e:\builders\release_stable\release_stable\Bin\Release\32\AAWService.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
caf2aeb8d5856eab02f47f7f15c1296f.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
caf2aeb8d5856eab02f47f7f15c1296f.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
caf2aeb8d5856eab02f47f7f15c1296f
-
Size
1005KB
-
MD5
caf2aeb8d5856eab02f47f7f15c1296f
-
SHA1
c794079e130ea8c134839ed886ecf0f4c59f6ab8
-
SHA256
f8773fb3e5c936ab4b43fb0d7e1f2544a2ace39d41e8a7e1c4506cacbc7a39a3
-
SHA512
3656c6fab8133c08be4f782c8c033e5cb72ad4b2e764231f4b179441f9f2eb0c6acdd556458d75dd4c29af23dedfe8eb946d82a417a122f42ecf4d94c246919d
-
SSDEEP
12288:stz14H26B6r6qvGdD5bpQM/8l4OrZqSl8kRBn1nB8Jk2uHFFXhHKSz4gcGWN+g9f:IC8S9ulFRHKSz4gczHEcWVk
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource caf2aeb8d5856eab02f47f7f15c1296f
Files
-
caf2aeb8d5856eab02f47f7f15c1296f.exe windows:6 windows x86 arch:x86
d15e82f9fe31b9c4649e9aad76065300
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
WriteFile
CancelIo
FlushFileBuffers
DisconnectNamedPipe
CreateFileW
CreateNamedPipeW
ConnectNamedPipe
GetLogicalDriveStringsW
GetDriveTypeW
FindClose
FindFirstFileW
GetModuleFileNameW
FindNextFileW
ExpandEnvironmentStringsW
SearchPathW
GetCurrentThreadId
MoveFileW
HeapFree
GetProcessHeap
OutputDebugStringW
FormatMessageW
HeapAlloc
TerminateProcess
SetUnhandledExceptionFilter
SetErrorMode
ReadFile
LocalFree
EnumResourceLanguagesW
FindResourceExW
LoadResource
LockResource
FreeResource
GetModuleHandleW
QueryDosDeviceW
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetVersionExW
ResumeThread
CreateProcessW
GetSystemInfo
CreateMutexW
MultiByteToWideChar
WideCharToMultiByte
GetComputerNameW
GetSystemDefaultUILanguage
GlobalMemoryStatusEx
GetDateFormatW
GetOverlappedResult
GetLocalTime
GetSystemTime
SystemTimeToFileTime
InterlockedExchange
GetCurrentThread
SetThreadPriority
OpenMutexW
ResetEvent
GetFileAttributesW
GetCurrentProcessId
CopyFileW
ProcessIdToSessionId
InterlockedCompareExchange
GetCurrentProcess
SetProcessWorkingSetSize
TryEnterCriticalSection
DeleteFileW
InterlockedIncrement
InterlockedDecrement
GetTickCount
CreateEventW
DebugBreak
IsDebuggerPresent
SetCurrentDirectoryW
TerminateThread
WaitForSingleObject
WaitForMultipleObjects
SetConsoleScreenBufferSize
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
SetConsoleTitleW
AllocConsole
SetEvent
ReleaseMutex
GetLastError
CloseHandle
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteCriticalSection
VirtualFree
VirtualAlloc
lstrlenA
UnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSection
LeaveCriticalSection
HeapSetInformation
EnterCriticalSection
advapi32
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegCreateKeyExW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
DuplicateTokenEx
LookupPrivilegeValueW
AdjustTokenPrivileges
SetTokenInformation
CreateProcessAsUserW
ImpersonateLoggedOnUser
SetSecurityDescriptorGroup
SetSecurityDescriptorSacl
CloseServiceHandle
SetServiceStatus
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
OpenSCManagerW
CreateServiceW
ChangeServiceConfig2W
OpenServiceW
ChangeServiceConfigW
StartServiceW
ControlService
QueryServiceStatusEx
DeleteService
RegOpenKeyExW
RegEnumValueW
RegCloseKey
RegQueryValueExW
EnumServicesStatusExW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
RevertToSelf
RegSetValueExW
psapi
EnumProcesses
GetModuleFileNameExW
GetModuleBaseNameW
rpcrt4
UuidCreate
UuidToStringW
RpcStringFreeW
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
rpapi
RP_SetLogVerbosity
?RP_SetProcessActivityCallback@@YGXP6AXW4ERPActivity@@KKPB_W@Z@Z
RP_SetResponseCallback
RP_SetReportCallback
RP_SetQueryCallback
RP_SetTimeoutCallback
RP_Start
RP_SetSubjectResponse
RP_SetCategoryResponse
RP_Enable
RP_Stop
?RP_ClearCategoryRules@@YGXXZ
RP_CreateCategoryRule
?RP_IsEnabled@@YG_NW4ERPWatchType@@@Z
user32
wsprintfW
MessageBoxW
GetSystemMetrics
GetLastInputInfo
ole32
CoInitialize
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoUninitialize
CoInitializeEx
oleaut32
SysFreeString
SysAllocString
VariantClear
msvcp90
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??1locale@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Incref@facet@locale@std@@QAEXXZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?endl@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@AAV21@@Z
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?rend@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
?rbegin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?_Xfunc@tr1@std@@YAXXZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIPB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?sync_with_stdio@ios_base@std@@SA_N_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
?rend@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$reverse_iterator@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
?rbegin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$reverse_iterator@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?destroy@?$allocator@D@std@@QAEXPAD@Z
?construct@?$allocator@D@std@@QAEXPADABD@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II_W@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??0locale@std@@QAE@XZ
?is@?$ctype@_W@std@@QBE_NF_W@Z
?_Xbad@tr1@std@@YAXW4error_type@regex_constants@12@@Z
?id@?$collate@_W@std@@2V0locale@2@A
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?_Xmem@tr1@std@@YAXXZ
?destroy@?$allocator@_W@std@@QAEXPA_W@Z
?construct@?$allocator@_W@std@@QAEXPA_WAB_W@Z
?_Getcat@?$collate@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?transform@?$collate@_W@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@PB_W0@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
?str@?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0ABV12@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
msvcr90
??0bad_cast@std@@QAE@PBD@Z
_gmtime64_s
_localtime64_s
_vswprintf_c_l
_wtoi
_errno
strtoul
free
towlower
_wcsnicmp
rand
wcsnlen
_wcslwr_s
wcschr
fclose
_wfopen_s
fseek
ftell
fread
fwrite
_wfindfirst64i32
_findclose
_wfindnext64i32
wcscmp
wcslen
_wsplitpath_s
memset
_wfsopen
fwprintf_s
vfwprintf
fwprintf
fflush
wcsftime
fputwc
_wunlink
_vsnwprintf_s
_fdopen
_open_osfhandle
setvbuf
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
signal
_set_abort_behavior
_set_error_mode
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
getenv_s
wcsncpy
iswdigit
wcscpy_s
_beginthreadex
wcsncmp
_swprintf
wcstol
wcsstr
malloc
_vscwprintf
wcstoul
strchr
printf
exit
realloc
_itow_s
_mktime64
_wasctime_s
memmove
__CxxFrameHandler3
_CxxThrowException
abort
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
__winitenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
memmove_s
memcpy_s
_purecall
__iob_func
fprintf
wprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
_time64
_wcsicmp
??0exception@std@@QAE@XZ
_endthread
_beginthread
??_V@YAXPAX@Z
memcpy
crypt32
CertGetNameStringW
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
wintrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
CryptCATCatalogInfoFromContext
shell32
SHGetFolderPathW
SHCreateDirectoryExW
wininet
InternetSetOptionW
InternetQueryOptionW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetOpenW
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
InternetSetStatusCallbackW
userenv
DestroyEnvironmentBlock
CreateEnvironmentBlock
Exports
Exports
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Sections
.text Size: 754KB - Virtual size: 754KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 216KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ