Ascent Premium Proxy[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Ascent Premium Proxy.exe
Size

2.1MB
MD5

187af0af4063e3e824f7f42a1f3e8684
SHA1

826b9b5ea5ab073609a5eda5a65fbbdb12261b83
SHA256

f223de14126c4ce3f520cb4161d3aa0ebfcbb606b98731eca79e4e6799856fdf
SHA512

e39a9f271d3de9c2b7acc28e838947fcdff5a73772bd58f1c528dc3bbf3697757a7052a08e2ad80052ca250a4bbb2a54fd6f50b7c7fc407900f3e0de2cfdbbe6
SSDEEP

24576:nc72TfSNQLas/1tksHEjAIkzprSbXBd58ZwEQO9OaQIkADYN8hVnznxxzWrEdk9/:nc72TqNC53ksRmiRswDa8hVznxxz2P5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ascent Premium Proxy.exe

Files

Ascent Premium Proxy.exe
.exe windows:6 windows x64 arch:x64

97bc15035e44a13012a227dc5e13a29f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDeviceAndSwapChain

kernel32

InitializeCriticalSectionEx
FormatMessageA
HeapSize
HeapFree
SetLastError
HeapAlloc
LeaveCriticalSection
lstrlenW
GetModuleFileNameW
GetCurrentProcessId
WaitNamedPipeW
PeekNamedPipe
GetLastError
CloseHandle
WriteFile
ReadFile
CreateFileW
LocalFree
SleepEx
GetSystemDirectoryA
GetModuleFileNameA
GetCurrentProcess
HeapReAlloc
GetProcessHeap
SetConsoleTitleA
SetConsoleCtrlHandler
GetConsoleScreenBufferInfo
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeLibrary
QueryPerformanceFrequency
QueryPerformanceCounter
VerSetConditionMask
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
SetConsoleTextAttribute
CreateThread
Sleep
GetStdHandle
HeapDestroy
DeleteCriticalSection
VerifyVersionInfoA
GetTickCount
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitOnceComplete
InitOnceBeginInitialize
GetLocaleInfoEx
GetFileSizeEx
CreateFileA
WaitForMultipleObjects
GetFileType
GetEnvironmentVariableA
WaitForSingleObjectEx
MoveFileExA
EnterCriticalSection

user32

EmptyClipboard
GetClipboardData
TrackMouseEvent
SetClipboardData
UnregisterClassW
RegisterClassExW
CreateWindowExW
IsChild
DestroyWindow
ShowWindow
SetLayeredWindowAttributes
CloseClipboard
OpenClipboard
GetAsyncKeyState
GetKeyState
UpdateWindow
DefWindowProcW
SetWindowPos
IsIconic
BringWindowToTop
SetFocus
GetCapture
SetCapture
ReleaseCapture
GetForegroundWindow
SetForegroundWindow
GetDC
ReleaseDC
SetWindowTextW
GetClientRect
AdjustWindowRectEx
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
SetProcessDPIAware
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
LoadCursorW
SetWindowLongW
GetWindowLongW
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
MessageBoxA

gdi32

GetDeviceCaps

advapi32

OpenProcessToken
CopySid
GetLengthSid
GetTokenInformation
IsValidSid
ConvertSidToStringSidA
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
CryptEncrypt
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

libcrypto-3-x64

OPENSSL_sk_num
BIO_ctrl
BIO_new_socket
ASN1_STRING_length
ASN1_STRING_get0_data
EVP_MD_CTX_new
EVP_MD_CTX_free
EVP_DigestInit_ex
EVP_DigestUpdate
EVP_DigestFinal_ex
EVP_md5
EVP_sha256
EVP_sha512
X509_STORE_free
X509_STORE_add_cert
X509_free
d2i_X509
X509_get_subject_name
X509_NAME_get_text_by_NID
X509_get_ext_d2i
GENERAL_NAMES_free
OPENSSL_sk_value

libssl-3-x64

TLS_server_method
SSL_set_verify
SSL_CTX_free
SSL_CTX_new
SSL_pending
SSL_set_bio
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_certificate_file
SSL_get1_peer_certificate
SSL_new
SSL_free
SSL_connect
SSL_read_ex
SSL_write_ex
SSL_ctrl
SSL_get_error
TLS_client_method
SSL_shutdown
SSL_CTX_load_verify_locations
SSL_get_verify_result
OPENSSL_init_ssl
SSL_CTX_set_options
SSL_CTX_use_certificate_chain_file
SSL_accept
SSL_CTX_get_cert_store
SSL_CTX_ctrl
SSL_CTX_set_cert_store

msvcp140

_Cnd_timedwait
_Mtx_current_owns
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Xlength_error@std@@YAXPEBD@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Xtime_get_ticks
_Query_perf_counter
_Query_perf_frequency
_Thrd_detach
_Thrd_sleep
_Thrd_id
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_do_broadcast_at_thread_exit
?_Throw_Cpp_error@std@@YAXH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
_Strcoll
_Strxfrm
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?setf@ios_base@std@@QEAAHHH@Z
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xbad_function_call@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Random_device@std@@YAIXZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$collate@D@std@@2V0locale@2@A
_Thrd_join
_Thrd_hardware_concurrency
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
_Cnd_signal
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z

ws2_32

select
listen
getsockopt
getsockname
setsockopt
connect
closesocket
shutdown
socket
sendto
WSAStartup
WSAGetLastError
WSARecvFrom
WSASendTo
getpeername
recv
send
WSASocketW
getaddrinfo
freeaddrinfo
getnameinfo
inet_pton
WSAAddressToStringA
WSASetLastError
WSAIoctl
recvfrom
WSACleanup
ioctlsocket
bind
accept
__WSAFDIsSet
ntohs
ntohl
htons
htonl
gethostbyname
gethostname

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreW
CertOpenStore
CertFindCertificateInStore
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CryptStringToBinaryA

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext

d3dcompiler_47

D3DCompile

normaliz

IdnToAscii

wldap32

ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord45
ord50
ord143
ord217
ord46
ord211
ord60

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

psapi

GetModuleInformation

userenv

UnloadUserProfile

vcruntime140

__std_exception_copy
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
strrchr
strstr
memcmp
memchr
memcpy
strchr
__std_terminate
memset
memmove
__std_exception_destroy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_cexit
_seh_filter_exe
_crt_atexit
_set_app_type
_get_initial_narrow_environment
_initterm
_initterm_e
_beginthreadex
_exit
__p___argc
terminate
__p___argv
system
_c_exit
abort
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_getpid
strerror
__sys_nerr
_invalid_parameter_noinfo
exit
_resetstkoflw
_errno
_register_thread_local_exe_atexit_callback

api-ms-win-crt-heap-l1-1-0

malloc
calloc
_set_new_mode
realloc
_callnewh
free

api-ms-win-crt-stdio-l1-1-0

fputs
__acrt_iob_func
__stdio_common_vfprintf
_lseeki64
_get_stream_buffer_pointers
_popen
fclose
_pclose
fgets
__stdio_common_vswprintf
fopen
fflush
fgetc
fgetpos
fputc
fread
__stdio_common_vsscanf
_wfopen
feof
_open
ftell
fseek
_close
_set_fmode
_write
__stdio_common_vsprintf_s
__stdio_common_vsprintf
ungetc
setvbuf
fwrite
__p__commode
_read
_fseeki64
fsetpos

api-ms-win-crt-utility-l1-1-0

srand
qsort
rand

api-ms-win-crt-convert-l1-1-0

strtoull
strtol
strtod
atoi
strtof
atof
strtoll
strtoul

api-ms-win-crt-environment-l1-1-0

getenv
_dupenv_s

api-ms-win-crt-string-l1-1-0

toupper
strncmp
strncpy
isdigit
strpbrk
_strdup
isspace
strcmp
tolower
strcspn
strspn
_stricmp
isupper

api-ms-win-crt-filesystem-l1-1-0

_access_s
_unlink
_unlock_file
remove
_fstat64
_stat64
_access
_lock_file

api-ms-win-crt-math-l1-1-0

log
powf
logf
_dsign
_dclass
ceil
ceilf
pow
acosf
sinf
floor
__setusermatherr
cosf
sqrtf
fmodf

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64
_localtime64

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

shell32

ShellExecuteA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97bc15035e44a13012a227dc5e13a29f

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

kernel32

user32

gdi32

advapi32

libcrypto-3-x64

libssl-3-x64

msvcp140

ws2_32

crypt32

winmm

imm32

d3dcompiler_47

normaliz

wldap32

rpcrt4

psapi

userenv

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

shell32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 344KB - Virtual size: 344KB

.data Size: 25KB - Virtual size: 255KB

.pdata Size: 58KB - Virtual size: 58KB

.rsrc Size: 141KB - Virtual size: 141KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 344KB - Virtual size: 344KB

.data
Size: 25KB - Virtual size: 255KB

.pdata
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 141KB - Virtual size: 141KB

.reloc
Size: 4KB - Virtual size: 3KB