C:\__w\1\s\Dev\Bin\Win10x64\Solitaire\Shipping\Solitaire.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
solitaire.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
solitaire.exe
Resource
win10v2004-20240221-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
solitaire.exe
-
Size
20.4MB
-
MD5
925cde435221b4e6328a9e0a49511d47
-
SHA1
425b6f7582ef01bac80c6007e1cf9d6dffc5f5f8
-
SHA256
7a93eab541888e8de49e0feb23d5a9b8597e8e2a60b120053e288f648c6a88fa
-
SHA512
1ac6cb1108c97f03fcd38556fb5894bb3df7b1cbf6ff8ad4c7caeaaabd7af0179d600031c7ecfeca910acfc229f53049bdb26711e4109e6aa31abbc0181965a5
-
SSDEEP
393216:5pzhdsH28ej9InHnOuGV1sEsKSJ3DR1kEzHncQqiCHnHY4YF+2FVYK:rzhdsHWhxK
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource solitaire.exe
Files
-
solitaire.exe.exe windows:6 windows x64 arch:x64
f40c46451ef518c574ec544017507f86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
microsoft.applications.telemetry.windows.native
?SetPolicyBitFlags@EventProperties@Events@Applications@Microsoft@@QEAAX_K@Z
?SetProperty@EventProperties@Events@Applications@Microsoft@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBDW4PiiKind@234@W4DataCategory@234@@Z
?SetPriority@EventProperties@Events@Applications@Microsoft@@QEAAXW4EventPriority@234@@Z
??0EventProperties@Events@Applications@Microsoft@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetProperty@EventProperties@Events@Applications@Microsoft@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0W4PiiKind@234@W4DataCategory@234@@Z
??1EventProperties@Events@Applications@Microsoft@@UEAA@XZ
?SetProperty@EventProperties@Events@Applications@Microsoft@@QEAAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_JW4PiiKind@234@W4DataCategory@234@@Z
?DetachEventSource@DebugEventSource@Events@Applications@Microsoft@@UEAA_NAEAV1234@@Z
?AttachEventSource@DebugEventSource@Events@Applications@Microsoft@@UEAA_NAEAV1234@@Z
?RemoveEventListener@DebugEventSource@Events@Applications@Microsoft@@UEAAXW4DebugEventType@234@AEAVDebugEventListener@234@@Z
?AddEventListener@DebugEventSource@Events@Applications@Microsoft@@UEAAXW4DebugEventType@234@AEAVDebugEventListener@234@@Z
?DispatchEvent@DebugEventSource@Events@Applications@Microsoft@@UEAA_NVDebugEvent@234@@Z
?AddModule@ILogConfiguration@Events@Applications@Microsoft@@QEAAXPEBDAEBV?$shared_ptr@VIModule@Events@Applications@Microsoft@@@std@@@Z
?GetModules@ILogConfiguration@Events@Applications@Microsoft@@QEAAAEAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$shared_ptr@VIModule@Events@Applications@Microsoft@@@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$shared_ptr@VIModule@Events@Applications@Microsoft@@@2@@std@@@2@@std@@XZ
??DILogConfiguration@Events@Applications@Microsoft@@QEAAAEAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VVariant@Events@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VVariant@Events@Applications@Microsoft@@@std@@@2@@std@@XZ
?Release@LogManagerProvider@Events@Applications@Microsoft@@SA?AW4status_t@234@AEAVILogConfiguration@234@@Z
?Get@LogManagerProvider@Events@Applications@Microsoft@@CAPEAVILogManager@234@AEAVILogConfiguration@234@AEAW4status_t@234@@Z
??AILogConfiguration@Events@Applications@Microsoft@@QEAAAEAVVariant@123@PEBD@Z
d3d11
D3D11CreateDevice
ws2_32
WSAGetLastError
setsockopt
recv
send
shutdown
select
connect
WSAStartup
closesocket
WSACleanup
getaddrinfo
freeaddrinfo
ioctlsocket
socket
WSAPoll
ole32
CoCreateInstanceFromApp
CoInitializeEx
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoUninitialize
CoGetContextToken
CoIncrementMTAUsage
api-ms-win-core-synch-l1-1-0
InitializeCriticalSectionEx
DeleteCriticalSection
CreateSemaphoreExW
CreateEventExW
TryAcquireSRWLockExclusive
SleepEx
ResetEvent
AcquireSRWLockExclusive
WaitForMultipleObjectsEx
LeaveCriticalSection
WaitForSingleObjectEx
SetEvent
WaitForSingleObject
CreateEventW
ReleaseSRWLockExclusive
ReleaseSRWLockShared
TryEnterCriticalSection
AcquireSRWLockShared
ReleaseSemaphore
EnterCriticalSection
api-ms-win-eventing-provider-l1-1-0
EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer
api-ms-win-core-threadpool-l1-2-0
WaitForThreadpoolWaitCallbacks
SetThreadpoolTimer
SubmitThreadpoolWork
CreateThreadpoolWork
CreateThreadpoolWait
CloseThreadpoolWork
WaitForThreadpoolWorkCallbacks
CallbackMayRunLong
DisassociateCurrentThreadFromCallback
CloseThreadpoolWait
WaitForThreadpoolTimerCallbacks
SetThreadpoolWait
CloseThreadpoolTimer
CreateThreadpoolTimer
api-ms-win-core-fibers-l1-1-0
FlsAlloc
FlsGetValue
FlsSetValue
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceComplete
InitOnceBeginInitialize
InitializeConditionVariable
SleepConditionVariableSRW
WaitOnAddress
WakeAllConditionVariable
WakeByAddressAll
WakeByAddressSingle
WakeConditionVariable
SleepConditionVariableCS
InitOnceExecuteOnce
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
SwitchToThread
GetCurrentProcess
GetCurrentThread
SetThreadPriority
GetCurrentThreadId
ResumeThread
CreateThread
api-ms-win-core-errorhandling-l1-1-0
SetErrorMode
GetErrorMode
GetLastError
RaiseException
SetLastError
SetUnhandledExceptionFilter
api-ms-win-core-sysinfo-l1-1-0
GetTickCount64
GetLogicalProcessorInformationEx
GetLocalTime
GetSystemTime
GetSystemTimeAsFileTime
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
FileTimeToSystemTime
GetDynamicTimeZoneInformation
SystemTimeToTzSpecificLocalTimeEx
api-ms-win-core-heap-l1-1-0
HeapFree
HeapAlloc
GetProcessHeap
api-ms-win-core-localization-l1-2-0
GetGeoInfoW
ResolveLocaleName
FormatMessageW
FormatMessageA
GetUserGeoID
GetLocaleInfoEx
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
api-ms-win-core-io-l1-1-1
GetOverlappedResultEx
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
OutputDebugStringA
api-ms-win-core-processenvironment-l1-1-0
GetCurrentDirectoryW
api-ms-win-core-psapi-l1-1-0
K32GetProcessMemoryInfo
K32GetModuleInformation
api-ms-win-core-errorhandling-l1-1-3
GetThreadErrorMode
SetThreadErrorMode
api-ms-win-core-memory-l1-1-0
VirtualFree
FlushViewOfFile
UnmapViewOfFile
VirtualQuery
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
GetProcAddress
GetModuleFileNameW
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureStackBackTrace
api-ms-win-core-file-l1-1-0
SetEndOfFile
GetFinalPathNameByHandleW
FlushFileBuffers
WriteFile
RemoveDirectoryW
DeleteFileW
GetFileAttributesExW
GetFileAttributesW
GetFileSizeEx
ReadFile
SetFilePointerEx
FindFirstFileExW
FindNextFileW
FindClose
SetFileInformationByHandle
CreateDirectoryW
mmdevapi
ord17
api-ms-win-core-winrt-error-l1-1-0
RoFailFastWithErrorContext
SetRestrictedErrorInfo
GetRestrictedErrorInfo
RoOriginateError
ntdll
RtlIpv6StringToAddressExA
RtlIpv4AddressToStringExA
RtlIpv4StringToAddressExA
RtlIpv6AddressToStringExA
dwrite
DWriteCreateFactory
api-ms-win-core-file-l1-2-0
CreateFile2
api-ms-win-core-file-l2-1-0
GetFileInformationByHandleEx
api-ms-win-core-windowserrorreporting-l1-1-0
WerRegisterFile
api-ms-win-core-memory-l1-1-1
MapViewOfFileFromApp
CreateFileMappingFromApp
rpcrt4
UuidFromStringW
api-ms-win-core-datetime-l1-1-1
GetDateFormatEx
GetTimeFormatEx
api-ms-win-gaming-tcui-l1-1-0
ShowProfileCardUI
ProcessPendingGameUI
ShowChangeFriendRelationshipUI
api-ms-win-gaming-tcui-l1-1-2
ShowProfileCardUIForUser
ShowChangeFriendRelationshipUIForUser
api-ms-win-core-winrt-string-l1-1-0
WindowsPromoteStringBuffer
WindowsCreateString
WindowsCreateStringReference
WindowsDeleteString
WindowsDeleteStringBuffer
WindowsDuplicateString
WindowsGetStringRawBuffer
WindowsIsStringEmpty
WindowsConcatString
WindowsCompareStringOrdinal
WindowsGetStringLen
WindowsPreallocateStringBuffer
api-ms-win-core-winrt-l1-1-0
RoInitialize
RoGetActivationFactory
RoActivateInstance
api-ms-win-core-synch-l1-2-1
CreateSemaphoreW
WaitForMultipleObjects
xaudio2_9
ord1
vccorlib140_app
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
??0OutOfBoundsException@Platform@@QE$AAA@XZ
??0ChangedStateException@Platform@@QE$AAA@XZ
??0OutOfMemoryException@Platform@@QE$AAA@XZ
??0Object@Platform@@QE$AAA@XZ
?Free@Heap@Details@Platform@@SAXPEAX@Z
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
??0FailureException@Platform@@QE$AAA@XZ
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
??0InvalidArgumentException@Platform@@QE$AAA@PE$AAVString@1@@Z
?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z
?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z
?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?ToString@Guid@Platform@@QEAAPE$AAVString@2@XZ
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
??0Delegate@Platform@@QE$AAA@XZ
?Allocate@Heap@Details@Platform@@SAPEAX_K@Z
?GetCmdArguments@Details@Platform@@YAPEAPEA_WPEAH@Z
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?ResolveWeakReference@Details@Platform@@YAPE$AAVObject@2@AEBU_GUID@@PEAPEAU__abi_IUnknown@@@Z
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?__abi_WinRTraiseFailureException@@YAXXZ
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?UninitializeData@Details@Platform@@YAXH@Z
?__abi_translateCurrentException@@YAJ_N@Z
?InitializeData@Details@Platform@@YAJH@Z
?ToString@Enum@Platform@@QE$AAAPE$AAVString@2@XZ
?Equals@Boolean@Platform@@QEAA_NPE$AAVObject@2@@Z
?get@FullName@Type@Platform@@QE$AAAPE$AAVString@3@XZ
??0COMException@Platform@@QE$AAA@H@Z
?Contains@Rect@Foundation@Windows@@QEAA_NVPoint@23@@Z
?GetType@Object@Platform@@QE$AAAPE$AAVType@2@XZ
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
??0FailureException@Platform@@QE$AAA@PE$AAVString@1@@Z
??0NullReferenceException@Platform@@QE$AAA@XZ
?__abi_cast_Object_to_String@__abi_details@@YAPE$AAVString@Platform@@_NPE$AAVObject@3@@Z
??0DisconnectedException@Platform@@QE$AAA@XZ
??0GridLength@Xaml@UI@Windows@@QEAA@NW4GridUnitType@123@@Z
??0Rect@Foundation@Windows@@QEAA@VPoint@12@VSize@12@@Z
?GetWeakReference@Details@Platform@@YAPEAU__abi_IUnknown@@QE$ADVObject@2@@Z
msvcp140_app
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xbad_alloc@std@@YAXXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
??Bid@locale@std@@QEAA_KXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?id@?$ctype@D@std@@2V0locale@2@A
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
_Mtx_trylock
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_sleep
_Xtime_get_ticks
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Random_device@std@@YAIXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
_Cnd_signal
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Xout_of_range@std@@YAXPEBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPEBD@Z
_Unlock_shared_ptr_spin_lock
_Lock_shared_ptr_spin_lock
?id@?$numpunct@_W@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Getname@_Locinfo@std@@QEBAPEBDXZ
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_Xruntime_error@std@@YAXPEBD@Z
?classic@locale@std@@SAAEBV12@XZ
?_Winerror_map@std@@YAHH@Z
_Thrd_hardware_concurrency
_Thrd_join
_Thrd_detach
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?get_new_handler@std@@YAP6AXXZXZ
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
?__ExceptionPtrCompare@@YA_NPEBX0@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?_Syserror_map@std@@YAPEBDH@Z
_Thrd_current
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
_Mbrtowc
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
_Query_perf_frequency
_Query_perf_counter
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrRethrow@@YAXPEBX@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
_Cnd_wait
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
_Cnd_broadcast
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Cnd_destroy_in_situ
_Cnd_init_in_situ
?get@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD4@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
_Strcoll
_Strxfrm
?id@?$collate@D@std@@2V0locale@2@A
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Xbad_function_call@std@@YAXXZ
msvcp140_1_app
_Aligned_get_default_resource
concrt140_app
?set@event@Concurrency@@QEAAXXZ
?wait@event@Concurrency@@QEAA_KI@Z
??1event@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
vcruntime140_1_app
__CxxFrameHandler4
vcruntime140_app
__intrinsic_setjmp
__CxxFrameHandler3
__RTDynamicCast
memmove
__current_exception_context
memchr
_CxxThrowException
longjmp
strrchr
strstr
memset
__current_exception
_get_purecall_handler
_set_purecall_handler
__RTtypeid
__C_specific_handler
__std_type_info_compare
strchr
_purecall
__std_terminate
memcpy
__std_exception_destroy
__std_exception_copy
memcmp
api-ms-win-crt-runtime-l1-1-0
signal
_set_invalid_parameter_handler
_set_thread_local_invalid_parameter_handler
_get_thread_local_invalid_parameter_handler
_get_invalid_parameter_handler
_register_thread_local_exe_atexit_callback
strerror_s
_c_exit
_exit
_resetstkoflw
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_beginthreadex
_set_app_type
_seh_filter_exe
_cexit
_crt_at_quick_exit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_get_terminate
set_terminate
_initialize_narrow_environment
_configure_narrow_argv
__fpe_flt_rounds
_invalid_parameter_noinfo_noreturn
_errno
fesetround
terminate
fegetround
_invalid_parameter_noinfo
abort
api-ms-win-crt-heap-l1-1-0
realloc
_set_new_mode
_aligned_free
_aligned_malloc
calloc
free
malloc
_callnewh
api-ms-win-crt-math-l1-1-0
round
_ldsign
fmaxf
fminf
__setusermatherr
_dsign
atan2f
modff
asinf
_fdsign
log
pow
modf
fmodf
exp
sqrt
log10
copysignf
tanf
trunc
sinf
cosf
ceilf
log2
floorf
logf
sqrtf
expf
log10f
floor
ceil
_finite
roundf
acosf
_ldclass
fmax
_fdclass
_dclass
truncf
cos
rint
rintf
nextafterf
log2f
lround
powf
remainderf
api-ms-win-crt-convert-l1-1-0
strtof
_ui64toa_s
strtoll
atoi
wcstod
strtol
_i64toa_s
strtoull
strtoul
_ui64tow_s
_i64tow_s
api-ms-win-crt-string-l1-1-0
wcsnlen
strcpy_s
isdigit
tolower
wcsncpy_s
strncat_s
isspace
strncmp
strncpy
strcmp
isalnum
isalpha
strncpy_s
_strdup
_stricmp
_strnicmp
wcsncat_s
toupper
strnlen
wcslen
api-ms-win-crt-time-l1-1-0
_mktime64
_localtime64_s
_gmtime64_s
_time64
strftime
api-ms-win-crt-locale-l1-1-0
localeconv
_create_locale
_setmbcp
_configthreadlocale
___lc_codepage_func
_free_locale
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vswprintf_s
fwrite
ferror
fread
fopen_s
__stdio_common_vsscanf
fclose
fputc
_ftelli64
__stdio_common_vsprintf
_fseeki64
_set_fmode
ungetc
_get_osfhandle
__stdio_common_vsnprintf_s
fflush
_wfsopen
__p__commode
setvbuf
fsetpos
fgetpos
fgetc
_get_stream_buffer_pointers
fread_s
__stdio_common_vsprintf_s
__stdio_common_vfprintf
__stdio_common_vfprintf_s
__acrt_iob_func
api-ms-win-crt-utility-l1-1-0
rand
qsort
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
remove
_wmkdir
api-ms-win-core-processthreads-l1-1-1
SetThreadIdealProcessorEx
api-ms-win-core-libraryloader-l2-1-0
LoadPackagedLibrary
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-util-l1-1-0
DecodePointer
api-ms-win-core-winrt-error-l1-1-1
RoReportUnhandledError
RoOriginateLanguageException
api-ms-win-core-heap-l2-1-0
LocalFree
api-ms-win-core-interlocked-l1-1-0
InterlockedPushEntrySList
InitializeSListHead
api-ms-win-core-memory-l1-1-3
VirtualAllocFromApp
api-ms-win-core-sysinfo-l1-2-0
GetNativeSystemInfo
oleaut32
SysFreeString
SetErrorInfo
GetErrorInfo
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
Exports
Exports
g_pAKPluginList
Sections
.text Size: 14.3MB - Virtual size: 14.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rodata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.7MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 575KB - Virtual size: 574KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ