Static task
static1
Behavioral task
behavioral1
Sample
a685553e8ef8c97547e4bb293aea35f710ce7e73910bfc62263a699ba704bed6.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
a685553e8ef8c97547e4bb293aea35f710ce7e73910bfc62263a699ba704bed6.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
a685553e8ef8c97547e4bb293aea35f710ce7e73910bfc62263a699ba704bed6
-
Size
788KB
-
MD5
9d19d6a39148f79baf7ba5e617c93296
-
SHA1
c17483635aa5af67c76291f5f1320301a549efaa
-
SHA256
a685553e8ef8c97547e4bb293aea35f710ce7e73910bfc62263a699ba704bed6
-
SHA512
0785df6606ddc51d60bdd851acf05ad2a272472afd1aed86d593454f07f53f7d83ce329f65fb5afc997f0fcb4727dd2cb0b2f85eb1b6dae536e1323be569415a
-
SSDEEP
12288:Yzg8FLeqfh/byKNFpiZs5MV/5qDgAypz:YzpFLeY1ieYz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a685553e8ef8c97547e4bb293aea35f710ce7e73910bfc62263a699ba704bed6
Files
-
a685553e8ef8c97547e4bb293aea35f710ce7e73910bfc62263a699ba704bed6.exe windows:6 windows x64 arch:x64
4a372b5d73f00b183452f38aaf3f8660
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
ws2_32
WSACleanup
WSAStartup
advapi32
GetUserNameW
user32
IsWindow
GetPropA
EnumWindows
nxlogbase
?CLog@log@neox@@YAXIHPEBD@Z
?CLogRaw@log@neox@@YAXIHPEBD@Z
?LogRaw@log@neox@@YAXIHPEBDZZ
?GetNewLine@log@neox@@YAPEBDXZ
?LogWarning@log@neox@@YAXIPEBDZZ
?Log@log@neox@@YAXIHPEBDZZ
?LogError@log@neox@@YAXIPEBDZZ
?CLogError@log@neox@@YAXIPEBD@Z
?RegisterChannel@log@neox@@YAIPEBD@Z
?SetLevel@log@neox@@YAXH@Z
?SetThreadType@log@neox@@YAXW4ThreadType@12@@Z
?IsTargetEnabled@log@neox@@YA_NW4LogTargetType@12@@Z
?EnableTarget@log@neox@@YAXW4LogTargetType@12@_N@Z
nxwin32
?WideCharToUTF8@win32@neox@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
nxlog
?SetFileDirectory@log@neox@@YA_NPEBD@Z
?GetFilePath@log@neox@@YAPEBDXZ
?Initialize@log@neox@@YAXXZ
?ShowWindowInput@log@neox@@YAX_N@Z
?GetWindowHandle@log@neox@@YAPEAXXZ
?SetSocketPort@log@neox@@YAXI@Z
?CopyCacheToFile@log@neox@@YAIXZ
stringid
?StringIDMurmur3@neox@@YAHPEBDH@Z
?StringIDMurmur3@neox@@YAHPEBD@Z
tinyxml2
??1XMLDocument@tinyxml2@@UEAA@XZ
?Parse@XMLDocument@tinyxml2@@QEAA?AW4XMLError@2@PEBD_K@Z
?Value@XMLNode@tinyxml2@@QEBAPEBDXZ
?SetValue@XMLNode@tinyxml2@@QEAAXPEBD_N@Z
?FirstChildElement@XMLNode@tinyxml2@@QEBAPEBVXMLElement@2@PEBD@Z
?NextSiblingElement@XMLNode@tinyxml2@@QEBAPEBVXMLElement@2@PEBD@Z
?InsertEndChild@XMLNode@tinyxml2@@QEAAPEAV12@PEAV12@@Z
?InsertAfterChild@XMLNode@tinyxml2@@QEAAPEAV12@PEAV12@0@Z
?DeleteChildren@XMLNode@tinyxml2@@QEAAXXZ
?DeleteChild@XMLNode@tinyxml2@@QEAAXPEAV12@@Z
?DeepClone@XMLNode@tinyxml2@@QEBAPEAV12@PEAVXMLDocument@2@@Z
?Name@XMLAttribute@tinyxml2@@QEBAPEBDXZ
?Value@XMLAttribute@tinyxml2@@QEBAPEBDXZ
?SetAttribute@XMLAttribute@tinyxml2@@QEAAXPEBD@Z
?Attribute@XMLElement@tinyxml2@@QEBAPEBDPEBD0@Z
?DeleteAttribute@XMLElement@tinyxml2@@QEAAXPEBD@Z
?GetText@XMLElement@tinyxml2@@QEBAPEBDXZ
?FindOrCreateAttribute@XMLElement@tinyxml2@@AEAAPEAVXMLAttribute@2@PEBD@Z
?LoadFile@XMLDocument@tinyxml2@@QEAA?AW4XMLError@2@PEBD@Z
?NewElement@XMLDocument@tinyxml2@@QEAAPEAVXMLElement@2@PEBD@Z
?NewText@XMLDocument@tinyxml2@@QEAAPEAVXMLText@2@PEBD@Z
?ErrorStr@XMLDocument@tinyxml2@@QEBAPEBDXZ
??0XMLPrinter@tinyxml2@@QEAA@PEAU_iobuf@@_NH@Z
??1XMLPrinter@tinyxml2@@UEAA@XZ
?CloseElement@XMLPrinter@tinyxml2@@UEAAX_N@Z
?CStr@XMLPrinter@tinyxml2@@QEBAPEBDXZ
?Write@XMLPrinter@tinyxml2@@IEAAXPEBD_K@Z
?Putc@XMLPrinter@tinyxml2@@IEAAXD@Z
?PrintString@XMLPrinter@tinyxml2@@IEAAXPEBD_N@Z
??0XMLDocument@tinyxml2@@QEAA@_NW4Whitespace@1@@Z
?CompactMode@XMLPrinter@tinyxml2@@MEAA_NAEBVXMLElement@2@@Z
?ParseDeep@XMLNode@tinyxml2@@MEAAPEADPEADPEAVStrPair@2@PEAH@Z
?PrintSpace@XMLPrinter@tinyxml2@@MEAAXH@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBD0@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBDH@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBDI@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBDN@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBD_J@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBD_K@Z
?ShallowClone@XMLDocument@tinyxml2@@UEBAPEAVXMLNode@2@PEAV12@@Z
?ShallowEqual@XMLDocument@tinyxml2@@UEBA_NPEBVXMLNode@2@@Z
?ToComment@XMLNode@tinyxml2@@UEAAPEAVXMLComment@2@XZ
?ToComment@XMLNode@tinyxml2@@UEBAPEBVXMLComment@2@XZ
?ToDeclaration@XMLNode@tinyxml2@@UEAAPEAVXMLDeclaration@2@XZ
?ToDeclaration@XMLNode@tinyxml2@@UEBAPEBVXMLDeclaration@2@XZ
?ToDocument@XMLDocument@tinyxml2@@UEAAPEAV12@XZ
?ToDocument@XMLDocument@tinyxml2@@UEBAPEBV12@XZ
?ToElement@XMLNode@tinyxml2@@UEAAPEAVXMLElement@2@XZ
?ToElement@XMLNode@tinyxml2@@UEBAPEBVXMLElement@2@XZ
?ToText@XMLNode@tinyxml2@@UEAAPEAVXMLText@2@XZ
?ToText@XMLNode@tinyxml2@@UEBAPEBVXMLText@2@XZ
?ToUnknown@XMLNode@tinyxml2@@UEAAPEAVXMLUnknown@2@XZ
?ToUnknown@XMLNode@tinyxml2@@UEBAPEBVXMLUnknown@2@XZ
?Visit@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLComment@2@@Z
?Visit@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLDeclaration@2@@Z
?Visit@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLText@2@@Z
?Visit@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLUnknown@2@@Z
?VisitEnter@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLDocument@2@@Z
?VisitEnter@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLElement@2@PEBVXMLAttribute@2@@Z
?VisitExit@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLDocument@2@@Z
?VisitExit@XMLPrinter@tinyxml2@@UEAA_NAEBVXMLElement@2@@Z
?Accept@XMLDocument@tinyxml2@@UEBA_NPEAVXMLVisitor@2@@Z
?PushAttribute@XMLPrinter@tinyxml2@@UEAAXPEBD_N@Z
bxml
?GetAttrCount@BXmlDecoder@bxml@@QEBAHXZ
?GetAttrNameByIndex@BXmlDecoder@bxml@@QEBAPEBDH@Z
?Save@BXmlDecoder@bxml@@QEAA_NPEBD@Z
?GetChildByIndex@BXmlNode@bxml@@QEBAPEAV12@H@Z
??0BXmlEncoder@bxml@@QEAA@XZ
??1BXmlEncoder@bxml@@QEAA@XZ
?Convert@BXmlEncoder@bxml@@QEAA_JPEAVXMLDocument@tinyxml2@@AEAV?$vector@DV?$allocator@D@std@@@std@@@Z
??0BXmlDecoder@bxml@@QEAA@XZ
??1BXmlDecoder@bxml@@QEAA@XZ
?ReadFromBuffer@BXmlDecoder@bxml@@QEAA_NPEBDH@Z
?GetNodeByIndex@BXmlDecoder@bxml@@QEBAPEAVBXmlNode@2@H@Z
?dfs@BXmlDecoder@bxml@@QEAAXPEBVBXmlNode@2@AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?ToInt@BXmlElement@bxml@@QEBA_NAEAH@Z
?ToFloat@BXmlElement@bxml@@QEBA_NAEAM@Z
?ToFloatArray@BXmlElement@bxml@@QEBA_NPEAMAEAH@Z
?ToDword@BXmlElement@bxml@@QEBA_NAEAI@Z
?ToBool@BXmlElement@bxml@@QEBA_NAEA_N@Z
?ToUint64@BXmlElement@bxml@@QEBA_NAEA_K@Z
?ToCharArray@BXmlElement@bxml@@QEBA_NPEAD_K@Z
?GetAttrByName@BXmlNode@bxml@@QEBAPEAVBXmlElement@2@PEBD@Z
?GetAllAttrNames@BXmlNode@bxml@@QEBA?AV?$vector@PEBDV?$allocator@PEBD@std@@@std@@XZ
?GetChildByName@BXmlNode@bxml@@QEBAPEAV12@PEBD@Z
?ReadFromFile@BXmlDecoder@bxml@@QEAA_NPEBD@Z
ntunisdkorbit
??0INtUniSdkDownloadListener@NtUniSDKOrbit@@QEAA@XZ
?getDLInst@INtUniSdkDownloadInterface@NtUniSDKOrbit@@SAPEAV12@XZ
c_common
??1CriticalSection@common@neox@@QEAA@XZ
?Enter@CriticalSection@common@neox@@QEAAXXZ
??0CriticalSection@common@neox@@QEAA@XZ
?Leave@CriticalSection@common@neox@@QEAAXXZ
?LogDeprecated@neox@@YAXPEBDZZ
??0WatcherObject@neox@@QEAA@XZ
??1WatcherObject@neox@@UEAA@XZ
?LogWarning@neox@@YAXPEBDZZ
??1ModuleBase@neox@@UEAA@XZ
?Init@ModuleBase@neox@@UEAA_NPEAUIInterfaceMgr@2@@Z
??0ModuleBase@neox@@QEAA@XZ
?write@SocketStream@common@neox@@QEAAXPEBXH@Z
?ProcessCommand@SocketDebugger@common@neox@@QEAAHAEAPEBDAEAH@Z
?WaitCommand@SocketDebugger@common@neox@@QEAAXAEAPEBDAEAH@Z
?Instance@InterfaceBox@neox@@SAAEAV12@XZ
??0SocketDebugger@common@neox@@QEAA@XZ
??1SocketDebugger@common@neox@@UEAA@XZ
?LogError@neox@@YAXPEBDZZ
?Utf16ToUtf8@common@neox@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEB_W_K@Z
?Init@SocketDebugger@common@neox@@UEAAHG@Z
?Log@neox@@YAXHPEBDZZ
?Process@SocketDebugger@common@neox@@UEAAXXZ
?Close@SocketDebugger@common@neox@@UEAAXXZ
?TryAccept@SocketDebugger@common@neox@@UEAA_NXZ
foundationx
?CaseEquals@StringAlgo@foundation@neox@@SA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
npk
?Decrypt@neox@@YA_NW4NeoXEncryptType@1@PEAD_KQEBE@Z
?NeoXDecompress@neox@@YA_NW4NeoXDecompressType@1@PEBD_KPEAD2@Z
?NeoXCompress@neox@@YA_NW4NeoXCompressType@1@PEBD_KPEADPEA_K@Z
?Encrypt@neox@@YA_NW4NeoXEncryptType@1@PEAD_KQEBE@Z
nxio
?LogChannel@io@neox@@3IA
python311
PyLong_AsLong
PyBytes_FromStringAndSize
PyUnicode_FromString
PyExc_NameError
PyExc_AttributeError
PyModule_Type
_Py_NoneStruct
PyLong_FromLongLong
PyImport_ImportModule
PyImport_GetModuleDict
PySys_SetObject
PySys_GetObject
_PyArg_ParseTuple_SizeT
PyExc_ValueError
PyDict_GetItemString
_Py_BuildValue_SizeT
PyBool_FromLong
PyFloat_FromDouble
PyFloat_AsDouble
PyObject_CallObject
PyTuple_New
PyExc_RuntimeError
PyType_Ready
_PyObject_NewVar
PyArg_ParseTuple
_Py_FalseStruct
_Py_TrueStruct
PyDict_SetItemString
_Py_Dealloc
PyDict_DelItemString
PyExc_ImportError
PyUnicode_AsUTF8
PyFrame_GetLineNumber
PyTuple_SetItem
PyFrame_GetBack
PyType_GenericNew
PyThreadState_GetFrame
_PyThreadState_UncheckedGet
PyType_IsSubtype
PyObject_Str
PyObject_GetAttrString
PyObject_SetAttrString
PyGC_Collect
PyUnicode_FromWideChar
PyList_Size
PyList_GetItem
PyList_Append
PyDict_Next
_PyModule_Clear
PyModule_GetDict
PyStatus_Exception
PyWideStringList_Append
PyConfig_InitIsolatedConfig
PyErr_Format
_Py_FatalErrorFunc
Py_BuildValue
PyEval_EvalCode
PyEval_GetBuiltins
PyImport_AddModule
PyThreadState_Get
PyGILState_Ensure
PyGILState_Release
PyErr_Occurred
PyErr_Clear
PyList_New
PyList_SetItem
PyArg_Parse
Py_VaBuildValue
Py_Finalize
Py_IsInitialized
Py_InitializeFromConfig
_Py_InitializeMain
PyEval_CallObjectWithKeywords
PyEval_EvalFrameEx
PyEval_ReleaseThread
PyFrame_GetCode
PyUnicode_FromStringAndSize
PyExc_TypeError
PyCallable_Check
Py_InitModule4
PyErr_SetString
PyErr_Print
PyLong_FromLong
Py_DecRef
nxio3
?SetupFileDevice@nxio3@neox@@YAPEAVNXFileSystem@filesystem@2@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAVNXFileSystemConfig@42@@Z
?LoadPackage@PackageManager@nxio3@neox@@QEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ToNativePath@nxio3@neox@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$basic_string_view@DU?$char_traits@D@std@@@sv_lite@nonstd@@@Z
?Instance@PackageManager@nxio3@neox@@SAPEAV123@XZ
?IsDir@nxio3@neox@@YA_NV?$basic_string_view@DU?$char_traits@D@std@@@sv_lite@nonstd@@@Z
?ToUtf16@nxio3@neox@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEBD_K@Z
nxfilesystem
??1NXFileLoaderConfig@filesystem@neox@@QEAA@XZ
??0NXFileLoaderConfig@filesystem@neox@@QEAA@AEBV012@@Z
??0NXFileLoaderConfig@filesystem@neox@@QEAA@$$QEAV012@@Z
??0NXFileSystemConfig@filesystem@neox@@QEAA@XZ
??1NXFileSystemConfig@filesystem@neox@@QEAA@XZ
?Initialize@NXFileSystem@filesystem@neox@@QEAA_NAEBVNXFileSystemConfig@23@@Z
?IsInitialized@NXFileSystem@filesystem@neox@@QEBA_NXZ
?LoaderCount@NXFileSystem@filesystem@neox@@QEBA_KXZ
??0NXFileLoaderConfig@filesystem@neox@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00H_N@Z
??0NXFileSystem@filesystem@neox@@QEAA@XZ
??1NXFileSystem@filesystem@neox@@QEAA@XZ
?Root@NXFileLoader@filesystem@neox@@QEBAAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?Validate@NXFileSystem@filesystem@neox@@QEBA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Invalidate@NXFileSystem@filesystem@neox@@QEBA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ValidateDir@NXFileSystem@filesystem@neox@@QEBAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?HasFile@NXFileSystem@filesystem@neox@@QEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?AbsolutePath@NXFileSystem@filesystem@neox@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV45@@Z
?RelativePath@NXFileSystem@filesystem@neox@@QEBAPEAVNXFileLoader@23@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEAV56@@Z
?Save@NXFileSystem@filesystem@neox@@QEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD_K@Z
?Remove@NXFileSystem@filesystem@neox@@QEAAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?RemoveAll@NXFileSystem@filesystem@neox@@QEAAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetTimestamp@NXFileSystem@filesystem@neox@@QEAA_JAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Reload@NXFileSystem@filesystem@neox@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Unload@NXFileSystem@filesystem@neox@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCczDecryptKey@NXFileSystem@filesystem@neox@@QEAAXAEAY0BA@$$CBE@Z
?MakeStandard@filesystem@neox@@YA?AU?$pair@_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?Opener@NXFileLoader@filesystem@neox@@QEBAPEAV0io@3@XZ
?Open@NXFileSystem@filesystem@neox@@QEAA?AV?$shared_ptr@VNXFile@filesystem@neox@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@_N@Z
?GetLoader@NXFileSystem@filesystem@neox@@QEBA?AV?$shared_ptr@VNXFileLoader@filesystem@neox@@@std@@_K@Z
boost_filesystem
?codecvt@path@filesystem@boost@@SAAEBV?$codecvt@_WDU_Mbstatet@@@std@@XZ
?parent_path@path@filesystem@boost@@QEBA?AV123@XZ
?convert@path_traits@filesystem@boost@@YAXPEBD0AEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AEBV?$codecvt@_WDU_Mbstatet@@@5@@Z
??_0path@filesystem@boost@@QEAAAEAV012@AEBV012@@Z
?convert@path_traits@filesystem@boost@@YAXPEB_W0AEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV?$codecvt@_WDU_Mbstatet@@@5@@Z
pynxio3
?InitPythonImporter@nxio3@neox@@YAPEAVPyNxioImporter@12@PEBD@Z
nxcrashhunter
?AddPath@PathCollector@crashhunter@neox@@QEAA_NPEBD@Z
?PostUserInfo@crashhunter@neox@@YAXPEBD000@Z
?EnableDebugMode@crashhunter@neox@@YAX_N@Z
?Setup@crashhunter@neox@@YAXPEBUConfig@12@@Z
pynxcrashhunter
?InitPyNXCrashHunter@@YAX_N@Z
?DeinitPyNXCrashHunter@@YAXXZ
shell32
CommandLineToArgvW
msvcp140
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
shlwapi
PathIsRelativeW
kernel32
WideCharToMultiByte
FormatMessageW
MultiByteToWideChar
GetProcAddress
LoadLibraryA
CreateEventA
GetCurrentThreadId
GetCommandLineW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetLocalTime
GetTickCount
GetModuleFileNameW
GetModuleHandleA
InitializeCriticalSection
TryEnterCriticalSection
ReleaseSemaphore
WaitForSingleObjectEx
WaitForMultipleObjectsEx
CreateSemaphoreA
InitializeCriticalSectionAndSpinCount
ResetEvent
CloseHandle
GetLastError
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
WaitForMultipleObjects
QueueUserAPC
TerminateThread
TlsAlloc
TlsFree
LocalFree
FormatMessageA
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentProcessId
InitializeSListHead
GetModuleHandleW
CreateEventW
vcruntime140
memmove
_purecall
__std_terminate
memset
strrchr
strstr
strchr
memcpy
memcmp
__std_type_info_name
wcsstr
__C_specific_handler
__current_exception
__current_exception_context
__std_type_info_destroy_list
__std_exception_destroy
_CxxThrowException
memchr
__std_exception_copy
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
_set_app_type
_seh_filter_exe
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
strerror
_initialize_narrow_environment
_wassert
_cexit
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
terminate
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_seh_filter_dll
__p___argc
_register_thread_local_exe_atexit_callback
_c_exit
signal
__p___argv
api-ms-win-crt-stdio-l1-1-0
_getcwd
fopen
_set_fmode
__p__commode
__stdio_common_vfprintf
fwrite
fread
__stdio_common_vsprintf
fseek
ftell
fclose
api-ms-win-crt-string-l1-1-0
_strnicmp
strcmp
strncpy
tolower
strcpy_s
_stricmp
api-ms-win-crt-heap-l1-1-0
free
_callnewh
_set_new_mode
calloc
malloc
api-ms-win-crt-convert-l1-1-0
strtoull
strtoul
atoi
strtof
strtol
api-ms-win-crt-math-l1-1-0
ceilf
__setusermatherr
api-ms-win-crt-filesystem-l1-1-0
_stat64i32
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 469KB - Virtual size: 468KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 107KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 1024B - Virtual size: 777B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 337B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 127KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ