Static task
static1
Behavioral task
behavioral1
Sample
0eac5ff2edf681411290aae807cddcc5_JaffaCakes118.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
0eac5ff2edf681411290aae807cddcc5_JaffaCakes118.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
0eac5ff2edf681411290aae807cddcc5_JaffaCakes118
-
Size
1.0MB
-
MD5
0eac5ff2edf681411290aae807cddcc5
-
SHA1
5bf2fc00198874561cb7715a9da1ab613d745fb0
-
SHA256
e2afe4fbb790de65bc421b81cd5df04db9c2f22274d534765d89f0b07db51831
-
SHA512
b32d27d665f85a42c6c55910e7f626e855d86c45eeed8b308ce06fca63b4abc38d3635ac8571b3c982ad1ac4cd7940bdf26588beaeb02cb98a9828a0ba5fc442
-
SSDEEP
24576:JC4ho0IfNsbL6d9teXM2RN+xoQSoeL+gyvm50esLoMLMZTio3:T20gNsbL6d9tB2/+5SoeLz5GLHLkio3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0eac5ff2edf681411290aae807cddcc5_JaffaCakes118
Files
-
0eac5ff2edf681411290aae807cddcc5_JaffaCakes118.exe windows:5 windows x86 arch:x86
14569b0754254c629e8b80538df99f06
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
recv
send
connect
WSAAsyncGetHostByName
getpeername
ntohs
getsockname
WSACancelAsyncRequest
WSAAsyncSelect
inet_ntoa
gethostbyname
socket
WSASendTo
WSAHtons
bind
WSAIoctl
WSARecv
WSASend
WSAGetLastError
htons
WSASetLastError
inet_addr
ntohl
htonl
WSAStartup
closesocket
WSADuplicateSocketW
gethostname
setsockopt
recvfrom
WSARecvFrom
sendto
WSACleanup
WSASocketW
xlfsio
XLFS_MountDir
XLFS_UnMount
XLFS_WriteFile
XLFS_ReadFile
XLFS_CacheGC
XLFS_IsEOF
XLFS_OpenFile
XLFS_Init
XLFS_CloseFile
xlluaruntime
XLLRT_GetEnv
XLLRT_GetRuntime
lua_gettop
XLLRT_ReleaseRunTime
luaL_unref
XLLRT_GetLuaState
lua_tolstring
lua_pushboolean
lua_pushnumber
XLLRT_RegisterGlobalObj
luaL_argerror
lua_pushvalue
luaL_checktype
lua_objlen
lua_pushlightuserdata
XLLRT_RunChunk
XLLRT_CreateChunkFromFile
luaL_checkudata
XLLRT_DebugLogsPopNextLog
lua_tonumber
lua_pushnil
lua_getfield
XLLRT_ErrorHandle
XLLRT_DebugInit
XLLRT_CreateChunkFromModule
XLLRT_PrepareChunk
XLLRT_LuaCall
luaL_ref
lua_pushstring
XLLRT_ReleaseChunk
XLLRT_ReleaseEnv
lua_gc
lua_pushinteger
lua_settop
luaL_checklstring
XLLRT_PushXLObject
luaL_checkinteger
lua_isnumber
lua_createtable
lua_setfield
lua_pushlstring
luaL_register
lua_newuserdata
lua_setmetatable
lua_getmetatable
lua_rawequal
luaL_typerror
lua_isuserdata
luaL_checknumber
lua_touserdata
lua_toboolean
lua_type
lua_isstring
lua_tointeger
XLLRT_RegisterClass
lua_gettable
lua_pcall
lua_rawgeti
lua_insert
XLLRT_RemoveGlobalObj
XLLRT_IsGlobalObjRegistered
lua_settable
lua_rawseti
lua_next
xlgraphic
XL_CreateBitmap
XL_SetFreeTypeEnabled
XL_InitGraphicLib
XL_PrepareGraphicParam
XL_StatObject
XL_LoadBitmapFromFile
XL_PaintBitmap
XL_GetBitmapInfo
XL_ReleaseBitmap
XL_GetBitmapBuffer
xlue
XLUE_PushBitmap
XLUE_GC
XLUE_InitLoader
XLUE_SetTextObjectDefaultTextType
XLUE_LoadXAR
XLUE_GetHostWndByID
XLUE_GetHostWndWindowHandle
XLUE_CheckBitmap
XLUE_AsynLoadXAR
XLUE_IsXARLoaded
shlwapi
UrlIsW
UrlHashW
UrlGetPartW
UrlGetLocationW
UrlEscapeW
UrlCreateFromPathW
UrlCompareW
UrlCombineW
UrlCanonicalizeW
UrlApplySchemeW
PathUnquoteSpacesW
PathUnmakeSystemFolderW
PathUnExpandEnvStringsW
PathUndecorateW
PathStripToRootW
PathStripPathW
PathSkipRootW
PathSetDlgItemPathW
PathSearchAndQualifyW
PathRenameExtensionW
PathRemoveExtensionW
PathRemoveBlanksW
PathRemoveBackslashW
PathRemoveArgsW
PathRelativePathToW
PathQuoteSpacesW
PathParseIconLocationW
PathMatchSpecW
PathMakeSystemFolderW
PathMakePrettyW
PathIsURLW
UrlIsNoHistoryW
PathIsUNCServerW
PathIsUNCW
PathIsSystemFolderW
PathIsSameRootW
PathCombineW
PathRemoveFileSpecW
PathIsDirectoryW
PathIsRootW
PathIsRelativeW
PathIsPrefixW
PathIsNetworkPathW
PathIsLFNFileSpecW
PathIsFileSpecW
PathIsDirectoryEmptyW
PathIsContentTypeW
PathGetDriveNumberW
PathGetArgsW
PathFindSuffixArrayW
PathFindOnPathW
PathFindNextComponentW
PathCreateFromUrlW
PathCompactPathExW
PathCompactPathW
PathCommonPrefixW
PathCanonicalizeW
PathBuildRootW
PathAddExtensionW
PathAddBackslashW
UrlIsOpaqueW
UrlUnescapeW
SHStrDupW
AssocQueryStringW
StrCmpLogicalW
StrCpyW
wnsprintfW
SHDeleteKeyW
StrCpyNW
StrCatW
PathAppendW
PathFindExtensionW
StrStrW
StrCmpIW
PathFileExistsA
StrCmpNIW
PathFindFileNameW
PathFileExistsW
PathFindFileNameA
SHGetValueW
StrStrIW
PathIsUNCServerShareW
psapi
GetModuleFileNameExW
EnumProcessModules
GetProcessMemoryInfo
EmptyWorkingSet
GetModuleInformation
GetModuleBaseNameW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
downloadkernel
XL_DKLH_RegisterToEnv
XL_DKLH_GetDownloadKernel
libexpat
ord47
ord34
ord3
ord35
ord53
ord50
ord25
ord21
ord16
ord36
ord48
ord11
ord52
ord20
ord49
ord38
ord27
ord28
ord46
ord26
ord44
ord63
ord12
ord2
ord10
xlusers
ord1
basecommunity
ord1
xlgraphicplus
XLGP_ConvertDDBToXLBitmap
XLGP_PushBitmap
XLGP_ReleaseIcon
XLGP_LoadIconFromFileExt
XLGP_LoadIconFromFile
XLGP_LoadIconFromModuleFile
XLGP_CheckBitmap
XLGP_PrepareGraphicPlusParam
XLGP_InitGraphicPlus
XLGP_RegisterLuaHost
XLGP_PushIcon
zlib1
crc32
uncompress
inflate
get_crc_table
inflateInit2_
deflateInit2_
inflateEnd
deflateEnd
compress
xlstat4
XLSTAT4_Uninit
XLSTAT4_RegisterClass
XLSTAT4_StartOnlineStat
XLSTAT4_InitParam
XLSTAT4_PrepareParam
XLSTAT4_TrackEvent
imm32
ImmDisableIME
kernel32
GetEnvironmentVariableW
GetSystemDefaultLangID
GetFileTime
GetShortPathNameW
GetLongPathNameW
Module32FirstW
QueryPerformanceFrequency
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
SetFileAttributesW
RemoveDirectoryW
GetLogicalDriveStringsW
GetDriveTypeW
GetModuleHandleW
GetProcAddress
GetCurrentThread
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
OutputDebugStringW
OutputDebugStringA
GetFullPathNameW
InterlockedExchange
GetVolumeInformationW
MultiByteToWideChar
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
LeaveCriticalSection
RaiseException
EnterCriticalSection
DeleteCriticalSection
CloseHandle
GetTempPathW
GetCurrentProcess
InitializeCriticalSection
OpenEventW
SetEvent
GetCurrentThreadId
GetSystemTime
SystemTimeToFileTime
GetProcessTimes
VirtualQuery
InterlockedCompareExchange
VirtualProtect
ResumeThread
FlushInstructionCache
SetThreadContext
GetThreadContext
VirtualFree
SuspendThread
VirtualAlloc
SetLastError
WideCharToMultiByte
LocalFree
TerminateProcess
CreateEventW
WaitForSingleObject
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
GetDiskFreeSpaceExW
GetTickCount
lstrcpyW
lstrlenW
CreateFileA
DeviceIoControl
GlobalMemoryStatusEx
Sleep
GetPriorityClass
GetThreadPriority
SetPriorityClass
SetThreadPriority
SetThreadExecutionState
GetPrivateProfileStringW
GetLocalTime
GetCurrentProcessId
GetProcessId
CreateMutexW
ReleaseMutex
WaitForMultipleObjects
GlobalLock
GlobalUnlock
lstrcmpW
lstrcpynW
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
OpenMutexW
SetDllDirectoryW
OpenFileMappingW
MapViewOfFile
CreateFileW
GetFileSize
DuplicateHandle
CopyFileW
FileTimeToSystemTime
FormatMessageW
FreeLibrary
LocalLock
GlobalAddAtomA
GlobalDeleteAtom
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetExitCodeThread
WriteFile
ReadFile
GetSystemInfo
GetPrivateProfileIntW
WritePrivateProfileStringW
GetVersionExW
LocalAlloc
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
GetVersion
TerminateThread
CreateThread
GetSystemDirectoryW
ResetEvent
GetWindowsDirectoryW
GetWindowsDirectoryA
FindFirstFileA
GetModuleHandleA
SetUnhandledExceptionFilter
SetErrorMode
VirtualQueryEx
GetThreadSelectorEntry
ReadProcessMemory
SetCurrentDirectoryW
GetCurrentDirectoryW
GetExitCodeProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
GetVolumeInformationA
GetSystemDirectoryA
GetModuleFileNameA
IsBadCodePtr
lstrcatA
CreateDirectoryA
GetFileAttributesA
lstrcpyA
GetVersionExA
GlobalAlloc
MoveFileW
SetFileTime
lstrcatW
GetFileAttributesW
CreateDirectoryW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GlobalAddAtomW
GetTempFileNameA
CreatePipe
IsBadReadPtr
lstrcmpiA
lstrcmpiW
GetTempFileNameW
CreateProcessW
lstrlenA
user32
IntersectRect
DispatchMessageW
GetCursorPos
SetClipboardData
EmptyClipboard
TranslateMessage
EnumWindows
GetMonitorInfoW
MonitorFromPoint
PeekMessageW
PostThreadMessageW
ExitWindowsEx
GetAncestor
LockWorkStation
IsWindowVisible
GetAsyncKeyState
SystemParametersInfoW
PostQuitMessage
GetIconInfo
CreateIconIndirect
GetDC
IsIconic
CloseWindow
PtInRect
ReleaseDC
GetWindowDC
GetWindowPlacement
GetLastInputInfo
UnregisterClassA
SendMessageTimeoutA
SendMessageTimeoutW
RegisterClassExW
GetClassInfoExW
LoadCursorW
LoadStringW
GetTopWindow
DrawIconEx
FillRect
DrawTextW
GetWindowRect
PostMessageW
SendMessageW
GetDesktopWindow
ShowWindow
CreateWindowExW
GetWindowTextW
SetDlgItemTextW
DefWindowProcW
DestroyWindow
SetWindowLongW
RegisterWindowMessageW
wsprintfA
FindWindowW
GetMessageW
WindowFromPoint
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW
MessageBoxW
LoadImageW
GetSystemMetrics
SetTimer
KillTimer
OpenClipboard
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
GetClipboardOwner
GetClassNameW
GetWindowThreadProcessId
IsWindow
SetClipboardViewer
ChangeClipboardChain
GetWindowLongW
CallWindowProcW
DestroyIcon
GetActiveWindow
GetWindow
SetWindowPos
wsprintfW
InSendMessage
GetForegroundWindow
GetClientRect
ClientToScreen
RegisterHotKey
GetKeyState
UnregisterHotKey
CopyRect
EnumThreadWindows
RegisterClipboardFormatW
gdi32
GetObjectW
SetStretchBltMode
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
SetDIBColorTable
GetDIBColorTable
StretchBlt
CreateDIBSection
CreateCompatibleDC
DeleteDC
DeleteObject
SelectObject
Rectangle
CreateFontW
GetStockObject
MoveToEx
LineTo
SetBkMode
SetDCBrushColor
SetDCPenColor
TextOutW
GetDIBits
PatBlt
CreateBitmap
EnumFontFamiliesExW
CreateDCW
GetTextExtentPoint32W
SetTextColor
advapi32
CloseServiceHandle
InitializeSecurityDescriptor
StartServiceW
RegCreateKeyW
OpenServiceW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
CopySid
GetLengthSid
IsValidSid
OpenSCManagerW
RegSetValueExW
RegSetKeySecurity
RegQueryMultipleValuesW
RegQueryInfoKeyW
RegGetKeySecurity
RegNotifyChangeKeyValue
RegSaveKeyExW
RegSaveKeyW
RegUnLoadKeyW
RegLoadKeyW
RegFlushKey
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegOpenUserClassesRoot
RegOpenCurrentUser
RegOpenKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
GetSecurityDescriptorControl
GetSecurityDescriptorLength
EqualSid
InitializeAcl
AddAce
GetAclInformation
GetAce
MakeSelfRelativeSD
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
SetSecurityDescriptorDacl
shell32
ShellExecuteW
SHGetFileInfoW
ExtractIconW
ShellExecuteExW
CommandLineToArgvW
Shell_NotifyIconW
ord165
SHGetFolderPathW
SHCreateDirectoryExW
SHFileOperationW
ord74
SHBrowseForFolderW
SHChangeNotify
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHOpenFolderAndSelectItems
SHGetDesktopFolder
DragQueryFileW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
ole32
ReleaseStgMedium
DoDragDrop
CLSIDFromString
CoCreateInstance
CoInitialize
CLSIDFromProgID
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity
OleUninitialize
CoTaskMemFree
CoInitializeEx
OleInitialize
oleaut32
VarBstrCmp
SysAllocStringLen
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SysStringLen
VariantChangeType
VariantInit
VariantCopy
msvcp90
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0strstreambuf@std@@QAE@PBDH@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??1strstreambuf@std@@UAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??0locale@std@@QAE@PBDH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIPB_W@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIABV12@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?_Incref@facet@locale@std@@QAEXXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??1locale@std@@QAE@XZ
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
atl90
ord30
ord23
ord61
ord64
msimg32
AlphaBlend
TransparentBlt
msvcr90
isalnum
wcsrchr
wcstok_s
_wcsnicmp
_wcsupr_s
iswspace
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_ltow_s
printf
_itoa_s
_snprintf
fwrite
wcsncpy
_i64toa
_atoi64
_itoa
strncpy
__CxxFrameHandler3
_CxxThrowException
ldiv
wcslen
strlen
wcscmp
_itow_s
sscanf
atoi
wcscpy_s
clock
_resetstkoflw
wcschr
memcmp
strcpy
wcscpy
realloc
strncpy_s
strcmp
_time64
_vswprintf_c_l
atol
fopen
fgetc
isalpha
isdigit
_localtime64
wcsftime
_ultoa
isprint
isspace
_errno
memmove
abs
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
__RTDynamicCast
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_stricmp
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_strdup
_swprintf
swscanf
ferror
_gmtime64
strftime
_wstat64i32
_strnicmp
strncmp
_ultow
_ui64toa
_ui64tow
_localtime64_s
wcsncat
_wrename
_wsetlocale
wcscoll
wcsncmp
_filelength
wcsspn
wcscspn
towlower
ftell
fseek
_fileno
toupper
fwprintf
getc
fgetwc
_CIsqrt
_configthreadlocale
??3@YAXPAX@Z
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
memcpy_s
memmove_s
free
_strlwr
_wcslwr
_wfopen
feof
fread
fclose
calloc
_recalloc
_purecall
swprintf_s
wcsncpy_s
sprintf_s
??_V@YAXPAX@Z
memset
memcpy
malloc
tolower
wcsnlen
srand
rand
strcpy_s
_wtoi64
sprintf
_wtoi
_beginthreadex
_snwprintf
_itow
__wargv
_vswprintf
_wcsicmp
wcsstr
_vsnwprintf_s
_vscwprintf
vswprintf_s
_vscprintf
vsprintf_s
strstr
_endthreadex
setlocale
wcstombs
wtsapi32
WTSRegisterSessionNotification
crypt32
CertCloseStore
CertFindCertificateInStore
CertGetNameStringW
CryptMsgClose
CryptMsgGetParam
CryptQueryObject
wininet
InternetReadFile
InternetOpenW
InternetCloseHandle
InternetOpenUrlA
InternetOpenUrlW
InternetOpenA
iphlpapi
IcmpCreateFile
IcmpSendEcho
IcmpCloseHandle
GetAdaptersInfo
powrprof
SetSuspendState
dnsapi
DnsQueryConfig
imagehlp
CheckSumMappedFile
ImageNtHeader
mini_unzip_dll
mini_unzip_dll
gdiplus
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImageWidth
GdipDrawImageI
GdipDrawImageRectRectI
winmm
PlaySoundW
sensapi
IsNetworkAlive
comdlg32
GetSaveFileNameW
GetOpenFileNameW
comctl32
ImageList_Draw
ImageList_GetIconSize
Sections
.text Size: 775KB - Virtual size: 776KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 236KB - Virtual size: 236KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 308KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ