XL_StatObject@4
_XL_SetFreeTypeEnabled@4
_XL_NewMask@0
_XL_GetBitmapMainColor@12
_XL_SetTextureOrigin@12
_XL_AddTextureBlock@24
_XL_CreateTexture@4
_XL_Blend@20
_XL_GetBitmapBuffer@12
_XL_AddRefBitmap@4
_XL_PrepareGraphicParam@4
_XL_InitGraphicLib@4
_XL_ReleaseBitmap@4
_XL_PaintBitmap@16
xlluaruntime
_XLLRT_ReleaseEnv@4
_XLLRT_ReleaseRunTime@4
lua_settop
lua_gettop
lua_gc
_XLLRT_GetLuaState@4
_XLLRT_GetRuntime@8
_XLLRT_GetEnv@4
lua_tointeger
_XLLRT_LuaCall@16
lua_isuserdata
lua_isstring
lua_isnumber
lua_settable
lua_next
luaL_unref
lua_pushvalue
luaL_ref
lua_pushlightuserdata
_XLLRT_RegisterClass@20
lua_tolstring
luaL_checktype
lua_objlen
lua_createtable
lua_rawseti
_XLLRT_RegisterGlobalObj@28
lua_pushlstring
lua_touserdata
luaL_checknumber
lua_toboolean
lua_type
luaL_checkinteger
luaL_checklstring
lua_pushnumber
luaL_checkudata
lua_pushnil
lua_pushinteger
_XLLRT_PushXLObject@12
lua_tonumber
ord7
lua_pushstring
lua_pushboolean
lua_rawgeti
_XLLRT_ReleaseChunk@4
_XLLRT_PrepareChunk@8
_XLLRT_CreateChunkFromModule@16
_XLLRT_RunChunk@8
_XLLRT_CreateChunkFromFile@12
_XLLRT_ErrorHandle@4
ws2_32
send
socket
connect
getservbyport
ntohs
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr
WSAAsyncGetHostByName
getpeername
getsockname
WSACancelAsyncRequest
WSAAsyncSelect
WSAStartup
WSCEnumProtocols
WSCGetProviderPath
WSADuplicateSocketW
closesocket
WSASocketW
recv
WSACleanup
downloadkernel
XL_DKLH_RegisterToEnv
XL_DKLH_GetDownloadKernel
libexpat
ord25
ord21
ord16
ord35
ord48
ord52
ord20
ord50
minizip
mini_unzip_dll
unzOpen2
unzGoToNextFile
unzOpen
unzGetCurrentFileInfo
unzLocateFile
unzOpenCurrentFile
unzReadCurrentFile
unzCloseCurrentFile
unzClose
unzGoToFirstFile
psapi
GetModuleBaseNameW
winmm
PlaySoundW
kernel32
CreateMutexA
CreateFileMappingA
OpenMutexA
OpenFileMappingA
CreateEventA
GetModuleFileNameA
MoveFileW
GetSystemTimeAsFileTime
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
ExitProcess
GetStartupInfoW
QueryPerformanceCounter
VerSetConditionMask
VerifyVersionInfoW
GetSystemDirectoryA
ReleaseSemaphore
CreateSemaphoreW
SetThreadContext
GetThreadContext
VirtualAlloc
lstrcmpiW
GetFullPathNameW
CompareFileTime
GetTempFileNameW
ReadProcessMemory
GetThreadSelectorEntry
GetProcAddress
GetModuleHandleW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
HeapFree
GetProcessHeap
CloseHandle
CreateFileW
MapViewOfFileEx
CreateFileMappingW
GetFileSize
UnmapViewOfFile
MultiByteToWideChar
lstrlenW
lstrlenA
WideCharToMultiByte
MapViewOfFile
OpenFileMappingW
OutputDebugStringW
GetCurrentThread
ResumeThread
CreateDirectoryW
CreateDirectoryExW
CreateProcessW
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
WriteFile
GetLocalTime
ReadFile
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
FlushInstructionCache
GetCurrentProcess
HeapAlloc
lstrcatW
lstrcpyW
GlobalMemoryStatusEx
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
SetThreadExecutionState
GetCurrentThreadId
GetTickCount
SetProcessWorkingSetSize
OpenEventW
SetEvent
FreeLibrary
GetModuleFileNameW
GetTempPathW
CreateMutexW
OpenProcess
ReleaseMutex
Process32NextW
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
OpenMutexW
VirtualProtect
GetVersion
ResetEvent
WaitForMultipleObjects
CreateEventW
UnhandledExceptionFilter
GetSystemDirectoryW
InterlockedCompareExchange
SetLastError
DeleteFileW
LocalFree
GetPrivateProfileStringW
GlobalUnlock
GlobalLock
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrcpynW
lstrcmpW
Sleep
SetFilePointer
lstrcpynA
MulDiv
GetDiskFreeSpaceExW
GetVolumeInformationW
GetDriveTypeW
GlobalAddAtomW
GlobalDeleteAtom
GetFileSizeEx
CopyFileW
SetFileAttributesW
GlobalAlloc
SystemTimeToFileTime
GetSystemTime
SetSystemPowerState
GetExitCodeProcess
WaitForSingleObject
CreateThread
GetLogicalDriveStringsW
GlobalSize
VirtualQuery
GetFileAttributesExW
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
IsBadCodePtr
SuspendThread
OutputDebugStringA
FileTimeToSystemTime
GetFileTime
MoveFileExW
GetModuleHandleA
SetErrorMode
IsDebuggerPresent
VirtualQueryEx
user32
LoadStringW
InsertMenuW
InsertMenuItemW
GetMenuStringW
GetMenuItemID
GetMenuItemInfoW
CreatePopupMenu
DestroyMenu
GetSubMenu
GetMenuItemCount
GetActiveWindow
ExitWindowsEx
ShowCursor
PtInRect
GetTopWindow
IntersectRect
GetWindow
GetClientRect
IsRectEmpty
EqualRect
SetRectEmpty
PostThreadMessageW
MsgWaitForMultipleObjects
PostMessageW
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
wsprintfW
DestroyWindow
GetClassInfoExW
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
IsIconic
IsWindowVisible
RegisterWindowMessageW
GetCursorPos
EmptyClipboard
SetClipboardData
EnumWindows
GetAsyncKeyState
GetKeyState
UnregisterHotKey
RegisterHotKey
PostQuitMessage
WindowFromPoint
ScreenToClient
GetLastInputInfo
RegisterClipboardFormatW
GetLastActivePopup
GetForegroundWindow
AttachThreadInput
BringWindowToTop
SetForegroundWindow
SystemParametersInfoW
SetFocus
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetClipboardViewer
GetClipboardOwner
GetWindowThreadProcessId
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
GetDesktopWindow
ShowWindow
ClientToScreen
GetWindowPlacement
GetWindowRect
GetWindowDC
EnumThreadWindows
GetClassNameW
DrawIconEx
DrawTextW
GetIconInfo
GetDC
ReleaseDC
CreateIconIndirect
DestroyIcon
SetTimer
IsWindow
KillTimer
FindWindowW
SendMessageTimeoutW
SetWindowsHookExW
MessageBoxW
GetWindowTextW
SetDlgItemTextW
UnhookWindowsHookEx
CallNextHookEx
GetSystemMetrics
LoadImageW
SendMessageW
gdi32
EnumFontFamiliesExW
GetDeviceCaps
BitBlt
ExtTextOutW
SetDCBrushColor
SetDCPenColor
SetStretchBltMode
CreateSolidBrush
CreatePen
Rectangle
GetTextExtentPoint32W
SetBkMode
SetTextColor
TextOutW
StretchBlt
CreateCompatibleBitmap
CreateDIBSection
GetStockObject
DeleteObject
GetDIBColorTable
GetObjectW
SetDIBColorTable
SelectObject
DeleteDC
CreateCompatibleDC
GetPixel
SetBkColor
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegCreateKeyW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeSelfRelativeSD
GetNamedSecurityInfoW
GetAclInformation
GetAce
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
EqualSid
SetNamedSecurityInfoW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
IsValidSid
CopySid
GetLengthSid
AddAce
InitializeAcl
shell32
SHFileOperationW
SHCreateDirectoryExW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
ExtractIconExW
ShellExecuteExW
SHGetSpecialFolderPathW
SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
ord74
SHGetDesktopFolder
SHGetMalloc
ord165
ole32
StringFromGUID2
CLSIDFromString
CoCreateGuid
CoTaskMemFree
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoInitialize
CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
VarBstrCat
SafeArrayDestroy
LoadTypeLi
LoadRegTypeLi
VariantChangeType
VariantCopy
VariantInit
OleLoadPicturePath
VariantClear
SysStringLen
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysAllocString
msvcp71
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?width@ios_base@std@@QBEHXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1locale@std@@QAE@XZ
?flags@ios_base@std@@QBEHXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?eof@?$char_traits@_W@std@@SAGXZ
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?to_char_type@?$char_traits@D@std@@SADABH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?to_int_type@?$char_traits@D@std@@SAHABD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?_Nomemory@std@@YAXXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1ios_base@std@@UAE@XZ
??1istrstream@std@@UAE@XZ
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?max_size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??Bios_base@std@@QBEPAXXZ
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1strstreambuf@std@@UAE@XZ
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??7ios_base@std@@QBE_NXZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??1ostrstream@std@@UAE@XZ
??0ostrstream@std@@QAE@PADHH@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?overflow@strstreambuf@std@@MAEHH@Z
?pbackfail@strstreambuf@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JHH@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?clear@ios_base@std@@QAEXH_N@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
atl71
ord58
ord10
ord11
ord45
ord32
ord61
ord31
ord66
ord65
ord43
ord30
ord23
ord64
ord62
ord44
shlwapi
StrCmpIW
StrStrIW
StrCmpNIW
PathRemoveBlanksA
StrCmpNIA
SHDeleteKeyW
PathFileExistsA
StrCatW
StrCmpW
PathCanonicalizeW
PathIsRelativeW
StrToIntW
StrChrIA
StrStrIA
PathIsSameRootW
StrCpyNW
PathIsDirectoryW
PathAddBackslashW
PathAppendW
PathRemoveFileSpecW
PathCombineW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
msimg32
AlphaBlend
TransparentBlt
msvcr71
??3@YAXPAX@Z
__CxxFrameHandler
??1exception@@UAE@XZ
??0exception@@QAE@XZ
free
_CxxThrowException
memset
iswspace
wcscmp
_wcsupr
memcpy
wcslen
memmove
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
malloc
strlen
??_V@YAXPAX@Z
_wcsnicmp
_wtoi
wcscpy
_wcslwr
_purecall
_snprintf
fclose
fwrite
_wfopen
fread
_snwprintf
_except_handler3
realloc
_wcsicmp
wcsstr
__p___wargv
_resetstkoflw
tolower
_wmkdir
abs
_vscwprintf
vswprintf
wcstombs
_beginthreadex
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
rand
srand
wcscat
_waccess
swprintf
_ltow
_vscprintf
vsprintf
memcmp
wcsspn
wcscspn
strcpy
wcsncat
_localtime64
_wrename
_time64
_i64toa
_atoi64
_mktime64
_gmtime64
time
wcsrchr
wcschr
swscanf
fwprintf
getc
fgetwc
fseek
toupper
_ultow
_ui64toa
_ui64tow
sprintf
atol
_wtoi64
_wtol
sscanf
_stricmp
_vsnwprintf
_wsplitpath
_findclose
_wfindnext
_wfindfirst
?swprintf@@YAHPA_WIPB_WZZ
strcat
fputs
wcsncpy
wcsftime
localtime
ftell
atoi
_close
_read
_wopen
_wstat
wcsncmp
_mbsinc
_ismbcspace
_errno
_beginthread
_mbsstr
calloc
strncpy
strtoul
strchr
strstr
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strcmpi
strftime
gmtime
_strnicmp
strncmp
strcmp
wintrust
CryptCATAdminReleaseCatalogContext
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
WinVerifyTrust
crypt32
CryptMsgGetParam
CryptQueryObject
CryptMsgClose
CertCloseStore
sqlite3
sqlite3_close
sqlite3_open16
sqlite3_step
sqlite3_column_text16
sqlite3_reset
sqlite3_column_int
sqlite3_bind_text16
sqlite3_bind_int
sqlite3_prepare16_v2
sqlite3_finalize
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
Sections
.text Size: 647KB - Virtual size: 647KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 195KB - Virtual size: 194KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 305KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 72KB - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE