C:\Users\whatw\Documents\GitHub\NewPainbasebutBIGBASEDX\Binaries\Release\Elysium.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
scams.zip
Resource
win10-20231215-en
windows10-1703-x64
13 signatures
300 seconds
Behavioral task
behavioral2
Sample
scams.zip
Resource
win10v2004-20231215-en
windows10-2004-x64
13 signatures
300 seconds
General
-
Target
scams.zip
-
Size
3.3MB
-
MD5
c424f9c76ea3ee6e849a61400b9efcd9
-
SHA1
bf002ff29ac6c01e17d756d44da44551156a3c6c
-
SHA256
682ad45c7160d055f0ee6911befd5d5f0eb85f1a61a3e9fd2dfd82856dd25925
-
SHA512
d803af159fadd598cf58ca0e10492ffe4df6776053d88709040ce6842caa19d115c21f22d48f88476ae0dd621357b0d074a96099ce6ef7506b3eed6d971d8ae1
-
SSDEEP
98304:dR402E7jclzCzdPfUcO+Q99wl1FcrBzVpY:dZ8zCzhUECS
Score
3/10
Malware Config
Signatures
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource unpack001/333.dll unpack001/46t5ry6thyp3er.dll unpack001/765RUYTGJYGKJUYinf.dll unpack001/test.cmd
Files
-
scams.zip.zip
Password: scam
-
333.dll.dll windows:6 windows x64 arch:x64
Password: scam
4b3900cbe5ac701478342da35948f302
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
winmm
timeGetTime
kernel32
GetCurrentProcess
MultiByteToWideChar
GlobalLock
WideCharToMultiByte
GlobalUnlock
GlobalAlloc
GlobalFree
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
GetTickCount64
AttachConsole
AllocConsole
SetConsoleTitleW
GetConsoleWindow
SetConsoleCP
SetConsoleOutputCP
SetConsoleMode
GetStdHandle
FreeConsole
SetConsoleTextAttribute
FreeLibraryAndExitThread
CreateThread
CreateFiber
DeleteFiber
SwitchToFiber
ConvertThreadToFiber
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Sleep
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
Thread32First
Thread32Next
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
CloseHandle
CreateFileW
GetTickCount
GetLastError
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetFileInformationByHandle
AreFileApisANSI
GetFileInformationByHandleEx
LoadLibraryA
Process32NextW
ReadProcessMemory
OpenProcess
LocalFree
FormatMessageA
GetCurrentProcessId
Process32FirstW
Process32First
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateToolhelp32Snapshot
GetProcAddress
LeaveCriticalSection
K32GetModuleInformation
GetModuleHandleA
Process32Next
lstrcmpiA
EnterCriticalSection
GetLocaleInfoEx
user32
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
SetCursor
LoadCursorA
GetKeyState
GetForegroundWindow
SetCursorPos
GetCursorPos
ScreenToClient
GetClientRect
TrackMouseEvent
GetCapture
SetCapture
GetAsyncKeyState
ReleaseCapture
OpenClipboard
GetWindowRect
ClientToScreen
IsWindowUnicode
FindWindowA
EnableMenuItem
GetSystemMenu
SetLayeredWindowAttributes
shell32
ShellExecuteA
SHGetFolderPathW
d3dcompiler_47
D3DCompile
msvcp140
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QEBA_NXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?uncaught_exceptions@std@@YAHXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
_Thrd_yield
_Thrd_sleep
?_Xbad_function_call@std@@YAXXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?fail@ios_base@std@@QEBA_NXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Mtx_init_in_situ
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
_Thrd_join
_Thrd_id
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_broadcast
?_Throw_Cpp_error@std@@YAXH@Z
_Xtime_get_ticks
?_Xout_of_range@std@@YAXPEBD@Z
??Bid@locale@std@@QEAA_KXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
??0_Lockit@std@@QEAA@H@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Lockit@std@@QEAA@XZ
??1_Locinfo@std@@QEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
_Mtx_destroy_in_situ
?_Xlength_error@std@@YAXPEBD@Z
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Xbad_alloc@std@@YAXXZ
_Query_perf_frequency
_Query_perf_counter
imm32
ImmSetCandidateWindow
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memchr
_local_unwind
__std_type_info_destroy_list
__std_terminate
__std_exception_copy
__std_exception_destroy
__C_specific_handler
strstr
memcpy
__CxxFrameHandler3
memcmp
memset
memmove
__current_exception
__current_exception_context
_CxxThrowException
api-ms-win-crt-heap-l1-1-0
malloc
free
calloc
realloc
_callnewh
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
_crt_atexit
_cexit
_initialize_narrow_environment
_initterm
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
raise
_errno
exit
terminate
_initterm_e
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf_s
fopen
fgetpos
__stdio_common_vsprintf
fwrite
_wfopen
__acrt_iob_func
fflush
__stdio_common_vsscanf
ftell
fclose
__stdio_common_vfprintf
fsetpos
ungetc
fgetc
fseek
fread
_get_stream_buffer_pointers
fputc
_fseeki64
setvbuf
api-ms-win-crt-math-l1-1-0
sin
sinf
_dsign
_ldsign
_fdsign
ceilf
acosf
_ldclass
cos
cosf
_fdclass
powf
ldexp
sqrt
fmodf
pow
sqrtf
_dclass
api-ms-win-crt-string-l1-1-0
strncpy
toupper
strncmp
strcmp
api-ms-win-crt-convert-l1-1-0
wcstombs
strtod
strtoull
strtoll
strtol
api-ms-win-crt-utility-l1-1-0
srand
rand
qsort
api-ms-win-crt-time-l1-1-0
_localtime64
_time64
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
localeconv
Sections
.text Size: 919KB - Virtual size: 918KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 465KB - Virtual size: 465KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 356KB - Virtual size: 573KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
46t5ry6thyp3er.dll.dll windows:6 windows x64 arch:x64
Password: scam
593468fae5f154c7d287a75735273c92
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\whatw\Documents\GitHub\HyperPain\Binaries\Release\Hyper32.pdb
Imports
winmm
timeGetTime
ws2_32
ioctlsocket
ntohl
gethostname
closesocket
sendto
recvfrom
freeaddrinfo
getaddrinfo
recv
send
WSAGetLastError
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
__WSAFDIsSet
WSAIoctl
WSAStartup
WSACleanup
accept
htonl
listen
select
normaliz
IdnToAscii
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertOpenStore
PFXImportCertStore
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
CertFindCertificateInStore
wldap32
ord217
ord211
ord60
ord30
ord45
ord50
ord41
ord22
ord26
ord27
ord143
ord32
ord33
ord35
ord301
ord46
ord200
ord79
kernel32
GetFileInformationByHandleEx
LocalFree
GetLocaleInfoEx
ReleaseSRWLockExclusive
SetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateDirectoryW
WaitNamedPipeW
WriteFile
CreateToolhelp32Snapshot
Process32First
CloseHandle
lstrcmpiA
Process32Next
GetModuleHandleA
GetProcAddress
Process32FirstW
GetCurrentProcessId
OpenProcess
ReadProcessMemory
Process32NextW
LoadLibraryA
GetTickCount
MultiByteToWideChar
AcquireSRWLockExclusive
WideCharToMultiByte
GlobalUnlock
GlobalAlloc
GlobalFree
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
VerSetConditionMask
GetTickCount64
AttachConsole
AllocConsole
SetConsoleTitleW
GetConsoleWindow
SetConsoleCP
SetConsoleOutputCP
SetConsoleMode
GetStdHandle
SetConsoleTextAttribute
FreeLibraryAndExitThread
CreateThread
CreateFiber
DeleteFiber
SwitchToFiber
ConvertThreadToFiber
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Sleep
GetCurrentProcess
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
Thread32First
Thread32Next
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
GetLastError
SetLastError
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
GetSystemDirectoryA
VerifyVersionInfoA
MoveFileExA
WaitForSingleObjectEx
GetEnvironmentVariableA
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
CreateFileA
GetFileSizeEx
CreateFileW
AreFileApisANSI
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
FreeConsole
GetModuleFileNameW
GlobalLock
lstrlenW
user32
EnableMenuItem
GetSystemMenu
SetLayeredWindowAttributes
IsWindowUnicode
ReleaseCapture
SetCapture
FindWindowA
TrackMouseEvent
GetClientRect
ScreenToClient
GetCursorPos
SetCursorPos
ClientToScreen
GetForegroundWindow
GetKeyState
LoadCursorA
SetCursor
SetClipboardData
EmptyClipboard
CloseClipboard
MessageBoxA
OpenClipboard
GetCapture
GetAsyncKeyState
GetWindowRect
GetClipboardData
advapi32
CryptReleaseContext
CryptImportKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
CryptAcquireContextA
CryptEncrypt
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
shell32
ShellExecuteA
SHGetFolderPathW
d3dcompiler_47
D3DCompile
urlmon
URLDownloadToFileA
msvcp140
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?fail@ios_base@std@@QEBA_NXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
_Thrd_start
_Thrd_join
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
_Mtx_init
_Mtx_destroy
_Mtx_current_owns
_Cnd_init
_Cnd_destroy
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_timedwait
_Cnd_broadcast
_Cnd_signal
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
_Thrd_sleep
_Thrd_yield
_Cnd_do_broadcast_at_thread_exit
?_Throw_C_error@std@@YAXH@Z
_Thrd_id
?_Xbad_alloc@std@@YAXXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?_Xout_of_range@std@@YAXPEBD@Z
?_Incref@facet@locale@std@@UEAAXXZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
_Xtime_get_ticks
_Mtx_init_in_situ
_Query_perf_counter
_Query_perf_frequency
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Xbad_function_call@std@@YAXXZ
?uncaught_exceptions@std@@YAHXZ
?good@ios_base@std@@QEBA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
_Mtx_unlock
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
ImmSetCandidateWindow
vcruntime140_1
__CxxFrameHandler4
vcruntime140
_CxxThrowException
_local_unwind
__current_exception_context
__current_exception
__std_type_info_destroy_list
__CxxFrameHandler3
__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
__C_specific_handler
strstr
strchr
memcpy
memset
strrchr
memmove
memcmp
memchr
api-ms-win-crt-heap-l1-1-0
_callnewh
calloc
malloc
realloc
free
api-ms-win-crt-runtime-l1-1-0
_cexit
_crt_atexit
_execute_onexit_table
_initterm
_initterm_e
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
terminate
_getpid
_beginthreadex
__sys_nerr
strerror
_errno
exit
_invalid_parameter_noinfo_noreturn
raise
api-ms-win-crt-stdio-l1-1-0
fseek
fgetc
ungetc
feof
ferror
fread
_get_stream_buffer_pointers
_open
_close
_write
_read
fopen_s
__stdio_common_vswprintf
fclose
ftell
fwrite
_lseeki64
__stdio_common_vsprintf
fopen
fgets
__stdio_common_vsprintf_s
fputs
_wfopen
_fseeki64
fgetpos
fsetpos
setvbuf
fputc
__acrt_iob_func
fflush
__stdio_common_vfprintf
__stdio_common_vsscanf
api-ms-win-crt-math-l1-1-0
_ldclass
ldexp
_fdsign
_dsign
_dclass
_ldsign
cos
cosf
fmodf
pow
powf
log2
sin
ceilf
_fdclass
sinf
sqrt
acosf
ceil
sqrtf
api-ms-win-crt-string-l1-1-0
toupper
_strdup
strncpy
isupper
strpbrk
strspn
strncmp
strcspn
tolower
strcmp
api-ms-win-crt-convert-l1-1-0
strtol
strtoul
strtoull
strtoll
strtod
atoi
wcstombs
api-ms-win-crt-utility-l1-1-0
rand
srand
qsort
api-ms-win-crt-time-l1-1-0
_gmtime64
_time64
_localtime64
api-ms-win-crt-filesystem-l1-1-0
_wmkdir
_unlink
_access
_stat64
_lock_file
_unlock_file
_fstat64
api-ms-win-crt-locale-l1-1-0
localeconv
___lc_codepage_func
api-ms-win-crt-environment-l1-1-0
getenv
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 639KB - Virtual size: 639KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 580KB - Virtual size: 798KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
765RUYTGJYGKJUYinf.dll.dll windows:6 windows x64 arch:x64
Password: scam
79a222850dd0c8902453e700b6d53f3f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\whatw\Documents\GitHub\InfinityRecovery\Binaries\Release\a1.pdb
Imports
winmm
timeGetTime
ws2_32
__WSAFDIsSet
ntohl
gethostname
closesocket
sendto
recvfrom
freeaddrinfo
getaddrinfo
recv
send
WSAGetLastError
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
ioctlsocket
WSAIoctl
WSAStartup
WSACleanup
accept
htonl
listen
select
normaliz
IdnToAscii
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertOpenStore
PFXImportCertStore
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
CertFindCertificateInStore
wldap32
ord217
ord211
ord60
ord30
ord45
ord50
ord41
ord22
ord26
ord27
ord143
ord32
ord33
ord35
ord301
ord46
ord200
ord79
kernel32
GetFileInformationByHandleEx
LocalFree
GetLocaleInfoEx
ReleaseSRWLockExclusive
SetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateDirectoryW
WaitNamedPipeW
WriteFile
CreateToolhelp32Snapshot
Process32First
CloseHandle
lstrcmpiA
Process32Next
GetModuleHandleA
GetProcAddress
Process32FirstW
GetCurrentProcessId
OpenProcess
ReadProcessMemory
Process32NextW
LoadLibraryA
GetTickCount
MultiByteToWideChar
AcquireSRWLockExclusive
WideCharToMultiByte
GlobalUnlock
GlobalAlloc
GlobalFree
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
VerSetConditionMask
GetTickCount64
AttachConsole
AllocConsole
SetConsoleTitleW
GetConsoleWindow
SetConsoleCP
SetConsoleOutputCP
SetConsoleMode
GetStdHandle
SetConsoleTextAttribute
FreeLibraryAndExitThread
CreateThread
CreateFiber
DeleteFiber
SwitchToFiber
ConvertThreadToFiber
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Sleep
GetCurrentProcess
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
Thread32First
Thread32Next
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
GetLastError
SetLastError
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
GetSystemDirectoryA
VerifyVersionInfoA
MoveFileExA
WaitForSingleObjectEx
GetEnvironmentVariableA
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
CreateFileA
GetFileSizeEx
CreateFileW
AreFileApisANSI
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
FreeConsole
GetModuleFileNameW
GlobalLock
lstrlenW
user32
EnableMenuItem
GetSystemMenu
SetLayeredWindowAttributes
IsWindowUnicode
ReleaseCapture
SetCapture
FindWindowA
TrackMouseEvent
GetClientRect
ScreenToClient
GetCursorPos
SetCursorPos
ClientToScreen
GetForegroundWindow
GetKeyState
LoadCursorA
SetCursor
SetClipboardData
EmptyClipboard
MessageBoxA
GetClipboardData
OpenClipboard
GetCapture
GetAsyncKeyState
GetWindowRect
CloseClipboard
advapi32
CryptReleaseContext
CryptImportKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
CryptAcquireContextA
CryptEncrypt
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
shell32
ShellExecuteA
SHGetFolderPathW
d3dcompiler_47
D3DCompile
urlmon
URLDownloadToFileA
msvcp140
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
_Thrd_start
_Thrd_join
_Thrd_id
_Mtx_destroy
_Mtx_current_owns
_Cnd_init
_Cnd_destroy
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_timedwait
_Cnd_broadcast
_Cnd_signal
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
_Cnd_do_broadcast_at_thread_exit
?_Throw_C_error@std@@YAXH@Z
_Mtx_init
?_Xbad_alloc@std@@YAXXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?_Xout_of_range@std@@YAXPEBD@Z
?_Incref@facet@locale@std@@UEAAXXZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
_Xtime_get_ticks
_Mtx_init_in_situ
_Query_perf_counter
_Query_perf_frequency
?_Xbad_function_call@std@@YAXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QEBA_NXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
_Mtx_unlock
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?uncaught_exceptions@std@@YAHXZ
?good@ios_base@std@@QEBA_NXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
_Thrd_yield
_Thrd_sleep
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?fail@ios_base@std@@QEBA_NXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
ImmSetCandidateWindow
vcruntime140_1
__CxxFrameHandler4
vcruntime140
_CxxThrowException
_local_unwind
__current_exception_context
__current_exception
__std_type_info_destroy_list
__CxxFrameHandler3
__std_terminate
__std_exception_copy
__std_exception_destroy
_purecall
__C_specific_handler
strstr
strchr
memcpy
memset
strrchr
memmove
memcmp
memchr
api-ms-win-crt-heap-l1-1-0
_callnewh
calloc
realloc
free
malloc
api-ms-win-crt-runtime-l1-1-0
_cexit
_crt_atexit
_execute_onexit_table
_initterm
_initterm_e
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
terminate
_getpid
_beginthreadex
__sys_nerr
_errno
raise
exit
_invalid_parameter_noinfo_noreturn
strerror
api-ms-win-crt-stdio-l1-1-0
fseek
fgetc
ungetc
feof
ferror
fread
_get_stream_buffer_pointers
_open
_close
_write
_read
fopen_s
__stdio_common_vswprintf
fclose
ftell
fwrite
_lseeki64
__stdio_common_vsprintf
fopen
fgets
__stdio_common_vsprintf_s
fputs
_wfopen
_fseeki64
fgetpos
fsetpos
setvbuf
fputc
__acrt_iob_func
fflush
__stdio_common_vfprintf
__stdio_common_vsscanf
api-ms-win-crt-math-l1-1-0
_dclass
ceil
_fdclass
_fdsign
_dsign
cos
cosf
ceilf
fmodf
pow
powf
_ldsign
sin
ldexp
acosf
sinf
sqrt
sqrtf
_ldclass
log2
api-ms-win-crt-string-l1-1-0
toupper
_strdup
strncpy
isupper
strpbrk
strspn
strncmp
strcspn
tolower
strcmp
api-ms-win-crt-convert-l1-1-0
strtoul
wcstombs
strtod
strtoll
strtol
atoi
strtoull
api-ms-win-crt-utility-l1-1-0
rand
srand
qsort
api-ms-win-crt-time-l1-1-0
_gmtime64
_time64
_localtime64
api-ms-win-crt-filesystem-l1-1-0
_unlink
_access
_stat64
_wmkdir
_fstat64
_unlock_file
_lock_file
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
localeconv
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 573KB - Virtual size: 573KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 509KB - Virtual size: 726KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
asd.txt
-
test.cmd.exe windows:6 windows x64 arch:x64
Password: scam
d8c629b29d617e5840b52a1eb7e78d11
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Ton\Documents\Visual Studio 2017\Projects\Xenos\build\x64\Release\Xenos64.pdb
Imports
shlwapi
SHDeleteKeyW
SHSetValueW
dbghelp
MiniDumpWriteDump
kernel32
RaiseException
LoadResource
FindResourceW
DecodePointer
GetWindowsDirectoryW
DeleteCriticalSection
CreateProcessW
GetCurrentProcess
GetModuleFileNameW
WaitForSingleObject
GetCurrentThreadId
Sleep
CreateThread
GetLocalTime
ExitProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
FlushFileBuffers
GetFileAttributesW
ResumeThread
CloseHandle
GetNativeSystemInfo
GetModuleHandleW
DeleteFileW
LockResource
GetLastError
Wow64RevertWow64FsRedirection
CreateFileW
InitializeCriticalSectionEx
Wow64DisableWow64FsRedirection
WriteFile
VirtualProtect
SetEndOfFile
WriteConsoleW
ReadConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
GetTimeZoneInformation
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
SizeofResource
GetCommandLineW
CreateNamedPipeW
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapFree
GetConsoleMode
GetConsoleCP
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FormatMessageW
LocalFree
WideCharToMultiByte
DeviceIoControl
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
VirtualAlloc
TerminateProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetExitCodeProcess
Thread32Next
Thread32First
CreateActCtxW
GetTempPathW
UnmapViewOfFile
GetTempFileNameW
CreateFileMappingW
ReleaseActCtx
MapViewOfFile
DuplicateHandle
ResetEvent
GetTickCount
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentThread
GetSystemInfo
VirtualAllocEx
VirtualFreeEx
ActivateActCtx
GetEnvironmentVariableW
GetSystemDirectoryW
DeactivateActCtx
GetSystemWow64DirectoryW
Module32FirstW
GetCurrentDirectoryW
ReadFile
TerminateThread
GetExitCodeThread
OpenProcess
IsWow64Process
SuspendThread
GetThreadTimes
OpenThread
WriteProcessMemory
VirtualProtectEx
GetThreadContext
ReadProcessMemory
CreateRemoteThread
SetThreadContext
VirtualQueryEx
GetStringTypeW
TryEnterCriticalSection
WaitForSingleObjectEx
SwitchToThread
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
GetVersionExW
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwindEx
RtlPcToFileHeader
ExitThread
GetModuleHandleExW
GetStdHandle
GetFileType
user32
GetWindowTextW
GetMenu
CreateWindowExW
DestroyIcon
LoadIconW
ChangeWindowMessageFilterEx
EnableMenuItem
wsprintfW
GetMessageW
CreateDialogParamW
CallWindowProcW
DestroyWindow
MessageBoxW
SetWindowLongPtrW
SendMessageW
EndDialog
SetWindowTextW
LoadAcceleratorsW
ShowWindow
IsWindow
DispatchMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
SendMessageA
GetDlgItem
DialogBoxParamW
EnableWindow
comdlg32
GetOpenFileNameW
GetSaveFileNameW
shell32
CommandLineToArgvW
DragQueryFileW
ole32
CoUninitialize
CoCreateInstance
CoInitialize
advapi32
RegCreateKeyW
RegOpenKeyExW
RegEnumValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenThreadToken
RegOpenKeyW
OpenProcessToken
RegSetValueExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
Exports
Exports
??0Assembler@asmjit@@QEAA@PEAURuntime@1@@Z
??0CodeGen@asmjit@@QEAA@PEAURuntime@1@@Z
??0HostRuntime@asmjit@@QEAA@XZ
??0JitRuntime@asmjit@@QEAA@XZ
??0Runtime@asmjit@@QEAA@XZ
??0StaticRuntime@asmjit@@QEAA@PEAX_K@Z
??0VMemMgr@asmjit@@QEAA@PEAX@Z
??0X86Assembler@asmjit@@QEAA@PEAURuntime@1@I@Z
??0Zone@asmjit@@QEAA@_K@Z
??1Assembler@asmjit@@UEAA@XZ
??1CodeGen@asmjit@@UEAA@XZ
??1HostRuntime@asmjit@@UEAA@XZ
??1JitRuntime@asmjit@@UEAA@XZ
??1Runtime@asmjit@@UEAA@XZ
??1StaticRuntime@asmjit@@UEAA@XZ
??1VMemMgr@asmjit@@QEAA@XZ
??1X86Assembler@asmjit@@UEAA@XZ
??1Zone@asmjit@@QEAA@XZ
??_FVMemMgr@asmjit@@QEAAXXZ
?_alloc@Zone@asmjit@@QEAAPEAX_K@Z
?_emit@X86Assembler@asmjit@@UEAAIIAEBUOperand@2@000@Z
?_grow@Assembler@asmjit@@QEAAI_K@Z
?_grow@PodVectorBase@asmjit@@IEAAI_K0@Z
?_newLabel@Assembler@asmjit@@QEAAIPEAULabel@2@@Z
?_newLabelLink@Assembler@asmjit@@QEAAPEAULabelLink@2@XZ
?_nullData@PodVectorBase@asmjit@@2UPodVectorData@2@B
?_registerIndexedLabels@Assembler@asmjit@@QEAAI_K@Z
?_relocCode@X86Assembler@asmjit@@UEBA_KPEAX_K@Z
?_reserve@Assembler@asmjit@@QEAAI_K@Z
?_reserve@PodVectorBase@asmjit@@IEAAI_K0@Z
?_x86CondToCmovcc@asmjit@@3QBIB
?_x86CondToJcc@asmjit@@3QBIB
?_x86CondToSetcc@asmjit@@3QBIB
?_x86InstExtendedInfo@asmjit@@3QBUX86InstExtendedInfo@1@B
?_x86InstInfo@asmjit@@3QBUX86InstInfo@1@B
?_x86ReverseCond@asmjit@@3QBIB
?add@JitRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z
?add@StaticRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z
?align@X86Assembler@asmjit@@UEAAIII@Z
?alloc@VMemMgr@asmjit@@QEAAPEAX_KI@Z
?alloc@VMemUtil@asmjit@@SAPEAX_KPEA_KI@Z
?allocProcessMemory@VMemUtil@asmjit@@SAPEAXPEAX_KPEA_KI@Z
?allocZeroed@Zone@asmjit@@QEAAPEAX_K@Z
?bind@Assembler@asmjit@@UEAAIAEBULabel@2@@Z
?callCpuId@X86CpuUtil@asmjit@@SAXIIPEATX86CpuId@2@@Z
?detect@X86CpuUtil@asmjit@@SAXPEAUX86CpuInfo@2@@Z
?detectHwThreadsCount@CpuInfo@asmjit@@SAIXZ
?dup@Zone@asmjit@@QEAAPEAXPEBX_K@Z
?embed@Assembler@asmjit@@UEAAIPEBXI@Z
?embedLabel@X86Assembler@asmjit@@QEAAIAEBULabel@2@@Z
?emit@Assembler@asmjit@@QEAAII@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00_K@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0_K@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@_K@Z
?emit@Assembler@asmjit@@QEAAIIH@Z
?emit@Assembler@asmjit@@QEAAII_K@Z
?flush@HostRuntime@asmjit@@UEAAXPEAX_K@Z
?getCpuInfo@HostRuntime@asmjit@@UEAAPEBUCpuInfo@2@XZ
?getHost@CpuInfo@asmjit@@SAPEBU12@XZ
?getPageGranularity@VMemUtil@asmjit@@SA_KXZ
?getPageSize@VMemUtil@asmjit@@SA_KXZ
?getStackAlignment@HostRuntime@asmjit@@UEAAIXZ
?make@Assembler@asmjit@@UEAAPEAXXZ
?noOperand@asmjit@@3UOperand@1@B
?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KAEBUX86Reg@2@IHI@Z
?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KHI@Z
?release@JitRuntime@asmjit@@UEAAIPEAX@Z
?release@StaticRuntime@asmjit@@UEAAIPEAX@Z
?release@VMemMgr@asmjit@@QEAAIPEAX@Z
?release@VMemUtil@asmjit@@SAIPEAX_K@Z
?releaseProcessMemory@VMemUtil@asmjit@@SAIPEAX0_K@Z
?relocCode@Assembler@asmjit@@QEBA_KPEAX_K@Z
?reset@Assembler@asmjit@@QEAAX_N@Z
?reset@PodVectorBase@asmjit@@QEAAX_N@Z
?reset@VMemMgr@asmjit@@QEAAXXZ
?reset@Zone@asmjit@@QEAAX_N@Z
?sdup@Zone@asmjit@@QEAAPEADPEBD@Z
?setArch@X86Assembler@asmjit@@QEAAII@Z
?setError@CodeGen@asmjit@@QEAAIIPEBD@Z
?setErrorHandler@CodeGen@asmjit@@QEAAIPEAUErrorHandler@2@@Z
?sformat@Zone@asmjit@@QEAAPEADPEBDZZ
?shrink@VMemMgr@asmjit@@QEAAIPEAX_K@Z
?x86RegData@asmjit@@3UX86RegData@1@B
Sections
.text Size: 746KB - Virtual size: 746KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 250KB - Virtual size: 249KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 33KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 321KB - Virtual size: 321KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ