General

Malware Config

Signatures

Files

• 15577348643.zip

  .zip

  Password: infected

• 042f44b403997dda7e6dd769847722798b7d0e5e7cd981468444a3cbe56f5705

  .dll windows:6 windows x86 arch:x86

  0aa729f93be7ce5085b95edf635ea24b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetLastError

  LoadLibraryA

  SubmitThreadpoolWork

  CreateThreadpoolWork

  GetModuleFileNameA

  FileTimeToSystemTime

  LocalFree

  FormatMessageA

  WriteConsoleW

  MultiByteToWideChar

  WideCharToMultiByte

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  LCMapStringEx

  GetLocaleInfoEx

  GetStringTypeW

  CompareStringEx

  GetCPInfo

  CloseHandle

  InitializeCriticalSectionAndSpinCount

  SetEvent

  ResetEvent

  WaitForSingleObjectEx

  CreateEventW

  GetModuleHandleW

  GetProcAddress

  IsProcessorFeaturePresent

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsDebuggerPresent

  GetStartupInfoW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  SetLastError

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapAlloc

  HeapFree

  GetDateFormatW

  GetTimeFormatW

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetStdHandle

  GetFileType

  HeapReAlloc

  GetTimeZoneInformation

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetEnvironmentVariableW

  GetProcessHeap

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  SetStdHandle

  GetFileSizeEx

  SetFilePointerEx

  HeapSize

  CreateFileW

  Exports

  Exports

  IsInteractiveUserSession

  QueryActiveSession

  QueryUserToken

  RegisterUsertokenForNoWinlogon

  WTSCloseServer

  WTSConnectSessionA

  WTSConnectSessionW

  WTSCreateListenerA

  WTSCreateListenerW

  WTSDisconnectSession

  WTSEnableChildSessions

  WTSEnumerateListenersA

  WTSEnumerateListenersW

  WTSEnumerateProcessesA

  WTSEnumerateProcessesExA

  WTSEnumerateProcessesExW

  WTSEnumerateProcessesW

  WTSEnumerateServersA

  WTSEnumerateServersW

  WTSEnumerateSessionsA

  WTSEnumerateSessionsExA

  WTSEnumerateSessionsExW

  WTSEnumerateSessionsW

  WTSFreeMemory

  WTSFreeMemoryExA

  WTSFreeMemoryExW

  WTSGetChildSessionId

  WTSGetListenerSecurityA

  WTSGetListenerSecurityW

  WTSIsChildSessionsEnabled

  WTSLogoffSession

  WTSOpenServerA

  WTSOpenServerExA

  WTSOpenServerExW

  WTSOpenServerW

  WTSQueryListenerConfigA

  WTSQueryListenerConfigW

  WTSQuerySessionInformationA

  WTSQuerySessionInformationW

  WTSQueryUserConfigA

  WTSQueryUserConfigW

  WTSQueryUserToken

  WTSRegisterSessionNotification

  WTSRegisterSessionNotificationEx

  WTSSendMessageA

  WTSSendMessageW

  WTSSetListenerSecurityA

  WTSSetListenerSecurityW

  WTSSetRenderHint

  WTSSetSessionInformationA

  WTSSetSessionInformationW

  WTSSetUserConfigA

  WTSSetUserConfigW

  WTSShutdownSystem

  WTSStartRemoteControlSessionA

  WTSStartRemoteControlSessionW

  WTSStopRemoteControlSession

  WTSTerminateProcess

  WTSUnRegisterSessionNotification

  WTSUnRegisterSessionNotificationEx

  WTSVirtualChannelClose

  WTSVirtualChannelOpen

  WTSVirtualChannelOpenEx

  WTSVirtualChannelPurgeInput

  WTSVirtualChannelPurgeOutput

  WTSVirtualChannelQuery

  WTSVirtualChannelRead

  WTSVirtualChannelWrite

  WTSWaitSystemEvent

  Sections

  .text

  Size: 288KB - Virtual size: 288KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 71KB - Virtual size: 70KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• 27679b5a935882d53a50630b65c438252da32a645879f73efbda9739490000f5

  .zip
• LoggingPlatform.dll

  .dll windows:6 windows x86 arch:x86

  c4217bcf28c427e746fd876322b449a0

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  c2:9c:91:65:1e:e1:a8:d6:29:28:cd:54:80:41:ea:9c:ea:58:31:eb:6c:2c:e0:b9:b8:6e:74:64:1a:bb:38:a3

  Signer

  Actual PE Digest

  c2:9c:91:65:1e:e1:a8:d6:29:28:cd:54:80:41:ea:9c:ea:58:31:eb:6c:2c:e0:b9:b8:6e:74:64:1a:bb:38:a3

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\Logging\dll\obj\i386\LoggingPlatform.pdb

  Imports

  kernel32

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  CompareStringOrdinal

  GetFileAttributesW

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  GetCommandLineW

  CopyFileW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetFinalPathNameByHandleW

  GetProcessTimes

  IsDebuggerPresent

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetLastError

  OpenFileById

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  QueryPerformanceCounter

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetDiskFreeSpaceExW

  VerifyVersionInfoW

  VerSetConditionMask

  DeleteCriticalSection

  InitializeCriticalSectionEx

  MultiByteToWideChar

  WideCharToMultiByte

  IsWow64Process

  CreateProcessW

  CreateMutexW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetModuleFileNameW

  GetModuleHandleW

  GetCurrentProcess

  GetSystemTimeAsFileTime

  WaitForSingleObject

  TerminateProcess

  Sleep

  MoveFileW

  K32GetModuleFileNameExW

  OpenProcess

  LocalFree

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  FindClose

  FindNextFileW

  FindFirstFileW

  DeviceIoControl

  CompareFileTime

  DeleteFileW

  CreateDirectoryW

  WerUnregisterFile

  WerRegisterFile

  WriteFile

  CloseHandle

  SetFileTime

  SystemTimeToFileTime

  GetSystemTime

  GetLastError

  CreateFileW

  GetCurrentThreadId

  UnhandledExceptionFilter

  GetSystemTimes

  GetCurrentProcessId

  user32

  SendMessageTimeoutW

  DestroyWindow

  DispatchMessageW

  TranslateMessage

  ShowWindow

  GetMessageW

  CreateWindowExW

  GetClassNameW

  EnumWindows

  RegisterClassW

  PostMessageW

  GetWindowThreadProcessId

  advapi32

  RegEnumKeyW

  CryptAcquireContextW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  CryptDestroyHash

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegQueryValueExW

  RegSetValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegGetValueW

  RegCloseKey

  RegSetKeyValueW

  RegCreateKeyExW

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  CryptReleaseContext

  shell32

  SHCreateDirectoryExW

  SHGetKnownFolderPath

  SHGetSpecialFolderPathW

  SHFileOperationW

  SHChangeNotify

  CommandLineToArgvW

  SHCreateItemFromParsingName

  SHGetFolderPathW

  SHGetFolderPathAndSubDirW

  ord526

  ShellExecuteExW

  ole32

  CoCreateInstance

  CoCreateGuid

  CoCreateFreeThreadedMarshaler

  StringFromGUID2

  CoSetProxyBlanket

  CoInitializeEx

  CoUninitialize

  CoTaskMemFree

  StringFromCLSID

  oleaut32

  SysAllocStringByteLen

  SysStringByteLen

  SysAllocString

  GetRecordInfoFromTypeInfo

  LoadRegTypeLi

  LoadTypeLi

  SysFreeString

  SetErrorInfo

  SysStringLen

  GetErrorInfo

  crypt32

  CryptBinaryToStringW

  CryptStringToBinaryW

  rpcrt4

  RpcBindingSetAuthInfoExW

  RpcBindingFromStringBindingW

  RpcStringBindingComposeW

  RpcBindingFree

  RpcServerInqCallAttributesW

  RpcServerUnregisterIf

  RpcEpUnregister

  RpcBindingVectorFree

  RpcEpRegisterW

  RpcServerInqBindings

  RpcServerUseProtseqW

  RpcStringFreeW

  UuidToStringW

  UuidCreate

  RpcServerRegisterIfEx

  secur32

  GetUserNameExW

  shlwapi

  PathIsRelativeW

  PathFileExistsW

  PathIsDirectoryW

  SHGetValueW

  PathStripPathW

  SHRegGetBoolUSValueW

  SHRegGetValueW

  SHCreateStreamOnFileW

  PathIsPrefixW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  ws2_32

  accept

  send

  setsockopt

  bind

  htonl

  WSAGetLastError

  htons

  socket

  WSAStartup

  closesocket

  listen

  wtsapi32

  WTSQuerySessionInformationW

  WTSQueryUserToken

  WTSEnumerateSessionsW

  WTSFreeMemory

  msvcp140

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ?_Random_device@std@@YAIXZ

  _Cnd_wait

  _Cnd_do_broadcast_at_thread_exit

  _Mtx_current_owns

  _Cnd_timedwait

  _Thrd_id

  _Thrd_join

  ?_Throw_Cpp_error@std@@YAXH@Z

  _Cnd_broadcast

  _Cnd_destroy_in_situ

  _Cnd_init_in_situ

  ?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBUtm@@PB_W4@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Xinvalid_argument@std@@YAXPBD@Z

  _Mtx_trylock

  ?_Xbad_function_call@std@@YAXXZ

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_JH@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  _Xtime_get_ticks

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z

  ?_Xbad_alloc@std@@YAXXZ

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_unlock

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ??Bid@locale@std@@QAEIXZ

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ?_Xout_of_range@std@@YAXPBD@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?uncaught_exception@std@@YA_NXZ

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z

  ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z

  ?tellg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?always_noconv@codecvt_base@std@@QBE_NXZ

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

  ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

  ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

  ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

  ?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __std_type_info_destroy_list

  memset

  __std_exception_destroy

  _CxxThrowException

  _except_handler4_common

  __current_exception_context

  __current_exception

  wcsstr

  wcsrchr

  strrchr

  memmove

  __RTDynamicCast

  memcmp

  memcpy

  __CxxFrameHandler3

  __std_terminate

  __std_exception_copy

  _purecall

  api-ms-win-crt-runtime-l1-1-0

  _invalid_parameter_noinfo_noreturn

  _invalid_parameter_noinfo

  terminate

  _beginthreadex

  _initterm_e

  _initterm

  _errno

  _cexit

  _crt_atexit

  _execute_onexit_table

  _register_onexit_function

  _initialize_onexit_table

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  api-ms-win-crt-stdio-l1-1-0

  setvbuf

  __stdio_common_vsprintf_s

  fsetpos

  fgetwc

  __stdio_common_vswscanf

  _wfopen_s

  fgetc

  fclose

  fputwc

  fputc

  ungetc

  _fseeki64

  fflush

  ungetwc

  fwrite

  __stdio_common_vswprintf

  __stdio_common_vswprintf_s

  fread

  fgetpos

  _get_stream_buffer_pointers

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  malloc

  api-ms-win-crt-string-l1-1-0

  isxdigit

  _wcsicmp

  tolower

  iswspace

  _wcsdup

  towupper

  api-ms-win-crt-time-l1-1-0

  _localtime64_s

  _gmtime64_s

  _time64

  api-ms-win-crt-filesystem-l1-1-0

  _wrename

  _lock_file

  _wstat64

  _unlock_file

  _wremove

  api-ms-win-crt-convert-l1-1-0

  _strtod_l

  atof

  atol

  wcstoll

  wcstol

  strtoll

  _wtoi

  api-ms-win-crt-math-l1-1-0

  log2

  ceil

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ??0IScenario@ScenarioTracking@@QAE@ABV01@@Z

  ??0IScenario@ScenarioTracking@@QAE@XZ

  ??0ScenarioBase@ScenarioTracking@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ??0Scope@ScenarioTracking@@QAE@V?$shared_ptr@VIScenario@ScenarioTracking@@@std@@@Z

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ??0SuppressTransferScope@ScenarioTracking@@QAE@XZ

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ??0TransferScope@ScenarioTracking@@QAE@QBVITrace@1@@Z

  ??0TransferScope@ScenarioTracking@@QAE@V?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@@Z

  ??1IScenario@ScenarioTracking@@UAE@XZ

  ??1ScenarioBase@ScenarioTracking@@UAE@XZ

  ??1Scope@ScenarioTracking@@QAE@XZ

  ??1SuppressTransferScope@ScenarioTracking@@QAE@XZ

  ??1TelemetryEvent@@QAE@XZ

  ??1TransferScope@ScenarioTracking@@QAE@XZ

  ??4IScenario@ScenarioTracking@@QAEAAV01@ABV01@@Z

  ??_7IScenario@ScenarioTracking@@6B@

  ?ApplyScenarioImplicitParameters@ScenarioTracking@@YGXPB_WABV?$function@$$A6GXPBDV?$variant@PBDPB_WHI_J_K_N@std@@@Z@std@@@Z

  ?ApplyScenarioTracking@ScenarioTracking@@YGXABV?$function@$$A6GXPBDV?$variant@PBDPB_WHI_J_K_N@std@@@Z@std@@@Z

  ?AssignLoggingSession@@YGXABV?$shared_ptr@VILoggingSession@@@std@@_N@Z

  ?CaptureTrace@ScenarioTracking@@YG?AV?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@XZ

  ?ClassifyScenarioOutcome@FailuresClassification@@YG?AW4Outcome@QoS@@PB_WW423@K@Z

  ?ClearLoggingSession@@YGXXZ

  ?ConvertOutcomeToResultType@QoS@@YGPB_WW4Outcome@1@@Z

  ?ConvertResultTypeToOutcome@QoS@@YG?AW4Outcome@1@PB_W@Z

  ?CreateBinaryLoggingSession@@YGPAVILoggingSession@@XZ

  ?CreateRemoteDebugServer@@YGPAVIRemoteDebugServer@@_NG@Z

  ?DecrementActiveHydrationsCount@QoS@@YAXXZ

  ?FlushObfuscationTableToDisk@@YGXXZ

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?GetApplicationPropertyId@QoS@@YA?AW4Id@PropertyId@TelemetryConstants@@XZ

  ?GetCurrentTraceId@ScenarioTracking@@YGIXZ

  ?GetDefaultLoggingPath@@YGJAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV12@@Z

  ?GetDuration@ScenarioBase@ScenarioTracking@@UAE?AV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@std@@XZ

  ?GetEmptyTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetErrorType@QoS@@YG?AW4Type@ErrorType@TelemetryConstants@@JI@Z

  ?GetErrorType@QoS@@YG?AW4Type@ErrorType@TelemetryConstants@@JIABV?$set@IU?$less@I@std@@V?$allocator@I@2@@std@@@Z

  ?GetId@ScenarioBase@ScenarioTracking@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetInstance@Telemetry@@CGPAV1@XZ

  ?GetLoggingSession@@YG?AV?$shared_ptr@VILoggingSession@@@std@@XZ

  ?GetName@ScenarioBase@ScenarioTracking@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetResultType@QoS@@YAPB_WJI@Z

  ?GetResultType@QoS@@YAPB_WW4Type@ErrorType@TelemetryConstants@@@Z

  ?GetTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4ExperimentType@@PB_W11@Z

  ?GetValueTranslation@TelemetryEvent@@QAEP6G?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@ZI@Z

  ?GuidToString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABU_GUID@@@Z

  ?IncrementActiveHydrationsCount@QoS@@YAXXZ

  ?InsertIntoIrmEnabledLibrarySet@QoS@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  ?IsRecorded@ScenarioBase@ScenarioTracking@@UAE_NXZ

  ?LoggingAddToMultiValueCommonDatapoint@@YGXPB_W0@Z

  ?LoggingGetCallbackCount@@YGIXZ

  ?LoggingInitializeForExternalComponent@@YGJPB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingReconfigure@@YGXPAVIUpdateRingSettingsManager@@@Z

  ?LoggingRecordAssert@@YGXPB_W000I0_NI1@Z

  ?LoggingRecordAssert@@YGXPB_W00I0_NI1@Z

  ?LoggingRecordUnexpectedCrash@@YGXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0K@Z

  ?LoggingRegisterCallback@@YG_KP6GXPAXPBDI1ABU_GUID@@IIIQAUStructuredEventParameter@@@Z0@Z

  ?LoggingRemoveFromMultiValueCommonDatapoint@@YGXPB_W0@Z

  ?LoggingResetAccountSpecificCommonDatapoints@@YGXXZ

  ?LoggingResetTelemetryLevelsToDefault@@YGXXZ

  ?LoggingRotate@@YGXXZ

  ?LoggingRotateIfNeeded@@YGXXZ

  ?LoggingSanitizeFilename@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?LoggingSetCommonDatapointUserId@@YGXPB_WW4UserIdType@@@Z

  ?LoggingSetExperimentSetupData@@YGXPBDIQAUExperimentSetupData@@I1@Z

  ?LoggingSetLoggingPrivacyLevel@@YGXW4LoggingPrivacyLevel@@@Z

  ?LoggingSetTelemetryLevelEnabled@@YGXI_N@Z

  ?LoggingShouldSample@@YG_NN@Z

  ?LoggingSwitchTelemetryPipeline@@YGXW4TelemetryTransportType@@_N@Z

  ?LoggingUninitializeForExternalComponent@@YGXXZ

  ?LoggingUnregisterCallback@@YGX_K@Z

  ?LoggingWriteDebugString@@YAXHPBDI0_NPB_WZZ

  ?LoggingWriteDeviceFailureDatagramEntry@@YGXPB_W0@Z

  ?LoggingWriteFormatString@@YAXHPBDI0_NPB_WZZ

  ?LoggingWriteFormatStringEx@@YGXHHPBDI0_NPB_WPAD@Z

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingWriteStructuredEvent@@YGXPBDI0ABU_GUID@@IIIQAUStructuredEventParameter@@@Z

  ?MarkScenarioReported@ScenarioTracking@@YGXPB_W@Z

  ?NarrowStringToWideString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z

  ?ObserveTrace@ScenarioTracking@@YGPAVITrace@1@XZ

  ?OneDriveAssertWorker@@YAXPB_WW4OneDriveAssertType@@0I000ZZ

  ?OutcomeToTelemetryValue@QoS@@YG?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@Z

  ?OverrideAsserts@@YGXP6GXPB_W000I0_N@Z@Z

  ?Record@ScenarioBase@ScenarioTracking@@UAEXXZ

  ?Register@FailuresClassification@@YGX$$QAV?$function@$$A6G?AW4Outcome@QoS@@PB_WW412@K@Z@std@@@Z

  ?RegisterSensitiveRootPath@@YGXPB_W0@Z

  ?RemoveFromIrmEnabledLibrarySet@QoS@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?RemovePrivateInfo@@YGXAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?ReportExternalAssert@@YGXPB_W_N0I0@Z

  ?ReportUnrecordedScenario@ScenarioTracking@@YGXAAVIScenario@1@@Z

  ?Reset@FailuresClassification@@YGXXZ

  ?SetApplicationId@QoS@@YAXI@Z

  ?SetValueTranslation@TelemetryEvent@@SGXPAU1@IP6G?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@Z@Z

  ?SizeUnknown@QoS@@YGIXZ

  ?StartScenario@ScenarioTracking@@YG?AV?$shared_ptr@VIScenario@ScenarioTracking@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z

  ?StripPrivateInfoFromString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W@Z

  ?UnregisterSensitiveRootPath@@YGXPB_W@Z

  ?UpdateExperimentalAriaRampAPI@@YGX_N@Z

  ?UpdateOfficePrivacyRamp@@YGX_N@Z

  ?UpdateTelemetryTransmissionProfile@@YGXPBD_N@Z

  ?WideStringToNarrowString@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W@Z

  ?g_ODHasFatallyAsserted@@3_NA

  ?g_assertLogger@@3P6GXPB_W000I0_N@ZA

  ?g_catchAssertCallbackInvoked@@3HA

  ?initAssertLogger@@YGXP6GXPB_W000I0_N@Z@Z

  InitLogging

  UninitLogging

  _TestInitLogging@4

  _TestInitLoggingEx@20

  _TestUninitLogging@0

  Sections

  .text

  Size: 289KB - Virtual size: 288KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 115KB - Virtual size: 115KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 13KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 22KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Setup.exe

  .exe windows:6 windows x86 arch:x86

  d89e012bb90c3e56ea22733716ecc3f1

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  1d:db:77:07:94:e2:4e:81:c1:63:71:50:db:4d:99:c3:ce:c2:a5:dd:a6:24:92:41:43:01:90:d8:4b:06:a8:c1

  Signer

  Actual PE Digest

  1d:db:77:07:94:e2:4e:81:c1:63:71:50:db:4d:99:c3:ce:c2:a5:dd:a6:24:92:41:43:01:90:d8:4b:06:a8:c1

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\FileCoAuth\Desktop\exe\obj\i386\FileCoAuth.pdb

  Imports

  loggingplatform

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingRotateIfNeeded@@YGXXZ

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?LoggingSetCommonDatapointUserId@@YGXPB_WW4UserIdType@@@Z

  ?GuidToString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABU_GUID@@@Z

  ?StripPrivateInfoFromString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W@Z

  ?LoggingUninitializeForExternalComponent@@YGXXZ

  ?GetEmptyTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ??1TelemetryEvent@@QAE@XZ

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ?LoggingInitializeForExternalComponent@@YGJPB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?LoggingRecordAssert@@YGXPB_W00I0_NI1@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  updateringsettings

  ?GetUpdateRingSettingsManager@@YGPAVIUpdateRingSettingsManager@@XZ

  propsys

  PropVariantToStringAlloc

  PropVariantToUInt32

  ntdll

  NtQueryDirectoryFile

  VerSetConditionMask

  RtlNtStatusToDosError

  kernel32

  FindNextFileW

  CreateEventExW

  GetLongPathNameW

  VerifyVersionInfoW

  PostQueuedCompletionStatus

  GetQueuedCompletionStatus

  ReadDirectoryChangesW

  CreateIoCompletionPort

  CreateFileW

  OpenFileById

  GetFinalPathNameByHandleW

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  DeviceIoControl

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  SetDllDirectoryW

  GetCurrentThread

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetSystemTimes

  GetProcessTimes

  IsDebuggerPresent

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetLastError

  DebugBreak

  SetFileAttributesW

  GetFileAttributesW

  CompareStringOrdinal

  GetDiskFreeSpaceExW

  MultiByteToWideChar

  WideCharToMultiByte

  SystemTimeToFileTime

  CopyFileW

  QueueUserWorkItem

  MoveFileWithProgressW

  GlobalLock

  GlobalUnlock

  GlobalFree

  GlobalAlloc

  GetDateFormatW

  OpenEventW

  GetLocaleInfoW

  OpenMutexW

  SystemTimeToTzSpecificLocalTime

  UnregisterApplicationRestart

  GetFileAttributesExW

  DuplicateHandle

  WaitForMultipleObjects

  GetSystemTime

  DeleteFileW

  FindClose

  FindFirstFileW

  FreeLibrary

  LoadLibraryW

  GetComputerNameW

  GetUserDefaultLocaleName

  GetProductInfo

  LCIDToLocaleName

  CreateProcessW

  CreateMutexW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  TerminateProcess

  MoveFileW

  K32GetModuleFileNameExW

  OpenProcess

  GetVersionExW

  LocalFree

  QueryFullProcessImageNameW

  GetCurrentProcess

  IsWow64Process

  LeaveCriticalSection

  EnterCriticalSection

  GetCurrentThreadId

  GetModuleHandleW

  GetProcessHeap

  DeleteCriticalSection

  GetProcAddress

  DecodePointer

  HeapAlloc

  CreateThread

  RaiseException

  CloseHandle

  SetEvent

  GetLastError

  Sleep

  CreateEventW

  WaitForSingleObject

  InitializeCriticalSectionEx

  GetModuleFileNameW

  GetCommandLineW

  HeapFree

  FormatMessageW

  InitializeSListHead

  GetCurrentDirectoryW

  InterlockedPushEntrySList

  QueryPerformanceCounter

  GetStartupInfoW

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  WaitForSingleObjectEx

  ResetEvent

  InitializeCriticalSectionAndSpinCount

  InitOnceBeginInitialize

  InitOnceComplete

  OutputDebugStringW

  ReleaseMutex

  GetVolumeInformationW

  GetDriveTypeW

  GetLogicalDrives

  RemoveDirectoryW

  GetComputerNameExW

  GetTickCount64

  WerRegisterFile

  user32

  GetLastActivePopup

  SetFocus

  AllowSetForegroundWindow

  GetWindowRect

  PeekMessageW

  MessageBoxW

  TrackPopupMenu

  GetSubMenu

  GetDoubleClickTime

  SetMenuDefaultItem

  EnableMenuItem

  GetMenuStringW

  GetMenuItemCount

  RemoveMenu

  DeleteMenu

  PostQuitMessage

  AppendMenuW

  AdjustWindowRectEx

  ModifyMenuW

  SendMessageTimeoutW

  LoadImageW

  GetIconInfo

  EndDialog

  IsWindow

  SetForegroundWindow

  FindWindowW

  SendMessageW

  RegisterClassW

  PostThreadMessageW

  CreateWindowExW

  TranslateMessage

  ShowWindow

  CharNextW

  DispatchMessageW

  DestroyWindow

  SetWindowPos

  CharUpperW

  GetMessageW

  SetTimer

  KillTimer

  GetClassNameW

  GetWindowThreadProcessId

  PostMessageW

  EnumWindows

  GetLastInputInfo

  GetProcessDefaultLayout

  IsHungAppWindow

  MapWindowPoints

  GetWindowLongW

  CloseClipboard

  OpenClipboard

  GetClipboardData

  SetClipboardData

  EmptyClipboard

  SystemParametersInfoW

  advapi32

  SetNamedSecurityInfoW

  InitializeAcl

  GetAce

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  AllocateAndInitializeSid

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  ConvertStringSidToSidW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AccessCheck

  MapGenericMask

  DuplicateToken

  OpenThreadToken

  IsValidAcl

  GetNamedSecurityInfoW

  AddAce

  SetEntriesInAclW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  CryptHashData

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptAcquireContextW

  RegEnumValueW

  CopySid

  GetLengthSid

  IsValidSid

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegSetValueExW

  RegEnumKeyExW

  RegGetValueW

  RegSetKeyValueW

  RegCreateKeyExW

  RegQueryValueExW

  RegCloseKey

  RegQueryInfoKeyW

  RegDeleteKeyW

  RegOpenKeyExW

  RegCopyTreeW

  RegNotifyChangeKeyValue

  GetUserNameW

  CheckTokenMembership

  DeleteAce

  shell32

  AssocCreateForClasses

  SHBrowseForFolderW

  SHGetPathFromIDListW

  SHAppBarMessage

  CommandLineToArgvW

  ShellExecuteExW

  ord526

  SHGetFolderPathAndSubDirW

  SHGetFolderPathW

  SHCreateDirectoryExW

  SHSetKnownFolderPath

  ShellExecuteW

  Shell_NotifyIconW

  SHParseDisplayName

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHFileOperationW

  SHCreateItemFromParsingName

  SHChangeNotify

  ole32

  CoGetObject

  CoAllowSetForegroundWindow

  CoTaskMemFree

  CoTaskMemAlloc

  CoCreateFreeThreadedMarshaler

  CoReleaseServerProcess

  CoAddRefServerProcess

  CoInitializeEx

  CoRevokeClassObject

  CoInitializeSecurity

  CoRegisterClassObject

  CoCreateInstance

  GetRunningObjectTable

  PropVariantClear

  CoImpersonateClient

  CoGetCallContext

  CoRevertToSelf

  CoUninitialize

  CoCreateGuid

  CoSetProxyBlanket

  CoWaitForMultipleHandles

  CLSIDFromString

  StringFromCLSID

  CoResumeClassObjects

  CreateItemMoniker

  CreateBindCtx

  StringFromGUID2

  oleaut32

  LoadTypeLi

  UnRegisterTypeLi

  LoadRegTypeLi

  GetRecordInfoFromTypeInfo

  SysAllocStringByteLen

  SysStringByteLen

  RegisterTypeLi

  SysAllocString

  SysStringLen

  SetErrorInfo

  SafeArrayAccessData

  SafeArrayUnaccessData

  GetErrorInfo

  SysFreeString

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcServerUseProtseqW

  UuidToStringW

  RpcServerRegisterIfEx

  RpcStringFreeW

  RpcServerInqBindings

  RpcEpRegisterW

  RpcBindingVectorFree

  RpcEpUnregister

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcBindingSetAuthInfoExW

  RpcBindingFromStringBindingW

  RpcStringBindingComposeW

  secur32

  GetUserNameExW

  shlwapi

  PathFileExistsW

  SHCreateStreamOnFileW

  SHCreateStreamOnFileEx

  PathFindFileNameW

  SHStrDupW

  SHDeleteKeyW

  SHRegCreateUSKeyW

  SHGetValueW

  SHRegGetUSValueW

  PathStripPathW

  PathStripToRootW

  SHRegCloseUSKey

  SHRegSetUSValueW

  SHDeleteValueW

  PathIsDirectoryW

  PathIsDirectoryEmptyW

  PathIsPrefixW

  AssocCreate

  PathRemoveFileSpecW

  StrStrIW

  UrlEscapeW

  UrlCreateFromPathW

  SHRegGetValueW

  SHRegGetBoolUSValueW

  version

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  VerQueryValueW

  wininet

  InternetCheckConnectionW

  InternetGetConnectedState

  wtsapi32

  WTSQuerySessionInformationW

  WTSQueryUserToken

  WTSFreeMemory

  WTSEnumerateSessionsW

  msvcp140

  _Xtime_get_ticks

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?_Xbad_alloc@std@@YAXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  ?_Xbad_function_call@std@@YAXXZ

  ?_Xout_of_range@std@@YAXPBD@Z

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Cnd_init_in_situ

  _Cnd_destroy_in_situ

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  _Mtx_unlock

  _Cnd_wait

  _Cnd_broadcast

  _Cnd_unregister_at_thread_exit

  ?__ExceptionPtrDestroy@@YAXPAX@Z

  _Cnd_register_at_thread_exit

  ?__ExceptionPtrCopy@@YAXPAXPBX@Z

  ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z

  ?__ExceptionPtrToBool@@YA_NPBX@Z

  ?_Syserror_map@std@@YAPBDH@Z

  ?_Throw_future_error@std@@YAXABVerror_code@1@@Z

  ?__ExceptionPtrRethrow@@YAXPBX@Z

  ?__ExceptionPtrCurrentException@@YAXPAX@Z

  ?__ExceptionPtrCreate@@YAXPAX@Z

  ?_ReportUnobservedException@details@Concurrency@@YAXXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?__ExceptionPtrAssign@@YAXPAXPBX@Z

  ?_Reset@_ContextCallback@details@Concurrency@@AAEXXZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?_Release_chore@details@Concurrency@@YAXPAU_Threadpool_chore@12@@Z

  ?_Schedule_chore@details@Concurrency@@YAHPAU_Threadpool_chore@12@@Z

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QAEX_N@Z

  ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?_Incref@facet@locale@std@@UAEXXZ

  ?uncaught_exception@std@@YA_NXZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ??Bid@locale@std@@QAEIXZ

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __current_exception

  memset

  memmove

  wcsstr

  __current_exception_context

  __std_exception_copy

  __std_terminate

  _purecall

  __CxxFrameHandler3

  memcpy

  _CxxThrowException

  __std_exception_destroy

  __std_type_info_compare

  _except_handler4_common

  memcmp

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  malloc

  _set_new_mode

  free

  api-ms-win-crt-string-l1-1-0

  towupper

  wcscat_s

  wcscpy_s

  isxdigit

  wcscspn

  _wcsicmp

  wcsncpy_s

  wcstok_s

  iswxdigit

  iswspace

  isalnum

  towlower

  strncmp

  _wcsdup

  _strnicmp

  api-ms-win-crt-runtime-l1-1-0

  _invalid_parameter_noinfo_noreturn

  _initialize_onexit_table

  abort

  terminate

  _register_onexit_function

  _errno

  _initterm_e

  _crt_atexit

  _cexit

  _controlfp_s

  _seh_filter_exe

  _register_thread_local_exe_atexit_callback

  _c_exit

  _set_app_type

  _exit

  exit

  _initterm

  _get_wide_winmain_command_line

  _initialize_wide_environment

  _configure_wide_argv

  api-ms-win-crt-time-l1-1-0

  _time64

  _localtime64_s

  api-ms-win-crt-convert-l1-1-0

  atof

  strtoull

  atol

  strtoll

  _strtod_l

  _wtoi

  api-ms-win-crt-locale-l1-1-0

  _configthreadlocale

  _free_locale

  _create_locale

  api-ms-win-crt-stdio-l1-1-0

  fclose

  __p__commode

  _set_fmode

  __stdio_common_vswprintf

  _wfopen_s

  api-ms-win-crt-math-l1-1-0

  ceil

  __setusermatherr

  gdi32

  GetObjectW

  Sections

  .text

  Size: 323KB - Virtual size: 322KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 136KB - Virtual size: 136KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 26KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 29KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• UpdateRingSettings.dll

  .dll windows:6 windows x86 arch:x86

  8f4151e2b47c8157fda35112fe040b85

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  dd:e0:ef:0f:e2:09:fe:09:e6:90:7b:58:a6:dc:ca:a9:ea:1b:cd:23:9d:5c:bd:b2:11:06:58:88:e2:9d:e4:6c

  Signer

  Actual PE Digest

  dd:e0:ef:0f:e2:09:fe:09:e6:90:7b:58:a6:dc:ca:a9:ea:1b:cd:23:9d:5c:bd:b2:11:06:58:88:e2:9d:e4:6c

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\UpdateRingSettings\dll\obj\i386\UpdateRingSettings.pdb

  Imports

  loggingplatform

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?WideStringToNarrowString@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W@Z

  ?NarrowStringToWideString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ??1TelemetryEvent@@QAE@XZ

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetExperimentSetupData@@YGXPBDIQAUExperimentSetupData@@I1@Z

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ?LoggingRotateIfNeeded@@YGXXZ

  kernel32

  FindNextVolumeW

  FindVolumeClose

  DeviceIoControl

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  GetCommandLineW

  CopyFileW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetSystemTimes

  GetProcessTimes

  IsDebuggerPresent

  FindFirstVolumeW

  DeleteCriticalSection

  VerSetConditionMask

  VerifyVersionInfoW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  GetLongPathNameW

  SetLastError

  ExpandEnvironmentStringsW

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  GetCurrentThreadId

  QueryPerformanceCounter

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  IsProcessorFeaturePresent

  GetExitCodeProcess

  GetFileAttributesW

  CompareStringOrdinal

  SetFileInformationByHandle

  GetFileInformationByHandleEx

  GetFileInformationByHandle

  GetFinalPathNameByHandleW

  OpenFileById

  CreateFileW

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetDiskFreeSpaceExW

  MultiByteToWideChar

  WideCharToMultiByte

  GetSystemTime

  DeleteFileW

  FindClose

  FindFirstFileW

  FreeLibrary

  LoadLibraryW

  IsWow64Process

  CreateProcessW

  CreateMutexW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetModuleFileNameW

  GetModuleHandleW

  GetProcAddress

  GetCurrentProcess

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  WaitForSingleObject

  TerminateProcess

  Sleep

  GetLastError

  MoveFileW

  CloseHandle

  K32GetModuleFileNameExW

  OpenProcess

  LocalFree

  InitializeCriticalSectionEx

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  AcquireSRWLockShared

  AcquireSRWLockExclusive

  ReleaseSRWLockShared

  ReleaseSRWLockExclusive

  user32

  GetClassNameW

  GetWindowThreadProcessId

  PostMessageW

  SendMessageTimeoutW

  ShowWindow

  GetMessageW

  CreateWindowExW

  DestroyWindow

  EnumWindows

  DispatchMessageW

  TranslateMessage

  RegisterClassW

  advapi32

  RegCreateKeyExW

  RegSetKeyValueW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  CryptHashData

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptAcquireContextW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegQueryValueExW

  RegSetValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegGetValueW

  RegCloseKey

  shell32

  SHGetFolderPathAndSubDirW

  ShellExecuteExW

  SHChangeNotify

  SHGetFolderPathW

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHFileOperationW

  ord526

  SHCreateItemFromParsingName

  SHCreateDirectoryExW

  CommandLineToArgvW

  ole32

  CoCreateInstance

  CoTaskMemFree

  StringFromCLSID

  CoCreateFreeThreadedMarshaler

  StringFromGUID2

  CLSIDFromString

  CoSetProxyBlanket

  CoInitializeEx

  CoUninitialize

  CoCreateGuid

  oleaut32

  GetErrorInfo

  SysStringLen

  SetErrorInfo

  LoadTypeLi

  LoadRegTypeLi

  GetRecordInfoFromTypeInfo

  SysFreeString

  SysAllocString

  SysAllocStringByteLen

  SysStringByteLen

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcServerRegisterIfEx

  RpcServerUseProtseqW

  RpcServerInqBindings

  RpcEpRegisterW

  RpcBindingVectorFree

  RpcEpUnregister

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcStringBindingComposeW

  RpcBindingFromStringBindingW

  RpcStringFreeW

  RpcBindingSetAuthInfoExW

  secur32

  GetUserNameExW

  shlwapi

  SHRegGetValueW

  PathRemoveFileSpecW

  StrStrIW

  SHRegGetBoolUSValueW

  PathStripPathW

  SHGetValueW

  SHCreateStreamOnFileW

  PathFileExistsW

  PathIsPrefixW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  wtsapi32

  WTSQueryUserToken

  WTSQuerySessionInformationW

  WTSFreeMemory

  WTSEnumerateSessionsW

  msvcp140

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Xbad_function_call@std@@YAXXZ

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Mtx_unlock

  ??0facet@locale@std@@IAE@I@Z

  ??1facet@locale@std@@MAE@XZ

  ?_Xlength_error@std@@YAXPBD@Z

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?_Xout_of_range@std@@YAXPBD@Z

  ?_Xinvalid_argument@std@@YAXPBD@Z

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Strxfrm

  _Strcoll

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ??Bid@locale@std@@QAEIXZ

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$ctype@D@std@@2V0locale@2@A

  ?tolower@?$ctype@D@std@@QBEDD@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ?_Xbad_alloc@std@@YAXXZ

  ?id@?$collate@D@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?uncaught_exception@std@@YA_NXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?id@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z

  ?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ?get@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD4@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __std_exception_copy

  strchr

  _purecall

  wcsstr

  __std_terminate

  __current_exception

  __current_exception_context

  _CxxThrowException

  memset

  __std_type_info_destroy_list

  memmove

  memcpy

  __CxxFrameHandler3

  __std_exception_destroy

  _except_handler4_common

  memchr

  memcmp

  api-ms-win-crt-runtime-l1-1-0

  _initterm

  terminate

  _cexit

  _initterm_e

  _invalid_parameter_noinfo_noreturn

  _seh_filter_dll

  _configure_narrow_argv

  _initialize_narrow_environment

  _initialize_onexit_table

  _register_onexit_function

  _execute_onexit_table

  _crt_atexit

  _errno

  api-ms-win-crt-convert-l1-1-0

  wcstol

  _strtod_l

  wcstoul

  wcstod

  strtoul

  atof

  atol

  strtoll

  _wtoi

  strtol

  api-ms-win-crt-time-l1-1-0

  _time64

  _mkgmtime64

  strftime

  _gmtime64_s

  _difftime64

  _localtime64_s

  api-ms-win-crt-heap-l1-1-0

  malloc

  free

  _callnewh

  realloc

  api-ms-win-crt-stdio-l1-1-0

  fclose

  __stdio_common_vsprintf_s

  _wfopen_s

  __stdio_common_vswprintf_s

  __stdio_common_vswprintf

  __stdio_common_vsprintf

  api-ms-win-crt-math-l1-1-0

  round

  ceil

  api-ms-win-crt-string-l1-1-0

  isxdigit

  _wcsdup

  towupper

  iswspace

  wcstok_s

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ?GetECSConfigurationManager@@YGPAVIECSConfigurationManager@@XZ

  ?GetFeatureSupport@@YGPAVIFeatureSupport@@XZ

  ?GetUpdateRingSettingsManager@@YGPAVIUpdateRingSettingsManager@@XZ

  ?OverrideECSConfigurationManager@@YGXPAVIECSConfigurationManager@@@Z

  ?OverrideFeatureSupport@@YGXPAVIFeatureSupport@@@Z

  ?OverrideUpdateRingSettingsManager@@YGXPAVIUpdateRingSettingsManager@@@Z

  ?ResetECSConfigurationManager@@YGXXZ

  ?ResetFeatureSupport@@YGXXZ

  ?ResetUpdateRingSettingsManager@@YGXXZ

  Sections

  .text

  Size: 240KB - Virtual size: 240KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 96KB - Virtual size: 95KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 19KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• de-DE.bin

  .dll windows:6 windows x86 arch:x86

  75a9ae7d4394abdc30e2a873908fa09d

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleFileNameA

  GetLastError

  LoadLibraryA

  GetProcAddress

  CreateThreadpoolWork

  WriteConsoleW

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  MultiByteToWideChar

  WideCharToMultiByte

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapFree

  HeapAlloc

  GetStdHandle

  GetFileType

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  CloseHandle

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  ReadFile

  GetFileSizeEx

  SetFilePointerEx

  ReadConsoleW

  HeapReAlloc

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetProcessHeap

  SetStdHandle

  HeapSize

  CreateFileW

  Exports

  Exports

  IsInteractiveUserSession

  QueryActiveSession

  QueryUserToken

  RegisterUsertokenForNoWinlogon

  WTSCloseServer

  WTSConnectSessionA

  WTSConnectSessionW

  WTSCreateListenerA

  WTSCreateListenerW

  WTSDisconnectSession

  WTSEnableChildSessions

  WTSEnumerateListenersA

  WTSEnumerateListenersW

  WTSEnumerateProcessesA

  WTSEnumerateProcessesExA

  WTSEnumerateProcessesExW

  WTSEnumerateProcessesW

  WTSEnumerateServersA

  WTSEnumerateServersW

  WTSEnumerateSessionsA

  WTSEnumerateSessionsExA

  WTSEnumerateSessionsExW

  WTSEnumerateSessionsW

  WTSFreeMemory

  WTSFreeMemoryExA

  WTSFreeMemoryExW

  WTSGetChildSessionId

  WTSGetListenerSecurityA

  WTSGetListenerSecurityW

  WTSIsChildSessionsEnabled

  WTSLogoffSession

  WTSOpenServerA

  WTSOpenServerExA

  WTSOpenServerExW

  WTSOpenServerW

  WTSQueryListenerConfigA

  WTSQueryListenerConfigW

  WTSQuerySessionInformationA

  WTSQuerySessionInformationW

  WTSQueryUserConfigA

  WTSQueryUserConfigW

  WTSQueryUserToken

  WTSRegisterSessionNotification

  WTSRegisterSessionNotificationEx

  WTSSendMessageA

  WTSSendMessageW

  WTSSetListenerSecurityA

  WTSSetListenerSecurityW

  WTSSetRenderHint

  WTSSetSessionInformationA

  WTSSetSessionInformationW

  WTSSetUserConfigA

  WTSSetUserConfigW

  WTSShutdownSystem

  WTSStartRemoteControlSessionA

  WTSStartRemoteControlSessionW

  WTSStopRemoteControlSession

  WTSTerminateProcess

  WTSUnRegisterSessionNotification

  WTSUnRegisterSessionNotificationEx

  WTSVirtualChannelClose

  WTSVirtualChannelOpen

  WTSVirtualChannelOpenEx

  WTSVirtualChannelPurgeInput

  WTSVirtualChannelPurgeOutput

  WTSVirtualChannelQuery

  WTSVirtualChannelRead

  WTSVirtualChannelWrite

  WTSWaitSystemEvent

  Sections

  .text

  Size: 190KB - Virtual size: 189KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 63KB - Virtual size: 62KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• msvcp140.dll

  .dll windows:6 windows x86 arch:x86

  6dbd7763e94344402d4206b7bab40e1f

  
  

  Code Sign

  33:00:00:01:0c:6c:23:05:0b:07:99:1e:cd:00:00:00:00:01:0c

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:FC41-4BD4-D220,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Signer

  Actual PE Digest

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Signer

  Actual PE Digest

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

  Imports

  vcruntime140

  _except_handler4_common

  __uncaught_exceptions

  __uncaught_exception

  memmove

  __std_terminate

  _purecall

  __CxxFrameHandler3

  _CxxThrowException

  __AdjustPointer

  __processing_throw

  __current_exception

  __std_exception_destroy

  __std_exception_copy

  memset

  memcmp

  memchr

  __std_type_info_destroy_list

  memcpy

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  calloc

  malloc

  realloc

  api-ms-win-crt-locale-l1-1-0

  ___mb_cur_max_func

  ___lc_locale_name_func

  ___lc_collate_cp_func

  localeconv

  ___lc_codepage_func

  _lock_locales

  _unlock_locales

  setlocale

  __pctype_func

  api-ms-win-crt-string-l1-1-0

  __strncnt

  tolower

  isalnum

  isxdigit

  isspace

  wcsnlen

  isdigit

  wcscpy_s

  _wcsdup

  islower

  isupper

  iswctype

  strcspn

  api-ms-win-crt-runtime-l1-1-0

  _cexit

  _execute_onexit_table

  _register_onexit_function

  _set_new_handler

  terminate

  _crt_atexit

  _invalid_parameter_noinfo_noreturn

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  abort

  _initterm

  _initterm_e

  _initialize_onexit_table

  _beginthreadex

  _endthreadex

  _errno

  api-ms-win-crt-stdio-l1-1-0

  fputwc

  ungetc

  setvbuf

  fwrite

  _fseeki64

  fsetpos

  fread

  fputs

  fgetc

  fflush

  fclose

  _get_stream_buffer_pointers

  _wfsopen

  _fsopen

  __acrt_iob_func

  fgetpos

  fseek

  fputc

  __stdio_common_vsprintf_s

  fgetwc

  ungetwc

  api-ms-win-crt-math-l1-1-0

  ldexp

  _CIpow

  _CIlog

  frexp

  api-ms-win-crt-convert-l1-1-0

  btowc

  strtod

  strtof

  api-ms-win-crt-filesystem-l1-1-0

  _wchdir

  _wrmdir

  _unlock_file

  _wremove

  _lock_file

  _wrename

  api-ms-win-crt-time-l1-1-0

  _W_Getdays

  _Getmonths

  _Strftime

  _Wcsftime

  _Getdays

  _Gettnames

  _W_Gettnames

  _W_Getmonths

  api-ms-win-crt-environment-l1-1-0

  _wgetcwd

  api-ms-win-crt-utility-l1-1-0

  rand_s

  kernel32

  RtlCaptureStackBackTrace

  DuplicateHandle

  WaitForSingleObjectEx

  Sleep

  GetCurrentProcess

  SwitchToThread

  GetCurrentThread

  GetCurrentThreadId

  GetExitCodeThread

  GetNativeSystemInfo

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetStringTypeW

  MultiByteToWideChar

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  WideCharToMultiByte

  LoadLibraryExA

  FreeLibrary

  VirtualQuery

  VirtualProtect

  GetSystemInfo

  InitializeSListHead

  GetCurrentProcessId

  IsDebuggerPresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetProcAddress

  GetModuleHandleW

  GetTickCount

  GetSystemTimeAsFileTime

  CreateEventW

  InitializeCriticalSectionAndSpinCount

  SetLastError

  GetModuleHandleExW

  QueueUserWorkItem

  IsProcessorFeaturePresent

  CloseHandle

  TryEnterCriticalSection

  FormatMessageW

  CreateHardLinkW

  CopyFileW

  GetLastError

  AreFileApisANSI

  GetTempPathW

  SetFileTime

  SetFilePointerEx

  SetFileAttributesW

  SetEndOfFile

  GetFileInformationByHandle

  GetFileAttributesExW

  GetDiskFreeSpaceExW

  FindNextFileW

  FindFirstFileExW

  FindClose

  CreateFileW

  CreateDirectoryW

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetCPInfo

  RaiseException

  DecodePointer

  EncodePointer

  Exports

  Exports

  ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??0?$_Yarn@D@std@@QAE@ABV01@@Z

  ??0?$_Yarn@D@std@@QAE@PBD@Z

  ??0?$_Yarn@D@std@@QAE@XZ

  ??0?$_Yarn@G@std@@QAE@ABV01@@Z

  ??0?$_Yarn@G@std@@QAE@PBG@Z

  ??0?$_Yarn@G@std@@QAE@XZ

  ??0?$_Yarn@_W@std@@QAE@ABV01@@Z

  ??0?$_Yarn@_W@std@@QAE@PB_W@Z

  ??0?$_Yarn@_W@std@@QAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@D@std@@QAE@PBF_NI@Z

  ??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@G@std@@QAE@I@Z

  ??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@_W@std@@QAE@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0Init@ios_base@std@@QAE@XZ

  ??0_Facet_base@std@@QAE@ABV01@@Z

  ??0_Facet_base@std@@QAE@XZ

  ??0_Init_locks@std@@QAE@XZ

  ??0_Locimp@locale@std@@AAE@ABV012@@Z

  ??0_Locimp@locale@std@@AAE@_N@Z

  ??0_Locinfo@std@@QAE@HPBD@Z

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ??0_Lockit@std@@QAE@XZ

  ??0_Timevec@std@@QAE@ABV01@@Z

  ??0_Timevec@std@@QAE@PAX@Z

  ??0_UShinit@std@@QAE@XZ

  ??0_Winit@std@@QAE@XZ

  ??0codecvt_base@std@@QAE@I@Z

  ??0ctype_base@std@@QAE@I@Z

  ??0facet@locale@std@@IAE@I@Z

  ??0id@locale@std@@QAE@I@Z

  ??0ios_base@std@@IAE@XZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ??0time_base@std@@QAE@I@Z

  ??1?$_Yarn@D@std@@QAE@XZ

  ??1?$_Yarn@G@std@@QAE@XZ

  ??1?$_Yarn@_W@std@@QAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$ctype@D@std@@MAE@XZ

  ??1?$ctype@G@std@@MAE@XZ

  ??1?$ctype@_W@std@@MAE@XZ

  ??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1Init@ios_base@std@@QAE@XZ

  ??1_Facet_base@std@@UAE@XZ

  ??1_Init_locks@std@@QAE@XZ

  ??1_Locimp@locale@std@@MAE@XZ

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??1_Timevec@std@@QAE@XZ

  ??1_UShinit@std@@QAE@XZ

  ??1_Winit@std@@QAE@XZ

  ??1codecvt_base@std@@UAE@XZ

  ??1ctype_base@std@@UAE@XZ

  ??1facet@locale@std@@MAE@XZ

  ??1ios_base@std@@UAE@XZ

  ??1time_base@std@@UAE@XZ

  ??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z

  ??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@G@std@@QAEAAV01@PBG@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z

  ??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z

  ??4Init@ios_base@std@@QAEAAV012@ABV012@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z

  ??4_Facet_base@std@@QAEAAV01@ABV01@@Z

  ??4_Init_locks@std@@QAEAAV01@ABV01@@Z

  ??4_Timevec@std@@QAEAAV01@ABV01@@Z

  ??4_UShinit@std@@QAEAAV01@ABV01@@Z

  ??4_Winit@std@@QAEAAV01@ABV01@@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ??7ios_base@std@@QBE_NXZ

  ??Bid@locale@std@@QAEIXZ

  ??Bios_base@std@@QBE_NXZ

  ??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

  ??_7?$ctype@D@std@@6B@

  ??_7?$ctype@G@std@@6B@

  ??_7?$ctype@_W@std@@6B@

  ??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7_Facet_base@std@@6B@

  ??_7_Locimp@locale@std@@6B@

  ??_7codecvt_base@std@@6B@

  ??_7ctype_base@std@@6B@

  ??_7facet@locale@std@@6B@

  ??_7ios_base@std@@6B@

  ??_7time_base@std@@6B@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$ctype@D@std@@QAEXXZ

  ??_F?$ctype@G@std@@QAEXXZ

  ??_F?$ctype@_W@std@@QAEXXZ

  ??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F_Locinfo@std@@QAEXXZ

  ??_F_Timevec@std@@QAEXXZ

  ??_Fcodecvt_base@std@@QAEXXZ

  ??_Fctype_base@std@@QAEXXZ

  ??_Ffacet@locale@std@@QAEXXZ

  ??_Fid@locale@std@@QAEXXZ

  ??_Ftime_base@std@@QAEXXZ

  ?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_Addstd@ios_base@std@@SAXPAV12@@Z

  ?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z

  ?_Atexit@@YAXP6AXXZ@Z

  ?_BADOFF@std@@3_JB

  ?_C_str@?$_Yarn@D@std@@QBEPBDXZ

  ?_C_str@?$_Yarn@G@std@@QBEPBGXZ

  ?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Callfns@ios_base@std@@AAEXW4event@12@@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_Clocptr@_Locimp@locale@std@@0PAV123@A

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Donarrow@?$ctype@G@std@@IBEDGD@Z

  ?_Donarrow@?$ctype@_W@std@@IBED_WD@Z

  ?_Dowiden@?$ctype@G@std@@IBEGD@Z

  ?_Dowiden@?$ctype@_W@std@@IBE_WD@Z

  ?_Empty@?$_Yarn@D@std@@QBE_NXZ

  ?_Empty@?$_Yarn@G@std@@QBE_NXZ

  ?_Empty@?$_Yarn@_W@std@@QBE_NXZ

  ?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z

  ?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z

  ?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z

  ?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ

  ?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ

  ?_Getdateorder@_Locinfo@std@@QBEHXZ

  ?_Getdays@_Locinfo@std@@QBEPBDXZ

  ?_Getfalse@_Locinfo@std@@QBEPBDXZ

  ?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z

  ?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z

  ?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z

  ?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

  ?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ

  ?_Getmonths@_Locinfo@std@@QBEPBDXZ

  ?_Getname@_Locinfo@std@@QBEPBDXZ

  ?_Getptr@_Timevec@std@@QBEPAXXZ

  ?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ

  ?_Gettrue@_Locinfo@std@@QBEPBDXZ

  ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Id_cnt@id@locale@std@@0HA

  ?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Index@ios_base@std@@0HA

  Sections

  .text

  Size: 394KB - Virtual size: 393KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .didat

  Size: 512B - Virtual size: 52B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 1008B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• vcruntime140.dll

  .dll windows:6 windows x86 arch:x86

  6a84b7445ccacd5d29ac27de2745f356

  
  

  Code Sign

  33:00:00:01:07:63:a5:19:2a:11:27:e5:d9:00:00:00:00:01:07

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:AB41-4B27-F026,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Signer

  Actual PE Digest

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Signer

  Actual PE Digest

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  abort

  terminate

  api-ms-win-crt-heap-l1-1-0

  calloc

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  wcsncmp

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf_s

  api-ms-win-crt-convert-l1-1-0

  atol

  kernel32

  DeleteCriticalSection

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  GetModuleHandleW

  GetModuleFileNameW

  LoadLibraryExW

  GetProcAddress

  FreeLibrary

  RtlUnwind

  VirtualQuery

  EncodePointer

  InterlockedPushEntrySList

  InterlockedFlushSList

  RaiseException

  EnterCriticalSection

  LeaveCriticalSection

  TlsSetValue

  GetLastError

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsFree

  Exports

  Exports

  _CreateFrameInfo

  _CxxThrowException

  _EH_prolog

  _FindAndUnlinkFrame

  _IsExceptionObjectToBeDestroyed

  _NLG_Dispatch2

  _NLG_Return

  _NLG_Return2

  _SetWinRTOutOfMemoryExceptionCallback

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxLongjmpUnwind

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __GetPlatformExceptionInfo

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __TypeMatch

  __current_exception

  __current_exception_context

  __intrinsic_setjmp

  __processing_throw

  __report_gsfailure

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_compare

  __std_type_info_destroy_list

  __std_type_info_hash

  __std_type_info_name

  __telemetry_main_invoke_trigger

  __telemetry_main_return_trigger

  __unDName

  __unDNameEx

  __uncaught_exception

  __uncaught_exceptions

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_InitializeCriticalSectionEx

  __vcrt_LoadLibraryExW

  _chkesp

  _except_handler2

  _except_handler3

  _except_handler4_common

  _get_purecall_handler

  _get_unexpected

  _global_unwind2

  _is_exception_typeof

  _local_unwind2

  _local_unwind4

  _longjmpex

  _purecall

  _seh_longjmp_unwind

  _seh_longjmp_unwind4

  _set_purecall_handler

  _set_se_translator

  _setjmp3

  longjmp

  memchr

  memcmp

  memcpy

  memmove

  memset

  set_unexpected

  strchr

  strrchr

  strstr

  unexpected

  wcschr

  wcsrchr

  wcsstr

  Sections

  .text

  Size: 55KB - Virtual size: 55KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• wtsapi32.dll

  .dll windows:6 windows x86 arch:x86

  f48cb6ffad61c5979b9ac9d06b7b1044

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleFileNameW

  CreateProcessW

  GetCurrentProcess

  WriteConsoleW

  CloseHandle

  CreateFileW

  CopyFileW

  TerminateProcess

  CreateDirectoryW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  GetLastError

  SetLastError

  EncodePointer

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  HeapAlloc

  HeapFree

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  MultiByteToWideChar

  WideCharToMultiByte

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  LCMapStringW

  GetProcessHeap

  GetStdHandle

  GetFileType

  GetStringTypeW

  HeapSize

  HeapReAlloc

  SetStdHandle

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  SetFilePointerEx

  DecodePointer

  user32

  MessageBoxA

  advapi32

  GetUserNameW

  Exports

  Exports

  IsInteractiveUserSession

  QueryActiveSession

  QueryUserToken

  RegisterUsertokenForNoWinlogon

  WTSCloseServer

  WTSConnectSessionA

  WTSConnectSessionW

  WTSCreateListenerA

  WTSCreateListenerW

  WTSDisconnectSession

  WTSEnableChildSessions

  WTSEnumerateListenersA

  WTSEnumerateListenersW

  WTSEnumerateProcessesA

  WTSEnumerateProcessesExA

  WTSEnumerateProcessesExW

  WTSEnumerateProcessesW

  WTSEnumerateServersA

  WTSEnumerateServersW

  WTSEnumerateSessionsA

  WTSEnumerateSessionsExA

  WTSEnumerateSessionsExW

  WTSEnumerateSessionsW

  WTSFreeMemory

  WTSFreeMemoryExA

  WTSFreeMemoryExW

  WTSGetChildSessionId

  WTSGetListenerSecurityA

  WTSGetListenerSecurityW

  WTSIsChildSessionsEnabled

  WTSLogoffSession

  WTSOpenServerA

  WTSOpenServerExA

  WTSOpenServerExW

  WTSOpenServerW

  WTSQueryListenerConfigA

  WTSQueryListenerConfigW

  WTSQuerySessionInformationA

  WTSQuerySessionInformationW

  WTSQueryUserConfigA

  WTSQueryUserConfigW

  WTSQueryUserToken

  WTSRegisterSessionNotification

  WTSRegisterSessionNotificationEx

  WTSSendMessageA

  WTSSendMessageW

  WTSSetListenerSecurityA

  WTSSetListenerSecurityW

  WTSSetRenderHint

  WTSSetSessionInformationA

  WTSSetSessionInformationW

  WTSSetUserConfigA

  WTSSetUserConfigW

  WTSShutdownSystem

  WTSStartRemoteControlSessionA

  WTSStartRemoteControlSessionW

  WTSStopRemoteControlSession

  WTSTerminateProcess

  WTSUnRegisterSessionNotification

  WTSUnRegisterSessionNotificationEx

  WTSVirtualChannelClose

  WTSVirtualChannelOpen

  WTSVirtualChannelOpenEx

  WTSVirtualChannelPurgeInput

  WTSVirtualChannelPurgeOutput

  WTSVirtualChannelQuery

  WTSVirtualChannelRead

  WTSVirtualChannelWrite

  WTSWaitSystemEvent

  Sections

  .text

  Size: 80KB - Virtual size: 80KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 32KB - Virtual size: 31KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• 457be9e546e54f54b26921dd57d426d2dc413ca1c7939ce00a5dc8efea257ef3

  .iso
• out.iso

  .iso
• Screenshots.lnk

  .lnk
• __TEMP/LoggingPlatform.dll

  .dll windows:6 windows x64 arch:x64

  a1c4bec949adafb29cb4a1887f57c3f4

  
  

  Code Sign

  33:00:00:04:24:2a:2c:31:dc:36:18:25:58:00:00:00:00:04:24

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:25

  Not After

  01-09-2022 18:25

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  45:2b:52:6e:8f:1d:d4:4b:24:09:9b:08:83:d6:43:76:60:da:10:37:4a:91:9a:8d:96:bb:57:12:23:4e:b9:f8

  Signer

  Actual PE Digest

  45:2b:52:6e:8f:1d:d4:4b:24:09:9b:08:83:d6:43:76:60:da:10:37:4a:91:9a:8d:96:bb:57:12:23:4e:b9:f8

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\1122_182811\client\onedrive\Product\Logging\dll\obj\amd64\LoggingPlatform.pdb

  Imports

  kernel32

  GetDiskFreeSpaceExW

  GetFileAttributesW

  GetFileAttributesExW

  GetFileInformationByHandle

  GetFileSize

  GetFileSizeEx

  GetFileType

  GetFinalPathNameByHandleW

  ReadFile

  SetFileInformationByHandle

  SetFilePointer

  IsDebuggerPresent

  CreateIoCompletionPort

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  ReleaseMutex

  GetProcessTimes

  GetExitCodeProcess

  GetSystemTimes

  IsWow64Process

  LoadLibraryExW

  SetDllDirectoryW

  CopyFileW

  ReadDirectoryChangesW

  RegisterApplicationRestart

  FindVolumeClose

  OpenFileById

  CreateSymbolicLinkW

  CompareStringOrdinal

  GetUserGeoID

  FindNextVolumeW

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  FindFirstVolumeW

  ExpandEnvironmentStringsW

  GetEnvironmentVariableW

  GetCommandLineW

  Process32NextW

  Process32FirstW

  CreateToolhelp32Snapshot

  SetLastError

  VerifyVersionInfoW

  VerSetConditionMask

  DeleteCriticalSection

  InitializeCriticalSectionEx

  WideCharToMultiByte

  MultiByteToWideChar

  K32GetModuleFileNameExW

  MoveFileW

  LocalFree

  GetModuleHandleW

  GetModuleFileNameW

  GetSystemTimeAsFileTime

  OpenProcess

  CreateProcessW

  TerminateProcess

  GetCurrentProcess

  Sleep

  CreateMutexW

  WaitForSingleObject

  GetProcessHeap

  HeapFree

  HeapAlloc

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  FindClose

  FindNextFileW

  FindFirstFileW

  DeviceIoControl

  CompareFileTime

  DeleteFileW

  CreateDirectoryW

  WerUnregisterFile

  WerRegisterFile

  WriteFile

  CloseHandle

  SetFileTime

  SystemTimeToFileTime

  GetSystemTime

  GetLastError

  CreateFileW

  GetCurrentThreadId

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  GetFileInformationByHandleEx

  GetCurrentProcessId

  user32

  ShowWindow

  DestroyWindow

  CreateWindowExW

  RegisterClassW

  DispatchMessageW

  TranslateMessage

  GetMessageW

  SendMessageTimeoutW

  PostMessageW

  EnumWindows

  GetClassNameW

  GetWindowThreadProcessId

  advapi32

  AllocateAndInitializeSid

  CryptAcquireContextW

  ConvertSidToStringSidW

  SetNamedSecurityInfoW

  GetNamedSecurityInfoW

  SetEntriesInAclW

  StartServiceW

  StartServiceCtrlDispatcherW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  QueryServiceStatusEx

  QueryServiceStatus

  QueryServiceConfigW

  OpenServiceW

  OpenSCManagerW

  DeleteService

  CreateServiceW

  ControlService

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  RegDeleteTreeW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegDeleteKeyExW

  RegCreateKeyTransactedW

  GetUserNameW

  SetFileSecurityW

  GetAclInformation

  FreeSid

  DuplicateTokenEx

  CreateWellKnownSid

  CryptReleaseContext

  CreateProcessAsUserW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  RegGetValueW

  RegSetKeyValueW

  RegSetValueExW

  RegQueryValueExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegEnumValueW

  RegEnumKeyExW

  RegDeleteValueW

  RegCreateKeyExW

  RegCloseKey

  LookupPrivilegeValueW

  GetTokenInformation

  AdjustTokenPrivileges

  OpenProcessToken

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  CryptDestroyHash

  shell32

  ord526

  SHSetKnownFolderPath

  SHGetFolderPathAndSubDirW

  SHGetFolderPathW

  SHCreateItemFromParsingName

  ShellExecuteExW

  SHParseDisplayName

  SHChangeNotify

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHCreateDirectoryExW

  CommandLineToArgvW

  SHFileOperationW

  ole32

  CoCreateInstance

  StringFromCLSID

  CoTaskMemFree

  CoCreateGuid

  CreateBindCtx

  CoUninitialize

  CoInitializeEx

  CoCreateFreeThreadedMarshaler

  CoSetProxyBlanket

  CreateItemMoniker

  GetRunningObjectTable

  StringFromGUID2

  oleaut32

  SysStringByteLen

  SysAllocString

  SysAllocStringByteLen

  SysFreeString

  GetRecordInfoFromTypeInfo

  LoadRegTypeLi

  LoadTypeLi

  SetErrorInfo

  SysStringLen

  GetErrorInfo

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcBindingFromStringBindingW

  RpcBindingFree

  RpcStringBindingComposeW

  RpcServerInqBindings

  RpcServerRegisterIfEx

  RpcServerUnregisterIf

  RpcServerUseProtseqW

  RpcBindingSetAuthInfoExW

  RpcStringFreeW

  RpcEpRegisterW

  RpcEpUnregister

  RpcServerInqCallAttributesW

  RpcBindingVectorFree

  UuidToStringW

  UuidCreate

  secur32

  GetUserNameExW

  shlwapi

  SHCreateStreamOnFileW

  SHRegGetBoolUSValueW

  PathFileExistsW

  PathIsDirectoryW

  SHGetValueW

  PathStripPathW

  PathIsPrefixW

  SHRegGetValueW

  PathIsRelativeW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  ws2_32

  send

  closesocket

  socket

  WSAStartup

  WSAGetLastError

  bind

  listen

  htons

  accept

  htonl

  setsockopt

  wtsapi32

  WTSEnumerateSessionsW

  WTSQuerySessionInformationW

  WTSFreeMemory

  WTSQueryUserToken

  msvcp140

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ?setf@ios_base@std@@QEAAHHH@Z

  ?setf@ios_base@std@@QEAAHH@Z

  ?toupper@?$ctype@_W@std@@QEBA_W_W@Z

  ?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z

  ?_Getname@_Locinfo@std@@QEBAPEBDXZ

  ?_Xruntime_error@std@@YAXPEBD@Z

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z

  ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?widen@?$ctype@_W@std@@QEBA_WD@Z

  ?tolower@?$ctype@_W@std@@QEBA_W_W@Z

  ??0_Locinfo@std@@QEAA@HPEBD@Z

  ??1_Locinfo@std@@QEAA@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ

  ??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBG1AEAPEBGPEAD3AEAPEAD@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAG3AEAPEAG@Z

  ?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ?_Random_device@std@@YAIXZ

  _Cnd_wait

  _Cnd_do_broadcast_at_thread_exit

  _Mtx_current_owns

  _Cnd_timedwait

  _Thrd_id

  _Thrd_join

  ?_Throw_Cpp_error@std@@YAXH@Z

  _Cnd_broadcast

  _Cnd_destroy_in_situ

  _Cnd_init_in_situ

  ?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBUtm@@PEB_W4@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

  ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ

  ?_Xinvalid_argument@std@@YAXPEBD@Z

  _Mtx_trylock

  ?_Xbad_function_call@std@@YAXXZ

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JH@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXXZ

  ?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEBA?AVlocale@2@XZ

  ?_Xlength_error@std@@YAXPEBD@Z

  _Xtime_get_ticks

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z

  ?_Xbad_alloc@std@@YAXXZ

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_unlock

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ

  ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

  ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z

  ?_Incref@facet@locale@std@@UEAAXXZ

  ??Bid@locale@std@@QEAA_KXZ

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z

  ?_Xout_of_range@std@@YAXPEBD@Z

  ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z

  ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ??Bios_base@std@@QEBA_NXZ

  ?uncaught_exception@std@@YA_NXZ

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z

  ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z

  ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z

  ?tellg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

  ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

  ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1_Lockit@std@@QEAA@XZ

  ??0_Lockit@std@@QEAA@H@Z

  ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

  ?always_noconv@codecvt_base@std@@QEBA_NXZ

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

  ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z

  ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

  ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ

  ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

  ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

  ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140_1

  __CxxFrameHandler4

  vcruntime140

  wcsrchr

  __current_exception

  wcsstr

  strrchr

  __RTDynamicCast

  memcmp

  memset

  memmove

  memcpy

  __std_type_info_destroy_list

  __C_specific_handler

  __current_exception_context

  _purecall

  __std_terminate

  __std_exception_copy

  __std_exception_destroy

  _CxxThrowException

  api-ms-win-crt-runtime-l1-1-0

  terminate

  _errno

  _initterm_e

  _initterm

  _seh_filter_dll

  _configure_narrow_argv

  _initialize_narrow_environment

  _initialize_onexit_table

  _register_onexit_function

  _execute_onexit_table

  _crt_atexit

  _cexit

  _beginthreadex

  _invalid_parameter_noinfo_noreturn

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vswscanf

  __stdio_common_vswprintf_s

  fgetc

  fputc

  ungetc

  __stdio_common_vswprintf

  ungetwc

  fputwc

  _wfopen_s

  fgetwc

  fclose

  _get_stream_buffer_pointers

  fread

  fwrite

  fgetpos

  _fseeki64

  fsetpos

  setvbuf

  fflush

  __stdio_common_vsprintf_s

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  iswspace

  isxdigit

  _wcsicmp

  tolower

  _wcsdup

  towlower

  towupper

  api-ms-win-crt-time-l1-1-0

  _time64

  _localtime64_s

  _gmtime64_s

  api-ms-win-crt-filesystem-l1-1-0

  _wrename

  _lock_file

  _wremove

  _unlock_file

  _wstat64

  api-ms-win-crt-convert-l1-1-0

  _strtod_l

  _wtoi

  strtoll

  wcstoll

  wcstol

  atof

  atol

  api-ms-win-crt-math-l1-1-0

  log2

  ceilf

  ceil

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ??0IScenario@ScenarioTracking@@QEAA@AEBV01@@Z

  ??0IScenario@ScenarioTracking@@QEAA@XZ

  ??0LogObfuscatorAes@@QEAA@AEBV0@@Z

  ??0LogObfuscatorAes@@QEAA@XZ

  ??0ScenarioBase@ScenarioTracking@@QEAA@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ??0Scope@ScenarioTracking@@QEAA@V?$shared_ptr@VIScenario@ScenarioTracking@@@std@@@Z

  ??0StructuredEvent@@QEAA@PEBDH0AEBU_GUID@@IIII@Z

  ??0SuppressTransferScope@ScenarioTracking@@QEAA@XZ

  ??0TelemetryEvent@@QEAA@PEBD0AEBU_GUID@@II00II@Z

  ??0TransferScope@ScenarioTracking@@QEAA@QEBVITrace@1@@Z

  ??0TransferScope@ScenarioTracking@@QEAA@V?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@@Z

  ??1IScenario@ScenarioTracking@@UEAA@XZ

  ??1LogObfuscatorAes@@UEAA@XZ

  ??1ScenarioBase@ScenarioTracking@@UEAA@XZ

  ??1Scope@ScenarioTracking@@QEAA@XZ

  ??1SuppressTransferScope@ScenarioTracking@@QEAA@XZ

  ??1TelemetryEvent@@QEAA@XZ

  ??1TransferScope@ScenarioTracking@@QEAA@XZ

  ??4IScenario@ScenarioTracking@@QEAAAEAV01@AEBV01@@Z

  ??4LogObfuscatorAes@@QEAAAEAV0@AEBV0@@Z

  ??_7IScenario@ScenarioTracking@@6B@

  ??_7LogObfuscatorAes@@6B@

  ?ApplyScenarioImplicitParameters@ScenarioTracking@@YAXPEB_WAEBV?$function@$$A6AXPEBDV?$variant@PEBDPEB_WHI_J_K_N@std@@@Z@std@@@Z

  ?ApplyScenarioTracking@ScenarioTracking@@YAXAEBV?$function@$$A6AXPEBDV?$variant@PEBDPEB_WHI_J_K_N@std@@@Z@std@@@Z

  ?AssignLoggingSession@@YAXAEBV?$shared_ptr@VILoggingSession@@@std@@_N@Z

  ?CaptureTrace@ScenarioTracking@@YA?AV?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@XZ

  ?ClassifyScenarioOutcome@FailuresClassification@@YA?AW4Outcome@QoS@@PEB_WW423@K@Z

  ?ClearLoggingSession@@YAXXZ

  ?ConvertOutcomeToResultType@QoS@@YAPEB_WW4Outcome@1@@Z

  ?ConvertResultTypeToOutcome@QoS@@YA?AW4Outcome@1@PEB_W@Z

  ?CreateBinaryLoggingSession@@YAPEAVILoggingSession@@XZ

  ?CreateRemoteDebugServer@@YAPEAVIRemoteDebugServer@@_NG@Z

  ?DecrementActiveHydrationsCount@QoS@@YAXXZ

  ?FlushObfuscationTableToDisk@@YAXXZ

  ?FlushObfuscationTableToDisk@LogObfuscatorAes@@UEAAXPEB_W@Z

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?GetApplicationPropertyId@QoS@@YA?AW4Id@PropertyId@TelemetryConstants@@XZ

  ?GetCurrentTraceId@ScenarioTracking@@YAIXZ

  ?GetDefaultLoggingPath@@YAJAEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AEBV12@@Z

  ?GetDuration@ScenarioBase@ScenarioTracking@@UEAA?AV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@std@@XZ

  ?GetEmptyTelemetryUsageExperimentVector@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetErrorType@QoS@@YA?AW4Type@ErrorType@TelemetryConstants@@JI@Z

  ?GetErrorType@QoS@@YA?AW4Type@ErrorType@TelemetryConstants@@JIAEBV?$set@IU?$less@I@std@@V?$allocator@I@2@@std@@@Z

  ?GetId@ScenarioBase@ScenarioTracking@@UEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetInstance@Telemetry@@CAPEAV1@XZ

  ?GetLoggingSession@@YA?AV?$shared_ptr@VILoggingSession@@@std@@XZ

  ?GetName@ScenarioBase@ScenarioTracking@@UEAA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetResultType@QoS@@YAPEB_WJI@Z

  ?GetResultType@QoS@@YAPEB_WW4Type@ErrorType@TelemetryConstants@@@Z

  ?GetTelemetryUsageExperimentVector@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4ExperimentType@@PEB_W11@Z

  ?GetValueTranslation@TelemetryEvent@@QEAAP6A?AV?$variant@Umonostate@std@@PEBDH@std@@AEBTStructuredEventData@@@Z_K@Z

  ?GuidToString@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AEBU_GUID@@@Z

  ?IncrementActiveHydrationsCount@QoS@@YAXXZ

  ?InsertIntoIrmEnabledLibrarySet@QoS@@YAXAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  ?IsRecorded@ScenarioBase@ScenarioTracking@@UEAA_NXZ

  ?LoggingAddToMultiValueCommonDatapoint@@YAXPEB_W0@Z

  ?LoggingGetCallbackCount@@YA_KXZ

  ?LoggingInitializeForExternalComponent@@YAJPEB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingReconfigure@@YAXPEAVIUpdateRingSettingsManager@@@Z

  ?LoggingRecordAssert@@YAXPEB_W000I0_NI1@Z

  ?LoggingRecordAssert@@YAXPEB_W00I0_NI1@Z

  ?LoggingRecordUnexpectedCrash@@YAXAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0K@Z

  ?LoggingRegisterCallback@@YA_KP6AXPEAXPEBDI1AEBU_GUID@@IIIQEAUStructuredEventParameter@@@Z0@Z

  ?LoggingRemoveFromMultiValueCommonDatapoint@@YAXPEB_W0@Z

  ?LoggingResetAccountSpecificCommonDatapoints@@YAXXZ

  ?LoggingResetTelemetryLevelsToDefault@@YAXXZ

  ?LoggingRotate@@YAXXZ

  ?LoggingRotateIfNeeded@@YAXXZ

  ?LoggingSanitizeFilename@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEBD@Z

  ?LoggingSendTelemetryEvent@@YAXAEAUTelemetryEvent@@QEAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YAXPEB_W0@Z

  ?LoggingSetCommonDatapointUserId@@YAXPEB_WW4UserIdType@@@Z

  ?LoggingSetExperimentSetupData@@YAXPEBDIQEAUExperimentSetupData@@I1@Z

  ?LoggingSetLoggingPrivacyLevel@@YAXW4LoggingPrivacyLevel@@@Z

  ?LoggingSetTelemetryLevelEnabled@@YAXI_N@Z

  ?LoggingShouldSample@@YA_NN@Z

  ?LoggingSwitchTelemetryPipeline@@YAXW4TelemetryTransportType@@_N@Z

  ?LoggingUninitializeForExternalComponent@@YAXXZ

  ?LoggingUnregisterCallback@@YAX_K@Z

  ?LoggingWriteDebugString@@YAXHPEBDI0_NPEB_WZZ

  ?LoggingWriteDeviceFailureDatagramEntry@@YAXPEB_W0@Z

  ?LoggingWriteFormatString@@YAXHPEBDI0_NPEB_WZZ

  ?LoggingWriteFormatStringEx@@YAXHHPEBDI0_NPEB_WPEAD@Z

  ?LoggingWriteStructuredEvent@@YAXAEBUStructuredEvent@@QEAUStructuredEventParameter@@@Z

  ?LoggingWriteStructuredEvent@@YAXPEBDI0AEBU_GUID@@IIIQEAUStructuredEventParameter@@@Z

  ?MarkScenarioReported@ScenarioTracking@@YAXPEB_W@Z

  ?NarrowStringToWideString@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEBD@Z

  ?ObfuscatePrivateInfo@LogObfuscatorAes@@UEAAXPEAVILoggingSession@@AEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?ObserveTrace@ScenarioTracking@@YAPEAVITrace@1@XZ

  ?OneDriveAssertWorker@@YAXPEB_WW4OneDriveAssertType@@0I000ZZ

  ?OutcomeToTelemetryValue@QoS@@YA?AV?$variant@Umonostate@std@@PEBDH@std@@AEBTStructuredEventData@@@Z

  ?OverrideAsserts@@YAXP6AXPEB_W000I0_N@Z@Z

  ?Record@ScenarioBase@ScenarioTracking@@UEAAXXZ

  ?Register@FailuresClassification@@YAX$$QEAV?$function@$$A6A?AW4Outcome@QoS@@PEB_WW412@K@Z@std@@@Z

  ?RegisterSensitiveRootPath@@YAXPEB_W0@Z

  ?RemoveFromIrmEnabledLibrarySet@QoS@@YAXAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?RemovePrivateInfo@@YAXAEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?ReportExternalAssert@@YAXPEB_W_N0I0@Z

  ?ReportUnrecordedScenario@ScenarioTracking@@YAXAEAVIScenario@1@@Z

  ?Reset@FailuresClassification@@YAXXZ

  ?SetApplicationId@QoS@@YAXI@Z

  ?SetValueTranslation@TelemetryEvent@@SAXPEAU1@_KP6A?AV?$variant@Umonostate@std@@PEBDH@std@@AEBTStructuredEventData@@@Z@Z

  ?SizeUnknown@QoS@@YAIXZ

  ?StartScenario@ScenarioTracking@@YA?AV?$shared_ptr@VIScenario@ScenarioTracking@@@std@@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z

  ?StripPrivateInfoFromString@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEB_W@Z

  ?Uninitialize@LogObfuscatorAes@@UEAAXXZ

  ?UnregisterSensitiveRootPath@@YAXPEB_W@Z

  ?UpdateExperimentalAriaRampAPI@@YAX_N@Z

  ?UpdateLogObfuscationAesRamp@@YAX_N@Z

  ?UpdateOfficePrivacyRamp@@YAX_N@Z

  ?UpdateTelemetryTransmissionProfile@@YAXPEBD_N@Z

  ?WideStringToNarrowString@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEB_W@Z

  ?g_ODHasFatallyAsserted@@3_NA

  ?g_assertLogger@@3P6AXPEB_W000I0_N@ZEA

  ?g_catchAssertCallbackInvoked@@3HA

  ?initAssertLogger@@YAXP6AXPEB_W000I0_N@Z@Z

  InitLogging

  TestInitLogging

  TestInitLoggingEx

  TestUninitLogging

  UninitLogging

  Sections

  .text

  Size: 401KB - Virtual size: 401KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 147KB - Virtual size: 147KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 18KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 21KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __TEMP/Microsoft.SharePoint.NativeMessagingClient.exe

  .exe windows:6 windows x64 arch:x64

  6409e03db652be5613b6ba5e50dddf69

  
  

  Code Sign

  33:00:00:04:24:2a:2c:31:dc:36:18:25:58:00:00:00:00:04:24

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:25

  Not After

  01-09-2022 18:25

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  5e:df:f4:e0:d0:5f:98:20:59:79:38:61:68:b8:14:f2:77:aa:fd:9e:11:5f:f4:ac:8c:f1:50:6c:58:06:54:e7

  Signer

  Actual PE Digest

  5e:df:f4:e0:d0:5f:98:20:59:79:38:61:68:b8:14:f2:77:aa:fd:9e:11:5f:f4:ac:8c:f1:50:6c:58:06:54:e7

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  d:\dbs\sh\odct\1122_182811\client\onedrive\Product\Nucleus\win\NativeMessagingClient\exe\obj\amd64\Microsoft.SharePoint.NativeMessagingClient.pdb

  Imports

  kernel32

  Sleep

  QueryPerformanceCounter

  GetModuleHandleW

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  IsDebuggerPresent

  GetCurrentProcessId

  ole32

  CoUninitialize

  CoInitializeEx

  CoCreateInstanceEx

  oleaut32

  SysFreeString

  SysAllocStringLen

  msvcp140

  ?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

  ?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z

  ?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

  ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z

  ?readsome@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_JPEAD_J@Z

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?_Xlength_error@std@@YAXPEBD@Z

  ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

  ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

  ?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

  vcruntime140_1

  __CxxFrameHandler4

  vcruntime140

  __std_exception_destroy

  __current_exception_context

  memmove

  __C_specific_handler

  _CxxThrowException

  memset

  __std_exception_copy

  memcpy

  __current_exception

  api-ms-win-crt-runtime-l1-1-0

  __p___argv

  _c_exit

  _register_thread_local_exe_atexit_callback

  __p___argc

  _initterm

  _exit

  _set_app_type

  terminate

  _seh_filter_exe

  _invalid_parameter_noinfo_noreturn

  exit

  _get_initial_narrow_environment

  _crt_atexit

  _register_onexit_function

  _initialize_onexit_table

  _initialize_narrow_environment

  _configure_narrow_argv

  _cexit

  _initterm_e

  api-ms-win-crt-stdio-l1-1-0

  setvbuf

  _set_fmode

  __acrt_iob_func

  _setmode

  __p__commode

  _fileno

  api-ms-win-crt-heap-l1-1-0

  free

  _callnewh

  malloc

  _set_new_mode

  api-ms-win-crt-math-l1-1-0

  __setusermatherr

  api-ms-win-crt-locale-l1-1-0

  _configthreadlocale

  loggingplatform

  ?WideStringToNarrowString@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PEB_W@Z

  ?NarrowStringToWideString@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PEBD@Z

  Sections

  .text

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 1024B - Virtual size: 768B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 156B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __TEMP/msvcp140.dll

  .dll windows:6 windows x64 arch:x64

  2ba11fd5a511c8a409e705e9ab6b5dc1

  
  

  Code Sign

  33:00:00:04:24:2a:2c:31:dc:36:18:25:58:00:00:00:00:04:24

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:25

  Not After

  01-09-2022 18:25

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  89:98:0b:de:75:6c:66:9b:4b:33:75:df:88:e9:d0:94:81:63:7e:29:99:09:ec:ab:dc:1e:1d:64:0a:36:31:8c

  Signer

  Actual PE Digest

  89:98:0b:de:75:6c:66:9b:4b:33:75:df:88:e9:d0:94:81:63:7e:29:99:09:ec:ab:dc:1e:1d:64:0a:36:31:8c

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  d:\a01\_work\4\s\\binaries\amd64ret\bin\amd64\\msvcp140.amd64.pdb

  Imports

  vcruntime140

  __current_exception_context

  __C_specific_handler

  memcmp

  __uncaught_exceptions

  __uncaught_exception

  memchr

  memmove

  __std_terminate

  _purecall

  memset

  memcpy

  _CxxThrowException

  __AdjustPointer

  __current_exception

  __std_exception_destroy

  __std_type_info_destroy_list

  __std_exception_copy

  vcruntime140_1

  __CxxFrameHandler4

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  realloc

  calloc

  free

  malloc

  api-ms-win-crt-runtime-l1-1-0

  _seh_filter_dll

  _configure_narrow_argv

  abort

  _initterm_e

  _initialize_narrow_environment

  _execute_onexit_table

  _endthreadex

  _beginthreadex

  terminate

  _set_new_handler

  _invalid_parameter_noinfo_noreturn

  _register_onexit_function

  _initialize_onexit_table

  _initterm

  _crt_atexit

  _cexit

  _errno

  api-ms-win-crt-string-l1-1-0

  isdigit

  isspace

  isxdigit

  iswxdigit

  __strncnt

  wcsnlen

  iswspace

  isupper

  wcscpy_s

  iswalnum

  iswdigit

  isalnum

  islower

  _wcsdup

  tolower

  strcspn

  api-ms-win-crt-locale-l1-1-0

  _lock_locales

  __pctype_func

  ___lc_locale_name_func

  setlocale

  ___lc_codepage_func

  ___mb_cur_max_func

  ___lc_collate_cp_func

  _unlock_locales

  localeconv

  api-ms-win-crt-stdio-l1-1-0

  fputs

  fgetwc

  fseek

  _fsopen

  _wfsopen

  fputwc

  ungetwc

  __stdio_common_vsprintf_s

  __acrt_iob_func

  _get_stream_buffer_pointers

  fclose

  fflush

  fgetc

  fgetpos

  fputc

  fread

  fsetpos

  _fseeki64

  fwrite

  setvbuf

  ungetc

  api-ms-win-crt-filesystem-l1-1-0

  _unlock_file

  _lock_file

  _wrmdir

  _wrename

  _wchdir

  _wremove

  api-ms-win-crt-time-l1-1-0

  _W_Getmonths

  _W_Getdays

  _Gettnames

  _Getmonths

  _W_Gettnames

  _Wcsftime

  _Getdays

  _Strftime

  api-ms-win-crt-environment-l1-1-0

  _wgetcwd

  api-ms-win-crt-math-l1-1-0

  pow

  powf

  ldexp

  frexp

  logf

  log

  api-ms-win-crt-convert-l1-1-0

  btowc

  strtod

  strtof

  api-ms-win-crt-utility-l1-1-0

  rand_s

  kernel32

  SubmitThreadpoolWork

  RaiseException

  CompareStringEx

  MultiByteToWideChar

  GetCPInfo

  InitializeSListHead

  WideCharToMultiByte

  LCMapStringEx

  GetLocaleInfoEx

  ReleaseSRWLockExclusive

  AcquireSRWLockExclusive

  CreateDirectoryW

  CreateFileW

  FindClose

  FindFirstFileExW

  FindNextFileW

  GetDiskFreeSpaceExW

  GetFileAttributesExW

  GetCurrentProcessId

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  IsDebuggerPresent

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  GetFileInformationByHandleEx

  GetProcAddress

  GetModuleHandleW

  CloseThreadpoolWait

  SetThreadpoolWait

  CreateThreadpoolWait

  CloseThreadpoolTimer

  WaitForThreadpoolTimerCallbacks

  SetThreadpoolTimer

  CreateThreadpoolTimer

  GetTickCount64

  GetSystemTimeAsFileTime

  GetCurrentProcessorNumber

  FlushProcessWriteBuffers

  CreateSemaphoreExW

  CreateEventExW

  SetFileInformationByHandle

  InitOnceExecuteOnce

  GetStringTypeW

  QueryPerformanceFrequency

  QueryPerformanceCounter

  GetModuleHandleExW

  CloseThreadpoolWork

  RtlPcToFileHeader

  CreateThreadpoolWork

  FreeLibraryWhenCallbackReturns

  IsProcessorFeaturePresent

  RtlCaptureStackBackTrace

  DeleteCriticalSection

  TryEnterCriticalSection

  InitializeCriticalSectionEx

  LeaveCriticalSection

  EnterCriticalSection

  InitializeSRWLock

  GetNativeSystemInfo

  GetExitCodeThread

  GetCurrentThreadId

  SwitchToThread

  Sleep

  WaitForSingleObjectEx

  SleepConditionVariableSRW

  SleepConditionVariableCS

  WakeAllConditionVariable

  WakeConditionVariable

  InitializeConditionVariable

  FormatMessageA

  LocalFree

  DecodePointer

  EncodePointer

  CreateSymbolicLinkW

  CreateHardLinkW

  CopyFileW

  GetLastError

  CloseHandle

  AreFileApisANSI

  GetTempPathW

  SetFileTime

  SetFilePointerEx

  SetFileAttributesW

  SetEndOfFile

  GetFileInformationByHandle

  Exports

  Exports

  ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAAX_WAEBV_Locinfo@1@@Z

  ??0?$_Yarn@D@std@@QEAA@AEBV01@@Z

  ??0?$_Yarn@D@std@@QEAA@PEBD@Z

  ??0?$_Yarn@D@std@@QEAA@XZ

  ??0?$_Yarn@G@std@@QEAA@AEBV01@@Z

  ??0?$_Yarn@G@std@@QEAA@PEBG@Z

  ??0?$_Yarn@G@std@@QEAA@XZ

  ??0?$_Yarn@_W@std@@QEAA@AEBV01@@Z

  ??0?$_Yarn@_W@std@@QEAA@PEB_W@Z

  ??0?$_Yarn@_W@std@@QEAA@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAA@$$QEAV01@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@W4_Uninitialized@1@_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@AEBV01@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@AEBV01@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@AEBV01@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

  ??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$codecvt@DDU_Mbstatet@@@std@@QEAA@_K@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QEAA@_K@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@KW4_Codecvt_mode@1@_K@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QEAA@_K@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z

  ??0?$ctype@D@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$ctype@D@std@@QEAA@PEBF_N_K@Z

  ??0?$ctype@G@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$ctype@G@std@@QEAA@_K@Z

  ??0?$ctype@_W@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$ctype@_W@std@@QEAA@_K@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEAA@PEBD_K@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAA@_K@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEAA@PEBD_K@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAA@_K@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEAA@PEBD_K@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@AEBV_Locinfo@1@_K@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAA@_K@Z

  ??0Init@ios_base@std@@QEAA@XZ

  ??0_Facet_base@std@@QEAA@AEBV01@@Z

  ??0_Facet_base@std@@QEAA@XZ

  ??0_Init_locks@std@@QEAA@XZ

  ??0_Locimp@locale@std@@AEAA@AEBV012@@Z

  ??0_Locimp@locale@std@@AEAA@_N@Z

  ??0_Locinfo@std@@QEAA@HPEBD@Z

  ??0_Locinfo@std@@QEAA@PEBD@Z

  ??0_Lockit@std@@QEAA@H@Z

  ??0_Lockit@std@@QEAA@XZ

  ??0_Timevec@std@@QEAA@AEBV01@@Z

  ??0_Timevec@std@@QEAA@PEAX@Z

  ??0_UShinit@std@@QEAA@XZ

  ??0_Winit@std@@QEAA@XZ

  ??0codecvt_base@std@@QEAA@_K@Z

  ??0ctype_base@std@@QEAA@_K@Z

  ??0facet@locale@std@@IEAA@_K@Z

  ??0id@locale@std@@QEAA@_K@Z

  ??0ios_base@std@@IEAA@XZ

  ??0task_continuation_context@Concurrency@@AEAA@XZ

  ??0time_base@std@@QEAA@_K@Z

  ??1?$_Yarn@D@std@@QEAA@XZ

  ??1?$_Yarn@G@std@@QEAA@XZ

  ??1?$_Yarn@_W@std@@QEAA@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

  ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ

  ??1?$codecvt@DDU_Mbstatet@@@std@@MEAA@XZ

  ??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ

  ??1?$codecvt@_SDU_Mbstatet@@@std@@MEAA@XZ

  ??1?$codecvt@_UDU_Mbstatet@@@std@@MEAA@XZ

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ

  ??1?$ctype@D@std@@MEAA@XZ

  ??1?$ctype@G@std@@MEAA@XZ

  ??1?$ctype@_W@std@@MEAA@XZ

  ??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

  ??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

  ??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

  ??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

  ??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

  ??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

  ??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

  ??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

  ??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

  ??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MEAA@XZ

  ??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MEAA@XZ

  ??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MEAA@XZ

  ??1Init@ios_base@std@@QEAA@XZ

  ??1_Facet_base@std@@UEAA@XZ

  ??1_Init_locks@std@@QEAA@XZ

  ??1_Locimp@locale@std@@MEAA@XZ

  ??1_Locinfo@std@@QEAA@XZ

  ??1_Lockit@std@@QEAA@XZ

  ??1_Timevec@std@@QEAA@XZ

  ??1_UShinit@std@@QEAA@XZ

  ??1_Winit@std@@QEAA@XZ

  ??1codecvt_base@std@@UEAA@XZ

  ??1ctype_base@std@@UEAA@XZ

  ??1facet@locale@std@@MEAA@XZ

  ??1ios_base@std@@UEAA@XZ

  ??1time_base@std@@UEAA@XZ

  ??4?$_Iosb@H@std@@QEAAAEAV01@$$QEAV01@@Z

  ??4?$_Iosb@H@std@@QEAAAEAV01@AEBV01@@Z

  ??4?$_Yarn@D@std@@QEAAAEAV01@AEBV01@@Z

  ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z

  ??4?$_Yarn@G@std@@QEAAAEAV01@AEBV01@@Z

  ??4?$_Yarn@G@std@@QEAAAEAV01@PEBG@Z

  ??4?$_Yarn@_W@std@@QEAAAEAV01@AEBV01@@Z

  ??4?$_Yarn@_W@std@@QEAAAEAV01@PEB_W@Z

  ??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_istream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@$$QEAV01@@Z

  ??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAAEAV01@AEBV01@@Z

  ??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAAEAV01@AEBV01@@Z

  ??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAAEAV01@AEBV01@@Z

  ??4Init@ios_base@std@@QEAAAEAV012@AEBV012@@Z

  ??4_Crt_new_delete@std@@QEAAAEAU01@$$QEAU01@@Z

  ??4_Crt_new_delete@std@@QEAAAEAU01@AEBU01@@Z

  ??4_Facet_base@std@@QEAAAEAV01@AEBV01@@Z

  ??4_Init_locks@std@@QEAAAEAV01@AEBV01@@Z

  ??4_Timevec@std@@QEAAAEAV01@AEBV01@@Z

  ??4_UShinit@std@@QEAAAEAV01@AEBV01@@Z

  ??4_Winit@std@@QEAAAEAV01@AEBV01@@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAK@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAO@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAPEAX@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAF@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAG@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAJ@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAK@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAO@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAPEAX@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_J@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_N@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAF@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAI@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAJ@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAK@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAM@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAN@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAO@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAPEAX@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_J@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_N@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@O@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@DU?$char_traits@D@std@@@1@AEAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@F@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@G@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@O@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@GU?$char_traits@G@std@@@1@AEAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@O@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AEAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z

  ??7ios_base@std@@QEBA_NXZ

  ??Bid@locale@std@@QEAA_KXZ

  ??Bios_base@std@@QEBA_NXZ

  ??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

  ??_7?$ctype@D@std@@6B@

  ??_7?$ctype@G@std@@6B@

  ??_7?$ctype@_W@std@@6B@

  ??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7_Facet_base@std@@6B@

  ??_7_Locimp@locale@std@@6B@

  ??_7codecvt_base@std@@6B@

  ??_7ctype_base@std@@6B@

  ??_7facet@locale@std@@6B@

  ??_7ios_base@std@@6B@

  ??_7time_base@std@@6B@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

  ??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAAXXZ

  ??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

  ??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ

  ??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAXXZ

  ??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

  ??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

  ??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ

  ??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ

  ??_F?$codecvt@DDU_Mbstatet@@@std@@QEAAXXZ

  ??_F?$codecvt@GDU_Mbstatet@@@std@@QEAAXXZ

  ??_F?$codecvt@_SDU_Mbstatet@@@std@@QEAAXXZ

  ??_F?$codecvt@_UDU_Mbstatet@@@std@@QEAAXXZ

  ??_F?$codecvt@_WDU_Mbstatet@@@std@@QEAAXXZ

  ??_F?$ctype@D@std@@QEAAXXZ

  ??_F?$ctype@G@std@@QEAAXXZ

  ??_F?$ctype@_W@std@@QEAAXXZ

  ??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

  ??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

  ??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

  ??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

  ??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

  ??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

  ??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

  ??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

  ??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

  ??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEAAXXZ

  ??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QEAAXXZ

  ??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEAAXXZ

  ??_F_Locinfo@std@@QEAAXXZ

  ??_F_Timevec@std@@QEAAXXZ

  ??_Fcodecvt_base@std@@QEAAXXZ

  ??_Fctype_base@std@@QEAAXXZ

  ??_Ffacet@locale@std@@QEAAXXZ

  ??_Fid@locale@std@@QEAAXXZ

  ??_Ftime_base@std@@QEAAXXZ

  ?CaptureCallstack@platform@details@Concurrency@@YA_KPEAPEAX_K1@Z

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ

  ?_Addcats@_Locinfo@std@@QEAAAEAV12@HPEBD@Z

  ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z

  ?_Addstd@ios_base@std@@SAXPEAV12@@Z

  ?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z

  ?_Atexit@@YAXP6AXXZ@Z

  ?_BADOFF@std@@3_JB

  ?_C_str@?$_Yarn@D@std@@QEBAPEBDXZ

  ?_C_str@?$_Yarn@G@std@@QEBAPEBGXZ

  ?_C_str@?$_Yarn@_W@std@@QEBAPEB_WXZ

  ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Callfns@ios_base@std@@AEAAXW4event@12@@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ

  ?_Clocptr@_Locimp@locale@std@@0PEAV123@EA

  ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ

  ?_Donarrow@?$ctype@G@std@@IEBADGD@Z

  ?_Donarrow@?$ctype@_W@std@@IEBAD_WD@Z

  ?_Dowiden@?$ctype@G@std@@IEBAGD@Z

  ?_Dowiden@?$ctype@_W@std@@IEBA_WD@Z

  ?_Empty@?$_Yarn@D@std@@QEBA_NXZ

  ?_Empty@?$_Yarn@G@std@@QEBA_NXZ

  ?_Empty@?$_Yarn@_W@std@@QEBA_NXZ

  ?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z

  ?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADDH@Z

  ?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADDH@Z

  ?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADDH@Z

  ?_Findarr@ios_base@std@@AEAAAEAU_Iosarray@12@H@Z

  ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z

  ?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z

  ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z

  ?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBD_K@Z

  ?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AEAVios_base@2@GPEBD_K@Z

  ?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBD_K@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z

  ?_Getcat@facet@locale@std@@SA_KPEAPEBV123@PEBV23@@Z

  ?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ

  ?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ

  ?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ

  ?_Getdateorder@_Locinfo@std@@QEBAHXZ

  ?_Getdays@_Locinfo@std@@QEBAPEBDXZ

  ?_Getfalse@_Locinfo@std@@QEBAPEBDXZ

  ?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z

  ?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z

  ?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z

  ?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AEAVios_base@2@PEAH@Z

  ?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AEAVios_base@2@PEAH@Z

  ?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AEAVios_base@2@PEAH@Z

  ?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

  ?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

  ?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD@Z

  ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ

  ?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HAEBVlocale@2@@Z

  ?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HAEBVlocale@2@@Z

  ?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHPEADAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HAEBVlocale@2@@Z

  ?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAEAHAEBV?$ctype@D@2@@Z

  ?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAEAHAEBV?$ctype@G@2@@Z

  ?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAHAEAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAEAHAEBV?$ctype@_W@2@@Z

  ?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ

  ?_Getmonths@_Locinfo@std@@QEBAPEBDXZ

  ?_Getname@_Locinfo@std@@QEBAPEBDXZ

  ?_Getptr@_Timevec@std@@QEBAPEAXXZ

  ?_Gettnames@_Locinfo@std@@QEBA?AV_Timevec@2@XZ

  ?_Gettrue@_Locinfo@std@@QEBAPEBDXZ

  ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ

  ?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBA_JXZ

  ?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBA_JXZ

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

  ?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

  ?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

  ?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ

  ?_Id_cnt@id@locale@std@@0HA

  ?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

  ?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

  ?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@AEBAPEADPEADPEBDH@Z

  ?_Incref@facet@locale@std@@UEAAXXZ

  ?_Index@ios_base@std@@0HA

  Sections

  .text

  Size: 335KB - Virtual size: 334KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 182KB - Virtual size: 181KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 7KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1000B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __TEMP/update.bin

  .dll windows:6 windows x64 arch:x64

  b8979d027a088d248f6dde42315ae2ef

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetCurrentThreadId

  LoadLibraryA

  GetLastError

  GetCurrentProcess

  SubmitThreadpoolWork

  GetProcAddress

  GetConsoleWindow

  CreateThreadpoolWork

  WriteConsoleW

  CreateFileW

  MultiByteToWideChar

  WideCharToMultiByte

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  CloseHandle

  InitializeCriticalSectionAndSpinCount

  CreateEventW

  GetModuleHandleW

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  IsProcessorFeaturePresent

  IsDebuggerPresent

  GetStartupInfoW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  InitializeSListHead

  RtlUnwindEx

  RtlPcToFileHeader

  RaiseException

  InterlockedFlushSList

  SetLastError

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapFree

  HeapAlloc

  GetStdHandle

  GetFileType

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  ReadFile

  GetFileSizeEx

  SetFilePointerEx

  ReadConsoleW

  HeapReAlloc

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetProcessHeap

  SetStdHandle

  HeapSize

  RtlUnwind

  user32

  ShowWindow

  Exports

  Exports

  IsInteractiveUserSession

  QueryActiveSession

  QueryUserToken

  RegisterUsertokenForNoWinlogon

  WTSCloseServer

  WTSConnectSessionA

  WTSConnectSessionW

  WTSCreateListenerA

  WTSCreateListenerW

  WTSDisconnectSession

  WTSEnableChildSessions

  WTSEnumerateListenersA

  WTSEnumerateListenersW

  WTSEnumerateProcessesA

  WTSEnumerateProcessesExA

  WTSEnumerateProcessesExW

  WTSEnumerateProcessesW

  WTSEnumerateServersA

  WTSEnumerateServersW

  WTSEnumerateSessionsA

  WTSEnumerateSessionsExA

  WTSEnumerateSessionsExW

  WTSEnumerateSessionsW

  WTSFreeMemory

  WTSFreeMemoryExA

  WTSFreeMemoryExW

  WTSGetChildSessionId

  WTSGetListenerSecurityA

  WTSGetListenerSecurityW

  WTSIsChildSessionsEnabled

  WTSLogoffSession

  WTSOpenServerA

  WTSOpenServerExA

  WTSOpenServerExW

  WTSOpenServerW

  WTSQueryListenerConfigA

  WTSQueryListenerConfigW

  WTSQuerySessionInformationA

  WTSQuerySessionInformationW

  WTSQueryUserConfigA

  WTSQueryUserConfigW

  WTSQueryUserToken

  WTSRegisterSessionNotification

  WTSRegisterSessionNotificationEx

  WTSSendMessageA

  WTSSendMessageW

  WTSSetListenerSecurityA

  WTSSetListenerSecurityW

  WTSSetRenderHint

  WTSSetSessionInformationA

  WTSSetSessionInformationW

  WTSSetUserConfigA

  WTSSetUserConfigW

  WTSShutdownSystem

  WTSStartRemoteControlSessionA

  WTSStartRemoteControlSessionW

  WTSStopRemoteControlSession

  WTSTerminateProcess

  WTSUnRegisterSessionNotification

  WTSUnRegisterSessionNotificationEx

  WTSVirtualChannelClose

  WTSVirtualChannelOpen

  WTSVirtualChannelOpenEx

  WTSVirtualChannelPurgeInput

  WTSVirtualChannelPurgeOutput

  WTSVirtualChannelQuery

  WTSVirtualChannelRead

  WTSVirtualChannelWrite

  WTSWaitSystemEvent

  Sections

  .text

  Size: 277KB - Virtual size: 277KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 100KB - Virtual size: 99KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 13KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 244B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __TEMP/vcruntime140.dll

  .dll windows:6 windows x64 arch:x64

  44c3854843f7a3fccdf8ddbbea66f302

  
  

  Code Sign

  33:00:00:04:24:2a:2c:31:dc:36:18:25:58:00:00:00:00:04:24

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:25

  Not After

  01-09-2022 18:25

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  41:89:b8:d3:67:51:ac:fa:a7:a7:15:fb:8e:2d:d9:7e:b7:64:33:cf:7a:04:8b:81:11:a4:af:79:34:c5:dc:b5

  Signer

  Actual PE Digest

  41:89:b8:d3:67:51:ac:fa:a7:a7:15:fb:8e:2d:d9:7e:b7:64:33:cf:7a:04:8b:81:11:a4:af:79:34:c5:dc:b5

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  d:\a01\_work\4\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  terminate

  abort

  api-ms-win-crt-heap-l1-1-0

  calloc

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  strncmp

  wcsncmp

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf_s

  api-ms-win-crt-convert-l1-1-0

  atol

  kernel32

  SetLastError

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlCaptureContext

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  RtlLookupFunctionEntry

  RtlUnwindEx

  GetModuleHandleW

  RtlUnwind

  EncodePointer

  RaiseException

  RtlPcToFileHeader

  InterlockedPushEntrySList

  InterlockedFlushSList

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  GetLastError

  LoadLibraryExW

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  GetModuleFileNameW

  Exports

  Exports

  _CreateFrameInfo

  _CxxThrowException

  _FindAndUnlinkFrame

  _IsExceptionObjectToBeDestroyed

  _SetWinRTOutOfMemoryExceptionCallback

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __C_specific_handler

  __C_specific_handler_noexcept

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __GetPlatformExceptionInfo

  __NLG_Dispatch2

  __NLG_Return2

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __TypeMatch

  __current_exception

  __current_exception_context

  __intrinsic_setjmp

  __intrinsic_setjmpex

  __processing_throw

  __report_gsfailure

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_compare

  __std_type_info_destroy_list

  __std_type_info_hash

  __std_type_info_name

  __telemetry_main_invoke_trigger

  __telemetry_main_return_trigger

  __unDName

  __unDNameEx

  __uncaught_exception

  __uncaught_exceptions

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_InitializeCriticalSectionEx

  __vcrt_LoadLibraryExW

  _get_purecall_handler

  _get_unexpected

  _is_exception_typeof

  _local_unwind

  _purecall

  _set_purecall_handler

  _set_se_translator

  longjmp

  memchr

  memcmp

  memcpy

  memmove

  memset

  set_unexpected

  strchr

  strrchr

  strstr

  unexpected

  wcschr

  wcsrchr

  wcsstr

  Sections

  .text

  Size: 62KB - Virtual size: 62KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 244B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1016B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 416B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __TEMP/vcruntime140_1.dll

  .dll windows:6 windows x64 arch:x64

  ae0bde6314fa2027b54ce04898f6ab69

  
  

  Code Sign

  33:00:00:04:24:2a:2c:31:dc:36:18:25:58:00:00:00:00:04:24

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  02-09-2021 18:25

  Not After

  01-09-2022 18:25

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  2a:2b:2f:60:a6:93:4b:44:07:a6:e9:dc:f4:39:58:3c:27:e2:5a:aa:e8:82:60:e1:c3:cf:af:9e:c8:6c:80:75

  Signer

  Actual PE Digest

  2a:2b:2f:60:a6:93:4b:44:07:a6:e9:dc:f4:39:58:3c:27:e2:5a:aa:e8:82:60:e1:c3:cf:af:9e:c8:6c:80:75

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  d:\a01\_work\4\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  terminate

  abort

  api-ms-win-crt-heap-l1-1-0

  malloc

  calloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  wcsncmp

  vcruntime140

  __processing_throw

  __C_specific_handler

  memmove

  __current_exception

  kernel32

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlCaptureContext

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  RtlUnwindEx

  RtlLookupFunctionEntry

  LoadLibraryExW

  GetProcAddress

  FreeLibrary

  TlsFree

  TlsSetValue

  TlsGetValue

  EncodePointer

  RaiseException

  RtlPcToFileHeader

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  GetLastError

  SetLastError

  TlsAlloc

  Exports

  Exports

  __CxxFrameHandler4

  __NLG_Dispatch2

  __NLG_Return2

  Sections

  .text

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 1024B - Virtual size: 1020B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 316B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __TEMP/wtsapi32.dll

  .dll windows:6 windows x64 arch:x64

  db03b9ee812ce4469293a5e81ba21cbf

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  Imports

  kernel32

  CopyFileW

  WriteConsoleW

  CreateProcessW

  ExitProcess

  GetModuleFileNameW

  CreateDirectoryW

  CloseHandle

  CreateFileW

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwindEx

  RtlPcToFileHeader

  RaiseException

  InterlockedFlushSList

  GetLastError

  SetLastError

  EncodePointer

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  GetModuleHandleExW

  HeapAlloc

  HeapFree

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  MultiByteToWideChar

  WideCharToMultiByte

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  LCMapStringW

  GetProcessHeap

  GetStdHandle

  GetFileType

  GetStringTypeW

  HeapSize

  HeapReAlloc

  SetStdHandle

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  SetFilePointerEx

  advapi32

  RegCreateKeyA

  RegSetValueExW

  shell32

  SHGetKnownFolderPath

  Exports

  Exports

  IsInteractiveUserSession

  QueryActiveSession

  QueryUserToken

  RegisterUsertokenForNoWinlogon

  WTSCloseServer

  WTSConnectSessionA

  WTSConnectSessionW

  WTSCreateListenerA

  WTSCreateListenerW

  WTSDisconnectSession

  WTSEnableChildSessions

  WTSEnumerateListenersA

  WTSEnumerateListenersW

  WTSEnumerateProcessesA

  WTSEnumerateProcessesExA

  WTSEnumerateProcessesExW

  WTSEnumerateProcessesW

  WTSEnumerateServersA

  WTSEnumerateServersW

  WTSEnumerateSessionsA

  WTSEnumerateSessionsExA

  WTSEnumerateSessionsExW

  WTSEnumerateSessionsW

  WTSFreeMemory

  WTSFreeMemoryExA

  WTSFreeMemoryExW

  WTSGetChildSessionId

  WTSGetListenerSecurityA

  WTSGetListenerSecurityW

  WTSIsChildSessionsEnabled

  WTSLogoffSession

  WTSOpenServerA

  WTSOpenServerExA

  WTSOpenServerExW

  WTSOpenServerW

  WTSQueryListenerConfigA

  WTSQueryListenerConfigW

  WTSQuerySessionInformationA

  WTSQuerySessionInformationW

  WTSQueryUserConfigA

  WTSQueryUserConfigW

  WTSQueryUserToken

  WTSRegisterSessionNotification

  WTSRegisterSessionNotificationEx

  WTSSendMessageA

  WTSSendMessageW

  WTSSetListenerSecurityA

  WTSSetListenerSecurityW

  WTSSetRenderHint

  WTSSetSessionInformationA

  WTSSetSessionInformationW

  WTSSetUserConfigA

  WTSSetUserConfigW

  WTSShutdownSystem

  WTSStartRemoteControlSessionA

  WTSStartRemoteControlSessionW

  WTSStopRemoteControlSession

  WTSTerminateProcess

  WTSUnRegisterSessionNotification

  WTSUnRegisterSessionNotificationEx

  WTSVirtualChannelClose

  WTSVirtualChannelOpen

  WTSVirtualChannelOpenEx

  WTSVirtualChannelPurgeInput

  WTSVirtualChannelPurgeOutput

  WTSVirtualChannelQuery

  WTSVirtualChannelRead

  WTSVirtualChannelWrite

  WTSWaitSystemEvent

  Sections

  .text

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 44KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 252B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• 93b2e45c13ba5c785dfd9e21ad2f6fe7289470e8504a89ae4c352858f8510749

  .zip
• LoggingPlatform.dll

  .dll windows:6 windows x86 arch:x86

  c4217bcf28c427e746fd876322b449a0

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  c2:9c:91:65:1e:e1:a8:d6:29:28:cd:54:80:41:ea:9c:ea:58:31:eb:6c:2c:e0:b9:b8:6e:74:64:1a:bb:38:a3

  Signer

  Actual PE Digest

  c2:9c:91:65:1e:e1:a8:d6:29:28:cd:54:80:41:ea:9c:ea:58:31:eb:6c:2c:e0:b9:b8:6e:74:64:1a:bb:38:a3

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\Logging\dll\obj\i386\LoggingPlatform.pdb

  Imports

  kernel32

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  CompareStringOrdinal

  GetFileAttributesW

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  GetCommandLineW

  CopyFileW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetFinalPathNameByHandleW

  GetProcessTimes

  IsDebuggerPresent

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetLastError

  OpenFileById

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  QueryPerformanceCounter

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetDiskFreeSpaceExW

  VerifyVersionInfoW

  VerSetConditionMask

  DeleteCriticalSection

  InitializeCriticalSectionEx

  MultiByteToWideChar

  WideCharToMultiByte

  IsWow64Process

  CreateProcessW

  CreateMutexW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetModuleFileNameW

  GetModuleHandleW

  GetCurrentProcess

  GetSystemTimeAsFileTime

  WaitForSingleObject

  TerminateProcess

  Sleep

  MoveFileW

  K32GetModuleFileNameExW

  OpenProcess

  LocalFree

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  FindClose

  FindNextFileW

  FindFirstFileW

  DeviceIoControl

  CompareFileTime

  DeleteFileW

  CreateDirectoryW

  WerUnregisterFile

  WerRegisterFile

  WriteFile

  CloseHandle

  SetFileTime

  SystemTimeToFileTime

  GetSystemTime

  GetLastError

  CreateFileW

  GetCurrentThreadId

  UnhandledExceptionFilter

  GetSystemTimes

  GetCurrentProcessId

  user32

  SendMessageTimeoutW

  DestroyWindow

  DispatchMessageW

  TranslateMessage

  ShowWindow

  GetMessageW

  CreateWindowExW

  GetClassNameW

  EnumWindows

  RegisterClassW

  PostMessageW

  GetWindowThreadProcessId

  advapi32

  RegEnumKeyW

  CryptAcquireContextW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  CryptDestroyHash

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegQueryValueExW

  RegSetValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegGetValueW

  RegCloseKey

  RegSetKeyValueW

  RegCreateKeyExW

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  CryptReleaseContext

  shell32

  SHCreateDirectoryExW

  SHGetKnownFolderPath

  SHGetSpecialFolderPathW

  SHFileOperationW

  SHChangeNotify

  CommandLineToArgvW

  SHCreateItemFromParsingName

  SHGetFolderPathW

  SHGetFolderPathAndSubDirW

  ord526

  ShellExecuteExW

  ole32

  CoCreateInstance

  CoCreateGuid

  CoCreateFreeThreadedMarshaler

  StringFromGUID2

  CoSetProxyBlanket

  CoInitializeEx

  CoUninitialize

  CoTaskMemFree

  StringFromCLSID

  oleaut32

  SysAllocStringByteLen

  SysStringByteLen

  SysAllocString

  GetRecordInfoFromTypeInfo

  LoadRegTypeLi

  LoadTypeLi

  SysFreeString

  SetErrorInfo

  SysStringLen

  GetErrorInfo

  crypt32

  CryptBinaryToStringW

  CryptStringToBinaryW

  rpcrt4

  RpcBindingSetAuthInfoExW

  RpcBindingFromStringBindingW

  RpcStringBindingComposeW

  RpcBindingFree

  RpcServerInqCallAttributesW

  RpcServerUnregisterIf

  RpcEpUnregister

  RpcBindingVectorFree

  RpcEpRegisterW

  RpcServerInqBindings

  RpcServerUseProtseqW

  RpcStringFreeW

  UuidToStringW

  UuidCreate

  RpcServerRegisterIfEx

  secur32

  GetUserNameExW

  shlwapi

  PathIsRelativeW

  PathFileExistsW

  PathIsDirectoryW

  SHGetValueW

  PathStripPathW

  SHRegGetBoolUSValueW

  SHRegGetValueW

  SHCreateStreamOnFileW

  PathIsPrefixW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  ws2_32

  accept

  send

  setsockopt

  bind

  htonl

  WSAGetLastError

  htons

  socket

  WSAStartup

  closesocket

  listen

  wtsapi32

  WTSQuerySessionInformationW

  WTSQueryUserToken

  WTSEnumerateSessionsW

  WTSFreeMemory

  msvcp140

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ?_Random_device@std@@YAIXZ

  _Cnd_wait

  _Cnd_do_broadcast_at_thread_exit

  _Mtx_current_owns

  _Cnd_timedwait

  _Thrd_id

  _Thrd_join

  ?_Throw_Cpp_error@std@@YAXH@Z

  _Cnd_broadcast

  _Cnd_destroy_in_situ

  _Cnd_init_in_situ

  ?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBUtm@@PB_W4@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Xinvalid_argument@std@@YAXPBD@Z

  _Mtx_trylock

  ?_Xbad_function_call@std@@YAXXZ

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_JH@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  _Xtime_get_ticks

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z

  ?_Xbad_alloc@std@@YAXXZ

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_unlock

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ??Bid@locale@std@@QAEIXZ

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ?_Xout_of_range@std@@YAXPBD@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?uncaught_exception@std@@YA_NXZ

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z

  ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z

  ?tellg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?always_noconv@codecvt_base@std@@QBE_NXZ

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

  ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

  ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

  ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

  ?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __std_type_info_destroy_list

  memset

  __std_exception_destroy

  _CxxThrowException

  _except_handler4_common

  __current_exception_context

  __current_exception

  wcsstr

  wcsrchr

  strrchr

  memmove

  __RTDynamicCast

  memcmp

  memcpy

  __CxxFrameHandler3

  __std_terminate

  __std_exception_copy

  _purecall

  api-ms-win-crt-runtime-l1-1-0

  _invalid_parameter_noinfo_noreturn

  _invalid_parameter_noinfo

  terminate

  _beginthreadex

  _initterm_e

  _initterm

  _errno

  _cexit

  _crt_atexit

  _execute_onexit_table

  _register_onexit_function

  _initialize_onexit_table

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  api-ms-win-crt-stdio-l1-1-0

  setvbuf

  __stdio_common_vsprintf_s

  fsetpos

  fgetwc

  __stdio_common_vswscanf

  _wfopen_s

  fgetc

  fclose

  fputwc

  fputc

  ungetc

  _fseeki64

  fflush

  ungetwc

  fwrite

  __stdio_common_vswprintf

  __stdio_common_vswprintf_s

  fread

  fgetpos

  _get_stream_buffer_pointers

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  malloc

  api-ms-win-crt-string-l1-1-0

  isxdigit

  _wcsicmp

  tolower

  iswspace

  _wcsdup

  towupper

  api-ms-win-crt-time-l1-1-0

  _localtime64_s

  _gmtime64_s

  _time64

  api-ms-win-crt-filesystem-l1-1-0

  _wrename

  _lock_file

  _wstat64

  _unlock_file

  _wremove

  api-ms-win-crt-convert-l1-1-0

  _strtod_l

  atof

  atol

  wcstoll

  wcstol

  strtoll

  _wtoi

  api-ms-win-crt-math-l1-1-0

  log2

  ceil

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ??0IScenario@ScenarioTracking@@QAE@ABV01@@Z

  ??0IScenario@ScenarioTracking@@QAE@XZ

  ??0ScenarioBase@ScenarioTracking@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ??0Scope@ScenarioTracking@@QAE@V?$shared_ptr@VIScenario@ScenarioTracking@@@std@@@Z

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ??0SuppressTransferScope@ScenarioTracking@@QAE@XZ

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ??0TransferScope@ScenarioTracking@@QAE@QBVITrace@1@@Z

  ??0TransferScope@ScenarioTracking@@QAE@V?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@@Z

  ??1IScenario@ScenarioTracking@@UAE@XZ

  ??1ScenarioBase@ScenarioTracking@@UAE@XZ

  ??1Scope@ScenarioTracking@@QAE@XZ

  ??1SuppressTransferScope@ScenarioTracking@@QAE@XZ

  ??1TelemetryEvent@@QAE@XZ

  ??1TransferScope@ScenarioTracking@@QAE@XZ

  ??4IScenario@ScenarioTracking@@QAEAAV01@ABV01@@Z

  ??_7IScenario@ScenarioTracking@@6B@

  ?ApplyScenarioImplicitParameters@ScenarioTracking@@YGXPB_WABV?$function@$$A6GXPBDV?$variant@PBDPB_WHI_J_K_N@std@@@Z@std@@@Z

  ?ApplyScenarioTracking@ScenarioTracking@@YGXABV?$function@$$A6GXPBDV?$variant@PBDPB_WHI_J_K_N@std@@@Z@std@@@Z

  ?AssignLoggingSession@@YGXABV?$shared_ptr@VILoggingSession@@@std@@_N@Z

  ?CaptureTrace@ScenarioTracking@@YG?AV?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@XZ

  ?ClassifyScenarioOutcome@FailuresClassification@@YG?AW4Outcome@QoS@@PB_WW423@K@Z

  ?ClearLoggingSession@@YGXXZ

  ?ConvertOutcomeToResultType@QoS@@YGPB_WW4Outcome@1@@Z

  ?ConvertResultTypeToOutcome@QoS@@YG?AW4Outcome@1@PB_W@Z

  ?CreateBinaryLoggingSession@@YGPAVILoggingSession@@XZ

  ?CreateRemoteDebugServer@@YGPAVIRemoteDebugServer@@_NG@Z

  ?DecrementActiveHydrationsCount@QoS@@YAXXZ

  ?FlushObfuscationTableToDisk@@YGXXZ

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?GetApplicationPropertyId@QoS@@YA?AW4Id@PropertyId@TelemetryConstants@@XZ

  ?GetCurrentTraceId@ScenarioTracking@@YGIXZ

  ?GetDefaultLoggingPath@@YGJAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV12@@Z

  ?GetDuration@ScenarioBase@ScenarioTracking@@UAE?AV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@std@@XZ

  ?GetEmptyTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetErrorType@QoS@@YG?AW4Type@ErrorType@TelemetryConstants@@JI@Z

  ?GetErrorType@QoS@@YG?AW4Type@ErrorType@TelemetryConstants@@JIABV?$set@IU?$less@I@std@@V?$allocator@I@2@@std@@@Z

  ?GetId@ScenarioBase@ScenarioTracking@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetInstance@Telemetry@@CGPAV1@XZ

  ?GetLoggingSession@@YG?AV?$shared_ptr@VILoggingSession@@@std@@XZ

  ?GetName@ScenarioBase@ScenarioTracking@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetResultType@QoS@@YAPB_WJI@Z

  ?GetResultType@QoS@@YAPB_WW4Type@ErrorType@TelemetryConstants@@@Z

  ?GetTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4ExperimentType@@PB_W11@Z

  ?GetValueTranslation@TelemetryEvent@@QAEP6G?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@ZI@Z

  ?GuidToString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABU_GUID@@@Z

  ?IncrementActiveHydrationsCount@QoS@@YAXXZ

  ?InsertIntoIrmEnabledLibrarySet@QoS@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  ?IsRecorded@ScenarioBase@ScenarioTracking@@UAE_NXZ

  ?LoggingAddToMultiValueCommonDatapoint@@YGXPB_W0@Z

  ?LoggingGetCallbackCount@@YGIXZ

  ?LoggingInitializeForExternalComponent@@YGJPB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingReconfigure@@YGXPAVIUpdateRingSettingsManager@@@Z

  ?LoggingRecordAssert@@YGXPB_W000I0_NI1@Z

  ?LoggingRecordAssert@@YGXPB_W00I0_NI1@Z

  ?LoggingRecordUnexpectedCrash@@YGXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0K@Z

  ?LoggingRegisterCallback@@YG_KP6GXPAXPBDI1ABU_GUID@@IIIQAUStructuredEventParameter@@@Z0@Z

  ?LoggingRemoveFromMultiValueCommonDatapoint@@YGXPB_W0@Z

  ?LoggingResetAccountSpecificCommonDatapoints@@YGXXZ

  ?LoggingResetTelemetryLevelsToDefault@@YGXXZ

  ?LoggingRotate@@YGXXZ

  ?LoggingRotateIfNeeded@@YGXXZ

  ?LoggingSanitizeFilename@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?LoggingSetCommonDatapointUserId@@YGXPB_WW4UserIdType@@@Z

  ?LoggingSetExperimentSetupData@@YGXPBDIQAUExperimentSetupData@@I1@Z

  ?LoggingSetLoggingPrivacyLevel@@YGXW4LoggingPrivacyLevel@@@Z

  ?LoggingSetTelemetryLevelEnabled@@YGXI_N@Z

  ?LoggingShouldSample@@YG_NN@Z

  ?LoggingSwitchTelemetryPipeline@@YGXW4TelemetryTransportType@@_N@Z

  ?LoggingUninitializeForExternalComponent@@YGXXZ

  ?LoggingUnregisterCallback@@YGX_K@Z

  ?LoggingWriteDebugString@@YAXHPBDI0_NPB_WZZ

  ?LoggingWriteDeviceFailureDatagramEntry@@YGXPB_W0@Z

  ?LoggingWriteFormatString@@YAXHPBDI0_NPB_WZZ

  ?LoggingWriteFormatStringEx@@YGXHHPBDI0_NPB_WPAD@Z

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingWriteStructuredEvent@@YGXPBDI0ABU_GUID@@IIIQAUStructuredEventParameter@@@Z

  ?MarkScenarioReported@ScenarioTracking@@YGXPB_W@Z

  ?NarrowStringToWideString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z

  ?ObserveTrace@ScenarioTracking@@YGPAVITrace@1@XZ

  ?OneDriveAssertWorker@@YAXPB_WW4OneDriveAssertType@@0I000ZZ

  ?OutcomeToTelemetryValue@QoS@@YG?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@Z

  ?OverrideAsserts@@YGXP6GXPB_W000I0_N@Z@Z

  ?Record@ScenarioBase@ScenarioTracking@@UAEXXZ

  ?Register@FailuresClassification@@YGX$$QAV?$function@$$A6G?AW4Outcome@QoS@@PB_WW412@K@Z@std@@@Z

  ?RegisterSensitiveRootPath@@YGXPB_W0@Z

  ?RemoveFromIrmEnabledLibrarySet@QoS@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?RemovePrivateInfo@@YGXAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?ReportExternalAssert@@YGXPB_W_N0I0@Z

  ?ReportUnrecordedScenario@ScenarioTracking@@YGXAAVIScenario@1@@Z

  ?Reset@FailuresClassification@@YGXXZ

  ?SetApplicationId@QoS@@YAXI@Z

  ?SetValueTranslation@TelemetryEvent@@SGXPAU1@IP6G?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@Z@Z

  ?SizeUnknown@QoS@@YGIXZ

  ?StartScenario@ScenarioTracking@@YG?AV?$shared_ptr@VIScenario@ScenarioTracking@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z

  ?StripPrivateInfoFromString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W@Z

  ?UnregisterSensitiveRootPath@@YGXPB_W@Z

  ?UpdateExperimentalAriaRampAPI@@YGX_N@Z

  ?UpdateOfficePrivacyRamp@@YGX_N@Z

  ?UpdateTelemetryTransmissionProfile@@YGXPBD_N@Z

  ?WideStringToNarrowString@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W@Z

  ?g_ODHasFatallyAsserted@@3_NA

  ?g_assertLogger@@3P6GXPB_W000I0_N@ZA

  ?g_catchAssertCallbackInvoked@@3HA

  ?initAssertLogger@@YGXP6GXPB_W000I0_N@Z@Z

  InitLogging

  UninitLogging

  _TestInitLogging@4

  _TestInitLoggingEx@20

  _TestUninitLogging@0

  Sections

  .text

  Size: 289KB - Virtual size: 288KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 115KB - Virtual size: 115KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 13KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 22KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Setup.exe

  .exe windows:6 windows x86 arch:x86

  d89e012bb90c3e56ea22733716ecc3f1

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  1d:db:77:07:94:e2:4e:81:c1:63:71:50:db:4d:99:c3:ce:c2:a5:dd:a6:24:92:41:43:01:90:d8:4b:06:a8:c1

  Signer

  Actual PE Digest

  1d:db:77:07:94:e2:4e:81:c1:63:71:50:db:4d:99:c3:ce:c2:a5:dd:a6:24:92:41:43:01:90:d8:4b:06:a8:c1

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\FileCoAuth\Desktop\exe\obj\i386\FileCoAuth.pdb

  Imports

  loggingplatform

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingRotateIfNeeded@@YGXXZ

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?LoggingSetCommonDatapointUserId@@YGXPB_WW4UserIdType@@@Z

  ?GuidToString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABU_GUID@@@Z

  ?StripPrivateInfoFromString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W@Z

  ?LoggingUninitializeForExternalComponent@@YGXXZ

  ?GetEmptyTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ??1TelemetryEvent@@QAE@XZ

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ?LoggingInitializeForExternalComponent@@YGJPB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?LoggingRecordAssert@@YGXPB_W00I0_NI1@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  updateringsettings

  ?GetUpdateRingSettingsManager@@YGPAVIUpdateRingSettingsManager@@XZ

  propsys

  PropVariantToStringAlloc

  PropVariantToUInt32

  ntdll

  NtQueryDirectoryFile

  VerSetConditionMask

  RtlNtStatusToDosError

  kernel32

  FindNextFileW

  CreateEventExW

  GetLongPathNameW

  VerifyVersionInfoW

  PostQueuedCompletionStatus

  GetQueuedCompletionStatus

  ReadDirectoryChangesW

  CreateIoCompletionPort

  CreateFileW

  OpenFileById

  GetFinalPathNameByHandleW

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  DeviceIoControl

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  SetDllDirectoryW

  GetCurrentThread

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetSystemTimes

  GetProcessTimes

  IsDebuggerPresent

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetLastError

  DebugBreak

  SetFileAttributesW

  GetFileAttributesW

  CompareStringOrdinal

  GetDiskFreeSpaceExW

  MultiByteToWideChar

  WideCharToMultiByte

  SystemTimeToFileTime

  CopyFileW

  QueueUserWorkItem

  MoveFileWithProgressW

  GlobalLock

  GlobalUnlock

  GlobalFree

  GlobalAlloc

  GetDateFormatW

  OpenEventW

  GetLocaleInfoW

  OpenMutexW

  SystemTimeToTzSpecificLocalTime

  UnregisterApplicationRestart

  GetFileAttributesExW

  DuplicateHandle

  WaitForMultipleObjects

  GetSystemTime

  DeleteFileW

  FindClose

  FindFirstFileW

  FreeLibrary

  LoadLibraryW

  GetComputerNameW

  GetUserDefaultLocaleName

  GetProductInfo

  LCIDToLocaleName

  CreateProcessW

  CreateMutexW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  TerminateProcess

  MoveFileW

  K32GetModuleFileNameExW

  OpenProcess

  GetVersionExW

  LocalFree

  QueryFullProcessImageNameW

  GetCurrentProcess

  IsWow64Process

  LeaveCriticalSection

  EnterCriticalSection

  GetCurrentThreadId

  GetModuleHandleW

  GetProcessHeap

  DeleteCriticalSection

  GetProcAddress

  DecodePointer

  HeapAlloc

  CreateThread

  RaiseException

  CloseHandle

  SetEvent

  GetLastError

  Sleep

  CreateEventW

  WaitForSingleObject

  InitializeCriticalSectionEx

  GetModuleFileNameW

  GetCommandLineW

  HeapFree

  FormatMessageW

  InitializeSListHead

  GetCurrentDirectoryW

  InterlockedPushEntrySList

  QueryPerformanceCounter

  GetStartupInfoW

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  WaitForSingleObjectEx

  ResetEvent

  InitializeCriticalSectionAndSpinCount

  InitOnceBeginInitialize

  InitOnceComplete

  OutputDebugStringW

  ReleaseMutex

  GetVolumeInformationW

  GetDriveTypeW

  GetLogicalDrives

  RemoveDirectoryW

  GetComputerNameExW

  GetTickCount64

  WerRegisterFile

  user32

  GetLastActivePopup

  SetFocus

  AllowSetForegroundWindow

  GetWindowRect

  PeekMessageW

  MessageBoxW

  TrackPopupMenu

  GetSubMenu

  GetDoubleClickTime

  SetMenuDefaultItem

  EnableMenuItem

  GetMenuStringW

  GetMenuItemCount

  RemoveMenu

  DeleteMenu

  PostQuitMessage

  AppendMenuW

  AdjustWindowRectEx

  ModifyMenuW

  SendMessageTimeoutW

  LoadImageW

  GetIconInfo

  EndDialog

  IsWindow

  SetForegroundWindow

  FindWindowW

  SendMessageW

  RegisterClassW

  PostThreadMessageW

  CreateWindowExW

  TranslateMessage

  ShowWindow

  CharNextW

  DispatchMessageW

  DestroyWindow

  SetWindowPos

  CharUpperW

  GetMessageW

  SetTimer

  KillTimer

  GetClassNameW

  GetWindowThreadProcessId

  PostMessageW

  EnumWindows

  GetLastInputInfo

  GetProcessDefaultLayout

  IsHungAppWindow

  MapWindowPoints

  GetWindowLongW

  CloseClipboard

  OpenClipboard

  GetClipboardData

  SetClipboardData

  EmptyClipboard

  SystemParametersInfoW

  advapi32

  SetNamedSecurityInfoW

  InitializeAcl

  GetAce

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  AllocateAndInitializeSid

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  ConvertStringSidToSidW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AccessCheck

  MapGenericMask

  DuplicateToken

  OpenThreadToken

  IsValidAcl

  GetNamedSecurityInfoW

  AddAce

  SetEntriesInAclW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  CryptHashData

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptAcquireContextW

  RegEnumValueW

  CopySid

  GetLengthSid

  IsValidSid

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegSetValueExW

  RegEnumKeyExW

  RegGetValueW

  RegSetKeyValueW

  RegCreateKeyExW

  RegQueryValueExW

  RegCloseKey

  RegQueryInfoKeyW

  RegDeleteKeyW

  RegOpenKeyExW

  RegCopyTreeW

  RegNotifyChangeKeyValue

  GetUserNameW

  CheckTokenMembership

  DeleteAce

  shell32

  AssocCreateForClasses

  SHBrowseForFolderW

  SHGetPathFromIDListW

  SHAppBarMessage

  CommandLineToArgvW

  ShellExecuteExW

  ord526

  SHGetFolderPathAndSubDirW

  SHGetFolderPathW

  SHCreateDirectoryExW

  SHSetKnownFolderPath

  ShellExecuteW

  Shell_NotifyIconW

  SHParseDisplayName

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHFileOperationW

  SHCreateItemFromParsingName

  SHChangeNotify

  ole32

  CoGetObject

  CoAllowSetForegroundWindow

  CoTaskMemFree

  CoTaskMemAlloc

  CoCreateFreeThreadedMarshaler

  CoReleaseServerProcess

  CoAddRefServerProcess

  CoInitializeEx

  CoRevokeClassObject

  CoInitializeSecurity

  CoRegisterClassObject

  CoCreateInstance

  GetRunningObjectTable

  PropVariantClear

  CoImpersonateClient

  CoGetCallContext

  CoRevertToSelf

  CoUninitialize

  CoCreateGuid

  CoSetProxyBlanket

  CoWaitForMultipleHandles

  CLSIDFromString

  StringFromCLSID

  CoResumeClassObjects

  CreateItemMoniker

  CreateBindCtx

  StringFromGUID2

  oleaut32

  LoadTypeLi

  UnRegisterTypeLi

  LoadRegTypeLi

  GetRecordInfoFromTypeInfo

  SysAllocStringByteLen

  SysStringByteLen

  RegisterTypeLi

  SysAllocString

  SysStringLen

  SetErrorInfo

  SafeArrayAccessData

  SafeArrayUnaccessData

  GetErrorInfo

  SysFreeString

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcServerUseProtseqW

  UuidToStringW

  RpcServerRegisterIfEx

  RpcStringFreeW

  RpcServerInqBindings

  RpcEpRegisterW

  RpcBindingVectorFree

  RpcEpUnregister

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcBindingSetAuthInfoExW

  RpcBindingFromStringBindingW

  RpcStringBindingComposeW

  secur32

  GetUserNameExW

  shlwapi

  PathFileExistsW

  SHCreateStreamOnFileW

  SHCreateStreamOnFileEx

  PathFindFileNameW

  SHStrDupW

  SHDeleteKeyW

  SHRegCreateUSKeyW

  SHGetValueW

  SHRegGetUSValueW

  PathStripPathW

  PathStripToRootW

  SHRegCloseUSKey

  SHRegSetUSValueW

  SHDeleteValueW

  PathIsDirectoryW

  PathIsDirectoryEmptyW

  PathIsPrefixW

  AssocCreate

  PathRemoveFileSpecW

  StrStrIW

  UrlEscapeW

  UrlCreateFromPathW

  SHRegGetValueW

  SHRegGetBoolUSValueW

  version

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  VerQueryValueW

  wininet

  InternetCheckConnectionW

  InternetGetConnectedState

  wtsapi32

  WTSQuerySessionInformationW

  WTSQueryUserToken

  WTSFreeMemory

  WTSEnumerateSessionsW

  msvcp140

  _Xtime_get_ticks

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?_Xbad_alloc@std@@YAXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  ?_Xbad_function_call@std@@YAXXZ

  ?_Xout_of_range@std@@YAXPBD@Z

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Cnd_init_in_situ

  _Cnd_destroy_in_situ

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  _Mtx_unlock

  _Cnd_wait

  _Cnd_broadcast

  _Cnd_unregister_at_thread_exit

  ?__ExceptionPtrDestroy@@YAXPAX@Z

  _Cnd_register_at_thread_exit

  ?__ExceptionPtrCopy@@YAXPAXPBX@Z

  ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z

  ?__ExceptionPtrToBool@@YA_NPBX@Z

  ?_Syserror_map@std@@YAPBDH@Z

  ?_Throw_future_error@std@@YAXABVerror_code@1@@Z

  ?__ExceptionPtrRethrow@@YAXPBX@Z

  ?__ExceptionPtrCurrentException@@YAXPAX@Z

  ?__ExceptionPtrCreate@@YAXPAX@Z

  ?_ReportUnobservedException@details@Concurrency@@YAXXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?__ExceptionPtrAssign@@YAXPAXPBX@Z

  ?_Reset@_ContextCallback@details@Concurrency@@AAEXXZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?_Release_chore@details@Concurrency@@YAXPAU_Threadpool_chore@12@@Z

  ?_Schedule_chore@details@Concurrency@@YAHPAU_Threadpool_chore@12@@Z

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QAEX_N@Z

  ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?_Incref@facet@locale@std@@UAEXXZ

  ?uncaught_exception@std@@YA_NXZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ??Bid@locale@std@@QAEIXZ

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __current_exception

  memset

  memmove

  wcsstr

  __current_exception_context

  __std_exception_copy

  __std_terminate

  _purecall

  __CxxFrameHandler3

  memcpy

  _CxxThrowException

  __std_exception_destroy

  __std_type_info_compare

  _except_handler4_common

  memcmp

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  malloc

  _set_new_mode

  free

  api-ms-win-crt-string-l1-1-0

  towupper

  wcscat_s

  wcscpy_s

  isxdigit

  wcscspn

  _wcsicmp

  wcsncpy_s

  wcstok_s

  iswxdigit

  iswspace

  isalnum

  towlower

  strncmp

  _wcsdup

  _strnicmp

  api-ms-win-crt-runtime-l1-1-0

  _invalid_parameter_noinfo_noreturn

  _initialize_onexit_table

  abort

  terminate

  _register_onexit_function

  _errno

  _initterm_e

  _crt_atexit

  _cexit

  _controlfp_s

  _seh_filter_exe

  _register_thread_local_exe_atexit_callback

  _c_exit

  _set_app_type

  _exit

  exit

  _initterm

  _get_wide_winmain_command_line

  _initialize_wide_environment

  _configure_wide_argv

  api-ms-win-crt-time-l1-1-0

  _time64

  _localtime64_s

  api-ms-win-crt-convert-l1-1-0

  atof

  strtoull

  atol

  strtoll

  _strtod_l

  _wtoi

  api-ms-win-crt-locale-l1-1-0

  _configthreadlocale

  _free_locale

  _create_locale

  api-ms-win-crt-stdio-l1-1-0

  fclose

  __p__commode

  _set_fmode

  __stdio_common_vswprintf

  _wfopen_s

  api-ms-win-crt-math-l1-1-0

  ceil

  __setusermatherr

  gdi32

  GetObjectW

  Sections

  .text

  Size: 323KB - Virtual size: 322KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 136KB - Virtual size: 136KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 26KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 29KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• UpdateRingSettings.dll

  .dll windows:6 windows x86 arch:x86

  8f4151e2b47c8157fda35112fe040b85

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  dd:e0:ef:0f:e2:09:fe:09:e6:90:7b:58:a6:dc:ca:a9:ea:1b:cd:23:9d:5c:bd:b2:11:06:58:88:e2:9d:e4:6c

  Signer

  Actual PE Digest

  dd:e0:ef:0f:e2:09:fe:09:e6:90:7b:58:a6:dc:ca:a9:ea:1b:cd:23:9d:5c:bd:b2:11:06:58:88:e2:9d:e4:6c

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\UpdateRingSettings\dll\obj\i386\UpdateRingSettings.pdb

  Imports

  loggingplatform

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?WideStringToNarrowString@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W@Z

  ?NarrowStringToWideString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ??1TelemetryEvent@@QAE@XZ

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetExperimentSetupData@@YGXPBDIQAUExperimentSetupData@@I1@Z

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ?LoggingRotateIfNeeded@@YGXXZ

  kernel32

  FindNextVolumeW

  FindVolumeClose

  DeviceIoControl

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  GetCommandLineW

  CopyFileW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetSystemTimes

  GetProcessTimes

  IsDebuggerPresent

  FindFirstVolumeW

  DeleteCriticalSection

  VerSetConditionMask

  VerifyVersionInfoW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  GetLongPathNameW

  SetLastError

  ExpandEnvironmentStringsW

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  GetCurrentThreadId

  QueryPerformanceCounter

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  IsProcessorFeaturePresent

  GetExitCodeProcess

  GetFileAttributesW

  CompareStringOrdinal

  SetFileInformationByHandle

  GetFileInformationByHandleEx

  GetFileInformationByHandle

  GetFinalPathNameByHandleW

  OpenFileById

  CreateFileW

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetDiskFreeSpaceExW

  MultiByteToWideChar

  WideCharToMultiByte

  GetSystemTime

  DeleteFileW

  FindClose

  FindFirstFileW

  FreeLibrary

  LoadLibraryW

  IsWow64Process

  CreateProcessW

  CreateMutexW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetModuleFileNameW

  GetModuleHandleW

  GetProcAddress

  GetCurrentProcess

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  WaitForSingleObject

  TerminateProcess

  Sleep

  GetLastError

  MoveFileW

  CloseHandle

  K32GetModuleFileNameExW

  OpenProcess

  LocalFree

  InitializeCriticalSectionEx

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  AcquireSRWLockShared

  AcquireSRWLockExclusive

  ReleaseSRWLockShared

  ReleaseSRWLockExclusive

  user32

  GetClassNameW

  GetWindowThreadProcessId

  PostMessageW

  SendMessageTimeoutW

  ShowWindow

  GetMessageW

  CreateWindowExW

  DestroyWindow

  EnumWindows

  DispatchMessageW

  TranslateMessage

  RegisterClassW

  advapi32

  RegCreateKeyExW

  RegSetKeyValueW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  CryptHashData

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptAcquireContextW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegQueryValueExW

  RegSetValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegGetValueW

  RegCloseKey

  shell32

  SHGetFolderPathAndSubDirW

  ShellExecuteExW

  SHChangeNotify

  SHGetFolderPathW

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHFileOperationW

  ord526

  SHCreateItemFromParsingName

  SHCreateDirectoryExW

  CommandLineToArgvW

  ole32

  CoCreateInstance

  CoTaskMemFree

  StringFromCLSID

  CoCreateFreeThreadedMarshaler

  StringFromGUID2

  CLSIDFromString

  CoSetProxyBlanket

  CoInitializeEx

  CoUninitialize

  CoCreateGuid

  oleaut32

  GetErrorInfo

  SysStringLen

  SetErrorInfo

  LoadTypeLi

  LoadRegTypeLi

  GetRecordInfoFromTypeInfo

  SysFreeString

  SysAllocString

  SysAllocStringByteLen

  SysStringByteLen

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcServerRegisterIfEx

  RpcServerUseProtseqW

  RpcServerInqBindings

  RpcEpRegisterW

  RpcBindingVectorFree

  RpcEpUnregister

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcStringBindingComposeW

  RpcBindingFromStringBindingW

  RpcStringFreeW

  RpcBindingSetAuthInfoExW

  secur32

  GetUserNameExW

  shlwapi

  SHRegGetValueW

  PathRemoveFileSpecW

  StrStrIW

  SHRegGetBoolUSValueW

  PathStripPathW

  SHGetValueW

  SHCreateStreamOnFileW

  PathFileExistsW

  PathIsPrefixW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  wtsapi32

  WTSQueryUserToken

  WTSQuerySessionInformationW

  WTSFreeMemory

  WTSEnumerateSessionsW

  msvcp140

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Xbad_function_call@std@@YAXXZ

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Mtx_unlock

  ??0facet@locale@std@@IAE@I@Z

  ??1facet@locale@std@@MAE@XZ

  ?_Xlength_error@std@@YAXPBD@Z

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?_Xout_of_range@std@@YAXPBD@Z

  ?_Xinvalid_argument@std@@YAXPBD@Z

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Strxfrm

  _Strcoll

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ??Bid@locale@std@@QAEIXZ

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$ctype@D@std@@2V0locale@2@A

  ?tolower@?$ctype@D@std@@QBEDD@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ?_Xbad_alloc@std@@YAXXZ

  ?id@?$collate@D@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?uncaught_exception@std@@YA_NXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?id@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z

  ?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ?get@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD4@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __std_exception_copy

  strchr

  _purecall

  wcsstr

  __std_terminate

  __current_exception

  __current_exception_context

  _CxxThrowException

  memset

  __std_type_info_destroy_list

  memmove

  memcpy

  __CxxFrameHandler3

  __std_exception_destroy

  _except_handler4_common

  memchr

  memcmp

  api-ms-win-crt-runtime-l1-1-0

  _initterm

  terminate

  _cexit

  _initterm_e

  _invalid_parameter_noinfo_noreturn

  _seh_filter_dll

  _configure_narrow_argv

  _initialize_narrow_environment

  _initialize_onexit_table

  _register_onexit_function

  _execute_onexit_table

  _crt_atexit

  _errno

  api-ms-win-crt-convert-l1-1-0

  wcstol

  _strtod_l

  wcstoul

  wcstod

  strtoul

  atof

  atol

  strtoll

  _wtoi

  strtol

  api-ms-win-crt-time-l1-1-0

  _time64

  _mkgmtime64

  strftime

  _gmtime64_s

  _difftime64

  _localtime64_s

  api-ms-win-crt-heap-l1-1-0

  malloc

  free

  _callnewh

  realloc

  api-ms-win-crt-stdio-l1-1-0

  fclose

  __stdio_common_vsprintf_s

  _wfopen_s

  __stdio_common_vswprintf_s

  __stdio_common_vswprintf

  __stdio_common_vsprintf

  api-ms-win-crt-math-l1-1-0

  round

  ceil

  api-ms-win-crt-string-l1-1-0

  isxdigit

  _wcsdup

  towupper

  iswspace

  wcstok_s

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ?GetECSConfigurationManager@@YGPAVIECSConfigurationManager@@XZ

  ?GetFeatureSupport@@YGPAVIFeatureSupport@@XZ

  ?GetUpdateRingSettingsManager@@YGPAVIUpdateRingSettingsManager@@XZ

  ?OverrideECSConfigurationManager@@YGXPAVIECSConfigurationManager@@@Z

  ?OverrideFeatureSupport@@YGXPAVIFeatureSupport@@@Z

  ?OverrideUpdateRingSettingsManager@@YGXPAVIUpdateRingSettingsManager@@@Z

  ?ResetECSConfigurationManager@@YGXXZ

  ?ResetFeatureSupport@@YGXXZ

  ?ResetUpdateRingSettingsManager@@YGXXZ

  Sections

  .text

  Size: 240KB - Virtual size: 240KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 96KB - Virtual size: 95KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 19KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• lang.dat

  .dll windows:6 windows x86 arch:x86

  8529d8b1f3b6a1fba95a33f2286a41f2

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleFileNameA

  GetLastError

  LoadLibraryA

  SubmitThreadpoolWork

  GetProcAddress

  CreateThreadpoolWork

  WriteConsoleW

  WideCharToMultiByte

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  MultiByteToWideChar

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapAlloc

  HeapFree

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetStdHandle

  GetFileType

  CloseHandle

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  ReadFile

  GetFileSizeEx

  SetFilePointerEx

  ReadConsoleW

  HeapReAlloc

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetProcessHeap

  SetStdHandle

  HeapSize

  CreateFileW

  Exports

  Exports

  AcceptSecurityContext

  AcquireCredentialsHandleA

  AcquireCredentialsHandleW

  AddCredentialsA

  AddCredentialsW

  AddSecurityPackageA

  AddSecurityPackageW

  ApplyControlToken

  ChangeAccountPasswordA

  ChangeAccountPasswordW

  CloseLsaPerformanceData

  CollectLsaPerformanceData

  CompleteAuthToken

  CredMarshalTargetInfo

  CredUnmarshalTargetInfo

  DecryptMessage

  DeleteSecurityContext

  DeleteSecurityPackageA

  DeleteSecurityPackageW

  EncryptMessage

  EnumerateSecurityPackagesA

  EnumerateSecurityPackagesW

  ExportSecurityContext

  FreeContextBuffer

  FreeCredentialsHandle

  GetComputerObjectNameA

  GetComputerObjectNameW

  GetSecurityUserInfo

  GetUserNameExA

  GetUserNameExW

  ImpersonateSecurityContext

  ImportSecurityContextA

  ImportSecurityContextW

  InitSecurityInterfaceA

  InitSecurityInterfaceW

  InitializeSecurityContextA

  InitializeSecurityContextW

  LsaCallAuthenticationPackage

  LsaConnectUntrusted

  LsaDeregisterLogonProcess

  LsaEnumerateLogonSessions

  LsaFreeReturnBuffer

  LsaGetLogonSessionData

  LsaLogonUser

  LsaLookupAuthenticationPackage

  LsaRegisterLogonProcess

  LsaRegisterPolicyChangeNotification

  LsaUnregisterPolicyChangeNotification

  MakeSignature

  OpenLsaPerformanceData

  QueryContextAttributesA

  QueryContextAttributesW

  QueryCredentialsAttributesA

  QueryCredentialsAttributesW

  QuerySecurityContextToken

  QuerySecurityPackageInfoA

  QuerySecurityPackageInfoW

  RevertSecurityContext

  SaslAcceptSecurityContext

  SaslEnumerateProfilesA

  SaslEnumerateProfilesW

  SaslGetContextOption

  SaslGetProfilePackageA

  SaslGetProfilePackageW

  SaslIdentifyPackageA

  SaslIdentifyPackageW

  SaslInitializeSecurityContextA

  SaslInitializeSecurityContextW

  SaslSetContextOption

  SealMessage

  SeciAllocateAndSetCallFlags

  SeciAllocateAndSetIPAddress

  SeciFreeCallContext

  SecpFreeMemory

  SecpTranslateName

  SecpTranslateNameEx

  SetContextAttributesA

  SetContextAttributesW

  SetCredentialsAttributesA

  SetCredentialsAttributesW

  SspiCompareAuthIdentities

  SspiCopyAuthIdentity

  SspiDecryptAuthIdentity

  SspiEncodeAuthIdentityAsStrings

  SspiEncodeStringsAsAuthIdentity

  SspiEncryptAuthIdentity

  SspiExcludePackage

  SspiFreeAuthIdentity

  SspiGetTargetHostName

  SspiIsAuthIdentityEncrypted

  SspiLocalFree

  SspiMarshalAuthIdentity

  SspiPrepareForCredRead

  SspiPrepareForCredWrite

  SspiUnmarshalAuthIdentity

  SspiValidateAuthIdentity

  SspiZeroAuthIdentity

  TranslateNameA

  TranslateNameW

  UnsealMessage

  VerifySignature

  Sections

  .text

  Size: 178KB - Virtual size: 177KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 65KB - Virtual size: 65KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• msvcp140.dll

  .dll windows:6 windows x86 arch:x86

  6dbd7763e94344402d4206b7bab40e1f

  
  

  Code Sign

  33:00:00:01:0c:6c:23:05:0b:07:99:1e:cd:00:00:00:00:01:0c

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:FC41-4BD4-D220,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Signer

  Actual PE Digest

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Signer

  Actual PE Digest

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

  Imports

  vcruntime140

  _except_handler4_common

  __uncaught_exceptions

  __uncaught_exception

  memmove

  __std_terminate

  _purecall

  __CxxFrameHandler3

  _CxxThrowException

  __AdjustPointer

  __processing_throw

  __current_exception

  __std_exception_destroy

  __std_exception_copy

  memset

  memcmp

  memchr

  __std_type_info_destroy_list

  memcpy

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  calloc

  malloc

  realloc

  api-ms-win-crt-locale-l1-1-0

  ___mb_cur_max_func

  ___lc_locale_name_func

  ___lc_collate_cp_func

  localeconv

  ___lc_codepage_func

  _lock_locales

  _unlock_locales

  setlocale

  __pctype_func

  api-ms-win-crt-string-l1-1-0

  __strncnt

  tolower

  isalnum

  isxdigit

  isspace

  wcsnlen

  isdigit

  wcscpy_s

  _wcsdup

  islower

  isupper

  iswctype

  strcspn

  api-ms-win-crt-runtime-l1-1-0

  _cexit

  _execute_onexit_table

  _register_onexit_function

  _set_new_handler

  terminate

  _crt_atexit

  _invalid_parameter_noinfo_noreturn

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  abort

  _initterm

  _initterm_e

  _initialize_onexit_table

  _beginthreadex

  _endthreadex

  _errno

  api-ms-win-crt-stdio-l1-1-0

  fputwc

  ungetc

  setvbuf

  fwrite

  _fseeki64

  fsetpos

  fread

  fputs

  fgetc

  fflush

  fclose

  _get_stream_buffer_pointers

  _wfsopen

  _fsopen

  __acrt_iob_func

  fgetpos

  fseek

  fputc

  __stdio_common_vsprintf_s

  fgetwc

  ungetwc

  api-ms-win-crt-math-l1-1-0

  ldexp

  _CIpow

  _CIlog

  frexp

  api-ms-win-crt-convert-l1-1-0

  btowc

  strtod

  strtof

  api-ms-win-crt-filesystem-l1-1-0

  _wchdir

  _wrmdir

  _unlock_file

  _wremove

  _lock_file

  _wrename

  api-ms-win-crt-time-l1-1-0

  _W_Getdays

  _Getmonths

  _Strftime

  _Wcsftime

  _Getdays

  _Gettnames

  _W_Gettnames

  _W_Getmonths

  api-ms-win-crt-environment-l1-1-0

  _wgetcwd

  api-ms-win-crt-utility-l1-1-0

  rand_s

  kernel32

  RtlCaptureStackBackTrace

  DuplicateHandle

  WaitForSingleObjectEx

  Sleep

  GetCurrentProcess

  SwitchToThread

  GetCurrentThread

  GetCurrentThreadId

  GetExitCodeThread

  GetNativeSystemInfo

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetStringTypeW

  MultiByteToWideChar

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  WideCharToMultiByte

  LoadLibraryExA

  FreeLibrary

  VirtualQuery

  VirtualProtect

  GetSystemInfo

  InitializeSListHead

  GetCurrentProcessId

  IsDebuggerPresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetProcAddress

  GetModuleHandleW

  GetTickCount

  GetSystemTimeAsFileTime

  CreateEventW

  InitializeCriticalSectionAndSpinCount

  SetLastError

  GetModuleHandleExW

  QueueUserWorkItem

  IsProcessorFeaturePresent

  CloseHandle

  TryEnterCriticalSection

  FormatMessageW

  CreateHardLinkW

  CopyFileW

  GetLastError

  AreFileApisANSI

  GetTempPathW

  SetFileTime

  SetFilePointerEx

  SetFileAttributesW

  SetEndOfFile

  GetFileInformationByHandle

  GetFileAttributesExW

  GetDiskFreeSpaceExW

  FindNextFileW

  FindFirstFileExW

  FindClose

  CreateFileW

  CreateDirectoryW

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetCPInfo

  RaiseException

  DecodePointer

  EncodePointer

  Exports

  Exports

  ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??0?$_Yarn@D@std@@QAE@ABV01@@Z

  ??0?$_Yarn@D@std@@QAE@PBD@Z

  ??0?$_Yarn@D@std@@QAE@XZ

  ??0?$_Yarn@G@std@@QAE@ABV01@@Z

  ??0?$_Yarn@G@std@@QAE@PBG@Z

  ??0?$_Yarn@G@std@@QAE@XZ

  ??0?$_Yarn@_W@std@@QAE@ABV01@@Z

  ??0?$_Yarn@_W@std@@QAE@PB_W@Z

  ??0?$_Yarn@_W@std@@QAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@D@std@@QAE@PBF_NI@Z

  ??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@G@std@@QAE@I@Z

  ??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@_W@std@@QAE@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0Init@ios_base@std@@QAE@XZ

  ??0_Facet_base@std@@QAE@ABV01@@Z

  ??0_Facet_base@std@@QAE@XZ

  ??0_Init_locks@std@@QAE@XZ

  ??0_Locimp@locale@std@@AAE@ABV012@@Z

  ??0_Locimp@locale@std@@AAE@_N@Z

  ??0_Locinfo@std@@QAE@HPBD@Z

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ??0_Lockit@std@@QAE@XZ

  ??0_Timevec@std@@QAE@ABV01@@Z

  ??0_Timevec@std@@QAE@PAX@Z

  ??0_UShinit@std@@QAE@XZ

  ??0_Winit@std@@QAE@XZ

  ??0codecvt_base@std@@QAE@I@Z

  ??0ctype_base@std@@QAE@I@Z

  ??0facet@locale@std@@IAE@I@Z

  ??0id@locale@std@@QAE@I@Z

  ??0ios_base@std@@IAE@XZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ??0time_base@std@@QAE@I@Z

  ??1?$_Yarn@D@std@@QAE@XZ

  ??1?$_Yarn@G@std@@QAE@XZ

  ??1?$_Yarn@_W@std@@QAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$ctype@D@std@@MAE@XZ

  ??1?$ctype@G@std@@MAE@XZ

  ??1?$ctype@_W@std@@MAE@XZ

  ??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1Init@ios_base@std@@QAE@XZ

  ??1_Facet_base@std@@UAE@XZ

  ??1_Init_locks@std@@QAE@XZ

  ??1_Locimp@locale@std@@MAE@XZ

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??1_Timevec@std@@QAE@XZ

  ??1_UShinit@std@@QAE@XZ

  ??1_Winit@std@@QAE@XZ

  ??1codecvt_base@std@@UAE@XZ

  ??1ctype_base@std@@UAE@XZ

  ??1facet@locale@std@@MAE@XZ

  ??1ios_base@std@@UAE@XZ

  ??1time_base@std@@UAE@XZ

  ??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z

  ??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@G@std@@QAEAAV01@PBG@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z

  ??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z

  ??4Init@ios_base@std@@QAEAAV012@ABV012@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z

  ??4_Facet_base@std@@QAEAAV01@ABV01@@Z

  ??4_Init_locks@std@@QAEAAV01@ABV01@@Z

  ??4_Timevec@std@@QAEAAV01@ABV01@@Z

  ??4_UShinit@std@@QAEAAV01@ABV01@@Z

  ??4_Winit@std@@QAEAAV01@ABV01@@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ??7ios_base@std@@QBE_NXZ

  ??Bid@locale@std@@QAEIXZ

  ??Bios_base@std@@QBE_NXZ

  ??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

  ??_7?$ctype@D@std@@6B@

  ??_7?$ctype@G@std@@6B@

  ??_7?$ctype@_W@std@@6B@

  ??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7_Facet_base@std@@6B@

  ??_7_Locimp@locale@std@@6B@

  ??_7codecvt_base@std@@6B@

  ??_7ctype_base@std@@6B@

  ??_7facet@locale@std@@6B@

  ??_7ios_base@std@@6B@

  ??_7time_base@std@@6B@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$ctype@D@std@@QAEXXZ

  ??_F?$ctype@G@std@@QAEXXZ

  ??_F?$ctype@_W@std@@QAEXXZ

  ??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F_Locinfo@std@@QAEXXZ

  ??_F_Timevec@std@@QAEXXZ

  ??_Fcodecvt_base@std@@QAEXXZ

  ??_Fctype_base@std@@QAEXXZ

  ??_Ffacet@locale@std@@QAEXXZ

  ??_Fid@locale@std@@QAEXXZ

  ??_Ftime_base@std@@QAEXXZ

  ?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_Addstd@ios_base@std@@SAXPAV12@@Z

  ?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z

  ?_Atexit@@YAXP6AXXZ@Z

  ?_BADOFF@std@@3_JB

  ?_C_str@?$_Yarn@D@std@@QBEPBDXZ

  ?_C_str@?$_Yarn@G@std@@QBEPBGXZ

  ?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Callfns@ios_base@std@@AAEXW4event@12@@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_Clocptr@_Locimp@locale@std@@0PAV123@A

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Donarrow@?$ctype@G@std@@IBEDGD@Z

  ?_Donarrow@?$ctype@_W@std@@IBED_WD@Z

  ?_Dowiden@?$ctype@G@std@@IBEGD@Z

  ?_Dowiden@?$ctype@_W@std@@IBE_WD@Z

  ?_Empty@?$_Yarn@D@std@@QBE_NXZ

  ?_Empty@?$_Yarn@G@std@@QBE_NXZ

  ?_Empty@?$_Yarn@_W@std@@QBE_NXZ

  ?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z

  ?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z

  ?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z

  ?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ

  ?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ

  ?_Getdateorder@_Locinfo@std@@QBEHXZ

  ?_Getdays@_Locinfo@std@@QBEPBDXZ

  ?_Getfalse@_Locinfo@std@@QBEPBDXZ

  ?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z

  ?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z

  ?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z

  ?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

  ?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ

  ?_Getmonths@_Locinfo@std@@QBEPBDXZ

  ?_Getname@_Locinfo@std@@QBEPBDXZ

  ?_Getptr@_Timevec@std@@QBEPAXXZ

  ?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ

  ?_Gettrue@_Locinfo@std@@QBEPBDXZ

  ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Id_cnt@id@locale@std@@0HA

  ?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Index@ios_base@std@@0HA

  Sections

  .text

  Size: 394KB - Virtual size: 393KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .didat

  Size: 512B - Virtual size: 52B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 1008B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• secur32.dll

  .dll windows:6 windows x86 arch:x86

  ca5cb889bcffcf74c6c5aafa0157c15a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleFileNameW

  CreateProcessW

  GetCurrentProcess

  WriteConsoleW

  CreateFileW

  HeapSize

  CopyFileW

  TerminateProcess

  CreateDirectoryW

  WideCharToMultiByte

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  MultiByteToWideChar

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  GetLastError

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  HeapAlloc

  HeapFree

  GetStdHandle

  GetFileType

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  CloseHandle

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  ReadFile

  GetFileSizeEx

  SetFilePointerEx

  ReadConsoleW

  HeapReAlloc

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetProcessHeap

  SetStdHandle

  user32

  MessageBoxA

  advapi32

  GetUserNameW

  Exports

  Exports

  AcceptSecurityContext

  AcquireCredentialsHandleA

  AcquireCredentialsHandleW

  AddCredentialsA

  AddCredentialsW

  AddSecurityPackageA

  AddSecurityPackageW

  ApplyControlToken

  ChangeAccountPasswordA

  ChangeAccountPasswordW

  CloseLsaPerformanceData

  CollectLsaPerformanceData

  CompleteAuthToken

  CredMarshalTargetInfo

  CredUnmarshalTargetInfo

  DecryptMessage

  DeleteSecurityContext

  DeleteSecurityPackageA

  DeleteSecurityPackageW

  EncryptMessage

  EnumerateSecurityPackagesA

  EnumerateSecurityPackagesW

  ExportSecurityContext

  FreeContextBuffer

  FreeCredentialsHandle

  GetComputerObjectNameA

  GetComputerObjectNameW

  GetSecurityUserInfo

  GetUserNameExA

  GetUserNameExW

  ImpersonateSecurityContext

  ImportSecurityContextA

  ImportSecurityContextW

  InitSecurityInterfaceA

  InitSecurityInterfaceW

  InitializeSecurityContextA

  InitializeSecurityContextW

  LsaCallAuthenticationPackage

  LsaConnectUntrusted

  LsaDeregisterLogonProcess

  LsaEnumerateLogonSessions

  LsaFreeReturnBuffer

  LsaGetLogonSessionData

  LsaLogonUser

  LsaLookupAuthenticationPackage

  LsaRegisterLogonProcess

  LsaRegisterPolicyChangeNotification

  LsaUnregisterPolicyChangeNotification

  MakeSignature

  OpenLsaPerformanceData

  QueryContextAttributesA

  QueryContextAttributesW

  QueryCredentialsAttributesA

  QueryCredentialsAttributesW

  QuerySecurityContextToken

  QuerySecurityPackageInfoA

  QuerySecurityPackageInfoW

  RevertSecurityContext

  SaslAcceptSecurityContext

  SaslEnumerateProfilesA

  SaslEnumerateProfilesW

  SaslGetContextOption

  SaslGetProfilePackageA

  SaslGetProfilePackageW

  SaslIdentifyPackageA

  SaslIdentifyPackageW

  SaslInitializeSecurityContextA

  SaslInitializeSecurityContextW

  SaslSetContextOption

  SealMessage

  SeciAllocateAndSetCallFlags

  SeciAllocateAndSetIPAddress

  SeciFreeCallContext

  SecpFreeMemory

  SecpTranslateName

  SecpTranslateNameEx

  SetContextAttributesA

  SetContextAttributesW

  SetCredentialsAttributesA

  SetCredentialsAttributesW

  SspiCompareAuthIdentities

  SspiCopyAuthIdentity

  SspiDecryptAuthIdentity

  SspiEncodeAuthIdentityAsStrings

  SspiEncodeStringsAsAuthIdentity

  SspiEncryptAuthIdentity

  SspiExcludePackage

  SspiFreeAuthIdentity

  SspiGetTargetHostName

  SspiIsAuthIdentityEncrypted

  SspiLocalFree

  SspiMarshalAuthIdentity

  SspiPrepareForCredRead

  SspiPrepareForCredWrite

  SspiUnmarshalAuthIdentity

  SspiValidateAuthIdentity

  SspiZeroAuthIdentity

  TranslateNameA

  TranslateNameW

  UnsealMessage

  VerifySignature

  Sections

  .text

  Size: 130KB - Virtual size: 130KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 61KB - Virtual size: 60KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• vcruntime140.dll

  .dll windows:6 windows x86 arch:x86

  6a84b7445ccacd5d29ac27de2745f356

  
  

  Code Sign

  33:00:00:01:07:63:a5:19:2a:11:27:e5:d9:00:00:00:00:01:07

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:AB41-4B27-F026,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Signer

  Actual PE Digest

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Signer

  Actual PE Digest

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  abort

  terminate

  api-ms-win-crt-heap-l1-1-0

  calloc

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  wcsncmp

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf_s

  api-ms-win-crt-convert-l1-1-0

  atol

  kernel32

  DeleteCriticalSection

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  GetModuleHandleW

  GetModuleFileNameW

  LoadLibraryExW

  GetProcAddress

  FreeLibrary

  RtlUnwind

  VirtualQuery

  EncodePointer

  InterlockedPushEntrySList

  InterlockedFlushSList

  RaiseException

  EnterCriticalSection

  LeaveCriticalSection

  TlsSetValue

  GetLastError

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsFree

  Exports

  Exports

  _CreateFrameInfo

  _CxxThrowException

  _EH_prolog

  _FindAndUnlinkFrame

  _IsExceptionObjectToBeDestroyed

  _NLG_Dispatch2

  _NLG_Return

  _NLG_Return2

  _SetWinRTOutOfMemoryExceptionCallback

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxLongjmpUnwind

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __GetPlatformExceptionInfo

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __TypeMatch

  __current_exception

  __current_exception_context

  __intrinsic_setjmp

  __processing_throw

  __report_gsfailure

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_compare

  __std_type_info_destroy_list

  __std_type_info_hash

  __std_type_info_name

  __telemetry_main_invoke_trigger

  __telemetry_main_return_trigger

  __unDName

  __unDNameEx

  __uncaught_exception

  __uncaught_exceptions

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_InitializeCriticalSectionEx

  __vcrt_LoadLibraryExW

  _chkesp

  _except_handler2

  _except_handler3

  _except_handler4_common

  _get_purecall_handler

  _get_unexpected

  _global_unwind2

  _is_exception_typeof

  _local_unwind2

  _local_unwind4

  _longjmpex

  _purecall

  _seh_longjmp_unwind

  _seh_longjmp_unwind4

  _set_purecall_handler

  _set_se_translator

  _setjmp3

  longjmp

  memchr

  memcmp

  memcpy

  memmove

  memset

  set_unexpected

  strchr

  strrchr

  strstr

  unexpected

  wcschr

  wcsrchr

  wcsstr

  Sections

  .text

  Size: 55KB - Virtual size: 55KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• b01a2eac8cb4f8882e46b997b93c4f0bc0722dd4ac9d5725c7652dc2d9ad6b64

  .iso
• out.iso

  .iso
• Screenshots.lnk

  .lnk
• __MACOSX/Configure.dll

  .dll windows:6 windows x86 arch:x86

  b2c24fdcbffcce0928e4c6009616ea52

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetLastError

  LoadLibraryA

  SubmitThreadpoolWork

  GetProcAddress

  CreateThreadpoolWork

  WriteConsoleW

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  MultiByteToWideChar

  WideCharToMultiByte

  LCMapStringEx

  GetStringTypeW

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapFree

  HeapAlloc

  GetStdHandle

  GetFileType

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  CloseHandle

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  ReadFile

  GetFileSizeEx

  SetFilePointerEx

  ReadConsoleW

  HeapReAlloc

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetProcessHeap

  SetStdHandle

  HeapSize

  CreateFileW

  Exports

  Exports

  AcceptSecurityContext

  AcquireCredentialsHandleA

  AcquireCredentialsHandleW

  AddCredentialsA

  AddCredentialsW

  AddSecurityPackageA

  AddSecurityPackageW

  ApplyControlToken

  ChangeAccountPasswordA

  ChangeAccountPasswordW

  CloseLsaPerformanceData

  CollectLsaPerformanceData

  CompleteAuthToken

  CredMarshalTargetInfo

  CredUnmarshalTargetInfo

  DecryptMessage

  DeleteSecurityContext

  DeleteSecurityPackageA

  DeleteSecurityPackageW

  EncryptMessage

  EnumerateSecurityPackagesA

  EnumerateSecurityPackagesW

  ExportSecurityContext

  FreeContextBuffer

  FreeCredentialsHandle

  GetComputerObjectNameA

  GetComputerObjectNameW

  GetSecurityUserInfo

  GetUserNameExA

  GetUserNameExW

  ImpersonateSecurityContext

  ImportSecurityContextA

  ImportSecurityContextW

  InitSecurityInterfaceA

  InitSecurityInterfaceW

  InitializeSecurityContextA

  InitializeSecurityContextW

  LsaCallAuthenticationPackage

  LsaConnectUntrusted

  LsaDeregisterLogonProcess

  LsaEnumerateLogonSessions

  LsaFreeReturnBuffer

  LsaGetLogonSessionData

  LsaLogonUser

  LsaLookupAuthenticationPackage

  LsaRegisterLogonProcess

  LsaRegisterPolicyChangeNotification

  LsaUnregisterPolicyChangeNotification

  MakeSignature

  OpenLsaPerformanceData

  QueryContextAttributesA

  QueryContextAttributesW

  QueryCredentialsAttributesA

  QueryCredentialsAttributesW

  QuerySecurityContextToken

  QuerySecurityPackageInfoA

  QuerySecurityPackageInfoW

  RevertSecurityContext

  SaslAcceptSecurityContext

  SaslEnumerateProfilesA

  SaslEnumerateProfilesW

  SaslGetContextOption

  SaslGetProfilePackageA

  SaslGetProfilePackageW

  SaslIdentifyPackageA

  SaslIdentifyPackageW

  SaslInitializeSecurityContextA

  SaslInitializeSecurityContextW

  SaslSetContextOption

  SealMessage

  SeciAllocateAndSetCallFlags

  SeciAllocateAndSetIPAddress

  SeciFreeCallContext

  SecpFreeMemory

  SecpTranslateName

  SecpTranslateNameEx

  SetContextAttributesA

  SetContextAttributesW

  SetCredentialsAttributesA

  SetCredentialsAttributesW

  SspiCompareAuthIdentities

  SspiCopyAuthIdentity

  SspiDecryptAuthIdentity

  SspiEncodeAuthIdentityAsStrings

  SspiEncodeStringsAsAuthIdentity

  SspiEncryptAuthIdentity

  SspiExcludePackage

  SspiFreeAuthIdentity

  SspiGetTargetHostName

  SspiIsAuthIdentityEncrypted

  SspiLocalFree

  SspiMarshalAuthIdentity

  SspiPrepareForCredRead

  SspiPrepareForCredWrite

  SspiUnmarshalAuthIdentity

  SspiValidateAuthIdentity

  SspiZeroAuthIdentity

  TranslateNameA

  TranslateNameW

  UnsealMessage

  VerifySignature

  Sections

  .text

  Size: 153KB - Virtual size: 153KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 64KB - Virtual size: 63KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/LoggingPlatform.dll

  .dll windows:6 windows x86 arch:x86

  c4217bcf28c427e746fd876322b449a0

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  c2:9c:91:65:1e:e1:a8:d6:29:28:cd:54:80:41:ea:9c:ea:58:31:eb:6c:2c:e0:b9:b8:6e:74:64:1a:bb:38:a3

  Signer

  Actual PE Digest

  c2:9c:91:65:1e:e1:a8:d6:29:28:cd:54:80:41:ea:9c:ea:58:31:eb:6c:2c:e0:b9:b8:6e:74:64:1a:bb:38:a3

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\Logging\dll\obj\i386\LoggingPlatform.pdb

  Imports

  kernel32

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  CompareStringOrdinal

  GetFileAttributesW

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  GetCommandLineW

  CopyFileW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetFinalPathNameByHandleW

  GetProcessTimes

  IsDebuggerPresent

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetLastError

  OpenFileById

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  QueryPerformanceCounter

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetDiskFreeSpaceExW

  VerifyVersionInfoW

  VerSetConditionMask

  DeleteCriticalSection

  InitializeCriticalSectionEx

  MultiByteToWideChar

  WideCharToMultiByte

  IsWow64Process

  CreateProcessW

  CreateMutexW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetModuleFileNameW

  GetModuleHandleW

  GetCurrentProcess

  GetSystemTimeAsFileTime

  WaitForSingleObject

  TerminateProcess

  Sleep

  MoveFileW

  K32GetModuleFileNameExW

  OpenProcess

  LocalFree

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  FindClose

  FindNextFileW

  FindFirstFileW

  DeviceIoControl

  CompareFileTime

  DeleteFileW

  CreateDirectoryW

  WerUnregisterFile

  WerRegisterFile

  WriteFile

  CloseHandle

  SetFileTime

  SystemTimeToFileTime

  GetSystemTime

  GetLastError

  CreateFileW

  GetCurrentThreadId

  UnhandledExceptionFilter

  GetSystemTimes

  GetCurrentProcessId

  user32

  SendMessageTimeoutW

  DestroyWindow

  DispatchMessageW

  TranslateMessage

  ShowWindow

  GetMessageW

  CreateWindowExW

  GetClassNameW

  EnumWindows

  RegisterClassW

  PostMessageW

  GetWindowThreadProcessId

  advapi32

  RegEnumKeyW

  CryptAcquireContextW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  CryptDestroyHash

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegQueryValueExW

  RegSetValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegGetValueW

  RegCloseKey

  RegSetKeyValueW

  RegCreateKeyExW

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  CryptReleaseContext

  shell32

  SHCreateDirectoryExW

  SHGetKnownFolderPath

  SHGetSpecialFolderPathW

  SHFileOperationW

  SHChangeNotify

  CommandLineToArgvW

  SHCreateItemFromParsingName

  SHGetFolderPathW

  SHGetFolderPathAndSubDirW

  ord526

  ShellExecuteExW

  ole32

  CoCreateInstance

  CoCreateGuid

  CoCreateFreeThreadedMarshaler

  StringFromGUID2

  CoSetProxyBlanket

  CoInitializeEx

  CoUninitialize

  CoTaskMemFree

  StringFromCLSID

  oleaut32

  SysAllocStringByteLen

  SysStringByteLen

  SysAllocString

  GetRecordInfoFromTypeInfo

  LoadRegTypeLi

  LoadTypeLi

  SysFreeString

  SetErrorInfo

  SysStringLen

  GetErrorInfo

  crypt32

  CryptBinaryToStringW

  CryptStringToBinaryW

  rpcrt4

  RpcBindingSetAuthInfoExW

  RpcBindingFromStringBindingW

  RpcStringBindingComposeW

  RpcBindingFree

  RpcServerInqCallAttributesW

  RpcServerUnregisterIf

  RpcEpUnregister

  RpcBindingVectorFree

  RpcEpRegisterW

  RpcServerInqBindings

  RpcServerUseProtseqW

  RpcStringFreeW

  UuidToStringW

  UuidCreate

  RpcServerRegisterIfEx

  secur32

  GetUserNameExW

  shlwapi

  PathIsRelativeW

  PathFileExistsW

  PathIsDirectoryW

  SHGetValueW

  PathStripPathW

  SHRegGetBoolUSValueW

  SHRegGetValueW

  SHCreateStreamOnFileW

  PathIsPrefixW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  ws2_32

  accept

  send

  setsockopt

  bind

  htonl

  WSAGetLastError

  htons

  socket

  WSAStartup

  closesocket

  listen

  wtsapi32

  WTSQuerySessionInformationW

  WTSQueryUserToken

  WTSEnumerateSessionsW

  WTSFreeMemory

  msvcp140

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ?_Random_device@std@@YAIXZ

  _Cnd_wait

  _Cnd_do_broadcast_at_thread_exit

  _Mtx_current_owns

  _Cnd_timedwait

  _Thrd_id

  _Thrd_join

  ?_Throw_Cpp_error@std@@YAXH@Z

  _Cnd_broadcast

  _Cnd_destroy_in_situ

  _Cnd_init_in_situ

  ?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBUtm@@PB_W4@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Xinvalid_argument@std@@YAXPBD@Z

  _Mtx_trylock

  ?_Xbad_function_call@std@@YAXXZ

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_JH@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  _Xtime_get_ticks

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z

  ?_Xbad_alloc@std@@YAXXZ

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_unlock

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ??Bid@locale@std@@QAEIXZ

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ?_Xout_of_range@std@@YAXPBD@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?uncaught_exception@std@@YA_NXZ

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z

  ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z

  ?tellg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?always_noconv@codecvt_base@std@@QBE_NXZ

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

  ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

  ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

  ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

  ?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __std_type_info_destroy_list

  memset

  __std_exception_destroy

  _CxxThrowException

  _except_handler4_common

  __current_exception_context

  __current_exception

  wcsstr

  wcsrchr

  strrchr

  memmove

  __RTDynamicCast

  memcmp

  memcpy

  __CxxFrameHandler3

  __std_terminate

  __std_exception_copy

  _purecall

  api-ms-win-crt-runtime-l1-1-0

  _invalid_parameter_noinfo_noreturn

  _invalid_parameter_noinfo

  terminate

  _beginthreadex

  _initterm_e

  _initterm

  _errno

  _cexit

  _crt_atexit

  _execute_onexit_table

  _register_onexit_function

  _initialize_onexit_table

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  api-ms-win-crt-stdio-l1-1-0

  setvbuf

  __stdio_common_vsprintf_s

  fsetpos

  fgetwc

  __stdio_common_vswscanf

  _wfopen_s

  fgetc

  fclose

  fputwc

  fputc

  ungetc

  _fseeki64

  fflush

  ungetwc

  fwrite

  __stdio_common_vswprintf

  __stdio_common_vswprintf_s

  fread

  fgetpos

  _get_stream_buffer_pointers

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  malloc

  api-ms-win-crt-string-l1-1-0

  isxdigit

  _wcsicmp

  tolower

  iswspace

  _wcsdup

  towupper

  api-ms-win-crt-time-l1-1-0

  _localtime64_s

  _gmtime64_s

  _time64

  api-ms-win-crt-filesystem-l1-1-0

  _wrename

  _lock_file

  _wstat64

  _unlock_file

  _wremove

  api-ms-win-crt-convert-l1-1-0

  _strtod_l

  atof

  atol

  wcstoll

  wcstol

  strtoll

  _wtoi

  api-ms-win-crt-math-l1-1-0

  log2

  ceil

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ??0IScenario@ScenarioTracking@@QAE@ABV01@@Z

  ??0IScenario@ScenarioTracking@@QAE@XZ

  ??0ScenarioBase@ScenarioTracking@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ??0Scope@ScenarioTracking@@QAE@V?$shared_ptr@VIScenario@ScenarioTracking@@@std@@@Z

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ??0SuppressTransferScope@ScenarioTracking@@QAE@XZ

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ??0TransferScope@ScenarioTracking@@QAE@QBVITrace@1@@Z

  ??0TransferScope@ScenarioTracking@@QAE@V?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@@Z

  ??1IScenario@ScenarioTracking@@UAE@XZ

  ??1ScenarioBase@ScenarioTracking@@UAE@XZ

  ??1Scope@ScenarioTracking@@QAE@XZ

  ??1SuppressTransferScope@ScenarioTracking@@QAE@XZ

  ??1TelemetryEvent@@QAE@XZ

  ??1TransferScope@ScenarioTracking@@QAE@XZ

  ??4IScenario@ScenarioTracking@@QAEAAV01@ABV01@@Z

  ??_7IScenario@ScenarioTracking@@6B@

  ?ApplyScenarioImplicitParameters@ScenarioTracking@@YGXPB_WABV?$function@$$A6GXPBDV?$variant@PBDPB_WHI_J_K_N@std@@@Z@std@@@Z

  ?ApplyScenarioTracking@ScenarioTracking@@YGXABV?$function@$$A6GXPBDV?$variant@PBDPB_WHI_J_K_N@std@@@Z@std@@@Z

  ?AssignLoggingSession@@YGXABV?$shared_ptr@VILoggingSession@@@std@@_N@Z

  ?CaptureTrace@ScenarioTracking@@YG?AV?$unique_ptr@VITrace@ScenarioTracking@@U?$default_delete@VITrace@ScenarioTracking@@@std@@@std@@XZ

  ?ClassifyScenarioOutcome@FailuresClassification@@YG?AW4Outcome@QoS@@PB_WW423@K@Z

  ?ClearLoggingSession@@YGXXZ

  ?ConvertOutcomeToResultType@QoS@@YGPB_WW4Outcome@1@@Z

  ?ConvertResultTypeToOutcome@QoS@@YG?AW4Outcome@1@PB_W@Z

  ?CreateBinaryLoggingSession@@YGPAVILoggingSession@@XZ

  ?CreateRemoteDebugServer@@YGPAVIRemoteDebugServer@@_NG@Z

  ?DecrementActiveHydrationsCount@QoS@@YAXXZ

  ?FlushObfuscationTableToDisk@@YGXXZ

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?GetApplicationPropertyId@QoS@@YA?AW4Id@PropertyId@TelemetryConstants@@XZ

  ?GetCurrentTraceId@ScenarioTracking@@YGIXZ

  ?GetDefaultLoggingPath@@YGJAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV12@@Z

  ?GetDuration@ScenarioBase@ScenarioTracking@@UAE?AV?$duration@_JU?$ratio@$00$0DOI@@std@@@chrono@std@@XZ

  ?GetEmptyTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetErrorType@QoS@@YG?AW4Type@ErrorType@TelemetryConstants@@JI@Z

  ?GetErrorType@QoS@@YG?AW4Type@ErrorType@TelemetryConstants@@JIABV?$set@IU?$less@I@std@@V?$allocator@I@2@@std@@@Z

  ?GetId@ScenarioBase@ScenarioTracking@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetInstance@Telemetry@@CGPAV1@XZ

  ?GetLoggingSession@@YG?AV?$shared_ptr@VILoggingSession@@@std@@XZ

  ?GetName@ScenarioBase@ScenarioTracking@@UAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?GetResultType@QoS@@YAPB_WJI@Z

  ?GetResultType@QoS@@YAPB_WW4Type@ErrorType@TelemetryConstants@@@Z

  ?GetTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4ExperimentType@@PB_W11@Z

  ?GetValueTranslation@TelemetryEvent@@QAEP6G?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@ZI@Z

  ?GuidToString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABU_GUID@@@Z

  ?IncrementActiveHydrationsCount@QoS@@YAXXZ

  ?InsertIntoIrmEnabledLibrarySet@QoS@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  ?IsRecorded@ScenarioBase@ScenarioTracking@@UAE_NXZ

  ?LoggingAddToMultiValueCommonDatapoint@@YGXPB_W0@Z

  ?LoggingGetCallbackCount@@YGIXZ

  ?LoggingInitializeForExternalComponent@@YGJPB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingReconfigure@@YGXPAVIUpdateRingSettingsManager@@@Z

  ?LoggingRecordAssert@@YGXPB_W000I0_NI1@Z

  ?LoggingRecordAssert@@YGXPB_W00I0_NI1@Z

  ?LoggingRecordUnexpectedCrash@@YGXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0K@Z

  ?LoggingRegisterCallback@@YG_KP6GXPAXPBDI1ABU_GUID@@IIIQAUStructuredEventParameter@@@Z0@Z

  ?LoggingRemoveFromMultiValueCommonDatapoint@@YGXPB_W0@Z

  ?LoggingResetAccountSpecificCommonDatapoints@@YGXXZ

  ?LoggingResetTelemetryLevelsToDefault@@YGXXZ

  ?LoggingRotate@@YGXXZ

  ?LoggingRotateIfNeeded@@YGXXZ

  ?LoggingSanitizeFilename@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?LoggingSetCommonDatapointUserId@@YGXPB_WW4UserIdType@@@Z

  ?LoggingSetExperimentSetupData@@YGXPBDIQAUExperimentSetupData@@I1@Z

  ?LoggingSetLoggingPrivacyLevel@@YGXW4LoggingPrivacyLevel@@@Z

  ?LoggingSetTelemetryLevelEnabled@@YGXI_N@Z

  ?LoggingShouldSample@@YG_NN@Z

  ?LoggingSwitchTelemetryPipeline@@YGXW4TelemetryTransportType@@_N@Z

  ?LoggingUninitializeForExternalComponent@@YGXXZ

  ?LoggingUnregisterCallback@@YGX_K@Z

  ?LoggingWriteDebugString@@YAXHPBDI0_NPB_WZZ

  ?LoggingWriteDeviceFailureDatagramEntry@@YGXPB_W0@Z

  ?LoggingWriteFormatString@@YAXHPBDI0_NPB_WZZ

  ?LoggingWriteFormatStringEx@@YGXHHPBDI0_NPB_WPAD@Z

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingWriteStructuredEvent@@YGXPBDI0ABU_GUID@@IIIQAUStructuredEventParameter@@@Z

  ?MarkScenarioReported@ScenarioTracking@@YGXPB_W@Z

  ?NarrowStringToWideString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z

  ?ObserveTrace@ScenarioTracking@@YGPAVITrace@1@XZ

  ?OneDriveAssertWorker@@YAXPB_WW4OneDriveAssertType@@0I000ZZ

  ?OutcomeToTelemetryValue@QoS@@YG?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@Z

  ?OverrideAsserts@@YGXP6GXPB_W000I0_N@Z@Z

  ?Record@ScenarioBase@ScenarioTracking@@UAEXXZ

  ?Register@FailuresClassification@@YGX$$QAV?$function@$$A6G?AW4Outcome@QoS@@PB_WW412@K@Z@std@@@Z

  ?RegisterSensitiveRootPath@@YGXPB_W0@Z

  ?RemoveFromIrmEnabledLibrarySet@QoS@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?RemovePrivateInfo@@YGXAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

  ?ReportExternalAssert@@YGXPB_W_N0I0@Z

  ?ReportUnrecordedScenario@ScenarioTracking@@YGXAAVIScenario@1@@Z

  ?Reset@FailuresClassification@@YGXXZ

  ?SetApplicationId@QoS@@YAXI@Z

  ?SetValueTranslation@TelemetryEvent@@SGXPAU1@IP6G?AV?$variant@Umonostate@std@@PBDH@std@@ABTStructuredEventData@@@Z@Z

  ?SizeUnknown@QoS@@YGIXZ

  ?StartScenario@ScenarioTracking@@YG?AV?$shared_ptr@VIScenario@ScenarioTracking@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z

  ?StripPrivateInfoFromString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W@Z

  ?UnregisterSensitiveRootPath@@YGXPB_W@Z

  ?UpdateExperimentalAriaRampAPI@@YGX_N@Z

  ?UpdateOfficePrivacyRamp@@YGX_N@Z

  ?UpdateTelemetryTransmissionProfile@@YGXPBD_N@Z

  ?WideStringToNarrowString@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W@Z

  ?g_ODHasFatallyAsserted@@3_NA

  ?g_assertLogger@@3P6GXPB_W000I0_N@ZA

  ?g_catchAssertCallbackInvoked@@3HA

  ?initAssertLogger@@YGXP6GXPB_W000I0_N@Z@Z

  InitLogging

  UninitLogging

  _TestInitLogging@4

  _TestInitLoggingEx@20

  _TestUninitLogging@0

  Sections

  .text

  Size: 289KB - Virtual size: 288KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 115KB - Virtual size: 115KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 13KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 22KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/Setup.exe

  .exe windows:6 windows x86 arch:x86

  a569f565a2214bd7c6b5c9f192a7a2d0

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  af:01:ed:39:f3:ee:35:73:ca:e4:94:1c:f3:50:ec:91:f7:ca:ce:96:0e:07:cb:e4:5d:97:bc:5d:96:c5:4d:bd

  Signer

  Actual PE Digest

  af:01:ed:39:f3:ee:35:73:ca:e4:94:1c:f3:50:ec:91:f7:ca:ce:96:0e:07:cb:e4:5d:97:bc:5d:96:c5:4d:bd

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\UpdaterService\exe\obj\i386\OneDriveUpdaterService.pdb

  Imports

  kernel32

  GetACP

  GetOEMCP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  MultiByteToWideChar

  WideCharToMultiByte

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetEnvironmentVariableW

  GetDateFormatW

  GetTimeFormatW

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetProcessHeap

  GetFileType

  SetStdHandle

  GetStringTypeW

  FlushFileBuffers

  GetConsoleOutputCP

  GetConsoleMode

  GetFileSizeEx

  SetFilePointerEx

  ReadFile

  ReadConsoleW

  CreateFileW

  WriteConsoleW

  CompareFileTime

  DeleteFileW

  GetSystemTime

  LocalAlloc

  LocalFree

  CreateDirectoryW

  GetFullPathNameW

  GetTempFileNameW

  RemoveDirectoryW

  SetFileTime

  GetTempPathW

  Sleep

  CopyFileW

  MoveFileExW

  SystemTimeToFileTime

  HeapDestroy

  VerSetConditionMask

  VerifyVersionInfoW

  LockFileEx

  UnlockFileEx

  OpenProcess

  K32GetModuleFileNameExW

  GlobalFree

  FindFirstFileW

  WerRegisterFile

  WerUnregisterFile

  DeviceIoControl

  LoadLibraryW

  SetEvent

  GetFileSize

  CreateEventW

  WaitForMultipleObjects

  GetVersionExW

  MoveFileW

  WaitForSingleObject

  CreateMutexW

  CreateProcessW

  FindFirstFileExW

  IsWow64Process

  GetUserDefaultLocaleName

  GetComputerNameW

  GetDiskFreeSpaceExW

  PostQueuedCompletionStatus

  GetQueuedCompletionStatus

  ReadDirectoryChangesW

  CreateIoCompletionPort

  OpenFileById

  GetFinalPathNameByHandleW

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  CompareStringOrdinal

  GetFileAttributesW

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  IsValidCodePage

  GetEnvironmentVariableW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetSystemTimes

  GetProcessTimes

  GetLongPathNameW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetEndOfFile

  GetCurrentDirectoryW

  GetTimeZoneInformation

  VirtualQuery

  VirtualProtect

  GetSystemInfo

  FileTimeToSystemTime

  SystemTimeToTzSpecificLocalTime

  PeekNamedPipe

  GetDriveTypeW

  FreeLibraryAndExitThread

  FindClose

  HeapReAlloc

  HeapSize

  HeapAlloc

  HeapFree

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  GetModuleHandleExW

  ExitProcess

  LoadLibraryExW

  GetProcAddress

  FreeLibrary

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSectionAndSpinCount

  EncodePointer

  SetLastError

  InterlockedPushEntrySList

  RtlUnwind

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  GetModuleHandleW

  GetStartupInfoW

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  LeaveCriticalSection

  EnterCriticalSection

  OutputDebugStringW

  IsDebuggerPresent

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  InitializeCriticalSectionEx

  QueueUserWorkItem

  OutputDebugStringA

  GetModuleFileNameA

  GetSystemPowerStatus

  GetTickCount

  UnlockFile

  HeapCompact

  DeleteFileA

  LoadLibraryA

  CreateFileA

  FlushViewOfFile

  GetFileAttributesExW

  GetFileAttributesA

  GetDiskFreeSpaceA

  FormatMessageW

  GetTempPathA

  HeapValidate

  GetFullPathNameA

  LockFile

  GetDiskFreeSpaceW

  HeapCreate

  AreFileApisANSI

  InitializeCriticalSection

  FindVolumeClose

  FindNextFileW

  LoadLibraryExA

  DeleteCriticalSection

  DecodePointer

  ExitThread

  CreateThread

  ResetEvent

  InitOnceExecuteOnce

  LCMapStringEx

  CompareStringEx

  GetLocaleInfoEx

  AcquireSRWLockShared

  ReleaseSRWLockShared

  QueryPerformanceFrequency

  SleepConditionVariableSRW

  SleepConditionVariableCS

  WakeAllConditionVariable

  WakeConditionVariable

  RaiseException

  CloseHandle

  GetLastError

  GetProductInfo

  InitializeConditionVariable

  GetNativeSystemInfo

  GetExitCodeThread

  SwitchToThread

  WaitForSingleObjectEx

  TryEnterCriticalSection

  AcquireSRWLockExclusive

  ReleaseSRWLockExclusive

  InitializeSRWLock

  FormatMessageA

  user32

  TranslateMessage

  GetClassNameW

  RegisterClassW

  GetWindowThreadProcessId

  PostMessageW

  PostQuitMessage

  PostThreadMessageW

  SendMessageTimeoutW

  DestroyWindow

  DispatchMessageW

  CreateWindowExW

  ShowWindow

  GetMessageW

  EnumWindows

  rpcrt4

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcStringBindingComposeW

  RpcBindingFromStringBindingW

  RpcBindingSetAuthInfoExW

  RpcServerInqBindings

  RpcServerUseProtseqW

  RpcServerRegisterIfEx

  RpcBindingVectorFree

  RpcEpUnregister

  NdrServerCall2

  RpcServerUnregisterIf

  RpcStringFreeW

  UuidToStringW

  RpcEpRegisterW

  rstrtmgr

  RmEndSession

  RmStartSession

  RmRegisterResources

  RmGetList

  wer

  WerReportCreate

  WerReportSetParameter

  WerReportSubmit

  WerReportCloseHandle

  winhttp

  WinHttpOpen

  WinHttpCloseHandle

  WinHttpGetIEProxyConfigForCurrentUser

  WinHttpGetProxyForUrl

  wintrust

  WTHelperProvDataFromStateData

  WinVerifyTrustEx

  WTHelperGetProvSignerFromChain

  advapi32

  CloseServiceHandle

  RegCreateKeyExW

  RegOpenKeyExW

  RegQueryValueExW

  RegSetValueExW

  CryptDestroyKey

  CryptSetHashParam

  CryptImportKey

  LookupAccountNameW

  ImpersonateLoggedOnUser

  EventWriteTransfer

  EventRegister

  RegGetValueA

  GetUserNameW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegGetValueW

  RegSetKeyValueW

  DeregisterEventSource

  ReportEventW

  RegisterEventSourceW

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptGetHashParam

  CryptReleaseContext

  CryptAcquireContextW

  RevertToSelf

  RegCloseKey

  shell32

  ShellExecuteExW

  ord526

  SHGetFolderPathAndSubDirW

  SHCreateItemFromParsingName

  SHChangeNotify

  SHGetSpecialFolderPathW

  SHCreateDirectoryExW

  SHLoadNonloadedIconOverlayIdentifiers

  CommandLineToArgvW

  SHGetKnownFolderPath

  SHGetFolderPathW

  SHFileOperationW

  ole32

  CoUninitialize

  CoInitializeEx

  CoCreateFreeThreadedMarshaler

  CoSetProxyBlanket

  CoTaskMemFree

  CoCreateGuid

  CoInitialize

  CoTaskMemAlloc

  CLSIDFromString

  StringFromCLSID

  CoCreateInstance

  StringFromGUID2

  oleaut32

  GetErrorInfo

  SysStringLen

  SetErrorInfo

  SysStringByteLen

  GetRecordInfoFromTypeInfo

  LoadRegTypeLi

  LoadTypeLi

  VarBstrCmp

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocStringLen

  SysAllocString

  SysFreeString

  SysAllocStringByteLen

  crypt32

  CryptBinaryToStringW

  CryptStringToBinaryW

  CertVerifyCertificateChainPolicy

  CertFreeCertificateChain

  secur32

  GetUserNameExW

  shlwapi

  PathFileExistsW

  PathIsDirectoryW

  PathRemoveFileSpecW

  SHSetValueW

  SHCreateStreamOnFileEx

  SHCreateStreamOnFileW

  PathFindFileNameW

  PathIsRelativeW

  SHGetValueW

  ord219

  SHDeleteKeyW

  SHRegGetBoolUSValueW

  SHRegGetValueW

  PathStripPathW

  StrStrIW

  SHDeleteValueW

  PathIsPrefixW

  version

  VerQueryValueW

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  wininet

  InternetOpenW

  HttpQueryInfoA

  HttpSendRequestW

  HttpAddRequestHeadersA

  HttpOpenRequestA

  InternetSetStatusCallbackW

  InternetCloseHandle

  InternetConnectA

  InternetReadFile

  InternetQueryOptionW

  InternetCheckConnectionW

  InternetCrackUrlA

  ws2_32

  htonl

  socket

  closesocket

  WSAGetLastError

  htons

  listen

  send

  setsockopt

  WSAStartup

  bind

  accept

  wtsapi32

  WTSFreeMemory

  WTSEnumerateSessionsW

  WTSQuerySessionInformationW

  WTSQueryUserToken

  userenv

  CreateEnvironmentBlock

  GetDefaultUserProfileDirectoryW

  urlmon

  URLOpenStreamW

  iphlpapi

  GetAdaptersInfo

  Exports

  Exports

  ?$TSS0@?1??stateLock@DebugEventSource@Events@Applications@Microsoft@@KAAAVrecursive_mutex@std@@XZ@4HA

  ??0DebugEventDispatcher@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0DebugEventDispatcher@Events@Applications@Microsoft@@QAE@XZ

  ??0DebugEventListener@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0DebugEventListener@Events@Applications@Microsoft@@QAE@XZ

  ??0DebugEventSource@Events@Applications@Microsoft@@QAE@$$QAV0123@@Z

  ??0DebugEventSource@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0DebugEventSource@Events@Applications@Microsoft@@QAE@XZ

  ??0EventProperties@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0EventProperties@Events@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ??0EventProperties@Events@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@@std@@@2@@5@@Z

  ??0EventProperties@Events@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@E@Z

  ??0EventProperties@Events@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$initializer_list@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@@std@@@5@@Z

  ??0EventProperties@Events@Applications@Microsoft@@QAE@XZ

  ??0EventProperty@Events@Applications@Microsoft@@QAE@$$QAU0123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@AAV?$vector@NV?$allocator@N@std@@@std@@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@AAV?$vector@UGUID_t@Events@Applications@Microsoft@@V?$allocator@UGUID_t@Events@Applications@Microsoft@@@std@@@std@@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@AAV?$vector@_JV?$allocator@_J@std@@@std@@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@CW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@EW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@FW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@GW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@HW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@IW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@JW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@NW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@PBDW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@UGUID_t@123@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@Utime_ticks_t@123@W4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@XZ

  ??0EventProperty@Events@Applications@Microsoft@@QAE@_JW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@_KW4PiiKind@123@W4DataCategory@123@@Z

  ??0EventProperty@Events@Applications@Microsoft@@QAE@_NW4PiiKind@123@W4DataCategory@123@@Z

  ??0GUID_t@Events@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0GUID_t@Events@Applications@Microsoft@@QAE@HHHABV?$initializer_list@E@std@@@Z

  ??0GUID_t@Events@Applications@Microsoft@@QAE@PBD@Z

  ??0GUID_t@Events@Applications@Microsoft@@QAE@QBE_N@Z

  ??0GUID_t@Events@Applications@Microsoft@@QAE@U_GUID@@@Z

  ??0GUID_t@Events@Applications@Microsoft@@QAE@XZ

  ??0IAuthTokensController@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0IAuthTokensController@Events@Applications@Microsoft@@QAE@XZ

  ??0ILogConfiguration@Events@Applications@Microsoft@@QAE@$$QAV0123@@Z

  ??0ILogConfiguration@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0ILogConfiguration@Events@Applications@Microsoft@@QAE@ABV?$initializer_list@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VVariant@Events@Applications@Microsoft@@@std@@@std@@@Z

  ??0ILogConfiguration@Events@Applications@Microsoft@@QAE@XZ

  ??0ILogController@Events@Applications@Microsoft@@QAE@$$QAV0123@@Z

  ??0ILogController@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0ILogController@Events@Applications@Microsoft@@QAE@XZ

  ??0ILogManager@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0ILogManager@Events@Applications@Microsoft@@QAE@XZ

  ??0ILogger@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0ILogger@Events@Applications@Microsoft@@QAE@XZ

  ??0IModule@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0IModule@Events@Applications@Microsoft@@QAE@XZ

  ??0ISemanticContext@Events@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0ISemanticContext@Events@Applications@Microsoft@@QAE@XZ

  ??0LogConfiguration@Telemetry@Applications@Microsoft@@QAE@$$QAU0123@@Z

  ??0LogConfiguration@Telemetry@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0LogConfiguration@Telemetry@Applications@Microsoft@@QAE@XZ

  ??0time_ticks_t@Events@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0time_ticks_t@Events@Applications@Microsoft@@QAE@PB_J@Z

  ??0time_ticks_t@Events@Applications@Microsoft@@QAE@XZ

  ??0time_ticks_t@Events@Applications@Microsoft@@QAE@_K@Z

  ??1DebugEventDispatcher@Events@Applications@Microsoft@@UAE@XZ

  ??1DebugEventListener@Events@Applications@Microsoft@@UAE@XZ

  ??1DebugEventSource@Events@Applications@Microsoft@@UAE@XZ

  ??1EventProperties@Events@Applications@Microsoft@@UAE@XZ

  ??1EventProperty@Events@Applications@Microsoft@@UAE@XZ

  ??1IAuthTokensController@Events@Applications@Microsoft@@UAE@XZ

  ??1ILogConfiguration@Events@Applications@Microsoft@@QAE@XZ

  ??1ILogManager@Events@Applications@Microsoft@@UAE@XZ

  ??1ILogger@Events@Applications@Microsoft@@UAE@XZ

  ??1IModule@Events@Applications@Microsoft@@UAE@XZ

  ??1ISemanticContext@Events@Applications@Microsoft@@UAE@XZ

  ??1LogConfiguration@Telemetry@Applications@Microsoft@@QAE@XZ

  ??4DebugEventDispatcher@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4DebugEventListener@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4DebugEventSource@Events@Applications@Microsoft@@QAEAAV0123@$$QAV0123@@Z

  ??4DebugEventSource@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4EventProperties@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4EventProperties@Events@Applications@Microsoft@@QAEAAV0123@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@@std@@@2@@std@@@Z

  ??4EventProperties@Events@Applications@Microsoft@@QAEAAV0123@V?$initializer_list@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@@std@@@std@@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@ABV?$vector@NV?$allocator@N@std@@@std@@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@ABV?$vector@UGUID_t@Events@Applications@Microsoft@@V?$allocator@UGUID_t@Events@Applications@Microsoft@@@std@@@std@@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@ABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@ABV?$vector@_JV?$allocator@_J@std@@@std@@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@C@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@E@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@F@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@G@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@H@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@I@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@J@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@N@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@PBD@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@UGUID_t@123@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@Utime_ticks_t@123@@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@_J@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@_K@Z

  ??4EventProperty@Events@Applications@Microsoft@@QAEAAU0123@_N@Z

  ??4GUID_t@Events@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??4IAuthTokensController@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4ILogConfiguration@Events@Applications@Microsoft@@QAEAAV0123@$$QAV0123@@Z

  ??4ILogConfiguration@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4ILogController@Events@Applications@Microsoft@@QAEAAV0123@$$QAV0123@@Z

  ??4ILogController@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4ILogManager@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4ILogger@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4IModule@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4ISemanticContext@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4LogConfiguration@Telemetry@Applications@Microsoft@@QAEAAU0123@$$QAU0123@@Z

  ??4LogConfiguration@Telemetry@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??4LogManagerProvider@Events@Applications@Microsoft@@QAEAAV0123@$$QAV0123@@Z

  ??4LogManagerProvider@Events@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4time_ticks_t@Events@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??8EventProperty@Events@Applications@Microsoft@@QBE_NABU0123@@Z

  ??8GUID_t@Events@Applications@Microsoft@@QBE_NABU0123@@Z

  ??AILogConfiguration@Events@Applications@Microsoft@@QAEAAVVariant@123@PBD@Z

  ??DILogConfiguration@Events@Applications@Microsoft@@QAEAAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VVariant@Events@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VVariant@Events@Applications@Microsoft@@@std@@@2@@std@@XZ

  ??MGUID_t@Events@Applications@Microsoft@@QBE_NABU0123@@Z

  ??YEventProperties@Events@Applications@Microsoft@@QAEAAV0123@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@@std@@@2@@std@@@Z

  ??_7DebugEventDispatcher@Events@Applications@Microsoft@@6B@

  ??_7DebugEventListener@Events@Applications@Microsoft@@6B@

  ??_7DebugEventSource@Events@Applications@Microsoft@@6B@

  ??_7EventProperties@Events@Applications@Microsoft@@6B@

  ??_7EventProperty@Events@Applications@Microsoft@@6B@

  ??_7IAuthTokensController@Events@Applications@Microsoft@@6B@

  ??_7ILogController@Events@Applications@Microsoft@@6B@

  ??_7ILogManager@Events@Applications@Microsoft@@6BDebugEventDispatcher@123@@

  ??_7ILogManager@Events@Applications@Microsoft@@6BIContextProvider@123@@

  ??_7ILogManager@Events@Applications@Microsoft@@6BILogController@123@@

  ??_7ILogger@Events@Applications@Microsoft@@6B@

  ??_7IModule@Events@Applications@Microsoft@@6B@

  ??_7ISemanticContext@Events@Applications@Microsoft@@6B@

  ?AddEventListener@DebugEventSource@Events@Applications@Microsoft@@UAEXW4DebugEventType@234@AAVDebugEventListener@234@@Z

  ?AddModule@ILogConfiguration@Events@Applications@Microsoft@@QAEXPBDABV?$shared_ptr@VIModule@Events@Applications@Microsoft@@@std@@@Z

  ?AttachEventSource@DebugEventSource@Events@Applications@Microsoft@@UAE_NAAV1234@@Z

  ?ClearExperimentIds@ISemanticContext@Events@Applications@Microsoft@@UAEXXZ

  ?CreateLogManager@LogManagerProvider@Events@Applications@Microsoft@@SAPAVILogManager@234@AAVILogConfiguration@234@AAW4status_t@234@@Z

  ?CreateLogManager@LogManagerProvider@Events@Applications@Microsoft@@SAPAVILogManager@234@PBDAAW4status_t@234@_K@Z

  ?CreateLogManager@LogManagerProvider@Events@Applications@Microsoft@@SAPAVILogManager@234@PBD_NAAVILogConfiguration@234@AAW4status_t@234@_K@Z

  ?DestroyLogManager@LogManagerProvider@Events@Applications@Microsoft@@SA?AW4status_t@234@PBD@Z

  ?DetachEventSource@DebugEventSource@Events@Applications@Microsoft@@UAE_NAAV1234@@Z

  ?DispatchEvent@DebugEventSource@Events@Applications@Microsoft@@UAE_NVDebugEvent@234@@Z

  ?DispatchEventBroadcast@ILogManager@Events@Applications@Microsoft@@SA_NVDebugEvent@234@@Z

  ?FromJSON@Events@Applications@Microsoft@@YA?AVILogConfiguration@123@PBD@Z

  ?FromLogConfiguration@Events@Applications@Microsoft@@YA?AVILogConfiguration@123@AAULogConfiguration@Telemetry@23@@Z

  ?Get@LogManagerProvider@Events@Applications@Microsoft@@CAPAVILogManager@234@AAVILogConfiguration@234@AAW4status_t@234@@Z

  ?Get@LogManagerProvider@Events@Applications@Microsoft@@CAPAVILogManager@234@PBDAAW4status_t@234@@Z

  ?GetDefaultConfiguration@Events@Applications@Microsoft@@YAABVILogConfiguration@123@XZ

  ?GetLatency@EventProperties@Events@Applications@Microsoft@@QBE?AW4EventLatency@234@XZ

  ?GetModule@ILogConfiguration@Events@Applications@Microsoft@@QAE?AV?$shared_ptr@VIModule@Events@Applications@Microsoft@@@std@@PBD@Z

  ?GetModules@ILogConfiguration@Events@Applications@Microsoft@@QAEAAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$shared_ptr@VIModule@Events@Applications@Microsoft@@@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$shared_ptr@VIModule@Events@Applications@Microsoft@@@2@@std@@@2@@std@@XZ

  ?GetName@EventProperties@Events@Applications@Microsoft@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?GetPersistence@EventProperties@Events@Applications@Microsoft@@QBE?AW4EventPersistence@234@XZ

  ?GetPiiProperties@EventProperties@Events@Applications@Microsoft@@QBE?BV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@U?$pair@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@Events@Applications@Microsoft@@@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@U?$pair@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@Events@Applications@Microsoft@@@2@@std@@@2@@std@@W4DataCategory@234@@Z

  ?GetPolicyBitFlags@EventProperties@Events@Applications@Microsoft@@QBE_KXZ

  ?GetPopSample@EventProperties@Events@Applications@Microsoft@@QBENXZ

  ?GetPriority@EventProperties@Events@Applications@Microsoft@@QBE?AW4EventPriority@234@XZ

  ?GetProperties@EventProperties@Events@Applications@Microsoft@@QBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Events@Applications@Microsoft@@@std@@@2@@std@@W4DataCategory@234@@Z

  ?GetTimestamp@EventProperties@Events@Applications@Microsoft@@QBE_JXZ

  ?GetType@EventProperties@Events@Applications@Microsoft@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?HasConfig@ILogConfiguration@Events@Applications@Microsoft@@QAE_NPBD@Z

  ?Hash@GUID_t@Events@Applications@Microsoft@@QBEIXZ

  ?Initialize@IModule@Events@Applications@Microsoft@@UAEXPAVILogManager@234@@Z

  ?Release@LogManagerProvider@Events@Applications@Microsoft@@SA?AW4status_t@234@AAVILogConfiguration@234@@Z

  ?Release@LogManagerProvider@Events@Applications@Microsoft@@SA?AW4status_t@234@PBD@Z

  ?RemoveEventListener@DebugEventSource@Events@Applications@Microsoft@@UAEXW4DebugEventType@234@AAVDebugEventListener@234@@Z

  ?SetAppEnv@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppExperimentETag@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppExperimentIds@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppExperimentImpressionId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppLanguage@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppName@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetAppVersion@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetCommercialId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetCommonField@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUEventProperty@234@@Z

  ?SetCustomField@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUEventProperty@234@@Z

  ?SetDeviceClass@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetDeviceId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetDeviceMake@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetDeviceModel@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetDeviceOrgId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetEventExperimentIds@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

  ?SetLatency@EventProperties@Events@Applications@Microsoft@@QAEXW4EventLatency@234@@Z

  ?SetLevel@EventProperties@Events@Applications@Microsoft@@QAEXE@Z

  ?SetName@EventProperties@Events@Applications@Microsoft@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetNetworkCost@ISemanticContext@Events@Applications@Microsoft@@UAEXW4NetworkCost@234@@Z

  ?SetNetworkProvider@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetNetworkType@ISemanticContext@Events@Applications@Microsoft@@UAEXW4NetworkType@234@@Z

  ?SetOsBuild@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetOsName@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetOsVersion@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetPersistence@EventProperties@Events@Applications@Microsoft@@QAEXW4EventPersistence@234@@Z

  ?SetPolicyBitFlags@EventProperties@Events@Applications@Microsoft@@QAEX_K@Z

  ?SetPopsample@EventProperties@Events@Applications@Microsoft@@QAEXN@Z

  ?SetPriority@EventProperties@Events@Applications@Microsoft@@QAEXW4EventPriority@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@NV?$allocator@N@std@@@6@W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@UGUID_t@Events@Applications@Microsoft@@V?$allocator@UGUID_t@Events@Applications@Microsoft@@@std@@@6@W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@6@W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@_JV?$allocator@_J@std@@@6@W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@EW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@FW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@GW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@NW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UGUID_t@234@W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Utime_ticks_t@234@W4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_JW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_KW4PiiKind@234@W4DataCategory@234@@Z

  ?SetProperty@EventProperties@Events@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_NW4PiiKind@234@W4DataCategory@234@@Z

  ?SetTicket@ISemanticContext@Events@Applications@Microsoft@@UAEXW4TicketType@234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetTimestamp@EventProperties@Events@Applications@Microsoft@@QAEX_J@Z

  ?SetType@EventProperties@Events@Applications@Microsoft@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetUserANID@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetUserAdvertisingId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetUserId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@234@@Z

  ?SetUserLanguage@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetUserMsaId@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetUserTimeZone@ISemanticContext@Events@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?Teardown@IModule@Events@Applications@Microsoft@@UAEXXZ

  ?TryGetLevel@EventProperties@Events@Applications@Microsoft@@QBE?AV?$tuple@_NE@std@@XZ

  ?clear@EventProperty@Events@Applications@Microsoft@@QAEXXZ

  ?convertUintVectorToGUID@GUID_t@Events@Applications@Microsoft@@SA?AU_GUID@@ABV?$vector@EV?$allocator@E@std@@@std@@@Z

  ?copydata@EventProperty@Events@Applications@Microsoft@@AAEXPBU1234@@Z

  ?empty@EventProperty@Events@Applications@Microsoft@@QAE_NXZ

  ?erase@EventProperties@Events@Applications@Microsoft@@QAEIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4DataCategory@234@@Z

  ?lock@?1??stateLock@DebugEventSource@Events@Applications@Microsoft@@KAAAVrecursive_mutex@std@@XZ@4V67@A

  ?pack@EventProperties@Events@Applications@Microsoft@@QAEPAUevt_prop@@XZ

  ?stateLock@DebugEventSource@Events@Applications@Microsoft@@KAAAVrecursive_mutex@std@@XZ

  ?to_bytes@GUID_t@Events@Applications@Microsoft@@QBEXAAY0BA@E@Z

  ?to_string@EventProperty@Events@Applications@Microsoft@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?to_string@GUID_t@Events@Applications@Microsoft@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?type_name@EventProperty@Events@Applications@Microsoft@@SAPBDI@Z

  ?unpack@EventProperties@Events@Applications@Microsoft@@QAE_NPAUevt_prop@@I@Z

  evt_api_call_default

  Sections

  .text

  Size: 2.0MB - Virtual size: 2.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 448KB - Virtual size: 448KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 94KB - Virtual size: 106KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .didat

  Size: 512B - Virtual size: 36B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 99KB - Virtual size: 98KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/UpdateRingSettings.dll

  .dll windows:6 windows x86 arch:x86

  8f4151e2b47c8157fda35112fe040b85

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  dd:e0:ef:0f:e2:09:fe:09:e6:90:7b:58:a6:dc:ca:a9:ea:1b:cd:23:9d:5c:bd:b2:11:06:58:88:e2:9d:e4:6c

  Signer

  Actual PE Digest

  dd:e0:ef:0f:e2:09:fe:09:e6:90:7b:58:a6:dc:ca:a9:ea:1b:cd:23:9d:5c:bd:b2:11:06:58:88:e2:9d:e4:6c

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\UpdateRingSettings\dll\obj\i386\UpdateRingSettings.pdb

  Imports

  loggingplatform

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?WideStringToNarrowString@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W@Z

  ?NarrowStringToWideString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ??1TelemetryEvent@@QAE@XZ

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingSetExperimentSetupData@@YGXPBDIQAUExperimentSetupData@@I1@Z

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ?LoggingRotateIfNeeded@@YGXXZ

  kernel32

  FindNextVolumeW

  FindVolumeClose

  DeviceIoControl

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  GetCommandLineW

  CopyFileW

  SetDllDirectoryW

  ReleaseMutex

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetSystemTimes

  GetProcessTimes

  IsDebuggerPresent

  FindFirstVolumeW

  DeleteCriticalSection

  VerSetConditionMask

  VerifyVersionInfoW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  GetLongPathNameW

  SetLastError

  ExpandEnvironmentStringsW

  InterlockedPushEntrySList

  OutputDebugStringW

  InitializeSListHead

  DisableThreadLibraryCalls

  GetCurrentThreadId

  QueryPerformanceCounter

  CreateEventW

  WaitForSingleObjectEx

  ResetEvent

  SetEvent

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  IsProcessorFeaturePresent

  GetExitCodeProcess

  GetFileAttributesW

  CompareStringOrdinal

  SetFileInformationByHandle

  GetFileInformationByHandleEx

  GetFileInformationByHandle

  GetFinalPathNameByHandleW

  OpenFileById

  CreateFileW

  CreateIoCompletionPort

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetDiskFreeSpaceExW

  MultiByteToWideChar

  WideCharToMultiByte

  GetSystemTime

  DeleteFileW

  FindClose

  FindFirstFileW

  FreeLibrary

  LoadLibraryW

  IsWow64Process

  CreateProcessW

  CreateMutexW

  GetProcessHeap

  HeapAlloc

  HeapFree

  GetModuleFileNameW

  GetModuleHandleW

  GetProcAddress

  GetCurrentProcess

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  WaitForSingleObject

  TerminateProcess

  Sleep

  GetLastError

  MoveFileW

  CloseHandle

  K32GetModuleFileNameExW

  OpenProcess

  LocalFree

  InitializeCriticalSectionEx

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  AcquireSRWLockShared

  AcquireSRWLockExclusive

  ReleaseSRWLockShared

  ReleaseSRWLockExclusive

  user32

  GetClassNameW

  GetWindowThreadProcessId

  PostMessageW

  SendMessageTimeoutW

  ShowWindow

  GetMessageW

  CreateWindowExW

  DestroyWindow

  EnumWindows

  DispatchMessageW

  TranslateMessage

  RegisterClassW

  advapi32

  RegCreateKeyExW

  RegSetKeyValueW

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  CryptHashData

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptAcquireContextW

  RegEnumValueW

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegQueryValueExW

  RegSetValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegGetValueW

  RegCloseKey

  shell32

  SHGetFolderPathAndSubDirW

  ShellExecuteExW

  SHChangeNotify

  SHGetFolderPathW

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHFileOperationW

  ord526

  SHCreateItemFromParsingName

  SHCreateDirectoryExW

  CommandLineToArgvW

  ole32

  CoCreateInstance

  CoTaskMemFree

  StringFromCLSID

  CoCreateFreeThreadedMarshaler

  StringFromGUID2

  CLSIDFromString

  CoSetProxyBlanket

  CoInitializeEx

  CoUninitialize

  CoCreateGuid

  oleaut32

  GetErrorInfo

  SysStringLen

  SetErrorInfo

  LoadTypeLi

  LoadRegTypeLi

  GetRecordInfoFromTypeInfo

  SysFreeString

  SysAllocString

  SysAllocStringByteLen

  SysStringByteLen

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcServerRegisterIfEx

  RpcServerUseProtseqW

  RpcServerInqBindings

  RpcEpRegisterW

  RpcBindingVectorFree

  RpcEpUnregister

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcStringBindingComposeW

  RpcBindingFromStringBindingW

  RpcStringFreeW

  RpcBindingSetAuthInfoExW

  secur32

  GetUserNameExW

  shlwapi

  SHRegGetValueW

  PathRemoveFileSpecW

  StrStrIW

  SHRegGetBoolUSValueW

  PathStripPathW

  SHGetValueW

  SHCreateStreamOnFileW

  PathFileExistsW

  PathIsPrefixW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetCheckConnectionW

  wtsapi32

  WTSQueryUserToken

  WTSQuerySessionInformationW

  WTSFreeMemory

  WTSEnumerateSessionsW

  msvcp140

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Xbad_function_call@std@@YAXXZ

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Query_perf_frequency

  _Query_perf_counter

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Mtx_unlock

  ??0facet@locale@std@@IAE@I@Z

  ??1facet@locale@std@@MAE@XZ

  ?_Xlength_error@std@@YAXPBD@Z

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?_Xout_of_range@std@@YAXPBD@Z

  ?_Xinvalid_argument@std@@YAXPBD@Z

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  _Strxfrm

  _Strcoll

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ??Bid@locale@std@@QAEIXZ

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$ctype@D@std@@2V0locale@2@A

  ?tolower@?$ctype@D@std@@QBEDD@Z

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ?_Xbad_alloc@std@@YAXXZ

  ?id@?$collate@D@std@@2V0locale@2@A

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?uncaught_exception@std@@YA_NXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?id@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z

  ?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

  ?get@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD4@Z

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __std_exception_copy

  strchr

  _purecall

  wcsstr

  __std_terminate

  __current_exception

  __current_exception_context

  _CxxThrowException

  memset

  __std_type_info_destroy_list

  memmove

  memcpy

  __CxxFrameHandler3

  __std_exception_destroy

  _except_handler4_common

  memchr

  memcmp

  api-ms-win-crt-runtime-l1-1-0

  _initterm

  terminate

  _cexit

  _initterm_e

  _invalid_parameter_noinfo_noreturn

  _seh_filter_dll

  _configure_narrow_argv

  _initialize_narrow_environment

  _initialize_onexit_table

  _register_onexit_function

  _execute_onexit_table

  _crt_atexit

  _errno

  api-ms-win-crt-convert-l1-1-0

  wcstol

  _strtod_l

  wcstoul

  wcstod

  strtoul

  atof

  atol

  strtoll

  _wtoi

  strtol

  api-ms-win-crt-time-l1-1-0

  _time64

  _mkgmtime64

  strftime

  _gmtime64_s

  _difftime64

  _localtime64_s

  api-ms-win-crt-heap-l1-1-0

  malloc

  free

  _callnewh

  realloc

  api-ms-win-crt-stdio-l1-1-0

  fclose

  __stdio_common_vsprintf_s

  _wfopen_s

  __stdio_common_vswprintf_s

  __stdio_common_vswprintf

  __stdio_common_vsprintf

  api-ms-win-crt-math-l1-1-0

  round

  ceil

  api-ms-win-crt-string-l1-1-0

  isxdigit

  _wcsdup

  towupper

  iswspace

  wcstok_s

  api-ms-win-crt-locale-l1-1-0

  _create_locale

  _free_locale

  Exports

  Exports

  ?GetECSConfigurationManager@@YGPAVIECSConfigurationManager@@XZ

  ?GetFeatureSupport@@YGPAVIFeatureSupport@@XZ

  ?GetUpdateRingSettingsManager@@YGPAVIUpdateRingSettingsManager@@XZ

  ?OverrideECSConfigurationManager@@YGXPAVIECSConfigurationManager@@@Z

  ?OverrideFeatureSupport@@YGXPAVIFeatureSupport@@@Z

  ?OverrideUpdateRingSettingsManager@@YGXPAVIUpdateRingSettingsManager@@@Z

  ?ResetECSConfigurationManager@@YGXXZ

  ?ResetFeatureSupport@@YGXXZ

  ?ResetUpdateRingSettingsManager@@YGXXZ

  Sections

  .text

  Size: 240KB - Virtual size: 240KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 96KB - Virtual size: 95KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 19KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/config/Config.dat

  .exe windows:6 windows x86 arch:x86

  d89e012bb90c3e56ea22733716ecc3f1

  
  

  Code Sign

  33:00:00:03:f1:62:06:e3:e7:ef:da:8a:be:00:00:00:00:03:f1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-12-2020 21:24

  Not After

  02-12-2021 21:24

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  1d:db:77:07:94:e2:4e:81:c1:63:71:50:db:4d:99:c3:ce:c2:a5:dd:a6:24:92:41:43:01:90:d8:4b:06:a8:c1

  Signer

  Actual PE Digest

  1d:db:77:07:94:e2:4e:81:c1:63:71:50:db:4d:99:c3:ce:c2:a5:dd:a6:24:92:41:43:01:90:d8:4b:06:a8:c1

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  d:\dbs\sh\odct\0629_224505_0\client\onedrive\Product\FileCoAuth\Desktop\exe\obj\i386\FileCoAuth.pdb

  Imports

  loggingplatform

  ?LoggingWriteStructuredEvent@@YGXABUStructuredEvent@@QAUStructuredEventParameter@@@Z

  ?LoggingRotateIfNeeded@@YGXXZ

  ??0StructuredEvent@@QAE@PBDH0ABU_GUID@@IIII@Z

  ?GetActiveHydrationsCount@QoS@@YAIXZ

  ?LoggingSetCommonDatapointUserId@@YGXPB_WW4UserIdType@@@Z

  ?GuidToString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABU_GUID@@@Z

  ?StripPrivateInfoFromString@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W@Z

  ?LoggingUninitializeForExternalComponent@@YGXXZ

  ?GetEmptyTelemetryUsageExperimentVector@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ

  ?LoggingSendTelemetryEvent@@YGXAAUTelemetryEvent@@QAUStructuredEventParameter@@@Z

  ??1TelemetryEvent@@QAE@XZ

  ??0TelemetryEvent@@QAE@PBD0ABU_GUID@@II00II@Z

  ?LoggingInitializeForExternalComponent@@YGJPB_W0_NG11W4TelemetryTransportType@@0K1@Z

  ?LoggingSetCommonDatapoint@@YGXPB_W0@Z

  ?LoggingRecordAssert@@YGXPB_W00I0_NI1@Z

  ?IsAnyLibraryIrmEnabled@QoS@@YA_NXZ

  updateringsettings

  ?GetUpdateRingSettingsManager@@YGPAVIUpdateRingSettingsManager@@XZ

  propsys

  PropVariantToStringAlloc

  PropVariantToUInt32

  ntdll

  NtQueryDirectoryFile

  VerSetConditionMask

  RtlNtStatusToDosError

  kernel32

  FindNextFileW

  CreateEventExW

  GetLongPathNameW

  VerifyVersionInfoW

  PostQueuedCompletionStatus

  GetQueuedCompletionStatus

  ReadDirectoryChangesW

  CreateIoCompletionPort

  CreateFileW

  OpenFileById

  GetFinalPathNameByHandleW

  GetFileInformationByHandle

  GetFileInformationByHandleEx

  SetFileInformationByHandle

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  DeviceIoControl

  GetFileSizeEx

  ReadFile

  GetEnvironmentVariableW

  SetDllDirectoryW

  GetCurrentThread

  RegisterApplicationRestart

  SetFilePointer

  GetFileSize

  GetFileType

  LoadLibraryExW

  GetSystemTimes

  GetProcessTimes

  IsDebuggerPresent

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetLastError

  DebugBreak

  SetFileAttributesW

  GetFileAttributesW

  CompareStringOrdinal

  GetDiskFreeSpaceExW

  MultiByteToWideChar

  WideCharToMultiByte

  SystemTimeToFileTime

  CopyFileW

  QueueUserWorkItem

  MoveFileWithProgressW

  GlobalLock

  GlobalUnlock

  GlobalFree

  GlobalAlloc

  GetDateFormatW

  OpenEventW

  GetLocaleInfoW

  OpenMutexW

  SystemTimeToTzSpecificLocalTime

  UnregisterApplicationRestart

  GetFileAttributesExW

  DuplicateHandle

  WaitForMultipleObjects

  GetSystemTime

  DeleteFileW

  FindClose

  FindFirstFileW

  FreeLibrary

  LoadLibraryW

  GetComputerNameW

  GetUserDefaultLocaleName

  GetProductInfo

  LCIDToLocaleName

  CreateProcessW

  CreateMutexW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  TerminateProcess

  MoveFileW

  K32GetModuleFileNameExW

  OpenProcess

  GetVersionExW

  LocalFree

  QueryFullProcessImageNameW

  GetCurrentProcess

  IsWow64Process

  LeaveCriticalSection

  EnterCriticalSection

  GetCurrentThreadId

  GetModuleHandleW

  GetProcessHeap

  DeleteCriticalSection

  GetProcAddress

  DecodePointer

  HeapAlloc

  CreateThread

  RaiseException

  CloseHandle

  SetEvent

  GetLastError

  Sleep

  CreateEventW

  WaitForSingleObject

  InitializeCriticalSectionEx

  GetModuleFileNameW

  GetCommandLineW

  HeapFree

  FormatMessageW

  InitializeSListHead

  GetCurrentDirectoryW

  InterlockedPushEntrySList

  QueryPerformanceCounter

  GetStartupInfoW

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  WaitForSingleObjectEx

  ResetEvent

  InitializeCriticalSectionAndSpinCount

  InitOnceBeginInitialize

  InitOnceComplete

  OutputDebugStringW

  ReleaseMutex

  GetVolumeInformationW

  GetDriveTypeW

  GetLogicalDrives

  RemoveDirectoryW

  GetComputerNameExW

  GetTickCount64

  WerRegisterFile

  user32

  GetLastActivePopup

  SetFocus

  AllowSetForegroundWindow

  GetWindowRect

  PeekMessageW

  MessageBoxW

  TrackPopupMenu

  GetSubMenu

  GetDoubleClickTime

  SetMenuDefaultItem

  EnableMenuItem

  GetMenuStringW

  GetMenuItemCount

  RemoveMenu

  DeleteMenu

  PostQuitMessage

  AppendMenuW

  AdjustWindowRectEx

  ModifyMenuW

  SendMessageTimeoutW

  LoadImageW

  GetIconInfo

  EndDialog

  IsWindow

  SetForegroundWindow

  FindWindowW

  SendMessageW

  RegisterClassW

  PostThreadMessageW

  CreateWindowExW

  TranslateMessage

  ShowWindow

  CharNextW

  DispatchMessageW

  DestroyWindow

  SetWindowPos

  CharUpperW

  GetMessageW

  SetTimer

  KillTimer

  GetClassNameW

  GetWindowThreadProcessId

  PostMessageW

  EnumWindows

  GetLastInputInfo

  GetProcessDefaultLayout

  IsHungAppWindow

  MapWindowPoints

  GetWindowLongW

  CloseClipboard

  OpenClipboard

  GetClipboardData

  SetClipboardData

  EmptyClipboard

  SystemParametersInfoW

  advapi32

  SetNamedSecurityInfoW

  InitializeAcl

  GetAce

  RegDeleteKeyExW

  RegDeleteTreeW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  QueryServiceStatus

  DeleteService

  AllocateAndInitializeSid

  CreateProcessAsUserW

  DuplicateTokenEx

  ConvertSidToStringSidW

  OpenServiceW

  ConvertStringSidToSidW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  ChangeServiceConfigW

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  SetFileSecurityW

  AccessCheck

  MapGenericMask

  DuplicateToken

  OpenThreadToken

  IsValidAcl

  GetNamedSecurityInfoW

  AddAce

  SetEntriesInAclW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  CryptHashData

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptCreateHash

  CryptAcquireContextW

  RegEnumValueW

  CopySid

  GetLengthSid

  IsValidSid

  GetTokenInformation

  OpenProcessToken

  RegDeleteValueW

  RegSetValueExW

  RegEnumKeyExW

  RegGetValueW

  RegSetKeyValueW

  RegCreateKeyExW

  RegQueryValueExW

  RegCloseKey

  RegQueryInfoKeyW

  RegDeleteKeyW

  RegOpenKeyExW

  RegCopyTreeW

  RegNotifyChangeKeyValue

  GetUserNameW

  CheckTokenMembership

  DeleteAce

  shell32

  AssocCreateForClasses

  SHBrowseForFolderW

  SHGetPathFromIDListW

  SHAppBarMessage

  CommandLineToArgvW

  ShellExecuteExW

  ord526

  SHGetFolderPathAndSubDirW

  SHGetFolderPathW

  SHCreateDirectoryExW

  SHSetKnownFolderPath

  ShellExecuteW

  Shell_NotifyIconW

  SHParseDisplayName

  SHGetSpecialFolderPathW

  SHGetKnownFolderPath

  SHFileOperationW

  SHCreateItemFromParsingName

  SHChangeNotify

  ole32

  CoGetObject

  CoAllowSetForegroundWindow

  CoTaskMemFree

  CoTaskMemAlloc

  CoCreateFreeThreadedMarshaler

  CoReleaseServerProcess

  CoAddRefServerProcess

  CoInitializeEx

  CoRevokeClassObject

  CoInitializeSecurity

  CoRegisterClassObject

  CoCreateInstance

  GetRunningObjectTable

  PropVariantClear

  CoImpersonateClient

  CoGetCallContext

  CoRevertToSelf

  CoUninitialize

  CoCreateGuid

  CoSetProxyBlanket

  CoWaitForMultipleHandles

  CLSIDFromString

  StringFromCLSID

  CoResumeClassObjects

  CreateItemMoniker

  CreateBindCtx

  StringFromGUID2

  oleaut32

  LoadTypeLi

  UnRegisterTypeLi

  LoadRegTypeLi

  GetRecordInfoFromTypeInfo

  SysAllocStringByteLen

  SysStringByteLen

  RegisterTypeLi

  SysAllocString

  SysStringLen

  SetErrorInfo

  SafeArrayAccessData

  SafeArrayUnaccessData

  GetErrorInfo

  SysFreeString

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  rpcrt4

  RpcServerUseProtseqW

  UuidToStringW

  RpcServerRegisterIfEx

  RpcStringFreeW

  RpcServerInqBindings

  RpcEpRegisterW

  RpcBindingVectorFree

  RpcEpUnregister

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcBindingSetAuthInfoExW

  RpcBindingFromStringBindingW

  RpcStringBindingComposeW

  secur32

  GetUserNameExW

  shlwapi

  PathFileExistsW

  SHCreateStreamOnFileW

  SHCreateStreamOnFileEx

  PathFindFileNameW

  SHStrDupW

  SHDeleteKeyW

  SHRegCreateUSKeyW

  SHGetValueW

  SHRegGetUSValueW

  PathStripPathW

  PathStripToRootW

  SHRegCloseUSKey

  SHRegSetUSValueW

  SHDeleteValueW

  PathIsDirectoryW

  PathIsDirectoryEmptyW

  PathIsPrefixW

  AssocCreate

  PathRemoveFileSpecW

  StrStrIW

  UrlEscapeW

  UrlCreateFromPathW

  SHRegGetValueW

  SHRegGetBoolUSValueW

  version

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  VerQueryValueW

  wininet

  InternetCheckConnectionW

  InternetGetConnectedState

  wtsapi32

  WTSQuerySessionInformationW

  WTSQueryUserToken

  WTSFreeMemory

  WTSEnumerateSessionsW

  msvcp140

  _Xtime_get_ticks

  ?in@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAG3AAPAG@Z

  ?out@?$codecvt@GDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBG1AAPBGPAD3AAPAD@Z

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

  ?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

  ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

  ?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ?_Xbad_alloc@std@@YAXXZ

  ?_Xlength_error@std@@YAXPBD@Z

  ?_Xbad_function_call@std@@YAXXZ

  ?_Xout_of_range@std@@YAXPBD@Z

  _Mtx_destroy_in_situ

  _Mtx_init_in_situ

  _Cnd_init_in_situ

  _Cnd_destroy_in_situ

  _Mtx_lock

  ?_Throw_C_error@std@@YAXH@Z

  _Mtx_unlock

  _Cnd_wait

  _Cnd_broadcast

  _Cnd_unregister_at_thread_exit

  ?__ExceptionPtrDestroy@@YAXPAX@Z

  _Cnd_register_at_thread_exit

  ?__ExceptionPtrCopy@@YAXPAXPBX@Z

  ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z

  ?__ExceptionPtrToBool@@YA_NPBX@Z

  ?_Syserror_map@std@@YAPBDH@Z

  ?_Throw_future_error@std@@YAXABVerror_code@1@@Z

  ?__ExceptionPtrRethrow@@YAXPBX@Z

  ?__ExceptionPtrCurrentException@@YAXPAX@Z

  ?__ExceptionPtrCreate@@YAXPAX@Z

  ?_ReportUnobservedException@details@Concurrency@@YAXXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?__ExceptionPtrAssign@@YAXPAXPBX@Z

  ?_Reset@_ContextCallback@details@Concurrency@@AAEXXZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?_Release_chore@details@Concurrency@@YAXPAU_Threadpool_chore@12@@Z

  ?_Schedule_chore@details@Concurrency@@YAHPAU_Threadpool_chore@12@@Z

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QAEX_N@Z

  ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QAEXXZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

  ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ?getloc@ios_base@std@@QBE?AVlocale@2@XZ

  ?_Incref@facet@locale@std@@UAEXXZ

  ?uncaught_exception@std@@YA_NXZ

  ?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

  ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

  ??1_Lockit@std@@QAE@XZ

  ??0_Lockit@std@@QAE@H@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ??Bid@locale@std@@QAEIXZ

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?id@?$ctype@_W@std@@2V0locale@2@A

  ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

  ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

  ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

  ?widen@?$ctype@_W@std@@QBE_WD@Z

  ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

  ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

  ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

  ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

  ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

  ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

  ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

  ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

  ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

  ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

  ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

  ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

  ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

  ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

  ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

  ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

  userenv

  GetDefaultUserProfileDirectoryW

  CreateEnvironmentBlock

  vcruntime140

  __current_exception

  memset

  memmove

  wcsstr

  __current_exception_context

  __std_exception_copy

  __std_terminate

  _purecall

  __CxxFrameHandler3

  memcpy

  _CxxThrowException

  __std_exception_destroy

  __std_type_info_compare

  _except_handler4_common

  memcmp

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  malloc

  _set_new_mode

  free

  api-ms-win-crt-string-l1-1-0

  towupper

  wcscat_s

  wcscpy_s

  isxdigit

  wcscspn

  _wcsicmp

  wcsncpy_s

  wcstok_s

  iswxdigit

  iswspace

  isalnum

  towlower

  strncmp

  _wcsdup

  _strnicmp

  api-ms-win-crt-runtime-l1-1-0

  _invalid_parameter_noinfo_noreturn

  _initialize_onexit_table

  abort

  terminate

  _register_onexit_function

  _errno

  _initterm_e

  _crt_atexit

  _cexit

  _controlfp_s

  _seh_filter_exe

  _register_thread_local_exe_atexit_callback

  _c_exit

  _set_app_type

  _exit

  exit

  _initterm

  _get_wide_winmain_command_line

  _initialize_wide_environment

  _configure_wide_argv

  api-ms-win-crt-time-l1-1-0

  _time64

  _localtime64_s

  api-ms-win-crt-convert-l1-1-0

  atof

  strtoull

  atol

  strtoll

  _strtod_l

  _wtoi

  api-ms-win-crt-locale-l1-1-0

  _configthreadlocale

  _free_locale

  _create_locale

  api-ms-win-crt-stdio-l1-1-0

  fclose

  __p__commode

  _set_fmode

  __stdio_common_vswprintf

  _wfopen_s

  api-ms-win-crt-math-l1-1-0

  ceil

  __setusermatherr

  gdi32

  GetObjectW

  Sections

  .text

  Size: 323KB - Virtual size: 322KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 136KB - Virtual size: 136KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 26KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 29KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/config/ThirdParty.dat
• __MACOSX/config/Updater.dat

  .exe windows:6 windows x86 arch:x86

  92bba191f69db81509d735d7921249ab

  
  

  Code Sign

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  33:00:00:00:eb:69:aa:cc:3e:29:9f:2d:39:00:00:00:00:00:eb

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:19

  Not After

  23-11-2019 20:19

  Subject

  CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  c4:d3:ae:a7:3c:45:e7:90:29:fa:c9:52:66:36:fe:92:00:36:f5:78:6d:8a:81:dc:be:35:1c:75:46:47:86:cc

  Signer

  Actual PE Digest

  c4:d3:ae:a7:3c:45:e7:90:29:fa:c9:52:66:36:fe:92:00:36:f5:78:6d:8a:81:dc:be:35:1c:75:46:47:86:cc

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  49:12:ea:06:41:3c:af:17:33:d3:ca:f4:0b:ca:fd:7e:54:30:d5:96

  Signer

  Actual PE Digest

  49:12:ea:06:41:3c:af:17:33:d3:ca:f4:0b:ca:fd:7e:54:30:d5:96

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  d:\dbs\sh\odct\0423_142515\client\onedrive\Product\UpdaterService\exe\obj\i386\OneDriveUpdaterService.pdb

  Imports

  rpcrt4

  RpcStringFreeW

  RpcServerRegisterIfEx

  RpcServerUseProtseqW

  RpcServerInqBindings

  NdrServerCall2

  RpcBindingVectorFree

  RpcEpUnregister

  UuidToStringW

  RpcServerUnregisterIf

  RpcServerInqCallAttributesW

  RpcBindingFree

  RpcStringBindingComposeW

  RpcBindingFromStringBindingW

  RpcEpRegisterW

  RpcBindingSetAuthInfoExW

  kernel32

  SetFilePointer

  LockFile

  OutputDebugStringA

  GetDiskFreeSpaceW

  WriteFile

  GetFullPathNameW

  HeapCreate

  ReadFile

  AreFileApisANSI

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  TryEnterCriticalSection

  GetCurrentThreadId

  InitOnceExecuteOnce

  DeviceIoControl

  FindFirstFileW

  CompareFileTime

  FindNextFileW

  FindClose

  SetFileTime

  GetCommandLineW

  CreateDirectoryW

  WerRegisterFile

  WerUnregisterFile

  LocalAlloc

  OpenProcess

  MoveFileW

  TerminateProcess

  GetCurrentProcess

  GetUserDefaultLCID

  GetProductInfo

  IsWow64Process

  GetUserDefaultLocaleName

  GetComputerNameW

  VerSetConditionMask

  VerifyVersionInfoW

  GetDiskFreeSpaceExW

  PostQueuedCompletionStatus

  GetQueuedCompletionStatus

  ReadDirectoryChangesW

  CreateIoCompletionPort

  OpenFileById

  GetFinalPathNameByHandleW

  CompareStringOrdinal

  CreateProcessW

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  FindFirstVolumeW

  FindNextVolumeW

  FindVolumeClose

  GetFileSizeEx

  GetEnvironmentVariableW

  CompareStringW

  GetCPInfo

  UnmapViewOfFile

  HeapValidate

  HeapSize

  Sleep

  GetTempPathA

  FormatMessageW

  GetDiskFreeSpaceA

  GetFileAttributesA

  GetFileAttributesExW

  OutputDebugStringW

  FlushViewOfFile

  CreateFileA

  LoadLibraryA

  WaitForSingleObjectEx

  DeleteFileA

  HeapReAlloc

  GetSystemInfo

  LoadLibraryW

  HeapCompact

  HeapDestroy

  UnlockFile

  CreateFileMappingA

  LocalFree

  LockFileEx

  GetFileSize

  SystemTimeToFileTime

  WideCharToMultiByte

  GetSystemTimeAsFileTime

  GetSystemTime

  FormatMessageA

  CreateFileMappingW

  MapViewOfFile

  QueryPerformanceCounter

  GetTickCount

  CreateTimerQueueTimer

  FlushFileBuffers

  GetTimeZoneInformation

  GetNativeSystemInfo

  GetVersionExW

  GetModuleFileNameW

  GetSystemPowerStatus

  GetProcessHeap

  HeapFree

  HeapAlloc

  GlobalMemoryStatusEx

  SetLastError

  SwitchToThread

  GetModuleHandleExW

  FreeLibrary

  GetFullPathNameA

  DeleteFileW

  GetTempPathW

  GetModuleHandleW

  GetProcAddress

  GetCurrentProcessId

  SetDllDirectoryW

  DeleteCriticalSection

  DecodePointer

  RaiseException

  CloseHandle

  GetLastError

  InitializeCriticalSectionEx

  LCMapStringW

  GetLocaleInfoW

  SetEvent

  ResetEvent

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetStartupInfoW

  InitializeSListHead

  CreateTimerQueue

  SignalObjectAndWait

  CreateThread

  SetThreadPriority

  GetThreadPriority

  SetEndOfFile

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  CreateEventW

  InitializeCriticalSectionAndSpinCount

  IsProcessorFeaturePresent

  QueueUserWorkItem

  EncodePointer

  GetExitCodeThread

  GetCurrentThread

  AcquireSRWLockShared

  AcquireSRWLockExclusive

  ReleaseSRWLockShared

  ReleaseSRWLockExclusive

  UnlockFileEx

  DuplicateHandle

  QueryPerformanceFrequency

  GetStringTypeW

  IsDebuggerPresent

  GetLogicalProcessorInformation

  GetLongPathNameW

  LoadLibraryExA

  VirtualQuery

  VirtualProtect

  ChangeTimerQueueTimer

  DeleteTimerQueueTimer

  GetNumaHighestNodeNumber

  CreateMutexW

  WaitForSingleObject

  CreateFileW

  WaitForMultipleObjects

  CopyFileW

  RemoveDirectoryW

  GetTempFileNameW

  GetProcessAffinityMask

  SetThreadAffinityMask

  RegisterWaitForSingleObject

  UnregisterWait

  WriteConsoleW

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineA

  FindFirstFileExW

  GetOEMCP

  GetACP

  IsValidCodePage

  ReadConsoleW

  SetStdHandle

  GetCurrentDirectoryW

  SetFilePointerEx

  GetConsoleMode

  GetConsoleCP

  EnumSystemLocalesW

  IsValidLocale

  GetTimeFormatW

  GetDateFormatW

  GetStdHandle

  ExitProcess

  MoveFileExW

  FileTimeToSystemTime

  SystemTimeToTzSpecificLocalTime

  PeekNamedPipe

  GetFileType

  GetFileInformationByHandle

  GetDriveTypeW

  ExitThread

  RtlUnwind

  UnregisterWaitEx

  QueryDepthSList

  InterlockedFlushSList

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  ReleaseSemaphore

  VirtualFree

  VirtualAlloc

  LoadLibraryExW

  GetModuleHandleA

  FreeLibraryAndExitThread

  MultiByteToWideChar

  GetFileAttributesW

  GetThreadTimes

  advapi32

  OpenProcessToken

  LookupAccountNameW

  ConvertStringSecurityDescriptorToSecurityDescriptorW

  FreeSid

  GetAclInformation

  StartServiceW

  QueryServiceConfigW

  CreateWellKnownSid

  ControlService

  QueryServiceStatusEx

  DeleteService

  SetNamedSecurityInfoW

  SetEntriesInAclW

  AllocateAndInitializeSid

  GetNamedSecurityInfoW

  CreateProcessAsUserW

  DuplicateTokenEx

  OpenServiceW

  SetServiceStatus

  RegisterServiceCtrlHandlerW

  StartServiceCtrlDispatcherW

  CloseServiceHandle

  ChangeServiceConfig2W

  CreateServiceW

  OpenSCManagerW

  RegUnLoadKeyW

  RegLoadKeyW

  RegEnumKeyW

  RegCreateKeyTransactedW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  RegEnumValueW

  ConvertSidToStringSidW

  GetTokenInformation

  GetUserNameW

  RegSetValueExW

  RegQueryInfoKeyW

  RegSetKeyValueW

  RegCreateKeyExW

  RegCloseKey

  RegQueryValueExW

  RegOpenKeyExW

  RegGetValueW

  EventWriteTransfer

  EventUnregister

  EventRegister

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptImportKey

  CryptGetHashParam

  CryptSetHashParam

  CryptDestroyKey

  CryptReleaseContext

  CryptAcquireContextW

  DeregisterEventSource

  RegisterEventSourceW

  ReportEventW

  RegNotifyChangeKeyValue

  shell32

  SHCreateDirectoryExW

  SHGetKnownFolderPath

  SHGetSpecialFolderPathW

  SHChangeNotify

  ShellExecuteExW

  SHGetFolderPathW

  SHGetFolderPathAndSubDirW

  SHLoadNonloadedIconOverlayIdentifiers

  SHFileOperationW

  ole32

  StringFromGUID2

  CoTaskMemFree

  CoUninitialize

  CoInitialize

  CoCreateInstance

  CLSIDFromString

  CoSetProxyBlanket

  CoInitializeEx

  CoTaskMemAlloc

  CoCreateGuid

  oleaut32

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocStringLen

  SysFreeString

  SysAllocString

  GetRecordInfoFromTypeInfo

  LoadRegTypeLi

  LoadTypeLi

  crypt32

  CryptStringToBinaryW

  CryptBinaryToStringW

  CertVerifyCertificateChainPolicy

  ktmw32

  CreateTransaction

  CommitTransaction

  RollbackTransaction

  psapi

  GetModuleFileNameExW

  secur32

  GetUserNameExW

  shlwapi

  StrStrIW

  SHDeleteKeyW

  SHCreateStreamOnFileW

  SHDeleteValueW

  SHCreateStreamOnFileEx

  SHSetValueW

  PathRemoveFileSpecW

  PathIsRelativeW

  PathFileExistsW

  PathFindFileNameW

  SHGetValueW

  PathIsDirectoryW

  SHRegGetBoolUSValueW

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  wininet

  InternetConnectA

  InternetCloseHandle

  InternetReadFile

  InternetQueryDataAvailable

  InternetGetConnectedState

  InternetSetStatusCallbackA

  HttpOpenRequestA

  HttpAddRequestHeadersA

  HttpSendRequestA

  HttpQueryInfoA

  InternetOpenA

  InternetSetOptionW

  iphlpapi

  GetAdaptersInfo

  userenv

  CreateEnvironmentBlock

  wintrust

  WTHelperProvDataFromStateData

  WTHelperGetProvSignerFromChain

  WinVerifyTrustEx

  urlmon

  URLOpenStreamW

  Exports

  Exports

  ??0EventProperties@Telemetry@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0EventProperties@Telemetry@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ??0EventProperties@Telemetry@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@@std@@@2@@5@@Z

  ??0EventProperties@Telemetry@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$initializer_list@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@@std@@@5@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@$$QAU0123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@CW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@EW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@FW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@GW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@HW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@IW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@JW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@NW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@PBDW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@UGUID_t@123@W4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@Utime_ticks_t@123@W4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@XZ

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@_JW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@_KW4PiiKind@123@@Z

  ??0EventProperty@Telemetry@Applications@Microsoft@@QAE@_NW4PiiKind@123@@Z

  ??0GUID_t@Telemetry@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0GUID_t@Telemetry@Applications@Microsoft@@QAE@HHHABV?$initializer_list@E@std@@@Z

  ??0GUID_t@Telemetry@Applications@Microsoft@@QAE@PBD@Z

  ??0GUID_t@Telemetry@Applications@Microsoft@@QAE@QBE_N@Z

  ??0GUID_t@Telemetry@Applications@Microsoft@@QAE@U_GUID@@@Z

  ??0GUID_t@Telemetry@Applications@Microsoft@@QAE@XZ

  ??0ILogger@Telemetry@Applications@Microsoft@@QAE@$$QAV0123@@Z

  ??0ILogger@Telemetry@Applications@Microsoft@@QAE@ABV0123@@Z

  ??0ILogger@Telemetry@Applications@Microsoft@@QAE@XZ

  ??0LogConfiguration@Telemetry@Applications@Microsoft@@QAE@$$QAU0123@@Z

  ??0LogConfiguration@Telemetry@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0LogConfiguration@Telemetry@Applications@Microsoft@@QAE@XZ

  ??0time_ticks_t@Telemetry@Applications@Microsoft@@QAE@ABU0123@@Z

  ??0time_ticks_t@Telemetry@Applications@Microsoft@@QAE@PB_J@Z

  ??0time_ticks_t@Telemetry@Applications@Microsoft@@QAE@XZ

  ??0time_ticks_t@Telemetry@Applications@Microsoft@@QAE@_K@Z

  ??1EventProperties@Telemetry@Applications@Microsoft@@UAE@XZ

  ??1EventProperty@Telemetry@Applications@Microsoft@@UAE@XZ

  ??1LogConfiguration@Telemetry@Applications@Microsoft@@UAE@XZ

  ??1LogManager@Telemetry@Applications@Microsoft@@MAE@XZ

  ??4EventProperties@Telemetry@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4EventProperties@Telemetry@Applications@Microsoft@@QAEAAV0123@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@@std@@@2@@std@@@Z

  ??4EventProperties@Telemetry@Applications@Microsoft@@QAEAAV0123@V?$initializer_list@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@@std@@@std@@@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@C@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@E@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@F@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@G@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@H@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@I@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@J@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@N@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@PBD@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@UGUID_t@123@@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@Utime_ticks_t@123@@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@_J@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@_K@Z

  ??4EventProperty@Telemetry@Applications@Microsoft@@QAEAAU0123@_N@Z

  ??4GUID_t@Telemetry@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??4ILogger@Telemetry@Applications@Microsoft@@QAEAAV0123@$$QAV0123@@Z

  ??4ILogger@Telemetry@Applications@Microsoft@@QAEAAV0123@ABV0123@@Z

  ??4LogConfiguration@Telemetry@Applications@Microsoft@@QAAAAU0123@ABU0123@@Z

  ??4time_ticks_t@Telemetry@Applications@Microsoft@@QAEAAU0123@ABU0123@@Z

  ??YEventProperties@Telemetry@Applications@Microsoft@@QAEAAV0123@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@@std@@@2@@std@@@Z

  ??_7EventProperties@Telemetry@Applications@Microsoft@@6B@

  ??_7EventProperty@Telemetry@Applications@Microsoft@@6B@

  ??_7ILogger@Telemetry@Applications@Microsoft@@6B@

  ??_7LogConfiguration@Telemetry@Applications@Microsoft@@6B@

  ??_7LogManager@Telemetry@Applications@Microsoft@@6B@

  ?AddEventListener@LogManager@Telemetry@Applications@Microsoft@@SAXW4DebugEventType@234@AAVDebugEventListener@234@@Z

  ?DispatchEvent@LogManager@Telemetry@Applications@Microsoft@@SA_NAAVDebugEvent@234@@Z

  ?DispatchEvent@LogManager@Telemetry@Applications@Microsoft@@SA_NW4DebugEventType@234@@Z

  ?Flush@LogManager@Telemetry@Applications@Microsoft@@SAXXZ

  ?FlushAndTeardown@LogManager@Telemetry@Applications@Microsoft@@SAXXZ

  ?GetLogger@LogManager@Telemetry@Applications@Microsoft@@SAPAVILogger@234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

  ?GetLogger@LogManager@Telemetry@Applications@Microsoft@@SAPAVILogger@234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?GetLogger@LogManager@Telemetry@Applications@Microsoft@@SAPAVILogger@234@XZ

  ?GetName@EventProperties@Telemetry@Applications@Microsoft@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?GetPiiProperties@EventProperties@Telemetry@Applications@Microsoft@@QBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@U?$pair@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@Telemetry@Applications@Microsoft@@@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@U?$pair@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PiiKind@Telemetry@Applications@Microsoft@@@2@@std@@@2@@std@@XZ

  ?GetPolicyBitFlags@EventProperties@Telemetry@Applications@Microsoft@@QBE_KXZ

  ?GetPriority@EventProperties@Telemetry@Applications@Microsoft@@QBE?AW4EventPriority@234@XZ

  ?GetProperties@EventProperties@Telemetry@Applications@Microsoft@@QBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@Telemetry@Applications@Microsoft@@@std@@@2@@std@@XZ

  ?GetProperties@LogConfiguration@Telemetry@Applications@Microsoft@@QBAXAAV?$map@PBDPBDU?$less@PBD@std@@V?$allocator@U?$pair@QBDPBD@std@@@2@@std@@@Z

  ?GetProperty@LogConfiguration@Telemetry@Applications@Microsoft@@QBAPBDPBD@Z

  ?GetSemanticContext@LogManager@Telemetry@Applications@Microsoft@@SAPAVISemanticContext@234@XZ

  ?GetTimestamp@EventProperties@Telemetry@Applications@Microsoft@@QBE_JXZ

  ?GetTransmitProfileName@LogManager@Telemetry@Applications@Microsoft@@SAPBDW4TransmitProfile@234@@Z

  ?GetType@EventProperties@Telemetry@Applications@Microsoft@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?Initialize@LogManager@Telemetry@Applications@Microsoft@@SAPAVILogger@234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?Initialize@LogManager@Telemetry@Applications@Microsoft@@SAPAVILogger@234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABULogConfiguration@234@@Z

  ?LoadTransmitProfiles@LogManager@Telemetry@Applications@Microsoft@@SA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?PauseTransmission@LogManager@Telemetry@Applications@Microsoft@@SAXXZ

  ?RemoveEventListener@LogManager@Telemetry@Applications@Microsoft@@SAXW4DebugEventType@234@AAVDebugEventListener@234@@Z

  ?ResetTransmitProfiles@LogManager@Telemetry@Applications@Microsoft@@SAXXZ

  ?ResumeTransmission@LogManager@Telemetry@Applications@Microsoft@@SAXXZ

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CW4PiiKind@234@@Z

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@EW4PiiKind@234@@Z

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@FW4PiiKind@234@@Z

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@GW4PiiKind@234@@Z

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HW4PiiKind@234@@Z

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IW4PiiKind@234@@Z

  ?SetContext@ILogger@Telemetry@Applications@Microsoft@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_KW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0W4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@EW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@FW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@GW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@NW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UGUID_t@234@W4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Utime_ticks_t@234@W4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_JW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_KW4PiiKind@234@@Z

  ?SetContext@LogManager@Telemetry@Applications@Microsoft@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_NW4PiiKind@234@@Z

  ?SetName@EventProperties@Telemetry@Applications@Microsoft@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetPolicyBitFlags@EventProperties@Telemetry@Applications@Microsoft@@QAEX_K@Z

  ?SetPriority@EventProperties@Telemetry@Applications@Microsoft@@QAEXW4EventPriority@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@EW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@FW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@GW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@NW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UEventProperty@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UGUID_t@234@W4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Utime_ticks_t@234@W4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V56@W4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_JW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_KW4PiiKind@234@@Z

  ?SetProperty@EventProperties@Telemetry@Applications@Microsoft@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_NW4PiiKind@234@@Z

  ?SetProperty@LogConfiguration@Telemetry@Applications@Microsoft@@QAAXPBD0@Z

  ?SetTimestamp@EventProperties@Telemetry@Applications@Microsoft@@QAEX_J@Z

  ?SetTransmitProfile@LogManager@Telemetry@Applications@Microsoft@@SAXW4TransmitProfile@234@@Z

  ?SetTransmitProfile@LogManager@Telemetry@Applications@Microsoft@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?SetType@EventProperties@Telemetry@Applications@Microsoft@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

  ?UploadNow@LogManager@Telemetry@Applications@Microsoft@@SAXXZ

  ?checkup@LogManager@Telemetry@Applications@Microsoft@@KAXXZ

  ?clear@EventProperty@Telemetry@Applications@Microsoft@@QAEXXZ

  ?empty@EventProperty@Telemetry@Applications@Microsoft@@QAE_NXZ

  ?to_bytes@GUID_t@Telemetry@Applications@Microsoft@@QAEXAAY0BA@E@Z

  ?to_string@EventProperty@Telemetry@Applications@Microsoft@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

  ?type_name@EventProperty@Telemetry@Applications@Microsoft@@SAPBDI@Z

  Sections

  .text

  Size: 1.6MB - Virtual size: 1.6MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 425KB - Virtual size: 424KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 79KB - Virtual size: 92KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .didat

  Size: 512B - Virtual size: 36B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 84KB - Virtual size: 84KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/config/msvcp140.dll

  .dll windows:6 windows x86 arch:x86

  6dbd7763e94344402d4206b7bab40e1f

  
  

  Code Sign

  33:00:00:01:0c:6c:23:05:0b:07:99:1e:cd:00:00:00:00:01:0c

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:FC41-4BD4-D220,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Signer

  Actual PE Digest

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Signer

  Actual PE Digest

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

  Imports

  vcruntime140

  _except_handler4_common

  __uncaught_exceptions

  __uncaught_exception

  memmove

  __std_terminate

  _purecall

  __CxxFrameHandler3

  _CxxThrowException

  __AdjustPointer

  __processing_throw

  __current_exception

  __std_exception_destroy

  __std_exception_copy

  memset

  memcmp

  memchr

  __std_type_info_destroy_list

  memcpy

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  calloc

  malloc

  realloc

  api-ms-win-crt-locale-l1-1-0

  ___mb_cur_max_func

  ___lc_locale_name_func

  ___lc_collate_cp_func

  localeconv

  ___lc_codepage_func

  _lock_locales

  _unlock_locales

  setlocale

  __pctype_func

  api-ms-win-crt-string-l1-1-0

  __strncnt

  tolower

  isalnum

  isxdigit

  isspace

  wcsnlen

  isdigit

  wcscpy_s

  _wcsdup

  islower

  isupper

  iswctype

  strcspn

  api-ms-win-crt-runtime-l1-1-0

  _cexit

  _execute_onexit_table

  _register_onexit_function

  _set_new_handler

  terminate

  _crt_atexit

  _invalid_parameter_noinfo_noreturn

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  abort

  _initterm

  _initterm_e

  _initialize_onexit_table

  _beginthreadex

  _endthreadex

  _errno

  api-ms-win-crt-stdio-l1-1-0

  fputwc

  ungetc

  setvbuf

  fwrite

  _fseeki64

  fsetpos

  fread

  fputs

  fgetc

  fflush

  fclose

  _get_stream_buffer_pointers

  _wfsopen

  _fsopen

  __acrt_iob_func

  fgetpos

  fseek

  fputc

  __stdio_common_vsprintf_s

  fgetwc

  ungetwc

  api-ms-win-crt-math-l1-1-0

  ldexp

  _CIpow

  _CIlog

  frexp

  api-ms-win-crt-convert-l1-1-0

  btowc

  strtod

  strtof

  api-ms-win-crt-filesystem-l1-1-0

  _wchdir

  _wrmdir

  _unlock_file

  _wremove

  _lock_file

  _wrename

  api-ms-win-crt-time-l1-1-0

  _W_Getdays

  _Getmonths

  _Strftime

  _Wcsftime

  _Getdays

  _Gettnames

  _W_Gettnames

  _W_Getmonths

  api-ms-win-crt-environment-l1-1-0

  _wgetcwd

  api-ms-win-crt-utility-l1-1-0

  rand_s

  kernel32

  RtlCaptureStackBackTrace

  DuplicateHandle

  WaitForSingleObjectEx

  Sleep

  GetCurrentProcess

  SwitchToThread

  GetCurrentThread

  GetCurrentThreadId

  GetExitCodeThread

  GetNativeSystemInfo

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetStringTypeW

  MultiByteToWideChar

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  WideCharToMultiByte

  LoadLibraryExA

  FreeLibrary

  VirtualQuery

  VirtualProtect

  GetSystemInfo

  InitializeSListHead

  GetCurrentProcessId

  IsDebuggerPresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetProcAddress

  GetModuleHandleW

  GetTickCount

  GetSystemTimeAsFileTime

  CreateEventW

  InitializeCriticalSectionAndSpinCount

  SetLastError

  GetModuleHandleExW

  QueueUserWorkItem

  IsProcessorFeaturePresent

  CloseHandle

  TryEnterCriticalSection

  FormatMessageW

  CreateHardLinkW

  CopyFileW

  GetLastError

  AreFileApisANSI

  GetTempPathW

  SetFileTime

  SetFilePointerEx

  SetFileAttributesW

  SetEndOfFile

  GetFileInformationByHandle

  GetFileAttributesExW

  GetDiskFreeSpaceExW

  FindNextFileW

  FindFirstFileExW

  FindClose

  CreateFileW

  CreateDirectoryW

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetCPInfo

  RaiseException

  DecodePointer

  EncodePointer

  Exports

  Exports

  ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??0?$_Yarn@D@std@@QAE@ABV01@@Z

  ??0?$_Yarn@D@std@@QAE@PBD@Z

  ??0?$_Yarn@D@std@@QAE@XZ

  ??0?$_Yarn@G@std@@QAE@ABV01@@Z

  ??0?$_Yarn@G@std@@QAE@PBG@Z

  ??0?$_Yarn@G@std@@QAE@XZ

  ??0?$_Yarn@_W@std@@QAE@ABV01@@Z

  ??0?$_Yarn@_W@std@@QAE@PB_W@Z

  ??0?$_Yarn@_W@std@@QAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@D@std@@QAE@PBF_NI@Z

  ??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@G@std@@QAE@I@Z

  ??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@_W@std@@QAE@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0Init@ios_base@std@@QAE@XZ

  ??0_Facet_base@std@@QAE@ABV01@@Z

  ??0_Facet_base@std@@QAE@XZ

  ??0_Init_locks@std@@QAE@XZ

  ??0_Locimp@locale@std@@AAE@ABV012@@Z

  ??0_Locimp@locale@std@@AAE@_N@Z

  ??0_Locinfo@std@@QAE@HPBD@Z

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ??0_Lockit@std@@QAE@XZ

  ??0_Timevec@std@@QAE@ABV01@@Z

  ??0_Timevec@std@@QAE@PAX@Z

  ??0_UShinit@std@@QAE@XZ

  ??0_Winit@std@@QAE@XZ

  ??0codecvt_base@std@@QAE@I@Z

  ??0ctype_base@std@@QAE@I@Z

  ??0facet@locale@std@@IAE@I@Z

  ??0id@locale@std@@QAE@I@Z

  ??0ios_base@std@@IAE@XZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ??0time_base@std@@QAE@I@Z

  ??1?$_Yarn@D@std@@QAE@XZ

  ??1?$_Yarn@G@std@@QAE@XZ

  ??1?$_Yarn@_W@std@@QAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$ctype@D@std@@MAE@XZ

  ??1?$ctype@G@std@@MAE@XZ

  ??1?$ctype@_W@std@@MAE@XZ

  ??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1Init@ios_base@std@@QAE@XZ

  ??1_Facet_base@std@@UAE@XZ

  ??1_Init_locks@std@@QAE@XZ

  ??1_Locimp@locale@std@@MAE@XZ

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??1_Timevec@std@@QAE@XZ

  ??1_UShinit@std@@QAE@XZ

  ??1_Winit@std@@QAE@XZ

  ??1codecvt_base@std@@UAE@XZ

  ??1ctype_base@std@@UAE@XZ

  ??1facet@locale@std@@MAE@XZ

  ??1ios_base@std@@UAE@XZ

  ??1time_base@std@@UAE@XZ

  ??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z

  ??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@G@std@@QAEAAV01@PBG@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z

  ??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z

  ??4Init@ios_base@std@@QAEAAV012@ABV012@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z

  ??4_Facet_base@std@@QAEAAV01@ABV01@@Z

  ??4_Init_locks@std@@QAEAAV01@ABV01@@Z

  ??4_Timevec@std@@QAEAAV01@ABV01@@Z

  ??4_UShinit@std@@QAEAAV01@ABV01@@Z

  ??4_Winit@std@@QAEAAV01@ABV01@@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ??7ios_base@std@@QBE_NXZ

  ??Bid@locale@std@@QAEIXZ

  ??Bios_base@std@@QBE_NXZ

  ??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

  ??_7?$ctype@D@std@@6B@

  ??_7?$ctype@G@std@@6B@

  ??_7?$ctype@_W@std@@6B@

  ??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7_Facet_base@std@@6B@

  ??_7_Locimp@locale@std@@6B@

  ??_7codecvt_base@std@@6B@

  ??_7ctype_base@std@@6B@

  ??_7facet@locale@std@@6B@

  ??_7ios_base@std@@6B@

  ??_7time_base@std@@6B@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$ctype@D@std@@QAEXXZ

  ??_F?$ctype@G@std@@QAEXXZ

  ??_F?$ctype@_W@std@@QAEXXZ

  ??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F_Locinfo@std@@QAEXXZ

  ??_F_Timevec@std@@QAEXXZ

  ??_Fcodecvt_base@std@@QAEXXZ

  ??_Fctype_base@std@@QAEXXZ

  ??_Ffacet@locale@std@@QAEXXZ

  ??_Fid@locale@std@@QAEXXZ

  ??_Ftime_base@std@@QAEXXZ

  ?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_Addstd@ios_base@std@@SAXPAV12@@Z

  ?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z

  ?_Atexit@@YAXP6AXXZ@Z

  ?_BADOFF@std@@3_JB

  ?_C_str@?$_Yarn@D@std@@QBEPBDXZ

  ?_C_str@?$_Yarn@G@std@@QBEPBGXZ

  ?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Callfns@ios_base@std@@AAEXW4event@12@@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_Clocptr@_Locimp@locale@std@@0PAV123@A

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Donarrow@?$ctype@G@std@@IBEDGD@Z

  ?_Donarrow@?$ctype@_W@std@@IBED_WD@Z

  ?_Dowiden@?$ctype@G@std@@IBEGD@Z

  ?_Dowiden@?$ctype@_W@std@@IBE_WD@Z

  ?_Empty@?$_Yarn@D@std@@QBE_NXZ

  ?_Empty@?$_Yarn@G@std@@QBE_NXZ

  ?_Empty@?$_Yarn@_W@std@@QBE_NXZ

  ?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z

  ?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z

  ?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z

  ?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ

  ?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ

  ?_Getdateorder@_Locinfo@std@@QBEHXZ

  ?_Getdays@_Locinfo@std@@QBEPBDXZ

  ?_Getfalse@_Locinfo@std@@QBEPBDXZ

  ?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z

  ?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z

  ?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z

  ?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

  ?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ

  ?_Getmonths@_Locinfo@std@@QBEPBDXZ

  ?_Getname@_Locinfo@std@@QBEPBDXZ

  ?_Getptr@_Timevec@std@@QBEPAXXZ

  ?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ

  ?_Gettrue@_Locinfo@std@@QBEPBDXZ

  ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Id_cnt@id@locale@std@@0HA

  ?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Index@ios_base@std@@0HA

  Sections

  .text

  Size: 394KB - Virtual size: 393KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .didat

  Size: 512B - Virtual size: 52B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 1008B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/config/vcruntime140.dll

  .dll windows:6 windows x86 arch:x86

  6a84b7445ccacd5d29ac27de2745f356

  
  

  Code Sign

  33:00:00:01:07:63:a5:19:2a:11:27:e5:d9:00:00:00:00:01:07

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:AB41-4B27-F026,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Signer

  Actual PE Digest

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Signer

  Actual PE Digest

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  abort

  terminate

  api-ms-win-crt-heap-l1-1-0

  calloc

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  wcsncmp

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf_s

  api-ms-win-crt-convert-l1-1-0

  atol

  kernel32

  DeleteCriticalSection

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  GetModuleHandleW

  GetModuleFileNameW

  LoadLibraryExW

  GetProcAddress

  FreeLibrary

  RtlUnwind

  VirtualQuery

  EncodePointer

  InterlockedPushEntrySList

  InterlockedFlushSList

  RaiseException

  EnterCriticalSection

  LeaveCriticalSection

  TlsSetValue

  GetLastError

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsFree

  Exports

  Exports

  _CreateFrameInfo

  _CxxThrowException

  _EH_prolog

  _FindAndUnlinkFrame

  _IsExceptionObjectToBeDestroyed

  _NLG_Dispatch2

  _NLG_Return

  _NLG_Return2

  _SetWinRTOutOfMemoryExceptionCallback

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxLongjmpUnwind

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __GetPlatformExceptionInfo

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __TypeMatch

  __current_exception

  __current_exception_context

  __intrinsic_setjmp

  __processing_throw

  __report_gsfailure

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_compare

  __std_type_info_destroy_list

  __std_type_info_hash

  __std_type_info_name

  __telemetry_main_invoke_trigger

  __telemetry_main_return_trigger

  __unDName

  __unDNameEx

  __uncaught_exception

  __uncaught_exceptions

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_InitializeCriticalSectionEx

  __vcrt_LoadLibraryExW

  _chkesp

  _except_handler2

  _except_handler3

  _except_handler4_common

  _get_purecall_handler

  _get_unexpected

  _global_unwind2

  _is_exception_typeof

  _local_unwind2

  _local_unwind4

  _longjmpex

  _purecall

  _seh_longjmp_unwind

  _seh_longjmp_unwind4

  _set_purecall_handler

  _set_se_translator

  _setjmp3

  longjmp

  memchr

  memcmp

  memcpy

  memmove

  memset

  set_unexpected

  strchr

  strrchr

  strstr

  unexpected

  wcschr

  wcsrchr

  wcsstr

  Sections

  .text

  Size: 55KB - Virtual size: 55KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/msvcp140.dll

  .dll windows:6 windows x86 arch:x86

  6dbd7763e94344402d4206b7bab40e1f

  
  

  Code Sign

  33:00:00:01:0c:6c:23:05:0b:07:99:1e:cd:00:00:00:00:01:0c

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:FC41-4BD4-D220,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Signer

  Actual PE Digest

  52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Signer

  Actual PE Digest

  11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

  Imports

  vcruntime140

  _except_handler4_common

  __uncaught_exceptions

  __uncaught_exception

  memmove

  __std_terminate

  _purecall

  __CxxFrameHandler3

  _CxxThrowException

  __AdjustPointer

  __processing_throw

  __current_exception

  __std_exception_destroy

  __std_exception_copy

  memset

  memcmp

  memchr

  __std_type_info_destroy_list

  memcpy

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  free

  calloc

  malloc

  realloc

  api-ms-win-crt-locale-l1-1-0

  ___mb_cur_max_func

  ___lc_locale_name_func

  ___lc_collate_cp_func

  localeconv

  ___lc_codepage_func

  _lock_locales

  _unlock_locales

  setlocale

  __pctype_func

  api-ms-win-crt-string-l1-1-0

  __strncnt

  tolower

  isalnum

  isxdigit

  isspace

  wcsnlen

  isdigit

  wcscpy_s

  _wcsdup

  islower

  isupper

  iswctype

  strcspn

  api-ms-win-crt-runtime-l1-1-0

  _cexit

  _execute_onexit_table

  _register_onexit_function

  _set_new_handler

  terminate

  _crt_atexit

  _invalid_parameter_noinfo_noreturn

  _initialize_narrow_environment

  _configure_narrow_argv

  _seh_filter_dll

  abort

  _initterm

  _initterm_e

  _initialize_onexit_table

  _beginthreadex

  _endthreadex

  _errno

  api-ms-win-crt-stdio-l1-1-0

  fputwc

  ungetc

  setvbuf

  fwrite

  _fseeki64

  fsetpos

  fread

  fputs

  fgetc

  fflush

  fclose

  _get_stream_buffer_pointers

  _wfsopen

  _fsopen

  __acrt_iob_func

  fgetpos

  fseek

  fputc

  __stdio_common_vsprintf_s

  fgetwc

  ungetwc

  api-ms-win-crt-math-l1-1-0

  ldexp

  _CIpow

  _CIlog

  frexp

  api-ms-win-crt-convert-l1-1-0

  btowc

  strtod

  strtof

  api-ms-win-crt-filesystem-l1-1-0

  _wchdir

  _wrmdir

  _unlock_file

  _wremove

  _lock_file

  _wrename

  api-ms-win-crt-time-l1-1-0

  _W_Getdays

  _Getmonths

  _Strftime

  _Wcsftime

  _Getdays

  _Gettnames

  _W_Gettnames

  _W_Getmonths

  api-ms-win-crt-environment-l1-1-0

  _wgetcwd

  api-ms-win-crt-utility-l1-1-0

  rand_s

  kernel32

  RtlCaptureStackBackTrace

  DuplicateHandle

  WaitForSingleObjectEx

  Sleep

  GetCurrentProcess

  SwitchToThread

  GetCurrentThread

  GetCurrentThreadId

  GetExitCodeThread

  GetNativeSystemInfo

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetStringTypeW

  MultiByteToWideChar

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  WideCharToMultiByte

  LoadLibraryExA

  FreeLibrary

  VirtualQuery

  VirtualProtect

  GetSystemInfo

  InitializeSListHead

  GetCurrentProcessId

  IsDebuggerPresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetProcAddress

  GetModuleHandleW

  GetTickCount

  GetSystemTimeAsFileTime

  CreateEventW

  InitializeCriticalSectionAndSpinCount

  SetLastError

  GetModuleHandleExW

  QueueUserWorkItem

  IsProcessorFeaturePresent

  CloseHandle

  TryEnterCriticalSection

  FormatMessageW

  CreateHardLinkW

  CopyFileW

  GetLastError

  AreFileApisANSI

  GetTempPathW

  SetFileTime

  SetFilePointerEx

  SetFileAttributesW

  SetEndOfFile

  GetFileInformationByHandle

  GetFileAttributesExW

  GetDiskFreeSpaceExW

  FindNextFileW

  FindFirstFileExW

  FindClose

  CreateFileW

  CreateDirectoryW

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetCPInfo

  RaiseException

  DecodePointer

  EncodePointer

  Exports

  Exports

  ??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

  ??0?$_Yarn@D@std@@QAE@ABV01@@Z

  ??0?$_Yarn@D@std@@QAE@PBD@Z

  ??0?$_Yarn@D@std@@QAE@XZ

  ??0?$_Yarn@G@std@@QAE@ABV01@@Z

  ??0?$_Yarn@G@std@@QAE@PBG@Z

  ??0?$_Yarn@G@std@@QAE@XZ

  ??0?$_Yarn@_W@std@@QAE@ABV01@@Z

  ??0?$_Yarn@_W@std@@QAE@PB_W@Z

  ??0?$_Yarn@_W@std@@QAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

  ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

  ??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

  ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z

  ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z

  ??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z

  ??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@D@std@@QAE@PBF_NI@Z

  ??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@G@std@@QAE@I@Z

  ??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$ctype@_W@std@@QAE@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

  ??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

  ??0Init@ios_base@std@@QAE@XZ

  ??0_Facet_base@std@@QAE@ABV01@@Z

  ??0_Facet_base@std@@QAE@XZ

  ??0_Init_locks@std@@QAE@XZ

  ??0_Locimp@locale@std@@AAE@ABV012@@Z

  ??0_Locimp@locale@std@@AAE@_N@Z

  ??0_Locinfo@std@@QAE@HPBD@Z

  ??0_Locinfo@std@@QAE@PBD@Z

  ??0_Lockit@std@@QAE@H@Z

  ??0_Lockit@std@@QAE@XZ

  ??0_Timevec@std@@QAE@ABV01@@Z

  ??0_Timevec@std@@QAE@PAX@Z

  ??0_UShinit@std@@QAE@XZ

  ??0_Winit@std@@QAE@XZ

  ??0codecvt_base@std@@QAE@I@Z

  ??0ctype_base@std@@QAE@I@Z

  ??0facet@locale@std@@IAE@I@Z

  ??0id@locale@std@@QAE@I@Z

  ??0ios_base@std@@IAE@XZ

  ??0task_continuation_context@Concurrency@@AAE@XZ

  ??0time_base@std@@QAE@I@Z

  ??1?$_Yarn@D@std@@QAE@XZ

  ??1?$_Yarn@G@std@@QAE@XZ

  ??1?$_Yarn@_W@std@@QAE@XZ

  ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ

  ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

  ??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ

  ??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ

  ??1?$ctype@D@std@@MAE@XZ

  ??1?$ctype@G@std@@MAE@XZ

  ??1?$ctype@_W@std@@MAE@XZ

  ??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

  ??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

  ??1Init@ios_base@std@@QAE@XZ

  ??1_Facet_base@std@@UAE@XZ

  ??1_Init_locks@std@@QAE@XZ

  ??1_Locimp@locale@std@@MAE@XZ

  ??1_Locinfo@std@@QAE@XZ

  ??1_Lockit@std@@QAE@XZ

  ??1_Timevec@std@@QAE@XZ

  ??1_UShinit@std@@QAE@XZ

  ??1_Winit@std@@QAE@XZ

  ??1codecvt_base@std@@UAE@XZ

  ??1ctype_base@std@@UAE@XZ

  ??1facet@locale@std@@MAE@XZ

  ??1ios_base@std@@UAE@XZ

  ??1time_base@std@@UAE@XZ

  ??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z

  ??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

  ??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@G@std@@QAEAAV01@PBG@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z

  ??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z

  ??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

  ??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z

  ??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z

  ??4Init@ios_base@std@@QAEAAV012@ABV012@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z

  ??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z

  ??4_Facet_base@std@@QAEAAV01@ABV01@@Z

  ??4_Init_locks@std@@QAEAAV01@ABV01@@Z

  ??4_Timevec@std@@QAEAAV01@ABV01@@Z

  ??4_UShinit@std@@QAEAAV01@ABV01@@Z

  ??4_Winit@std@@QAEAAV01@ABV01@@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z

  ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

  ??7ios_base@std@@QBE_NXZ

  ??Bid@locale@std@@QAEIXZ

  ??Bios_base@std@@QBE_NXZ

  ??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

  ??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

  ??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

  ??_7?$codecvt@DDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@GDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@

  ??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@

  ??_7?$ctype@D@std@@6B@

  ??_7?$ctype@G@std@@6B@

  ??_7?$ctype@_W@std@@6B@

  ??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

  ??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

  ??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

  ??_7_Facet_base@std@@6B@

  ??_7_Locimp@locale@std@@6B@

  ??_7codecvt_base@std@@6B@

  ??_7ctype_base@std@@6B@

  ??_7facet@locale@std@@6B@

  ??_7ios_base@std@@6B@

  ??_7time_base@std@@6B@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

  ??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

  ??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

  ??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

  ??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ

  ??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

  ??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ

  ??_F?$ctype@D@std@@QAEXXZ

  ??_F?$ctype@G@std@@QAEXXZ

  ??_F?$ctype@_W@std@@QAEXXZ

  ??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

  ??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

  ??_F_Locinfo@std@@QAEXXZ

  ??_F_Timevec@std@@QAEXXZ

  ??_Fcodecvt_base@std@@QAEXXZ

  ??_Fctype_base@std@@QAEXXZ

  ??_Ffacet@locale@std@@QAEXXZ

  ??_Fid@locale@std@@QAEXXZ

  ??_Ftime_base@std@@QAEXXZ

  ?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z

  ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ

  ?GetNextAsyncId@platform@details@Concurrency@@YAIXZ

  ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ

  ?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z

  ?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

  ?_Addstd@ios_base@std@@SAXPAV12@@Z

  ?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z

  ?_Atexit@@YAXP6AXXZ@Z

  ?_BADOFF@std@@3_JB

  ?_C_str@?$_Yarn@D@std@@QBEPBDXZ

  ?_C_str@?$_Yarn@G@std@@QBEPBGXZ

  ?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ

  ?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z

  ?_Callfns@ios_base@std@@AAEXW4event@12@@Z

  ?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ

  ?_Clocptr@_Locimp@locale@std@@0PAV123@A

  ?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

  ?_Donarrow@?$ctype@G@std@@IBEDGD@Z

  ?_Donarrow@?$ctype@_W@std@@IBED_WD@Z

  ?_Dowiden@?$ctype@G@std@@IBEGD@Z

  ?_Dowiden@?$ctype@_W@std@@IBE_WD@Z

  ?_Empty@?$_Yarn@D@std@@QBE_NXZ

  ?_Empty@?$_Yarn@G@std@@QBE_NXZ

  ?_Empty@?$_Yarn@_W@std@@QBE_NXZ

  ?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z

  ?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z

  ?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z

  ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

  ?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z

  ?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z

  ?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z

  ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

  ?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z

  ?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

  ?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ

  ?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ

  ?_Getdateorder@_Locinfo@std@@QBEHXZ

  ?_Getdays@_Locinfo@std@@QBEPBDXZ

  ?_Getfalse@_Locinfo@std@@QBEPBDXZ

  ?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z

  ?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z

  ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

  ?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z

  ?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z

  ?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z

  ?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z

  ?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

  ?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ

  ?_Getmonths@_Locinfo@std@@QBEPBDXZ

  ?_Getname@_Locinfo@std@@QBEPBDXZ

  ?_Getptr@_Timevec@std@@QBEPAXXZ

  ?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ

  ?_Gettrue@_Locinfo@std@@QBEPBDXZ

  ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ

  ?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ

  ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

  ?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ

  ?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

  ?_Id_cnt@id@locale@std@@0HA

  ?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z

  ?_Incref@facet@locale@std@@UAEXXZ

  ?_Index@ios_base@std@@0HA

  Sections

  .text

  Size: 394KB - Virtual size: 393KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .didat

  Size: 512B - Virtual size: 52B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 1008B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/secur32.dll

  .dll windows:6 windows x86 arch:x86

  3907c47e8084fbc76a844af4738e8353

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  lstrcmpiW

  GetConsoleWindow

  GetCurrentProcess

  CreateFileW

  CloseHandle

  WideCharToMultiByte

  MultiByteToWideChar

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionEx

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  LCMapStringEx

  GetLocaleInfoEx

  GetStringTypeW

  CompareStringEx

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RtlUnwind

  RaiseException

  InterlockedFlushSList

  GetLastError

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetModuleFileNameW

  HeapFree

  HeapAlloc

  GetDateFormatW

  GetTimeFormatW

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  HeapReAlloc

  GetStdHandle

  GetFileType

  GetTimeZoneInformation

  FindClose

  FindFirstFileExW

  FindNextFileW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetEnvironmentVariableW

  GetProcessHeap

  SetFilePointerEx

  SetStdHandle

  HeapSize

  FlushFileBuffers

  WriteFile

  GetConsoleOutputCP

  GetConsoleMode

  WriteConsoleW

  user32

  ShowWindow

  shell32

  SHGetFolderPathW

  Exports

  Exports

  AcceptSecurityContext

  AcquireCredentialsHandleA

  AcquireCredentialsHandleW

  AddCredentialsA

  AddCredentialsW

  AddSecurityPackageA

  AddSecurityPackageW

  ApplyControlToken

  ChangeAccountPasswordA

  ChangeAccountPasswordW

  CloseLsaPerformanceData

  CollectLsaPerformanceData

  CompleteAuthToken

  CredMarshalTargetInfo

  CredUnmarshalTargetInfo

  DecryptMessage

  DeleteSecurityContext

  DeleteSecurityPackageA

  DeleteSecurityPackageW

  EncryptMessage

  EnumerateSecurityPackagesA

  EnumerateSecurityPackagesW

  ExportSecurityContext

  FreeContextBuffer

  FreeCredentialsHandle

  GetComputerObjectNameA

  GetComputerObjectNameW

  GetSecurityUserInfo

  GetUserNameExA

  GetUserNameExW

  ImpersonateSecurityContext

  ImportSecurityContextA

  ImportSecurityContextW

  InitSecurityInterfaceA

  InitSecurityInterfaceW

  InitializeSecurityContextA

  InitializeSecurityContextW

  LsaCallAuthenticationPackage

  LsaConnectUntrusted

  LsaDeregisterLogonProcess

  LsaEnumerateLogonSessions

  LsaFreeReturnBuffer

  LsaGetLogonSessionData

  LsaLogonUser

  LsaLookupAuthenticationPackage

  LsaRegisterLogonProcess

  LsaRegisterPolicyChangeNotification

  LsaUnregisterPolicyChangeNotification

  MakeSignature

  OpenLsaPerformanceData

  QueryContextAttributesA

  QueryContextAttributesW

  QueryCredentialsAttributesA

  QueryCredentialsAttributesW

  QuerySecurityContextToken

  QuerySecurityPackageInfoA

  QuerySecurityPackageInfoW

  RevertSecurityContext

  SaslAcceptSecurityContext

  SaslEnumerateProfilesA

  SaslEnumerateProfilesW

  SaslGetContextOption

  SaslGetProfilePackageA

  SaslGetProfilePackageW

  SaslIdentifyPackageA

  SaslIdentifyPackageW

  SaslInitializeSecurityContextA

  SaslInitializeSecurityContextW

  SaslSetContextOption

  SealMessage

  SeciAllocateAndSetCallFlags

  SeciAllocateAndSetIPAddress

  SeciFreeCallContext

  SecpFreeMemory

  SecpTranslateName

  SecpTranslateNameEx

  SetContextAttributesA

  SetContextAttributesW

  SetCredentialsAttributesA

  SetCredentialsAttributesW

  SspiCompareAuthIdentities

  SspiCopyAuthIdentity

  SspiDecryptAuthIdentity

  SspiEncodeAuthIdentityAsStrings

  SspiEncodeStringsAsAuthIdentity

  SspiEncryptAuthIdentity

  SspiExcludePackage

  SspiFreeAuthIdentity

  SspiGetTargetHostName

  SspiIsAuthIdentityEncrypted

  SspiLocalFree

  SspiMarshalAuthIdentity

  SspiPrepareForCredRead

  SspiPrepareForCredWrite

  SspiUnmarshalAuthIdentity

  SspiValidateAuthIdentity

  SspiZeroAuthIdentity

  TranslateNameA

  TranslateNameW

  UnsealMessage

  VerifySignature

  Sections

  .text

  Size: 279KB - Virtual size: 279KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 77KB - Virtual size: 77KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 248B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 13KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• __MACOSX/vcruntime140.dll

  .dll windows:6 windows x86 arch:x86

  6a84b7445ccacd5d29ac27de2745f356

  
  

  Code Sign

  33:00:00:01:07:63:a5:19:2a:11:27:e5:d9:00:00:00:00:01:07

  Certificate

  Issuer

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  23-08-2018 20:20

  Not After

  23-11-2019 20:20

  Subject

  CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:AB41-4B27-F026,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:11

  Not After

  26-07-2019 20:11

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:33:26:1a:00:00:00:00:00:31

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  31-08-2010 22:19

  Not After

  31-08-2020 22:29

  Subject

  CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  61:16:68:34:00:00:00:00:00:1c

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

  Not Before

  03-04-2007 12:53

  Not After

  03-04-2021 13:03

  Subject

  CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  33:00:00:02:3b:10:df:65:17:47:51:70:ff:00:00:00:00:02:3b

  Certificate

  Issuer

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  12-07-2018 20:07

  Not After

  08-08-2019 20:07

  Subject

  CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  61:0c:52:4c:00:00:00:00:00:03

  Certificate

  Issuer

  CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  06-07-2010 20:40

  Not After

  06-07-2025 20:50

  Subject

  CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Signer

  Actual PE Digest

  7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Signer

  Actual PE Digest

  69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

  Imports

  api-ms-win-crt-runtime-l1-1-0

  abort

  terminate

  api-ms-win-crt-heap-l1-1-0

  calloc

  malloc

  free

  api-ms-win-crt-string-l1-1-0

  strcpy_s

  wcsncmp

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf_s

  api-ms-win-crt-convert-l1-1-0

  atol

  kernel32

  DeleteCriticalSection

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  GetModuleHandleW

  GetModuleFileNameW

  LoadLibraryExW

  GetProcAddress

  FreeLibrary

  RtlUnwind

  VirtualQuery

  EncodePointer

  InterlockedPushEntrySList

  InterlockedFlushSList

  RaiseException

  EnterCriticalSection

  LeaveCriticalSection

  TlsSetValue

  GetLastError

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsFree

  Exports

  Exports

  _CreateFrameInfo

  _CxxThrowException

  _EH_prolog

  _FindAndUnlinkFrame

  _IsExceptionObjectToBeDestroyed

  _NLG_Dispatch2

  _NLG_Return

  _NLG_Return2

  _SetWinRTOutOfMemoryExceptionCallback

  __AdjustPointer

  __BuildCatchObject

  __BuildCatchObjectHelper

  __CxxDetectRethrow

  __CxxExceptionFilter

  __CxxFrameHandler

  __CxxFrameHandler2

  __CxxFrameHandler3

  __CxxLongjmpUnwind

  __CxxQueryExceptionSize

  __CxxRegisterExceptionObject

  __CxxUnregisterExceptionObject

  __DestructExceptionObject

  __FrameUnwindFilter

  __GetPlatformExceptionInfo

  __RTCastToVoid

  __RTDynamicCast

  __RTtypeid

  __TypeMatch

  __current_exception

  __current_exception_context

  __intrinsic_setjmp

  __processing_throw

  __report_gsfailure

  __std_exception_copy

  __std_exception_destroy

  __std_terminate

  __std_type_info_compare

  __std_type_info_destroy_list

  __std_type_info_hash

  __std_type_info_name

  __telemetry_main_invoke_trigger

  __telemetry_main_return_trigger

  __unDName

  __unDNameEx

  __uncaught_exception

  __uncaught_exceptions

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_InitializeCriticalSectionEx

  __vcrt_LoadLibraryExW

  _chkesp

  _except_handler2

  _except_handler3

  _except_handler4_common

  _get_purecall_handler

  _get_unexpected

  _global_unwind2

  _is_exception_typeof

  _local_unwind2

  _local_unwind4

  _longjmpex

  _purecall

  _seh_longjmp_unwind

  _seh_longjmp_unwind4

  _set_purecall_handler

  _set_se_translator

  _setjmp3

  longjmp

  memchr

  memcmp

  memcpy

  memmove

  memset

  set_unexpected

  strchr

  strrchr

  strstr

  unexpected

  wcschr

  wcsrchr

  wcsstr

  Sections

  .text

  Size: 55KB - Virtual size: 55KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ