gutil140[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

gutil140.zip
Size

473KB
MD5

676b27b51c72c144d4c7ebee6a8a9fb4
SHA1

376a625e54b358713d54d3f1d37dfb1cda585343
SHA256

f356810e233d4e49a87ca7df54004d273d8c70bef588a63e9346bcfcfc7018ca
SHA512

cd306cbfdb8caa0b0bdb463c3896b5112961206fea91ff198359efc401b7a1cec402959071fa17d4acee32bffdf5a53de2b4ba0850c51c3cb0d8c4ae8a578568
SSDEEP

12288:bxUiVgE95AVlwYsAE79DYNubV5sR0TaF7qW:bxClwYU7iuX20TakW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/gutil140.dll

Files

gutil140.zip
.zip
README.txt
gutil140.dll
.dll windows:6 windows x64 arch:x64

776f469f176cf76ac1a2faebf8073e68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ebase

eb_open_database
eb_close_database
eb_open_table
eb_close_table
eb_lookup_keys
eb_lookup_recno
eb_free_result_set
eb_get_table_descr
eb_free_table_descr
eb_get_error

eprxx140

??0?$basic_string_ref@D@epr@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$basic_string_ref@D@epr@@QEAA@XZ
?strtod128@decimal@epr@@YA?AVdecimal128@12@PEBDPEAPEBD@Z
?strtod64@decimal@epr@@YA?AVdecimal64@12@PEBDPEAPEBD@Z
?make_decimal32@decimal@epr@@YA?AVdecimal32@12@_KH@Z
??0?$basic_string_ref@D@epr@@QEAA@PEBD_K@Z
?length@?$basic_string_ref@D@epr@@QEBA_KXZ
?empty@?$basic_string_ref@D@epr@@QEBA_NXZ
?data@?$basic_string_ref@D@epr@@QEBAPEBDXZ
??6epr@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AEAV12@V?$basic_string_ref@D@0@@Z
?to_string@decimal@epr@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBVdecimal32@12@H@Z
?to_string@decimal@epr@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBVdecimal64@12@H@Z
?to_string@decimal@epr@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBVdecimal128@12@H@Z
?size@?$basic_string_ref@D@epr@@QEBA_KXZ
??A?$basic_string_ref@D@epr@@QEBAAEBD_K@Z

epr

eprConvertText
eprCloseTextCodec
eprOpenTextCodec
eprDoubleToDec128
eprDoubleToDec64
eprDoubleToDec32
eprFloatToDec128
eprFloatToDec64
eprFloatToDec32
eprDec128ToDouble
eprDec128ToFloat
eprDec128ToDec64
eprDec128ToDec32
eprDec64ToDouble
eprDec64ToFloat
eprDec64ToDec128
eprGetLocaleParam
eprDec32ToDouble
eprDec32ToFloat
eprDec32ToDec128
eprDec32ToDec64
eprWrite
eprSeek
eprClose
eprOpenFile
eprStrError
eprDec64ToDec32
eprUTF8ToLocale
eprLocaleToUTF8
eprGetSymbolAddress
eprCloseDSO
eprOpenDSO
eprGetDSOSuffix
eprGetDSOPrefix
eprStrDup
eprFree

vcruntime140

__std_type_info_destroy_list
_purecall
__std_terminate
memmove
__intrinsic_setjmp
__vcrt_InitializeCriticalSectionEx
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memcmp
memcpy
memchr
strchr
memset
__RTDynamicCast
longjmp
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_getpid
_initterm_e
_initterm
_cexit
_invalid_parameter_noinfo_noreturn
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_errno
_invalid_parameter_noinfo
abort
exit
strerror

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
fread
_get_stream_buffer_pointers
__stdio_common_vsprintf
fclose
fflush
fgetc
__stdio_common_vsprintf_s
fgetpos
_getcwd
getchar
fopen
_open_osfhandle
fputc
fsetpos
ungetc
setvbuf
fwrite
_fseeki64

api-ms-win-crt-filesystem-l1-1-0

remove
_stat64i32
rename
_lock_file
_unlock_file
_access
_unlink
_chdir
_mkdir
_rmdir

api-ms-win-crt-math-l1-1-0

acos
asin
atan
_fdopen
pow
atan2
ceil
cos
cosh
exp
floor
_fdtest
log
log10
sin
_dtest
sinh
sqrt
tan
tanh
modf
sinf
powf
floorf
ceilf
roundf
nextafterf
round
fmod
sqrtf
frexp

api-ms-win-crt-string-l1-1-0

isalpha
toupper
strncat
strcmp
strcspn
isalnum
strncmp
strspn
isupper
islower
isxdigit
isspace
tolower
_stricmp
_strnicmp

api-ms-win-crt-time-l1-1-0

_mktime64
_time64
_utime64
_localtime64

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-heap-l1-1-0

free
calloc
_callnewh
malloc

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-convert-l1-1-0

_fcvt
atof
atol
atoi
strtol
strtoul

msvcp140

??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??0_Lockit@std@@QEAA@H@Z
?_BADOFF@std@@3_JB
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?toupper@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?id@?$numpunct@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Incref@facet@locale@std@@UEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IEAAXPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??1_Lockit@std@@QEAA@XZ
?widen@?$ctype@D@std@@QEBAPEBDPEBD0PEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?classic@locale@std@@SAAEBV12@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Getcvt
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@PEAV32@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?sgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEAD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

kernel32

GetLastError
FormatMessageA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
GetFileAttributesA
GetFullPathNameA
GetVersionExA
CreateDirectoryA
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ExitProcess
FlushFileBuffers
SetEndOfFile
GetFileSize
SetFilePointer
FatalAppExitA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
WaitForSingleObject
CreatePipe
CloseHandle
WriteFile
ReadFile
SetEnvironmentVariableA
GetSystemTimeAsFileTime
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
GetCurrentProcessId
FindNextFileA
LocalFree

user32

PeekMessageA
MessageBoxA
OemToCharA
WaitForInputIdle

Exports

Exports

??0BiCubicScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@II@Z
??0BiCubicScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0ColorBoundsFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@@Z
??0EntryIterator@GArReader@@QEAA@AEBV01@@Z
??0EntryIterator@GArReader@@QEAA@V?$_Tree_const_iterator@V?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAVGArEntry@@@std@@@std@@@std@@@std@@@Z
??0EntryIterator@GArReader@@QEAA@XZ
??0EntryIterator@GZipReader@@QEAA@AEBV01@@Z
??0EntryIterator@GZipReader@@QEAA@V?$_Tree_const_iterator@V?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAVGZipEntry@@@std@@@std@@@std@@@std@@@Z
??0EntryIterator@GZipReader@@QEAA@XZ
??0ErrorHandler@GRpnEval@@QEAA@AEBV01@@Z
??0ErrorHandler@GRpnEval@@QEAA@XZ
??0FadeBorderFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@I@Z
??0FilteredImageSource@g2d@generic@egr@@QEAA@W4PixelFormat@123@PEAVImageSource@123@@Z
??0G2DError@g2d@generic@egr@@QEAA@AEBV0123@@Z
??0G2DError@g2d@generic@egr@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0G2DError@g2d@generic@egr@@QEAA@PEBD@Z
??0GArEntry@@QEAA@AEBV0@@Z
??0GArEntry@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@KI@Z
??0GArReader@@QEAA@AEBV0@@Z
??0GArReader@@QEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@_N@Z
??0GArReader@@QEAA@XZ
??0GAssertionError@@QEAA@AEBV0@@Z
??0GAssertionError@@QEAA@PEBD0H0@Z
??0GCRC128@@QEAA@XZ
??0GCRC32@@QEAA@XZ
??0GCRC64@@QEAA@XZ
??0GChecksum@@IEAA@XZ
??0GChecksum@@QEAA@AEBV0@@Z
??0GColor24@@QEAA@HHH@Z
??0GColor24@@QEAA@XZ
??0GColorRGB@@QEAA@MMM@Z
??0GColorRGB@@QEAA@QEBM@Z
??0GColorRGB@@QEAA@XZ
??0GColorRGBA@@QEAA@AEBVGColorRGB@@M@Z
??0GColorRGBA@@QEAA@MMMM@Z
??0GColorRGBA@@QEAA@XZ
??0GConfigFile@@QEAA@AEBV0@@Z
??0GConfigFile@@QEAA@XZ
??0GConfigSection@@QEAA@AEBV0@@Z
??0GConfigSection@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GDbDatabase@@IEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GDbDatabase@@QEAA@AEBV0@@Z
??0GDbDbFactory@@QEAA@AEBV0@@Z
??0GDbDbFactory@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GDbField@@QEAA@AEBV0@@Z
??0GDbField@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4GDbFieldType@@HH_N2@Z
??0GDbField@@QEAA@XZ
??0GDbIndex@@QEAA@AEBV0@@Z
??0GDbIndex@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_N1@Z
??0GDbIndex@@QEAA@XZ
??0GDbKey@@QEAA@AEBV0@@Z
??0GDbKey@@QEAA@HH@Z
??0GDbKey@@QEAA@HI@Z
??0GDbKey@@QEAA@HN@Z
??0GDbKey@@QEAA@HPEBD@Z
??0GDbKey@@QEAA@XZ
??0GDbRecord@@QEAA@XZ
??0GDbRecord@@QEAA@_NHPEAW4GDbFieldType@@PEAPEAX@Z
??0GDbRecordSet@@QEAA@AEBV0@@Z
??0GDbRecordSet@@QEAA@XZ
??0GDbStructure@@QEAA@AEBV0@@Z
??0GDbStructure@@QEAA@_NI@Z
??0GDbTable@@IEAA@PEAVGDbDatabase@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GDbTable@@QEAA@AEBV0@@Z
??0GDbTransactionHandler@@QEAA@AEBV0@@Z
??0GDbTransactionHandler@@QEAA@XZ
??0GDirectory@@QEAA@AEBV0@@Z
??0GDirectory@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GDirectory@@QEAA@XZ
??0GDynaLib@@QEAA@AEBV0@@Z
??0GDynaLib@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GFile@@QEAA@AEBV0@@Z
??0GFile@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GFile@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??0GFileObject@@QEAA@AEBV0@@Z
??0GFileObject@@QEAA@XZ
??0GFileTypeError@@QEAA@AEBV0@@Z
??0GFileTypeError@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GFileTypeError@@QEAA@PEBD@Z
??0GFloatObj@@AEAA@AEBV0@@Z
??0GFloatObj@@QEAA@N@Z
??0GFloatObj@@QEAA@XZ
??0GGZCompress@@QEAA@AEAV?$basic_istream@DU?$char_traits@D@std@@@std@@@Z
??0GIOError@@QEAA@AEBV0@@Z
??0GIOError@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GIOError@@QEAA@PEBD@Z
??0GIStream@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@std@@_N@Z
??0GIZipStream@@QEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@I@Z
??0GIntegerObj@@AEAA@AEBV0@@Z
??0GIntegerObj@@QEAA@H@Z
??0GIntegerObj@@QEAA@XZ
??0GListObj@@AEAA@AEBV0@@Z
??0GListObj@@QEAA@XZ
??0GLogicError@@QEAA@AEBV0@@Z
??0GLogicError@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GLogicError@@QEAA@PEBD@Z
??0GMD5Checker@@QEAA@XZ
??0GMaterialFormatter@@QEAA@PEAVGMaterialProxy@@D@Z
??0GMaterialZip@@QEAA@AEBV0@@Z
??0GMaterialZip@@QEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@_N@Z
??0GMaterialZip@@QEAA@PEBDI@Z
??0GMaterialZip@@QEAA@XZ
??0GMemStreamBuf@@QEAA@AEBV0@@Z
??0GMemStreamBuf@@QEAA@I@Z
??0GMurmurHash2A_64@@QEAA@_K@Z
??0GMurmurHash3_128@@QEAA@_K@Z
??0GMurmurHash3_32@@QEAA@I@Z
??0GNameObj@@AEAA@AEBV0@@Z
??0GNameObj@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GNotImplementedError@@QEAA@AEBV0@@Z
??0GNotImplementedError@@QEAA@PEBD@Z
??0GNumberObj@@QEAA@XZ
??0GOMemStream@@QEAA@I@Z
??0GOMemStream@@QEAA@I_N@Z
??0GOZipStream@@QEAA@PEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@HI@Z
??0GObject@@QEAA@XZ
??0GOutOfRangeError@@QEAA@AEBV0@@Z
??0GOutOfRangeError@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
??0GOutOfRangeError@@QEAA@PEBD_K@Z
??0GOutput@@QEAA@AEBV0@@Z
??0GOutput@@QEAA@XZ
??0GPalette@@QEAA@H@Z
??0GPalette@@QEAA@PEBVGColorRGB@@HH@Z
??0GPalette@@QEAA@QEAY02MHH@Z
??0GParseError@@QEAA@AEBV0@@Z
??0GParseError@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
??0GParseError@@QEAA@PEBD_K@Z
??0GProcess@@QEAA@AEBV0@@Z
??0GProcess@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N11@Z
??0GRegExp@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4GRegExpOption@@@Z
??0GRpnErrMsg@@QEAA@XZ
??0GRpnEval@@QEAA@AEBV0@@Z
??0GRpnEval@@QEAA@XZ
??0GRpnExternFuncs@@QEAA@AEBV0@@Z
??0GRpnExternFuncs@@QEAA@XZ
??0GRpnParamSet@@QEAA@AEBV0@@Z
??0GRpnParamSet@@QEAA@XZ
??0GRpnString@@QEAA@AEBV0@@Z
??0GRpnString@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
??0GRpnString@@QEAA@PEBD_N@Z
??0GRpnString@@QEAA@_N@Z
??0GRpnValue@@QEAA@AEBV0@@Z
??0GRpnValue@@QEAA@N@Z
??0GRpnValue@@QEAA@PEAVGRpnString@@@Z
??0GRpnValue@@QEAA@PEAVGRpnVector@@@Z
??0GRpnValue@@QEAA@XZ
??0GRpnVector@@QEAA@AEBV0@@Z
??0GRpnVector@@QEAA@XZ
??0GRuntimeError@@QEAA@AEBV0@@Z
??0GRuntimeError@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GRuntimeError@@QEAA@PEBD@Z
??0GSequenceObj@@QEAA@XZ
??0GSqlDatabase@@IEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GSqlDatabase@@QEAA@AEBV0@@Z
??0GSqlError@@QEAA@AEBV0@@Z
??0GSqlError@@QEAA@W4GDbStatus@@@Z
??0GSqlError@@QEAA@W4GDbStatus@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GSqlError@@QEAA@XZ
??0GSqlQuery@@QEAA@AEBV0@@Z
??0GSqlQuery@@QEAA@PEAVGSqlDatabase@@@Z
??0GSqlQuery@@QEAA@PEAVGSqlDatabase@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GSqlQuery@@QEAA@XZ
??0GStopWatch@@QEAA@AEBV0@@Z
??0GStopWatch@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
??0GStreamBuf@@QEAA@$$QEAV0@@Z
??0GStreamBuf@@QEAA@AEBV0@@Z
??0GStreamBuf@@QEAA@XZ
??0GStringObj@@AEAA@AEBV0@@Z
??0GStringObj@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GStringObj@@QEAA@PEBD@Z
??0GStringObj@@QEAA@PEBD_K@Z
??0GStringObj@@QEAA@XZ
??0GSymbolObj@@AEAA@AEBV0@@Z
??0GSymbolObj@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GSymbolObj@@QEAA@PEBD@Z
??0GSymbolObj@@QEAA@PEBD_K@Z
??0GSystemOutput@@QEAA@$$QEAV0@@Z
??0GSystemOutput@@QEAA@AEBV0@@Z
??0GSystemOutput@@QEAA@XZ
??0GTime@@QEAA@JJ@Z
??0GTime@@QEAA@XZ
??0GVectorObj@@AEAA@AEBV0@@Z
??0GVectorObj@@QEAA@XZ
??0GWriteableConfigFile@@QEAA@AEBV0@@Z
??0GWriteableConfigFile@@QEAA@XZ
??0GWriteableConfigSection@@QEAA@AEBV0@@Z
??0GWriteableConfigSection@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GZipBase@@QEAA@AEBV0@@Z
??0GZipBase@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0GZipBase@@QEAA@XZ
??0GZipEntry@@QEAA@AEBV0@@Z
??0GZipEntry@@QEAA@XZ
??0GZipReader2@@QEAA@AEBV0@@Z
??0GZipReader2@@QEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@_N@Z
??0GZipReader2@@QEAA@XZ
??0GZipReader@@QEAA@AEBV0@@Z
??0GZipReader@@QEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@_N@Z
??0GZipReader@@QEAA@XZ
??0GZipStreamBuf@@QEAA@AEBV0@@Z
??0GZipStreamBuf@@QEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@I@Z
??0GZipStreamBuf@@QEAA@PEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@HI@Z
??0GZipWriter2@@QEAA@$$QEAV0@@Z
??0GZipWriter2@@QEAA@AEBV0@@Z
??0GZipWriter2@@QEAA@PEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@_N@Z
??0GZipWriter2@@QEAA@XZ
??0GZipWriter@@QEAA@AEBV0@@Z
??0GZipWriter@@QEAA@PEAV?$basic_ostream@DU?$char_traits@D@std@@@std@@_N@Z
??0GZipWriter@@QEAA@XZ
??0HSVGammaFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0ImageFilter@g2d@generic@egr@@IEAA@PEAVImageSink@123@@Z
??0ImageOutputSink@g2d@generic@egr@@QEAA@PEAVGImage@@@Z
??0ImageReader@g2d@generic@egr@@IEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@_N@Z
??0ImageSink@g2d@generic@egr@@IEAA@XZ
??0ImageSource@g2d@generic@egr@@IEAA@XZ
??0ImageWriteError@g2d@generic@egr@@QEAA@AEBV0123@@Z
??0ImageWriteError@g2d@generic@egr@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0ImageWriteError@g2d@generic@egr@@QEAA@PEBD@Z
??0Input@GZipWriter@@QEAA@AEBV01@@Z
??0Input@GZipWriter@@QEAA@XZ
??0InvalidFilterArgument@g2d@generic@egr@@QEAA@AEBV0123@@Z
??0InvalidFilterArgument@g2d@generic@egr@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0InvalidFilterArgument@g2d@generic@egr@@QEAA@PEBD@Z
??0Lanczos2ScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@II@Z
??0Lanczos2ScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0LevelFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0Line@g2d@generic@egr@@QEAA@$$QEAV0123@@Z
??0Line@g2d@generic@egr@@QEAA@W4PixelFormat@123@I@Z
??0Line@g2d@generic@egr@@QEAA@XZ
??0LinearScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@II@Z
??0LinearScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0LinearToSRGBFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@@Z
??0Output@GZipReader@@QEAA@AEBV01@@Z
??0Output@GZipReader@@QEAA@_N@Z
??0PNGError@g2d@generic@egr@@QEAA@AEBV0123@@Z
??0PNGError@g2d@generic@egr@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0PNGReader@g2d@generic@egr@@AEAA@PEAV?$basic_istream@DU?$char_traits@D@std@@@std@@_N@Z
??0PixelFormatFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@W4PixelFormat@123@AEBVGColorRGB@@@Z
??0RGBGammaFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0ResamplingFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@I@Z
??0ScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@II@Z
??0ScaleFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@M@Z
??0ShadowMapFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@PEAVImageSource@123@1@Z
??0Timer@GStopWatch@@QEAA@PEAV1@@Z
??0TransparencyCorrectionFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@AEBVGColorRGB@@@Z
??0UInt8OutputFilter@g2d@generic@egr@@QEAA@PEAVImageSink@123@@Z
??1BiCubicScaleFilter@g2d@generic@egr@@UEAA@XZ
??1ColorBoundsFilter@g2d@generic@egr@@MEAA@XZ
??1EntryIterator@GZipReader@@QEAA@XZ
??1ErrorHandler@GRpnEval@@UEAA@XZ
??1FadeBorderFilter@g2d@generic@egr@@MEAA@XZ
??1FilteredImageSource@g2d@generic@egr@@MEAA@XZ
??1G2DError@g2d@generic@egr@@UEAA@XZ
??1GArEntry@@QEAA@XZ
??1GArReader@@QEAA@XZ
??1GAssertionError@@UEAA@XZ
??1GChecksum@@UEAA@XZ
??1GConfigFile@@UEAA@XZ
??1GConfigSection@@UEAA@XZ
??1GDbDatabase@@UEAA@XZ
??1GDbDbFactory@@UEAA@XZ
??1GDbField@@QEAA@XZ
??1GDbIndex@@QEAA@XZ
??1GDbKey@@QEAA@XZ
??1GDbRecord@@IEAA@XZ
??1GDbRecordSet@@UEAA@XZ
??1GDbStructure@@QEAA@XZ
??1GDbTable@@UEAA@XZ
??1GDbTransactionHandler@@MEAA@XZ
??1GDirectory@@QEAA@XZ
??1GDynaLib@@QEAA@XZ
??1GFile@@UEAA@XZ
??1GFileObject@@UEAA@XZ
??1GFileTypeError@@UEAA@XZ
??1GFloatObj@@UEAA@XZ
??1GIOError@@UEAA@XZ
??1GIStream@@UEAA@XZ
??1GIZipStream@@UEAA@XZ
??1GIntegerObj@@UEAA@XZ
??1GListObj@@UEAA@XZ
??1GLogicError@@UEAA@XZ
??1GMD5Checker@@QEAA@XZ
??1GMaterialZip@@QEAA@XZ
??1GMemStreamBuf@@UEAA@XZ
??1GNameObj@@UEAA@XZ
??1GNotImplementedError@@UEAA@XZ
??1GNumberObj@@UEAA@XZ
??1GOMemStream@@UEAA@XZ
??1GOZipStream@@UEAA@XZ
??1GObject@@UEAA@XZ
??1GOutOfRangeError@@UEAA@XZ
??1GOutput@@UEAA@XZ
??1GPalette@@QEAA@XZ
??1GParseError@@UEAA@XZ
??1GProcess@@UEAA@XZ
??1GRegExp@@QEAA@XZ
??1GRpnErrMsg@@QEAA@XZ
??1GRpnEval@@QEAA@XZ
??1GRpnExternFuncs@@MEAA@XZ
??1GRpnParamSet@@MEAA@XZ
??1GRpnString@@IEAA@XZ
??1GRpnValue@@QEAA@XZ
??1GRpnVector@@IEAA@XZ
??1GRuntimeError@@UEAA@XZ
??1GSequenceObj@@UEAA@XZ
??1GSqlDatabase@@UEAA@XZ
??1GSqlError@@QEAA@XZ
??1GSqlQuery@@QEAA@XZ
??1GStopWatch@@QEAA@XZ
??1GStreamBuf@@UEAA@XZ
??1GStringObj@@UEAA@XZ
??1GSymbolObj@@UEAA@XZ
??1GSystemOutput@@UEAA@XZ
??1GVectorObj@@UEAA@XZ
??1GWriteableConfigFile@@UEAA@XZ
??1GWriteableConfigSection@@UEAA@XZ
??1GZipBase@@UEAA@XZ
??1GZipEntry@@UEAA@XZ
??1GZipReader2@@UEAA@XZ
??1GZipReader@@UEAA@XZ
??1GZipStreamBuf@@UEAA@XZ
??1GZipWriter2@@UEAA@XZ
??1GZipWriter@@UEAA@XZ
??1HSVGammaFilter@g2d@generic@egr@@MEAA@XZ
??1ImageFilter@g2d@generic@egr@@MEAA@XZ
??1ImageOutputSink@g2d@generic@egr@@MEAA@XZ
??1ImageReader@g2d@generic@egr@@MEAA@XZ
??1ImageSink@g2d@generic@egr@@MEAA@XZ
??1ImageSource@g2d@generic@egr@@MEAA@XZ
??1ImageWriteError@g2d@generic@egr@@UEAA@XZ
??1Input@GZipWriter@@UEAA@XZ
??1InvalidFilterArgument@g2d@generic@egr@@UEAA@XZ
??1Lanczos2ScaleFilter@g2d@generic@egr@@UEAA@XZ
??1LevelFilter@g2d@generic@egr@@MEAA@XZ
??1Line@g2d@generic@egr@@QEAA@XZ
??1LinearScaleFilter@g2d@generic@egr@@UEAA@XZ
??1LinearToSRGBFilter@g2d@generic@egr@@MEAA@XZ
??1Output@GZipReader@@UEAA@XZ
??1PNGError@g2d@generic@egr@@UEAA@XZ
??1PNGReader@g2d@generic@egr@@MEAA@XZ
??1PixelFormatFilter@g2d@generic@egr@@MEAA@XZ
??1RGBGammaFilter@g2d@generic@egr@@MEAA@XZ
??1ResamplingFilter@g2d@generic@egr@@MEAA@XZ
??1ScaleFilter@g2d@generic@egr@@MEAA@XZ
??1ShadowMapFilter@g2d@generic@egr@@MEAA@XZ
??1Timer@GStopWatch@@QEAA@XZ
??1TransparencyCorrectionFilter@g2d@generic@egr@@MEAA@XZ
??1UInt8OutputFilter@g2d@generic@egr@@MEAA@XZ
??2GRpnString@@SAPEAX_K@Z
??2GRpnVector@@SAPEAX_K@Z
??3GRpnString@@SAXPEAX@Z
??3GRpnVector@@SAXPEAX@Z
??4EntryIterator@GArReader@@QEAAAEAV01@AEBV01@@Z
??4EntryIterator@GZipReader@@QEAAAEAV01@AEBV01@@Z
??4ErrorHandler@GRpnEval@@QEAAAEAV01@AEBV01@@Z
??4G2DError@g2d@generic@egr@@QEAAAEAV0123@AEBV0123@@Z
??4GArEntry@@QEAAAEAV0@AEBV0@@Z
??4GArReader@@QEAAAEAV0@AEBV0@@Z
??4GAssertionError@@QEAAAEAV0@AEBV0@@Z
??4GBase64@@QEAAAEAV0@$$QEAV0@@Z
??4GBase64@@QEAAAEAV0@AEBV0@@Z
??4GCRC128@@QEAAAEAV0@$$QEAV0@@Z
??4GCRC128@@QEAAAEAV0@AEBV0@@Z
??4GCRC32@@QEAAAEAV0@$$QEAV0@@Z
??4GCRC32@@QEAAAEAV0@AEBV0@@Z
??4GCRC64@@QEAAAEAV0@$$QEAV0@@Z
??4GCRC64@@QEAAAEAV0@AEBV0@@Z
??4GChecksum@@QEAAAEAV0@AEBV0@@Z
??4GColor24@@QEAAAEAV0@$$QEAV0@@Z
??4GColor24@@QEAAAEAV0@AEBV0@@Z
??4GColorRGB@@QEAAAEAV0@AEBV0@@Z
??4GColorRGBA@@QEAAAEAV0@AEBV0@@Z
??4GConfigFile@@QEAAAEAV0@AEBV0@@Z
??4GConfigSection@@QEAAAEAV0@AEBV0@@Z
??4GDbDatabase@@QEAAAEAV0@AEBV0@@Z
??4GDbDbFactory@@QEAAAEAV0@AEBV0@@Z
??4GDbField@@QEAAAEAV0@AEBV0@@Z
??4GDbIndex@@QEAAAEAV0@AEBV0@@Z
??4GDbKey@@QEAAAEAV0@AEBV0@@Z
??4GDbRecord@@QEAAAEAV0@AEBV0@@Z
??4GDbRecordSet@@QEAAAEAV0@AEBV0@@Z
??4GDbStructure@@QEAAAEAV0@AEBV0@@Z
??4GDbTable@@QEAAAEAV0@AEBV0@@Z
??4GDbTransactionHandler@@QEAAAEAV0@AEBV0@@Z
??4GDirectory@@QEAAAEAV0@AEBV0@@Z
??4GDynaLib@@QEAAAEAV0@AEBV0@@Z
??4GFile@@QEAAAEAV0@AEBV0@@Z
??4GFileObject@@QEAAAEAV0@AEBV0@@Z
??4GFileTypeError@@QEAAAEAV0@AEBV0@@Z
??4GIOError@@QEAAAEAV0@AEBV0@@Z
??4GLogicError@@QEAAAEAV0@AEBV0@@Z
??4GMD5Checker@@QEAAAEAV0@AEBV0@@Z
??4GMaterialFormatter@@QEAAAEAV0@$$QEAV0@@Z
??4GMaterialFormatter@@QEAAAEAV0@AEBV0@@Z
??4GMaterialZip@@QEAAAEAV0@AEBV0@@Z
??4GMemStreamBuf@@QEAAAEAV0@AEBV0@@Z
??4GMurmurHash2A_64@@QEAAAEAV0@$$QEAV0@@Z
??4GMurmurHash2A_64@@QEAAAEAV0@AEBV0@@Z
??4GMurmurHash3_128@@QEAAAEAV0@$$QEAV0@@Z
??4GMurmurHash3_128@@QEAAAEAV0@AEBV0@@Z
??4GMurmurHash3_32@@QEAAAEAV0@$$QEAV0@@Z
??4GMurmurHash3_32@@QEAAAEAV0@AEBV0@@Z
??4GNotImplementedError@@QEAAAEAV0@AEBV0@@Z
??4GOutOfRangeError@@QEAAAEAV0@AEBV0@@Z
??4GOutput@@QEAAAEAV0@AEBV0@@Z
??4GPalette@@QEAAAEAV0@AEBV0@@Z
??4GParseError@@QEAAAEAV0@AEBV0@@Z
??4GProcess@@QEAAAEAV0@AEBV0@@Z
??4GRpnErrMsg@@QEAAAEAV0@AEBV0@@Z
??4GRpnEval@@QEAAAEAV0@AEBV0@@Z
??4GRpnExternFuncs@@QEAAAEAV0@AEBV0@@Z
??4GRpnParamSet@@QEAAAEAV0@AEBV0@@Z
??4GRpnString@@QEAAAEAV0@AEBV0@@Z
??4GRpnValue@@QEAAAEAV0@AEBV0@@Z
??4GRpnVector@@QEAAAEAV0@AEBV0@@Z
??4GRuntimeError@@QEAAAEAV0@AEBV0@@Z
??4GSqlDatabase@@QEAAAEAV0@AEBV0@@Z
??4GSqlError@@QEAAAEAV0@AEBV0@@Z
??4GSqlQuery@@QEAAAEAV0@AEBV0@@Z
??4GStopWatch@@QEAAAEAV0@AEBV0@@Z
??4GStreamBuf@@QEAAAEAV0@$$QEAV0@@Z
??4GStreamBuf@@QEAAAEAV0@AEBV0@@Z
??4GSystemOutput@@QEAAAEAV0@$$QEAV0@@Z
??4GSystemOutput@@QEAAAEAV0@AEBV0@@Z
??4GTime@@QEAAAEAV0@$$QEAV0@@Z
??4GTime@@QEAAAEAV0@AEBV0@@Z
??4GWriteableConfigFile@@QEAAAEAV0@AEBV0@@Z
??4GWriteableConfigSection@@QEAAAEAV0@AEBV0@@Z
??4GZipBase@@QEAAAEAV0@AEBV0@@Z
??4GZipEntry@@QEAAAEAV0@AEBV0@@Z
??4GZipReader2@@QEAAAEAV0@AEBV0@@Z
??4GZipReader@@QEAAAEAV0@AEBV0@@Z
??4GZipStreamBuf@@QEAAAEAV0@AEBV0@@Z
??4GZipWriter2@@QEAAAEAV0@$$QEAV0@@Z
??4GZipWriter2@@QEAAAEAV0@AEBV0@@Z
??4GZipWriter@@QEAAAEAV0@AEBV0@@Z
??4ImageWriteError@g2d@generic@egr@@QEAAAEAV0123@AEBV0123@@Z
??4Input@GZipWriter@@QEAAAEAV01@AEBV01@@Z
??4InvalidFilterArgument@g2d@generic@egr@@QEAAAEAV0123@AEBV0123@@Z
??4LUT@g2d@generic@egr@@QEAAAEAV0123@$$QEAV0123@@Z
??4LUT@g2d@generic@egr@@QEAAAEAV0123@AEBV0123@@Z
??4Line@g2d@generic@egr@@QEAAAEAV0123@$$QEAV0123@@Z
??4Output@GZipReader@@QEAAAEAV01@AEBV01@@Z
??4PNGError@g2d@generic@egr@@QEAAAEAV0123@AEBV0123@@Z
??4Timer@GStopWatch@@QEAAAEAV01@AEBV01@@Z
??4l4link_st@@QEAAAEAU0@$$QEAU0@@Z
??4l4link_st@@QEAAAEAU0@AEBU0@@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@AEBUEDecimal128@@@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@AEBUEDecimal32@@@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@AEBUEDecimal64@@@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@AEBV01@@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@D@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@E@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@F@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@G@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@H@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@I@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@J@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@K@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@M@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@N@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@O@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@PEBD@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@PEBE@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@PEBX@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@_J@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@_K@Z
??6@YAAEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAV01@_N@Z
??8EntryIterator@GArReader@@QEBA_NAEBV01@@Z
??8EntryIterator@GZipReader@@QEBA_NAEBV01@@Z
??8GColorRGB@@QEBA_NAEBV0@@Z
??8GColorRGBA@@QEBA_NAEBV0@@Z
??8GRpnValue@@QEBA_NAEBV0@@Z
??9EntryIterator@GArReader@@QEBA_NAEBV01@@Z
??9EntryIterator@GZipReader@@QEBA_NAEBV01@@Z
??9GColorRGB@@QEBA_NAEBV0@@Z
??AGPalette@@QEBA?AVGColorRGB@@H@Z
??BGTime@@QEBANXZ
??DEntryIterator@GArReader@@QEBAAEBU?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAVGArEntry@@@std@@XZ
??DEntryIterator@GZipReader@@QEBAAEBU?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAVGZipEntry@@@std@@XZ
??DGColorRGB@@QEBA?AV0@AEBV0@@Z
??DGColorRGB@@QEBA?AV0@M@Z
??DGColorRGBA@@QEBA?AV0@AEBV0@@Z
??DGColorRGBA@@QEBA?AV0@M@Z
??EEntryIterator@GArReader@@QEAA?AV01@H@Z
??EEntryIterator@GArReader@@QEAAAEAV01@XZ
??EEntryIterator@GZipReader@@QEAA?AV01@H@Z
??EEntryIterator@GZipReader@@QEAAAEAV01@XZ
??FEntryIterator@GArReader@@QEAA?AV01@H@Z
??FEntryIterator@GArReader@@QEAAAEAV01@XZ
??FEntryIterator@GZipReader@@QEAA?AV01@H@Z
??FEntryIterator@GZipReader@@QEAAAEAV01@XZ
??G@YA?AVGTime@@AEBV0@0@Z
??GGColorRGB@@QEBA?AV0@AEBV0@@Z
??GGColorRGBA@@QEBA?AV0@AEBV0@@Z
??HGColorRGB@@QEBA?AV0@AEBV0@@Z
??HGColorRGBA@@QEBA?AV0@AEBV0@@Z
??KGColorRGB@@QEBA?AV0@M@Z
??KGColorRGBA@@QEBA?AV0@M@Z
??MGColorRGB@@QEBA_NAEBV0@@Z
??MGRpnValue@@QEBA_NAEBV0@@Z

Sections

.text
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

776f469f176cf76ac1a2faebf8073e68

Headers

DLL Characteristics

File Characteristics

Imports

ebase

eprxx140

epr

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-convert-l1-1-0

msvcp140

kernel32

user32

Exports

Exports

Sections

.text Size: 738KB - Virtual size: 738KB

.rdata Size: 329KB - Virtual size: 328KB

.data Size: 15KB - Virtual size: 30KB

.pdata Size: 43KB - Virtual size: 43KB

.gfids Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 738KB - Virtual size: 738KB

.rdata
Size: 329KB - Virtual size: 328KB

.data
Size: 15KB - Virtual size: 30KB

.pdata
Size: 43KB - Virtual size: 43KB

.gfids
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 3KB - Virtual size: 3KB