Static task
static1
Behavioral task
behavioral1
Sample
2f08d8fced27d8512fc0d0681c33a0eb066947af08d156b191744cc89f4ac257.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral2
Sample
2f08d8fced27d8512fc0d0681c33a0eb066947af08d156b191744cc89f4ac257.exe
Resource
win10v2004-20231023-en
windows10-2004-x64
General
-
Target
4c843dcee79388341f72c3a7adb1ace6.bin
-
Size
2.2MB
-
MD5
09e42d0b97b51b757d26ec00a5cabe3f
-
SHA1
f275acb6f78f9dad6c515841ee3b1e4ea7fbf67f
-
SHA256
1210af390e2c338f80160ef4f6736007538e6f6bd0f2ba30a348672cdb244a61
-
SHA512
ee209428c778a7702d14fdbd40e68e84816cf8c65b95e39714c8730aee320b2f41253f7711d126cbdc23e2d60174f88d834dcbc5374bfd0a65e281e4a44ccbab
-
SSDEEP
49152:dVadeRNAh9hlDnX2E32hDTT4xnr/2eso6tGC2J+QqFnkDdmoVY:GUExl7X/A/kxnrO1GC2J5qBaY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/2f08d8fced27d8512fc0d0681c33a0eb066947af08d156b191744cc89f4ac257.bin
Files
-
4c843dcee79388341f72c3a7adb1ace6.bin.zip
Password: infected
-
2f08d8fced27d8512fc0d0681c33a0eb066947af08d156b191744cc89f4ac257.bin.exe windows:4 windows x86 arch:x86
Password: infected
6a2092bf8d64ab2f40bbee5388c12637
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
psapi
EnumProcesses
EmptyWorkingSet
dbghelp
EnumerateLoadedModules
MiniDumpWriteDump
memory
?reset_max_alloc_size@memory@hfe@dice@@YAXXZ
?getStatus@memory@hfe@dice@@YAPADPBD@Z
?nextPhysicFrame@memory@hfe@dice@@YAXXZ
?get_total_bytes_allocated@memory@hfe@dice@@YAHXZ
?get_accumulated_bytes_allocated@memory@hfe@dice@@YA_JXZ
?get_total_allocation_call_count@memory@hfe@dice@@YAHXZ
?get_accumulated_allocation_call_count@memory@hfe@dice@@YAHXZ
?register_err_callback@memory@hfe@dice@@YAXP6AX_NPBD@Z@Z
?nextVisualFrame@memory@hfe@dice@@YAXXZ
?set_max_alloc_size@memory@hfe@dice@@YAXI@Z
?bf_free@memory@hfe@dice@@YAXPAX@Z
?bf_malloc@memory@hfe@dice@@YAPAXIH@Z
?addMemoryName@memory@hfe@dice@@YAHPBD@Z
?memory_update_modules@memory@hfe@dice@@YAXPBD@Z
ws2_32
getsockname
bind
select
ioctlsocket
setsockopt
getsockopt
__WSAFDIsSet
htonl
listen
accept
WSAGetLastError
WSASetLastError
sendto
ntohs
socket
connect
send
recv
shutdown
closesocket
htons
ntohl
WSAStartup
gethostname
gethostbyname
inet_ntoa
inet_addr
recvfrom
WSACleanup
dinput8
DirectInput8Create
winmm
mixerGetLineInfoA
mixerOpen
mixerGetDevCapsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetLineControlsA
mixerClose
dice_py
PyInt_AsLong
PyErr_SetString
PyExc_RuntimeError
PyType_IsSubtype
PyInt_Type
PyFloat_AsDouble
PyFloat_Type
PyString_AsString
PyString_Type
PyInt_FromLong
PyErr_Clear
PyTuple_SetItem
PyFloat_FromDouble
PyTuple_New
PyObject_GetAttrString
PyTuple_GetItem
PyString_FromString
PyObject_CallObject
Py_InitModule4
PyObject_CallFunction
PyCallable_Check
PyErr_Occurred
PyModule_GetDict
PyImport_ImportModule
PyObject_SetAttrString
PyObject_CallMethod
PyTuple_Size
Py_Finalize
Py_IsInitialized
PyClass_New
PyDict_New
PyRun_SimpleString
Py_Initialize
Py_NoSiteFlag
PyErr_Format
PyList_GetItem
PyList_Size
PyTuple_Type
PyCObject_AsVoidPtr
PyCObject_Type
PyMethod_New
PyCFunction_NewEx
PyCObject_FromVoidPtr
_Py_NoneStruct
PyDict_GetItemString
Py_VerboseFlag
PyErr_Print
dsound
ord2
ord9
ord1
ord7
ord6
crypt32
CryptProtectData
CryptUnprotectData
novinthfx
?CreateStandardEffect@BaseEffectParams@NovintHFX@@UAE_NPAVStack@2@PBDPAPAVIHapticEffect@@@Z
?GetStaticInfoClass@ConstantEffectParams@NovintHFX@@UAEPAUParamsStaticClass@2@XZ
?SetVar@BaseEffectParams@NovintHFX@@UAE_NPBD0@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDAAM@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDAAN@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDAA_N@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDAAH@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDPAX@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHAAM@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHAAN@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHAA_N@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHAAH@Z
?GetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHPAX@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDN@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBD_N@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDM@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDH@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDPAX@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHN@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDH_N@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHM@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHH@Z
?SetVar@ConstantEffectParams@NovintHFX@@UAE_NPBDHPAX@Z
?StandardEffectName@ConstantEffectParams@NovintHFX@@UBEPBDXZ
?CreateStandardEffect@BaseEffectParams@NovintHFX@@UAE_NPAVDevice@2@PBDPAPAVIHapticEffect@@@Z
?CreateNewEffect@Stack@NovintHFX@@QAE_NPBDPAUIHapticEffectParam@@0PAPAVIHapticEffect@@@Z
?GetEffectStack@Device@NovintHFX@@QAEPAVStack@2@XZ
??0ConstantEffectParams@NovintHFX@@QAE@XZ
??AVect3@NovintHFX@@QAEAANH@Z
??1BaseEffectParams@NovintHFX@@UAE@XZ
??4Vect3@NovintHFX@@QAEAAU01@ABU01@@Z
?GetStaticInfoClass@EnvelopeEffectParams@NovintHFX@@UAEPAUParamsStaticClass@2@XZ
?GetVarType@EnvelopeEffectParams@NovintHFX@@UBEDPBDPAH@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDAAM@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDAAN@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDAA_N@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDAAH@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDPAX@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHAAM@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHAAN@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHAA_N@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHAAH@Z
?GetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHPAX@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDN@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBD_N@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDM@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDH@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDPAX@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHN@Z
?RunSetCommand@BaseEffectParams@NovintHFX@@UAE_NPAD@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDH_N@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHM@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHH@Z
?SetVar@EnvelopeEffectParams@NovintHFX@@UAE_NPBDHPAX@Z
?StandardEffectName@EnvelopeEffectParams@NovintHFX@@UBEPBDXZ
??0EnvelopeEffectParams@NovintHFX@@QAE@XZ
??DVect3@NovintHFX@@QBE?AU01@ABN@Z
?Normalize@Vect3@NovintHFX@@QBE?AU12@XZ
?GetToolPosition@Device@NovintHFX@@QBEXQAN@Z
?GetButtonData@Device@NovintHFX@@QBEXPAH00@Z
??0Vect3@NovintHFX@@QAE@ABN00@Z
?InputUpdate@Device@NovintHFX@@QAEXXZ
?StartMouse@HapticsSystem@NovintHFX@@QAEXPAVDevice@2@@Z
?RunDevice@HapticsSystem@NovintHFX@@QAE_NPAPAVDevice@2@H@Z
?ConnectedDeviceCount@HapticsSystem@NovintHFX@@QBEHXZ
?RecountConnectedDevices@HapticsSystem@NovintHFX@@QAEXXZ
?AttachApplication@HapticsSystem@NovintHFX@@QAE_NAAUApplicationData@2@@Z
??0mouse_settings@ApplicationData@NovintHFX@@QAE@XZ
?StopRunningDevice@HapticsSystem@NovintHFX@@QAE_NPAPAVDevice@2@@Z
Haptics
?GetStaticInfoClass@ControlBoxEffectParams@NovintHFX@@UAEPAUParamsStaticClass@2@XZ
?GetVarType@ControlBoxEffectParams@NovintHFX@@UBEDPBDPAH@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDAAM@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDAAN@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDAA_N@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDAAH@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDPAX@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHAAM@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHAAN@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHAA_N@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHAAH@Z
?GetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHPAX@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDN@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBD_N@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDM@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDH@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDPAX@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHN@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDH_N@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHM@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHH@Z
?SetVar@ControlBoxEffectParams@NovintHFX@@UAE_NPBDHPAX@Z
?StandardEffectName@ControlBoxEffectParams@NovintHFX@@UBEPBDXZ
??0ControlBoxEffectParams@NovintHFX@@QAE@XZ
?InputUpdate@HapticsSystem@NovintHFX@@QAEHXZ
?GetVarType@ConstantEffectParams@NovintHFX@@UBEDPBDPAH@Z
kernel32
GetExitCodeProcess
GetTempPathA
ReadConsoleInputA
FreeConsole
GetStdHandle
SetConsoleMode
SetConsoleWindowInfo
SetConsoleScreenBufferSize
SetConsoleTitleA
SetConsoleCtrlHandler
WriteConsoleOutputCharacterA
SetConsoleCursorPosition
LocalFree
GetTickCount
GetSystemDirectoryA
GetComputerNameA
LoadLibraryExA
GetSystemTimeAsFileTime
GlobalMemoryStatus
GlobalLock
GlobalUnlock
GlobalAlloc
GetThreadTimes
GetProcessTimes
GetOverlappedResult
ReadFile
FormatMessageA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetExitCodeThread
CreateThread
SetThreadPriority
WriteFile
CreateEventA
DeleteFileW
GetCurrentThreadId
WaitForSingleObject
InitializeCriticalSection
CreateFileW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
SetPriorityClass
IsDebuggerPresent
GetModuleFileNameA
ReleaseMutex
CreateMutexA
GetLastError
SetProcessWorkingSetSize
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetCurrentProcessId
OpenProcess
CloseHandle
VirtualLock
FindNextChangeNotification
FindNextFileW
FindCloseChangeNotification
FindFirstChangeNotificationA
FindNextFileA
FindFirstFileA
FreeLibrary
GetCurrentThread
GetCurrentDirectoryA
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
SetFilePointer
GetFileSize
GetFullPathNameA
ExitProcess
MoveFileW
GetStartupInfoA
CopyFileW
GetCurrentDirectoryW
FindClose
LoadLibraryA
AllocConsole
FindFirstFileW
user32
GetForegroundWindow
GetDesktopWindow
LoadCursorA
RegisterClassExA
CreateWindowExA
DefWindowProcA
SetFocus
PostQuitMessage
DestroyWindow
OpenClipboard
GetFocus
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
SetCursor
LoadCursorFromFileA
LoadImageA
SetWindowLongA
SetForegroundWindow
UpdateWindow
GetSystemMetrics
SetWindowPos
MessageBoxA
ShowCursor
ShowWindow
GetAsyncKeyState
GetKeyState
SendInput
PeekMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
ToAsciiEx
MapVirtualKeyExA
GetKeyboardState
GetKeyboardLayout
IsClipboardFormatAvailable
LoadIconA
gdi32
CreateSolidBrush
advapi32
RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
AdjustTokenPrivileges
RegOpenKeyExA
shell32
ShellExecuteExA
SHGetFolderPathW
SHFileOperationW
ShellExecuteA
ole32
CoUninitialize
CoInitialize
bf2voipserver
?Update@CBF2VoipServer@BF2VoipServer@@QAE?AW4VRESULT@VOIP@@XZ
??0CBF2VoipServer@BF2VoipServer@@QAE@XZ
??1CBF2VoipServer@BF2VoipServer@@QAE@XZ
?CreateInstance@CBF2VoipServer@BF2VoipServer@@QAE?AW4VRESULT@VOIP@@IV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?Shutdown@CBF2VoipServer@BF2VoipServer@@QAE?AW4VRESULT@VOIP@@XZ
?Initialize@CBF2VoipServer@BF2VoipServer@@QAE?AW4VRESULT@VOIP@@_N@Z
msvcp71
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
_FInf
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIABV12@@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??_D?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?clear@ios_base@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHABV12@@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JHH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?pbackfail@strstreambuf@std@@MAEHH@Z
?overflow@strstreambuf@std@@MAEHH@Z
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1strstreambuf@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??1ios_base@std@@UAE@XZ
??1istrstream@std@@UAE@XZ
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?setiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
?rend@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@Viterator@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@Viterator@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIABV12@II@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADHD@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Xran@_String_base@std@@QBEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
msvcr71
_itoa
free
sscanf
atof
mbstowcs
_controlfp
?terminate@@YAXXZ
toupper
_purecall
floor
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_except_handler3
strstr
__CxxFrameHandler
_CxxThrowException
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
_exit
printf
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_c_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
fabs
_splitpath
_iob
calloc
_CIsinh
_mkdir
_chdir
modf
_wcsicmp
vsprintf
_fstat
strtoul
fscanf
fgetc
_strlwr
fputs
fprintf
isalpha
rewind
strspn
_atoi64
qsort
_aligned_malloc
realloc
_CIasin
strchr
_snprintf
_CIpow
_finite
strcspn
wcstombs
tolower
_vsnwprintf
swprintf
_vsnprintf
sprintf
atoi
difftime
memmove
time
strrchr
clock
isdigit
_strnicmp
_stricmp
fgets
_CIacos
strncmp
_getcwd
srand
rand
isupper
strftime
localtime
atol
wcscmp
_CIfmod
ceil
isspace
exit
isalnum
fseek
ftell
fread
fwrite
strncpy
fopen
fclose
malloc
remove
rename
_chmod
_beginthreadex
Sections
.text Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 940KB - Virtual size: 939KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 116KB - Virtual size: 832KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 744KB - Virtual size: 743KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ