Static task
static1
Behavioral task
behavioral1
Sample
notepad.exe
Resource
win7-20240221-en
windows7-x64
General
-
Target
notepad.exe
-
Size
12.4MB
-
MD5
d8f5d136a1698906d5e61966e783a7f2
-
SHA1
d85c3d3b5f761d2d66b7dbcd7b584395977daa2d
-
SHA256
f85438295ac18f4088eebfe9676cb54a76c9fb6e619c4ee188638d0a0e0b8efa
-
SHA512
7170233909a89078951792d0ecaabb0056054af95a90fa301e2b36623dccfe7cf6e033f732c33837ab7871030f6a7d1c0cbf6518735465e677b4c90e97871fc1
-
SSDEEP
196608:1mguulYKx0WSYr1kfWmuvvrOwJsv6tWKFdu9CQMHF:1mguulYKx0pYr1kKOwJsv6tWKFdu9C3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource notepad.exe
Files
-
notepad.exe.exe windows:6 windows x64 arch:x64
e186117a2564092bd9714852ac4b6c46
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
GetVolumePathNamesForVolumeNameW
FindFirstFileW
FindClose
GetFullPathNameW
GetFileAttributesExW
ResetEvent
GetUserPreferredUILanguages
GetTimeFormatW
GetDateFormatW
GetCurrencyFormatW
GetUserDefaultLCID
WaitForSingleObject
TerminateThread
ResumeThread
SetThreadPriority
GetThreadPriority
GetFileInformationByHandle
CreateThread
GetCurrentThread
DuplicateHandle
TlsGetValue
SetFileTime
SetErrorMode
GetLogicalDrives
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
GetTempPathW
GetCurrentDirectoryW
CopyFileW
MoveFileW
MoveFileExW
DeleteFileW
FileTimeToSystemTime
GetModuleFileNameW
GetStartupInfoW
FlushFileBuffers
SetFilePointerEx
SetEndOfFile
RegisterWaitForSingleObject
UnregisterWaitEx
CompareStringW
FindFirstChangeNotificationW
FindCloseChangeNotification
WideCharToMultiByte
GetFileSizeEx
GetSystemInfo
FreeLibrary
TlsSetValue
TlsFree
TlsAlloc
LoadLibraryW
GetSystemDirectoryW
SetEvent
CreateEventW
GetCurrentProcess
IsProcessorFeaturePresent
OutputDebugStringW
GetSystemTime
GetLocalTime
GetCommandLineW
CompareStringEx
InitializeCriticalSection
ExitProcess
GetConsoleWindow
GetDriveTypeW
GetVolumeInformationW
GetLongPathNameW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
WriteFile
GetUserDefaultLangID
GlobalSize
CreateProcessW
ExpandEnvironmentStringsW
GlobalUnlock
GlobalLock
GlobalAlloc
GetLocaleInfoW
CheckRemoteDebuggerPresent
WTSGetActiveConsoleSessionId
LocalFree
FormatMessageW
GetCurrentThreadId
lstrcmpW
FindFirstFileExW
FindNextFileW
GetModuleHandleExW
GetTimeZoneInformation
GetUserGeoID
GetGeoInfoW
GetExitCodeProcess
CreateMutexW
ReleaseMutex
GetLocaleInfoEx
SetFileInformationByHandle
AreFileApisANSI
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
WaitForMultipleObjects
PeekNamedPipe
ReadFile
GetFileType
ExpandEnvironmentStringsA
WaitForSingleObjectEx
GetTickCount
QueryPerformanceCounter
VerifyVersionInfoA
GetModuleHandleA
QueryPerformanceFrequency
VerSetConditionMask
SleepEx
LeaveCriticalSection
EnterCriticalSection
FormatMessageA
SetLastError
SetConsoleTitleA
SetConsoleTextAttribute
AllocConsole
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WinExec
GetSystemDirectoryA
GetTickCount64
GlobalMemoryStatusEx
GetStdHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
WriteProcessMemory
ReadProcessMemory
OpenProcess
TerminateProcess
CreateFileA
CreateDirectoryA
LoadLibraryA
VirtualFree
VirtualAlloc
GetVersionExA
GetCurrentProcessId
DeviceIoControl
CloseHandle
GetTempPathA
CreateFileW
GetProcAddress
GetModuleHandleW
Sleep
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
GetFileInformationByHandleEx
FindNextChangeNotification
user32
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetSysColorBrush
LoadImageW
GetCursorPos
GetWindowLongW
GetWindowThreadProcessId
GetSystemMenu
AdjustWindowRectEx
IsTouchWindow
PostMessageW
MonitorFromPoint
GetWindow
GetWindowRect
GetMenu
IsWindowVisible
SetWindowPos
SetWindowLongPtrW
SetWindowRgn
CreateWindowExW
ScreenToClient
IsZoomed
SetWindowTextW
GetWindowLongPtrW
GetWindowPlacement
DestroyCursor
GetCapture
DestroyIcon
RegisterTouchWindow
ClientToScreen
IsChild
SetWindowPlacement
AttachThreadInput
GetForegroundWindow
MoveWindow
UnregisterTouchWindow
SetLayeredWindowAttributes
SetFocus
GetUpdateRect
SetParent
SetCapture
SetCursor
FlashWindowEx
SetWindowLongW
GetClientRect
UpdateLayeredWindow
EnableMenuItem
GetParent
ReleaseCapture
SetForegroundWindow
InvalidateRect
GetAncestor
IsIconic
BeginPaint
EndPaint
MessageBeep
IsWindow
GetDoubleClickTime
GetCaretBlinkTime
UpdateLayeredWindowIndirect
DefWindowProcW
GetClassInfoW
GetDC
GetSysColor
GetDesktopWindow
ReleaseDC
GetSystemMetrics
SystemParametersInfoW
TrackPopupMenuEx
ToUnicode
PeekMessageW
SetMenuItemInfoW
GetKeyboardState
MapVirtualKeyW
GetKeyState
LoadIconW
CreateMenu
AppendMenuW
RemoveMenu
InsertMenuW
DrawMenuBar
DestroyMenu
SetMenu
TrackPopupMenu
CreatePopupMenu
ModifyMenuW
GetMenuItemInfoW
RegisterClipboardFormatW
EnumDisplayDevicesW
RegisterClassW
GetClipboardFormatNameW
SetCursorPos
LoadCursorW
CreateCursor
CreateIconIndirect
GetCursorInfo
GetCursor
GetIconInfo
TrackMouseEvent
GetAsyncKeyState
GetMessageExtraInfo
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW
EnumWindows
RealGetWindowClassW
ChangeWindowMessageFilterEx
MessageBoxW
DrawIconEx
KillTimer
GetQueueStatus
SetTimer
CallNextHookEx
SetWindowsHookExW
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
UnhookWindowsHookEx
CharNextExA
UnregisterDeviceNotification
RegisterDeviceNotificationW
MessageBoxA
ShowWindow
FindWindowA
WindowFromPoint
GetKeyboardLayoutList
RegisterClassExW
ChildWindowFromPointEx
UnregisterClassW
GetFocus
ChangeClipboardChain
IsHungAppWindow
SetClipboardViewer
RegisterWindowMessageW
ShowCaret
DestroyCaret
IsWindowEnabled
GetKeyboardLayout
CreateCaret
SetCaretPos
HideCaret
GetMonitorInfoW
EnumDisplayMonitors
MonitorFromWindow
DestroyWindow
ToAscii
SendMessageW
advapi32
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
GetEffectiveRightsFromAclW
AccessCheck
MapGenericMask
LookupAccountSidW
GetNamedSecurityInfoW
AllocateAndInitializeSid
DuplicateToken
BuildTrusteeWithSidW
CopySid
GetLengthSid
OpenProcessToken
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
OpenEventLogA
CloseEventLog
ClearEventLogA
StartServiceA
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
EnumServicesStatusA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
FreeSid
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
SystemFunction036
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegFlushKey
shell32
SHGetStockIconInfo
SHGetFileInfoW
ord727
SHCreateItemFromIDList
ShellExecuteW
Shell_NotifyIconGetRect
CommandLineToArgvW
SHGetMalloc
SHCreateItemFromParsingName
SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW
ShellExecuteA
SHGetKnownFolderIDList
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
uxtheme
GetThemeColor
OpenThemeData
GetThemeInt
GetThemeMargins
GetThemePartSize
GetThemeEnumValue
GetThemeTransitionDuration
GetThemePropertyOrigin
GetThemeBool
ord47
IsThemeActive
GetCurrentThemeName
GetThemeBackgroundRegion
SetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
CloseThemeData
dwmapi
DwmGetWindowAttribute
DwmIsCompositionEnabled
DwmEnableBlurBehindWindow
DwmSetWindowAttribute
imm32
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmNotifyIME
ImmAssociateContextEx
ImmGetOpenStatus
ImmAssociateContext
userenv
GetUserProfileDirectoryW
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW
netapi32
NetApiBufferFree
NetShareEnum
ws2_32
getsockopt
htons
ntohs
setsockopt
WSAIoctl
WSAStartup
WSACleanup
WSAGetLastError
getaddrinfo
freeaddrinfo
socket
__WSAFDIsSet
recvfrom
sendto
select
WSASetLastError
accept
getpeername
listen
ioctlsocket
gethostname
htonl
ntohl
WSAAsyncSelect
recv
send
connect
bind
getsockname
closesocket
winmm
timeSetEvent
PlaySoundW
timeKillEvent
msvcp140
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?tolower@?$ctype@D@std@@QEBADD@Z
?classic@locale@std@@SAAEBV12@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Xbad_function_call@std@@YAXXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Random_device@std@@YAIXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??Bios_base@std@@QEBA_NXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Xbad_alloc@std@@YAXXZ
?uncaught_exceptions@std@@YAHXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?is@?$ctype@D@std@@QEBA_NFD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Thrd_sleep
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xlength_error@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?setf@ios_base@std@@QEAAHH@Z
?setf@ios_base@std@@QEAAHHH@Z
?unsetf@ios_base@std@@QEAAXH@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??7ios_base@std@@QEBA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
ntdll
RtlLookupFunctionEntry
NtQuerySystemInformation
RtlCaptureContext
RtlVirtualUnwind
RtlAdjustPrivilege
NtRaiseHardError
urlmon
URLDownloadToFileA
normaliz
IdnToAscii
wldap32
ord33
ord32
ord35
ord27
ord26
ord22
ord41
ord50
ord45
ord60
ord211
ord217
ord143
ord301
ord200
ord79
ord46
ord30
crypt32
CertOpenStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertAddCertificateContextToStore
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CertCloseStore
vcruntime140
strchr
strrchr
memchr
__RTDynamicCast
memcmp
strstr
__std_exception_destroy
__std_exception_copy
memmove
wcsrchr
_purecall
longjmp
__std_terminate
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
__intrinsic_setjmp
memcpy
memset
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-heap-l1-1-0
_callnewh
calloc
free
_set_new_mode
realloc
malloc
api-ms-win-crt-string-l1-1-0
isspace
strcpy_s
isdigit
strncmp
_strdup
strcpy
wcsncmp
wcscmp
toupper
strlen
isupper
_stricmp
strspn
strcspn
strpbrk
strcat_s
strcmp
tolower
strncpy
wcslen
api-ms-win-crt-stdio-l1-1-0
fputc
fsetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
__stdio_common_vsnprintf_s
_fseeki64
fwrite
__stdio_common_vfprintf
__acrt_iob_func
setvbuf
_open_osfhandle
ungetc
_lseeki64
_open
__stdio_common_vsprintf
_close
__p__commode
freopen
ftell
_set_fmode
feof
_read
_write
fseek
_get_osfhandle
_ftelli64
_fileno
fread
fopen
fputs
__stdio_common_vsscanf
fgetpos
fgets
api-ms-win-crt-runtime-l1-1-0
_get_narrow_winmain_command_line
_initterm_e
_exit
_set_app_type
__p___argv
__sys_nerr
__p___argc
strerror
abort
_seh_filter_exe
_cexit
terminate
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
_errno
system
exit
_register_onexit_function
_beginthreadex
_initialize_onexit_table
_getpid
_endthreadex
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_initterm
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
remove
_waccess
_wchmod
_fstat64
_access
_stat64i32
_stat64
api-ms-win-crt-math-l1-1-0
ceil
sqrt
pow
lround
trunc
tan
fabs
cos
sin
atan
floor
acosf
acos
atan2
_dtest
cosf
log
sinf
asin
round
exp
__setusermatherr
log10
floorf
api-ms-win-crt-convert-l1-1-0
atoi
strtoul
strtoull
strtoll
strtol
api-ms-win-crt-environment-l1-1-0
_wgetenv_s
getenv
_dupenv_s
getenv_s
api-ms-win-crt-time-l1-1-0
_mktime64
_localtime64_s
_gmtime64
_get_timezone
_get_tzname
_tzset
_time64
strftime
api-ms-win-crt-utility-l1-1-0
_rotl
qsort
_rotl64
_byteswap_ulong
bsearch
rand_s
_byteswap_ushort
abs
_byteswap_uint64
rand
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
setlocale
_configthreadlocale
gdi32
SwapBuffers
ChoosePixelFormat
GetPixelFormat
SetPixelFormat
SetLayout
OffsetRgn
GetDIBits
CombineRgn
DeleteObject
SelectClipRgn
BitBlt
DeleteDC
CreateRectRgn
GdiFlush
CreateCompatibleDC
SelectObject
CreateDIBSection
DescribePixelFormat
CreateBitmap
CreateCompatibleBitmap
GetObjectW
GetBitmapBits
CreateFontIndirectW
GetFontData
EnumFontFamiliesExW
AddFontMemResourceEx
GetDeviceCaps
RemoveFontMemResourceEx
GetTextMetricsW
AddFontResourceExW
RemoveFontResourceExW
ExtTextOutW
SetTextAlign
SetBkMode
SetTextColor
GetCharABCWidthsW
GetCharABCWidthsI
GetCharABCWidthsFloatW
GetGlyphOutlineW
SetWorldTransform
CreateDCW
GetStockObject
GetTextFaceW
GetOutlineTextMetricsW
SetGraphicsMode
GetRegionData
GetTextExtentPoint32W
ole32
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
OleGetClipboard
OleFlushClipboard
RevokeDragDrop
CoUninitialize
CoInitializeEx
CoCreateInstance
DoDragDrop
ReleaseStgMedium
CoTaskMemFree
CoGetMalloc
CoCreateGuid
StringFromGUID2
CoLockObjectExternal
RegisterDragDrop
OleUninitialize
CoInitialize
oleaut32
SysFreeString
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString
Sections
.text Size: 7.9MB - Virtual size: 7.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 77KB - Virtual size: 154KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 261KB - Virtual size: 261KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmetad Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmimed Size: 315KB - Virtual size: 315KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 245KB - Virtual size: 245KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ