Static task
static1
Behavioral task
behavioral1
Sample
b754e6620ab8af7e6481659327fb017c8cf462db051e18ff29285945ec14cb15.exe
Resource
win7-20231020-en
windows7-x64
Behavioral task
behavioral2
Sample
b754e6620ab8af7e6481659327fb017c8cf462db051e18ff29285945ec14cb15.exe
Resource
win10v2004-20231020-en
windows10-2004-x64
General
-
Target
b754e6620ab8af7e6481659327fb017c8cf462db051e18ff29285945ec14cb15
-
Size
2.9MB
-
MD5
abe41b4f8977dbeb70f07f08bf0d3d05
-
SHA1
95991300c99058bd1dc1336972d7840ed67766fb
-
SHA256
b754e6620ab8af7e6481659327fb017c8cf462db051e18ff29285945ec14cb15
-
SHA512
feda36e0abe40254a47b5b4cfb152357d6cdbfe5bf980bc6e8cd9e672619dd0e0ea512ada93460162e534b836017bf89aebfd6efdc002cbd4fff1a2e8588accc
-
SSDEEP
24576:ztPlJo8cgJlpuua4HvwRqI0upYrZrBme4GgCeT7pSxKleqKFAA59UFXjVqBjkfoR:zgi6ua4HvxupYrhyxldEAAYFG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b754e6620ab8af7e6481659327fb017c8cf462db051e18ff29285945ec14cb15
Files
-
b754e6620ab8af7e6481659327fb017c8cf462db051e18ff29285945ec14cb15.exe windows:4 windows x86 arch:x86
ea53752458131b61578f0c2087c303a2
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
hid
HidD_GetAttributes
HidD_FlushQueue
HidD_GetPreparsedData
HidP_GetCaps
HidD_GetHidGuid
HidD_FreePreparsedData
setupapi
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
winmm
timeKillEvent
timeSetEvent
rockey2
RY2_Close
RY2_Write
RY2_Read
RY2_Find
RY2_Open
qianpuinpros
?WriteDatabase@CTool@@SAHVCString@@000000PAXJ0AAV?$CArray@PAVCResult@@PAV1@@@@Z
cj60lib
?PreTranslateMessage@CCJControlBar@@UAEHPAUtagMSG@@@Z
?GetMessageMap@CCJTabCtrlBar@@MBEPBUAFX_MSGMAP@@XZ
?OnUpdateCmdUI@CCJControlBar@@UAEXPAVCFrameWnd@@H@Z
?GetRuntimeClass@CCJControlBar@@UBEPAUCRuntimeClass@@XZ
?SetTabImageList@CCJTabCtrlBar@@QAEPAVCImageList@@PAV2@@Z
?GetActiveView@CCJTabCtrlBar@@QAEPAVCView@@XZ
?AddView@CCJTabCtrlBar@@QAEHPBDPAUCRuntimeClass@@PAUCCreateContext@@@Z
?SetBtnImageList@CCJControlBar@@QAEPAVCImageList@@PAV2@@Z
??0CCJTabCtrlBar@@QAE@XZ
?InstallCoolMenus@CCJMDIFrameWnd@@QAEHPAVCWnd@@I@Z
??1CCJTabCtrlBar@@UAE@XZ
?CalcDynamicLayout@CCJControlBar@@UAE?AVCSize@@HK@Z
?CalcFixedLayout@CCJControlBar@@UAE?AVCSize@@HH@Z
??1CHyperLink@@UAE@XZ
??0CHyperLink@@QAE@XZ
?SetUnderline@CHyperLink@@QAEXH@Z
?SetURL@CHyperLink@@QAEXVCString@@@Z
?classCCJMDIFrameWnd@CCJMDIFrameWnd@@2UCRuntimeClass@@B
?messageMap@CCJMDIFrameWnd@@1UAFX_MSGMAP@@B
?EnableDocking@CCJMDIFrameWnd@@UAEXK@Z
??1CCJMDIFrameWnd@@UAE@XZ
??0CCJMDIFrameWnd@@QAE@XZ
?IsFloating@CCJControlBar@@UAEHXZ
?Create@CCJControlBar@@UAEHPAVCWnd@@IPBDVCSize@@K@Z
ac6654
ord6
ord1
ord2
mfc42
ord1994
ord5192
ord800
ord775
ord860
ord540
ord503
ord1261
ord537
ord5708
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3402
ord4424
ord3639
ord567
ord692
ord2302
ord1168
ord2864
ord3496
ord1920
ord4889
ord4963
ord4960
ord1725
ord784
ord517
ord4262
ord6131
ord6216
ord2109
ord4464
ord2642
ord4299
ord5037
ord4224
ord1842
ord2723
ord2390
ord3059
ord5100
ord5103
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord5252
ord4427
ord674
ord527
ord366
ord794
ord4242
ord5852
ord3481
ord2252
ord640
ord816
ord562
ord323
ord4536
ord4508
ord6130
ord6069
ord3754
ord4694
ord5148
ord1640
ord1175
ord2256
ord5849
ord941
ord939
ord6334
ord2882
ord2881
ord6383
ord3811
ord1979
ord1969
ord5440
ord668
ord1980
ord665
ord603
ord273
ord5186
ord354
ord3185
ord4058
ord2781
ord2770
ord356
ord765
ord6199
ord3092
ord6215
ord2086
ord535
ord2535
ord3706
ord858
ord5782
ord6194
ord2820
ord3175
ord3499
ord355
ord3619
ord4614
ord882
ord4202
ord879
ord4613
ord1200
ord2884
ord5575
ord4033
ord2393
ord922
ord2141
ord434
ord1099
ord4204
ord5442
ord3318
ord551
ord793
ord6877
ord2764
ord5450
ord6394
ord2370
ord2294
ord2362
ord2358
ord2801
ord4129
ord5683
ord940
ord3719
ord4610
ord4615
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord5301
ord6354
ord6352
ord5503
ord2635
ord2558
ord2036
ord986
ord5914
ord876
ord2740
ord4159
ord6117
ord4291
ord1134
ord1205
ord617
ord5214
ord296
ord1199
ord1247
ord2725
ord3181
ord5289
ord1768
ord2004
ord4278
ord5856
ord6929
ord6648
ord5098
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5577
ord3172
ord5653
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord4858
ord5740
ord1746
ord3177
ord4619
ord4420
ord4216
ord4695
ord5197
ord2003
ord5730
ord3948
ord2185
ord2184
ord4214
ord3107
ord5616
ord3444
ord3193
ord4162
ord3353
ord6451
ord3659
ord411
ord709
ord924
ord988
ord1908
ord4715
ord1690
ord2528
ord5288
ord4439
ord2054
ord4431
ord771
ord1008
ord498
ord4259
ord5697
ord5703
ord5692
ord5706
ord3447
ord3196
ord1948
ord5303
ord4699
ord5715
ord817
ord565
ord2726
ord4226
ord4448
ord4671
ord4676
ord5088
ord4362
ord3869
ord2127
ord2391
ord5102
ord5105
ord2880
ord4153
ord2383
ord5284
ord4437
ord4428
ord796
ord686
ord807
ord529
ord384
ord554
ord616
ord6154
ord2530
ord4364
ord4056
ord5471
ord4121
ord2389
ord5234
ord6369
ord5248
ord2444
ord2097
ord5638
ord938
ord3810
ord2092
ord4160
ord6209
ord2494
ord2626
ord5871
ord6067
ord6000
ord2117
ord4163
ord2120
ord4457
ord1232
ord5255
ord4413
ord3797
ord5032
ord6242
ord4468
ord818
ord1949
ord4275
ord5785
ord2754
ord3571
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord2299
ord1907
ord5161
ord5162
ord5160
ord4905
ord4742
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord768
ord489
ord2135
ord4258
ord2688
ord4976
ord2301
ord3610
ord2575
ord4396
ord3574
ord3721
ord795
ord609
ord656
ord2295
ord2364
ord2915
ord5710
ord2455
ord5572
ord4271
ord3287
ord3303
ord5981
ord3742
ord2152
ord2405
ord1858
ord4245
ord5101
ord2101
ord3351
ord976
ord4152
ord2382
ord5283
ord2445
ord401
ord5254
ord4772
ord5104
ord3528
ord6094
ord2784
ord2298
ord4467
ord6197
ord4995
ord3021
ord4337
ord496
ord2289
ord3874
ord3753
ord1942
ord4532
ord5259
ord3399
ord3734
ord303
ord4272
ord3698
ord1105
ord6123
ord1787
ord1006
ord2609
ord6322
ord2395
ord5658
ord5010
ord2490
ord1774
ord6121
ord5242
ord3314
ord3316
ord1911
ord2366
ord2293
ord2438
ord1146
ord1644
ord3654
ord2584
ord4220
ord2859
ord2863
ord6270
ord2753
ord6170
ord5788
ord4297
ord4133
ord470
ord5875
ord755
ord4234
ord2414
ord3663
ord3626
ord324
ord1641
ord641
ord3597
ord4425
ord5261
ord1727
ord3749
ord5280
ord5241
ord1775
ord6052
ord2514
ord4710
ord4998
ord4853
ord4376
ord5265
ord3693
ord289
ord4317
msvcrt
__CxxFrameHandler
_ftol
sprintf
atof
asctime
localtime
time
free
remove
fgetc
fclose
fopen
fprintf
fputs
atoi
isdigit
ceil
floor
fscanf
fwrite
_mbscmp
fread
fseek
fgets
sscanf
malloc
_CIpow
_ecvt
_controlfp
_itoa
_unlink
_ltoa
_ultoa
_strcmpi
_setmbcp
rename
_splitpath
_mkdir
_getcwd
strrchr
realloc
_snprintf
atol
strchr
strtok
memmove
rand
srand
memchr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_vsnprintf
strftime
gmtime
??0exception@@QAE@ABQBD@Z
_errno
_access
strncpy
strstr
_ismbcdigit
_beginthreadex
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
system
kernel32
FindClose
EnterCriticalSection
LeaveCriticalSection
WinExec
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
CreateFileA
GlobalUnlock
GlobalFree
CloseHandle
lstrlenA
GetSystemDirectoryA
ReleaseMutex
Sleep
WriteFile
FindFirstFileA
Beep
LoadLibraryA
GetProcAddress
FreeLibrary
WaitForSingleObject
SetThreadPriority
ResumeThread
lstrcpyA
MulDiv
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CopyFileA
GetSystemDefaultLangID
WideCharToMultiByte
MultiByteToWideChar
MoveFileA
DeviceIoControl
GetSystemTime
CreateThread
HeapFree
HeapAlloc
GetProcessHeap
GetDriveTypeA
ResetEvent
SetLastError
GetModuleHandleA
IsBadWritePtr
IsBadReadPtr
lstrcatA
GetOverlappedResult
OutputDebugStringA
OpenEventA
TerminateThread
GetFileSize
GetStartupInfoA
GetLogicalDriveStringsA
CreateDirectoryA
GetVersionExA
GetLastError
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
lstrcmpA
ExitProcess
GetCurrentDirectoryA
SetFileTime
SystemTimeToFileTime
GetTickCount
CreateEventA
PurgeComm
ReadFile
SetEvent
SetCommTimeouts
SetCommState
GetCommState
FlushFileBuffers
GetModuleHandleW
LocalFree
LocalUnlock
LocalLock
LocalAlloc
MoveFileExA
GetModuleFileNameA
TerminateProcess
user32
GetSystemMetrics
GetWindowRect
UpdateWindow
SendMessageA
LoadMenuA
PeekMessageA
TranslateMessage
DispatchMessageA
FindWindowA
MessageBeep
SetCursor
GetParent
SetCapture
EnableMenuItem
GetClientRect
GetDC
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ReleaseDC
GetSubMenu
ClientToScreen
EnableWindow
ReleaseCapture
DrawFocusRect
ScreenToClient
CheckMenuItem
LoadCursorA
InvalidateRect
EndDialog
CopyRect
SetWindowPos
GetDesktopWindow
DialogBoxIndirectParamA
BringWindowToTop
SetMenu
RedrawWindow
GetCursorPos
PostMessageA
GetMenuItemCount
GetMenuStringA
GetMenuItemID
CreatePopupMenu
InsertMenuA
TrackPopupMenu
DestroyMenu
wsprintfA
GetClipboardData
LoadBitmapA
LockWindowUpdate
OffsetRect
IsWindowVisible
GetClassInfoA
LoadIconA
IsWindow
IsIconic
SetTimer
GetActiveWindow
UnregisterHotKey
ShowWindow
SetForegroundWindow
RegisterHotKey
GetForegroundWindow
MessageBoxA
KillTimer
SetRect
gdi32
CreateMetaFileA
TextOutA
CreateCompatibleBitmap
SelectObject
DeleteObject
CreateFontIndirectA
EndDoc
SetStretchBltMode
EndPage
StretchBlt
DeleteDC
CreatePen
CreateEnhMetaFileA
StartDocA
StartPage
CloseMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
DeleteMetaFile
CreateDCA
GetObjectA
SelectPalette
RealizePalette
GetDIBits
CreateRectRgn
GetTextMetricsA
BitBlt
GetDeviceCaps
CreateCompatibleDC
GetStockObject
comdlg32
PrintDlgA
GetFileTitleA
GetOpenFileNameA
advapi32
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoA
oleaut32
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString
VariantClear
wsock32
WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup
htons
htonl
ntohs
getservbyname
ntohl
ioctlsocket
accept
closesocket
shutdown
getpeername
listen
bind
setsockopt
socket
connect
recvfrom
recv
select
__WSAFDIsSet
sendto
send
msvcp60
??1strstreambuf@std@@UAE@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@XZ
?_Global@_Locimp@locale@std@@0PAV123@A
??1_Lockit@std@@QAE@XZ
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?overflow@strstreambuf@std@@MAEHH@Z
?pbackfail@strstreambuf@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JW4seekdir@ios_base@2@H@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
?ends@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?freeze@strstreambuf@std@@QAEX_N@Z
??1ostrstream@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?setprecision@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?setiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?clear@ios_base@std@@QAEXH_N@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?_Mode@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEHH@Z
?_Init@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXPBDIH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??1?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_ofstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_7?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?_Tidy@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_7ios_base@std@@6B@
?_Init@ios_base@std@@IAEXXZ
??0locale@std@@QAE@XZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??_8?$basic_ofstream@DU?$char_traits@D@std@@@std@@7B@
??_7?$basic_ofstream@DU?$char_traits@D@std@@@std@@6B@
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_8?$basic_ifstream@DU?$char_traits@D@std@@@std@@7B@
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??_7?$basic_ifstream@DU?$char_traits@D@std@@@std@@6B@
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$ctype@D@std@@UAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Id_cnt@id@locale@std@@0HA
?_Getfacet@locale@std@@QBEPBVfacet@12@I_N@Z
?_Iscloc@locale@std@@QBE_NXZ
??_7facet@locale@std@@6B@
??_7ctype_base@std@@6B@
??_7?$ctype@D@std@@6B@
??0_Locinfo@std@@QAE@PBD@Z
_Getctype
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADHD@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IABV12@II@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1istrstream@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADHD@Z
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?_Cltab@?$ctype@D@std@@0PBFB
?_Term@?$ctype@D@std@@KAXXZ
??1_Locinfo@std@@QAE@XZ
??_7bad_cast@std@@6B@
??1ctype_base@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
?do_tolower@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_tolower@?$ctype@D@std@@MBEDD@Z
?do_toupper@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_toupper@?$ctype@D@std@@MBEDD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
netapi32
Netbios
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 224KB - Virtual size: 375KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_BSS Size: 4KB - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 952KB - Virtual size: 950KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 200KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ