Behavioral task
behavioral1
Sample
ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe.zip
-
Size
4.4MB
-
MD5
23f203e5ce57b36cf797dbfca05103ac
-
SHA1
e6d264f2cd9534f8a7a7ba6e3b629565bff78763
-
SHA256
0130a766b35a8327809d52945186cf51e83d1db2f672110015f12950623bea2b
-
SHA512
88d9e47a2f12151993d3e583c99e90ba0a804f7ea69a06b1a272cb7ce83b7f6581240a5f9d002fcd6480d84c2da5be3a748f1d85269872e7112e71f8fb5e9079
-
SSDEEP
98304:95Vs5aesp9JoAibWEtmVZ+sd3N0vMZGhTnaodAvywxCmfENMSc3:1oaespvViSsmy+3NNZGNa7ywaNls
Malware Config
Signatures
-
resource yara_rule static1/unpack001/ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe
Files
-
ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe.zip.zip
Password: infected
-
ded905f8464ff4ce63859603ae879610590ee33ea6641beab00cdf6cab13607b.exe.exe windows:5 windows x86 arch:x86
01da7e1e1c32ba411675ba7eb78d641d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
publog
?LogError@@YAXPBDZZ
?DebugTrace@@YAXPBDZZ
?ReleaseTrace@@YAXPBDZZ
?LogInfo@@YAXPBDZZ
gc
GC_free
GC_malloc
GC_register_finalizer_ignore_self
GC_malloc_atomic
GC_malloc_uncollectable
mfc90
ord6707
ord6330
ord4256
ord6329
ord1155
ord3831
ord3244
ord3554
ord693
ord1699
ord3997
ord4337
ord4760
ord3909
ord1716
ord3632
ord767
ord6507
ord6473
ord3940
ord2966
ord4516
ord6788
ord4757
ord4157
ord3815
ord2278
ord1771
ord1685
ord4642
ord3538
ord677
ord525
ord3612
ord6078
ord4527
ord4396
ord2327
ord1536
ord2267
ord6291
ord286
ord600
ord280
ord586
ord789
ord3643
ord4646
ord1720
ord2283
ord899
ord1556
ord2490
ord665
ord406
ord2588
ord6584
ord4431
ord4222
ord3479
ord333
ord6062
ord1357
ord6048
ord613
ord571
ord337
ord4513
ord4311
ord1045
ord2587
ord2097
ord6074
ord3528
ord3534
ord2106
ord1183
ord3477
ord636
ord367
ord611
ord595
ord796
ord3480
ord3277
ord5647
ord4638
ord1497
ord6391
ord3346
ord1668
ord1607
ord3629
ord766
ord4254
ord6475
ord6474
ord5482
ord3796
ord2274
ord4030
ord3757
ord2672
ord2481
ord4477
ord6613
ord5997
ord3519
ord654
ord1276
ord2263
ord3663
ord403
ord3506
ord1061
ord3726
ord1252
ord5753
ord4977
ord1087
ord1786
ord1723
ord4649
ord3269
ord3650
ord784
ord4022
ord2753
ord6352
ord1692
ord2100
ord582
ord783
ord3491
ord4153
ord306
ord3158
ord3731
ord3678
ord3676
ord3157
ord2470
ord4248
ord6616
ord3056
ord2280
ord4644
ord6333
ord2141
ord3674
ord3148
ord6527
ord2896
ord4384
ord3730
ord1359
ord1254
ord1258
ord5851
ord6682
ord6676
ord1303
ord2360
ord2590
ord5528
ord780
ord579
ord3141
ord4026
ord790
ord3654
ord3273
ord3931
ord2144
ord1691
ord1727
ord941
ord5963
ord1144
ord2592
ord3627
ord1603
ord3390
ord2209
ord664
ord405
ord1490
ord2356
ord4434
ord4409
ord6783
ord4159
ord6781
ord4733
ord2251
ord2206
ord6018
ord4165
ord1046
ord5533
ord6721
ord5813
ord4199
ord2087
ord3209
ord5657
ord5659
ord2447
ord4333
ord4981
ord5663
ord5646
ord6001
ord3110
ord4890
ord4667
ord3659
ord1098
ord4197
ord1220
ord793
ord589
ord4029
ord4952
ord2692
ord4223
ord5924
ord5636
ord5633
ord6170
ord744
ord524
ord2364
ord2074
ord6557
ord6559
ord4993
ord3987
ord1137
ord1108
ord639
ord374
ord3783
ord2480
ord4392
ord1611
ord305
ord3213
ord5835
ord310
ord2691
ord945
ord300
ord2539
ord5615
ord4617
ord5152
ord5309
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1755
ord1752
ord4331
ord1496
ord4650
ord5585
ord5497
ord6780
ord4589
ord3732
ord5139
ord1729
ord6446
ord5668
ord5666
ord958
ord963
ord967
ord965
ord969
ord2610
ord2630
ord777
ord1938
ord4727
ord4529
ord2614
ord2620
ord2618
ord2616
ord686
ord2286
ord404
ord663
ord2633
ord2628
ord5520
ord6793
ord436
ord1555
ord6166
ord375
ord2612
ord2635
ord2623
ord2605
ord2607
ord2625
ord2375
ord2368
ord1644
ord6784
ord4160
ord6782
ord3671
ord5389
ord6356
ord3218
ord1446
ord4116
ord3179
ord4481
ord314
ord1358
ord5608
ord2139
ord1792
ord1791
ord1728
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4668
ord817
ord910
ord4688
ord3178
ord820
ord2069
ord601
ord316
msvcr90
_setmbcp
__RTDynamicCast
towupper
towlower
??8type_info@@QBE_NABV0@@Z
_strupr
_setmode
_fdopen
_fileno
_strlwr
_CIlog
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__clean_type_info_names_internal
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_vsnprintf
_decode_pointer
_onexit
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
sprintf_s
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
memcpy_s
memmove_s
sprintf
_purecall
_atoi64
vsprintf_s
wcscpy_s
strstr
swprintf_s
strncpy
_vsnprintf_s
strcpy_s
_mbsnbcpy_s
_splitpath_s
_stricmp
memmove
atoi
atof
fprintf
fopen_s
fclose
fseek
ftell
fread
fputc
ferror
sscanf_s
isspace
tolower
isalpha
isalnum
strchr
strncmp
_splitpath
srand
_time64
rand
_snprintf
sscanf
strrchr
_mkdir
strftime
_localtime64_s
toupper
ceil
calloc
free
_recalloc
_memicmp
fopen
fwrite
malloc
memset
memcpy
ungetc
__iob_func
fflush
fgetc
strcmp
isdigit
strcat
exit
memcmp
strlen
strcpy
_endthread
_beginthread
_mbsrchr
__CxxFrameHandler3
_wsplitpath_s
_vswprintf
_CxxThrowException
vswprintf_s
wcslen
wcstombs
wcsncmp
wcscmp
_strnicmp
abs
_wcsnicmp
atol
isprint
strncpy_s
_mktime64
__RTtypeid
_localtime32_s
strcat_s
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_wcsicmp
_unlock
__dllonexit
_encode_pointer
_lock
kernel32
DeleteCriticalSection
EnterCriticalSection
GetPrivateProfileIntA
GetCurrentProcessId
LeaveCriticalSection
GetTickCount
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceA
GlobalAlloc
FreeResource
GlobalLock
GlobalFree
GlobalUnlock
OutputDebugStringA
SetFilePointer
WriteFile
DeleteFileA
GetTempPathA
lstrcpyA
GetTempFileNameA
SetFileAttributesA
lstrlenA
lstrlenW
SetLastError
IsBadWritePtr
ResetEvent
FindFirstFileA
FindClose
FreeLibrary
MulDiv
FileTimeToSystemTime
FileTimeToLocalFileTime
SetThreadPriority
GetCurrentThreadId
InitializeCriticalSection
GetProcessHeap
HeapFree
GetStartupInfoA
CreateProcessA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileSize
CopyFileA
RaiseException
WaitForMultipleObjects
SetFilePointerEx
ReadFile
CreateFileW
FlushFileBuffers
GetFileSizeEx
SetFileTime
CreateDirectoryA
ReleaseMutex
GetDiskFreeSpaceA
CancelIo
GetOverlappedResult
GetPrivateProfileIntW
GetModuleFileNameW
QueryDosDeviceA
DosDateTimeToFileTime
FileTimeToDosDateTime
LocalFree
FormatMessageA
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetLocaleInfoW
GetModuleHandleA
GlobalMemoryStatusEx
GetSystemInfo
SetEvent
CreateEventA
GetUserDefaultLCID
GetStringTypeExA
GetStringTypeExW
LCMapStringA
LCMapStringW
DebugBreak
QueryPerformanceFrequency
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualFree
VirtualAlloc
CreateFileA
DeviceIoControl
GetVolumeInformationA
FindNextVolumeA
FindVolumeClose
FindFirstVolumeA
GetDiskFreeSpaceExA
Sleep
TerminateThread
CloseHandle
GetVersionExA
LoadLibraryA
GetLogicalDrives
WideCharToMultiByte
HeapAlloc
GetPrivateProfileStringW
CreateThread
GetProcAddress
LoadLibraryW
WritePrivateProfileStringA
GetPrivateProfileStringA
SystemTimeToFileTime
GetLocalTime
GetDriveTypeA
GetLastError
CreateMutexA
WaitForSingleObject
GetWindowsDirectoryA
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
lstrcmpA
CompareFileTime
GetModuleFileNameA
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
LoadStringW
LoadStringA
EnableScrollBar
GetScrollPos
SetScrollPos
SetScrollRange
ShowScrollBar
GetDlgItem
SetWindowTextA
EnumChildWindows
SetRectEmpty
AnimateWindow
SetLayeredWindowAttributes
UnregisterClassA
SetParent
ReleaseCapture
SetCapture
EqualRect
TrackPopupMenu
InsertMenuItemA
IsRectEmpty
GetAsyncKeyState
DrawFocusRect
DrawFrameControl
UpdateWindow
CallWindowProcA
RegisterClassA
ScrollWindow
MapWindowPoints
SetScrollInfo
GetScrollInfo
DefWindowProcA
GetDesktopWindow
GetDC
PeekMessageA
MoveWindow
SetWindowRgn
SetClassLongA
GetClassLongA
EndPaint
BeginPaint
GetFocus
GetMessageA
DispatchMessageA
TranslateMessage
EndMenu
BringWindowToTop
SetCursor
LoadCursorA
ScreenToClient
SetWindowLongA
KillTimer
LoadBitmapA
DrawStateA
GetIconInfo
OffsetRect
GetSysColor
DestroyIcon
GetParent
GetWindowLongA
CopyRect
FrameRect
FillRect
GetWindowDC
SetTimer
ReleaseDC
MessageBoxA
ClientToScreen
CreateWindowExA
IsWindowVisible
RegisterDeviceNotificationA
DestroyMenu
TrackPopupMenuEx
SetMenuInfo
LoadImageA
AppendMenuA
AppendMenuW
CreatePopupMenu
GetCursorPos
RedrawWindow
PostMessageA
DestroyWindow
IsWindow
UnregisterDeviceNotification
InflateRect
GetClassInfoA
FlashWindow
SetForegroundWindow
SetActiveWindow
SetWindowPos
ShowWindow
FindWindowA
PtInRect
GetWindowRect
DrawIcon
GetClientRect
GetSystemMetrics
SendMessageA
IsIconic
TrackMouseEvent
InvalidateRect
SetFocus
LoadIconA
EnableWindow
SetRect
DrawTextA
GetProcessWindowStation
GetUserObjectInformationW
gdi32
DPtoLP
SetDIBits
GetDIBits
GetTextMetricsA
Polyline
GetDeviceCaps
StretchBlt
GetTextColor
LineTo
MoveToEx
CreatePen
FillRgn
ExcludeClipRect
CreateRoundRectRgn
GetObjectA
SetBkColor
CreateBitmap
CreateFontA
GetStockObject
CreateFontIndirectA
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
SetBkMode
DeleteDC
DeleteObject
CreateSolidBrush
SetTextColor
SelectObject
GetMapMode
msimg32
GradientFill
comdlg32
GetSaveFileNameA
advapi32
RegQueryValueExA
OpenEncryptedFileRawA
CloseEncryptedFileRaw
WriteEncryptedFileRaw
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
shell32
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc
SHGetDesktopFolder
comctl32
ImageList_GetIcon
ImageList_GetIconSize
ImageList_LoadImageA
_TrackMouseEvent
ImageList_Draw
InitCommonControlsEx
ImageList_ReplaceIcon
shlwapi
StrRetToStrA
ole32
CoCreateInstance
StgOpenStorage
CoSetProxyBlanket
CoInitializeSecurity
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize
oleaut32
CreateErrorInfo
SetErrorInfo
GetErrorInfo
OleLoadPicture
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
VariantCopy
VariantInit
VariantClear
VariantChangeType
SysAllocString
urlmon
URLDownloadToFileA
gdiplus
GdipDrawImageI
GdipDrawImageRectRectI
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipSetPenMode
GdipFillPolygonI
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetPenColor
GdipFillRectangle
GdipDrawLinesI
GdiplusShutdown
GdipBitmapUnlockBits
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipBitmapLockBits
GdipGetImageThumbnail
GdipCloneImage
GdipDisposeImage
GdipDrawRectangleI
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImageWidth
GdipCreateSolidFill
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipFillRegion
GdipCreateRegionHrgn
GdipDeleteRegion
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateLineBrushFromRectI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdipReleaseDC
msvcp90
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?length@?$char_traits@D@std@@SAIPBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?length@?$char_traits@_W@std@@SAIPB_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?max_size@?$allocator@_W@std@@QBEIXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?max@?$numeric_limits@H@std@@SAHXZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?allocate@?$allocator@D@std@@QAEPADI@Z
?max_size@?$allocator@D@std@@QBEIXZ
??0?$allocator@D@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?width@ios_base@std@@QAEHH@Z
?width@ios_base@std@@QBEHXZ
?flags@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?flush@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
mpr
WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA
dbghelp
MakeSureDirectoryPathExists
wininet
InternetCheckConnectionA
autoupdate
?GetAutoUpdateInstance@@YGPAVIAutoUpdate@@XZ
ws2_32
gethostname
WSAStartup
gethostbyname
psapi
GetProcessMemoryInfo
Sections
.text Size: - Virtual size: 3.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 663KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 7.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 241KB - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ