Static task
static1
Behavioral task
behavioral1
Sample
3676963d52c2c9eba3e90e059db35ce0_NEAS.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral2
Sample
3676963d52c2c9eba3e90e059db35ce0_NEAS.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
3676963d52c2c9eba3e90e059db35ce0_NEAS
-
Size
1.2MB
-
MD5
3676963d52c2c9eba3e90e059db35ce0
-
SHA1
b087017ea076dcffbd9d8a2c9c51d0f4d06166af
-
SHA256
5b249a7d0c5af6f917392ca4e352d7f0d15f9fa854f96e39bdde309d0c43b55d
-
SHA512
22084430626d4c8ca60f1519c285835cbd4a938bb869a991d153848d003d927150ac261c5aadd4bfe83c905856c1c3ac027513d74c30ee1e50e5b2d039778706
-
SSDEEP
24576:WVttgqLh4h4LVMNKaE6p6c7ApgOL6sQxWUd:W956pn7Apgo6V
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3676963d52c2c9eba3e90e059db35ce0_NEAS
Files
-
3676963d52c2c9eba3e90e059db35ce0_NEAS.exe windows:6 windows x64 arch:x64
c0e79b0f76ca7aa4559df8104cf40e32
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
glew32
__glewDeleteVertexArrays
__glewDeleteBuffers
glewInit
__glewBufferData
__glewBindBuffer
__glewGenVertexArrays
__glewEnableVertexAttribArray
__glewAttachShader
__glewVertexAttribPointer
glewGetErrorString
glewExperimental
__glewCreateShader
__glewDeleteProgram
__glewDeleteShader
__glewGetProgramInfoLog
__glewGetProgramiv
__glewGetShaderInfoLog
__glewGetShaderiv
__glewGetUniformLocation
__glewUniformMatrix4fv
__glewCompileShader
__glewUniform3f
__glewUniform2i
__glewBindVertexArray
__glewLinkProgram
__glewActiveTexture
__glewRenderbufferStorage
__glewBlitFramebuffer
__glewGenRenderbuffers
__glewShaderSource
__glewUniform1i
__glewFramebufferRenderbuffer
__glewUniform1f
__glewGenBuffers
__glewDeleteRenderbuffers
__glewDeleteFramebuffers
__glewBindRenderbuffer
__glewBindFramebuffer
__glewGenerateMipmap
__glewCreateProgram
__glewGenFramebuffers
__glewFramebufferTexture2D
__glewUseProgram
glfw3
glfwPollEvents
glfwGetKeyScancode
glfwInit
glfwTerminate
glfwGetVersionString
glfwSetErrorCallback
glfwGetPrimaryMonitor
glfwGetVideoMode
glfwWindowHint
glfwSwapInterval
glfwSwapBuffers
glfwMakeContextCurrent
glfwGetTime
glfwGetClipboardString
glfwSetClipboardString
glfwSetScrollCallback
glfwCreateWindow
glfwWindowShouldClose
glfwSetWindowShouldClose
glfwGetWindowPos
glfwSetWindowMonitor
glfwGetWindowAttrib
glfwSetWindowAttrib
glfwSetWindowSizeCallback
glfwSetInputMode
glfwGetCursorPos
glfwSetKeyCallback
glfwSetCharCallback
glfwSetMouseButtonCallback
glfwSetCursorPosCallback
lua51
luaopen_jit
lua_call
lua_pushcclosure
lua_setfield
luaopen_bit
luaopen_debug
lua_type
lua_tonumber
lua_toboolean
lua_tolstring
lua_pushnumber
lua_pushinteger
lua_pushboolean
luaL_error
lua_setfenv
lua_pcall
luaL_loadbuffer
luaL_newstate
luaL_setfuncs
luaopen_base
luaopen_math
luaopen_string
luaopen_table
lua_tointeger
lua_pushstring
lua_gettop
lua_settop
lua_isstring
lua_pushnil
lua_createtable
lua_rawseti
lua_next
lua_pushvalue
lua_getfield
lua_rawgeti
lua_setmetatable
lua_close
luaopen_os
openal32
alSourcef
alSource3f
alGenSources
alGetSourcef
alGetSource3f
alGetSourcei
alSourcePlay
alDeleteSources
alListenerfv
alListener3f
alGetError
alSourceStop
alcGetIntegerv
alcGetString
alcCloseDevice
alcOpenDevice
alcDestroyContext
alcMakeContextCurrent
alcCreateContext
alGetBufferi
alBufferData
alDeleteBuffers
alGenBuffers
alSourceUnqueueBuffers
alSourceQueueBuffers
alSourcePause
alSourcei
opengl32
glTexImage2D
glTexParameterf
glTexParameteri
glDepthMask
glDisable
glEnable
glDrawArrays
glDrawElements
glDeleteTextures
glGetTexImage
glPixelStorei
glBlendFunc
glClear
glClearColor
glReadPixels
glLineWidth
glBindTexture
glGetString
glScissor
glViewport
glGenTextures
spng
spng_strerror
spng_set_ihdr
spng_get_ihdr
spng_encode_image
spng_decode_image
spng_decoded_image_size
spng_set_option
spng_set_crc_action
spng_get_png_buffer
spng_set_png_buffer
spng_ctx_free
spng_ctx_new
vorbisfile
ov_fopen
ov_seekable
ov_pcm_total
ov_pcm_seek
ov_info
ov_read
ov_clear
zlib1
deflateEnd
inflate
inflateEnd
deflateInit2_
inflateInit2_
deflate
user32
GetKeyNameTextA
msvcp140
_Query_perf_frequency
_Query_perf_counter
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_Getname@_Locinfo@std@@QEBAPEBDXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Xruntime_error@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Cnd_signal
_Cnd_broadcast
_Cnd_wait
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Thrd_id
_Thrd_hardware_concurrency
_Thrd_join
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??Bios_base@std@@QEBA_NXZ
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QEBA_JXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?swap@?$basic_istream@DU?$char_traits@D@std@@@std@@IEAAXAEAV12@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?fail@ios_base@std@@QEBA_NXZ
?eof@ios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??Bid@locale@std@@QEAA_KXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Xbad_function_call@std@@YAXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?setf@ios_base@std@@QEAAHHH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
vcruntime140
__std_exception_destroy
_CxxThrowException
__RTDynamicCast
memcmp
memcpy
memmove
__std_exception_copy
_purecall
memchr
__std_type_info_compare
__C_specific_handler
__current_exception
__current_exception_context
memset
__std_terminate
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
terminate
_errno
_invalid_parameter_noinfo_noreturn
_beginthreadex
abort
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_get_initial_narrow_environment
_initterm
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
_initterm_e
_exit
exit
api-ms-win-crt-heap-l1-1-0
malloc
_callnewh
_set_new_mode
free
api-ms-win-crt-math-l1-1-0
fmod
pow
tanf
floorf
fmodf
fmaxf
ceilf
fmax
sinf
__setusermatherr
log10
sqrtf
roundf
cosf
powf
fminf
api-ms-win-crt-utility-l1-1-0
srand
rand
api-ms-win-crt-stdio-l1-1-0
_fseeki64
ftell
__p__commode
fread
_set_fmode
__acrt_iob_func
ungetc
setvbuf
fflush
fwrite
fopen
fsetpos
fputc
fgetpos
fgetc
_get_stream_buffer_pointers
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__stdio_common_vfprintf
rewind
fseek
fclose
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
api-ms-win-crt-string-l1-1-0
strncmp
isdigit
isalnum
isspace
api-ms-win-crt-convert-l1-1-0
wcstoull
wcstol
strtoll
strtol
strtoull
api-ms-win-crt-time-l1-1-0
_localtime64
_time64
api-ms-win-crt-locale-l1-1-0
setlocale
_configthreadlocale
___lc_codepage_func
kernel32
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
WideCharToMultiByte
MultiByteToWideChar
GetFileInformationByHandleEx
LocalFree
GetModuleHandleW
GetLastError
CloseHandle
AreFileApisANSI
SetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
CreateDirectoryW
GetLocaleInfoEx
FormatMessageA
Sections
.text Size: 900KB - Virtual size: 900KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 201KB - Virtual size: 201KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 31KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ