D:\Dev.Mirrorv7592020-0522a\T2K2JPEG\Release\T2K2JPEG.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
T2K2JPEG.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
T2K2JPEG.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
T2K2JPEG.exe
-
Size
3.0MB
-
MD5
fd0de2935ab39de01e1058e45dffe358
-
SHA1
c7560d1473291aa16c266f264b67b5aeaa74f5f0
-
SHA256
52426859764430b8128f480959ba92a6ec8cc9e963e4c4c059558d26dd4cea02
-
SHA512
004a8071d64f445b8ba82847f7dfc5a6caa9675b557378b7c3522806720f86d9717a9613ca542bfeed94fe4271278725cd9b5b728f5bc84987b3b038cc0bbf10
-
SSDEEP
49152:spNNq2lYhlOAdQuWoUn29pASRpTXAzrKojbZksL/v4qr:quQEdQuWoUn29m+TXAp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource T2K2JPEG.exe
Files
-
T2K2JPEG.exe.exe windows:6 windows x86 arch:x86
722e8f9381318ac324104a0b4ae7348b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
shell32
SHCreateDirectoryExW
SHGetFolderPathW
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
mfc120u
ord14265
ord360
ord13820
ord1064
ord6469
ord1508
ord1506
ord265
ord3839
ord6462
ord3562
ord2478
ord450
ord13902
ord1105
ord494
ord5417
ord12655
ord4771
ord6458
ord12511
ord1525
ord12433
ord5788
ord5028
ord5021
ord12933
ord4112
ord6713
ord13782
ord2261
ord2173
ord6452
ord9007
ord4176
ord3103
ord6393
ord9016
ord4193
ord3215
ord6735
ord7382
ord10919
ord12006
ord6121
ord13612
ord2718
ord9091
ord12047
ord8921
ord10896
ord11271
ord10353
ord458
ord3361
ord3362
ord3122
ord6434
ord6032
ord6123
ord13616
ord3263
ord3260
ord10136
ord8092
ord2719
ord1471
ord10166
ord10168
ord10167
ord10165
ord10169
ord5557
ord11600
ord11601
ord9020
ord11964
ord3795
ord3790
ord11811
ord14447
ord8846
ord12095
ord6875
ord10883
ord9137
ord3224
ord13738
ord12134
ord12132
ord1711
ord1723
ord1731
ord1727
ord13845
ord7984
ord4528
ord13698
ord1350
ord12479
ord1964
ord1844
ord821
ord7220
ord3537
ord3914
ord2214
ord14094
ord12941
ord4605
ord13110
ord8247
ord8693
ord8402
ord13987
ord13149
ord12958
ord12956
ord12957
ord3821
ord6389
ord358
ord6392
ord6696
ord2480
ord4813
ord3194
ord14318
ord8378
ord4266
ord5793
ord5025
ord2848
ord4758
ord1702
ord14469
ord12225
ord13531
ord12921
ord6232
ord1191
ord1736
ord4879
ord4920
ord4887
ord4899
ord4895
ord4891
ord4928
ord4916
ord4883
ord4932
ord4905
ord4867
ord4874
ord4909
ord4459
ord5693
ord7718
ord4451
ord3013
ord14449
ord7807
ord14455
ord14367
ord6774
ord8053
ord2736
ord4434
ord11592
ord13563
ord5838
ord7699
ord7704
ord13997
ord8045
ord5327
ord2640
ord11999
ord3898
ord3329
ord3330
ord3223
ord12043
ord999
ord3654
ord4842
ord1386
ord887
ord4784
ord1519
ord2163
ord8352
ord7542
ord1467
ord8268
ord12122
ord10314
ord12799
ord12736
ord4546
ord8206
ord5262
ord10260
ord2444
ord12413
ord12412
ord8634
ord568
ord567
ord6508
ord11836
ord5490
ord5493
ord5486
ord3917
ord2483
ord4774
ord1043
ord14448
ord7806
ord14454
ord9279
ord4109
ord4047
ord12818
ord7825
ord1992
ord11858
ord11857
ord14326
ord12402
ord7884
ord14526
ord6251
ord14528
ord6253
ord14527
ord6252
ord992
ord6758
ord3809
ord5821
ord12114
ord8099
ord12126
ord12094
ord1130
ord1063
ord1441
ord1108
ord4049
ord5157
ord5454
ord5664
ord9231
ord5430
ord5667
ord5160
ord5316
ord5137
ord7609
ord7610
ord7600
ord5314
ord8101
ord10131
ord9090
ord13114
ord13821
ord1104
ord449
ord5475
ord5477
ord6124
ord8143
ord7277
ord4541
ord14544
ord5254
ord443
ord5386
ord7611
ord5783
ord869
ord2363
ord12105
ord2262
ord4456
ord2520
ord2204
ord1445
ord13117
ord13118
ord13824
ord971
ord13119
ord13825
ord14516
ord12276
ord14463
ord12219
ord8346
ord8242
ord12792
ord8639
ord8638
ord14263
ord14271
ord14277
ord8594
ord8601
ord4621
ord4620
ord14224
ord12634
ord2948
ord5824
ord1682
ord1688
ord1687
ord1684
ord316
ord1660
ord4442
ord2708
ord8699
ord4843
ord6870
ord13153
ord4838
ord4839
ord1179
ord7844
ord6078
ord12466
ord1650
ord8387
ord551
ord3033
ord7307
ord287
ord4814
ord293
ord290
ord2367
ord258
ord12514
ord973
ord1447
ord6404
ord12633
ord14121
ord2167
ord5864
ord6762
ord997
ord3592
ord12800
ord10315
ord12123
ord1470
ord2318
ord2488
ord3921
ord3186
ord1715
ord14289
ord6999
ord3911
ord13121
ord13635
ord12429
ord12449
ord12824
ord12738
ord12966
ord13907
ord13554
ord13975
ord8763
ord13972
ord12890
ord13983
ord12893
ord5119
ord2252
ord2179
ord1521
ord277
ord285
ord2967
ord14180
ord13111
ord12430
ord8064
ord5027
ord5019
ord1648
ord1040
ord267
ord1527
ord3806
ord8107
ord2336
ord5784
ord5782
ord2394
ord2379
ord2391
ord13838
ord2396
ord11967
ord13785
ord2714
ord3967
ord11339
ord11303
ord12677
ord3808
ord14339
ord4273
ord1880
ord2740
ord13787
ord8671
ord2853
ord11843
ord1413
ord931
ord6709
ord12776
ord12778
ord12766
ord12783
ord1685
ord5240
ord6863
ord8599
ord12755
ord1516
ord4984
ord1510
ord12222
ord5789
ord498
ord1139
ord2843
ord14465
ord2338
ord321
ord2354
ord2342
ord1518
ord281
ord5787
ord5020
ord4280
ord2416
ord13000
ord1184
ord6083
ord12471
ord1655
ord8392
ord556
ord6500
ord13116
ord13823
ord2243
ord2397
ord4772
ord2954
ord1520
ord1042
ord286
ord280
ord296
ord1658
ord6652
ord2347
ord2341
ord2343
ord266
ord6853
ord11837
ord500
ord9574
ord5419
msvcr120
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_except_handler4_common
_onexit
_vsnprintf_s
__dllonexit
_calloc_crt
_unlock
_lock
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
_getdrive
_wsplitpath
__clean_type_info_names_internal
_except1
strerror
_swprintf
localeconv
sprintf_s
__RTtypeid
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
isspace
floor
_localtime64
_mktime64
memchr
isdigit
_finite
_isnan
strtol
_stricmp
_vsnwprintf_s
wcsncmp
_wcsnicmp
??4exception@std@@QAEAAV01@ABV01@@Z
?before@type_info@@QBE_NABV1@@Z
swscanf_s
_wchdir
_wgetcwd
wcstok
_hypot
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
wcstod
?_set_new_mode@@YAHH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_clearfp
??0bad_cast@std@@QAE@PBD@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
realloc
fprintf
__iob_func
__RTDynamicCast
iswalpha
??0exception@std@@QAE@ABV01@@Z
_recalloc
malloc
free
calloc
wmemcpy_s
_wtoi
swscanf
_vsnwprintf
_scwprintf
_waccess
_wcslwr_s
_wcsicmp
wcstok_s
wcsstr
wcsnlen
wcslen
wcscpy_s
wcscmp
wcschr
wcscat_s
memmove
memmove_s
strlen
strcpy_s
memcpy_s
memcpy
memcmp
iswalnum
iswspace
iswdigit
_CxxThrowException
_wtol
_purecall
__CxxFrameHandler3
_time64
div
_vscwprintf
vswprintf_s
swprintf_s
memset
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
iswxdigit
sprintf
_wsplitpath_s
_wfullpath
qsort
_wcsupr_s
wcsspn
wcsrchr
wcscspn
??8type_info@@QBE_NABV0@@Z
getenv
sscanf
fgetwc
fputwc
ungetwc
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
_fcvt
_wgetenv_s
_wputenv_s
strchr
strncpy
strtok
strcmp
toupper
strcat
tolower
strncmp
strstr
remove
fopen
fseek
ftell
fread
_wfopen
_atoi64
_mbsspn
_mbscspn
_waccess_s
atoi
strcpy
_strlwr_s
strncpy_s
_wfopen_s
ceil
wcscpy
_localtime64_s
fgets
strcspn
wcstol
wcsncpy_s
sqrt
sin
pow
cos
atan2
acos
abs
ldiv
labs
wcstoul
wcscat
_getmbcp
atof
fgetws
wcsncpy
_vswprintf
kernel32
SetEndOfFile
lstrcmpiW
lstrcatW
OutputDebugStringA
OutputDebugStringW
GetCurrentThreadId
GetTickCount
lstrlenW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
ReadFile
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
GetFileSize
DeleteFileW
GetFileAttributesW
RemoveDirectoryW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CompareStringW
GetThreadLocale
K32GetMappedFileNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTimeZoneInformation
TryEnterCriticalSection
SetEvent
ResetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventW
WaitForMultipleObjects
lstrcmpW
GetLocaleInfoW
GetDiskFreeSpaceW
DeviceIoControl
OpenProcess
MoveFileW
MoveFileExW
K32EnumProcesses
K32EnumProcessModules
K32GetModuleBaseNameW
K32GetModuleFileNameExW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
WritePrivateProfileStringW
FileTimeToSystemTime
SystemTimeToFileTime
GetDateFormatW
GetTimeFormatW
lstrlenA
DuplicateHandle
OpenThread
GetWindowsDirectoryW
GetProcessHeaps
HeapWalk
GetSystemInfo
VirtualQueryEx
lstrcatA
K32GetModuleBaseNameA
K32GetModuleInformation
lstrcmpA
GetProfileStringW
FlushFileBuffers
GlobalFree
InitializeCriticalSection
ProcessIdToSessionId
MulDiv
GlobalMemoryStatus
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
GetLocalTime
FindResourceExW
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadResource
LockResource
SizeofResource
GlobalLock
GlobalUnlock
LocalAlloc
LocalFree
FormatMessageW
lstrcpynW
LoadLibraryW
FindResourceW
IsBadReadPtr
GetComputerNameW
MultiByteToWideChar
GetModuleFileNameW
GetDriveTypeW
CloseHandle
SetLastError
GetCurrentProcess
GetComputerNameExW
GetHandleInformation
PulseEvent
SetThreadPriority
GetThreadPriority
TerminateThread
GetExitCodeThread
SuspendThread
ResumeThread
GetThreadId
IsBadStringPtrA
lstrcpyW
WideCharToMultiByte
DecodePointer
RaiseException
InitializeCriticalSectionEx
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleA
LoadLibraryExW
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentProcessId
GetSystemTimeAsFileTime
CompareFileTime
IsBadWritePtr
WriteFile
SetFilePointer
SetFileAttributesW
GetShortPathNameW
GetTempPathW
GetTempFileNameW
CopyFileW
GlobalAlloc
CreateFileW
FormatMessageA
AreFileApisANSI
CreateDirectoryExW
SetFileTime
SetFilePointerEx
GetFullPathNameW
GetFileTime
user32
LoadImageW
GetAsyncKeyState
UnregisterClassW
RegisterWindowMessageW
GetClassNameW
IsWindow
SendNotifyMessageW
wsprintfW
GetDC
InflateRect
CloseClipboard
EqualRect
LoadStringW
SetClipboardData
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
MonitorFromWindow
PtInRect
OpenClipboard
EmptyClipboard
SendMessageW
LoadIconW
GetClientRect
DrawIcon
AppendMenuW
GetSystemMenu
GetSystemMetrics
EnableWindow
GetClipboardData
TranslateMessage
DispatchMessageW
PeekMessageW
OffsetRect
GetParent
IsIconic
SetRectEmpty
LoadBitmapW
CopyRect
EnumDisplayMonitors
GetMonitorInfoW
QueryDisplayConfig
GetDisplayConfigBufferSizes
EnumDisplayDevicesW
IsRectEmpty
SystemParametersInfoW
UnionRect
IntersectRect
SetRect
FillRect
GetSysColor
InvalidateRect
SetParent
GetWindowLongW
AdjustWindowRect
SetFocus
GetDlgItem
MoveWindow
ShowWindow
SetLastErrorEx
wsprintfA
GetWindowRect
GetWindow
GetTopWindow
PostMessageW
GetWindowTextW
ReleaseDC
CharLowerW
CharUpperW
GetWindowThreadProcessId
EnumWindows
IsDialogMessageW
GetDesktopWindow
MessageBoxW
GetActiveWindow
InSendMessage
PostQuitMessage
IsWindowVisible
gdi32
GetROP2
ExtFloodFill
ExtTextOutW
TextOutW
RectVisible
PtVisible
Escape
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
ExtCreatePen
GetObjectW
LPtoDP
Polygon
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
CreateRectRgn
GetClipRgn
SelectClipRgn
OffsetRgn
GetDIBits
StretchBlt
StretchDIBits
CombineRgn
CreateEllipticRgnIndirect
CreatePatternBrush
CreateRectRgnIndirect
BeginPath
EndPath
FillPath
CreatePolygonRgn
DPtoLP
SetPixelV
GdiFlush
MaskBlt
Rectangle
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetTextAlign
RectInRegion
Polyline
PolyBezier
SetGraphicsMode
GetPixel
Ellipse
GetMapMode
GetGraphicsMode
GetCurrentObject
CreateSolidBrush
CreatePen
CreateDCW
CreateCompatibleDC
CreateBitmap
BitBlt
Arc
CreateDIBSection
GetPaletteEntries
GetNearestPaletteIndex
CreateDIBitmap
SelectObject
GetTextExtentPoint32W
GetCharWidth32W
GetCharWidthW
DeleteDC
CreateHatchBrush
GetStockObject
DeleteObject
GetDeviceCaps
advapi32
ConvertSidToStringSidW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
CloseServiceHandle
ControlService
EnumServicesStatusExW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
OpenProcessToken
AllocateAndInitializeSid
CheckTokenMembership
CreateWellKnownSid
DuplicateToken
FreeSid
GetTokenInformation
LookupAccountNameW
LogonUserW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegCreateKeyExA
RegSetValueExA
ole32
CoTaskMemFree
StringFromCLSID
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
CoCreateInstance
IIDFromString
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoTaskMemAlloc
oleaut32
SetErrorInfo
SafeArrayGetDim
SafeArrayCreate
SafeArrayGetVartype
SafeArrayUnlock
VarBstrFromDate
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
GetErrorInfo
VariantInit
VariantChangeType
SafeArrayGetElemsize
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
CreateErrorInfo
SysStringLen
VariantCopy
SysAllocStringLen
VarDateFromStr
SafeArrayDestroy
odbc32
ord141
ord157
ord139
ord75
ord43
ord31
ord9
ord24
ord170
ord167
ord166
ord165
ord160
ord156
ord154
ord153
ord152
ord147
ord145
ord140
ord119
ord108
ord127
ord18
ord44
msvcp120
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??_7ios_base@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
?is@?$ctype@_W@std@@QBE_NF_W@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?narrow@?$ctype@_W@std@@QBED_WD@Z
?exceptions@ios_base@std@@QAEXH@Z
?flags@ios_base@std@@QAEHH@Z
?setf@ios_base@std@@QAEHHH@Z
?precision@ios_base@std@@QAE_J_J@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE_W_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?classic@locale@std@@SAABV12@XZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
??0id@locale@std@@QAE@I@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_destroy
_Mtx_init
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??0_Container_base12@std@@QAE@XZ
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
_Mbrtowc
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?widen@?$ctype@_W@std@@QBEPBDPBD0PA_W@Z
?setf@ios_base@std@@QAEHH@Z
?precision@ios_base@std@@QBE_JXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?id@?$numpunct@_W@std@@2V0locale@2@A
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??_7_Facet_base@std@@6B@
??_7facet@locale@std@@6B@
??_7codecvt_base@std@@6B@
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7?$codecvt@_WDH@std@@6B@
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
_FInf
_FNan
_Getcvt
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?id@?$numpunct@D@std@@2V0locale@2@A
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?_BADOFF@std@@3_JB
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?unshift@?$codecvt@_WDH@std@@QBEHAAHPAD1AAPAD@Z
??1?$codecvt@_WDH@std@@MAE@XZ
?widen@?$ctype@D@std@@QBEDD@Z
?widen@?$ctype@D@std@@QBEPBDPBD0PAD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPAPA_W0PAH001@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?pubsync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??Bid@locale@std@@QAEIXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?toupper@?$ctype@_W@std@@QBE_W_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
gdiplus
GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneImage
GdiplusStartup
GdipFillPolygonI
GdipDrawPolygonI
GdipDrawEllipseI
GdipGetImageWidth
GdipSaveImageToStream
GdipDeletePen
GdipGetImageGraphicsContext
GdipBitmapSetPixel
GdipDeleteGraphics
GdipSetCompositingMode
GdipDrawLineI
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipGetImageRawFormat
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipGetPropertySize
GdipGetAllPropertyItems
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipBitmapSetResolution
GdipSetPropertyItem
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage
ws2_32
InetNtopW
WSACleanup
WSAStartup
socket
setsockopt
sendto
recvfrom
inet_addr
htons
closesocket
iphlpapi
GetAdaptersAddresses
GetIpForwardTable
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
mpr
WNetGetUniversalNameW
WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW
WNetGetUserW
secur32
AcquireCredentialsHandleW
GetUserNameExW
QuerySecurityPackageInfoW
FreeContextBuffer
DeleteSecurityContext
CompleteAuthToken
AcceptSecurityContext
InitializeSecurityContextW
FreeCredentialsHandle
setupapi
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
dbghelp
SymGetOptions
SymSetOptions
StackWalk
SymCleanup
SymFunctionTableAccess
SymGetModuleInfo
SymGetModuleBase
SymGetLineFromAddr
SymInitialize
SymGetSearchPath
SymGetSymFromAddr
SymLoadModule
comctl32
ord8
ImageList_GetImageInfo
ImageList_Draw
ImageList_SetBkColor
shlwapi
ord12
ord213
ord214
PathCompactPathW
ord184
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 633KB - Virtual size: 633KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 30KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 130KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ