D:\BuildAgent\work\Trunk2012\Client\RCCService\Win32\Release\RCCService.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
rosemlaigna2015ERCC.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
rosemlaigna2015ERCC.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
8 signatures
150 seconds
General
-
Target
rosemlaigna2015ERCC.exe
-
Size
13.7MB
-
MD5
3a7a01c39496b54a6b6771f92058ce63
-
SHA1
5877fec5a5eb2ad462f83d98a5f07a7c93b1f761
-
SHA256
854018c38de8b7c0fc7bf9edc02879db0ea229f0e6ef8babfe01c206fdc8214b
-
SHA512
3aa10f6cb501c74d7c17adcbc00e808f57b95804740cd1ce6a6cc3f5c5dd67f3106bf7b762f80d5e91b36508e9eaa81c7e93cf45bc5c5fd0a9ed70dc8af6f334
-
SSDEEP
196608:oBUe4KpgLm+ZhXb711zzppQXMzFleyIAo25af5T8KPcUkadej:6d8Okadej
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource rosemlaigna2015ERCC.exe
Files
-
rosemlaigna2015ERCC.exe.exe windows:5 windows x86 arch:x86
37effb57e8c855521840e0c2b27df6de
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
advapi32
DeregisterEventSource
RegisterEventSourceA
ReportEventA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
ChangeServiceConfig2A
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
StartServiceA
CryptVerifySignatureA
CryptImportKey
CryptDestroyKey
StartTraceA
ControlTraceA
OpenTraceA
ProcessTrace
CloseTrace
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
ws2_32
setsockopt
WSAIoctl
sendto
shutdown
socket
getpeername
getaddrinfo
freeaddrinfo
send
select
recvfrom
recv
ntohs
ntohl
listen
htonl
htons
gethostbyname
WSAStartup
WSACleanup
getsockopt
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
WSASetLastError
WSAGetLastError
inet_addr
kernel32
CreateEventA
OpenEventA
CloseHandle
WaitForSingleObject
GetCurrentProcessId
SetEvent
ResetEvent
GetModuleHandleA
GetLastError
CreateMutexA
GetCurrentThreadId
LockResource
LoadResource
SizeofResource
FindResourceW
FindResourceExW
DeleteFileA
MoveFileA
WideCharToMultiByte
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WriteFile
GetSystemTime
FileTimeToSystemTime
CreateFileA
FindFirstFileA
FindNextFileA
MultiByteToWideChar
GetProcessHeap
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
GetProcAddress
DebugBreak
GetStdHandle
GetModuleFileNameA
QueueUserWorkItem
SetConsoleTextAttribute
SetConsoleCtrlHandler
GetComputerNameA
GetShortPathNameW
GetModuleFileNameW
GetCurrentProcess
GetVersionExA
IsWow64Process
SetLastError
FormatMessageA
InitializeCriticalSectionAndSpinCount
SetThreadContext
CreateThread
VirtualQuery
WaitForSingleObjectEx
AreFileApisANSI
MoveFileExW
FindNextFileW
FindFirstFileW
DeleteFileW
GetFileAttributesW
CreateFileW
GetFullPathNameW
GetTempPathA
CreateDirectoryW
GetCurrentDirectoryW
GetTempPathW
SetFileTime
GetFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateWaitableTimerA
SetWaitableTimer
CreateSemaphoreA
DuplicateHandle
RaiseException
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
OutputDebugStringA
GetLogicalDriveStringsA
CopyFileA
FreeLibrary
LoadLibraryA
CreateDirectoryA
GetProcessHeaps
HeapSetInformation
FindClose
GetLocalTime
SystemTimeToTzSpecificLocalTime
SetEndOfFile
SetFilePointer
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
ReleaseMutex
GlobalMemoryStatusEx
SetUnhandledExceptionFilter
WriteProcessMemory
CreateProcessA
GetThreadContext
SetThreadPriority
HeapDestroy
HeapReAlloc
SystemTimeToFileTime
GetSystemInfo
ResumeThread
GetTickCount
Sleep
HeapSize
EncodePointer
DecodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
VerSetConditionMask
VerifyVersionInfoA
SleepEx
GetFileType
ReadFile
PeekNamedPipe
ExpandEnvironmentStringsA
RemoveDirectoryW
ReleaseSemaphore
WaitForMultipleObjects
GetSystemTimeAsFileTime
DeviceIoControl
LocalFree
user32
MessageBoxA
DestroyWindow
CreateWindowExA
RegisterClassA
PostQuitMessage
DefWindowProcA
EnumDisplayDevicesA
GetSystemMetrics
GetDC
GetWindowTextA
GetClientRect
GetWindowInfo
GetWindowThreadProcessId
GetClassNameA
EnumWindows
GetClipboardData
SetWindowTextA
SetFocus
SendDlgItemMessageA
GetDlgItem
EndDialog
DialogBoxIndirectParamA
LoadCursorA
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
ShowCursor
SetCursorPos
SetCursor
GetCursorPos
ClipCursor
GetClipCursor
GetCursor
ole32
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
StringFromGUID2
CoCreateGuid
CLSIDFromString
oleaut32
SysAllocStringLen
SysFreeString
shlwapi
PathFileExistsA
PathAppendA
PathRemoveFileSpecA
PathStripPathA
PathIsRelativeA
PathAddBackslashA
dbghelp
MiniDumpWriteDump
msvcp110
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
??0_Pad@std@@QAE@XZ
??1_Pad@std@@QAE@XZ
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
?_Release@_Pad@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
??Bios_base@std@@QBEPAXXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
_FInf
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
?id@?$ctype@D@std@@2V0locale@2@A
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?classic@locale@std@@SAABV12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?widen@?$ctype@D@std@@QBEDD@Z
?narrow@?$ctype@D@std@@QBEDDD@Z
?exceptions@ios_base@std@@QAEXH@Z
?flags@ios_base@std@@QAEHH@Z
?precision@ios_base@std@@QAE_J_J@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?toupper@?$ctype@D@std@@QBEDD@Z
?setf@ios_base@std@@QAEHHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
_Inf
_Nan
_FNan
?pubsync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPAD_J@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?setf@ios_base@std@@QAEHH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
?eof@ios_base@std@@QBE_NXZ
?fail@ios_base@std@@QBE_NXZ
?bad@ios_base@std@@QBE_NXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
?pubimbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@PAV32@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??7ios_base@std@@QBE_NXZ
_FDtest
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??_7_Facet_base@std@@6B@
??_7facet@locale@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
_Mtx_destroy
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?uncaught_exception@std@@YA_NXZ
?in_avail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??_7codecvt_base@std@@6B@
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7?$codecvt@_WDH@std@@6B@
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
?_Xbad_function_call@std@@YAXXZ
_Thrd_join
_Thrd_equal
_Thrd_current
_Mtx_init
?_Xbad_alloc@std@@YAXXZ
msvcr110
strerror
_beginthreadex
_wassert
fread
fseek
ftell
vsprintf
_stricmp
?terminate@@YAXXZ
__libm_sse2_log10f
__libm_sse2_powf
vfprintf
_ctime64
exit
_errno
_vsnprintf
_getcwd
_stat64i32
_findclose
_findfirst64i32
_findnext64i32
getenv
system
_setmode
realloc
_putenv
__libm_sse2_log
remove
qsort
clearerr
ferror
toupper
iswspace
longjmp
__CxxLongjmpUnwind
_setjmp3
_mktemp
_open
putc
strcmp
__iob_func
abort
strcspn
isalpha
isalnum
iscntrl
localeconv
feof
freopen
getc
__RTDynamicCast
__libm_sse2_acosf
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_sinf
__libm_sse2_tanf
_mbscmp
_mbslwr_s
_mbsnbcpy_s
_mbsstr
_CIfmod
__libm_sse2_cosf
atof
_mbsrchr
strspn
fputs
isupper
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
strcoll
__libm_sse2_asinf
modf
__libm_sse2_sin
__RTtypeid
ldexp
__libm_sse2_cos
islower
isxdigit
strpbrk
frexp
_CIcosh
_CIsinh
_CItanh
__libm_sse2_acos
__libm_sse2_asin
__libm_sse2_atan
__libm_sse2_exp
__libm_sse2_log10
__libm_sse2_tan
_HUGE
_difftime64
__libm_sse2_expf
_exit
_strnicmp
clock
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__initenv
_fmode
_commode
_vsnprintf_s
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_mktime64
_localtime64
_gmtime64
_ftime64
_isnan
strstr
_wcsnicmp
__libm_sse2_logf
_CIatan2
_libm_sse2_sin_precise
_libm_sse2_cos_precise
_libm_sse2_sqrt_precise
isgraph
isprint
_stat64
wprintf
_fstat64
_lseeki64
_strtoi64
fgets
__sys_nerr
_close
_chmod
_umask
_strdup
_fdopen
_write
_read
strrchr
strncmp
strncat
strchr
sprintf
_snprintf
sscanf
fprintf
fopen
wctomb
strtoul
strtol
strtod
mbtowc
atol
___mb_cur_max_func
ispunct
ceil
??9type_info@@QBE_NABV0@@Z
tolower
isspace
isdigit
srand
rand
_kbhit
_getch
sprintf_s
_mbsnicmp
_mbsicmp
strncpy_s
atoi
_except_handler3
_vscprintf
vsprintf_s
rename
strncpy
malloc
_set_purecall_handler
_mkdir
memmove_s
strnlen
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
_unlock_file
_lock_file
ungetc
setvbuf
printf
fwrite
_fseeki64
fsetpos
fputc
fgetpos
fgetc
fflush
fclose
memcpy_s
_time64
??0exception@std@@QAE@XZ
memchr
memset
__libm_sse2_pow
__CxxFrameHandler3
_CxxThrowException
??8type_info@@QBE_NABV0@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
memmove
??_V@YAXPAX@Z
free
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
calloc
memcpy
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
wsock32
getsockname
gethostname
inet_addr
winmm
timeGetTime
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeSetEvent
pdh
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhEnumObjectItemsA
PdhMakeCounterPathA
PdhCloseQuery
PdhOpenQueryA
vmprotectsdk32
VMProtectBeginMutation
VMProtectIsDebuggerPresent
VMProtectEnd
wininet
HttpEndRequestA
HttpSendRequestExA
InternetSetStatusCallback
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetReadFile
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetSetOptionA
InternetConnectA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA
winhttp
WinHttpCloseHandle
WinHttpOpen
WinHttpSendRequest
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpConnect
WinHttpReceiveResponse
wldap32
ord35
ord26
ord79
ord30
ord200
ord301
ord32
ord33
ord27
ord22
ord41
ord50
ord60
ord211
ord46
ord143
normaliz
IdnToAscii
fmodex
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?getDefaults@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAM00PAH@Z
?getLength@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
FMOD_Channel_GetUserData
?setVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setPriority@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?set3DSettings@System@FMOD@@QAG?AW4FMOD_RESULT@@MMM@Z
?set3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_VECTOR@@000@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?getChannelsPlaying@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?setSpeakerMode@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKERMODE@@@Z
?setDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@IH@Z
?getCPUUsage@System@FMOD@@QAG?AW4FMOD_RESULT@@PAM0000@Z
?getPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?setChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAVChannelGroup@2@@Z
?setCallback@Channel@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_CHANNEL@@W4FMOD_CHANNEL_CALLBACKTYPE@@PAX2@Z@Z
?set3DAttributes@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@0@Z
?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?setMode@Channel@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?getMode@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?setLoopCount@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setUserData@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAX@Z
FMOD_Memory_GetStats
FMOD_Debug_SetLevel
FMOD_System_Create
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getNumDrivers@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getDriverInfo@System@FMOD@@QAG?AW4FMOD_RESULT@@HPADHPAUFMOD_GUID@@@Z
?getDriverCaps@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAIPAHPAW4FMOD_SPEAKERMODE@@@Z
?setDriver@System@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?getDriver@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?setVolume@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setReverbProperties@System@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_REVERB_PROPERTIES@@@Z
?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z
gdi32
CreateFontA
SwapBuffers
SetPixelFormat
ChoosePixelFormat
shell32
SHGetFolderPathAndSubDirA
psapi
GetModuleInformation
GetProcessMemoryInfo
opengl32
glTexSubImage2D
glTexParameteri
glTexParameterf
glTexImage2D
glPixelStorei
glHint
glGetTexImage
glGenTextures
glDeleteTextures
glDrawElements
glDrawArrays
glViewport
glStencilOp
glStencilMask
glStencilFunc
glReadBuffer
glPolygonOffset
glEnable
glDrawBuffer
glDisable
glDepthMask
glDepthFunc
glReadPixels
glCopyTexSubImage2D
glColorMask
glClearStencil
glClearDepth
glClearColor
glClear
glBlendFunc
glBindTexture
glGetString
glGetIntegerv
wglGetProcAddress
wglGetCurrentDC
wglMakeCurrent
wglGetCurrentContext
wglDeleteContext
wglCreateContext
glCullFace
Exports
Exports
?FastLog@FLog@@YAXEPBDPBX1111@Z
?FastLog@FLog@@YAXEPBDPBX11@Z
?FastLog@FLog@@YAXEPBDPBX@Z
?FastLogF@FLog@@YAXEPBDMMMM@Z
?FastLogS@FLog@@YAXEPBD0@Z
?FastLogS@FLog@@YAXEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ForEachVariable@FLog@@YAXP6AXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PAX@Z1W4FastVarType@@@Z
?GetFastLogCounter@FLog@@YAHE@Z
?GetNumSynchronizedVariable@FLog@@YAGXZ
?GetValue@FLog@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@_N@Z
?Init@FLog@@YAXP6ANXZ@Z
?NowFast@FLog@@YANXZ
?RegisterFlag@FLog@@YAHPBDPA_NPAPA_NW4FastVarType@@@Z
?RegisterInt@FLog@@YAHPBDPAHPAPA_NW4FastVarType@@@Z
?RegisterLogGroup@FLog@@YAHPBDPAEPAPA_NW4FastVarType@@@Z
?RegisterString@FLog@@YAHPBDPAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPA_NW4FastVarType@@@Z
?ResetSynchronizedVariablesState@FLog@@YAXXZ
?SetBinaryLog@Detail@FLog@@YAXPAXP6AX0PBXI@Z@Z
?SetExternalLogFunc@FLog@@YAXP6AXEPBD@Z@Z
?SetValue@FLog@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0W4FastVarType@@_N@Z
?SetValueFromServer@FLog@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?WriteFastLogDump@FLog@@YAXPBDH@Z
Sections
.text Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.0MB - Virtual size: 4.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ