Static task
static1
Behavioral task
behavioral1
Sample
aaf5f3772585a22fffee469f415cf8ba9da697febcfb983f31d5ad6e19dd1413.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
aaf5f3772585a22fffee469f415cf8ba9da697febcfb983f31d5ad6e19dd1413.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
aaf5f3772585a22fffee469f415cf8ba9da697febcfb983f31d5ad6e19dd1413
-
Size
3.7MB
-
MD5
438b0d5e67ba9c90b4dbdf545fe8ff0c
-
SHA1
32d43b4098917e952a7d4a9740a3066fed9da98a
-
SHA256
aaf5f3772585a22fffee469f415cf8ba9da697febcfb983f31d5ad6e19dd1413
-
SHA512
aaad749cf96b5fafda6f1582ac5ebd7788be186a5ff3f667b0af109c6c5149fbd3d0c3e8f1147bc6a256dcf7c907a65b6d5748b477c4a8ceaf2fca4abfc2dc00
-
SSDEEP
49152:MZWVVqlrM/ARWbqhVxOp+xp3hVOYzTIz:TuVxOpYpiYzT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource aaf5f3772585a22fffee469f415cf8ba9da697febcfb983f31d5ad6e19dd1413
Files
-
aaf5f3772585a22fffee469f415cf8ba9da697febcfb983f31d5ad6e19dd1413.exe windows:5 windows x86 arch:x86
6b5c10b913af647946ba4e44773bb671
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mfc100u
ord7581
ord11877
ord2906
ord3012
ord5103
ord11801
ord14203
ord557
ord1081
ord1845
ord562
ord556
ord3945
ord3877
ord1708
ord1674
ord561
ord1346
ord1641
ord780
ord796
ord6080
ord11998
ord11940
ord7967
ord7529
ord12871
ord11999
ord2068
ord4511
ord6236
ord1176
ord867
ord1269
ord13434
ord2542
ord11374
ord1476
ord9232
ord9235
ord6869
ord891
ord1293
ord13956
ord7176
ord1990
ord1986
ord1895
ord13797
ord12753
ord7616
ord7131
ord7178
ord7203
ord12898
ord6891
ord6533
ord715
ord1592
ord345
ord923
ord11021
ord11235
ord2005
ord2457
ord4087
ord422
ord980
ord5563
ord3628
ord11494
ord1474
ord12151
ord723
ord6037
ord12061
ord6141
ord9328
ord5118
ord11845
ord11209
ord11240
ord9498
ord7391
ord11236
ord11228
ord5261
ord3416
ord13568
ord13571
ord13569
ord13572
ord13567
ord13570
ord7179
ord11469
ord13267
ord10976
ord14162
ord1739
ord7126
ord11864
ord3625
ord3684
ord8530
ord13387
ord7108
ord13381
ord11477
ord11476
ord2164
ord4744
ord13854
ord11784
ord7548
ord7624
ord7615
ord11923
ord10894
ord13029
ord8115
ord8345
ord7633
ord13116
ord11515
ord5830
ord293
ord7913
ord11682
ord1480
ord4478
ord1440
ord4205
ord11540
ord2184
ord11982
ord3428
ord320
ord2077
ord14206
ord4157
ord11568
ord1716
ord11665
ord4220
ord9237
ord1856
ord2020
ord3663
ord12762
ord10750
ord880
ord1282
ord7929
ord10647
ord6996
ord12945
ord4356
ord1734
ord13342
ord3703
ord6515
ord661
ord1130
ord6799
ord10721
ord12050
ord8384
ord11198
ord4388
ord7506
ord2382
ord3904
ord4269
ord13120
ord1776
ord8135
ord8089
ord13010
ord7605
ord11912
ord13244
ord10775
ord10350
ord1516
ord2303
ord3659
ord2329
ord7322
ord8142
ord8105
ord10172
ord2675
ord8425
ord8104
ord8110
ord3552
ord4006
ord13106
ord2806
ord2932
ord11747
ord7552
ord7629
ord7550
ord7631
ord12205
ord7239
ord7240
ord5112
ord11579
ord11547
ord7842
ord7835
ord3150
ord703
ord7845
ord7846
ord7850
ord3385
ord11790
ord5187
ord5150
ord12209
ord11659
ord2358
ord11794
ord7089
ord13198
ord11211
ord8000
ord10386
ord9434
ord10891
ord8226
ord8245
ord2313
ord3712
ord3725
ord1937
ord9073
ord8637
ord8642
ord8652
ord8019
ord4195
ord1786
ord3790
ord2911
ord8514
ord3890
ord8162
ord1695
ord12986
ord2316
ord8087
ord11887
ord7580
ord13065
ord658
ord1127
ord2805
ord2780
ord6289
ord2410
ord13366
ord3438
ord2618
ord7902
ord3751
ord8269
ord5882
ord1013
ord554
ord13306
ord1893
ord6899
ord13016
ord6373
ord430
ord985
ord863
ord1264
ord6722
ord8434
ord2765
ord9557
ord433
ord5600
ord10597
ord722
ord1175
ord11567
ord2477
ord10471
ord6035
ord12060
ord4440
ord4439
ord4441
ord4438
ord4437
ord11167
ord12608
ord5557
ord8070
ord8062
ord8659
ord5999
ord5397
ord6400
ord3753
ord8658
ord10160
ord10308
ord10305
ord8271
ord2338
ord11097
ord5326
ord5884
ord929
ord355
ord457
ord1006
ord6728
ord2773
ord4358
ord5652
ord3368
ord3248
ord13305
ord2942
ord2833
ord6109
ord1253
ord12745
ord7347
ord13391
ord5855
ord1143
ord681
ord1070
ord544
ord1126
ord657
ord1025
ord476
ord6733
ord1821
ord6413
ord5264
ord7914
ord7618
ord3846
ord12801
ord6870
ord921
ord5809
ord8266
ord2748
ord3749
ord7901
ord2617
ord3436
ord6325
ord10613
ord2440
ord2419
ord12217
ord13090
ord10733
ord1754
ord3713
ord13111
ord2735
ord7712
ord12163
ord13273
ord3570
ord3585
ord3198
ord2204
ord4821
ord13062
ord2342
ord7076
ord2920
ord6536
ord2759
ord13104
ord10293
ord4004
ord3550
ord12364
ord11600
ord8103
ord8137
ord8788
ord10501
ord2673
ord10171
ord13165
ord1805
ord2275
ord2936
ord2817
ord8106
ord8140
ord10192
ord12358
ord7320
ord3579
ord8838
ord7962
ord3553
ord11139
ord12117
ord5613
ord2736
ord4489
ord4484
ord1759
ord3647
ord2291
ord10346
ord2918
ord10131
ord10759
ord13243
ord2734
ord12946
ord7971
ord11899
ord7593
ord5640
ord13011
ord8088
ord8134
ord2893
ord11425
ord3584
ord3568
ord3913
ord2351
ord4819
ord4555
ord4824
ord2360
ord7399
ord6348
ord7392
ord7508
ord7418
ord7485
ord7351
ord4699
ord13369
ord11166
ord1506
ord1510
ord1517
ord4385
ord4423
ord4394
ord4406
ord4402
ord4398
ord4427
ord4418
ord4390
ord4432
ord4410
ord4377
ord4381
ord4415
ord12034
ord5832
ord10391
ord12948
ord10552
ord8432
ord6714
ord953
ord392
ord11838
ord12186
ord4802
ord8497
ord4808
ord12349
ord7249
ord1274
ord6125
ord5456
ord8276
ord2847
ord2946
ord3766
ord6089
msvcr100
_wcsnicmp
_vsnwprintf
_wmkdir
wcscat_s
_itoa_s
memchr
_wtoi
memmove
printf
??0exception@std@@QAE@ABV01@@Z
wprintf
_wtol
isdigit
toupper
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
free
_access
fopen_s
fwrite
fclose
??1exception@std@@UAE@XZ
setlocale
fopen
fgets
fputs
_lock_file
_unlock_file
fputc
ungetc
fgetc
_fseeki64
fgetpos
fsetpos
setvbuf
fflush
_recalloc
calloc
_endthread
_beginthread
wcsncpy_s
_wtof
malloc
_wcsicmp
__CxxFrameHandler3
_CxxThrowException
memset
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?what@exception@std@@UBEPBDXZ
wcscpy_s
memcpy_s
_purecall
vswprintf_s
realloc
fread
__iob_func
memcpy
strncpy
strchr
_errno
strstr
ftell
fseek
strncmp
_time64
tolower
strtoul
sscanf
strtol
strrchr
_stat64
qsort
atoi
strpbrk
sprintf
_beginthreadex
getenv
_getpid
_fstat64
_lseeki64
strcspn
strspn
strerror
__sys_nerr
_gmtime64
_strtoi64
isupper
feof
ferror
getc
fscanf_s
_wfopen
floor
_CIsqrt
wcsncpy
_swprintf
_CIacos
_CIcos
_CIfmod
_CIsin
ldiv
_CIatan2
longjmp
_setjmp3
__CxxLongjmpUnwind
_CIexp
_CIpow
rand
ceil
_CIlog
_cabs
_CIatan
fprintf
_strdup
_read
_write
_close
_open
??0exception@std@@QAE@ABQBD@Z
kernel32
IsProcessorFeaturePresent
GlobalSize
OutputDebugStringW
SizeofResource
LoadResource
LockResource
CreateFileA
GetFileSizeEx
FormatMessageA
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
ExpandEnvironmentStringsA
GetModuleHandleA
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
FreeLibrary
CreateThread
CopyFileW
ResetEvent
SetEvent
CreateEventW
LocalFree
LocalAlloc
lstrcpyW
WriteFile
ReadFile
lstrlenA
InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
LoadLibraryW
DeactivateActCtx
SetLastError
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
ResumeThread
GetLastError
SetThreadUILanguage
GetSystemDefaultLangID
GetModuleFileNameW
GetVersionExW
MultiByteToWideChar
RemoveDirectoryW
CloseHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
CreateFileW
SetFileAttributesW
DeleteFileW
CreateDirectoryW
GetDriveTypeW
WaitForSingleObject
Sleep
WideCharToMultiByte
lstrlenW
WinExec
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
lstrcpynW
GetPrivateProfileStringW
WritePrivateProfileStringW
ActivateActCtx
user32
wsprintfW
GetSysColor
GetWindowRect
MessageBoxW
UpdateWindow
ClientToScreen
GetCapture
DestroyCursor
DestroyMenu
SetRect
DestroyIcon
GetWindowLongW
GetNextDlgTabItem
SetCursor
WindowFromPoint
BringWindowToTop
TrackPopupMenuEx
CopyRect
OffsetRect
DrawStateW
GetIconInfo
CreateIconIndirect
ReleaseDC
SetWindowPos
FillRect
LoadIconW
InflateRect
FrameRect
GetAsyncKeyState
EnableMenuItem
SetDlgItemTextW
FindWindowExW
RedrawWindow
LoadImageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
SetRectEmpty
GetMessagePos
GetFocus
PostThreadMessageW
FindWindowW
DispatchMessageW
PeekMessageW
GetParent
PtInRect
GetDlgItem
GetSystemMetrics
LoadMenuW
InvalidateRect
GetDC
SetCursorPos
ScreenToClient
GetCursorPos
SetForegroundWindow
UnregisterHotKey
RegisterHotKey
KillTimer
SetTimer
MessageBoxExW
AppendMenuW
DeleteMenu
LoadCursorW
ReleaseCapture
ClipCursor
SetWindowRgn
SetCapture
GetMenuItemCount
ModifyMenuW
CheckMenuItem
GetSubMenu
GetClientRect
EnableWindow
PostMessageW
GetActiveWindow
SendMessageW
SetWindowLongW
DrawTextW
gdi32
GetDIBits
RealizePalette
CreateRectRgn
RestoreDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetDIBitsToDevice
SaveDC
CreateDIBPatternBrushPt
CreateSolidBrush
Arc
SetPixel
GetPixel
SetBkColor
CreateBitmap
CombineRgn
ExtCreateRegion
BitBlt
CreateDIBSection
StretchBlt
DPtoLP
RectVisible
GetTextMetricsW
Ellipse
GetStockObject
LineTo
MoveToEx
CreatePen
CreateFontIndirectW
GetObjectW
CreateFontW
PatBlt
DeleteObject
DeleteDC
StretchDIBits
SetStretchBltMode
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
TextOutW
GetTextExtentPoint32W
SetBkMode
SetTextColor
SetBrushOrgEx
advapi32
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegOpenKeyExW
shell32
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderLocation
comctl32
_TrackMouseEvent
InitCommonControlsEx
shlwapi
PathFileExistsW
StrCpyW
StrStrIW
ole32
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree
StringFromGUID2
CoInitialize
StgCreateDocfile
CoTaskMemAlloc
oleaut32
SysStringLen
SysFreeString
OleCreatePropertyFrame
GetErrorInfo
VariantInit
SysAllocString
SysAllocStringByteLen
VariantClear
CreateErrorInfo
SetErrorInfo
VariantChangeType
msvcp100
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xinvalid_argument@std@@YAXPBD@Z
_Stolx
??Bios_base@std@@QBEPAXXZ
?fail@ios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?width@ios_base@std@@QBE_JXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?uncaught_exception@std@@YA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flags@ios_base@std@@QBEHXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?width@ios_base@std@@QAE_J_J@Z
?setf@ios_base@std@@QAEHHH@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??Bid@locale@std@@QAEIXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_BADOFF@std@@3_JB
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1_Container_base12@std@@QAE@XZ
opencv_core249
cvCreateImageHeader
cvFlip
cvReleaseImage
cvReleaseImageHeader
cvSetData
cvCreateImage
opencv_highgui249
cvWriteFrame
cvReleaseVideoWriter
cvCreateVideoWriter
libxl
xlCreateBookW
ws2_32
gethostname
WSAStartup
ntohl
htonl
WSACleanup
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
socket
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
winmm
PlaySoundW
wldap32
ord22
ord41
ord46
ord211
ord217
ord143
ord50
ord26
ord30
ord200
ord32
ord35
ord79
ord33
ord301
ord27
ord60
ord45
crypt32
CertFreeCertificateChainEngine
CertFreeCertificateChain
CertGetNameStringA
CertGetCertificateChain
CertCreateCertificateChainEngine
CertFreeCertificateContext
CertCloseStore
CertFindCertificateInStore
CryptStringToBinaryA
CertOpenStore
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CryptQueryObject
normaliz
IdnToAscii
IdnToUnicode
setupapi
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
wlanapi
WlanOpenHandle
WlanEnumInterfaces
WlanQueryInterface
WlanFreeMemory
powrprof
PowerReadACDefaultIndex
PowerReadACValueIndex
PowerReadDCValueIndex
PowerWriteACDefaultIndex
PowerWriteACValueIndex
PowerWriteDCValueIndex
PowerGetActiveScheme
PowerSetActiveScheme
avcodec-58
av_init_packet
av_packet_unref
avcodec_alloc_context3
avcodec_find_decoder
avcodec_free_context
avcodec_open2
avcodec_parameters_to_context
avcodec_receive_frame
avcodec_register_all
avcodec_send_packet
avformat-58
av_read_frame
av_register_all
avformat_alloc_context
avformat_close_input
avformat_find_stream_info
avformat_network_init
avformat_open_input
avutil-56
av_frame_alloc
av_frame_free
av_image_fill_arrays
av_image_get_buffer_size
av_malloc
av_opt_set
swscale-5
sws_getContext
sws_scale
wtsapi32
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 237KB - Virtual size: 237KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ