D:\BonreeClient\Trunk\brbuild\Release\PDB\BonreeMonitor.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0151904c9e373286a383f4281abf946a_JaffaCakes118.exe
Resource
win7-20240419-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
0151904c9e373286a383f4281abf946a_JaffaCakes118.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
0151904c9e373286a383f4281abf946a_JaffaCakes118
-
Size
3.9MB
-
MD5
0151904c9e373286a383f4281abf946a
-
SHA1
19fb6f7ebb7c51e7507a9311766b316bd8650f86
-
SHA256
106538ff200610fde4d6a4aafda2a400250c3cd663983372a04aa82499955b9f
-
SHA512
1aeba5db9cbb10867a55182f1e640d58e3ba123859d1b970cda8fcec9c057654c787a6075ad221f38d6b398798a985b5d15768a6674af4e4657a84582bb1f1f0
-
SSDEEP
98304:AB8q7j7Ciw54GCtOeMIRz+i+/eSAhHNPd:AB8q73rzz+xmS+D
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0151904c9e373286a383f4281abf946a_JaffaCakes118
Files
-
0151904c9e373286a383f4281abf946a_JaffaCakes118.exe windows:5 windows x86 arch:x86
8b9bbc5b1c5055e75135675005df8506
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
brbase
?Snapshot@ProcessIterator@base@@QAE?AV?$list@UProcessEntry@base@@V?$allocator@UProcessEntry@base@@@std@@@std@@XZ
??1ProcessIterator@base@@UAE@XZ
??0ProcessIterator@base@@QAE@PBVProcessFilter@1@@Z
?KillProcess@base@@YA_NPAXH_N@Z
?UintToString@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?CreateIntegerValue@Value@base@@SAPAVFundamentalValue@2@H@Z
?Set@DictionaryValue@base@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVValue@2@@Z
?Append@FilePath@base@@QBE?AV12@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?DirName@FilePath@base@@QBE?AV12@XZ
??4FilePath@base@@QAEAAV01@ABV01@@Z
?BaseName@FilePath@base@@QBE?AV12@XZ
?Get@PathService@@SA_NHPAVFilePath@base@@@Z
??0FilePath@base@@QAE@XZ
??0LogMessage@logging@@QAE@PBDHHPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?WriteString@Pickle@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Uint64ToString@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
?SysNativeMBToWide@base@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@@Z
??0LogMessage@logging@@QAE@PBDHH@Z
??1LogMessage@logging@@QAE@XZ
?IsStringUTF8@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SysWideToNativeMB@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z
??0LockImpl@internal@base@@QAE@XZ
??1LockImpl@internal@base@@QAE@XZ
?Lock@LockImpl@internal@base@@QAEXXZ
?Unlock@LockImpl@internal@base@@QAEXXZ
?SysWideToUTF8@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z
?Release@RefCountedThreadSafeBase@subtle@base@@IBE_NXZ
?GetDictionary@DictionaryValue@base@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPAV12@@Z
?Read@JSONReader@base@@SAPAVValue@2@ABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@Z
?GetDictionary@ListValue@base@@QAE_NIPAPAVDictionaryValue@2@@Z
?GetString@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV34@@Z
?IntToString@base@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?Init@CommandLine@@SA_NHPBQBD@Z
?EnableTerminationOnHeapCorruption@base@@YAXXZ
?EnableTerminationOnOutOfMemory@base@@YAXXZ
??0AtExitManager@base@@QAE@XZ
??1AtExitManager@base@@QAE@XZ
??1CallbackBase@internal@base@@IAE@XZ
??1Pickle@@UAE@XZ
??0Thread@base@@QAE@PBD@Z
?PostTask@MessageLoop@base@@QAEXABVLocation@tracked_objects@@ABV?$Callback@$$A6AXXZ@2@@Z
??0Location@tracked_objects@@QAE@PBD0HPBX@Z
?GetProgramCounter@tracked_objects@@YAPBXXZ
??1RefCountedThreadSafeBase@subtle@base@@IAE@XZ
??0RefCountedThreadSafeBase@subtle@base@@IAE@XZ
??0CallbackBase@internal@base@@IAE@PAVBindStateBase@12@@Z
?GetInstance@TraceLog@debug@base@@SAPAV123@XZ
?WriteBytes@Pickle@@QAE_NPBXH@Z
??0Pickle@@QAE@PBDH@Z
??0Pickle@@QAE@ABV0@@Z
??0Pickle@@QAE@H@Z
?HasKey@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Base64Decode@base@@YA_NABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ReplaceSubstringsAfterOffset@@YAXPAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IABV12@1@Z
?AddTraceEventWithThreadIdAndTimestamp@TraceLog@debug@base@@QAEXDPBEPBD_KHABVTimeTicks@3@HPAPBD0PB_KE@Z
?NowFromSystemTraceTime@TimeTicks@base@@SA?AV12@XZ
?CurrentId@PlatformThread@base@@SAKXZ
??0ThreadCheckerImpl@base@@QAE@XZ
??1WeakPtrBase@internal@base@@QAE@XZ
??0WeakReferenceOwner@internal@base@@QAE@XZ
??1WeakReferenceOwner@internal@base@@QAE@XZ
??0WeakPtrBase@internal@base@@IAE@ABVWeakReference@12@@Z
??1ThreadCheckerImpl@base@@QAE@XZ
?is_valid@WeakReference@internal@base@@QBE_NXZ
??6@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AAV01@PB_W@Z
?GetMinLogLevel@logging@@YAHXZ
?CalledOnValidThread@ThreadCheckerImpl@base@@QBE_NXZ
??1WeakReference@internal@base@@QAE@XZ
?GetRef@WeakReferenceOwner@internal@base@@QBE?AVWeakReference@23@XZ
?StringToInt@base@@YA_NABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@PAH@Z
?WaitForIOCompletion@MessageLoopForIO@base@@QAE_NKPAVIOHandler@MessagePumpForIO@2@@Z
?Now@Time@base@@SA?AV12@XZ
?GetCategoryGroupEnabled@TraceLog@debug@base@@SAPBEPBD@Z
?RegisterIOHandler@MessageLoopForIO@base@@QAEXPAXPAVIOHandler@MessagePumpForIO@2@@Z
?AddTraceEvent@TraceLog@debug@base@@QAEXDPBEPBD_KHPAPBD0PB_KE@Z
?FindNext@Pickle@@KAPBDIPBD0@Z
?StartWithOptions@Thread@base@@QAE_NABUOptions@12@@Z
?IsRunning@Thread@base@@QBE_NXZ
?ReplaceSubstringsAfterOffset@@YAXPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IABV12@1@Z
??0PickleIterator@@QAE@ABVPickle@@@Z
?ReadInt@PickleIterator@@QAE_NPAH@Z
?ReadUInt64@PickleIterator@@QAE_NPA_K@Z
?ReadString@PickleIterator@@QAE_NPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ForCurrentProcess@CommandLine@@SAPAV1@XZ
?HasSwitch@CommandLine@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetSwitchValueASCII@CommandLine@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?PathExists@file_util@@YA_NABVFilePath@base@@@Z
?ReadFileToString@file_util@@YA_NABVFilePath@base@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SysUTF8ToWide@base@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@@Z
??0FilePath@base@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??1FilePath@base@@QAE@XZ
?AddRef@RefCountedThreadSafeBase@subtle@base@@IBEXXZ
?Stop@Thread@base@@QAEXXZ
?current@MessageLoop@base@@SAPAV12@XZ
?GetList@DictionaryValue@base@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPAVListValue@2@@Z
?StringToUint64@base@@YA_NABV?$BasicStringPiece@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1@PA_K@Z
?GetInteger@DictionaryValue@base@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
hook
?brs_HttpLocalTestName@HttpSwitch@bonree@@3V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@A
?brs_HttpLocalTest@HttpSwitch@bonree@@3_NA
?brs_ShowWindow@bonree@@3_NA
HttpDetoursDetach
HttpDetoursAttach
GetNavigationStartTime
SetElementsFilter
SetHttpHook
SetModifyHost
SetIEMode
HttpHook_Release
SetModHttpHeader
SetRemoveGzipFlag
SetIgnoreSSLCertificate
SetExtendMethod
IsAsyncEle
SetUserAgent
SetAddBrGuid
HttpHook_Init
SetMaxSpeed
?UpdataSwitch@HttpSwitch@bonree@@YAXXZ
kernel32
CreateEventA
HeapFree
GetSystemTimeAsFileTime
InterlockedExchange
SetLastError
QueueUserAPC
InterlockedExchangeAdd
GlobalMemoryStatusEx
PostQueuedCompletionStatus
WaitForMultipleObjects
CreateIoCompletionPort
CreateWaitableTimerW
TlsAlloc
TlsFree
CreateProcessW
GetCurrentThread
GetLocalTime
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
CreateFileA
GetVersionExW
GetSystemDirectoryA
lstrcmpiA
GlobalFree
GetFileAttributesA
RemoveDirectoryA
GetFileSize
lstrcatA
FileTimeToSystemTime
SystemTimeToFileTime
SetThreadAffinityMask
GetFileInformationByHandle
SetFilePointer
ReadFile
CreateFileW
MapViewOfFile
WriteFile
UnmapViewOfFile
GetCurrentDirectoryW
FreeResource
ExitProcess
HeapAlloc
DosDateTimeToFileTime
GetFileType
DuplicateHandle
MulDiv
CreateThread
CreateSemaphoreA
ReleaseMutex
CreateMutexA
GetModuleFileNameW
TerminateProcess
CreateProcessA
OpenProcess
GetTickCount
GetModuleHandleW
InterlockedCompareExchange
CreateNamedPipeW
CancelIo
ConnectNamedPipe
SuspendThread
VirtualProtect
VirtualAlloc
FlushInstructionCache
VirtualFree
VirtualQuery
SetThreadContext
GetThreadContext
ResumeThread
ResetEvent
OpenEventA
ReleaseSemaphore
FormatMessageA
LCMapStringW
LCMapStringA
GetStringTypeExW
GetStringTypeExA
GetUserDefaultLCID
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
DecodePointer
EncodePointer
LocalFree
HeapSize
HeapReAlloc
HeapDestroy
GetProcessHeap
TerminateThread
TlsSetValue
GetProcessTimes
GetSystemTimes
SleepEx
QueryPerformanceCounter
GetCurrentProcess
GetNativeSystemInfo
lstrcmpA
LoadLibraryW
FreeLibrary
GlobalAlloc
InterlockedDecrement
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateEventW
LoadLibraryA
EnterCriticalSection
GetProcAddress
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
MultiByteToWideChar
GetCommandLineA
SetUnhandledExceptionFilter
SetErrorMode
lstrlenA
GetCurrentProcessId
CloseHandle
GetLastError
lstrlenW
Sleep
WideCharToMultiByte
WaitForSingleObject
GetQueuedCompletionStatus
InterlockedIncrement
SetWaitableTimer
TlsGetValue
lstrcpyA
GetTempPathA
WinExec
GetCurrentThreadId
QueryPerformanceFrequency
CreateToolhelp32Snapshot
FindNextFileA
Process32NextW
GetModuleFileNameA
Process32FirstW
FindClose
GetTempFileNameA
FindFirstFileA
GetStartupInfoA
SetCurrentDirectoryA
CreateDirectoryA
GetNamedPipeInfo
RaiseException
CreateFileMappingA
InitializeCriticalSection
IsProcessorFeaturePresent
user32
IsRectEmpty
InvalidateRect
MoveWindow
GetSystemMetrics
SetWindowLongW
GetWindowLongW
EnumWindows
MapWindowPoints
GetCursorPos
GetFocus
SetTimer
KillTimer
SetCapture
ReleaseCapture
PtInRect
OffsetRect
InflateRect
wvsprintfW
ReleaseDC
CharNextW
IntersectRect
CreateCaret
ShowCaret
HideCaret
SetCaretPos
ClientToScreen
GetSysColor
FillRect
DrawTextW
SetRect
GetDC
GetUpdateRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
GetKeyState
SetWindowRgn
ScreenToClient
IsZoomed
IsIconic
CreateAcceleratorTableW
UpdateWindow
DestroyWindow
PostQuitMessage
SendMessageW
MessageBoxW
BeginPaint
SetCursor
TrackPopupMenu
AppendMenuW
CreatePopupMenu
DestroyMenu
MapVirtualKeyW
PeekMessageW
PostThreadMessageW
UnhookWindowsHookEx
IsWindowVisible
LoadStringW
LoadStringA
GetWindowThreadProcessId
GetDlgCtrlID
IsWindow
SendMessageTimeoutA
GetWindowTextA
FindWindowExA
GetParent
PostMessageW
GetDesktopWindow
DefWindowProcW
CreateWindowExW
ShowWindow
GetWindow
EnableWindow
GetMessageW
SetFocus
TranslateMessage
DispatchMessageW
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
SetWindowPos
LoadImageW
LoadCursorW
RegisterClassW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
SetPropW
GetPropW
GetClientRect
EndPaint
gdi32
DeleteDC
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
DeleteObject
CreateRoundRectRgn
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
CreateDIBSection
StretchBlt
SetStretchBltMode
SetBkColor
SaveDC
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
SetBkMode
CreateCompatibleDC
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
GetObjectA
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
GetTextMetricsW
GetDeviceCaps
SelectClipRgn
SetWinMetaFileBits
SelectPalette
RealizePalette
SetEnhMetaFileBits
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries
CreatePalette
GetEnhMetaFileHeader
CreateCompatibleBitmap
SetTextColor
SelectObject
GetPixel
SetPixel
SetDIBColorTable
GetDIBits
DeleteEnhMetaFile
ExtTextOutW
GetClipBox
advapi32
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
shell32
ShellExecuteA
SHGetSpecialFolderPathA
ShellExecuteW
SHGetFolderPathA
ole32
CoUninitialize
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
CLSIDFromString
oleaut32
VariantClear
VariantInit
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
msvcp100
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
??1facet@locale@std@@UAE@XZ
??0facet@locale@std@@IAE@I@Z
_Mbrtowc
?classic@locale@std@@SAABV12@XZ
?id@?$numpunct@_W@std@@2V0locale@2@A
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_BADOFF@std@@3_JB
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?toupper@?$ctype@_W@std@@QBE_W_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
?id@?$ctype@D@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?toupper@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
??1_Container_base12@std@@QAE@XZ
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?endl@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@AAV21@@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?id@?$numpunct@D@std@@2V0locale@2@A
shlwapi
ord156
PathIsDirectoryEmptyA
PathAppendA
StrStrIA
PathFindExtensionW
comctl32
ord17
_TrackMouseEvent
gdiplus
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateLineBrushI
GdipDeleteBrush
GdipFree
GdipAlloc
GdipGetImageWidth
GdipBitmapLockBits
GdipGetImagePaletteSize
GdiplusShutdown
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImageHeight
GdipCloneImage
GdipSaveImageToFile
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageEncodersSize
GdipCloneBrush
GdipDrawString
GdipCreateBitmapFromFile
GdiplusStartup
winmm
timeSetEvent
waveOutSetVolume
timeKillEvent
timeGetDevCaps
msvcr100
_recalloc
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_onexit
_lock
__dllonexit
__CxxLongjmpUnwind
_setjmp3
_CIcos
_CIsin
_CIatan
_CIfmod
_CIasin
_CItan
_CIsqrt
_CIexp
_CIlog
_CIatan2
floor
_CIpow
_fdopen
_getpid
_fileno
_ltoa
_ultoa
_close
_unlink
getc
feof
_mktemp
_setmode
bsearch
_lseek
longjmp
strncat
system
atof
islower
isupper
iswpunct
iswalpha
strtok
strspn
strpbrk
getenv
strtok_s
rewind
strcspn
strtod
strcmp
vsprintf
_finite
_isnan
strncmp
fscanf
_snprintf_s
isspace
strrchr
printf
ceil
_vsnprintf
__iob_func
sscanf
qsort
strchr
wcscspn
wcsspn
_resetstkoflw
_itow_s
strerror
towupper
towlower
_itoa
_unlock
?terminate@@YAXXZ
memset
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
??3@YAXPAX@Z
abort
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
free
calloc
memchr
_wfopen
_beginthreadex
__CxxFrameHandler3
fprintf
_purecall
fclose
??2@YAPAXI@Z
sprintf
sscanf_s
??8type_info@@QBE_NABV0@@Z
_access
atoi
??_V@YAXPAX@Z
_wtoi64
tolower
strstr
fread
fwrite
fseek
_wcsicmp
memcpy_s
_wtoi
memmove_s
fputc
sprintf_s
_localtime64_s
fflush
fgetc
vsprintf_s
_access_s
strftime
_time64
exit
_mbscmp
??0exception@std@@QAE@ABQBDH@Z
_gmtime64
realloc
rand
strtol
fopen
strcpy_s
_localtime64
malloc
_snprintf
ftell
rename
_atoi64
wcsrtombs_s
_waccess_s
wmemcpy_s
_mktime64
wcsftime
_wfsopen
ferror
toupper
srand
strncpy
wcsncpy
wcsstr
fgets
wcscpy_s
isdigit
wcstol
_wcslwr
wcschr
wcsrchr
wcstoul
wcsncmp
iswalnum
memcpy
_CxxThrowException
_fmode
urlmon
URLDownloadToFileA
wininet
InternetSetCookieW
InternetOpenW
HttpQueryInfoA
InternetQueryOptionW
InternetSetStatusCallbackA
InternetQueryDataAvailable
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetSetOptionW
HttpOpenRequestW
InternetGetConnectedState
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetOpenA
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetCloseHandle
ws2_32
inet_ntoa
getpeername
WSAGetLastError
inet_addr
WSAStartup
gethostbyname
WSACleanup
psapi
QueryWorkingSet
Sections
.text Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 624KB - Virtual size: 623KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 691KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 147KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 197KB - Virtual size: 197KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ