FormatExtFs
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
55e29b4e856c308cd65ff473d6c2094f260a5d7fe7e1e59d4cb455275c69082d.exe
Resource
win7-20231020-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
55e29b4e856c308cd65ff473d6c2094f260a5d7fe7e1e59d4cb455275c69082d.exe
Resource
win10v2004-20231023-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
55e29b4e856c308cd65ff473d6c2094f260a5d7fe7e1e59d4cb455275c69082d
-
Size
14.5MB
-
MD5
c75595a0fbdd97e2d4d4d1f30ffd8c41
-
SHA1
858d9fa3ebddf0cb8c401754678a1ef5c8ea0b7d
-
SHA256
55e29b4e856c308cd65ff473d6c2094f260a5d7fe7e1e59d4cb455275c69082d
-
SHA512
240b6d6ebdb5d1946302437776eb1d1459555cbd262a3673f158f8877526a75c362bf751737eb5a07cd0b854cca5810a2d9d20cadeeceb5fc48f4bc14335d081
-
SSDEEP
98304:1/ei5HQcKAxj02dWM92Uuh0n8XqLIFwQjbbF3tfy0tP/VWBF/R/L:dei5wjWjf592URnUD5XBtfy0R/KJdL
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 55e29b4e856c308cd65ff473d6c2094f260a5d7fe7e1e59d4cb455275c69082d
Files
-
55e29b4e856c308cd65ff473d6c2094f260a5d7fe7e1e59d4cb455275c69082d.exe windows:4 windows x86 arch:x86
bd6db0315521dd10f21e8c48f501124b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
wcstoul
vsprintf
strncmp
memset
ZwClose
_chkstk
_alldiv
memcpy
ZwQueryVolumeInformationFile
_allmul
NtLoadDriver
NtUnloadDriver
ZwQuerySymbolicLinkObject
ZwOpenSymbolicLinkObject
ZwQueryDirectoryObject
ZwOpenDirectoryObject
_allrem
_aulldiv
wcsncmp
_aullrem
RtlNtStatusToDosError
ZwSetInformationFile
ZwOpenFile
_strlwr
ZwUnloadKey
_allshl
strrchr
atoi
wcsrchr
sprintf
mbstowcs
wcsstr
_wcsupr
strstr
wcschr
ZwCreateFile
RtlInitUnicodeString
sscanf
wcstombs
_wtoi
_wcsicmp
NtQueryInformationFile
NtQuerySystemTime
NtReadFile
NtWriteFile
NtDeviceIoControlFile
NtFsControlFile
NtCreateFile
RtlAnsiStringToUnicodeString
NtClose
RtlTimeToSecondsSince1970
_stricmp
_strnicmp
strncpy
strchr
_wtoi64
_wcslwr
_vsnprintf
wcsncpy
_itow
_wcsnicmp
scanpartition
DeletePartList
SearchCancel
SearchLosePartition
GetDiskCurPartList
InitDiskList
DeleteDiskList
pe
GetPOLoigcObject
ClsWinrePath
IsSupportMakePE
GetObjGAHelp
GetObjGATrackingData
GetUSBBootLogicObj
wimmgr
Del_File
GetToolNeedSpace
PackToolToRecovery
ssdsecurityerase
ord1
exfat
ord2
upgradeshow
PAGetGlobalDataObject
PAShowRegisterDlg
diskinfo
CreateDiskInfo
libcrypto-1_1
ERR_error_string
ERR_get_error
libssl-1_1
SSL_get_error
SSL_connect
SSL_set_fd
SSL_write
SSL_read
SSL_shutdown
SSL_free
SSL_CTX_free
OPENSSL_init_ssl
SSL_new
TLS_client_method
SSL_CTX_new
sysclear
createObjSysClear
regclear
createObjRegClear
scanmft
createObjScanMFT
mfc80u
ord900
ord2936
ord1605
ord3902
ord1604
ord1603
ord1941
ord2049
ord3903
ord5943
ord3900
ord3108
ord5940
ord5567
ord3393
ord2712
ord4108
ord4111
ord6062
ord3754
ord2647
ord5798
ord4118
ord6060
ord6085
ord3982
ord2154
ord5827
ord5828
ord2137
ord1303
ord1311
ord5311
ord6715
ord1718
ord6716
ord5609
ord454
ord686
ord4451
ord1600
ord6726
ord5156
ord5137
ord6099
ord1619
ord1620
ord3913
ord765
ord2648
ord502
ord3281
ord5637
ord4117
ord3995
ord3198
ord4026
ord777
ord3990
ord5558
ord5524
ord266
ord265
ord2361
ord3678
ord3395
ord3570
ord6161
ord4078
ord6061
ord3983
ord860
ord1178
ord6133
ord6140
ord1270
ord1476
ord1957
ord1182
ord347
ord602
ord1176
ord3155
ord5638
ord6033
ord5723
ord1058
ord385
ord630
ord2012
ord3082
ord4010
ord6089
ord2076
ord3156
ord2364
ord1555
ord2981
ord3877
ord3322
ord6751
ord754
ord416
ord651
ord6749
ord3590
ord2261
ord1634
ord1572
ord3286
ord715
ord5884
ord326
ord5636
ord5633
ord1975
ord2632
ord3434
ord350
ord604
ord2709
ord4573
ord1609
ord4120
ord1355
ord4193
ord3634
ord4664
ord4357
ord3930
ord6075
ord2793
ord6083
ord3785
ord6253
ord2139
ord4361
ord4494
ord5511
ord6147
ord3058
ord2674
ord2723
ord6157
ord2257
ord1384
ord985
ord5388
ord3706
ord3698
ord2812
ord3894
ord2313
ord3070
ord5973
ord4921
ord4259
ord4271
ord5201
ord1297
ord2164
ord5144
ord3939
ord2136
ord4013
ord2418
ord2419
ord2986
ord5352
ord940
ord4898
ord2933
ord4129
ord1039
ord4303
ord578
ord5006
ord5003
ord2609
ord304
ord1904
ord2237
ord310
ord3201
ord5161
ord1548
ord2932
ord635
ord5855
ord2135
ord2463
ord1994
ord395
ord3150
ord5965
ord736
ord1637
ord1579
ord3306
ord3922
ord5378
ord6215
ord5096
ord6282
ord1007
ord2239
ord1172
ord3800
ord5316
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4461
ord4032
ord4463
ord3677
ord3249
ord547
ord566
ord956
ord757
ord334
ord593
ord5113
ord5221
ord1096
ord3824
ord1121
ord4025
ord6293
ord5327
ord3176
ord421
ord655
ord3327
ord5105
ord1434
ord2832
ord384
ord5562
ord629
ord5209
ord5083
ord5226
ord6284
ord4562
ord1430
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord1913
ord3639
ord4733
ord4846
ord4251
ord5491
ord2736
ord368
ord5408
ord616
ord1370
ord5588
ord5152
ord4699
ord2042
ord2007
ord6234
ord2615
ord4475
ord4560
ord4258
ord4476
ord6039
ord5930
ord2762
ord3444
ord3034
ord4216
ord1352
ord5147
ord4855
ord4858
ord3585
ord4771
ord4585
ord4175
ord4166
ord3676
ord565
ord756
ord5170
ord567
ord758
ord4743
ord3914
ord1403
ord4882
ord2362
ord1719
ord4686
ord2151
ord563
ord1006
ord3417
ord4109
ord6058
ord3174
ord5715
ord5917
ord5397
ord5410
ord5584
ord5519
ord5643
ord6053
ord4155
ord6050
ord5604
ord6056
ord5607
ord2521
ord3875
ord1396
ord5485
ord1765
ord2876
ord3873
ord5869
ord5742
ord2788
ord3869
ord2083
ord4232
ord2952
ord3224
ord2867
ord2489
ord658
ord2877
ord1921
ord2656
ord287
ord2460
ord5398
ord6002
ord5711
ord2132
ord3596
ord3627
ord6077
ord2066
ord1953
ord5157
ord5198
ord6265
ord5141
ord1343
ord2030
ord2072
ord1903
ord3981
ord5351
ord3923
ord4190
ord6010
ord1920
ord3631
ord3500
ord2784
ord1416
ord2068
ord2268
ord3289
ord6001
ord1156
ord3857
ord3103
ord6301
ord4290
ord5710
ord3946
ord3079
ord3499
ord4902
ord530
ord722
ord1334
ord5058
ord5493
ord3426
ord336
ord595
ord3561
ord544
ord732
ord4754
ord3666
ord4300
ord5984
ord6087
ord5616
ord4929
ord3331
ord3415
ord5909
ord1338
ord4980
ord1543
ord3436
ord357
ord606
ord753
ord3636
ord4275
ord4715
ord1581
ord1727
ord1735
ord5357
ord4600
ord3569
ord1725
ord1937
ord6100
ord552
ord6098
ord740
ord1927
ord1912
ord2423
ord3668
ord5700
ord1358
ord944
ord2008
ord2043
ord4930
ord4391
ord2044
ord4632
ord4658
ord3791
ord2826
ord2791
ord6142
ord6138
ord2067
ord6006
ord6104
ord6106
ord3296
ord3571
ord553
ord742
ord3669
ord3073
ord5168
ord4235
ord1341
ord4984
ord1344
ord4191
ord1583
ord1639
ord2087
ord4237
ord3577
ord1585
ord1641
ord2089
ord748
ord3670
ord3471
ord3644
ord6115
ord3448
ord5673
ord1087
ord1946
ord3227
ord423
ord4057
ord2254
ord862
ord965
ord5462
ord2368
ord1000
ord3503
ord660
ord5477
ord723
msvcr80
strcpy_s
swscanf
_beginthreadex
??0exception@std@@QAE@ABQBD@Z
wcscat_s
memcpy_s
swprintf_s
_vswprintf
memmove_s
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
_swprintf
_CIcos
strcat_s
fopen_s
fread
fclose
fopen
wprintf
_wtof
_resetstkoflw
malloc
rand
free
_time64
_localtime64_s
swscanf_s
wcscpy_s
printf
srand
rename
_vsnwprintf
_wfdopen
__iob_func
_open_osfhandle
_wfreopen
setlocale
system
_mktime64
exit
_purecall
calloc
fgets
feof
realloc
_vswprintf_c_l
_localtime64
_endthread
__CxxFrameHandler3
wcsncpy_s
_CxxThrowException
isdigit
memmove
qsort
ceil
fprintf
fflush
_endthreadex
memcmp
_isatty
_fileno
fputs
fputc
wcslen
fgetc
wcscpy
sin
cos
_beginthread
_msize
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_crt_debugger_hook
sprintf_s
_CIsin
kernel32
GlobalDeleteAtom
GlobalAddAtomW
DefineDosDeviceW
GetCurrentThread
GetSystemDirectoryW
IsBadWritePtr
CreateFileA
OutputDebugStringA
GetSystemWow64DirectoryW
FlushFileBuffers
QueryDosDeviceW
LocalAlloc
CreateMutexW
GetVersion
LocalFree
FormatMessageW
FindNextFileW
SetFileTime
FreeEnvironmentStringsW
SystemTimeToFileTime
GetEnvironmentStringsW
RemoveDirectoryW
SetFileAttributesW
MoveFileW
GetDiskFreeSpaceW
GetFileSizeEx
SetFileAttributesA
SetThreadExecutionState
LockResource
GetThreadContext
GetLocalTime
CopyFileA
GetConsoleWindow
SetConsoleTitleW
FreeConsole
GetStdHandle
AttachConsole
ReleaseMutex
CreateThread
GetPrivateProfileStringW
GetPrivateProfileIntA
GetPrivateProfileIntW
GetDriveTypeW
GlobalFindAtomW
OpenProcess
Process32NextW
CopyFileW
Process32FirstW
GetWindowsDirectoryW
CreateToolhelp32Snapshot
WritePrivateProfileStringW
MulDiv
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
GetSystemDefaultLangID
GetSystemTime
SetFilePointer
ReadFile
GetFileSize
lstrlenW
GlobalFree
ResumeThread
SuspendThread
LoadResource
SizeofResource
FindResourceW
GetCurrentProcess
GetCurrentThreadId
SetUnhandledExceptionFilter
LoadLibraryW
SetLastError
GetTickCount
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetVolumeInformationW
GetDiskFreeSpaceExW
GlobalUnlock
GetVolumeNameForVolumeMountPointW
GlobalLock
GlobalAlloc
TerminateProcess
WriteFile
CreateProcessW
VirtualFree
VirtualAlloc
GetCurrentProcessId
SetEndOfFile
SetFilePointerEx
CreateDirectoryW
GetProcAddress
GetModuleHandleW
FreeLibrary
LoadLibraryA
Sleep
GetVersionExW
FindClose
FindFirstFileW
GetLogicalDrives
WideCharToMultiByte
MultiByteToWideChar
GetExitCodeThread
TerminateThread
GetLastError
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
DeleteFileA
GetFileAttributesA
CreateFileW
DeviceIoControl
GetSystemPowerStatus
GetFileAttributesW
DeleteFileW
GetSystemWindowsDirectoryW
CloseHandle
GetModuleFileNameW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
CreateEventA
GetTimeZoneInformation
DeleteCriticalSection
QueryPerformanceCounter
LoadLibraryExA
AreFileApisANSI
OpenFileMappingA
OpenEventA
GetLogicalDriveStringsW
lstrlenA
FormatMessageA
MoveFileA
GetFullPathNameA
GetTempPathA
GetTempPathW
GetFullPathNameW
MoveFileExW
UnlockFileEx
GetDiskFreeSpaceA
TryEnterCriticalSection
GetProcessHeap
GetSystemTimeAsFileTime
HeapAlloc
HeapSize
LockFileEx
HeapFree
HeapDestroy
InterlockedCompareExchange
HeapReAlloc
HeapCreate
UnlockFile
HeapValidate
CreateFileMappingA
LockFile
HeapCompact
WaitForSingleObjectEx
CreateFileMappingW
InterlockedDecrement
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
OutputDebugStringW
lstrcpyW
WinExec
CreateEventW
SetEvent
GetSystemInfo
GetVersionExA
IsBadReadPtr
GetDriveTypeA
FindFirstFileA
FindNextFileA
CreateDirectoryA
RemoveDirectoryA
AllocConsole
WriteConsoleW
CreatePipe
DuplicateHandle
GetWindowsDirectoryA
GetCurrentDirectoryW
GetFileAttributesExW
SetVolumeMountPointW
DeleteVolumeMountPointW
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
OpenEventW
OpenFileMappingW
SetHandleInformation
SetVolumeLabelW
RaiseException
GetACP
GetLocaleInfoA
GetThreadLocale
GetSystemWindowsDirectoryA
ResetEvent
user32
SetCapture
IsRectEmpty
EndDeferWindowPos
GetWindow
BeginDeferWindowPos
SystemParametersInfoW
GetSysColorBrush
InflateRect
GetSysColor
IsChild
GetKeyState
SetWindowsHookExW
CallNextHookEx
EndDialog
UnhookWindowsHookEx
SetDlgItemTextW
ExitWindowsEx
SetPropW
GetPropW
RemovePropW
SetForegroundWindow
FrameRect
GetFocus
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
UpdateWindow
ChangeDisplaySettingsW
EnumDisplaySettingsW
DispatchMessageW
TranslateMessage
PeekMessageW
PtInRect
GetSubMenu
DrawMenuBar
FindWindowW
GetMenuItemCount
CreatePopupMenu
EnableMenuItem
GetActiveWindow
IsWindow
IsZoomed
DeleteMenu
IsIconic
IsWindowVisible
wsprintfW
LoadImageW
FindWindowExW
CopyRect
MessageBeep
FillRect
LoadBitmapW
GetDC
GetWindowDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
WaitForInputIdle
GetWindowLongW
ShowWindow
MessageBoxW
AppendMenuW
RedrawWindow
GetClassNameW
GetMenuItemID
DestroyIcon
InsertMenuW
ModifyMenuW
GetIconInfo
IsMenu
SetMenuInfo
GetMenuItemRect
LoadMenuW
GetMenuItemInfoW
GetMenuState
SetWindowPos
GetMessagePos
CallWindowProcW
SetWindowLongW
LoadCursorW
SetCursor
InvalidateRect
DrawEdge
DrawFocusRect
SetRect
GetMenuInfo
WindowFromDC
GetMenuDefaultItem
WindowFromPoint
SetWindowRgn
GetAsyncKeyState
CharLowerW
CopyIcon
UnregisterClassA
DestroyCursor
GetDlgItem
GetDlgItemTextA
GetCapture
CharPrevA
CharUpperA
CharUpperW
CharNextA
IsWindowEnabled
CreateWindowExW
RegisterClassW
ShowScrollBar
PostMessageW
GetSystemMenu
DestroyMenu
GetCursorPos
GetMenu
GetParent
DrawIconEx
LoadIconW
MoveWindow
ScreenToClient
GetClientRect
KillTimer
EnableWindow
GetDesktopWindow
GetWindowRect
GetSystemMetrics
SetTimer
SendMessageW
SetParent
CreateDialogParamW
ReleaseCapture
ClientToScreen
OffsetRect
GetDCEx
DrawStateW
IntersectRect
GetWindowTextW
GetMessageW
DefWindowProcW
TrackMouseEvent
GetDlgCtrlID
SetScrollInfo
GetScrollInfo
IsDlgButtonChecked
SetMenu
gdi32
ExcludeClipRect
GetGlyphOutlineW
LineTo
MoveToEx
GetTextMetricsW
SetTextJustification
GetCurrentObject
FrameRgn
CreatePolygonRgn
CreateRoundRectRgn
Arc
Pie
StrokeAndFillPath
EndPath
BeginPath
SelectClipRgn
SetBrushOrgEx
GetNearestColor
UnrealizeObject
RoundRect
SetPixel
CreateRectRgnIndirect
FillRgn
CombineRgn
CreateRectRgn
GetPixel
PatBlt
EnumFontFamiliesW
RectVisible
PtVisible
Escape
TextOutW
CreateFontIndirectW
CreateDCW
GetStockObject
SetTextColor
StretchBlt
CreateBitmap
CreateCompatibleBitmap
GetTextColor
Rectangle
CreatePen
GetMapMode
DPtoLP
SetDIBColorTable
ExtTextOutW
SetBkColor
BitBlt
CreateSolidBrush
CreateFontW
GetTextExtentPoint32W
CreateCompatibleDC
GetBkColor
DeleteDC
CreateDIBSection
DeleteObject
GetObjectW
SelectObject
GetDeviceCaps
SetBkMode
CreatePatternBrush
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegSaveKeyW
SetSecurityInfo
RegCloseKey
RegQueryValueExW
GetNamedSecurityInfoW
RegLoadKeyW
RegUnLoadKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
EnumServicesStatusW
QueryServiceConfigW
ControlService
RegFlushKey
RegDeleteValueW
RegSetKeySecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegGetKeySecurity
RegDeleteKeyW
RegQueryValueW
GetTokenInformation
FreeSid
OpenProcessToken
OpenThreadToken
AllocateAndInitializeSid
RegQueryValueExA
RegOpenKeyA
AdjustTokenPrivileges
StartServiceW
LookupPrivilegeValueW
QueryServiceStatus
OpenServiceW
CloseServiceHandle
OpenSCManagerW
EqualSid
SetEntriesInAclW
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
ConvertStringSidToSidW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExA
RegSetValueExW
RegOpenKeyExW
shell32
ShellExecuteW
SHGetFileInfoW
ShellExecuteA
SHGetSpecialFolderPathW
DragAcceptFiles
CommandLineToArgvW
SHAppBarMessage
ExtractIconW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
DragQueryFileW
comctl32
ImageList_GetIconSize
InitCommonControlsEx
_TrackMouseEvent
shlwapi
PathFileExistsW
PathFindFileNameW
StrStrIW
PathAppendW
PathFindExtensionW
ole32
CoSetProxyBlanket
CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
CoInitializeSecurity
oleaut32
VariantInit
VariantCopy
SysFreeString
VariantClear
SysStringByteLen
SysStringLen
SysAllocString
urlmon
URLDownloadToFileA
msvcp80
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@0@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBD@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
gdiplus
GdipBitmapLockBits
GdipCloneImage
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipGetImageWidth
GdipSaveImageToFile
GdipCreateBitmapFromStream
GdipDrawImageI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipBitmapUnlockBits
GdipFree
GdipLoadImageFromStreamICM
GdipDrawImageRectRect
GdipReleaseDC
GdipGetImageHeight
ws2_32
WSACleanup
bind
inet_addr
connect
listen
accept
closesocket
WSAStartup
WSAGetLastError
socket
send
recv
htons
gethostbyname
wininet
DeleteUrlCacheEntryA
netapi32
NetUserEnum
mpr
WNetGetUniversalNameW
rpcrt4
UuidCreate
psapi
GetProcessImageFileNameW
Exports
Exports
Sections
.text Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1024KB - Virtual size: 1022KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 136KB - Virtual size: 33.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9.9MB - Virtual size: 9.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE