AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2982780b09b83d87d627e4eb8eced18f50b48b4eae02916e516b1ebacee5b24d.exe
Resource
win7-20231215-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2982780b09b83d87d627e4eb8eced18f50b48b4eae02916e516b1ebacee5b24d.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2982780b09b83d87d627e4eb8eced18f50b48b4eae02916e516b1ebacee5b24d
-
Size
8.3MB
-
MD5
83447bdacb2a308e5ea583d5ac917989
-
SHA1
c4e5696684983fdfbc7aa6e68a8041b55b6599a2
-
SHA256
2982780b09b83d87d627e4eb8eced18f50b48b4eae02916e516b1ebacee5b24d
-
SHA512
4f76ed911f343d040f65823c8186531a2953f1ea6c31f88fc37688c3f8c7d2dd8526b2f5b7612203bbd3023ea217988a27b61c1ff18537f521e502df23cccdac
-
SSDEEP
98304:+P0YapFWJDlERODBel8wlu6fdmuBzL5r9W:+P0TpFW3ERODBel8wlu6fdmuBn5r9W
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2982780b09b83d87d627e4eb8eced18f50b48b4eae02916e516b1ebacee5b24d
Files
-
2982780b09b83d87d627e4eb8eced18f50b48b4eae02916e516b1ebacee5b24d.exe windows:6 windows x86 arch:x86
bb92b0cb653fd2f7a734c2bdfde2ca9b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
entitiesmp
?CheckEntityVersion@@YAXXZ
kernel32
ReadFile
WriteFile
GetLastError
PeekNamedPipe
WaitNamedPipeW
GetCurrentProcessId
GetModuleFileNameW
lstrlenW
MultiByteToWideChar
GetCurrentDirectoryA
CreateFileA
DeleteFileA
GetModuleFileNameA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MoveFileA
GetSystemDefaultLangID
GetTickCount64
TerminateProcess
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
Process32First
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
OpenEventA
WaitForSingleObject
CreateEventA
FindFirstFileA
FindNextFileA
GetFullPathNameA
FindClose
SetCurrentDirectoryA
GetCurrentProcess
Sleep
CloseHandle
CreateToolhelp32Snapshot
LoadLibraryA
LoadLibraryExA
GetProcAddress
GetModuleHandleA
FreeLibrary
WriteProcessMemory
CreateFileW
Process32Next
InitializeCriticalSectionAndSpinCount
VirtualProtect
user32
MessageBoxA
RegisterClassExA
DefWindowProcA
DestroyWindow
CreateWindowExA
WindowFromPoint
GetWindowTextA
SetWindowPos
CreateDialogParamA
SetFocus
GetSystemMetrics
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
GetClientRect
GetWindowRect
FillRect
SetWindowLongA
GetDesktopWindow
LoadBitmapA
InvalidateRect
RegisterClassA
LoadCursorA
SetClassLongA
LoadIconA
ShowCursor
MessageBoxW
ChangeDisplaySettingsA
IsIconic
SendMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
ShowWindow
gdi32
BitBlt
GetObjectA
GetStockObject
GetDeviceCaps
DeleteObject
CreateCompatibleDC
DeleteDC
SelectObject
advapi32
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
msvcp140
_Thrd_id
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_current_owns
_Mtx_lock
_Mtx_unlock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_timedwait
_Cnd_broadcast
_Cnd_do_broadcast_at_thread_exit
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
_Thrd_join
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
_Xtime_get_ticks
engine
?TrimSpacesRight@CTString@@QAEJXZ
?RemovePrefix@CTString@@QAEHABV1@@Z
?Clear@CTString@@QAEXXZ
?RemReference@CEntity@@QAEXXZ
?AddReference@CEntity@@QAEXXZ
?MEM_MAlloc@@YAPAXI@Z
?g_bNoPlaySnd@@3HA
?g_fFramePerSecond@@3MA
?snd_iFormat@@3JA
?DiscordUpdateData@@3_NA
?DiscordImage@@3PADA
?DiscordLocation@@3PADA
?DiscordGuild@@3PADA
?DiscordLevel@@3HA
?DiscordNickName@@3PADA
?g_szExitError@@3PADA
?_pEntityClassStock@@3PAVCStock_CEntityClass@@A
?g_iCountry@@3JA
?g_bNasTrans@@3HA
?VerificationNksp@@3JA
?g_nmVER@@3VCTString@@A
?g_nmCID@@3VCTString@@A
?g_nmPW@@3VCTString@@A
?g_nmID@@3VCTString@@A
?g_bAutoLogin@@3HA
?sam_bWideScreen@@3JA
?sam_iGfxAPI@@3JA
?sam_iDisplayAdapter@@3JA
?sam_iDisplayDepth@@3JA
?sam_iScreenSizeJ@@3JA
?sam_iScreenSizeI@@3JA
?_pvpViewPortMain@@3PAVCViewPort@@A
?_pdpNormalMain@@3PAVCDrawPort@@A
?_pdpMain@@3PAVCDrawPort@@A
?_bClientApp@@3HA
?TranslateConst@@YAPBDPBDJ@Z
?_pSound@@3PAVCSoundLibrary@@A
?_pNetwork@@3PAVCEventLibrary@@A
?_pTimer@@3PAVCTimer@@A
?_strModExt@@3VCTString@@A
?_fnmApplicationPath@@3VCTFileName@@A
?CheckEngineVersion@@YAXXZ
?initialize@CWebAddress@@QAEXXZ
?End@cWeb@@QAEHXZ
?Begin@cWeb@@QAEHXZ
?SetNextStage@StageMgr@@QAEXW4eSTAGE@@0@Z
?Run@StageMgr@@QAEXXZ
?Create@StageMgr@@QAEXXZ
?getSingleton@?$CSingletonBase@VStageMgr@@@@SAPAVStageMgr@@XZ
?setVersion@CUILoginNew@@QAEXPBD@Z
?Create@GameDataManager@@QAEXXZ
?SetDesktopSize@CUIOption@@QAEXJJ@Z
?DestroyRenderTarget@CUIManager@@QAEXXZ
?InitRenderTarget@CUIManager@@QAEXHH@Z
?SetTitleName@CUIManager@@QAEXJHH@Z
?MsgProc@CUIManager@@QAEXPAUtagMSG@@PAH@Z
?GetMouseCursor@CUIManager@@QAEPAVCUIMouseCursor@@XZ
?AdjustUIPos@CUIManager@@QAEXPAVCDrawPort@@@Z
?ResetUIPos@CUIManager@@QAEXPAVCDrawPort@@@Z
?SetGameHandle@CUIManager@@QAEXPAVCGame@@@Z
?Create@CUIManager@@QAEXXZ
?Release@CStock_CEntityClass@@QAEXPAVCEntityClass@@@Z
?Obtain_t@CStock_CEntityClass@@QAEPAVCEntityClass@@ABVCTFileName@@@Z
?GetGameMode@CGameState@@QAEAAJXZ
?SE_Destroy_WebAddressPtr@@YAXXZ
?SE_Get_GameDataManagerPtr@@YAPAVGameDataManager@@XZ
?SE_Get_UIManagerPtr@@YAPAVCUIManager@@XZ
?SE_Get_WebAddressPtr@@YAPAVCWebAddress@@XZ
?SE_LoadDefaultFonts@@YAXXZ
?SE_EndEngine@@YAXXZ
?SE_InitEngine@@YAXVCTString@@@Z
?SwapBuffers@CViewPort@@QAEXH@Z
?UpdateSounds@CSoundLibrary@@QAEXXZ
?SetFormat@CSoundLibrary@@QAEXW4SoundFormat@1@H@Z
?SetVolume@CSoundObject@@QAEXMH@Z
?GetLine_t@CTStream@@QAEXAAVCTString@@D@Z
?GetValue@CShell@@QAE?AVCTString@@ABV2@@Z
?SetValue@CShell@@QAEXABVCTString@@0@Z
?CloseWebPage@cWeb@@QAEHPAUHWND__@@@Z
?_pfdDisplayFont@@3PAVCFontData@@A
?ExceptionFatalError@CTStream@@SAXXZ
??1CSoundObject@@QAE@XZ
??0CSoundObject@@QAE@XZ
?CheckWindowHack@CEventLibrary@@QAEHXZ
?CheckHacking@CEventLibrary@@QAEHXZ
?GameInactive@CEventLibrary@@QAEXXZ
?InitPos@CUIBase@@QAEXHHHH@Z
?Fill@CDrawPort@@QBEXK@Z
?Unlock@CDrawPort@@QAEXXZ
?Lock@CDrawPort@@QAEHXZ
?PutTexture@CDrawPort@@QBEXPAVCTextureObject@@ABV?$AABBox@J$01@@1KK@Z
?PutText@CDrawPort@@QBEXABVCTString@@JJK@Z
?SetTextShadow@CDrawPort@@QAEXM@Z
?SetTextAspect@CDrawPort@@QAEXM@Z
?SetTextScaling@CDrawPort@@QAEXM@Z
?SetFont@CDrawPort@@QAEXPAVCFontData@@@Z
?GetHeight@CDrawPort@@QBEJXZ
?GetWidth@CDrawPort@@QBEJXZ
?IsTripleHead@CDrawPort@@QAEHXZ
?IsDualHead@CDrawPort@@QAEHXZ
?MakeWideScreen@CDrawPort@@QAEXPAV1@@Z
??0CDrawPort@@QAE@PAV0@J@Z
??1CDrawPort@@QAE@XZ
??0CDrawPort@@QAE@XZ
?InitSEEDEncrypt@CLetterDispatchus@@SAXXZ
??1CTextureObject@@QAE@XZ
?SetData_t@CTextureObject@@QAEXABVCTFileName@@@Z
??0CTextureObject@@QAE@XZ
?Force@CTextureData@@QAEXK@Z
?GetPixWidth@CTextureData@@QBEJXZ
?GetWidth@CTextureData@@QBEJXZ
?Benchmark@CGfxLibrary@@QAEXPAVCViewPort@@PAVCDrawPort@@@Z
?DestroyWindowCanvas@CGfxLibrary@@QAEXPAVCViewPort@@@Z
?CreateWindowCanvas@CGfxLibrary@@QAEXPAXPAPAVCViewPort@@PAPAVCDrawPort@@@Z
?IsCurrentModeAccelerated@CGfxLibrary@@QAEHXZ
?ResetDisplayMode@CGfxLibrary@@QAEHW4GfxAPIType@@@Z
?LerpColor@@YAKKKM@Z
?IsWideScreen@CDisplayMode@@QAEHXZ
?IsTripleHead@CDisplayMode@@QAEHXZ
?IsDualHead@CDisplayMode@@QAEHXZ
?DepthString@CDisplayMode@@QBE?AVCTString@@XZ
??0CDisplayMode@@QAE@XZ
?GetHighPrecisionTimer@CTimer@@QAE?AVCTimerValue@@XZ
?GetRealTimeTick@CTimer@@QBEMXZ
?ExpandFilePath@@YAJKABVCTFileName@@AAV1@@Z
?OpenWebPage@cWeb@@QAEHPAUHWND__@@@Z
?ExceptionFilter@CTStream@@SAHKPAU_EXCEPTION_POINTERS@@@Z
?ClearStreamHandling@CTStream@@SAXXZ
?DisableStreamHandling@CTStream@@SAXXZ
?EnableStreamHandling@CTStream@@SAXXZ
?FileName@CTFileName@@QBE?AV1@XZ
?FileDir@CTFileName@@QBE?AV1@XZ
??0CTFileName@@QAE@PBDH@Z
?FinishTranslationTable@@YAXXZ
?AddTranslationTablesDir_t@@YAXABVCTFileName@@0@Z
?InitTranslation@@YAXXZ
?GetWindowsError@@YA?BVCTString@@K@Z
?ThrowF_t@@YAXPADZZ
?DeleteChars@CTString@@QAEXJJ@Z
?IsEqualCaseSensitive@CTString@@QBEHABV1@@Z
?TrimRight@CTString@@QAEJJ@Z
?FindSubstr@CTString@@QAEJABV1@@Z
?Length@CTString@@QBEJXZ
?g_web@@3VcWeb@@A
?_hDlgWeb@@3PAUHWND__@@A
?_hwndMain@@3PAUHWND__@@A
?_pGameState@@3PAVCGameState@@A
?sam_bFullScreenActive@@3JA
?_hInstanceMain@@3PAUHINSTANCE__@@A
?_bWindowChanging@@3HA
?UpdatePos@cWeb@@QAEXXZ
?SetWebDlgCallBack@cWeb@@QAEXP6GHPAUHWND__@@IIJ@Z@Z
?GetWebHandle@cWeb@@QAEPAUHWND__@@XZ
?SetWebDlgID@cWeb@@QAEXJ@Z
??0CTString@@QAE@XZ
??0CTString@@QAE@ABV0@@Z
??0CTString@@QAE@PBD@Z
??0CTString@@QAA@JPBDZZ
??1CTString@@QAE@XZ
??BCTString@@QBEPBDXZ
??4CTString@@QAEAAV0@PBD@Z
??4CTString@@QAEAAV0@ABV0@@Z
?TrimSpacesLeft@CTString@@QAEJXZ
??8CTString@@QBEHPBD@Z
??9CTString@@QBEHPBD@Z
??HCTString@@QBE?AV0@ABV0@@Z
??YCTString@@QAEAAV0@ABV0@@Z
??H@YA?AVCTString@@PBDABV0@@Z
?Split@CTString@@QAEXJAAV1@0@Z
?DeleteChar@CTString@@QAEXJ@Z
?ScanF@CTString@@QAAJPBDZZ
?Translate@@YAPADPADJ@Z
??4CTFileName@@QAEXABVCTString@@@Z
?_fnmMod@@3VCTFileName@@A
?_fnmCDPath@@3VCTFileName@@A
?_strLogFile@@3VCTString@@A
?cmd_iWindowLeft@@3JA
?cmd_iWindowTop@@3JA
?MEM_Free@@YAXPAX@Z
??8CTString@@QBEHABV0@@Z
?Matches@CTString@@QBEHABV1@@Z
?PrintF@CTString@@QAAJPBDZZ
?WarningMessage@@YAXPBDZZ
??0CListNode@@QAE@XZ
??1CListNode@@QAE@XZ
?IsTailMarker@CListNode@@QBEHXZ
?IterationSucc@CListNode@@QBEAAV1@XZ
??0CListHead@@QAE@XZ
?IterationHead@CListHead@@QBEAAVCListNode@@XZ
?AddTail@CListHead@@QAEXAAVCListNode@@@Z
??0CTFileName@@QAE@XZ
??0CTFileName@@QAE@ABVCTString@@@Z
??1CTFileName@@QAE@XZ
?AtEOF@CTStream@@QAEHXZ
?GetLine_t@CTStream@@QAEXPADJD@Z
??0CTFileStream@@QAE@XZ
??1CTFileStream@@UAE@XZ
?Open_t@CTFileStream@@QAEXABVCTFileName@@W4OpenMode@CTStream@@@Z
?CPrintF@@YAXPBDZZ
?DeclareSymbol@CShell@@QAEXABVCTString@@PAX@Z
?Execute@CShell@@QAEXABVCTString@@@Z
?_pShell@@3PAVCShell@@A
?_pGfx@@3PAVCGfxLibrary@@A
?FatalError@@YAXPBDZZ
?SE_UpdateWindowHandle@@YAXPAUHWND__@@0@Z
?Running@CGameState@@QAEAAHXZ
?QuitScreen@CGameState@@QAEAAHXZ
?IsWebHandle@cWeb@@QAEHXZ
?SetWebHandle@cWeb@@QAEXPAUHWND__@@@Z
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
vcruntime140
__std_exception_destroy
_CxxThrowException
__std_exception_copy
__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
strstr
strchr
__CxxFrameHandler3
__current_exception
__std_terminate
memcmp
memcpy
memset
memmove
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf
fputc
__stdio_common_vswprintf
__stdio_common_vfprintf
__stdio_common_vsscanf
__p__commode
_set_fmode
_get_stream_buffer_pointers
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fclose
fopen
fgetpos
fgetc
fflush
__acrt_iob_func
api-ms-win-crt-runtime-l1-1-0
_exit
exit
_initterm_e
_controlfp_s
_crt_atexit
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_register_thread_local_exe_atexit_callback
_crt_at_quick_exit
_register_onexit_function
_get_narrow_winmain_command_line
_c_exit
_set_app_type
_controlfp
_seh_filter_exe
_execute_onexit_table
_cexit
_beginthreadex
terminate
_initterm
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-string-l1-1-0
isspace
_strnicmp
_stricmp
strncpy
_strdup
api-ms-win-crt-time-l1-1-0
_time32
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
api-ms-win-crt-process-l1-1-0
_execv
api-ms-win-crt-heap-l1-1-0
_callnewh
_set_new_mode
malloc
free
api-ms-win-crt-math-l1-1-0
__setusermatherr
_except1
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
shlwapi
PathFileExistsA
PathAppendA
Exports
Exports
Sections
.text Size: 151KB - Virtual size: 151KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 221KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8.1MB - Virtual size: 8.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ