General

Malware Config

Signatures

Files

• NOTIFICACION_PROCESO_FISCAL.zip

  .zip
• #6 NOTIFICACION PROCESO FISCAL..exe

  .exe windows:4 windows x86 arch:x86

  013b5b8276709c2ecd2887fac380e33f

  
  

  Code Sign

  38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5

  Certificate

  Issuer

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Not Before

  15-06-2007 00:00

  Not After

  14-06-2012 23:59

  Subject

  CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  04-12-2003 00:00

  Not After

  03-12-2013 23:59

  Subject

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  16-07-2004 00:00

  Not After

  15-07-2014 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2b:22:25:2b:47:8a:1a:91:a8:bc:2b:8b:7f:2d:96:ea

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Not Before

  09-05-2007 00:00

  Not After

  08-06-2010 23:59

  Subject

  CN=ESET\, spol. s r.o.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ESET\, spol. s r.o.,L=Bratislava,ST=Slovakia,C=SK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  61:0c:12:06:00:00:00:00:00:1b

  Certificate

  Issuer

  CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-05-2006 17:01

  Not After

  23-05-2016 17:11

  Subject

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  bd:c5:f1:2a:bd:88:01:24:6a:d9:4c:c0:d1:2c:ea:eb:8f:20:1a:14

  Signer

  Actual PE Digest

  bd:c5:f1:2a:bd:88:01:24:6a:d9:4c:c0:d1:2c:ea:eb:8f:20:1a:14

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  IsDebuggerPresent

  QueryPerformanceCounter

  GetTickCount

  GetCurrentThreadId

  GetCurrentProcessId

  GetModuleFileNameW

  Sleep

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  GetCommandLineW

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  GetStartupInfoW

  InterlockedCompareExchange

  InterlockedExchange

  GetSystemTimeAsFileTime

  user32

  CreateWindowExW

  RegisterClassExW

  DefWindowProcW

  DestroyWindow

  advapi32

  OpenSCManagerW

  RegQueryValueExW

  DeleteService

  OpenServiceW

  RegCloseKey

  RegCreateKeyExW

  RegSetValueExW

  RegisterServiceCtrlHandlerW

  SetServiceStatus

  StartServiceCtrlDispatcherW

  CreateServiceW

  CloseServiceHandle

  RegOpenKeyExW

  msvcr80

  wcscpy_s

  wcsncpy_s

  wcscat_s

  wcsrchr

  _unlock

  __dllonexit

  _encode_pointer

  _lock

  _onexit

  _decode_pointer

  _amsg_exit

  __wgetmainargs

  _cexit

  _exit

  _XcptFilter

  exit

  _wcmdln

  _initterm

  _initterm_e

  _configthreadlocale

  __setusermatherr

  _adjust_fdiv

  __p__commode

  __p__fmode

  __set_app_type

  _crt_debugger_hook

  ?terminate@@YAXXZ

  ?_type_info_dtor_internal_method@type_info@@QAEXXZ

  _except_handler4_common

  _invoke_watson

  _controlfp_s

  vswprintf_s

  ??3@YAXPAX@Z

  wcsstr

  Sections

  .text

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• Microsoft.VC80.CRT.manifest
• Microsoft.VC80.MFC.manifest
• Microsoft.VC80.MFCLOC.manifest

  .xml
• http_dll.dll

  .dll windows:4 windows x86 arch:x86

  e741cd0919fe3a9d075f43a89ce7cb10

  
  

  Code Sign

  38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5

  Certificate

  Issuer

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Not Before

  15-06-2007 00:00

  Not After

  14-06-2012 23:59

  Subject

  CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4

  Certificate

  Issuer

  CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

  Not Before

  04-12-2003 00:00

  Not After

  03-12-2013 23:59

  Subject

  CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2

  Certificate

  Issuer

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Not Before

  16-07-2004 00:00

  Not After

  15-07-2014 23:59

  Subject

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageClientAuth

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  2b:22:25:2b:47:8a:1a:91:a8:bc:2b:8b:7f:2d:96:ea

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

  Not Before

  09-05-2007 00:00

  Not After

  08-06-2010 23:59

  Subject

  CN=ESET\, spol. s r.o.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ESET\, spol. s r.o.,L=Bratislava,ST=Slovakia,C=SK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  61:0c:12:06:00:00:00:00:00:1b

  Certificate

  Issuer

  CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-05-2006 17:01

  Not After

  23-05-2016 17:11

  Subject

  OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  8c:88:2d:b2:c5:9b:57:c1:49:22:5f:ab:b2:90:cd:c3:07:1f:3e:90

  Signer

  Actual PE Digest

  8c:88:2d:b2:c5:9b:57:c1:49:22:5f:ab:b2:90:cd:c3:07:1f:3e:90

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  mpr

  WNetGetUserW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  crypt32

  CertFindCertificateInStore

  CertGetNameStringW

  mfc80u

  ord3221

  ord2077

  ord656

  ord1536

  ord4226

  ord2651

  ord3158

  ord2155

  ord6161

  ord3756

  ord591

  ord1922

  ord1474

  ord4092

  ord2080

  ord1538

  ord4228

  ord3165

  ord977

  ord1555

  ord3946

  ord6751

  ord283

  ord6749

  ord2161

  ord2421

  ord1921

  ord4266

  ord2366

  ord1512

  ord4274

  ord4112

  ord1573

  ord4119

  ord1545

  ord3547

  ord4313

  ord6744

  ord2310

  ord3546

  ord516

  ord718

  ord1388

  ord6262

  ord1924

  ord1475

  ord4093

  ord2082

  ord1561

  ord4231

  ord3223

  ord5207

  ord657

  ord4714

  ord2011

  ord4730

  ord4207

  ord4184

  ord4838

  ord4861

  ord4611

  ord4791

  ord5064

  ord5066

  ord5065

  ord2012

  ord1883

  ord3082

  ord6232

  ord2461

  ord385

  ord630

  ord563

  ord753

  ord359

  ord607

  ord3998

  ord2648

  ord1005

  ord2942

  ord356

  ord354

  ord5832

  ord3828

  ord721

  ord524

  ord526

  ord3064

  ord3126

  ord2027

  ord1318

  ord3288

  ord1958

  ord4577

  ord1006

  ord5208

  ord2422

  ord3399

  ord4948

  ord3662

  ord3327

  ord4475

  ord2832

  ord5562

  ord5209

  ord5226

  ord4562

  ord3942

  ord5222

  ord5220

  ord2925

  ord1911

  ord3826

  ord5378

  ord6215

  ord5096

  ord1007

  ord3800

  ord5579

  ord2009

  ord2054

  ord4320

  ord6274

  ord6272

  ord4008

  ord4032

  ord566

  ord757

  ord3824

  ord3677

  ord314

  ord6061

  ord4109

  ord2521

  ord2426

  ord5884

  ord5723

  ord6058

  ord2468

  ord5398

  ord280

  ord4755

  ord330

  ord589

  ord6140

  ord5829

  ord4094

  ord2085

  ord3238

  ord1946

  ord1274

  ord1053

  ord3869

  ord3395

  ord1058

  ord2365

  ord4882

  ord1220

  ord3990

  ord4100

  ord6160

  ord3983

  ord5524

  ord2261

  ord2340

  ord5484

  ord1571

  ord1416

  ord2151

  ord5711

  ord6033

  ord2260

  ord3396

  ord2121

  ord2579

  ord3674

  ord261

  ord3322

  ord2981

  ord3793

  ord2870

  ord754

  ord1578

  ord3301

  ord1589

  ord6115

  ord6053

  ord731

  ord3342

  ord2878

  ord2861

  ord5864

  ord5981

  ord4558

  ord3985

  ord2872

  ord2490

  ord5747

  ord3877

  ord1021

  ord1784

  ord6700

  ord282

  ord1479

  ord2460

  ord1906

  ord5558

  ord384

  ord629

  ord2740

  ord1236

  ord2713

  ord4101

  ord2282

  ord3400

  ord5414

  ord860

  ord1781

  ord2860

  ord5742

  ord2489

  ord5862

  ord1864

  ord1866

  ord1637

  ord1579

  ord3306

  ord736

  ord5803

  ord5965

  ord5982

  ord5851

  ord530

  ord4098

  ord6001

  ord5710

  ord3435

  ord3287

  ord3661

  ord4074

  ord5983

  ord1368

  ord6251

  ord5699

  ord3752

  ord5698

  ord4743

  ord765

  ord315

  ord1033

  ord1087

  ord1197

  ord1199

  ord1093

  ord371

  ord1908

  ord1162

  ord1115

  ord1192

  ord1168

  ord1170

  ord1200

  ord581

  ord1559

  ord1630

  ord741

  ord3311

  ord4234

  ord1582

  ord2086

  ord587

  ord2255

  ord5633

  ord3155

  ord709

  ord501

  ord416

  ord2297

  ord642

  ord1957

  ord5519

  ord3995

  ord4117

  ord5637

  ord2081

  ord3873

  ord774

  ord3281

  ord502

  ord6116

  ord326

  ord5635

  ord1628

  ord1549

  ord2876

  ord4230

  ord3208

  ord5584

  ord1270

  ord3483

  ord602

  ord347

  ord2364

  ord1556

  ord2250

  ord1476

  ord651

  ord3296

  ord5727

  ord3331

  ord3157

  ord3678

  ord745

  ord557

  ord5867

  ord2361

  ord2083

  ord4232

  ord3224

  ord3645

  ord658

  ord2952

  ord1472

  ord5178

  ord5171

  ord4206

  ord1647

  ord1894

  ord4026

  ord4729

  ord1646

  ord4884

  ord1590

  ord4255

  ord5196

  ord1079

  ord2985

  ord1662

  ord2531

  ord4347

  ord5210

  ord1661

  ord2725

  ord1925

  ord1393

  ord1542

  ord2829

  ord5911

  ord4301

  ord6721

  ord2708

  ord1271

  ord6720

  ord2856

  ord5908

  ord2534

  ord1611

  ord2640

  ord1608

  ord2527

  ord3940

  ord3712

  ord1392

  ord3713

  ord6063

  ord4238

  ord3703

  ord5148

  ord2638

  ord1899

  ord3943

  ord5067

  ord4480

  ord2788

  ord6271

  ord4256

  ord2362

  ord4179

  ord5199

  ord3176

  ord1562

  ord5609

  ord3397

  ord4716

  ord4276

  ord2311

  ord3198

  ord1591

  ord777

  ord5956

  ord6086

  ord5231

  ord4574

  ord5229

  ord920

  ord925

  ord929

  ord5869

  ord927

  ord3635

  ord931

  ord776

  ord1785

  ord2384

  ord3204

  ord2404

  ord2388

  ord605

  ord2394

  ord577

  ord2392

  ord896

  ord2390

  ord620

  ord2407

  ord293

  ord2402

  ord899

  ord2386

  ord572

  ord2409

  ord760

  ord2397

  ord900

  ord2379

  ord2381

  ord2399

  ord2169

  ord1118

  ord2163

  ord1513

  ord6273

  ord4314

  ord3796

  ord1955

  ord6275

  ord3339

  ord4961

  ord1353

  ord3189

  ord3249

  ord5327

  ord6293

  ord1178

  ord265

  ord266

  ord5316

  ord1172

  ord6282

  ord1176

  ord762

  ord764

  ord5638

  ord722

  msvcr80

  memset

  memcpy

  wcschr

  free

  malloc

  _wcsicmp

  realloc

  _stricmp

  _wcsnicmp

  towupper

  memmove

  _snwprintf_s

  swscanf_s

  wcscpy_s

  wcsncpy_s

  strcat_s

  wcscspn

  wcscat_s

  _vsnprintf_s

  strchr

  memmove_s

  memcpy_s

  strncmp

  wcsstr

  wcsncmp

  strcpy_s

  strncpy_s

  _wtol

  wcstoul

  calloc

  strtoul

  wcsrchr

  sprintf_s

  _purecall

  wcspbrk

  qsort

  bsearch

  vswprintf_s

  swprintf_s

  _wcsupr_s

  _wcsdup

  _wtoi

  _wcslwr_s

  _time32

  _itow_s

  __CxxFrameHandler3

  _unlock

  __dllonexit

  _encode_pointer

  _lock

  _onexit

  _decode_pointer

  ?terminate@@YAXXZ

  _malloc_crt

  _encoded_null

  _initterm

  _initterm_e

  _amsg_exit

  _adjust_fdiv

  __CppXcptFilter

  __clean_type_info_names_internal

  _except_handler4_common

  _crt_debugger_hook

  ?_type_info_dtor_internal_method@type_info@@QAEXXZ

  kernel32

  Sleep

  LockResource

  LoadResource

  SizeofResource

  FindResourceW

  GetDateFormatW

  GlobalHandle

  SetEvent

  ResetEvent

  CreateEventW

  InterlockedDecrement

  InterlockedIncrement

  GetModuleFileNameW

  WriteFile

  CreateFileW

  GetCurrentProcessId

  CloseHandle

  GetCurrentProcess

  GetCurrentThread

  GetVersionExW

  lstrcpynA

  lstrlenA

  GetLastError

  AreFileApisANSI

  GetFullPathNameA

  GetFileAttributesA

  lstrcpynW

  lstrlenW

  SetLastError

  GetFullPathNameW

  GetFileAttributesW

  GetModuleHandleW

  GetProcAddress

  LoadLibraryW

  FreeLibrary

  MultiByteToWideChar

  WideCharToMultiByte

  FileTimeToSystemTime

  ReadFile

  SetEndOfFile

  SetFilePointer

  GetFileSize

  GetShortPathNameW

  GetFileInformationByHandle

  GetSystemTimeAsFileTime

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  ExpandEnvironmentStringsW

  GetDriveTypeW

  QueryDosDeviceW

  LocalFree

  LocalAlloc

  OpenProcess

  LoadLibraryExW

  GetEnvironmentVariableW

  GetSystemDirectoryA

  LoadLibraryA

  GlobalAlloc

  GlobalFree

  InterlockedExchange

  InterlockedCompareExchange

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetACP

  GetLocaleInfoA

  GetThreadLocale

  GetVersionExA

  GetTickCount

  GetCurrentThreadId

  QueryPerformanceCounter

  user32

  LoadAcceleratorsW

  LoadIconW

  CheckMenuItem

  DeleteMenu

  MessageBoxW

  MsgWaitForMultipleObjects

  LoadImageW

  PeekMessageW

  GetScrollPos

  ClientToScreen

  GetKeyState

  DrawFrameControl

  DispatchMessageW

  TranslateMessage

  SetCursor

  GetCursorPos

  GetFocus

  DestroyAcceleratorTable

  RemoveMenu

  IsWindowVisible

  ReleaseCapture

  DestroyCursor

  SetCapture

  SetRectEmpty

  LoadCursorW

  GetWindowLongW

  DrawFocusRect

  SetMenuDefaultItem

  GetSubMenu

  LoadMenuW

  GetSystemMetrics

  AppendMenuW

  CreatePopupMenu

  EnableMenuItem

  PtInRect

  InflateRect

  SetRect

  PostMessageW

  IsWindow

  TranslateAcceleratorW

  BeginDeferWindowPos

  DeferWindowPos

  GetAsyncKeyState

  EndDeferWindowPos

  GetSysColorBrush

  GetWindowRect

  EnableWindow

  SystemParametersInfoW

  AdjustWindowRect

  LockWindowUpdate

  ScreenToClient

  wsprintfW

  SendMessageW

  UpdateWindow

  GetDC

  FillRect

  ReleaseDC

  InvalidateRect

  CopyRect

  DrawTextW

  GetClientRect

  GetParent

  DestroyIcon

  GetNextDlgTabItem

  SetForegroundWindow

  GetSysColor

  gdi32

  DeleteDC

  CreateDIBitmap

  GetTextColor

  GetTextExtentPoint32W

  SelectObject

  SetTextColor

  DeleteObject

  SetPixel

  DPtoLP

  GetBkColor

  GetMapMode

  LPtoDP

  BitBlt

  CreateCompatibleBitmap

  CreateCompatibleDC

  GetTextMetricsW

  CreateSolidBrush

  CreateRectRgnIndirect

  GetCurrentObject

  CreateFontIndirectW

  GetObjectW

  advapi32

  RegDeleteKeyW

  OpenThreadToken

  OpenProcessToken

  LookupAccountSidW

  RegEnumKeyW

  RegSetValueExW

  RegQueryValueExW

  RegCloseKey

  RegCreateKeyExW

  RegOpenKeyExW

  FreeSid

  EqualSid

  AllocateAndInitializeSid

  GetTokenInformation

  RegDeleteKeyA

  shell32

  ExtractIconW

  SHGetMalloc

  SHGetDesktopFolder

  ExtractIconExW

  oleaut32

  SysAllocString

  VariantCopy

  VariantChangeType

  VariantInit

  ws2_32

  WSACleanup

  gethostbyaddr

  getservbyport

  ntohs

  inet_ntoa

  WSAStartup

  getservbyname

  htons

  WSAGetLastError

  gethostbyname

  inet_addr

  WSASetLastError

  socket

  closesocket

  htonl

  Exports

  Exports

  RAEditExtProc

  SetIOCtlExtProc

  Sections

  .text

  Size: 520KB - Virtual size: 519KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 128KB - Virtual size: 124KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 144KB - Virtual size: 143KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 64KB - Virtual size: 60KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• mfc80u.dll

  .dll windows:4 windows x86 arch:x86

  4ca444b09cab86ae48fe835cb05c6e94

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  msvcr80

  ?_type_info_dtor_internal_method@type_info@@QAEXXZ

  _except_handler4_common

  _crt_debugger_hook

  __CppXcptFilter

  _adjust_fdiv

  _amsg_exit

  _initterm_e

  _initterm

  _encoded_null

  _malloc_crt

  _decode_pointer

  _onexit

  _lock

  _encode_pointer

  __dllonexit

  _unlock

  ?terminate@@YAXXZ

  strcpy_s

  _itow_s

  _ultow_s

  _ltow_s

  iswdigit

  ceil

  wcsncmp

  _wcsnicmp

  _wfullpath

  _wtol

  __wargv

  __argc

  swscanf_s

  _beginthreadex

  _endthreadex

  _wcsdup

  _expand

  _wtoi

  _recalloc

  wcstod

  wcstoul

  _mbspbrk

  wcstol

  _resetstkoflw

  _wmakepath_s

  _wsplitpath_s

  _vsnwprintf_s

  _snwscanf_s

  labs

  abs

  calloc

  _msize

  wcscat_s

  _snwprintf_s

  _errno

  _purecall

  _localtime64_s

  _mktime64

  realloc

  fclose

  fflush

  ftell

  fseek

  fgetws

  fputws

  fwrite

  clearerr_s

  ferror

  feof

  fread

  __doserrno

  _fdopen

  _open_osfhandle

  _fileno

  _get_osfhandle

  wcscpy_s

  abort

  memcmp

  swprintf_s

  wcsncpy_s

  _mbscspn

  _mbscmp

  _vscprintf

  wcscmp

  wcscspn

  wcsspn

  iswspace

  _mbsinc

  _mbsupr_s

  _wcsrev

  memcpy_s

  _mbsspn

  _mbscoll

  wcspbrk

  memset

  _wcsicoll

  wcsstr

  wcsrchr

  _mbsrchr

  _mbschr

  vsprintf_s

  _wcsupr_s

  wcslen

  _wcslwr_s

  _ismbcspace

  vswprintf_s

  _mbsstr

  _mbsicoll

  _mbsrev

  strlen

  malloc

  free

  wcscoll

  memmove

  _vscwprintf

  _mbsicmp

  _wcsicmp

  memmove_s

  _mbslwr_s

  wcschr

  _CxxThrowException

  memcpy

  __clean_type_info_names_internal

  __CxxFrameHandler3

  kernel32

  GetLocaleInfoA

  GetSystemTimeAsFileTime

  GetEnvironmentVariableW

  FindResourceExW

  FindResourceW

  LoadResource

  FormatMessageA

  WideCharToMultiByte

  SizeofResource

  FormatMessageW

  GetEnvironmentVariableA

  MultiByteToWideChar

  GetLastError

  LockResource

  LocalFree

  SetLastError

  GetAtomNameW

  GlobalGetAtomNameW

  lstrlenW

  lstrcmpA

  lstrlenA

  DuplicateHandle

  GetCurrentProcess

  CreateFileW

  ReadFile

  WriteFile

  SetFilePointer

  FlushFileBuffers

  CloseHandle

  LockFile

  UnlockFile

  SetEndOfFile

  GetFileSize

  MoveFileW

  DeleteFileW

  LoadLibraryW

  GetProcAddress

  GetFullPathNameW

  GetVolumeInformationW

  FindFirstFileW

  FindClose

  lstrcmpiW

  GetThreadLocale

  GetStringTypeExW

  GetModuleFileNameW

  GetShortPathNameW

  GlobalLock

  GlobalSize

  GlobalAlloc

  GlobalUnlock

  GlobalReAlloc

  GlobalFree

  GetFileTime

  GetFileAttributesW

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  SystemTimeToFileTime

  LocalFileTimeToFileTime

  SetFileAttributesW

  SetFileTime

  FreeLibrary

  GetModuleHandleW

  InterlockedDecrement

  LocalAlloc

  TlsAlloc

  InitializeCriticalSection

  TlsFree

  GlobalHandle

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  TlsGetValue

  LocalReAlloc

  TlsSetValue

  WaitForSingleObject

  CreateSemaphoreW

  ReleaseSemaphore

  CreateMutexW

  ReleaseMutex

  CreateEventW

  WaitForMultipleObjects

  lstrcmpW

  GetVersionExA

  GlobalDeleteAtom

  GlobalFindAtomW

  CompareStringW

  GlobalAddAtomW

  GetCurrentThreadId

  GetVersion

  GetCurrentProcessId

  GetVersionExW

  MulDiv

  GetProfileIntW

  LoadLibraryA

  VirtualProtect

  GetModuleHandleA

  RaiseException

  GlobalFlags

  GetDiskFreeSpaceW

  GetTempFileNameW

  LocalLock

  LocalUnlock

  GetTempPathW

  SearchPathW

  SetEvent

  SetThreadPriority

  ResumeThread

  SuspendThread

  GetLocaleInfoW

  ConvertDefaultLocale

  EnumResourceLanguagesW

  GetCurrentThread

  InterlockedExchange

  CompareStringA

  SetErrorMode

  GetPrivateProfileIntW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetCurrentDirectoryW

  InterlockedIncrement

  FindNextFileW

  GetTickCount

  CopyFileW

  GetUserDefaultLCID

  IsDBCSLeadByte

  lstrcpyW

  lstrcpyA

  GetSystemTime

  LoadLibraryExW

  Sleep

  InterlockedCompareExchange

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  QueryPerformanceCounter

  GetACP

  gdi32

  GetCurrentPositionEx

  OffsetRgn

  SetBrushOrgEx

  GetRgnBox

  CreateMetaFileW

  CopyMetaFileW

  LPtoDP

  Ellipse

  CreateEllipticRgn

  AbortDoc

  EndDoc

  EndPage

  StartPage

  SetAbortProc

  DPtoLP

  SetRectRgn

  CombineRgn

  GetMapMode

  GetPixel

  CreateDIBPatternBrushPt

  CreateHatchBrush

  CreateSolidBrush

  ExtCreatePen

  EnumMetaFile

  PlayMetaFile

  PlayMetaFileRecord

  GetObjectType

  ExtSelectClipRgn

  GetClipRgn

  CreateRectRgn

  SelectClipPath

  PolyBezierTo

  SetColorAdjustment

  PolylineTo

  PolyDraw

  SetArcDirection

  ArcTo

  SetMapperFlags

  SetTextCharacterExtra

  SetTextJustification

  SetTextAlign

  LineTo

  OffsetClipRgn

  ExcludeClipRect

  SelectClipRgn

  OffsetWindowOrgEx

  ModifyWorldTransform

  SetWorldTransform

  SetGraphicsMode

  SetStretchBltMode

  SetROP2

  SetPolyFillMode

  SetBkMode

  SelectPalette

  StartDocW

  EnumFontFamiliesExW

  CreateDCW

  BitBlt

  CreateRectRgnIndirect

  PatBlt

  UnrealizeObject

  Rectangle

  CreatePen

  CreatePatternBrush

  CreateBitmap

  TextOutW

  DeleteMetaFile

  CloseMetaFile

  RectVisible

  PtVisible

  IntersectClipRect

  SetWindowOrgEx

  GetWindowOrgEx

  GetViewportOrgEx

  GetDeviceCaps

  Escape

  ExtTextOutW

  MoveToEx

  GetTextAlign

  GetTextExtentPoint32A

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SetMapMode

  GetNearestColor

  GetViewportExtEx

  GetWindowExtEx

  CreateFontIndirectW

  GetTextFaceW

  GetTextColor

  GetStretchBltMode

  GetPolyFillMode

  GetBkMode

  GetROP2

  RestoreDC

  SaveDC

  GetStockObject

  GetTextMetricsW

  GetTextExtentPoint32W

  DeleteObject

  GetCharWidthW

  CreateFontW

  DeleteDC

  StretchDIBits

  SelectObject

  GetBkColor

  CreateCompatibleBitmap

  CreateCompatibleDC

  SetTextColor

  SetBkColor

  GetObjectW

  GetClipBox

  user32

  IntersectRect

  RegisterWindowMessageW

  GetWindowLongW

  SetWindowLongW

  SetWindowPos

  IsWindow

  GetLastActivePopup

  GetForegroundWindow

  SetForegroundWindow

  GetMessageTime

  GetMessagePos

  DefWindowProcW

  GetPropW

  CallWindowProcW

  RemovePropW

  CallNextHookEx

  GetClassLongW

  GetClassInfoExW

  GetClassNameW

  SetPropW

  SetWindowsHookExW

  CreateWindowExW

  DestroyWindow

  GetKeyState

  GetDlgCtrlID

  SendMessageW

  GetWindowTextLengthW

  GetWindowTextW

  GetDlgItem

  SetWindowPlacement

  TrackPopupMenu

  TrackPopupMenuEx

  GetMenuItemCount

  GetSubMenu

  GetMenuItemID

  GetMenu

  GetClassInfoW

  RegisterClassW

  WinHelpW

  GetCapture

  GetParent

  GetWindow

  IsChild

  MessageBoxW

  GetTopWindow

  SetScrollPos

  GetScrollPos

  SetScrollRange

  GetScrollRange

  ShowScrollBar

  SetScrollInfo

  GetScrollInfo

  IsWindowVisible

  ScrollWindow

  BeginDeferWindowPos

  CopyRect

  EndDeferWindowPos

  ScreenToClient

  EqualRect

  DeferWindowPos

  AdjustWindowRectEx

  GetFocus

  SetActiveWindow

  SetFocus

  PtInRect

  PeekMessageW

  DispatchMessageW

  GetSysColor

  GetClientRect

  MapWindowPoints

  SendDlgItemMessageW

  SendDlgItemMessageA

  UpdateWindow

  PostMessageW

  LoadIconW

  EnableWindow

  SetRectEmpty

  LoadAcceleratorsW

  TranslateAcceleratorW

  ReleaseCapture

  SetCursor

  GetDesktopWindow

  IsWindowEnabled

  ShowWindow

  GetWindowThreadProcessId

  GetActiveWindow

  LoadMenuW

  DestroyMenu

  SetMenu

  UnpackDDElParam

  ReuseDDElParam

  InvalidateRect

  CreatePopupMenu

  InsertMenuItemW

  BringWindowToTop

  LoadCursorW

  OffsetRect

  WaitMessage

  WindowFromPoint

  SetCapture

  ClientToScreen

  GetMessageW

  TranslateMessage

  DefFrameProcW

  TranslateMDISysAccel

  DrawMenuBar

  DefMDIChildProcW

  RedrawWindow

  InflateRect

  KillTimer

  SetTimer

  SetRect

  GetDC

  ReleaseDC

  IsZoomed

  SetParent

  IsRectEmpty

  GetSystemMenu

  DeleteMenu

  AppendMenuW

  GetDCEx

  LockWindowUpdate

  GetTabbedTextExtentA

  DrawTextW

  DrawTextExW

  GrayStringW

  UnionRect

  MapVirtualKeyW

  GetKeyNameTextW

  LoadBitmapW

  DrawFocusRect

  FillRect

  CreateDialogIndirectParamW

  EndDialog

  GetNextDlgTabItem

  GetAsyncKeyState

  MapDialogRect

  GetDialogBaseUnits

  GetWindowDC

  BeginPaint

  EndPaint

  TabbedTextOutW

  GetMenuStringW

  SystemParametersInfoW

  GetMenuItemInfoW

  GetSysColorBrush

  SetWindowTextW

  CheckDlgButton

  CheckRadioButton

  GetDlgItemInt

  GetDlgItemTextW

  SetDlgItemInt

  SetDlgItemTextW

  IsDlgButtonChecked

  ScrollWindowEx

  IsDialogMessageW

  MoveWindow

  EnableMenuItem

  CheckMenuItem

  SetMenuItemBitmaps

  GetMenuState

  ModifyMenuW

  GetMenuCheckMarkDimensions

  DestroyIcon

  SetCursorPos

  DestroyCursor

  FindWindowW

  SetWindowRgn

  DrawIcon

  GetTabbedTextExtentW

  IsClipboardFormatAvailable

  MessageBeep

  RemoveMenu

  ValidateRect

  PostQuitMessage

  UnregisterClassW

  ShowOwnedPopups

  InsertMenuW

  RegisterClipboardFormatW

  SendNotifyMessageW

  CopyAcceleratorTableW

  InSendMessage

  PostThreadMessageW

  CreateMenu

  WindowFromDC

  CountClipboardFormats

  SetWindowContextHelpId

  CharNextW

  InvalidateRgn

  GetNextDlgGroupItem

  ClipCursor

  DrawEdge

  EnumChildWindows

  SystemParametersInfoA

  GetWindowRect

  GetWindowPlacement

  IsIconic

  MsgWaitForMultipleObjects

  UnhookWindowsHookEx

  GetCursorPos

  CharUpperW

  CharToOemBuffA

  UnregisterClassA

  OemToCharBuffA

  GetSystemMetrics

  shlwapi

  UrlUnescapeW

  PathFindFileNameW

  PathRemoveExtensionW

  PathFindExtensionW

  PathStripToRootW

  PathIsUNCW

  Sections

  .text

  Size: 924KB - Virtual size: 923KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 18KB - Virtual size: 26KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 46KB - Virtual size: 45KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 78KB - Virtual size: 77KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• monokini.iso
• msvcr80.dll

  .dll windows:4 windows x86 arch:x86

  7fecbc4a16a5dc85a5394a1df6217680

  
  

  Code Sign

  2e:ab:11:dc:50:ff:5c:9d:cb:c0

  Certificate

  Issuer

  CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

  Not Before

  22-08-2007 22:31

  Not After

  25-08-2012 07:00

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:06:27:81:00:00:00:00:00:08

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  22-10-2008 21:24

  Not After

  22-01-2010 21:34

  Subject

  CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2

  Certificate

  Issuer

  CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

  Not Before

  16-09-2006 01:04

  Not After

  15-09-2019 07:00

  Subject

  CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:06:94:2d:00:00:00:00:00:09

  Certificate

  Issuer

  CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  25-07-2008 19:02

  Not After

  25-07-2013 19:12

  Subject

  CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  33:c3:5f:8b:90:a4:1a:da:8a:31:e2:15:e8:8b:ff:62:ff:95:6b:8d

  Signer

  Actual PE Digest

  33:c3:5f:8b:90:a4:1a:da:8a:31:e2:15:e8:8b:ff:62:ff:95:6b:8d

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  msvcrt

  _getdrives

  kernel32

  GetStringTypeA

  GetLocalTime

  GetModuleFileNameA

  GetModuleFileNameW

  GetModuleHandleA

  GetProcAddress

  ExitProcess

  WriteFile

  GetStdHandle

  GetSystemDirectoryW

  GetLongPathNameW

  GetCurrentThreadId

  TlsGetValue

  DebugBreak

  OutputDebugStringA

  GetCommandLineA

  HeapFree

  GetVersionExA

  HeapAlloc

  GetProcessHeap

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  ExitThread

  CloseHandle

  GetLastError

  ResumeThread

  CreateThread

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  SetLastError

  InterlockedDecrement

  GetCurrentThread

  FindNextFileA

  FindFirstFileA

  FindClose

  FindNextFileW

  FindFirstFileW

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  Sleep

  GetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  VirtualFree

  HeapReAlloc

  VirtualAlloc

  HeapSize

  SetHandleCount

  GetFileType

  GetStartupInfoA

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  WriteConsoleW

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  SetConsoleCtrlHandler

  FreeLibrary

  InterlockedExchange

  LoadLibraryA

  InitializeCriticalSection

  MultiByteToWideChar

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  WideCharToMultiByte

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  LCMapStringA

  LCMapStringW

  SetLocalTime

  GetStringTypeW

  LoadLibraryW

  GetLocaleInfoA

  GetLocaleInfoW

  SetEnvironmentVariableA

  SetEnvironmentVariableW

  GetUserDefaultLCID

  EnumSystemLocalesA

  IsValidLocale

  RtlUnwind

  GetTimeFormatA

  GetDateFormatA

  GetTimeZoneInformation

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  SetFilePointer

  WriteConsoleA

  GetConsoleOutputCP

  SetStdHandle

  CreateFileA

  CompareStringA

  CompareStringW

  Beep

  GetDiskFreeSpaceA

  GetLogicalDrives

  SetErrorMode

  GetFileAttributesA

  GetCurrentDirectoryA

  SetCurrentDirectoryA

  SetFileAttributesA

  GetFullPathNameA

  GetDriveTypeA

  CreateDirectoryA

  RemoveDirectoryA

  DeleteFileA

  GetFileAttributesW

  GetCurrentDirectoryW

  SetCurrentDirectoryW

  SetFileAttributesW

  GetFullPathNameW

  CreateDirectoryW

  DeleteFileW

  MoveFileW

  RemoveDirectoryW

  GetDriveTypeW

  MoveFileA

  RaiseException

  GetExitCodeProcess

  WaitForSingleObject

  CreateProcessA

  CreateProcessW

  HeapValidate

  HeapCompact

  HeapWalk

  VirtualProtect

  GetSystemInfo

  VirtualQuery

  IsDBCSLeadByteEx

  ReadConsoleA

  ReadConsoleW

  SetConsoleMode

  SetEndOfFile

  DuplicateHandle

  GetFileInformationByHandle

  PeekNamedPipe

  ReadConsoleInputA

  PeekConsoleInputA

  GetNumberOfConsoleInputEvents

  ReadConsoleInputW

  LockFile

  UnlockFile

  CreatePipe

  ReadFile

  CreateFileW

  SetFileTime

  LocalFileTimeToFileTime

  SystemTimeToFileTime

  Exports

  Exports

  $I10_OUTPUT

  ??0__non_rtti_object@std@@QAE@ABV01@@Z

  ??0bad_cast@std@@QAE@ABV01@@Z

  ??0bad_cast@std@@QAE@PBD@Z

  ??0bad_typeid@std@@QAE@ABV01@@Z

  ??0bad_typeid@std@@QAE@PBD@Z

  ??0exception@std@@QAE@ABQBD@Z

  ??0exception@std@@QAE@ABQBDH@Z

  ??0exception@std@@QAE@ABV01@@Z

  ??0exception@std@@QAE@XZ

  ??1__non_rtti_object@std@@UAE@XZ

  ??1bad_cast@std@@UAE@XZ

  ??1bad_typeid@std@@UAE@XZ

  ??1exception@std@@UAE@XZ

  ??1type_info@@UAE@XZ

  ??2@YAPAXI@Z

  ??2@YAPAXIHPBDH@Z

  ??3@YAXPAX@Z

  ??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z

  ??4bad_cast@std@@QAEAAV01@ABV01@@Z

  ??4bad_typeid@std@@QAEAAV01@ABV01@@Z

  ??4exception@std@@QAEAAV01@ABV01@@Z

  ??8type_info@@QBE_NABV0@@Z

  ??9type_info@@QBE_NABV0@@Z

  ??_7__non_rtti_object@std@@6B@

  ??_7bad_cast@std@@6B@

  ??_7bad_typeid@std@@6B@

  ??_7exception@@6B@

  ??_7exception@std@@6B@

  ??_Fbad_cast@std@@QAEXXZ

  ??_Fbad_typeid@std@@QAEXXZ

  ??_U@YAPAXI@Z

  ??_U@YAPAXIHPBDH@Z

  ??_V@YAXPAX@Z

  ?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z

  ?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z

  ?_Type_info_dtor@type_info@@CAXPAV1@@Z

  ?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z

  ?_ValidateExecute@@YAHP6GHXZ@Z

  ?_ValidateRead@@YAHPBXI@Z

  ?_ValidateWrite@@YAHPAXI@Z

  ?_inconsistency@@YAXXZ

  ?_invalid_parameter@@YAXPBG00II@Z

  ?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z

  ?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z

  ?_open@@YAHPBDHH@Z

  ?_query_new_handler@@YAP6AHI@ZXZ

  ?_query_new_mode@@YAHXZ

  ?_set_new_handler@@YAP6AHI@ZH@Z

  ?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z

  ?_set_new_mode@@YAHH@Z

  ?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z

  ?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z

  ?_sopen@@YAHPBDHHH@Z

  ?_type_info_dtor_internal_method@type_info@@QAEXXZ

  ?_wopen@@YAHPB_WHH@Z

  ?_wsopen@@YAHPB_WHHH@Z

  ?before@type_info@@QBEHABV1@@Z

  ?name@type_info@@QBEPBDPAU__type_info_node@@@Z

  ?raw_name@type_info@@QBEPBDXZ

  ?set_new_handler@@YAP6AXXZP6AXXZ@Z

  ?set_terminate@@YAP6AXXZH@Z

  ?set_terminate@@YAP6AXXZP6AXXZ@Z

  ?set_unexpected@@YAP6AXXZH@Z

  ?set_unexpected@@YAP6AXXZP6AXXZ@Z

  ?swprintf@@YAHPAGIPBGZZ

  ?swprintf@@YAHPA_WIPB_WZZ

  ?terminate@@YAXXZ

  ?unexpected@@YAXXZ

  ?vswprintf@@YAHPA_WIPB_WPAD@Z

  ?what@exception@std@@UBEPBDXZ

  @_calloc_crt@8

  @_malloc_crt@4

  @_realloc_crt@8

  _CIacos

  _CIasin

  _CIatan

  _CIatan2

  _CIcos

  _CIcosh

  _CIexp

  _CIfmod

  _CIlog

  _CIlog10

  _CIpow

  _CIsin

  _CIsinh

  _CIsqrt

  _CItan

  _CItanh

  _CRT_RTC_INIT

  _CRT_RTC_INITW

  _CreateFrameInfo

  _CxxThrowException

  _EH_prolog

  _FindAndUnlinkFrame

  _Getdays

  _Getmonths

  _Gettnames

  _HUGE

  _IsExceptionObjectToBeDestroyed

  _NLG_Dispatch2

  _NLG_Return

  _NLG_Return2

  _Strftime

  _XcptFilter

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __CppXcptFilter

  __CxxCallUnwindDelDtor

  __CxxCallUnwindDtor

  __CxxCallUnwindStdDelDtor

  __CxxCallUnwindVecDtor

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxLongjmpUnwind

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __STRINGTOLD

  __STRINGTOLD_L

  __TypeMatch

  ___fls_getvalue@4

  ___fls_setvalue@8

  ___lc_codepage_func

  ___lc_collate_cp_func

  ___lc_handle_func

  ___mb_cur_max_func

  ___mb_cur_max_l_func

  ___setlc_active_func

  ___unguarded_readlc_active_add_func

  __argc

  __argv

  __badioinfo

  __clean_type_info_names_internal

  __control87_2

  __create_locale

  __crtCompareStringA

  __crtCompareStringW

  __crtGetLocaleInfoW

  __crtGetStringTypeW

  __crtLCMapStringA

  __crtLCMapStringW

  __daylight

  __dllonexit

  __doserrno

  __dstbias

  __fpecode

  __free_locale

  __get_app_type

  __get_current_locale

  __get_flsindex

  __get_tlsindex

  __getmainargs

  __initenv

  __iob_func

  __isascii

  __iscsym

  __iscsymf

  __iswcsym

  __iswcsymf

  __lc_clike

  __lc_codepage

  __lc_collate_cp

  __lc_handle

  __lconv

  __lconv_init

  __libm_sse2_acos

  __libm_sse2_acosf

  __libm_sse2_asin

  __libm_sse2_asinf

  __libm_sse2_atan

  __libm_sse2_atan2

  __libm_sse2_atanf

  __libm_sse2_cos

  __libm_sse2_cosf

  __libm_sse2_exp

  __libm_sse2_expf

  __libm_sse2_log

  __libm_sse2_log10

  __libm_sse2_log10f

  __libm_sse2_logf

  __libm_sse2_pow

  __libm_sse2_powf

  __libm_sse2_sin

  __libm_sse2_sinf

  __libm_sse2_tan

  __libm_sse2_tanf

  __mb_cur_max

  __p___argc

  __p___argv

  __p___initenv

  __p___mb_cur_max

  __p___wargv

  __p___winitenv

  __p__acmdln

  __p__amblksiz

  __p__commode

  __p__daylight

  __p__dstbias

  __p__environ

  __p__fmode

  __p__iob

  __p__mbcasemap

  __p__mbctype

  __p__osplatform

  __p__osver

  __p__pctype

  __p__pgmptr

  __p__pwctype

  __p__timezone

  __p__tzname

  __p__wcmdln

  __p__wenviron

  __p__winmajor

  __p__winminor

  __p__winver

  __p__wpgmptr

  __pctype_func

  __pioinfo

  __pwctype_func

  __pxcptinfoptrs

  __report_gsfailure

  __set_app_type

  __set_flsgetvalue

  __setlc_active

  __setusermatherr

  __strncnt

  __swprintf_l

  __sys_errlist

  __sys_nerr

  __threadhandle

  __threadid

  __timezone

  __toascii

  __tzname

  __unDName

  __unDNameEx

  __unDNameHelper

  __uncaught_exception

  __unguarded_readlc_active

  __vswprintf_l

  __wargv

  __wcserror

  __wcserror_s

  __wcsncnt

  __wgetmainargs

  __winitenv

  _abnormal_termination

  _abs64

  _access

  _access_s

  _acmdln

  _adj_fdiv_m16i

  _adj_fdiv_m32

  _adj_fdiv_m32i

  _adj_fdiv_m64

  _adj_fdiv_r

  _adj_fdivr_m16i

  _adj_fdivr_m32

  _adj_fdivr_m32i

  _adj_fdivr_m64

  _adj_fpatan

  _adj_fprem

  _adj_fprem1

  _adj_fptan

  _adjust_fdiv

  _aexit_rtn

  _aligned_free

  _aligned_malloc

  _aligned_msize

  _aligned_offset_malloc

  _aligned_offset_realloc

  _aligned_offset_recalloc

  _aligned_realloc

  _aligned_recalloc

  _amsg_exit

  _assert

  _atodbl

  _atodbl_l

  _atof_l

  _atoflt

  _atoflt_l

  _atoi64

  _atoi64_l

  _atoi_l

  _atol_l

  _atoldbl

  _atoldbl_l

  _beep

  _beginthread

  _beginthreadex

  _byteswap_uint64

  _byteswap_ulong

  _byteswap_ushort

  _c_exit

  _cabs

  _callnewh

  _calloc_crt

  _cexit

  _cgets

  _cgets_s

  _cgetws

  _cgetws_s

  _chdir

  _chdrive

  _chgsign

  _chkesp

  _chmod

  _chsize

  _chsize_s

  _clearfp

  _close

  _commit

  _commode

  _configthreadlocale

  _control87

  _controlfp

  _controlfp_s

  _copysign

  _cprintf

  _cprintf_l

  _cprintf_p

  _cprintf_p_l

  _cprintf_s

  _cprintf_s_l

  _cputs

  _cputws

  _creat

  _create_locale

  _crt_debugger_hook

  _cscanf

  _cscanf_l

  _cscanf_s

  _cscanf_s_l

  _ctime32

  _ctime32_s

  _ctime64

  _ctime64_s

  _cwait

  _cwprintf

  _cwprintf_l

  _cwprintf_p

  _cwprintf_p_l

  _cwprintf_s

  _cwprintf_s_l

  _cwscanf

  _cwscanf_l

  _cwscanf_s

  _cwscanf_s_l

  _daylight

  _decode_pointer

  _difftime32

  _difftime64

  _dosmaperr

  _dstbias

  _dup

  _dup2

  _dupenv_s

  _ecvt

  _ecvt_s

  _encode_pointer

  _encoded_null

  _endthread

  _endthreadex

  _environ

  _eof

  _errno

  _except_handler2

  _except_handler3

  _except_handler4_common

  _execl

  _execle

  _execlp

  _execlpe

  _execv

  _execve

  _execvp

  _execvpe

  _exit

  _expand

  _fclose_nolock

  _fcloseall

  _fcvt

  _fcvt_s

  _fdopen

  _fflush_nolock

  _fgetchar

  _fgetwc_nolock

  _fgetwchar

  _filbuf

  _filelength

  _filelengthi64

  _fileno

  _findclose

  _findfirst32

  _findfirst32i64

  _findfirst64

  _findfirst64i32

  _findnext32

  _findnext32i64

  _findnext64

  _findnext64i32

  _finite

  _flsbuf

  _flushall

  _fmode

  _fpclass

  _fpieee_flt

  _fpreset

  _fprintf_l

  _fprintf_p

  _fprintf_p_l

  _fprintf_s_l

  _fputchar

  _fputwc_nolock

  _fputwchar

  _fread_nolock

  _fread_nolock_s

  _free_locale

  _freea

  _freea_s

  _freefls

  _fscanf_l

  _fscanf_s_l

  _fseek_nolock

  _fseeki64

  _fseeki64_nolock

  _fsopen

  _fstat32

  _fstat32i64

  _fstat64

  _fstat64i32

  _ftell_nolock

  _ftelli64

  _ftelli64_nolock

  _ftime32

  _ftime32_s

  _ftime64

  _ftime64_s

  _ftol

  _fullpath

  _futime32

  _futime64

  _fwprintf_l

  _fwprintf_p

  _fwprintf_p_l

  _fwprintf_s_l

  _fwrite_nolock

  _fwscanf_l

  _fwscanf_s_l

  _gcvt

  _gcvt_s

  _get_amblksiz

  _get_current_locale

  _get_daylight

  _get_doserrno

  _get_dstbias

  _get_errno

  _get_fmode

  _get_heap_handle

  _get_invalid_parameter_handler

  _get_osfhandle

  _get_osplatform

  _get_osver

  _get_output_format

  _get_pgmptr

  _get_printf_count_output

  _get_purecall_handler

  _get_sbh_threshold

  _get_terminate

  _get_timezone

  _get_tzname

  _get_unexpected

  _get_winmajor

  _get_winminor

  _get_winver

  _get_wpgmptr

  _getch

  _getch_nolock

  _getche

  _getche_nolock

  _getcwd

  _getdcwd

  _getdcwd_nolock

  _getdiskfree

  _getdllprocaddr

  _getdrive

  _getdrives

  _getmaxstdio

  _getmbcp

  Sections

  .text

  Size: 396KB - Virtual size: 393KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 172KB - Virtual size: 171KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 20KB - Virtual size: 26KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 976B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 16KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ