Static task
static1
Behavioral task
behavioral1
Sample
14aec23e3b707c783a87e20d6e6fc986.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
14aec23e3b707c783a87e20d6e6fc986.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
14aec23e3b707c783a87e20d6e6fc986
-
Size
1.4MB
-
MD5
14aec23e3b707c783a87e20d6e6fc986
-
SHA1
e6532cb69566ec5ac7ca8ed9181bad26cf1cff3a
-
SHA256
765b0c1b1d8766a49c3f9a467a7681f7d85caf0849fe5e38b22c0f97b3d5ef83
-
SHA512
afe25f5e58255eb33059f2f46e59f6577f0096bfc5067e9a2e8780f0d50cfb1300a0207931994443e30879d87f81fb489b338181505d9e7fab236298b65c0802
-
SSDEEP
24576:eF5txnmavVkD3kO4E2hwyUfYswEY8TPwPJ0WmBQXi5JM46Ni+JKjS/f7TiFy+oqb:eF5tFmavVWPTfYswEdTP4oBQXMJM46N2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 14aec23e3b707c783a87e20d6e6fc986
Files
-
14aec23e3b707c783a87e20d6e6fc986.exe windows:5 windows x86 arch:x86
6fa94feb3c127bfb6835ae3e85bc1288
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
brbase
?StringToUint64@base@@YA_NABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@PA_K@Z
?SplitStringUsingSubstr@base@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?AppendToFile@file_util@@YAHABVFilePath@base@@PBDH@Z
?WriteFile@file_util@@YAHABVFilePath@base@@PBDH@Z
?CopyDirectory@file_util@@YA_NABVFilePath@base@@0_N@Z
?Delete@file_util@@YA_NABVFilePath@base@@_N@Z
?GetSwitchValueASCII@CommandLine@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?ForCurrentProcess@CommandLine@@SAPAV1@XZ
?StringToUint@base@@YA_NABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@PAI@Z
?Snapshot@ProcessIterator@base@@QAE?AV?$list@UProcessEntry@base@@V?$allocator@UProcessEntry@base@@@std@@@std@@XZ
??1ProcessIterator@base@@UAE@XZ
??0ProcessIterator@base@@QAE@PBVProcessFilter@1@@Z
?KillProcess@base@@YA_NPAXH_N@Z
?CreateDoubleValue@Value@base@@SAPAVFundamentalValue@2@N@Z
?CreateIntegerValue@Value@base@@SAPAVFundamentalValue@2@H@Z
?CreateStringValue@Value@base@@SAPAVStringValue@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1AtExitManager@base@@QAE@XZ
??0AtExitManager@base@@QAE@XZ
?EnableTerminationOnOutOfMemory@base@@YAXXZ
?EnableTerminationOnHeapCorruption@base@@YAXXZ
?Init@CommandLine@@SA_NHPBQBD@Z
?DirName@FilePath@base@@QBE?AV12@XZ
?BaseName@FilePath@base@@QBE?AV12@XZ
??0PickleIterator@@QAE@ABVPickle@@@Z
??0ScopedNativeLibrary@base@@QAE@ABVFilePath@1@@Z
?GetFunctionPointer@ScopedNativeLibrary@base@@QBEPAXPBD@Z
??1FilePath@base@@QAE@XZ
?AddTraceEventWithThreadIdAndTimestamp@TraceLog@debug@base@@QAEXDPBEPBD_KHABVTimeTicks@3@HPAPBD0PB_KE@Z
?NowFromSystemTraceTime@TimeTicks@base@@SA?AV12@XZ
?CurrentId@PlatformThread@base@@SAKXZ
??0ThreadCheckerImpl@base@@QAE@XZ
??1ThreadCheckerImpl@base@@QAE@XZ
??6@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AAV01@PB_W@Z
?GetMinLogLevel@logging@@YAHXZ
?CalledOnValidThread@ThreadCheckerImpl@base@@QBE_NXZ
?ReadInt@PickleIterator@@QAE_NPAH@Z
?ReadString@PickleIterator@@QAE_NPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0LogMessage@logging@@QAE@PBDHHPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?WriteString@Pickle@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?WriteBytes@Pickle@@QAE_NPBXH@Z
??0LogMessage@logging@@QAE@PBDHH@Z
??1LogMessage@logging@@QAE@XZ
?SysWideToNativeMB@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z
?WaitForIOCompletion@MessageLoopForIO@base@@QAE_NKPAVIOHandler@MessagePumpForIO@2@@Z
?Now@Time@base@@SA?AV12@XZ
?GetCategoryGroupEnabled@TraceLog@debug@base@@SAPBEPBD@Z
?RegisterIOHandler@MessageLoopForIO@base@@QAEXPAXPAVIOHandler@MessagePumpForIO@2@@Z
?AddTraceEvent@TraceLog@debug@base@@QAEXDPBEPBD_KHPAPBD0PB_KE@Z
?FindNext@Pickle@@KAPBDIPBD0@Z
??0Pickle@@QAE@ABV0@@Z
?GetInstance@TraceLog@debug@base@@SAPAV123@XZ
??1Pickle@@UAE@XZ
??0Pickle@@QAE@PBDH@Z
??1ScopedNativeLibrary@base@@QAE@XZ
??0Pickle@@QAE@H@Z
?current@MessageLoop@base@@SAPAV12@XZ
??1WeakPtrBase@internal@base@@QAE@XZ
?SetIOAllowed@ThreadRestrictions@base@@SA_N_N@Z
?SetSingletonAllowed@ThreadRestrictions@base@@SA_N_N@Z
?StringToInt@base@@YA_NABV?$BasicStringPiece@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@1@PAH@Z
?Uint64ToString16@base@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@_K@Z
?UintToString16@base@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@I@Z
??0WeakReferenceOwner@internal@base@@QAE@XZ
??1WeakReferenceOwner@internal@base@@QAE@XZ
?GetRef@WeakReferenceOwner@internal@base@@QBE?AVWeakReference@23@XZ
??1WeakReference@internal@base@@QAE@XZ
??0WeakPtrBase@internal@base@@IAE@ABVWeakReference@12@@Z
?is_valid@WeakReference@internal@base@@QBE_NXZ
?HasKey@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetInteger@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?GetDouble@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAN@Z
?GetString@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV34@@Z
?GetList@DictionaryValue@base@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPAVListValue@2@@Z
?GetString@ListValue@base@@QBE_NIPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetDictionary@ListValue@base@@QAE_NIPAPAVDictionaryValue@2@@Z
?GetDictionary@DictionaryValue@base@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPAV12@@Z
?WriteStringNoSize@Pickle@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?WriteSplit@Pickle@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?WriteIntString@Pickle@@QAE_NH@Z
?WriteChars@Pickle@@QAE_NPBXH@Z
??0Pickle@@QAE@XZ
?StringToInt@base@@YA_NABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@PAH@Z
?ReadUInt32@PickleIterator@@QAE_NPAI@Z
?ReadUInt64@PickleIterator@@QAE_NPA_K@Z
?GenerateGUID@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?SplitString@base@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@DPAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
??0CommandLine@@QAE@ABVFilePath@base@@@Z
??1CommandLine@@QAE@XZ
?LaunchProcess@base@@YA_NABVCommandLine@@ABULaunchOptions@1@PAPAX@Z
?GetProcId@base@@YAKPAX@Z
?ReadFloat@PickleIterator@@QAE_NPAM@Z
??0ListValue@base@@QAE@XZ
?Insert@ListValue@base@@QAE_NIPAVValue@2@@Z
?PostNonNestableDelayedTask@MessageLoop@base@@QAEXABVLocation@tracked_objects@@ABV?$Callback@$$A6AXXZ@2@VTimeDelta@2@@Z
?CreateProcessMetrics@ProcessMetrics@base@@SAPAV12@PAX@Z
?GetWorkingSetSize@ProcessMetrics@base@@QBEIXZ
??1ProcessMetrics@base@@QAE@XZ
?SysWideToUTF8@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z
?AddRef@RefCountedThreadSafeBase@subtle@base@@IBEXXZ
?IntToString@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?UintToString@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?Uint64ToString@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
??0FilePath@base@@QAE@XZ
?Get@PathService@@SA_NHPAVFilePath@base@@@Z
?PathExists@file_util@@YA_NABVFilePath@base@@@Z
?ReplaceSubstringsAfterOffset@@YAXPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IABV12@1@Z
?ReplaceSubstringsAfterOffset@@YAXPAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IABV12@1@Z
?SysNativeMBToWide@base@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@@Z
?Append@FilePath@base@@QBE?AV12@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??4FilePath@base@@QAEAAV01@ABV01@@Z
?DirectoryExists@file_util@@YA_NABVFilePath@base@@@Z
?CreateDirectoryW@file_util@@YA_NABVFilePath@base@@@Z
??0DictionaryValue@base@@QAE@XZ
?Set@DictionaryValue@base@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVValue@2@@Z
?Write@JSONWriter@base@@SAXQBVValue@2@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Read@JSONReader@base@@SAPAVValue@2@ABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@Z
?Start@Thread@base@@QAE_NXZ
?PostTask@MessageLoop@base@@QAEXABVLocation@tracked_objects@@ABV?$Callback@$$A6AXXZ@2@@Z
?IsRunning@Thread@base@@QBE_NXZ
?Stop@Thread@base@@QAEXXZ
?GetProgramCounter@tracked_objects@@YAPBXXZ
??0Location@tracked_objects@@QAE@PBD0HPBX@Z
?PostDelayedTask@MessageLoop@base@@QAEXABVLocation@tracked_objects@@ABV?$Callback@$$A6AXXZ@2@VTimeDelta@2@@Z
??0CallbackBase@internal@base@@IAE@PAVBindStateBase@12@@Z
??0RefCountedThreadSafeBase@subtle@base@@IAE@XZ
??1CallbackBase@internal@base@@IAE@XZ
?Unlock@LockImpl@internal@base@@QAEXXZ
?Lock@LockImpl@internal@base@@QAEXXZ
??1LockImpl@internal@base@@QAE@XZ
??0LockImpl@internal@base@@QAE@XZ
?Release@RefCountedThreadSafeBase@subtle@base@@IBE_NXZ
??0FilePath@base@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??1RefCountedThreadSafeBase@subtle@base@@IAE@XZ
??0Thread@base@@QAE@PBD@Z
?StartWithOptions@Thread@base@@QAE_NABUOptions@12@@Z
?AppendArg@CommandLine@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?HasSwitch@CommandLine@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetProcessCount@base@@YAHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBVProcessFilter@1@@Z
?GetCommandLineString@CommandLine@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?AppendSwitchASCII@CommandLine@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?ParseFromString@CommandLine@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0CommandLine@@QAE@W4NoProgram@0@@Z
?ReadWString@PickleIterator@@QAE_NPAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?WriteWString@Pickle@@QAE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
ws2_32
connect
setsockopt
select
ioctlsocket
getaddrinfo
freeaddrinfo
inet_ntoa
getpeername
ntohl
inet_addr
WSACleanup
WSAStartup
listen
closesocket
bind
htons
htonl
socket
send
recv
accept
gethostbyname
kernel32
ResumeThread
GetThreadContext
SetThreadContext
VirtualQuery
VirtualFree
FlushInstructionCache
LocalAlloc
LocalFree
HeapDestroy
HeapReAlloc
HeapSize
EncodePointer
DecodePointer
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
FormatMessageA
VirtualProtect
SuspendThread
GetLastError
CloseHandle
MultiByteToWideChar
lstrlenA
CreateMutexW
GetCurrentProcessId
SetUnhandledExceptionFilter
SetErrorMode
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForMultipleObjects
DeleteFileA
FindFirstFileA
lstrcpyA
GetLocalTime
GetCurrentProcess
OpenProcess
FindClose
FindNextFileA
FileTimeToLocalFileTime
lstrcmpA
GetNativeSystemInfo
FreeLibrary
QueryPerformanceCounter
WaitForSingleObject
GetModuleHandleW
GetTickCount
LoadLibraryW
CreateProcessA
TerminateProcess
GetModuleFileNameW
lstrcatA
RaiseException
CreateDirectoryA
SetCurrentDirectoryA
GetStartupInfoA
GetProcAddress
LoadLibraryA
Process32FirstW
GetModuleFileNameA
Process32NextW
CreateToolhelp32Snapshot
QueryPerformanceFrequency
GetCurrentThreadId
WinExec
FindResourceExW
FindResourceW
LoadResource
InterlockedDecrement
GetPrivateProfileIntA
WideCharToMultiByte
SizeofResource
GetVersionExW
GetSystemDirectoryA
GetPrivateProfileStringA
LockResource
GlobalMemoryStatusEx
Sleep
GetFileAttributesA
GetFileAttributesW
GetFileSize
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateProcessW
GetCurrentThread
DeleteFileW
HeapAlloc
HeapFree
FileTimeToSystemTime
SystemTimeToFileTime
GetProcessHeap
SetThreadAffinityMask
CreateFileW
SetFilePointer
ReadFile
GetCurrentDirectoryW
WriteFile
GetFileInformationByHandle
UnmapViewOfFile
FreeResource
ExitProcess
DosDateTimeToFileTime
GetFileType
DuplicateHandle
MulDiv
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
GetSystemTimes
GetProcessTimes
ConnectNamedPipe
CancelIo
CreateNamedPipeW
GetNamedPipeInfo
CopyFileA
IsProcessorFeaturePresent
user32
SetFocus
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
InvalidateRect
GetWindowRect
MapWindowPoints
CreateWindowExW
ScreenToClient
GetCursorPos
GetMessageW
TranslateMessage
DispatchMessageW
GetFocus
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
DefWindowProcW
ShowWindow
EnableWindow
GetMonitorInfoW
MonitorFromWindow
GetWindow
LoadCursorW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
GetKeyState
GetPropW
OffsetRect
InflateRect
wvsprintfW
SetCursor
IsIconic
IsZoomed
SetWindowRgn
MessageBoxW
IntersectRect
CharNextW
CreateCaret
ShowCaret
HideCaret
SetCaretPos
ClientToScreen
GetSysColor
SetWindowLongW
SetWindowPos
GetClientRect
GetDC
ReleaseDC
LoadImageW
DestroyWindow
GetWindowLongW
IsWindow
SendMessageW
PostMessageW
GetDesktopWindow
GetSystemMetrics
GetParent
SetPropW
FillRect
DrawTextW
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
MoveWindow
UpdateWindow
RegisterClassW
gdi32
CreatePen
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
GetTextMetricsW
CreateRoundRectRgn
CreateFontIndirectW
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
CreateDIBSection
StretchBlt
SetStretchBltMode
SetBkColor
ExtTextOutW
CreateSolidBrush
CreatePenIndirect
MoveToEx
GetStockObject
GetDeviceCaps
LineTo
RoundRect
SetBkMode
SetTextColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
GetObjectW
GetObjectA
advapi32
StartServiceA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
OpenServiceA
CloseServiceHandle
OpenSCManagerW
shell32
ShellExecuteW
ShellExecuteA
ole32
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CoCreateInstance
CoInitialize
CoUninitialize
oleaut32
SysAllocString
VariantClear
SysFreeString
VariantInit
shlwapi
StrToIntA
PathAppendA
PathFileExistsA
PathIsDirectoryA
msvcp100
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?classic@locale@std@@SAABV12@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1_Container_base12@std@@QAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
?toupper@?$ctype@D@std@@QBEDD@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Incref@facet@locale@std@@QAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_BADOFF@std@@3_JB
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@UAE@XZ
??Bid@locale@std@@QAEIXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ
??0_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?toupper@?$ctype@_W@std@@QBE_W_W@Z
?max@?$numeric_limits@I@std@@SAIXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
comctl32
ord17
_TrackMouseEvent
gdiplus
GdipDrawString
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdiplusStartup
GdiplusShutdown
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
msvcr100
_mktime64
wmemcpy_s
_waccess_s
wcsrtombs_s
_mbsstr
fseek
ftell
strcpy_s
malloc
strerror
_fileno
_filelength
exit
strftime
_access_s
tolower
_localtime64_s
sprintf_s
_wcsicmp
??0exception@std@@QAE@XZ
_atoi64
atoi
srand
rand
sscanf_s
fsetpos
_fseeki64
fgetpos
??8type_info@@QBE_NABV0@@Z
setvbuf
fflush
_unlock_file
_lock_file
ungetc
fputc
fgetc
??_V@YAXPAX@Z
_vscprintf
vsprintf_s
strnlen
memmove_s
memcpy_s
sprintf
fopen
fclose
fread
fwrite
strstr
memchr
_time64
_access
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_beginthreadex
memset
abort
__CxxFrameHandler3
_recalloc
calloc
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
free
_purecall
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_CxxThrowException
memmove
memcpy
??3@YAXPAX@Z
wcsftime
_wfsopen
ferror
toupper
_wfindfirst64i32
_wfindnext64i32
_findclose
fgets
??9type_info@@QBE_NABV0@@Z
wcsncpy
wcsstr
wcscpy_s
isdigit
wcstol
realloc
_wcslwr
wcschr
wcsrchr
_wtoi
_gmtime64
wcstoul
wcsncmp
iswalnum
swprintf_s
__RTDynamicCast
??0exception@std@@QAE@ABQBDH@Z
_aligned_free
_aligned_malloc
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__set_app_type
_fmode
_commode
wininet
FtpCreateDirectoryA
InternetGetLastResponseInfoA
FtpSetCurrentDirectoryA
InternetConnectA
InternetOpenA
FtpPutFileA
HttpQueryInfoA
InternetQueryOptionW
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionW
InternetCloseHandle
HttpEndRequestW
InternetWriteFile
InternetSetStatusCallbackA
HttpSendRequestExW
HttpAddRequestHeadersA
HttpOpenRequestA
psapi
EnumProcessModules
GetModuleFileNameExA
GetProcessMemoryInfo
iphlpapi
IcmpCloseHandle
Icmp6SendEcho2
Icmp6CreateFile
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
Sections
.text Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 220KB - Virtual size: 219KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 127KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ