E:\workspace\MetaTrader5\Build\AVX2\Client\MetaTrader5Tester\Release64\metatester64avx2.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-03-28_418a06603a0a46feba0ebc3448f545d3_ryuk.exe
Resource
win7-20240215-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-03-28_418a06603a0a46feba0ebc3448f545d3_ryuk.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
2024-03-28_418a06603a0a46feba0ebc3448f545d3_ryuk
-
Size
27.8MB
-
MD5
418a06603a0a46feba0ebc3448f545d3
-
SHA1
b48db54d9dc4d83d1feea5710c0007efd3b568db
-
SHA256
7dd46836370fa71e4a0af736c2241be3158fd4f172ea26ca909c97e544174863
-
SHA512
fd7c41e80d7571908eb530170fa1a2742f51ac15c2fbb47e457fea9dbfe5743d8733cbf4b850d69acf75dad55d325380c2d80c74aa636699a52c0894543ad569
-
SSDEEP
196608:6ZD2gIZoJSW0WXtUrD0atEq66eWWWmlkq13ODNZ9rKtOkNJw4vBglgQoWx3xzBDz:6ZD2gcuSWDytShZOD/B+3w45glgnQxzx
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-03-28_418a06603a0a46feba0ebc3448f545d3_ryuk
Files
-
2024-03-28_418a06603a0a46feba0ebc3448f545d3_ryuk.exe windows:6 windows x64 arch:x64
8f22c69b8c1ed277160f7c735d44e839
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
user32
AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeWindowMessageFilter
CharLowerBuffW
CharLowerW
CharNextW
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
ClientToScreen
CloseClipboard
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateMDIWindowW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DeleteMenu
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextExW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EndPaint
EnumDisplayMonitors
EnumWindows
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassLongPtrW
GetClassNameW
GetClientRect
GetClipboardData
GetComboBoxInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetNextDlgGroupItem
GetNextDlgTabItem
GetParent
GetPropW
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentW
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongPtrW
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GrayStringW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
IntersectRect
InvalidateRect
InvertRect
IsCharLowerW
IsChild
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsMenu
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
LockWindowUpdate
MapDialogRect
MapVirtualKeyExW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
NotifyWinEvent
OemToCharA
OffsetRect
OpenClipboard
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ReuseDDElParam
ScreenToClient
ScrollWindow
SendDlgItemMessageA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClassLongPtrW
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongPtrW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SubtractRect
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassW
UnregisterHotKey
UpdateLayeredWindow
UpdateWindow
ValidateRect
WaitMessage
WinHelpW
WindowFromPoint
kernel32
AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AreFileApisANSI
BindIoCompletionCallback
CancelIoEx
CloseHandle
CloseThreadpool
CloseThreadpoolTimer
CloseThreadpoolWork
CompareStringEx
CompareStringW
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateProcessW
CreateSemaphoreW
CreateThread
CreateThreadpool
CreateThreadpoolWork
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumResourceNamesW
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetActiveProcessorCount
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoEx
GetLocaleInfoW
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetTickCount
GetTickCount64
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultUILanguage
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalGetAtomNameW
GlobalLock
GlobalMemoryStatusEx
GlobalReAlloc
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
K32EnumProcessModules
K32GetModuleInformation
K32GetProcessMemoryInfo
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalLock
LocalUnlock
LockFile
LockFileEx
LockResource
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadpoolStackInformation
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureContext
RtlDeleteFunctionTable
RtlInstallFunctionTableCallback
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetLastError
SetPriorityClass
SetStdHandle
SetThreadGroupAffinity
SetThreadPriority
SetThreadStackGuarantee
SetThreadpoolStackInformation
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepConditionVariableSRW
SleepEx
SubmitThreadpoolWork
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
Thread32First
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WaitForThreadpoolWorkCallbacks
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileSectionW
WritePrivateProfileStringW
lstrcmpW
lstrcmpiW
lstrcpyW
GetSystemTimeAsFileTime
CreateEventA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
HeapAlloc
HeapFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetModuleHandleW
LoadResource
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
FlsSetValue
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
RtlUnwindEx
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
gdi32
AbortDoc
AddFontMemResourceEx
Arc
BitBlt
CombineRgn
CopyMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateFontIndirectW
CreateFontW
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExcludeClipRect
ExtCreatePen
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FillRgn
FrameRgn
GdiAlphaBlend
GdiFlush
GdiTransparentBlt
GetBitmapBits
GetBkColor
GetBkMode
GetBoundsRect
GetCharWidthW
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetLayout
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetROP2
GetRgnBox
GetStockObject
GetStretchBltMode
GetSystemPaletteEntries
GetTextAlign
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceW
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
GetWorldTransform
IntersectClipRect
LPtoDP
LineTo
MoveToEx
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PaintRgn
PatBlt
Polygon
Polyline
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
RemoveFontMemResourceEx
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetDIBColorTable
SetGraphicsMode
SetLayout
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutA
TextOutW
ole32
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoLockObjectExternal
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateStreamOnHGlobal
DoDragDrop
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleDuplicateData
OleGetClipboard
OleLockRunning
OleTranslateAccelerator
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromCLSID
shell32
DragFinish
DragQueryFileW
ExtractIconW
InitNetworkAddressControl
SHAppBarMessage
SHCreateItemFromParsingName
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW
oleaut32
LoadTypeLi
OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
VariantChangeType
VariantClear
VariantTimeToSystemTime
advapi32
ChangeServiceConfig2W
CloseServiceHandle
ControlService
CreateServiceW
DeleteService
EnumServicesStatusW
EqualSid
EventRegister
EventUnregister
EventWriteTransfer
GetAce
GetAclInformation
GetFileSecurityW
GetSecurityDescriptorDacl
GetTokenInformation
GetUserNameW
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceConfig2W
QueryServiceConfigW
QueryServiceStatus
QueryServiceStatusEx
RegCloseKey
RegCreateKeyExW
RegDeleteKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegSetValueExW
RegSetValueW
RegisterServiceCtrlHandlerExW
RegisterServiceCtrlHandlerW
SetFileSecurityW
SetServiceStatus
StartServiceCtrlDispatcherW
StartServiceW
winspool.drv
ClosePrinter
DocumentPropertiesW
GetJobW
OpenPrinterW
comdlg32
ChooseColorW
CommDlgExtendedError
GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
ws2_32
FreeAddrInfoW
GetAddrInfoW
InetPtonW
WSAAccept
WSACleanup
WSACloseEvent
WSAConnect
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSARecv
WSAResetEvent
WSASend
WSASocketW
WSAStartup
WSAWaitForMultipleEvents
bind
closesocket
gethostbyname
gethostname
getpeername
htonl
htons
inet_addr
ioctlsocket
listen
recv
select
send
setsockopt
shutdown
comctl32
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
InitCommonControlsEx
PropertySheetW
dwmapi
DwmIsCompositionEnabled
shlwapi
PathCanonicalizeW
PathFindExtensionW
PathFindFileNameW
PathFindNextComponentW
PathIsUNCW
PathIsURLW
PathRemoveBackslashW
PathRemoveExtensionW
PathRemoveFileSpecW
PathSkipRootW
PathStripToRootW
StrFormatKBSizeW
uxtheme
BeginBufferedPaint
BufferedPaintInit
BufferedPaintUnInit
CloseThemeData
DrawThemeBackground
DrawThemeParentBackground
DrawThemeTextEx
EndBufferedPaint
GetCurrentThemeName
GetThemeColor
GetThemePartSize
GetThemeSysFont
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
OpenThemeData
gdiplus
GdipAlloc
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageI
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipFree
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageWidth
GdipSetInterpolationMode
GdiplusShutdown
GdiplusStartup
dbghelp
MiniDumpWriteDump
StackWalk64
SymFunctionTableAccess64
SymGetModuleBase64
SymGetOptions
SymInitialize
SymLoadModule64
SymSetOptions
pdh
PdhAddCounterW
PdhCloseQuery
PdhCollectQueryData
PdhEnumObjectItemsW
PdhGetFormattedCounterValue
PdhLookupPerfNameByIndexW
PdhMakeCounterPathW
PdhOpenQueryW
PdhRemoveCounter
Sections
.text Size: 16.2MB - Virtual size: 16.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 364KB - Virtual size: 61.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 455KB - Virtual size: 455KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.00cfg Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gxfg Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.retplne Size: 512B - Virtual size: 220B
.tls Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.cod0 Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.cod1 Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.cod2 Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 127KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ