d:\dbs\el\dec\target\x64\ship\click2run\x-none\OfficeC2RClient.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
fd2fea1e95a336d6e810eee5ab375ca3_JaffaCakes118.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
fd2fea1e95a336d6e810eee5ab375ca3_JaffaCakes118.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
fd2fea1e95a336d6e810eee5ab375ca3_JaffaCakes118
-
Size
23.8MB
-
MD5
fd2fea1e95a336d6e810eee5ab375ca3
-
SHA1
31788f26df1904ea4c02776e99a7e13ea7a92ae5
-
SHA256
017e08a538a7520a2b415546f8edb19bb1829721ef1f01a4d33893f8d63b1d25
-
SHA512
41bf7003a8aca8eaa5cbeac973d1d24498906556165f4c352a90214d1ce4a11875e090cb41a52942f7d4a47bca71708438d447756b8bfd5aba597c1f145bb0a0
-
SSDEEP
196608:adTcqIAetaseae7GUgdRUFuQPwf9Y3omTburPM9:alcqIzwseARU2fAo6Sg
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fd2fea1e95a336d6e810eee5ab375ca3_JaffaCakes118
Files
-
fd2fea1e95a336d6e810eee5ab375ca3_JaffaCakes118.exe windows:6 windows x64 arch:x64
8e1790160d9e7976838c8d448d494750
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
advapi32
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
EventWriteTransfer
EventRegister
EventUnregister
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteTreeW
RegDeleteKeyW
RegGetValueW
RegDeleteValueW
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegNotifyChangeKeyValue
RevertToSelf
EventWrite
OpenThreadToken
GetLengthSid
CopySid
InitializeAcl
AddAccessAllowedAce
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
ConvertSidToStringSidA
CheckTokenMembership
CreateWellKnownSid
EqualSid
CredWriteW
ImpersonateLoggedOnUser
OpenSCManagerW
CloseServiceHandle
OpenServiceW
QueryServiceStatusEx
QueryServiceConfigW
StartServiceW
ControlService
EnumDependentServicesW
DeleteService
CreateServiceW
ChangeServiceConfig2W
ChangeServiceConfigW
SetServiceObjectSecurity
RegEnumValueA
RegDeleteValueA
RegGetValueA
RegOpenKeyExA
IsTextUnicode
RegSetKeyValueW
EventProviderEnabled
GetNamedSecurityInfoW
SetEntriesInAclW
SetNamedSecurityInfoW
GetAclInformation
GetAce
CredEnumerateW
CredDeleteW
CredFree
RegQueryValueExA
gdi32
InvertRgn
GetCharABCWidthsFloatW
SetROP2
GetRandomRgn
GetCharWidthI
GetOutlineTextMetricsW
Escape
GdiComment
SetTextAlign
GetMapMode
PtVisible
FillRgn
SetTextCharacterExtra
StartDocW
EndPage
GetROP2
UnrealizeObject
SetWorldTransform
DeleteObject
CreateDIBSection
CreateDIBitmap
SetDIBits
CreateBitmap
EnumObjects
GetGlyphOutlineW
GetFontData
GetTextFaceW
GetTextCharsetInfo
RectVisible
GetDIBColorTable
GetTextExtentPoint32W
SetDIBitsToDevice
SetLayout
GetViewportOrgEx
CreateRectRgnIndirect
SetPixel
OffsetClipRgn
GetRgnBox
Rectangle
SetDCPenColor
CreateFontW
GetTextColor
GetBkColor
RoundRect
Ellipse
SetDCBrushColor
GetStockObject
Polygon
CreatePolygonRgn
GetWindowExtEx
GetViewportExtEx
PatBlt
LineTo
MoveToEx
CreatePen
TextOutW
SelectClipRgn
GetLayout
GetTextMetricsW
SetMapMode
ExtTextOutW
OffsetRgn
CombineRgn
SetRectRgn
EqualRgn
SetDIBColorTable
CreateRectRgn
GdiFlush
GetCurrentObject
RestoreDC
SaveDC
StretchDIBits
BitBlt
IntersectClipRect
GetClipRgn
GetClipBox
PtInRegion
ExcludeClipRect
SetBkMode
SetTextColor
CreatePatternBrush
GetDIBits
SetBrushOrgEx
SetStretchBltMode
GetBrushOrgEx
RealizePalette
SelectPalette
CreateHalftonePalette
CreateSolidBrush
CreateCompatibleBitmap
SetBkColor
StretchBlt
DeleteDC
GetPixel
SelectObject
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
GetMetaRgn
GetRegionData
SetMapperFlags
PolyPolygon
ExtEscape
GetBoundsRect
GetTextAlign
GetSystemPaletteEntries
PolyTextOutW
ColorCorrectPalette
SetPolyFillMode
SetBitmapDimensionEx
CheckColorsInGamut
GetWindowOrgEx
MaskBlt
GetTextExtentExPointA
GetDeviceGammaRamp
ExtFloodFill
AnimatePalette
SelectClipPath
GetDCBrushColor
GetNearestPaletteIndex
ResizePalette
RectInRegion
GetTextExtentExPointI
GetCharABCWidthsW
SetColorAdjustment
GetGlyphIndicesW
GetTextExtentPointI
SetICMProfileW
GetFontLanguageInfo
GetTextCharset
SetSystemPaletteUse
UpdateColors
GetCharWidth32W
PaintRgn
Chord
PlgBlt
GetPaletteEntries
SetICMMode
EndDoc
GetStretchBltMode
GetBitmapDimensionEx
GetCharWidthFloatW
GetColorAdjustment
EnumICMProfilesW
SetMetaRgn
GetCharacterPlacementW
GetTextCharacterExtra
FrameRgn
EnumFontFamiliesExW
GetAspectRatioFilterEx
GetTextExtentExPointW
GetDCOrgEx
SetBoundsRect
GetLogColorSpaceW
GetBkMode
GetKerningPairsW
GetDCPenColor
GetTextExtentPoint32A
SetDeviceGammaRamp
StartPage
Pie
ExtTextOutA
GetFontUnicodeRanges
GetICMProfileW
GetSystemPaletteUse
SetTextJustification
SetPaletteEntries
DrawEscape
ExtSelectClipRgn
ColorMatchToTarget
GetPolyFillMode
CancelDC
GetNearestColor
GetObjectType
SetAbortProc
DeleteColorSpace
ResetDCW
CreateEllipticRgn
CreatePenIndirect
CreatePalette
ExtCreatePen
ExtCreateRegion
CreatePolyPolygonRgn
CreateDIBPatternBrushPt
CreateRoundRectRgn
CreateEllipticRgnIndirect
CreateHatchBrush
CreateColorSpaceW
CreateBrushIndirect
CreateBitmapIndirect
CreateICW
SetColorSpace
CreateFontIndirectA
TranslateCharsetInfo
CreateDCW
SetWindowOrgEx
SetViewportOrgEx
GetDeviceCaps
GetCharWidthW
GetTextExtentPointW
AbortDoc
GetCharABCWidthsI
kernel32
GlobalUnlock
LCIDToLocaleName
K32GetProcessMemoryInfo
GetPhysicallyInstalledSystemMemory
GetProductInfo
SwitchToThread
GetThreadLocale
DeleteFileA
GetTempPathA
FindFirstFileW
lstrcmpW
FlushViewOfFile
GetFullPathNameW
GetPriorityClass
GetExitCodeProcess
K32EnumProcesses
K32EnumProcessModulesEx
ProcessIdToSessionId
GetNumberFormatW
GetTimeZoneInformation
IsValidLocale
GetLocaleInfoEx
GetLocaleInfoW
ResolveLocaleName
GetUserPreferredUILanguages
GetACP
GetSystemDefaultLCID
EnumSystemLocalesEx
GetSystemDefaultLocaleName
GetDateFormatEx
GetCalendarInfoEx
GetThreadUILanguage
GetUserGeoID
GetGeoInfoW
SetWaitableTimer
AreFileApisANSI
HeapCreate
GetDiskFreeSpaceW
InitializeCriticalSection
GetFullPathNameA
UnlockFileEx
OpenFileMappingA
HeapSize
GlobalLock
GetFileAttributesA
HeapReAlloc
HeapCompact
HeapDestroy
LockFileEx
CreateSemaphoreA
GetSystemDefaultLangID
OpenSemaphoreA
CreateMutexA
OpenMutexA
CreateEventA
OpenEventA
VirtualAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WerRegisterFile
EncodePointer
IsDBCSLeadByte
GetLocalTime
GetModuleHandleA
RtlCaptureContext
OutputDebugStringW
QueryUnbiasedInterruptTime
IsSystemResumeAutomatic
GetSystemPowerStatus
CreateMemoryResourceNotification
GetStartupInfoW
WaitForMultipleObjects
IsDebuggerPresent
GetQueuedCompletionStatus
GetCurrentThread
GetThreadIOPendingFlag
PostQueuedCompletionStatus
CreateIoCompletionPort
IsProcessorFeaturePresent
QueryFullProcessImageNameW
WerUnregisterMemoryBlock
WerRegisterMemoryBlock
GetTickCount
LockResource
GlobalAlloc
GlobalFree
GetSystemInfo
VirtualProtectEx
QueryPerformanceFrequency
QueryPerformanceCounter
LCMapStringEx
LocalAlloc
GetDiskFreeSpaceA
TlsSetValue
FlsSetValue
TlsGetValue
FlsGetValue
TlsFree
TlsAlloc
CancelWaitableTimer
SetWaitableTimerEx
CreateWaitableTimerW
GetLogicalProcessorInformationEx
GetProcessAffinityMask
GetLongPathNameW
GetEnvironmentVariableW
CompareStringOrdinal
GetFileInformationByHandleEx
SetFileInformationByHandle
CompareStringEx
GetTempFileNameW
MoveFileExW
LockFile
UnlockFile
SetFilePointer
CreateFileMappingW
CopyFileW
GetFileType
OpenMutexW
HeapAlloc
GetNativeSystemInfo
GetLogicalProcessorInformation
FormatMessageA
FormatMessageW
MulDiv
GetComputerNameW
CreateFileW
GetDiskFreeSpaceExW
GetVersionExW
GlobalMemoryStatusEx
GetStringTypeW
OpenEventW
OpenProcess
LoadResource
SizeofResource
FindResourceW
CreateProcessW
K32GetModuleFileNameExW
GetShortPathNameA
GetModuleFileNameA
GetProcessTimes
FindNextFileW
GetTempPathW
RemoveDirectoryW
GetFileAttributesW
GetSystemDirectoryW
CreateDirectoryW
GetFileAttributesExW
CancelIoEx
FlushFileBuffers
GetOverlappedResult
DeviceIoControl
SetFilePointerEx
WriteFile
IsWow64Process
SetEndOfFile
GetFileSizeEx
ReadFile
GetCPInfoExW
IsValidCodePage
GetUserDefaultLocaleName
WideCharToMultiByte
CompareFileTime
TzSpecificLocalTimeToSystemTime
GetSystemTimeAsFileTime
RtlCaptureStackBackTrace
InterlockedPopEntrySList
InterlockedPushEntrySList
InitializeSListHead
TryEnterCriticalSection
QueryDepthSList
WaitForSingleObject
SubmitThreadpoolWork
CreateThreadpoolWork
CreateThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
CloseThreadpoolWait
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CloseThreadpoolTimer
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
CreateEventW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
LoadLibraryExA
InitializeSRWLock
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreExW
ReleaseMutex
CreateMutexExW
WaitForMultipleObjectsEx
WaitForSingleObjectEx
LoadLibraryA
GetUserDefaultLCID
GetStringTypeExW
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
UnmapViewOfFile
SetFileAttributesW
DeleteFileW
GetExitCodeThread
OpenThread
GetTickCount64
ResetEvent
Sleep
GetCurrentThreadId
CreateThread
SystemTimeToFileTime
GetSystemTime
LocalFree
ExpandEnvironmentStringsA
GetTimeFormatEx
GlobalFindAtomW
GetAtomNameW
AddAtomW
DeleteAtom
FindAtomW
GetAtomNameA
InitializeCriticalSectionAndSpinCount
InterlockedFlushSList
GlobalAddAtomW
GlobalDeleteAtom
GetCurrencyFormatW
GlobalSize
CreateTimerQueueTimer
DeleteTimerQueueTimer
K32GetProcessImageFileNameW
SetThreadPriority
WerRegisterRuntimeExceptionModule
ReleaseActCtx
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery
SetEvent
CreateEventExW
FindClose
FindFirstFileExW
SetErrorMode
GetModuleHandleW
GetProcAddress
GetCurrentProcess
GetLastError
LoadLibraryExW
FreeLibrary
TerminateProcess
LocaleNameToLCID
ExpandEnvironmentStringsW
CreateMutexW
GetCurrentProcessId
HeapFree
GetProcessHeap
CloseHandle
GetTimeFormatW
FileTimeToSystemTime
GetDriveTypeW
OutputDebugStringA
QueryActCtxW
GetModuleHandleExW
GetModuleFileNameW
CreateActCtxW
FindActCtxSectionStringW
LoadLibraryW
ActivateActCtx
DeactivateActCtx
SetLastError
RaiseException
MultiByteToWideChar
FlsAlloc
FlsFree
VerifyVersionInfoW
VerSetConditionMask
DeleteCriticalSection
InitializeCriticalSectionEx
HeapValidate
ole32
CoRevokeInitializeSpy
CoRegisterInitializeSpy
CoCreateFreeThreadedMarshaler
IIDFromString
CreateStreamOnHGlobal
CoCreateInstance
CoSetProxyBlanket
StringFromCLSID
CoTaskMemFree
CoTaskMemAlloc
GetConvertStg
ReadClassStg
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromString
StringFromGUID2
CoCreateGuid
PropVariantClear
CoInitializeEx
CoUninitialize
WriteFmtUserTypeStg
CoInitialize
CoGetTreatAsClass
CoCancelCall
CoDisableCallCancellation
OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
CoDisconnectObject
OleDraw
CoLockObjectExternal
CreateFileMoniker
OleSetClipboard
OleFlushClipboard
OleGetClipboard
ReleaseStgMedium
CoEnableCallCancellation
oleaut32
VarDecFromI4
SysAllocStringLen
SysStringByteLen
VarR4FromDec
VarDecRound
VarDecSu
VarDecAdd
VarDecMul
VariantTimeToSystemTime
VarDecFromR8
VarDecInt
VarDecDiv
SafeArrayPutElement
VarR8FromDec
OleCreateFontIndirect
SafeArrayCreateVector
SafeArrayLock
SafeArrayCreate
SafeArrayDestroy
VarCmp
VariantCopy
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayAccessData
VariantChangeType
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SysAllocString
SysFreeString
VariantChangeTypeEx
VarDecFromR4
VariantClear
VariantInit
VarDecCmp
SysStringLen
wtsapi32
WTSRegisterSessionNotificationEx
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
WTSUnRegisterSessionNotificationEx
cabinet
ord13
ord14
iphlpapi
GetAdaptersInfo
rpcrt4
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcStringFreeW
RpcBindingSetAuthInfoW
RpcBindingFree
RpcMgmtIsServerListening
setupapi
SetupIterateCabinetW
wer
WerReportAddDump
WerReportCloseHandle
WerReportCreate
WerReportSubmit
WerReportSetParameter
wintrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
apiclient
?ModifyOfficeProducts@@YAJV?$shared_ptr@VORpcClient@@@std@@PEB_W1111KH@Z
?QueueUpdateEx@@YAJV?$shared_ptr@VORpcClient@@@std@@PEB_WK@Z
?QueueUpdateOnlyApply@@YAJV?$shared_ptr@VORpcClient@@@std@@PEB_W@Z
?GetPipelineTotalMegabytes@@YAJV?$shared_ptr@VORpcClient@@@std@@PEAK@Z
?GetPipelineStreamedMegabytes@@YAJV?$shared_ptr@VORpcClient@@@std@@PEAK@Z
?GetClickToRunData@@YAJV?$shared_ptr@VORpcClient@@@std@@HPEB_WPEA_WK@Z
vcruntime140
__std_exception_destroy
_purecall
__std_type_info_compare
__std_exception_copy
__CxxFrameHandler3
__C_specific_handler
__RTtypeid
__std_type_info_name
__std_terminate
__C_specific_handler_noexcept
wcsrchr
__RTDynamicCast
memchr
memcmp
_CxxThrowException
wcschr
wcsstr
strchr
strstr
memset
memcpy
memmove
_set_se_translator
msvcp140
?_Syserror_map@std@@YAPEBDH@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_current_owns
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_timedwait
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$collate@_W@std@@2V0locale@2@A
_Wcsxfrm
_Wcscoll
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?toupper@?$ctype@_W@std@@QEBA_W_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@F@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?tellp@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Random_device@std@@YAIXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
_Mtx_trylock
_Cnd_wait
_Cnd_signal
_Cnd_do_broadcast_at_thread_exit
_Cnd_destroy
_Mtx_init
_Thrd_start
_Mtx_destroy
_Cnd_init
_Thrd_join
_Thrd_detach
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?_Winerror_map@std@@YAHH@Z
?_Winerror_message@std@@YAKKPEADK@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?uncaught_exceptions@std@@YAHXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAG@Z
?ignore@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JG@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_XGetLastError@std@@YAXXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
_Thrd_id
_Thrd_yield
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
_Xtime_get_ticks
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Query_perf_frequency
_Query_perf_counter
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?classic@locale@std@@SAAEBV12@XZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
?_Xbad_function_call@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?exceptions@ios_base@std@@QEAAXH@Z
?narrow@?$ctype@D@std@@QEBADDD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?widen@?$ctype@D@std@@QEBADD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uncaught_exception@std@@YA_NXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
_Thrd_sleep
?id@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?get@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEB_W4@Z
?_Xout_of_range@std@@YAXPEBD@Z
api-ms-win-crt-heap-l1-1-0
_msize
_set_new_mode
realloc
free
malloc
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsnprintf_s
__stdio_common_vswscanf
_wfopen_s
fclose
__stdio_common_vswprintf
__stdio_common_vsprintf_s
__acrt_iob_func
__stdio_common_vsprintf
_set_fmode
__stdio_common_vsscanf
fgets
fputs
fwrite
fflush
__p__commode
__stdio_common_vsnwprintf_s
fopen_s
__stdio_common_vfwprintf_s
__stdio_common_vswprintf_s
__stdio_common_vfprintf
api-ms-win-crt-runtime-l1-1-0
_set_app_type
_invalid_parameter_noinfo_noreturn
_seh_filter_exe
_register_onexit_function
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_configure_wide_argv
_resetstkoflw
_invalid_parameter_noinfo
_errno
_crt_atexit
_beginthreadex
_endthreadex
_exit
exit
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
abort
_clearfp
terminate
_initterm_e
_initialize_onexit_table
api-ms-win-crt-string-l1-1-0
towlower
strncpy_s
strcpy_s
iswalpha
strcat_s
isupper
_wcsicmp
tolower
strcmp
wcsnlen
strnlen
_stricmp
strpbrk
strncat_s
wcscmp
isalpha
wcsncat_s
wcscat_s
strcoll
isxdigit
iscntrl
isspace
ispunct
isdigit
islower
toupper
wcsncpy_s
towupper
isalnum
iswspace
wcscpy_s
wcsncmp
_towupper_l
wmemcpy_s
strncmp
strcspn
wcstok_s
_wcsnicmp
api-ms-win-crt-convert-l1-1-0
wcstof
_wtof
wcstombs_s
_itow_s
_wtoi
strtoull
_ultow_s
wcstol
strtoul
_ui64toa_s
_wtoi64
strtod
strtoll
_ui64tow_s
wcstod
_wcstoui64
_wcstoi64
wcstoll
_wtol
wcstoul
mbstowcs_s
wcstoull
strtol
_i64tow_s
api-ms-win-crt-math-l1-1-0
round
_dsign
_dtest
log2
roundf
_finite
_isnan
modf
ldexp
frexp
acos
_fdtest
asin
atan
atan2
ceil
ceilf
cos
cosf
cosh
exp
expf
floor
floorf
fmod
fmodf
log
log10
logf
pow
powf
sin
sinf
sinh
sqrt
trunc
sqrtf
tan
__setusermatherr
tanh
api-ms-win-crt-time-l1-1-0
_localtime64_s
wcsftime
_difftime64
_mktime64
_time64
_gmtime64_s
api-ms-win-crt-locale-l1-1-0
localeconv
__initialize_lconv_for_unsigned_char
_create_locale
_configthreadlocale
api-ms-win-crt-utility-l1-1-0
qsort
rand_s
bsearch
srand
rand
api-ms-win-crt-filesystem-l1-1-0
_wsplitpath_s
_wmakepath_s
hlink
ord8
ord26
ord25
msimg32
AlphaBlend
GradientFill
Sections
.text Size: 11.0MB - Virtual size: 11.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7.9MB - Virtual size: 7.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 663KB - Virtual size: 678KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 480KB - Virtual size: 479KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 616KB - Virtual size: 956KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ