fabookie | Passw0rdz_123_Setup[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

Passw0rdz_123_Setup.7z
Size

17.5MB
MD5

298c0d33bd9343e3e35184ffbe6b4f9f
SHA1

2aae4d37c281dcf2a7e9c40d31231fca84a3eec4
SHA256

c4b2d9a77ff1fff9573932d1925b8a649b4ad72d6e7de4ffec1b42707cd8f758
SHA512

701c11154c1ba7c599d4e55b3d1ebf228cb4dba8d0147e6d52e8b629062dcf1391e6eb257a52da621e901d8058d21a805947b818b039eb8479c3ce296ef88c40
SSDEEP

393216:YGSN6KZYA9s+qpu5fKamNveqHRNPi6v7fn64PfbFKtzGccuaN:LKZ/mNpqvmoER7fnlPfItHyN

Score

10^/10

themida aspackv2 fabookie socelars ffdroider

Malware Config

Extracted

Family

socelars

http://www.iyiqian.com/

http://www.hbgents.top/

http://www.rsnzhy.com/

http://www.znsjis.top/

http://www.fddnice.pw/

http://www.sokoinfo.pw/

http://www.zzhlike.pw/

http://www.wygexde.xyz/

Extracted

Family

ffdroider

http://101.36.107.74

Signatures

Detect Fabookie payload 3 IoCs

resource	yara_rule
static1/unpack001/File/Fri1018ef4aa251c026c.exe	family_fabookie
static1/unpack001/File/gaoou.exe	family_fabookie
static1/unpack001/File/metina_5.exe	family_fabookie

Fabookie family
fabookie
Ffdroider family
ffdroider
Socelars family
socelars

Socelars payload 2 IoCs

resource	yara_rule
static1/unpack001/File/Fri10720d229511df563.exe	family_socelars
static1/unpack001/File/askinstall20.exe	family_socelars

ASPack v2.12-2.42 3 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/File/libcurl.dll	aspack_v212_v242
static1/unpack001/File/libcurlpp.dll	aspack_v212_v242
static1/unpack001/File/libstdc++-6.dll	aspack_v212_v242

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/File/Fri10d184202996a0d7f.exe	themida

Unsigned PE 38 IoCs

Checks for missing Authenticode signature.

resource
unpack001/File/Fri1008c7d6874.exe
unpack001/File/Fri1015b9a4e0b.exe
unpack001/File/Fri1018ef4aa251c026c.exe
unpack001/File/Fri1034cd265b5e0adcd.exe
unpack001/File/Fri103a7805577.exe
unpack001/File/Fri105268dda3.exe
unpack001/File/Fri10584c049c7f.exe
unpack001/File/Fri106e757f6d75.exe
unpack001/File/Fri10720d229511df563.exe
unpack001/File/Fri10acd1e0a9e6.exe
unpack001/File/Fri10b0a06a73706.exe
unpack001/File/Fri10d184202996a0d7f.exe
unpack001/File/Fri10fcc13ae0125c8.exe
unpack001/File/HappyNewYear.exe
unpack001/File/Install.exe
unpack001/File/InstallSetups2024.exe
unpack001/File/IrecCH6.exe
unpack001/File/JoSetp.exe
unpack001/File/MediaBurner.exe
unpack001/File/Ra.exe
unpack001/File/askinstall20.exe
unpack001/File/edffd5ca.exe
unpack001/File/filee.exe
unpack001/File/gaoou.exe
unpack001/File/jg6_6asg.exe
unpack001/File/libcurl.dll
unpack001/File/libcurlpp.dll
unpack001/File/libgcc_s_dw2-1.dll
unpack001/File/libstdc++-6.dll
unpack001/File/libwinpthread-1.dll
unpack001/File/metina_1.exe
unpack001/File/metina_2.exe
unpack001/File/metina_3.exe
unpack001/File/metina_4.exe
unpack001/File/metina_5.exe
unpack001/File/metina_6.exe
unpack001/File/metina_7.exe
unpack001/File/xiuhuali.exe

Files

Passw0rdz_123_Setup.7z
.7z

Password: 123
File/CBCbrow.exe
.exe windows:4 windows x86 arch:x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

0d:19:16:e8:2e:52:7f:d8
Certificate

Issuer

CN=ɳɯДɯʓS

Not Before

20/04/2021, 07:00

Not After

21/04/2026, 07:00

Subject

CN=ɳɯДɯʓS

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e2:c1:b6:ba:7a:03:eb:1a:2f:cb:4f:d1:a8:ed:51:7b:8c:a5:ea:14:36:a2:eb:45:68:51:31:a9:38:74:23
Signer

Actual PE Digest

45:e2:c1:b6:ba:7a:03:eb:1a:2f:cb:4f:d1:a8:ed:51:7b:8c:a5:ea:14:36:a2:eb:45:68:51:31:a9:38:74:23

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri1008c7d6874.exe
.exe windows:5 windows x86 arch:x86

Password: 123

d5dd97af588db149eb9c6641a9b57887

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
CreateFileW
GetLastError
lstrcatW
CloseHandle
RaiseException
DecodePointer
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
GetFileType
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
LocalFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
GetCommandLineA
GetCommandLineW
GetACP
HeapFree
HeapAlloc
HeapSize
HeapReAlloc
CompareStringW
LCMapStringW
FindClose
FindFirstFileExA

ole32

CoSetProxyBlanket
CoInitializeSecurity
CoInitialize
CoCreateInstance

oleaut32

SafeArrayGetDim
VariantInit
SafeArrayGetUBound
SafeArrayGetLBound
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysStringLen
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayAccessData
VariantClear
GetErrorInfo

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri1015b9a4e0b.exe
.exe windows:5 windows x86 arch:x86

Password: 123

5dbcbed365563713c1a9bb2780528a54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\mepinar20\dopocunise57\kelagiwubeboma\bupo l.pdb

Imports

kernel32

GetCommandLineW
GetLocaleInfoA
LoadResource
HeapAlloc
InterlockedDecrement
GetEnvironmentStringsW
WaitForSingleObject
AddConsoleAliasW
SetEvent
GetEnvironmentStrings
ReadFileScatter
LeaveCriticalSection
GetFileAttributesA
FindNextVolumeW
CreateActCtxA
GetDevicePowerState
GetProcAddress
FreeUserPhysicalPages
VerLanguageNameW
WriteConsoleA
GetProcessId
LocalAlloc
RemoveDirectoryW
EnumResourceTypesW
GetModuleFileNameA
GetModuleHandleA
EraseTape
ReleaseMutex
EndUpdateResourceA
LocalSize
FindFirstVolumeW
FindNextVolumeA
lstrcpyW
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
HeapFree
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetLastError
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
CreateFileA

user32

SetCursorPos

Exports

Exports

@SetViceVariants@12

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/Fri1018ef4aa251c026c.exe
.exe windows:6 windows x64 arch:x64

Password: 123

0e0b1327b851d652046461e0a8be7593

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\workspace\workspace_c\shellcode_ms\SCY7VJ5UA3Du3GAh1_jm1\x64\Release\SCY7VJ5UA3Du3GAh1_jm1.pdb

Imports

kernel32

AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
LocalFree
GetLastError
FormatMessageW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetStringTypeW
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetEvent
ResetEvent
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
QueryPerformanceFrequency
GetCurrentThread
GetThreadTimes
RtlUnwindEx
InterlockedPushEntrySList
RtlPcToFileHeader
RaiseException
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
WriteConsoleW
Sleep
OutputDebugStringA
RtlUnwind

advapi32

RegOpenKeyExW
RegSetValueExW
RegCreateKeyW
RegCloseKey

shell32

SHGetFolderPathW

winhttp

WinHttpQueryDataAvailable
WinHttpConnect
WinHttpReceiveResponse
WinHttpOpen
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpSetCredentials

crypt32

CryptUnprotectData

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri1034cd265b5e0adcd.exe
.exe windows:5 windows x86 arch:x86

Password: 123

4cfda23baf1e2e983ddfeca47a5c755a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

SHAutoComplete

kernel32

FindClose
FindNextFileW
FindFirstFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetLocaleInfoW
GetNumberFormatW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
WaitForSingleObject
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetExitCodeProcess
GetTempPathW
MoveFileExW
UnmapViewOfFile
Sleep
MapViewOfFile
GetCommandLineW
CreateFileMappingW
GetTickCount
OpenFileMappingW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
GetProcessAffinityMask
CreateEventW
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
SetEvent
SetThreadPriority
SystemTimeToFileTime
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
LocalFileTimeToFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
SetFileTime
SetFileAttributesW
SetCurrentDirectoryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
RaiseException
GetFileAttributesW
FlushFileBuffers
ReadFile
GetFileType
SetEndOfFile
SetFilePointer
WriteFile
GetStdHandle
GetLongPathNameW
GetShortPathNameW
GlobalAlloc
MoveFileW
CreateFileW
CreateDirectoryW
DeviceIoControl
RemoveDirectoryW
DeleteFileW
CreateHardLinkW
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
CreateFileA
GetCPInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind

user32

EnableWindow
GetDlgItem
ShowWindow
SetWindowLongW
GetDC
ReleaseDC
FindWindowExW
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
DestroyWindow
CopyRect
IsWindow
CharUpperW
OemToCharBuffA
LoadIconW
LoadBitmapW
PostMessageW
GetSysColor
SetForegroundWindow
MessageBoxW
WaitForInputIdle
IsWindowVisible
DialogBoxParamW
DestroyIcon
SetFocus
GetClassNameW
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
wvsprintfW
SendMessageW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteDC
GetObjectW
DeleteObject
CreateDIBSection

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHBrowseForFolderW
ShellExecuteExW
SHGetSpecialFolderLocation
SHFileOperationW
SHGetPathFromIDListW
SHGetMalloc
SHChangeNotify
SHGetFileInfoW

ole32

CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
CreateStreamOnHGlobal

oleaut32

VariantInit

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/Fri103a7805577.exe
.exe windows:4 windows x86 arch:x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri105268dda3.exe
.exe windows:5 windows x86 arch:x86

Password: 123

21506be3202517bb1e8cd3e1062868ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\nulo_jusi.pdb

Imports

kernel32

GetCommandLineW
GlobalDeleteAtom
GetLocaleInfoA
HeapAlloc
InterlockedDecrement
GetEnvironmentStringsW
GetUserDefaultLCID
AddConsoleAliasW
SetEvent
GetSystemTimeAsFileTime
GlobalAlloc
ReadFileScatter
LeaveCriticalSection
GetFileAttributesA
WriteConsoleW
CreateActCtxA
ReleaseSemaphore
FlushFileBuffers
GetProcAddress
VerLanguageNameA
GetProcessId
RemoveDirectoryW
EnumResourceTypesW
GetModuleFileNameA
DebugSetProcessKillOnExit
GetModuleHandleA
EraseTape
FindFirstVolumeA
EndUpdateResourceA
GetCurrentProcessId
FindNextVolumeA
lstrcpyA
InterlockedIncrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetModuleFileNameW
FreeEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
HeapSize
GetACP
GetOEMCP
IsValidCodePage
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
CloseHandle
CreateFileA
SetStdHandle
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
GetProcessHeap
ReadFile

Exports

Exports

@SetFirstVice@8

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/Fri10584c049c7f.exe
.exe windows:6 windows x86 arch:x86

Password: 123

d34cb7f3f974e9c89037b663aaa0d6a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
lstrcatA
GetModuleHandleA
SetCurrentDirectoryA
GetModuleHandleExA
CreateFileA
lstrcpyA
CloseHandle
GetFileSize
GetLastError
GetProcAddress
HeapFree
WriteFile
lstrlenA
lstrcpynA
WriteConsoleW
QueryPerformanceCounter
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
RtlUnwind
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
HeapReAlloc
SetFilePointerEx
GetFileType
HeapAlloc
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
GetStringTypeW
GetConsoleMode
FlushFileBuffers
GetConsoleOutputCP
HeapSize
CreateFileW
DecodePointer

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri106e757f6d75.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri10720d229511df563.exe
.exe windows:6 windows x86 arch:x86

d69e4c13e25f0ad622344ac56118c0df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\facebook_svn\trunk\database\Release\DiskScan.pdb

Imports

kernel32

GetComputerNameW
GetModuleFileNameA
GetCurrentProcessId
OpenProcess
GetModuleFileNameW
SetLastError
WaitForSingleObject
CreateEventW
FreeLibrary
WinExec
GetPrivateProfileStringW
CopyFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
LocalFree
LocalAlloc
LoadResource
FindResourceW
SizeofResource
LockResource
GetTickCount
GetCurrentThread
Sleep
GetProcessHeap
HeapAlloc
GetLastError
GetTempPathA
SetCurrentDirectoryW
GetShortPathNameA
LoadLibraryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
SystemTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
DuplicateHandle
CloseHandle
WriteFile
SetFileTime
SetFilePointer
ReadFile
GetFileType
CreateFileW
CreateDirectoryW
TerminateProcess
GetCurrentDirectoryW
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
RaiseException
GetStringTypeW
WriteConsoleW
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
GetModuleHandleW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushFileBuffers
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
HeapCompact
HeapDestroy
UnlockFile
LockFileEx
GetFileSize
DeleteCriticalSection
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountNameW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
FreeSid
EqualSid
DuplicateToken
AllocateAndInitializeSid
AddAccessAllowedAce
AccessCheck
OpenThreadToken
OpenProcessToken

shell32

ShellExecuteExA

ole32

CoInitializeEx
CoGetObject
CoUninitialize

wininet

InternetGetCookieExA

netapi32

Netbios

ntdll

RtlInitUnicodeString
NtFreeVirtualMemory
LdrEnumerateLoadedModules
RtlEqualUnicodeString
RtlAcquirePebLock
NtAllocateVirtualMemory
RtlReleasePebLock
RtlNtStatusToDosError
RtlCreateHeap
RtlDestroyHeap
RtlAllocateHeap
RtlFreeHeap
NtClose
NtOpenKey
NtEnumerateValueKey
NtQueryValueKey

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dgehrhe
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dgehrhe
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/Fri10acd1e0a9e6.exe
.exe windows:5 windows x86 arch:x86

21506be3202517bb1e8cd3e1062868ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\wowolohukof_lesu\lireleyusamuja_tuceyuhi_hakeyuba.pdb

Imports

kernel32

GetCommandLineW
GlobalDeleteAtom
GetLocaleInfoA
HeapAlloc
InterlockedDecrement
GetEnvironmentStringsW
GetUserDefaultLCID
AddConsoleAliasW
SetEvent
GetSystemTimeAsFileTime
GlobalAlloc
ReadFileScatter
LeaveCriticalSection
GetFileAttributesA
WriteConsoleW
CreateActCtxA
ReleaseSemaphore
FlushFileBuffers
GetProcAddress
VerLanguageNameA
GetProcessId
RemoveDirectoryW
EnumResourceTypesW
GetModuleFileNameA
DebugSetProcessKillOnExit
GetModuleHandleA
EraseTape
FindFirstVolumeA
EndUpdateResourceA
GetCurrentProcessId
FindNextVolumeA
lstrcpyA
InterlockedIncrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetModuleFileNameW
FreeEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
HeapSize
GetACP
GetOEMCP
IsValidCodePage
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
CloseHandle
CreateFileA
SetStdHandle
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
GetProcessHeap
ReadFile

Exports

Exports

@SetFirstVice@8

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/Fri10b0a06a73706.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

lPS3X^c
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
File/Fri10d184202996a0d7f.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 82KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 911KB - Virtual size: 911KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.themida
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
File/Fri10fcc13ae0125c8.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/HappyNewYear.exe
.exe windows:5 windows x86 arch:x86

b42e994c8f871aaf8164051f1d1e6392

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetACP
LocalFree
CloseHandle
SizeofResource
VirtualProtect
QueryPerformanceFrequency
IsDebuggerPresent
VirtualFree
GetFullPathNameW
FindNextFileW
ExitProcess
HeapAlloc
GetCPInfoExW
RtlUnwind
GetCPInfo
EnumSystemLocalesW
GetStdHandle
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
ReadFile
FileTimeToDosDateTime
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
FindResourceW
CreateThread
CompareStringW
CopyFileW
CreateMutexW
LoadLibraryA
ResetEvent
GetVersion
FreeResource
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetCurrentThread
LoadLibraryExW
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetStartupInfoW
GetFileAttributesW
InitializeCriticalSection
GetThreadPriority
SetThreadPriority
GetCurrentProcess
VirtualAlloc
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetLogicalDriveStringsW
GetVersionExW
VerifyVersionInfoW
HeapCreate
VerSetConditionMask
GetDiskFreeSpaceW
FindFirstFileW
GetUserDefaultUILanguage
lstrlenW
QueryPerformanceCounter
SetEndOfFile
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
SetEvent
CreateFileW
GetLocaleInfoW
DeleteFileW
GetLocalTime
GetEnvironmentVariableW
WaitForSingleObject
WriteFile
ExitThread
DeleteCriticalSection
TlsGetValue
GetDateFormatW
IsValidLocale
TlsSetValue
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
CreateEventW
SetThreadLocale
GetThreadLocale

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlW

shell32

ShellExecuteExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

user32

CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
CharLowerBuffW
LoadStringW
CharUpperW
PeekMessageW
GetSystemMetrics
MessageBoxW

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate

netapi32

NetWkstaGetInfo
NetApiBufferFree

advapi32

RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegLoadKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegReplaceKeyW
RegFlushKey
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegRestoreKeyW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 614B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 32B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/Install.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/InstallSetups2024.exe
.exe windows:5 windows x86 arch:x86

646dea3e06ebecb15c5e764c7a01072a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vahace65\xije.pdb

Imports

kernel32

PulseEvent
FillConsoleOutputCharacterA
GetPrivateProfileSectionNamesW
EnumResourceNamesW
SetVolumeLabelA
GetFileSize
lstrlenA
TlsGetValue
CommConfigDialogA
SetEndOfFile
FindResourceExW
FreeLibrary
LoadResource
ScrollConsoleScreenBufferW
GlobalSize
CreateJobObjectW
GetProfileStringW
WaitForSingleObject
WriteConsoleInputA
SignalObjectAndWait
OpenSemaphoreA
CallNamedPipeW
GetTickCount
GetConsoleAliasesLengthA
EnumTimeFormatsW
GetUserDefaultLangID
SetProcessPriorityBoost
GetDriveTypeA
GlobalAlloc
GetVolumeInformationA
LoadLibraryW
GetConsoleMode
TerminateThread
SetVolumeMountPointA
GetVersionExW
SetConsoleCursorPosition
GetFileAttributesW
SetTimeZoneInformation
VerifyVersionInfoA
SetSystemPowerState
WritePrivateProfileSectionW
IsDBCSLeadByte
ReadFile
CompareStringW
SetThreadPriority
DeactivateActCtx
ReleaseActCtx
GetStdHandle
OpenMutexW
FindFirstFileExA
GetLastError
SetLastError
ReadConsoleOutputCharacterA
GetProcAddress
VirtualAlloc
SetStdHandle
SetComputerNameA
GetPrivateProfileStringA
WriteConsoleA
OpenWaitableTimerW
LocalAlloc
DeleteTimerQueue
MoveFileA
IsSystemResumeAutomatic
WriteProfileSectionW
AddAtomA
FindAtomA
GetPrivateProfileStructA
WaitForMultipleObjects
WTSGetActiveConsoleSessionId
GetThreadPriority
DebugSetProcessKillOnExit
GetModuleHandleA
WaitForDebugEvent
GetCurrentThreadId
DuplicateHandle
SetProcessShutdownParameters
LocalSize
AddConsoleAliasA
DebugBreak
FindActCtxSectionStringW
GetProfileSectionW
CloseHandle
CreateFileW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
GetModuleFileNameW
WriteFile
RaiseException
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
GetConsoleCP
FlushFileBuffers

user32

GetMessageTime
GetCursorInfo

Exports

Exports

_go@4
_hockey@4
_regulmoto@4

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hihi
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/IrecCH6.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 368KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/JoSetp.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/MediaBurner.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/Ra.exe
.exe windows:5 windows x86 arch:x86

39a28b73a4bc759bac8c0efbf39694be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetModuleHandleExA
GetLocaleInfoA
SetLocalTime
MapViewOfFile
FindResourceExW
InterlockedIncrement
SetConsoleScreenBufferSize
ConnectNamedPipe
GetModuleHandleW
SetFileTime
TzSpecificLocalTimeToSystemTime
GlobalAlloc
GlobalFindAtomA
SizeofResource
SetSystemTimeAdjustment
GetFileAttributesA
GetConsoleAliasW
TerminateProcess
GetAtomNameW
GetTimeZoneInformation
GlobalUnlock
LCMapStringA
GetLastError
GetProcAddress
OpenWaitableTimerW
FindAtomA
GetTapeParameters
GlobalUnWire
lstrcatW
FileTimeToLocalFileTime
GetCurrentProcessId
LocalFree
GetStartupInfoW
RaiseException
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FatalAppExitA
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
CloseHandle
CreateFileA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringW
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetEndOfFile
GetProcessHeap
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mukop
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitob
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/askinstall20.exe
.exe windows:6 windows x86 arch:x86

4f0608b5638c60342069764638589dcf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\facebook_svn\trunk\database\Release\DiskScan.pdb

Imports

kernel32

LocalAlloc
LocalFree
WinExec
GetComputerNameW
GetModuleFileNameA
GetCurrentProcessId
OpenProcess
GetModuleFileNameW
SetLastError
GetCurrentThread
FindResourceW
GetPrivateProfileStringW
CopyFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
SizeofResource
CreateProcessA
LockResource
LoadResource
FreeLibrary
GetTickCount
TerminateProcess
Sleep
WaitForSingleObject
GetProcessHeap
HeapAlloc
GetLastError
GetTempPathA
CreateDirectoryA
SetCurrentDirectoryW
GetShortPathNameA
LoadLibraryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
SystemTimeToFileTime
DosDateTimeToFileTime
GetCurrentProcess
DuplicateHandle
CloseHandle
WriteFile
SetFileTime
SetFilePointer
ReadFile
GetFileType
CreateFileW
CreateDirectoryW
CreateEventW
GetCurrentDirectoryW
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
GetFileSizeEx
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
RtlUnwind
RaiseException
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
TlsFree
WriteConsoleW
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
DecodePointer
EncodePointer
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
GetModuleHandleW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushFileBuffers
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
HeapCompact
HeapDestroy
UnlockFile
LockFileEx
GetFileSize
DeleteCriticalSection

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountNameW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
FreeSid
EqualSid
DuplicateToken
AllocateAndInitializeSid
AddAccessAllowedAce
AccessCheck
OpenThreadToken
OpenProcessToken

shell32

ShellExecuteExA

ole32

CoInitializeEx
CoGetObject
CoUninitialize

wininet

InternetGetCookieExA

netapi32

Netbios

ntdll

RtlInitUnicodeString
NtFreeVirtualMemory
LdrEnumerateLoadedModules
RtlEqualUnicodeString
RtlAcquirePebLock
NtAllocateVirtualMemory
RtlReleasePebLock
RtlNtStatusToDosError
RtlCreateHeap
RtlDestroyHeap
RtlAllocateHeap
RtlFreeHeap
NtClose
NtOpenKey
NtEnumerateValueKey
NtQueryValueKey

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 1024B - Virtual size: 598B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.buowwww
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.buowwww
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/edffd5ca.exe
.exe windows:5 windows x86 arch:x86

39a28b73a4bc759bac8c0efbf39694be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetModuleHandleExA
GetLocaleInfoA
SetLocalTime
MapViewOfFile
FindResourceExW
InterlockedIncrement
SetConsoleScreenBufferSize
ConnectNamedPipe
GetModuleHandleW
SetFileTime
TzSpecificLocalTimeToSystemTime
GlobalAlloc
GlobalFindAtomA
SizeofResource
SetSystemTimeAdjustment
GetFileAttributesA
GetConsoleAliasW
TerminateProcess
GetAtomNameW
GetTimeZoneInformation
GlobalUnlock
LCMapStringA
GetLastError
GetProcAddress
OpenWaitableTimerW
FindAtomA
GetTapeParameters
GlobalUnWire
lstrcatW
FileTimeToLocalFileTime
GetCurrentProcessId
LocalFree
GetStartupInfoW
RaiseException
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FatalAppExitA
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
CloseHandle
CreateFileA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringW
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetEndOfFile
GetProcessHeap
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wafo
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pazunup
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/filee.exe
.exe windows:6 windows x86 arch:x86

e1baf4ab6685a606620fe187c276b405

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualFree
GetCurrentProcess
VirtualAlloc
TerminateProcess
GetModuleHandleA
GetLastError
GetProcAddress
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
GetProcessHeap
DecodePointer

gdi32

DPtoLP

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/gaoou.exe
.exe windows:6 windows x86 arch:x86

2273a7b03f8bec07678032cf62f25478

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\workspace\workspace_c\GjOGoOIgHJEwh52iJ_20\Release\GjOGoOIgHJEwh52iJ_20.pdb

Imports

kernel32

SizeofResource
GetTempPathA
LockResource
GetModuleHandleW
FindResourceW
WinExec
WriteConsoleW
CreateThread
CopyFileA
GetModuleFileNameA
LocalFree
GetLastError
FormatMessageW
Sleep
LoadResource
lstrlenW
HeapSize
CreateFileW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
HeapReAlloc
HeapFree
HeapAlloc
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
DeleteFileW
ReadFile
ReadConsoleW
SetEndOfFile

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
AllocateAndInitializeSid
RegSetValueExA
FreeSid
CheckTokenMembership
RegOpenKeyExA

shell32

ShellExecuteExA

winhttp

WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpAddRequestHeaders
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 454KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/jg6_6asg.exe
.exe windows:6 windows x86 arch:x86

5d896d72d54d52c501304d9a20fae36f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\免杀\10\TestExeBin\zNoteDebug.pdb

Imports

kernel32

GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
GetPrivateProfileStringW
LoadLibraryA
GetProcAddress
MultiByteToWideChar
CreateDirectoryW
ReadFile
GetModuleFileNameA
SizeofResource
GetVolumeInformationW
GetCurrentProcess
WriteFile
OutputDebugStringA
GetModuleFileNameW
CreateMutexW
WaitForSingleObject
CreateFileW
GetSystemDirectoryW
OutputDebugStringW
TerminateThread
LockResource
DeleteFileW
CloseHandle
CreateThread
FindResourceExW
LoadResource
FindResourceW
GetFileSize
GetCurrentProcessId
GetModuleHandleW
CopyFileW
VirtualQuery
GetExitCodeThread
Sleep
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetEndOfFile
GetTickCount
HeapSize
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetFullPathNameW
GetDiskFreeSpaceW
LockFile
InitializeCriticalSection
GetFullPathNameA
UnlockFileEx
GetTempPathW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
LoadLibraryW
HeapCompact
UnlockFile
LocalFree
LockFileEx
SystemTimeToFileTime
FreeLibrary
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
FlushFileBuffers
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
InitializeCriticalSectionEx
TerminateProcess
HeapFree
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
EnumSystemLocalesW
VirtualProtect
LoadLibraryExA
GetStringTypeW
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
QueryPerformanceFrequency
GetCurrentThread
GetThreadTimes
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
GetStdHandle
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
GetConsoleCP
GetFileSizeEx
IsValidLocale
GetUserDefaultLCID

user32

wsprintfA
GetDesktopWindow
MessageBoxW

advapi32

RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

ws2_32

WSAStartup

shlwapi

PathFileExistsW

winhttp

WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpQueryAuthSchemes
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpOpen
WinHttpCloseHandle
WinHttpCrackUrl
WinHttpWriteData

quartz

AMGetErrorTextW

Sections

.text
Size: 818KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/kabo.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

45:17:23:93:c6:3f:66:d0:f8:47:6d:04:9a:41:29:8a
Certificate

Issuer

CN=LmYCeyh,OU=SJpBGaZDIOE,O=LPZSOUPihOYPmjMIpNAgewycdTHhSUbMBOWobzSOwK,L=dKXBPvFWdniN,ST=BWSTSHJKBkmHFz,C=aAdMDzDgYkUYTJpeTGrut,2.5.4.12=#13196d6e786d784751564d4a7445504d436e48696f6d696b4c4958,1.2.840.113549.1.9.1=#130c72636f715850566d48706d4e

Not Before

14/04/2021, 15:20

Not After

14/04/2022, 15:20

Subject

CN=LmYCeyh,OU=SJpBGaZDIOE,O=LPZSOUPihOYPmjMIpNAgewycdTHhSUbMBOWobzSOwK,L=dKXBPvFWdniN,ST=BWSTSHJKBkmHFz,C=aAdMDzDgYkUYTJpeTGrut,2.5.4.12=#13196d6e786d784751564d4a7445504d436e48696f6d696b4c4958,1.2.840.113549.1.9.1=#130c72636f715850566d48706d4e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:5f:4e:95:41:5f:27:20:cb:8d:db:ab:47:e2:3e:68:67:5b:3a:c7:46:28:ca:c5:9a:26:b4:33:e8:ef:8f:59
Signer

Actual PE Digest

3f:5f:4e:95:41:5f:27:20:cb:8d:db:ab:47:e2:3e:68:67:5b:3a:c7:46:28:ca:c5:9a:26:b4:33:e8:ef:8f:59

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/libcurl.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 157KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 13KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/29
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/41
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/55
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/67
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/80
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
File/libcurlpp.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_ZN6curlpp10LogicErrorC1EPKc
_ZN6curlpp10LogicErrorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp10LogicErrorC2EPKc
_ZN6curlpp10LogicErrorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp10LogicErrorD0Ev
_ZN6curlpp10LogicErrorD1Ev
_ZN6curlpp10LogicErrorD2Ev
_ZN6curlpp10OptionBaseC1E10CURLoption
_ZN6curlpp10OptionBaseC2E10CURLoption
_ZN6curlpp10OptionBaseD0Ev
_ZN6curlpp10OptionBaseD1Ev
_ZN6curlpp10OptionBaseD2Ev
_ZN6curlpp10initializeEl
_ZN6curlpp11OptionTraitIPSoL10CURLoption10001EED0Ev
_ZN6curlpp11OptionTraitIPSoL10CURLoption10001EED1Ev
_ZN6curlpp11UnsetOptionC1EPKc
_ZN6curlpp11UnsetOptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp11UnsetOptionC2EPKc
_ZN6curlpp11UnsetOptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp11UnsetOptionD0Ev
_ZN6curlpp11UnsetOptionD1Ev
_ZN6curlpp11logicAssertEPKcb
_ZN6curlpp11logicAssertERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEb
_ZN6curlpp12NotAvailableC1Ev
_ZN6curlpp12NotAvailableC2Ev
_ZN6curlpp12NotAvailableD0Ev
_ZN6curlpp12NotAvailableD1Ev
_ZN6curlpp12RuntimeErrorC1EPKc
_ZN6curlpp12RuntimeErrorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp12RuntimeErrorC2EPKc
_ZN6curlpp12RuntimeErrorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp12RuntimeErrorD0Ev
_ZN6curlpp12RuntimeErrorD1Ev
_ZN6curlpp12RuntimeErrorD2Ev
_ZN6curlpp13runtimeAssertEPKcb
_ZN6curlpp13runtimeAssertERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEb
_ZN6curlpp14libcurlVersionB5cxx11Ev
_ZN6curlpp15UnknowExceptionC1Ev
_ZN6curlpp15UnknowExceptionC2Ev
_ZN6curlpp15UnknowExceptionD0Ev
_ZN6curlpp15UnknowExceptionD1Ev
_ZN6curlpp17CallbackExceptionINS_10LogicErrorEE5cloneEv
_ZN6curlpp17CallbackExceptionINS_10LogicErrorEE7throwMeEv
_ZN6curlpp17CallbackExceptionINS_10LogicErrorEED0Ev
_ZN6curlpp17CallbackExceptionINS_10LogicErrorEED1Ev
_ZN6curlpp17CallbackExceptionINS_15UnknowExceptionEE5cloneEv
_ZN6curlpp17CallbackExceptionINS_15UnknowExceptionEE7throwMeEv
_ZN6curlpp17CallbackExceptionINS_15UnknowExceptionEED0Ev
_ZN6curlpp17CallbackExceptionINS_15UnknowExceptionEED1Ev
_ZN6curlpp17InfoTypeConverterINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEE3getERKNS_4EasyE8CURLINFORS6_
_ZN6curlpp17InfoTypeConverterINSt7__cxx114listINS1_12basic_stringIcSt11char_traitsIcESaIcEEESaIS7_EEEE3getERKNS_4EasyE8CURLINFORS9_
_ZN6curlpp17InfoTypeConverterIdE3getERKNS_4EasyE8CURLINFORd
_ZN6curlpp17InfoTypeConverterIlE3getERKNS_4EasyE8CURLINFORl
_ZN6curlpp17LibcurlLogicErrorC1EPKc8CURLcode
_ZN6curlpp17LibcurlLogicErrorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE8CURLcode
_ZN6curlpp17LibcurlLogicErrorC2EPKc8CURLcode
_ZN6curlpp17LibcurlLogicErrorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE8CURLcode
_ZN6curlpp17LibcurlLogicErrorD0Ev
_ZN6curlpp17LibcurlLogicErrorD1Ev
_ZN6curlpp18libcurlLogicAssertEPKc8CURLcode
_ZN6curlpp18libcurlLogicAssertERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE8CURLcode
_ZN6curlpp19LibcurlRuntimeErrorC1EPKc8CURLcode
_ZN6curlpp19LibcurlRuntimeErrorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE8CURLcode
_ZN6curlpp19LibcurlRuntimeErrorC2EPKc8CURLcode
_ZN6curlpp19LibcurlRuntimeErrorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE8CURLcode
_ZN6curlpp19LibcurlRuntimeErrorD0Ev
_ZN6curlpp19LibcurlRuntimeErrorD1Ev
_ZN6curlpp20libcurlRuntimeAssertEPKc8CURLcode
_ZN6curlpp20libcurlRuntimeAssertERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE8CURLcode
_ZN6curlpp21CallbackExceptionBaseC1ERKS0_
_ZN6curlpp21CallbackExceptionBaseC1Ev
_ZN6curlpp21CallbackExceptionBaseC2ERKS0_
_ZN6curlpp21CallbackExceptionBaseC2Ev
_ZN6curlpp4Easy5resetEv
_ZN6curlpp4Easy6setOptEPNS_10OptionBaseE
_ZN6curlpp4Easy6setOptERKNS_10OptionBaseE
_ZN6curlpp4Easy6setOptERKNS_8internal10OptionListE
_ZN6curlpp4Easy6setOptESt10unique_ptrINS_10OptionBaseESt14default_deleteIS2_EE
_ZN6curlpp4Easy7performEv
_ZN6curlpp4EasyC1ESt10unique_ptrINS_8internal10CurlHandleESt14default_deleteIS3_EE
_ZN6curlpp4EasyC1Ev
_ZN6curlpp4EasyC2ESt10unique_ptrINS_8internal10CurlHandleESt14default_deleteIS3_EE
_ZN6curlpp4EasyC2Ev
_ZN6curlpp4EasyD0Ev
_ZN6curlpp4EasyD1Ev
_ZN6curlpp4EasyD2Ev
_ZN6curlpp5Multi3addEPKNS_4EasyE
_ZN6curlpp5Multi4infoB5cxx11Ev
_ZN6curlpp5Multi5fdsetEP6fd_setS2_S2_Pi
_ZN6curlpp5Multi6removeEPKNS_4EasyE
_ZN6curlpp5Multi7performEPi
_ZN6curlpp5MultiC1Ev
_ZN6curlpp5MultiC2Ev
_ZN6curlpp5MultiD1Ev
_ZN6curlpp5MultiD2Ev
_ZN6curlpp6OptionIPSoE16updateMeToOptionERKNS_10OptionBaseE
_ZN6curlpp6OptionIPSoE5clearEv
_ZN6curlpp6escapeERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp6getenvERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp7CleanupC1Ev
_ZN6curlpp7CleanupC2Ev
_ZN6curlpp7CleanupD1Ev
_ZN6curlpp7CleanupD2Ev
_ZN6curlpp7getdateERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEPl
_ZN6curlpp8FormPartC1EPKc
_ZN6curlpp8FormPartC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp8FormPartC2EPKc
_ZN6curlpp8FormPartC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp8FormPartD0Ev
_ZN6curlpp8FormPartD1Ev
_ZN6curlpp8FormPartD2Ev
_ZN6curlpp8HttpPost5clearEv
_ZN6curlpp8HttpPost7getListB5cxx11Ev
_ZN6curlpp8HttpPostC1ERKNSt7__cxx114listIN7utilspp9clone_ptrINS_8FormPartEEESaIS6_EEE
_ZN6curlpp8HttpPostC1Ev
_ZN6curlpp8HttpPostC2ERKNSt7__cxx114listIN7utilspp9clone_ptrINS_8FormPartEEESaIS6_EEE
_ZN6curlpp8HttpPostC2Ev
_ZN6curlpp8HttpPostD1Ev
_ZN6curlpp8HttpPostD2Ev
_ZN6curlpp8HttpPostaSERKNSt7__cxx114listIN7utilspp9clone_ptrINS_8FormPartEEESaIS6_EEE
_ZN6curlpp8internal10CurlHandle11errorBufferEPc
_ZN6curlpp8internal10CurlHandle12setExceptionEPNS_21CallbackExceptionBaseE
_ZN6curlpp8internal10CurlHandle14throwExceptionEv
_ZN6curlpp8internal10CurlHandle18executeReadFunctorEPcjj
_ZN6curlpp8internal10CurlHandle19executeDebugFunctorE13curl_infotypePcj
_ZN6curlpp8internal10CurlHandle19executeWriteFunctorEPcjj
_ZN6curlpp8internal10CurlHandle20executeHeaderFunctorEPcjj
_ZN6curlpp8internal10CurlHandle20executeSslCtxFunctorEPv
_ZN6curlpp8internal10CurlHandle22executeProgressFunctorEdddd
_ZN6curlpp8internal10CurlHandle5resetEv
_ZN6curlpp8internal10CurlHandle7performEv
_ZN6curlpp8internal10CurlHandleC1EPv
_ZN6curlpp8internal10CurlHandleC1Ev
_ZN6curlpp8internal10CurlHandleC2EPv
_ZN6curlpp8internal10CurlHandleC2Ev
_ZN6curlpp8internal10CurlHandleD0Ev
_ZN6curlpp8internal10CurlHandleD1Ev
_ZN6curlpp8internal10CurlHandleD2Ev
_ZN6curlpp8internal10OptionList6insertERKSt3mapI10CURLoptionPNS_10OptionBaseESt4lessIS3_ESaISt4pairIKS3_S5_EEE
_ZN6curlpp8internal10OptionList6setOptEPNS_10OptionBaseE
_ZN6curlpp8internal10OptionList6setOptERKNS_10OptionBaseE
_ZN6curlpp8internal10OptionList6setOptERKS1_
_ZN6curlpp8internal10OptionListC1ERKS1_
_ZN6curlpp8internal10OptionListC1Ev
_ZN6curlpp8internal10OptionListC2ERKS1_
_ZN6curlpp8internal10OptionListC2Ev
_ZN6curlpp8internal10OptionListD0Ev
_ZN6curlpp8internal10OptionListD1Ev
_ZN6curlpp8internal10OptionListD2Ev
_ZN6curlpp8internal12OptionSetterINSt7__cxx114listIN7utilspp9clone_ptrINS_8FormPartEEESaIS7_EEEL10CURLoption10024EE6setOptEPNS0_10CurlHandleERKNS_8HttpPostE
_ZN6curlpp8internal12OptionSetterIP6_iobufL10CURLoption10001EE6setOptEPNS0_10CurlHandleES3_
_ZN6curlpp8internal12OptionSetterIP6_iobufL10CURLoption10009EE6setOptEPNS0_10CurlHandleES3_
_ZN6curlpp8internal12OptionSetterIPSiL10CURLoption10009EE6setOptEPNS0_10CurlHandleES2_
_ZN6curlpp8internal12OptionSetterIPSoL10CURLoption10001EE6setOptEPNS0_10CurlHandleES2_
_ZN6curlpp8internal12OptionSetterISt8functionIF8CURLcodePvEEL10CURLoption20108EE6setOptEPNS0_10CurlHandleERS6_
_ZN6curlpp8internal12OptionSetterISt8functionIFi13curl_infotypePcjEEL10CURLoption20094EE6setOptEPNS0_10CurlHandleERS6_
_ZN6curlpp8internal12OptionSetterISt8functionIFiddddEEL10CURLoption20056EE6setOptEPNS0_10CurlHandleERS4_
_ZN6curlpp8internal12OptionSetterISt8functionIFjPcjjEEL10CURLoption20011EE6setOptEPNS0_10CurlHandleERS5_
_ZN6curlpp8internal12OptionSetterISt8functionIFjPcjjEEL10CURLoption20012EE6setOptEPNS0_10CurlHandleERS5_
_ZN6curlpp8internal12OptionSetterISt8functionIFjPcjjEEL10CURLoption20079EE6setOptEPNS0_10CurlHandleERS5_
_ZN6curlpp8internal5SList13constructFromEP10curl_slist
_ZN6curlpp8internal5SList3setERKNSt7__cxx114listINS2_12basic_stringIcSt11char_traitsIcESaIcEEESaIS8_EEE
_ZN6curlpp8internal5SList4listB5cxx11Ev
_ZN6curlpp8internal5SList5clearEv
_ZN6curlpp8internal5SList6updateEv
_ZN6curlpp8internal5SListC1EP10curl_slist
_ZN6curlpp8internal5SListC1ERKNSt7__cxx114listINS2_12basic_stringIcSt11char_traitsIcESaIcEEESaIS8_EEE
_ZN6curlpp8internal5SListC1ERKS1_
_ZN6curlpp8internal5SListC1Ev
_ZN6curlpp8internal5SListC2EP10curl_slist
_ZN6curlpp8internal5SListC2ERKNSt7__cxx114listINS2_12basic_stringIcSt11char_traitsIcESaIcEEESaIS8_EEE
_ZN6curlpp8internal5SListC2ERKS1_
_ZN6curlpp8internal5SListC2Ev
_ZN6curlpp8internal5SListD1Ev
_ZN6curlpp8internal5SListD2Ev
_ZN6curlpp8internal5SListaSERKNSt7__cxx114listINS2_12basic_stringIcSt11char_traitsIcESaIcEEESaIS8_EEE
_ZN6curlpp8internal5SListcvNSt7__cxx114listINS2_12basic_stringIcSt11char_traitsIcESaIcEEESaIS8_EEEEv
_ZN6curlpp8internal9Callbacks12ReadCallbackEPcjjPNS0_10CurlHandleE
_ZN6curlpp8internal9Callbacks13DebugCallbackEPv13curl_infotypePcjPNS0_10CurlHandleE
_ZN6curlpp8internal9Callbacks13WriteCallbackEPcjjPNS0_10CurlHandleE
_ZN6curlpp8internal9Callbacks14HeaderCallbackEPcjjPNS0_10CurlHandleE
_ZN6curlpp8internal9Callbacks14SslCtxCallbackEPvS2_PNS0_10CurlHandleE
_ZN6curlpp8internal9Callbacks16ProgressCallbackEPNS0_10CurlHandleEdddd
_ZN6curlpp8internal9Callbacks18StreamReadCallbackEPcjjPSi
_ZN6curlpp8internal9Callbacks19StreamWriteCallbackEPcjjPSo
_ZN6curlpp8unescapeERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN6curlpp9FormParts4File3addEPP13curl_httppostS4_
_ZN6curlpp9FormParts4FileC1EPKcS3_
_ZN6curlpp9FormParts4FileC1EPKcS3_S3_
_ZN6curlpp9FormParts4FileC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
_ZN6curlpp9FormParts4FileC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_S9_
_ZN6curlpp9FormParts4FileC2EPKcS3_
_ZN6curlpp9FormParts4FileC2EPKcS3_S3_
_ZN6curlpp9FormParts4FileC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
_ZN6curlpp9FormParts4FileC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_S9_
_ZN6curlpp9FormParts4FileD0Ev
_ZN6curlpp9FormParts4FileD1Ev
_ZN6curlpp9FormParts4FileD2Ev
_ZN6curlpp9FormParts7Content3addEPP13curl_httppostS4_
_ZN6curlpp9FormParts7ContentC1EPKcS3_
_ZN6curlpp9FormParts7ContentC1EPKcS3_S3_
_ZN6curlpp9FormParts7ContentC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
_ZN6curlpp9FormParts7ContentC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_S9_
_ZN6curlpp9FormParts7ContentC2EPKcS3_
_ZN6curlpp9FormParts7ContentC2EPKcS3_S3_
_ZN6curlpp9FormParts7ContentC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
_ZN6curlpp9FormParts7ContentC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_S9_
_ZN6curlpp9FormParts7ContentD0Ev
_ZN6curlpp9FormParts7ContentD1Ev
_ZN6curlpp9FormParts7ContentD2Ev
_ZN6curlpp9terminateEv
_ZNK6curlpp10OptionBase9getOptionEv
_ZNK6curlpp10OptionBaseltERKS0_
_ZNK6curlpp11OptionTraitIPSoL10CURLoption10001EE16updateHandleToMeEPNS_8internal10CurlHandleE
_ZNK6curlpp11OptionTraitIPSoL10CURLoption10001EE5cloneEv
_ZNK6curlpp17LibcurlLogicError8whatCodeEv
_ZNK6curlpp19LibcurlRuntimeError8whatCodeEv
_ZNK6curlpp4Easy6getOptEPNS_10OptionBaseE
_ZNK6curlpp4Easy6getOptERNS_10OptionBaseE
_ZNK6curlpp4Easy9getHandleEv
_ZNK6curlpp8HttpPost9cHttpPostEv
_ZNK6curlpp8internal10CurlHandle5cloneEv
_ZNK6curlpp8internal10CurlHandle9getHandleEv
_ZNK6curlpp8internal10OptionList6getOptEPNS_10OptionBaseE
_ZNK6curlpp8internal5SList6cslistEv
_ZNK6curlpp9FormParts4File5cloneEv
_ZNK6curlpp9FormParts7Content5cloneEv
_ZNSt7__cxx1110_List_baseIN7utilspp9clone_ptrIN6curlpp8FormPartEEESaIS5_EE8_M_clearEv
_ZNSt7__cxx1110_List_baseINS_12basic_stringIcSt11char_traitsIcESaIcEEESaIS5_EE8_M_clearEv
_ZNSt7__cxx114listINS_12basic_stringIcSt11char_traitsIcESaIcEEESaIS5_EE6insertISt20_List_const_iteratorIS5_EvEESt14_List_iteratorIS5_ESA_T_SD_
_ZNSt8_Rb_treeI10CURLoptionSt4pairIKS0_PN6curlpp10OptionBaseEESt10_Select1stIS6_ESt4lessIS0_ESaIS6_EE16_M_insert_uniqueIS1_IS0_S5_EEES1_ISt17_Rb_tree_iteratorIS6_EbEOT_
_ZNSt8_Rb_treeI10CURLoptionSt4pairIKS0_PN6curlpp10OptionBaseEESt10_Select1stIS6_ESt4lessIS0_ESaIS6_EE8_M_eraseEPSt13_Rb_tree_nodeIS6_E
_ZNSt8_Rb_treeIPvSt4pairIKS0_PKN6curlpp4EasyEESt10_Select1stIS7_ESt4lessIS0_ESaIS7_EE29_M_get_insert_hint_unique_posESt23_Rb_tree_const_iteratorIS7_ERS2_
_ZNSt8_Rb_treeIPvSt4pairIKS0_PKN6curlpp4EasyEESt10_Select1stIS7_ESt4lessIS0_ESaIS7_EE8_M_eraseEPSt13_Rb_tree_nodeIS7_E
_ZTIN6curlpp10LogicErrorE
_ZTIN6curlpp10OptionBaseE
_ZTIN6curlpp11OptionTraitIPSoL10CURLoption10001EEE
_ZTIN6curlpp11UnsetOptionE
_ZTIN6curlpp12NotAvailableE
_ZTIN6curlpp12RuntimeErrorE
_ZTIN6curlpp15UnknowExceptionE
_ZTIN6curlpp17CallbackExceptionINS_10LogicErrorEEE
_ZTIN6curlpp17CallbackExceptionINS_15UnknowExceptionEEE
_ZTIN6curlpp17LibcurlLogicErrorE
_ZTIN6curlpp19LibcurlRuntimeErrorE
_ZTIN6curlpp21CallbackExceptionBaseE
_ZTIN6curlpp4EasyE
_ZTIN6curlpp6OptionIPSoEE
_ZTIN6curlpp8FormPartE
_ZTIN6curlpp8internal10CurlHandleE
_ZTIN6curlpp8internal10OptionListE
_ZTIN6curlpp9FormParts4FileE
_ZTIN6curlpp9FormParts7ContentE
_ZTIPN6curlpp21CallbackExceptionBaseE
_ZTISt11logic_error
_ZTISt13runtime_error
_ZTISt9exception
_ZTSN6curlpp10LogicErrorE
_ZTSN6curlpp10OptionBaseE
_ZTSN6curlpp11OptionTraitIPSoL10CURLoption10001EEE
_ZTSN6curlpp11UnsetOptionE
_ZTSN6curlpp12NotAvailableE
_ZTSN6curlpp12RuntimeErrorE
_ZTSN6curlpp15UnknowExceptionE
_ZTSN6curlpp17CallbackExceptionINS_10LogicErrorEEE
_ZTSN6curlpp17CallbackExceptionINS_15UnknowExceptionEEE
_ZTSN6curlpp17LibcurlLogicErrorE
_ZTSN6curlpp19LibcurlRuntimeErrorE
_ZTSN6curlpp21CallbackExceptionBaseE
_ZTSN6curlpp4EasyE
_ZTSN6curlpp6OptionIPSoEE
_ZTSN6curlpp8FormPartE
_ZTSN6curlpp8internal10CurlHandleE
_ZTSN6curlpp8internal10OptionListE
_ZTSN6curlpp9FormParts4FileE
_ZTSN6curlpp9FormParts7ContentE
_ZTSPN6curlpp21CallbackExceptionBaseE
_ZTSSt11logic_error
_ZTSSt13runtime_error
_ZTSSt9exception
_ZTVN6curlpp10LogicErrorE
_ZTVN6curlpp10OptionBaseE
_ZTVN6curlpp11OptionTraitIPSoL10CURLoption10001EEE
_ZTVN6curlpp11UnsetOptionE
_ZTVN6curlpp12NotAvailableE
_ZTVN6curlpp12RuntimeErrorE
_ZTVN6curlpp15UnknowExceptionE
_ZTVN6curlpp17CallbackExceptionINS_10LogicErrorEEE
_ZTVN6curlpp17CallbackExceptionINS_15UnknowExceptionEEE
_ZTVN6curlpp17LibcurlLogicErrorE
_ZTVN6curlpp19LibcurlRuntimeErrorE
_ZTVN6curlpp21CallbackExceptionBaseE
_ZTVN6curlpp4EasyE
_ZTVN6curlpp6OptionIPSoEE
_ZTVN6curlpp8FormPartE
_ZTVN6curlpp8internal10CurlHandleE
_ZTVN6curlpp8internal10OptionListE
_ZTVN6curlpp9FormParts4FileE
_ZTVN6curlpp9FormParts7ContentE
_ZlsRSoRKN6curlpp11OptionTraitINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEL10CURLoption10002EEE
_ZlsRSoRKN6curlpp4EasyE
_ZlsRSoRKNSt7__cxx114listINS0_12basic_stringIcSt11char_traitsIcESaIcEEESaIS6_EEE

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/29
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/41
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/55
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/67
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/80
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
File/libgcc_s_dw2-1.dll
.dll windows:4 windows x86 arch:x86

04f9a5136edc374e78bc81dc8b0d07af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

_amsg_exit
_initterm
_iob
_lock
_unlock
abort
calloc
free
fwrite
malloc
memcpy
memset
realloc
strlen
strncmp
vfprintf

libwinpthread-1

pthread_getspecific
pthread_key_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

Exports

Exports

_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_Find_FDE
_Unwind_ForcedUnwind
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__absvdi2
__absvsi2
__addtf3
__addvdi3
__addvsi3
__ashldi3
__ashrdi3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbsi2
__clzdi2
__clzsi2
__cmpdi2
__ctzdi2
__ctzsi2
__deregister_frame
__deregister_frame_info
__deregister_frame_info_bases
__divdc3
__divdi3
__divmoddi4
__divsc3
__divtc3
__divtf3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffssi2
__fixdfdi
__fixsfdi
__fixtfdi
__fixtfsi
__fixunsdfdi
__fixunsdfsi
__fixunssfdi
__fixunssfsi
__fixunstfdi
__fixunstfsi
__fixunsxfdi
__fixunsxfsi
__fixxfdi
__floatdidf
__floatdisf
__floatditf
__floatdixf
__floatsitf
__floatundidf
__floatundisf
__floatunditf
__floatundixf
__floatunsitf
__gcc_personality_v0
__getf2
__gttf2
__letf2
__lshrdi3
__lttf2
__moddi3
__muldc3
__muldi3
__mulsc3
__multc3
__multf3
__mulvdi3
__mulvsi3
__mulxc3
__negdi2
__negtf2
__negvdi2
__negvsi2
__netf2
__paritydi2
__paritysi2
__popcountdi2
__popcountsi2
__powidf2
__powisf2
__powitf2
__powixf2
__register_frame
__register_frame_info
__register_frame_info_bases
__register_frame_info_table
__register_frame_info_table_bases
__register_frame_table
__subtf3
__subvdi3
__subvsi3
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpdi2
__udivdi3
__udivmoddi4
__umoddi3
__unordtf2

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/libstdc++-6.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

_Z20_txnal_cow_string_D1Pv
_Z23_txnal_cow_string_c_strPKv
_Z23_txnal_sso_string_c_strPKv
_Z26_txnal_logic_error_get_msgPv
_Z27_txnal_cow_string_D1_commitPv
_Z28_txnal_runtime_error_get_msgPv
_Z35_txnal_cow_string_C1_for_exceptionsPvPKcS_
_Z7fprintfP6_iobufPKcz
_ZGTtNKSt11logic_error4whatEv
_ZGTtNKSt13bad_exception4whatEv
_ZGTtNKSt13bad_exceptionD1Ev
_ZGTtNKSt13runtime_error4whatEv
_ZGTtNKSt9exception4whatEv
_ZGTtNKSt9exceptionD1Ev
_ZGTtNSt11logic_errorC1EPKc
_ZGTtNSt11logic_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt11logic_errorC2EPKc
_ZGTtNSt11logic_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt11logic_errorD0Ev
_ZGTtNSt11logic_errorD1Ev
_ZGTtNSt11logic_errorD2Ev
_ZGTtNSt11range_errorC1EPKc
_ZGTtNSt11range_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt11range_errorC2EPKc
_ZGTtNSt11range_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt11range_errorD0Ev
_ZGTtNSt11range_errorD1Ev
_ZGTtNSt11range_errorD2Ev
_ZGTtNSt12domain_errorC1EPKc
_ZGTtNSt12domain_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt12domain_errorC2EPKc
_ZGTtNSt12domain_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt12domain_errorD0Ev
_ZGTtNSt12domain_errorD1Ev
_ZGTtNSt12domain_errorD2Ev
_ZGTtNSt12length_errorC1EPKc
_ZGTtNSt12length_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt12length_errorC2EPKc
_ZGTtNSt12length_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt12length_errorD0Ev
_ZGTtNSt12length_errorD1Ev
_ZGTtNSt12length_errorD2Ev
_ZGTtNSt12out_of_rangeC1EPKc
_ZGTtNSt12out_of_rangeC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt12out_of_rangeC2EPKc
_ZGTtNSt12out_of_rangeC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt12out_of_rangeD0Ev
_ZGTtNSt12out_of_rangeD1Ev
_ZGTtNSt12out_of_rangeD2Ev
_ZGTtNSt13runtime_errorC1EPKc
_ZGTtNSt13runtime_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt13runtime_errorC2EPKc
_ZGTtNSt13runtime_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt13runtime_errorD0Ev
_ZGTtNSt13runtime_errorD1Ev
_ZGTtNSt13runtime_errorD2Ev
_ZGTtNSt14overflow_errorC1EPKc
_ZGTtNSt14overflow_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt14overflow_errorC2EPKc
_ZGTtNSt14overflow_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt14overflow_errorD0Ev
_ZGTtNSt14overflow_errorD1Ev
_ZGTtNSt14overflow_errorD2Ev
_ZGTtNSt15underflow_errorC1EPKc
_ZGTtNSt15underflow_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt15underflow_errorC2EPKc
_ZGTtNSt15underflow_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt15underflow_errorD0Ev
_ZGTtNSt15underflow_errorD1Ev
_ZGTtNSt15underflow_errorD2Ev
_ZGTtNSt16invalid_argumentC1EPKc
_ZGTtNSt16invalid_argumentC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt16invalid_argumentC2EPKc
_ZGTtNSt16invalid_argumentC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZGTtNSt16invalid_argumentD0Ev
_ZGTtNSt16invalid_argumentD1Ev
_ZGTtNSt16invalid_argumentD2Ev
_ZGVN9__gnu_cxx16bitmap_allocatorIcE13_S_mem_blocksE
_ZGVN9__gnu_cxx16bitmap_allocatorIcE15_S_last_requestE
_ZGVN9__gnu_cxx16bitmap_allocatorIcE6_S_mutE
_ZGVN9__gnu_cxx16bitmap_allocatorIwE13_S_mem_blocksE
_ZGVN9__gnu_cxx16bitmap_allocatorIwE15_S_last_requestE
_ZGVN9__gnu_cxx16bitmap_allocatorIwE6_S_mutE
_ZGVNSt10moneypunctIcLb0EE2idE
_ZGVNSt10moneypunctIcLb1EE2idE
_ZGVNSt10moneypunctIwLb0EE2idE
_ZGVNSt10moneypunctIwLb1EE2idE
_ZGVNSt11__timepunctIcE2idE
_ZGVNSt11__timepunctIwE2idE
_ZGVNSt7__cxx1110moneypunctIcLb0EE2idE
_ZGVNSt7__cxx1110moneypunctIcLb1EE2idE
_ZGVNSt7__cxx1110moneypunctIwLb0EE2idE
_ZGVNSt7__cxx1110moneypunctIwLb1EE2idE
_ZGVNSt7__cxx117collateIcE2idE
_ZGVNSt7__cxx117collateIwE2idE
_ZGVNSt7__cxx118messagesIcE2idE
_ZGVNSt7__cxx118messagesIwE2idE
_ZGVNSt7__cxx118numpunctIcE2idE
_ZGVNSt7__cxx118numpunctIwE2idE
_ZGVNSt7__cxx118time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7__cxx118time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7__cxx119money_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7__cxx119money_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7__cxx119money_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7__cxx119money_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7collateIcE2idE
_ZGVNSt7collateIwE2idE
_ZGVNSt7num_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7num_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7num_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt8messagesIcE2idE
_ZGVNSt8messagesIwE2idE
_ZGVNSt8numpunctIcE2idE
_ZGVNSt8numpunctIwE2idE
_ZGVNSt8time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt8time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt8time_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt8time_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt9money_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt9money_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt9money_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt9money_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVZN9__gnu_cxx13__common_poolINS_6__poolELb1EE11_S_get_poolEvE7_S_pool
_ZGVZN9__gnu_cxx9free_list12_M_get_mutexEvE8_S_mutex
_ZGVZN9__gnu_cxx9free_list16_M_get_free_listEvE12_S_free_list
_ZN10__cxxabiv111__terminateEPFvvE
_ZN10__cxxabiv112__unexpectedEPFvvE
_ZN10__cxxabiv115__forced_unwindD0Ev
_ZN10__cxxabiv115__forced_unwindD1Ev
_ZN10__cxxabiv115__forced_unwindD2Ev
_ZN10__cxxabiv116__enum_type_infoD0Ev
_ZN10__cxxabiv116__enum_type_infoD1Ev
_ZN10__cxxabiv116__enum_type_infoD2Ev
_ZN10__cxxabiv117__array_type_infoD0Ev
_ZN10__cxxabiv117__array_type_infoD1Ev
_ZN10__cxxabiv117__array_type_infoD2Ev
_ZN10__cxxabiv117__class_type_infoD0Ev
_ZN10__cxxabiv117__class_type_infoD1Ev
_ZN10__cxxabiv117__class_type_infoD2Ev
_ZN10__cxxabiv117__pbase_type_infoD0Ev
_ZN10__cxxabiv117__pbase_type_infoD1Ev
_ZN10__cxxabiv117__pbase_type_infoD2Ev
_ZN10__cxxabiv119__foreign_exceptionD0Ev
_ZN10__cxxabiv119__foreign_exceptionD1Ev
_ZN10__cxxabiv119__foreign_exceptionD2Ev
_ZN10__cxxabiv119__pointer_type_infoD0Ev
_ZN10__cxxabiv119__pointer_type_infoD1Ev
_ZN10__cxxabiv119__pointer_type_infoD2Ev
_ZN10__cxxabiv119__terminate_handlerE
_ZN10__cxxabiv120__function_type_infoD0Ev
_ZN10__cxxabiv120__function_type_infoD1Ev
_ZN10__cxxabiv120__function_type_infoD2Ev
_ZN10__cxxabiv120__si_class_type_infoD0Ev
_ZN10__cxxabiv120__si_class_type_infoD1Ev
_ZN10__cxxabiv120__si_class_type_infoD2Ev
_ZN10__cxxabiv120__unexpected_handlerE
_ZN10__cxxabiv121__vmi_class_type_infoD0Ev
_ZN10__cxxabiv121__vmi_class_type_infoD1Ev
_ZN10__cxxabiv121__vmi_class_type_infoD2Ev
_ZN10__cxxabiv123__fundamental_type_infoD0Ev
_ZN10__cxxabiv123__fundamental_type_infoD1Ev
_ZN10__cxxabiv123__fundamental_type_infoD2Ev
_ZN10__cxxabiv129__pointer_to_member_type_infoD0Ev
_ZN10__cxxabiv129__pointer_to_member_type_infoD1Ev
_ZN10__cxxabiv129__pointer_to_member_type_infoD2Ev
_ZN11__gnu_debug19_Safe_iterator_base12_M_get_mutexEv
_ZN11__gnu_debug19_Safe_iterator_base16_M_attach_singleEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug19_Safe_iterator_base16_M_detach_singleEv
_ZN11__gnu_debug19_Safe_iterator_base8_M_resetEv
_ZN11__gnu_debug19_Safe_iterator_base9_M_attachEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug19_Safe_iterator_base9_M_detachEv
_ZN11__gnu_debug19_Safe_sequence_base12_M_get_mutexEv
_ZN11__gnu_debug19_Safe_sequence_base13_M_detach_allEv
_ZN11__gnu_debug19_Safe_sequence_base16_M_attach_singleEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug19_Safe_sequence_base16_M_detach_singleEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug19_Safe_sequence_base18_M_detach_singularEv
_ZN11__gnu_debug19_Safe_sequence_base22_M_revalidate_singularEv
_ZN11__gnu_debug19_Safe_sequence_base7_M_swapERS0_
_ZN11__gnu_debug19_Safe_sequence_base9_M_attachEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug19_Safe_sequence_base9_M_detachEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug25_Safe_local_iterator_base16_M_attach_singleEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug25_Safe_local_iterator_base16_M_detach_singleEv
_ZN11__gnu_debug25_Safe_local_iterator_base9_M_attachEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug25_Safe_local_iterator_base9_M_detachEv
_ZN11__gnu_debug30_Safe_unordered_container_base13_M_detach_allEv
_ZN11__gnu_debug30_Safe_unordered_container_base15_M_attach_localEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug30_Safe_unordered_container_base15_M_detach_localEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug30_Safe_unordered_container_base22_M_attach_local_singleEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug30_Safe_unordered_container_base22_M_detach_local_singleEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug30_Safe_unordered_container_base7_M_swapERS0_
_ZN14__gnu_internal12buf_cin_syncE
_ZN14__gnu_internal13buf_cerr_syncE
_ZN14__gnu_internal13buf_cout_syncE
_ZN14__gnu_internal13buf_wcin_syncE
_ZN14__gnu_internal14buf_wcerr_syncE
_ZN14__gnu_internal14buf_wcout_syncE
_ZN14__gnu_internal7buf_cinE
_ZN14__gnu_internal8buf_cerrE
_ZN14__gnu_internal8buf_coutE
_ZN14__gnu_internal8buf_wcinE
_ZN14__gnu_internal9buf_wcerrE
_ZN14__gnu_internal9buf_wcoutE
_ZN14__gnu_internal9get_mutexEh
_ZN14__gnu_parallel9_Settings3getEv
_ZN14__gnu_parallel9_Settings3setERS0_
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE10deallocateEPcj
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_get_optionsEv
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_set_optionsENS_11__pool_base5_TuneE
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE8allocateEjPKv
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC1ERKS4_
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC1Ev
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC2ERKS4_
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC2Ev
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEED1Ev
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEED2Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE10deallocateEPwj
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_get_optionsEv
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_set_optionsENS_11__pool_base5_TuneE
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE8allocateEjPKv
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC1ERKS4_
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC1Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC2ERKS4_
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC2Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEED1Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEED2Ev
_ZN9__gnu_cxx12__atomic_addEPVii
_ZN9__gnu_cxx12__pool_allocIcE10deallocateEPcj
_ZN9__gnu_cxx12__pool_allocIcE12_S_force_newE
_ZN9__gnu_cxx12__pool_allocIcE7destroyEPc
_ZN9__gnu_cxx12__pool_allocIcE8allocateEjPKv
_ZN9__gnu_cxx12__pool_allocIcE9constructEPcRKc
_ZN9__gnu_cxx12__pool_allocIcEC1ERKS1_
_ZN9__gnu_cxx12__pool_allocIcEC1Ev
_ZN9__gnu_cxx12__pool_allocIcEC2ERKS1_
_ZN9__gnu_cxx12__pool_allocIcEC2Ev
_ZN9__gnu_cxx12__pool_allocIcED1Ev
_ZN9__gnu_cxx12__pool_allocIcED2Ev
_ZN9__gnu_cxx12__pool_allocIwE10deallocateEPwj
_ZN9__gnu_cxx12__pool_allocIwE12_S_force_newE
_ZN9__gnu_cxx12__pool_allocIwE7destroyEPw
_ZN9__gnu_cxx12__pool_allocIwE8allocateEjPKv
_ZN9__gnu_cxx12__pool_allocIwE9constructEPwRKw
_ZN9__gnu_cxx12__pool_allocIwEC1ERKS1_
_ZN9__gnu_cxx12__pool_allocIwEC1Ev
_ZN9__gnu_cxx12__pool_allocIwEC2ERKS1_
_ZN9__gnu_cxx12__pool_allocIwEC2Ev
_ZN9__gnu_cxx12__pool_allocIwED1Ev
_ZN9__gnu_cxx12__pool_allocIwED2Ev
_ZN9__gnu_cxx13__scoped_lockD1Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEE2fdEv
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEE4fileEv
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEE4swapERS3_
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC1EP6_iobufSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC1EiSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC1Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC2EP6_iobufSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC2EiSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC2Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEED0Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEED1Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEED2Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEE2fdEv
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEE4fileEv
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEE4swapERS3_
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC1EP6_iobufSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC1EiSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC1Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC2EP6_iobufSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC2EiSt13_Ios_Openmodej
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC2Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEED0Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEED1Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEED2Ev
_ZN9__gnu_cxx15__concat_size_tEPcjj
_ZN9__gnu_cxx15__snprintf_liteEPcjPKcS0_
_ZN9__gnu_cxx16bitmap_allocatorIcE10deallocateEPcj
_ZN9__gnu_cxx16bitmap_allocatorIcE13_S_block_sizeE
_ZN9__gnu_cxx16bitmap_allocatorIcE13_S_mem_blocksE
_ZN9__gnu_cxx16bitmap_allocatorIcE14_S_refill_poolEv
_ZN9__gnu_cxx16bitmap_allocatorIcE15_S_last_requestE
_ZN9__gnu_cxx16bitmap_allocatorIcE21_S_last_dealloc_indexE
_ZN9__gnu_cxx16bitmap_allocatorIcE25_M_allocate_single_objectEv
_ZN9__gnu_cxx16bitmap_allocatorIcE27_M_deallocate_single_objectEPc
_ZN9__gnu_cxx16bitmap_allocatorIcE6_S_mutE
_ZN9__gnu_cxx16bitmap_allocatorIcE7destroyEPc
_ZN9__gnu_cxx16bitmap_allocatorIcE8allocateEj
_ZN9__gnu_cxx16bitmap_allocatorIcE8allocateEjPKv
_ZN9__gnu_cxx16bitmap_allocatorIcE9constructEPcRKc
_ZN9__gnu_cxx16bitmap_allocatorIcEC1ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIcEC1Ev
_ZN9__gnu_cxx16bitmap_allocatorIcEC2ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIcEC2Ev
_ZN9__gnu_cxx16bitmap_allocatorIcED1Ev
_ZN9__gnu_cxx16bitmap_allocatorIcED2Ev
_ZN9__gnu_cxx16bitmap_allocatorIwE10deallocateEPwj
_ZN9__gnu_cxx16bitmap_allocatorIwE13_S_block_sizeE
_ZN9__gnu_cxx16bitmap_allocatorIwE13_S_mem_blocksE
_ZN9__gnu_cxx16bitmap_allocatorIwE14_S_refill_poolEv
_ZN9__gnu_cxx16bitmap_allocatorIwE15_S_last_requestE
_ZN9__gnu_cxx16bitmap_allocatorIwE21_S_last_dealloc_indexE
_ZN9__gnu_cxx16bitmap_allocatorIwE25_M_allocate_single_objectEv
_ZN9__gnu_cxx16bitmap_allocatorIwE27_M_deallocate_single_objectEPw
_ZN9__gnu_cxx16bitmap_allocatorIwE6_S_mutE
_ZN9__gnu_cxx16bitmap_allocatorIwE7destroyEPw
_ZN9__gnu_cxx16bitmap_allocatorIwE8allocateEj
_ZN9__gnu_cxx16bitmap_allocatorIwE8allocateEjPKv
_ZN9__gnu_cxx16bitmap_allocatorIwE9constructEPwRKw
_ZN9__gnu_cxx16bitmap_allocatorIwEC1ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIwEC1Ev
_ZN9__gnu_cxx16bitmap_allocatorIwEC2ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIwEC2Ev
_ZN9__gnu_cxx16bitmap_allocatorIwED1Ev
_ZN9__gnu_cxx16bitmap_allocatorIwED2Ev
_ZN9__gnu_cxx17__pool_alloc_base11_S_end_freeE
_ZN9__gnu_cxx17__pool_alloc_base12_M_get_mutexEv
_ZN9__gnu_cxx17__pool_alloc_base12_S_free_listE
_ZN9__gnu_cxx17__pool_alloc_base12_S_heap_sizeE
_ZN9__gnu_cxx17__pool_alloc_base13_S_start_freeE
_ZN9__gnu_cxx17__pool_alloc_base16_M_get_free_listEj
_ZN9__gnu_cxx17__pool_alloc_base17_M_allocate_chunkEjRi
_ZN9__gnu_cxx17__pool_alloc_base9_M_refillEj
_ZN9__gnu_cxx18__common_pool_baseINS_6__poolELb1EE13_S_initializeEv
_ZN9__gnu_cxx18__exchange_and_addEPVii
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE4fileEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE4swapERS3_
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE4syncEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE5uflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE6xsgetnEPci
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE6xsputnEPKci
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE7seekoffExSt12_Ios_SeekdirSt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE7seekposESt4fposIiESt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE8overflowEi
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE9pbackfailEi
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE9underflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC1EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC1EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC2EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC2EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEED0Ev
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEED1Ev
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEaSEOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE4fileEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE4swapERS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE4syncEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE5uflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE6xsgetnEPwi
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE6xsputnEPKwi
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE7seekoffExSt12_Ios_SeekdirSt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE7seekposESt4fposIiESt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE8overflowEt
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE9pbackfailEt
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE9underflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC1EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC1EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC2EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC2EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEED0Ev
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEED1Ev
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEaSEOS3_
_ZN9__gnu_cxx19__function_requiresINS_19_ConvertibleConceptIjjEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPKcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPKwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_22_OutputIteratorConceptISt19ostreambuf_iteratorIcSt11char_traitsIcEEcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_22_OutputIteratorConceptISt19ostreambuf_iteratorIwSt11char_traitsIwEEwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIPcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIPwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIiEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIjEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIlEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIxEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPKcSsEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPKwSbIwSt11char_traitsIwESaIwEEEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPcSsEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPwSbIwSt11char_traitsIwESaIwEEEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPKcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPKwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPwEEEEvv
_ZN9__gnu_cxx20recursive_init_errorD0Ev
_ZN9__gnu_cxx20recursive_init_errorD1Ev
_ZN9__gnu_cxx20recursive_init_errorD2Ev
_ZN9__gnu_cxx24__concurrence_lock_errorD0Ev
_ZN9__gnu_cxx24__concurrence_lock_errorD1Ev
_ZN9__gnu_cxx24__concurrence_wait_errorD0Ev
_ZN9__gnu_cxx24__concurrence_wait_errorD1Ev
_ZN9__gnu_cxx26__aux_require_boolean_exprIbEEvRKT_
_ZN9__gnu_cxx26__concurrence_unlock_errorD0Ev
_ZN9__gnu_cxx26__concurrence_unlock_errorD1Ev
_ZN9__gnu_cxx26__throw_insufficient_spaceEPKcS1_
_ZN9__gnu_cxx27__verbose_terminate_handlerEv
_ZN9__gnu_cxx29__concurrence_broadcast_errorD0Ev
_ZN9__gnu_cxx29__concurrence_broadcast_errorD1Ev
_ZN9__gnu_cxx30__throw_concurrence_lock_errorEv
_ZN9__gnu_cxx32__throw_concurrence_unlock_errorEv
_ZN9__gnu_cxx35__throw_concurrence_broadcast_errorEv
_ZN9__gnu_cxx4ropeIcSaIcEE10_S_min_lenE
_ZN9__gnu_cxx4ropeIcSaIcEE8_S_fetchEPNS_13_Rope_RopeRepIcS1_EEj
_ZN9__gnu_cxx4ropeIwSaIwEE10_S_min_lenE
_ZN9__gnu_cxx4ropeIwSaIwEE8_S_fetchEPNS_13_Rope_RopeRepIwS1_EEj
_ZN9__gnu_cxx6__poolILb0EE10_M_destroyEv
_ZN9__gnu_cxx6__poolILb0EE13_M_initializeEv
_ZN9__gnu_cxx6__poolILb0EE16_M_reclaim_blockEPcj
_ZN9__gnu_cxx6__poolILb0EE16_M_reserve_blockEjj
_ZN9__gnu_cxx6__poolILb1EE10_M_destroyEv
_ZN9__gnu_cxx6__poolILb1EE13_M_initializeEPFvPvE
_ZN9__gnu_cxx6__poolILb1EE13_M_initializeEv
_ZN9__gnu_cxx6__poolILb1EE16_M_get_thread_idEv
_ZN9__gnu_cxx6__poolILb1EE16_M_reclaim_blockEPcj
_ZN9__gnu_cxx6__poolILb1EE16_M_reserve_blockEjj
_ZN9__gnu_cxx6__poolILb1EE21_M_destroy_thread_keyEPv
_ZN9__gnu_cxx8__detail13__lower_boundIPPjjNS_9free_list19_LT_pointer_compareEEET_S6_S6_RKT0_T1_
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE10deallocateEPS2_j
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE5clearEv
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE5eraseEPS2_
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE6insertEPS2_RKS2_
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE8allocateEj
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE8pop_backEv
_ZN9__gnu_cxx8__detail13__mini_vectorIPjE9push_backERKS2_
_ZN9__gnu_cxx8__detail13__mini_vectorIPjEC1Ev
_ZN9__gnu_cxx8__detail13__mini_vectorIPjEC2Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE10deallocateEPS7_j
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE5clearEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE5eraseEPS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE6insertEPS7_RKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE8allocateEj
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE8pop_backEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE9push_backERKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EEC1Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EEC2Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE10deallocateEPS7_j
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE5clearEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE5eraseEPS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE6insertEPS7_RKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE8allocateEj
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE8pop_backEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE9push_backERKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EEC1Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EEC2Ev
_ZN9__gnu_cxx9__freeresEv
_ZN9__gnu_cxx9free_list6_M_getEj
_ZN9__gnu_cxx9free_list8_M_clearEv
_ZN9__gnu_cxxeqIPKcNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEEbRKNS_17__normal_iteratorIT_T0_EESE_
_ZN9__gnu_cxxeqIPKcSsEEbRKNS_17__normal_iteratorIT_T0_EES8_
_ZN9__gnu_cxxeqIPKwNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEEEEbRKNS_17__normal_iteratorIT_T0_EESE_
_ZN9__gnu_cxxeqIPKwSbIwSt11char_traitsIwESaIwEEEEbRKNS_17__normal_iteratorIT_T0_EESC_
_ZN9__gnu_cxxeqIPcNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEEbRKNS_17__normal_iteratorIT_T0_EESD_
_ZN9__gnu_cxxeqIPcSsEEbRKNS_17__normal_iteratorIT_T0_EES7_
_ZN9__gnu_cxxeqIPwNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEEEEbRKNS_17__normal_iteratorIT_T0_EESD_
_ZN9__gnu_cxxeqIPwSbIwSt11char_traitsIwESaIwEEEEbRKNS_17__normal_iteratorIT_T0_EESB_
_ZNK10__cxxabiv117__class_type_info10__do_catchEPKSt9type_infoPPvj
_ZNK10__cxxabiv117__class_type_info11__do_upcastEPKS0_PKvRNS0_15__upcast_resultE
_ZNK10__cxxabiv117__class_type_info11__do_upcastEPKS0_PPv
_ZNK10__cxxabiv117__class_type_info12__do_dyncastEiNS0_10__sub_kindEPKS0_PKvS3_S5_RNS0_16__dyncast_resultE
_ZNK10__cxxabiv117__class_type_info20__do_find_public_srcEiPKvPKS0_S2_
_ZNK10__cxxabiv117__pbase_type_info10__do_catchEPKSt9type_infoPPvj
_ZNK10__cxxabiv117__pbase_type_info15__pointer_catchEPKS0_PPvj
_ZNK10__cxxabiv119__pointer_type_info14__is_pointer_pEv
_ZNK10__cxxabiv119__pointer_type_info15__pointer_catchEPKNS_17__pbase_type_infoEPPvj
_ZNK10__cxxabiv120__function_type_info15__is_function_pEv
_ZNK10__cxxabiv120__si_class_type_info11__do_upcastEPKNS_17__class_type_infoEPKvRNS1_15__upcast_resultE
_ZNK10__cxxabiv120__si_class_type_info12__do_dyncastEiNS_17__class_type_info10__sub_kindEPKS1_PKvS4_S6_RNS1_16__dyncast_resultE
_ZNK10__cxxabiv120__si_class_type_info20__do_find_public_srcEiPKvPKNS_17__class_type_infoES2_
_ZNK10__cxxabiv121__vmi_class_type_info11__do_upcastEPKNS_17__class_type_infoEPKvRNS1_15__upcast_resultE
_ZNK10__cxxabiv121__vmi_class_type_info12__do_dyncastEiNS_17__class_type_info10__sub_kindEPKS1_PKvS4_S6_RNS1_16__dyncast_resultE
_ZNK10__cxxabiv121__vmi_class_type_info20__do_find_public_srcEiPKvPKNS_17__class_type_infoES2_
_ZNK10__cxxabiv129__pointer_to_member_type_info15__pointer_catchEPKNS_17__pbase_type_infoEPPvj
_ZNK11__gnu_debug16_Error_formatter10_M_messageENS_13_Debug_msg_idE
_ZNK11__gnu_debug16_Error_formatter10_Parameter14_M_print_fieldEPKS0_PKc
_ZNK11__gnu_debug16_Error_formatter10_Parameter20_M_print_descriptionEPKS0_
_ZNK11__gnu_debug16_Error_formatter13_M_print_wordEPKc
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIPKcEEvPciS3_T_
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIPKvEEvPciPKcT_
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIjEEvPciPKcT_
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIlEEvPciPKcT_
_ZNK11__gnu_debug16_Error_formatter15_M_print_stringEPKc
_ZNK11__gnu_debug16_Error_formatter17_M_get_max_lengthEv
_ZNK11__gnu_debug16_Error_formatter8_M_errorEv
_ZNK11__gnu_debug19_Safe_iterator_base11_M_singularEv
_ZNK11__gnu_debug19_Safe_iterator_base14_M_can_compareERKS0_
_ZNK11__gnu_debug25_Safe_local_iterator_base16_M_get_containerEv
_ZNK9__gnu_cxx12__pool_allocIcE7addressERKc
_ZNK9__gnu_cxx12__pool_allocIcE7addressERc
_ZNK9__gnu_cxx12__pool_allocIcE8max_sizeEv
_ZNK9__gnu_cxx12__pool_allocIwE7addressERKw
_ZNK9__gnu_cxx12__pool_allocIwE7addressERw
_ZNK9__gnu_cxx12__pool_allocIwE8max_sizeEv
_ZNK9__gnu_cxx16bitmap_allocatorIcE7addressERKc
_ZNK9__gnu_cxx16bitmap_allocatorIcE7addressERc
_ZNK9__gnu_cxx16bitmap_allocatorIcE8max_sizeEv
_ZNK9__gnu_cxx16bitmap_allocatorIwE7addressERKw
_ZNK9__gnu_cxx16bitmap_allocatorIwE7addressERw
_ZNK9__gnu_cxx16bitmap_allocatorIwE8max_sizeEv
_ZNK9__gnu_cxx24__concurrence_lock_error4whatEv
_ZNK9__gnu_cxx24__concurrence_wait_error4whatEv
_ZNK9__gnu_cxx26__concurrence_unlock_error4whatEv
_ZNK9__gnu_cxx29__concurrence_broadcast_error4whatEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPjE13_M_space_leftEv

Sections

.text
Size: 208KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 44KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 350KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
File/libwinpthread-1.dll
.dll windows:4 windows x86 arch:x86

fc24104becbbff1210c7fd71e49c8b5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
__dllonexit
__mb_cur_max
_amsg_exit
_beginthreadex
_endthreadex
_errno
_ftime
_initterm
_iob
_lock
_onexit
_setjmp3
_unlock
abort
calloc
exit
fprintf
fputc
free
getenv
localeconv
longjmp
malloc
memcpy
memmove
memset
printf
realloc
strerror
strlen
strncmp
wcslen

Exports

Exports

__pth_gpointer_locked
__pthread_clock_nanosleep
_pthread_cleanup_dest
_pthread_get_state
_pthread_invoke_cancel
_pthread_key_dest
_pthread_rel_time_in_ms
_pthread_set_state
_pthread_time_in_ms
_pthread_time_in_ms_from_timespec
_pthread_tryjoin
clock_getres
clock_gettime
clock_nanosleep
clock_settime
nanosleep
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getclock
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setclock
pthread_condattr_setpshared
pthread_create
pthread_create_wrapper
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_get_concurrency
pthread_getclean
pthread_getconcurrency
pthread_getevent
pthread_gethandle
pthread_getschedparam
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getprioceiling
pthread_mutexattr_getprotocol
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setprioceiling
pthread_mutexattr_setprotocol
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_set_concurrency
pthread_set_num_processors_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_tls_init
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/metina_1.exe
.exe windows:5 windows x86 arch:x86

c3ad27fe52f12a0befd0ef8bf1e8bf9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\fanisukagejak69\norucivakiho\gafeci.pdb

Imports

kernel32

GetFileSize
SetPriorityClass
WriteConsoleInputW
lstrlenA
GetConsoleAliasesLengthW
CallNamedPipeA
GetModuleHandleExW
SetVolumeMountPointW
GetComputerNameW
OpenSemaphoreA
FindFirstFileExW
CreateDirectoryExA
CallNamedPipeW
EnumTimeFormatsA
FindActCtxSectionStringA
TlsSetValue
ActivateActCtx
FindResourceExA
AddRefActCtx
LoadLibraryW
ReadConsoleInputA
GetVersionExW
GetFileAttributesA
DnsHostnameToComputerNameW
SetConsoleMode
VerifyVersionInfoA
WriteConsoleW
WritePrivateProfileSectionW
IsDBCSLeadByte
CompareStringW
SetThreadPriority
SetConsoleTitleA
ReleaseActCtx
SetCurrentDirectoryA
GetStdHandle
FillConsoleOutputCharacterW
OpenMutexW
GetHandleInformation
GetLastError
GetThreadLocale
ReadConsoleOutputCharacterA
GetProcessHeaps
MoveFileW
SetStdHandle
LoadLibraryA
LocalAlloc
SetFileApisToANSI
WriteProfileSectionW
SetConsoleWindowInfo
AddAtomA
FindAtomA
GetPrivateProfileSectionNamesA
WTSGetActiveConsoleSessionId
DebugSetProcessKillOnExit
ContinueDebugEvent
EnumResourceNamesA
BuildCommDCBA
VirtualProtect
CompareStringA
GetCurrentThreadId
SetProcessShutdownParameters
GetVersionExA
LocalSize
GetWindowsDirectoryW
AddConsoleAliasA
OpenFileMappingA
GlobalReAlloc
CommConfigDialogW
GetVolumeInformationW
CloseHandle
CreateFileW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
MultiByteToWideChar
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
HeapValidate
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsFree
SetLastError
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW
IsProcessorFeaturePresent
HeapAlloc
GetModuleFileNameA
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
LCMapStringW
GetStringTypeW
FlushFileBuffers

user32

GetComboBoxInfo
GetListBoxInfo

Sections

.text
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/metina_2.exe
.exe windows:5 windows x86 arch:x86

c3ad27fe52f12a0befd0ef8bf1e8bf9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\revogowevayel62_pujom_ritumucigiyi yapijex.pdb

Imports

kernel32

GetFileSize
SetPriorityClass
WriteConsoleInputW
lstrlenA
GetConsoleAliasesLengthW
CallNamedPipeA
GetModuleHandleExW
SetVolumeMountPointW
GetComputerNameW
OpenSemaphoreA
FindFirstFileExW
CreateDirectoryExA
CallNamedPipeW
EnumTimeFormatsA
FindActCtxSectionStringA
TlsSetValue
ActivateActCtx
FindResourceExA
AddRefActCtx
LoadLibraryW
ReadConsoleInputA
GetVersionExW
GetFileAttributesA
DnsHostnameToComputerNameW
SetConsoleMode
VerifyVersionInfoA
WriteConsoleW
WritePrivateProfileSectionW
IsDBCSLeadByte
CompareStringW
SetThreadPriority
SetConsoleTitleA
ReleaseActCtx
SetCurrentDirectoryA
GetStdHandle
FillConsoleOutputCharacterW
OpenMutexW
GetHandleInformation
GetLastError
GetThreadLocale
ReadConsoleOutputCharacterA
GetProcessHeaps
MoveFileW
SetStdHandle
LoadLibraryA
LocalAlloc
SetFileApisToANSI
WriteProfileSectionW
SetConsoleWindowInfo
AddAtomA
FindAtomA
GetPrivateProfileSectionNamesA
WTSGetActiveConsoleSessionId
DebugSetProcessKillOnExit
ContinueDebugEvent
EnumResourceNamesA
BuildCommDCBA
VirtualProtect
CompareStringA
GetCurrentThreadId
SetProcessShutdownParameters
GetVersionExA
LocalSize
GetWindowsDirectoryW
AddConsoleAliasA
OpenFileMappingA
GlobalReAlloc
CommConfigDialogW
GetVolumeInformationW
CloseHandle
CreateFileW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
MultiByteToWideChar
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
HeapValidate
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
WriteFile
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsFree
SetLastError
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
OutputDebugStringA
OutputDebugStringW
IsProcessorFeaturePresent
HeapAlloc
GetModuleFileNameA
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
LCMapStringW
GetStringTypeW
FlushFileBuffers

user32

GetComboBoxInfo
GetListBoxInfo

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/metina_3.exe
.exe windows:4 windows x86 arch:x86

3de737560d80707fbf000766309e79f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetConsoleWindow
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
GetCPInfo
GetStringTypeW

user32

wsprintfW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
File/metina_4.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
File/metina_5.exe
.exe windows:6 windows x86 arch:x86

2d61767a66f97802f04479dc222ea0b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\workspace\workspace_c\GjOGoOIgHJEwh52iJ_20\Release\GjOGoOIgHJEwh52iJ_20.pdb

Imports

kernel32

LocalFree
SizeofResource
GetLastError
LockResource
LoadResource
FindResourceW
WinExec
WriteConsoleW
FormatMessageW
Sleep
GetTempPathA
lstrlenW
HeapSize
CreateFileW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
HeapReAlloc
HeapFree
HeapAlloc
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
DeleteFileW
ReadFile
ReadConsoleW
SetEndOfFile

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegCloseKey

winhttp

WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpAddRequestHeaders
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser

Sections

.text
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 454KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/metina_6.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/metina_7.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Test\Desktop\PPI Marketing Tools\Loader\obj\Release\Loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
File/setup_installer.bat
File/xiuhuali.exe
.exe windows:4 windows x86 arch:x86

04c91ffb7b3c471e2b02a26a1e5b1d48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetStartupInfoA
GetCommandLineA
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCurrentProcess
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
ExitProcess
GetModuleFileNameW
SetFilePointer
ReadFile
CreateFileW
WriteFile
CloseHandle
GetFileAttributesW
CreateDirectoryW
FreeEnvironmentStringsW
GetLastError

user32

CopyRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
LoadStringA
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
CharNextW
wsprintfW
GetWindowPlacement
UnregisterClassA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
SetMapMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetStockObject
SelectObject
RestoreDC
SaveDC
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteExW

comctl32

ord17

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

Password: 123

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

0d:19:16:e8:2e:52:7f:d8Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

45:e2:c1:b6:ba:7a:03:eb:1a:2f:cb:4f:d1:a8:ed:51:7b:8c:a5:ea:14:36:a2:eb:45:68:51:31:a9:38:74:23Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 291KB - Virtual size: 290KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 512B - Virtual size: 12B

Password: 123

d5dd97af588db149eb9c6641a9b57887

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 272B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

Password: 123

5dbcbed365563713c1a9bb2780528a54

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 7KB - Virtual size: 46KB

.rsrc Size: 94KB - Virtual size: 93KB

Password: 123

0e0b1327b851d652046461e0a8be7593

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

winhttp

crypt32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 239KB - Virtual size: 239KB

.data Size: 46KB - Virtual size: 60KB

.pdata Size: 47KB - Virtual size: 47KB

_RDATA Size: 512B - Virtual size: 148B

0d:19:16:e8:2e:52:7f:d8
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

45:e2:c1:b6:ba:7a:03:eb:1a:2f:cb:4f:d1:a8:ed:51:7b:8c:a5:ea:14:36:a2:eb:45:68:51:31:a9:38:74:23
Signer

.text
Size: 291KB - Virtual size: 290KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 272B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 7KB - Virtual size: 46KB

.rsrc
Size: 94KB - Virtual size: 93KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 239KB - Virtual size: 239KB

.data
Size: 46KB - Virtual size: 60KB

.pdata
Size: 47KB - Virtual size: 47KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 1024B - Virtual size: 572B

.reloc
Size: 9KB - Virtual size: 9KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 133KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 9KB - Virtual size: 48KB

.rsrc
Size: 145KB - Virtual size: 144KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 298KB - Virtual size: 297KB

.reloc
Size: 5KB - Virtual size: 5KB