NvOptimusEnablement
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-05-05_626ace60bb38dbc585c75cd223e75dd6_ryuk.exe
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-05-05_626ace60bb38dbc585c75cd223e75dd6_ryuk.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2024-05-05_626ace60bb38dbc585c75cd223e75dd6_ryuk
-
Size
17.3MB
-
MD5
626ace60bb38dbc585c75cd223e75dd6
-
SHA1
eb3b875a9da5e45da68ee918e9648c22285cc496
-
SHA256
2847de452800e7cd18668c1da66cf72ef6450ecc6c6f6e93ef513b3d7fb5d6ca
-
SHA512
f00e968fb89292d7cdf21144b66dbbbf9570785e1934927a04d59887371ee91db0f4733da381a4209281b190823a6740cfc44e5bb2da67e8728e05c549d87015
-
SSDEEP
196608:iIvSCJBGct8yU1Fag46zHl7k9NECemCDBLN8R3D3GG050PtbiG8Mtdk:iIvSCJNtiHnl7k9NEFtmcG0501Htdk
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-05-05_626ace60bb38dbc585c75cd223e75dd6_ryuk
Files
-
2024-05-05_626ace60bb38dbc585c75cd223e75dd6_ryuk.exe windows:6 windows x64 arch:x64
f380ac54672aeba92d0e2f657dd0e98c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
WriteConsoleW
WideCharToMultiByte
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
SetStdHandle
CreatePipe
GetExitCodeProcess
FlushFileBuffers
HeapSize
GetCurrentDirectoryW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetACP
GetModuleFileNameA
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
GetTimeZoneInformation
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
CreateProcessA
FreeLibraryAndExitThread
ExitThread
GetFullPathNameW
GetDriveTypeW
GetModuleHandleExW
ExitProcess
RtlUnwindEx
RtlPcToFileHeader
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
GetProcessHeap
OutputDebugStringW
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
LoadLibraryW
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
EncodePointer
LoadLibraryExA
VirtualQuery
VirtualProtect
WaitForMultipleObjects
WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState
DuplicateHandle
GetSystemTime
VirtualQueryEx
GetThreadContext
GetProcessId
SuspendThread
TerminateThread
OpenThread
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext
GlobalMemoryStatus
GetCurrentProcessId
FlushConsoleInputBuffer
GetFileType
GetStdHandle
FormatMessageA
ExpandEnvironmentStringsA
VerifyVersionInfoW
SleepEx
VerSetConditionMask
GetTickCount
lstrlenW
lstrlenA
GetTempPathW
WriteFile
SetFilePointer
SetEndOfFile
ReadFile
GetFileInformationByHandle
CreateFileW
MoveFileExW
SetFileAttributesW
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
DeleteFileW
CreateDirectoryW
FindFirstFileW
GetUserGeoID
GetVersionExW
ReleaseSemaphore
CreateEventW
ResetEvent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
CloseHandle
lstrcmpiW
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
GetProcAddress
GetCurrentThreadId
SetLastError
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CompareFileTime
GetEnvironmentVariableA
MultiByteToWideChar
SetEvent
FormatMessageW
LocalFree
LocalAlloc
GetSystemDefaultLangID
GetComputerNameA
SetThreadAffinityMask
GetSystemInfo
GetCurrentThread
IsDebuggerPresent
GetVolumeInformationW
Sleep
QueryPerformanceFrequency
SwitchToThread
GetModuleFileNameW
FreeLibrary
CreateSemaphoreW
InitializeSListHead
RaiseException
QueryPerformanceCounter
InitializeCriticalSectionEx
DeleteCriticalSection
WaitForSingleObject
CreateThread
GetModuleHandleW
DecodePointer
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
HeapLock
HeapUnlock
GlobalMemoryStatusEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
GetLastError
user32
MonitorFromWindow
IsDialogMessageW
LoadBitmapW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
MapWindowPoints
MessageBeep
SetDlgItemTextW
CreateDialogParamW
IsWindowVisible
mouse_event
GetKeyState
MsgWaitForMultipleObjects
LoadImageW
LoadIconW
ClipCursor
SetCursor
AdjustWindowRectEx
GetMenu
GetActiveWindow
ShowWindow
PostQuitMessage
RegisterRawInputDevices
GetRawInputData
GetCursorPos
SetCursorPos
GetSystemMetrics
GetCapture
LoadCursorW
GetWindow
GetClassNameW
GetParent
GetMonitorInfoW
GetWindowLongPtrW
FillRect
GetSysColor
ScreenToClient
GetProcessWindowStation
ShowCursor
GetUserObjectInformationW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextW
GetDlgItem
MoveWindow
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
WaitMessage
SendMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
RegisterWindowMessageW
GetDesktopWindow
SetWindowLongW
GetWindowLongW
MessageBoxA
GetWindowRect
GetClientRect
SetWindowPos
GetAsyncKeyState
UnregisterClassW
MessageBoxW
GetWindowTextLengthW
SetWindowLongPtrW
ClientToScreen
winmm
timeEndPeriod
timeBeginPeriod
timeGetTime
ws2_32
send
connect
sendto
socket
recvfrom
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
bind
WSASetLastError
select
__WSAFDIsSet
inet_pton
freeaddrinfo
getaddrinfo
WSAGetLastError
gethostbyname
WSAStartup
WSACleanup
closesocket
recv
accept
listen
ioctlsocket
shutdown
wininet
HttpSendRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetOptionW
InternetQueryDataAvailable
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetReadFile
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
dinput8
DirectInput8Create
mfplat
MFCreateAttributes
MFCreateDXGIDeviceManager
MFShutdown
MFStartup
d3d11
D3D11CreateDevice
oo2core_3_win64
OodlePlugins_SetAllocators
OodleLZ_Compress
OodleLZ_Decompress
OodleLZ_GetDecodeBufferSize
OodleLZ_GetCompressedBufferSizeNeeded
fmod64
?setReverbProperties@System@FMOD@@QEAA?AW4FMOD_RESULT@@HPEBUFMOD_REVERB_PROPERTIES@@@Z
?setFileSystem@System@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW43@PEBDPEAIPEAPEAXPEAX@ZP6A?AW43@33@ZP6A?AW43@33I13@ZP6A?AW43@3I3@ZP6A?AW43@PEAUFMOD_ASYNCREADINFO@@3@Z9H@Z
FMOD_Memory_Initialize
?getAudibility@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAM@Z
?setPosition@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@II@Z
?getPosition@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@PEAII@Z
?mixerSuspend@System@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?mixerResume@System@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?createDSPByType@System@FMOD@@QEAA?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PEAPEAVDSP@2@@Z
?createChannelGroup@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDPEAPEAVChannelGroup@2@@Z
?setPaused@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?setVolume@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?getVolume@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAM@Z
?setMute@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?getDSP@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAPEAVDSP@2@@Z
?setDriver@System@FMOD@@QEAA?AW4FMOD_RESULT@@H@Z
?release@ChannelGroup@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?addGroup@ChannelGroup@FMOD@@QEAA?AW4FMOD_RESULT@@PEAV12@_NPEAPEAVDSPConnection@2@@Z
?release@DSP@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?setChannelFormat@DSP@FMOD@@QEAA?AW4FMOD_RESULT@@IHW4FMOD_SPEAKERMODE@@@Z
?setParameterFloat@DSP@FMOD@@QEAA?AW4FMOD_RESULT@@HM@Z
?playSound@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAVSound@2@PEAVChannelGroup@2@_NPEAPEAVChannel@2@@Z
?getNumSyncPoints@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAH@Z
?getLoopPoints@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAII0I@Z
?getSystemObject@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAVSystem@2@@Z
?setPitch@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?setReverbProperties@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@HM@Z
?setMode@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@I@Z
?setCallback@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW43@PEAUFMOD_CHANNELCONTROL@@W4FMOD_CHANNELCONTROL_TYPE@@W4FMOD_CHANNELCONTROL_CALLBACK_TYPE@@PEAX3@Z@Z
?isPlaying@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEA_N@Z
?setCallback@System@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW43@PEAUFMOD_SYSTEM@@IPEAX11@ZI@Z
?set3DAttributes@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEBUFMOD_VECTOR@@00@Z
?set3DMinMaxDistance@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@MM@Z
?get3DMinMaxDistance@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAM0@Z
?setUserData@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAX@Z
?getUserData@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAX@Z
?setChannelGroup@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@PEAVChannelGroup@2@@Z
?getChannelGroup@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAVChannelGroup@2@@Z
?setLoopCount@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@H@Z
?setParameterInt@DSP@FMOD@@QEAA?AW4FMOD_RESULT@@HH@Z
?createStream@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAUFMOD_CREATESOUNDEXINFO@@PEAPEAVSound@2@@Z
?getLoopCount@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@PEAH@Z
?getNumDrivers@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAH@Z
?getChannel@ChannelGroup@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAPEAVChannel@2@@Z
?getNumChannels@ChannelGroup@FMOD@@QEAA?AW4FMOD_RESULT@@PEAH@Z
?getGroup@ChannelGroup@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAPEAV12@@Z
?getNumGroups@ChannelGroup@FMOD@@QEAA?AW4FMOD_RESULT@@PEAH@Z
?getCurrentSound@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAVSound@2@@Z
?stop@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getUserData@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAX@Z
?setUserData@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAX@Z
?getOpenState@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAW4FMOD_OPENSTATE@@PEAIPEA_N2@Z
?getNumSubSounds@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAH@Z
?getLength@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAII@Z
?getSubSound@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAPEAV12@@Z
?getSystemObject@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAVSystem@2@@Z
?release@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getMasterChannelGroup@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAVChannelGroup@2@@Z
?getChannel@System@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAPEAVChannel@2@@Z
?createSound@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAUFMOD_CREATESOUNDEXINFO@@PEAPEAVSound@2@@Z
?setPan@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?getVersion@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAI@Z
?getSoftwareFormat@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAHPEAW4FMOD_SPEAKERMODE@@0@Z
?addDSP@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@HPEAVDSP@2@@Z
FMOD_Memory_GetStats
fmodstudio64
?getBusByID@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBUFMOD_GUID@@PEAPEAVBus@23@@Z
?isValid@Bus@Studio@FMOD@@QEBA_NXZ
?setFaderLevel@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?setPaused@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?setMute@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?lockChannelGroup@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?unlockChannelGroup@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getChannelGroup@Bus@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVChannelGroup@3@@Z
?getSoundInfo@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBDPEAUFMOD_STUDIO_SOUND_INFO@@@Z
?isValid@EventDescription@Studio@FMOD@@QEBA_NXZ
?getUserProperty@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBDPEAUFMOD_STUDIO_USER_PROPERTY@@@Z
?getLength@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?isOneshot@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEA_N@Z
?is3D@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEA_N@Z
?hasCue@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEA_N@Z
?createInstance@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVEventInstance@23@@Z
?isValid@EventInstance@Studio@FMOD@@QEBA_NXZ
?getDescription@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVEventDescription@23@@Z
?setVolume@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?getBusCount@Bank@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?getEventList@Bank@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVEventDescription@23@HPEAH@Z
?getEventCount@Bank@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?getID@Bus@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAUFMOD_GUID@@@Z
?getID@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAUFMOD_GUID@@@Z
?getBankList@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVBank@23@HPEAH@Z
?getBankCount@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?lookupPath@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBUFMOD_GUID@@PEADHPEAH@Z
?getLowLevelSystem@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAV13@@Z
?flushCommands@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?release@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?initialize@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@HIIPEAX@Z
?create@System@Studio@FMOD@@SA?AW4FMOD_RESULT@@PEAPEAV123@I@Z
?getLoadingState@Bank@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAW4FMOD_STUDIO_LOADING_STATE@@@Z
?isValid@Bank@Studio@FMOD@@QEBA_NXZ
?getSampleLoadingState@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAW4FMOD_STUDIO_LOADING_STATE@@@Z
?unloadSampleData@EventDescription@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?set3DAttributes@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@PEBUFMOD_3D_ATTRIBUTES@@@Z
?setPaused@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?start@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?stop@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@W4FMOD_STUDIO_STOP_MODE@@@Z
?loadSampleData@EventDescription@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?loadBankFile@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAPEAVBank@23@@Z
?getEventByID@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBUFMOD_GUID@@PEAPEAVEventDescription@23@@Z
?update@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?unload@Bank@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getParameterCount@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?getParameterByIndex@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@HPEAUFMOD_STUDIO_PARAMETER_DESCRIPTION@@@Z
?getBusList@Bank@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVBus@23@HPEAH@Z
?setListenerAttributes@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@HPEBUFMOD_3D_ATTRIBUTES@@@Z
?setValue@ParameterInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?getDescription@ParameterInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAUFMOD_STUDIO_PARAMETER_DESCRIPTION@@@Z
?isValid@ParameterInstance@Studio@FMOD@@QEBA_NXZ
?setUserData@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@PEAX@Z
?getUserData@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAX@Z
?setCallback@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW44@IPEAUFMOD_STUDIO_EVENTINSTANCE@@PEAX@ZI@Z
?triggerCue@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getParameterCount@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?getTimelinePosition@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAH@Z
?setTimelinePosition@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@H@Z
?getPlaybackState@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAW4FMOD_STUDIO_PLAYBACK_STATE@@@Z
?getChannelGroup@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVChannelGroup@3@@Z
?release@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getParameter@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBDPEAPEAVParameterInstance@23@@Z
?getParameterByIndex@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@HPEAPEAVParameterInstance@23@@Z
comctl32
InitCommonControlsEx
_TrackMouseEvent
ord17
gdi32
GetBitmapBits
CreateDCW
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
GetObjectW
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
shell32
SHGetFolderPathW
ShellExecuteW
ShellExecuteExW
ole32
CoCreateGuid
OleLockRunning
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
oleaut32
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SysStringByteLen
SysAllocString
SysFreeString
advapi32
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
SystemFunction036
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegFlushKey
Exports
Exports
Sections
.text Size: 10.7MB - Virtual size: 10.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 632KB - Virtual size: 632KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 784KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 116KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.FTS Size: 144KB - Virtual size: 144KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ