ulib.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
751068d5d0ecd64a4810379729a1f0bc_JaffaCakes118.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
751068d5d0ecd64a4810379729a1f0bc_JaffaCakes118.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
751068d5d0ecd64a4810379729a1f0bc_JaffaCakes118
-
Size
269KB
-
MD5
751068d5d0ecd64a4810379729a1f0bc
-
SHA1
4c4fdb8c108a2fb6e44e3e2ce21a69001f5d7cbf
-
SHA256
55d2f6f32513349c3bca5e06b719b03a56577a23cb30cc1bc5e848de2d456fd7
-
SHA512
a6cd3d64e906682356c3d64e0a5cc4592c811e9e99878d9d9906ccd6aed876e3271f7b50fab34f18cf0cefd5b6e1834d2fa205b4291487509b1948fa51180714
-
SSDEEP
3072:JW/1pIRl/SCd0CoHTLWU+xJ3azya3lIdcZ5HRSGQM2QJvhScfTNnXbv1jghiYEIe:M/1CvE
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 751068d5d0ecd64a4810379729a1f0bc_JaffaCakes118
Files
-
751068d5d0ecd64a4810379729a1f0bc_JaffaCakes118.dll windows:5 windows x86 arch:x86
ca79b1af741fc016186dba37a6b49923
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
_wcslwr
_wcsupr
_wcsicmp
wcscmp
isalpha
wcschr
wcsrchr
wcsstr
wcsspn
wcscspn
towupper
isdigit
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
atol
iswctype
sprintf
setlocale
wprintf
wctomb
wcslen
wcscat
isprint
toupper
isspace
strcspn
mbtowc
_except_handler3
strchr
wcsncmp
swprintf
wcscpy
qsort
memmove
ntdll
RtlAllocateHeap
RtlFreeHeap
NtDelayExecution
RtlPrefixUnicodeString
RtlInitUnicodeString
RtlSizeHeap
NtQuerySecurityObject
NtClose
NtQueryInformationFile
NtOpenFile
RtlDosPathNameToNtPathName_U
RtlOemToUnicodeN
RtlMultiByteToUnicodeN
RtlUnicodeToOemN
RtlUnicodeToMultiByteN
kernel32
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CompareStringW
MultiByteToWideChar
FindFirstFileW
GetStdHandle
GetSystemTime
GetDateFormatW
GetSystemDefaultLCID
GetTimeFormatW
CompareFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetTempPathW
GetTempFileNameW
GlobalFree
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetFileType
GetDriveTypeW
SearchPathW
GetEnvironmentVariableW
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
GetVolumeInformationW
LocalAlloc
SetLastError
DeviceIoControl
LocalFree
DeleteVolumeMountPointW
WriteFile
GetLargestConsoleWindowSize
SetConsoleWindowInfo
SetConsoleScreenBufferSize
WriteConsoleW
FillConsoleOutputAttribute
FillConsoleOutputCharacterW
IsDBCSLeadByte
GetCurrentProcess
GetCommandLineW
GetLastError
FormatMessageW
InterlockedDecrement
GetModuleHandleW
LoadLibraryExW
InterlockedCompareExchange
SetThreadLocale
GetUserDefaultLCID
GetConsoleOutputCP
CloseHandle
SetCommState
GetCommTimeouts
GetCommState
SetCommTimeouts
CreateFileW
CreateDirectoryW
FindClose
FindNextFileW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
PrivCopyFileExW
GetFileAttributesW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetFilePointerEx
ReadFile
SetFileTime
MoveFileW
SetConsoleMode
GetConsoleMode
SetConsoleCtrlHandler
FlushConsoleInputBuffer
PeekConsoleInputW
GetNumberOfConsoleInputEvents
WideCharToMultiByte
GetFullPathNameW
FindVolumeMountPointClose
FindNextVolumeMountPointW
FindFirstVolumeMountPointW
SetErrorMode
GetVolumeNameForVolumeMountPointW
ExitProcess
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
GetConsoleCP
SetConsoleCP
SetConsoleOutputCP
user32
wsprintfA
CharUpperW
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
IsTextUnicode
Exports
Exports
??0ARGUMENT_LEXEMIZER@@QAE@XZ
??0ARRAY@@QAE@XZ
??0BDSTRING@@QAE@ABV0@@Z
??0BDSTRING@@QAE@XZ
??0BITVECTOR@@QAE@XZ
??0BSTRING@@IAE@XZ
??0BSTRING@@QAE@ABV0@@Z
??0BYTE_STREAM@@QAE@XZ
??0CHKDSK_MESSAGE@@QAE@XZ
??0CLASS_DESCRIPTOR@@QAE@XZ
??0COMM_DEVICE@@QAE@XZ
??0CONT_MEM@@QAE@XZ
??0DSTRING@@QAE@ABV0@@Z
??0DSTRING@@QAE@XZ
??0FLAG_ARGUMENT@@QAE@XZ
??0FSN_FILTER@@QAE@XZ
??0FSTRING@@QAE@ABV0@@Z
??0FSTRING@@QAE@XZ
??0HMEM@@QAE@XZ
??0KEYBOARD@@QAE@XZ
??0LIST@@QAE@XZ
??0LONG_ARGUMENT@@QAE@XZ
??0MACHINE@@QAE@XZ
??0MEM_ALLOCATOR@@QAE@XZ
??0MEM_BLOCK_MGR@@QAE@XZ
??0MESSAGE@@QAE@XZ
??0MULTIPLE_PATH_ARGUMENT@@QAE@XZ
??0OBJECT@@IAE@XZ
??0OBJECT@@QAE@ABV0@@Z
??0PATH@@QAE@XZ
??0PATH_ARGUMENT@@QAE@XZ
??0PRINT_STREAM@@QAE@XZ
??0PROGRAM@@IAE@XZ
??0REST_OF_LINE_ARGUMENT@@QAE@XZ
??0SCREEN@@QAE@XZ
??0SORTED_LIST@@QAE@XZ
??0STREAM_MESSAGE@@QAE@XZ
??0STRING_ARGUMENT@@QAE@XZ
??0STRING_ARRAY@@QAE@XZ
??0TIMEINFO@@QAE@XZ
??0TIMEINFO_ARGUMENT@@QAE@XZ
??0WSTRING@@IAE@XZ
??0WSTRING@@QAE@ABV0@@Z
??1ARGUMENT_LEXEMIZER@@UAE@XZ
??1ARRAY@@UAE@XZ
??1BDSTRING@@UAE@XZ
??1BITVECTOR@@UAE@XZ
??1BSTRING@@UAE@XZ
??1BYTE_STREAM@@UAE@XZ
??1CHKDSK_MESSAGE@@UAE@XZ
??1COMM_DEVICE@@UAE@XZ
??1DSTRING@@UAE@XZ
??1FSN_FILTER@@UAE@XZ
??1FSTRING@@UAE@XZ
??1HMEM@@UAE@XZ
??1LIST@@UAE@XZ
??1MEM_ALLOCATOR@@UAE@XZ
??1MEM_BLOCK_MGR@@UAE@XZ
??1MESSAGE@@UAE@XZ
??1MULTIPLE_PATH_ARGUMENT@@UAE@XZ
??1OBJECT@@UAE@XZ
??1PATH@@UAE@XZ
??1PATH_ARGUMENT@@UAE@XZ
??1PRINT_STREAM@@UAE@XZ
??1PROGRAM@@UAE@XZ
??1SCREEN@@UAE@XZ
??1SORTED_LIST@@UAE@XZ
??1STREAM_MESSAGE@@UAE@XZ
??1STRING_ARGUMENT@@UAE@XZ
??1TIMEINFO_ARGUMENT@@UAE@XZ
??1WSTRING@@UAE@XZ
??4BDSTRING@@QAEAAV0@ABV0@@Z
??4BSTRING@@QAEAAV0@ABV0@@Z
??4DSTRING@@QAEAAV0@ABV0@@Z
??4FSTRING@@QAEAAV0@ABV0@@Z
??4OBJECT@@QAEAAV0@ABV0@@Z
??4WSTRING@@QAEAAV0@ABV0@@Z
??8WSTRING@@QBEEABV0@@Z
??9WSTRING@@QBEEABV0@@Z
??MTIMEINFO@@QBEEV0@@Z
??MWSTRING@@QBEEABV0@@Z
??NWSTRING@@QBEEABV0@@Z
??OTIMEINFO@@QBEEV0@@Z
??OWSTRING@@QBEEABV0@@Z
??PWSTRING@@QBEEABV0@@Z
??_7BDSTRING@@6B@
??_7BSTRING@@6B@
??_7DSTRING@@6B@
??_7FSTRING@@6B@
??_7OBJECT@@6B@
??_7WSTRING@@6B@
?Acquire@CONT_MEM@@UAEPAXKK@Z
?Acquire@HMEM@@UAEPAXKK@Z
?Alloc@MEM_BLOCK_MGR@@QAEPAXXZ
?Allocate@MEM_ALLOCATOR@@QAEPAXK@Z
?AnalyzePath@PATH@@QAE?AW4PATH_ANALYZE_CODE@@PAVWSTRING@@PAV1@0@Z
?AppendBase@PATH@@QAEEPBVWSTRING@@E@Z
?AppendDelimiter@PATH@@QAEEXZ
?AppendString@PATH@@QAEEPBVWSTRING@@@Z
?Cast@FILE_STREAM@@SGPAV1@PBVOBJECT@@@Z
?Cast@KEYBOARD@@SGPAV1@PBVOBJECT@@@Z
?Cast@SCREEN@@SGPAV1@PBVOBJECT@@@Z
?ChangeScreenSize@SCREEN@@QAEEGGPAE@Z
?CharNextW@MBSTR@@SGPADPAD@Z
?CheckSpace@WSTRING@@CGHPAG@Z
?CommitState@COMM_DEVICE@@QAEEXZ
?Compare@OBJECT@@UBEJPBV1@@Z
?ComputeCountSet@BITVECTOR@@ABEKXZ
?Construct@BDSTRING@@AAEXXZ
?Construct@BSTRING@@IAEXXZ
?Construct@DSTRING@@AAEXXZ
?Construct@OBJECT@@IAEXXZ
?Construct@WSTRING@@IAEXXZ
?ConvertOemToUnicodeN@WSTRING@@CGEPAGKPAKPADK@Z
?ConvertToLocal@TIMEINFO@@QAEEXZ
?ConvertToUTC@TIMEINFO@@QAEEXZ
?ConvertUnicodeToOemN@WSTRING@@CGEPADKPAKPAGK@Z
?Copy@FSN_FILE@@QBEEPAVPATH@@PAW4_COPY_ERROR@@KP6GKT_LARGE_INTEGER@@222KKPAX33@Z3PAH@Z
?CreateDirectoryPath@FSN_DIRECTORY@@QBEPAV1@PBVPATH@@@Z
?DeleteAllMembers@ARRAY@@UAEEXZ
?DeleteAllMembers@SEQUENTIAL_CONTAINER@@UAEEXZ
?DeleteAllMembers@SORTED_LIST@@UAEEXZ
?DeleteChAt@BSTRING@@QAEXKK@Z
?DeleteChAt@WSTRING@@QAEXKK@Z
?DeleteDirectory@FSN_DIRECTORY@@QAEEXZ
?DisableBreakHandling@KEYBOARD@@SGEXZ
?DisableLineMode@KEYBOARD@@QAEEXZ
?Display@MESSAGE@@QAAEPBDZZ
?DisplayMessage@PROGRAM@@UBAEKW4MESSAGE_TYPE@@PADZZ
?DisplayMessage@PROGRAM@@UBEEKW4MESSAGE_TYPE@@@Z
?DisplayMsg@MESSAGE@@QAAEKPBDZZ
?DisplayMsg@MESSAGE@@QAAEKW4MESSAGE_TYPE@@KPBDZZ
?DisplayMsg@MESSAGE@@QAEEK@Z
?DisplayMsg@MESSAGE@@QAEEKW4MESSAGE_TYPE@@K@Z
?DisplaySystemError@SYSTEM@@SGXKH@Z
?DoNotRestoreConsoleMode@KEYBOARD@@UAEXXZ
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?DoesNodeMatch@FSN_FILTER@@QAEEPAVFSNODE@@@Z
?DumpDataToLog@MESSAGE@@QAEEPAXK@Z
?EnableBreakHandling@KEYBOARD@@SGEXZ
?EnableLineMode@KEYBOARD@@QAEEXZ
?EndsWithDelimiter@PATH@@QBEEXZ
?EraseScreen@SCREEN@@QAEEXZ
?EraseScreenAndResetAttribute@SCREEN@@QAEEXZ
?ExitProgram@PROGRAM@@SGXK@Z
?Fatal@PROGRAM@@UBAXKKPADZZ
?Fatal@PROGRAM@@UBEXXZ
?FillAndReadByte@BYTE_STREAM@@AAEEPAE@Z
?FindFirstFileW@@YGPAXPBVPATH@@PAU_WIN32_FIND_DATAW@@@Z
?Flush@KEYBOARD@@QAEEXZ
?Free@MEM_BLOCK_MGR@@QAEEPAX@Z
?FreeLibraryHandle@SYSTEM@@SGXPAX@Z
?GetClassDescriptor@OBJECT@@QBEPBVCLASS_DESCRIPTOR@@XZ
?GetFileSecurityBackup@SYSTEM@@SGEPBVPATH@@KPAU_SECURITY_ATTRIBUTES@@PAK@Z
?GetLexeme@ARGUMENT@@QAEPAVWSTRING@@XZ
?GetLexemeAt@ARGUMENT_LEXEMIZER@@QAEPAVWSTRING@@K@Z
?GetNext@FSN_DIRECTORY@@QAEPAVFSNODE@@PAPAXPAK@Z
?GetPFlagBreak@KEYBOARD@@QBEQAHXZ
?GetPattern@ARGUMENT@@QAEPAVWSTRING@@XZ
?GetStandardError@PROGRAM@@UAEPAVSTREAM@@XZ
?GetStandardInput@PROGRAM@@UAEPAVSTREAM@@XZ
?GetStandardOutput@PROGRAM@@UAEPAVSTREAM@@XZ
?GetWSTR@WSTRING@@QBEPBGXZ
?Get_Standard_Error_Stream@@YGPAVSTREAM@@XZ
?Get_Standard_Input_Stream@@YGPAVSTREAM@@XZ
?Get_Standard_Output_Stream@@YGPAVSTREAM@@XZ
?GotABreak@KEYBOARD@@SGEXZ
?HasWildCard@PATH@@QBEEXZ
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Initialize@ARRAY@@QAEEKK@Z
?Initialize@BITVECTOR@@QAEEKW4BIT@@PAK@Z
?Initialize@BSTRING@@QAEEPBDK@Z
?Initialize@BSTRING@@QAEEXZ
?Initialize@BYTE_STREAM@@QAEEPAVSTREAM@@K@Z
?Initialize@CHKDSK_MESSAGE@@QAEEPAVSTREAM@@00@Z
?Initialize@CLASS_DESCRIPTOR@@QAEEXZ
?Initialize@COMM_DEVICE@@QAEEPBVPATH@@PAE@Z
?Initialize@CONT_MEM@@QAEEPAXK@Z
?Initialize@FLAG_ARGUMENT@@QAEEPAD@Z
?Initialize@FLAG_ARGUMENT@@QAEEPAVWSTRING@@@Z
?Initialize@FSN_FILTER@@QAEEXZ
?Initialize@FSTRING@@QAEPAVWSTRING@@PAGK@Z
?Initialize@HMEM@@QAEEXZ
?Initialize@KEYBOARD@@QAEEEE@Z
?Initialize@LIST@@QAEEXZ
?Initialize@LONG_ARGUMENT@@QAEEPAD@Z
?Initialize@MACHINE@@QAEEXZ
?Initialize@MEM_ALLOCATOR@@QAEE_KK@Z
?Initialize@MEM_BLOCK_MGR@@QAEEKK@Z
?Initialize@MESSAGE@@QAEEXZ
?Initialize@MULTIPLE_PATH_ARGUMENT@@QAEEPADEE@Z
?Initialize@PATH@@QAEEPBGE@Z
?Initialize@PATH@@QAEEPBV1@E@Z
?Initialize@PATH@@QAEEPBVWSTRING@@E@Z
?Initialize@PATH_ARGUMENT@@QAEEPADE@Z
?Initialize@PRINT_STREAM@@QAEEPBVPATH@@@Z
?Initialize@PROGRAM@@QAEEKKK@Z
?Initialize@REST_OF_LINE_ARGUMENT@@QAEEXZ
?Initialize@SCREEN@@QAEEXZ
?Initialize@SORTED_LIST@@QAEEE@Z
?Initialize@STREAM_MESSAGE@@QAEEPAVSTREAM@@00@Z
?Initialize@STRING_ARGUMENT@@QAEEPAD@Z
?Initialize@STRING_ARRAY@@QAEEKKK@Z
?Initialize@TIMEINFO@@QAEEPAU_FILETIME@@@Z
?Initialize@TIMEINFO@@QAEXPBV1@@Z
?Initialize@TIMEINFO_ARGUMENT@@QAEEPAD@Z
?Initialize@WSTRING@@QAEEJ@Z
?Initialize@WSTRING@@QAEEPBDK@Z
?Initialize@WSTRING@@QAEEPBGK@Z
?Initialize@WSTRING@@QAEEPBV1@KK@Z
?Initialize@WSTRING@@QAEEXZ
?Insert@LIST@@QAEEPAVOBJECT@@PAVITERATOR@@@Z
?InsertString@WSTRING@@QAEEKPBV1@KK@Z
?IsCorrectVersion@SYSTEM@@SGEXZ
?IsDrive@PATH@@QBEEXZ
?IsEmpty@FSN_DIRECTORY@@QBEEXZ
?IsFMR@MACHINE@@QAEEXZ
?IsGuidVolName@PATH@@QAEEXZ
?IsInAutoChk@MESSAGE@@UAEEXZ
?IsInSetup@MESSAGE@@UAEEXZ
?IsKeyAvailable@KEYBOARD@@QBEEPAE@Z
?IsKeyPressed@MESSAGE@@UAEEKK@Z
?IsLoggingEnabled@MESSAGE@@QAEEXZ
?IsPC98@MACHINE@@QAEEXZ
?IsPCAT@MACHINE@@QAEEXZ
?IsSameClass@OBJECT@@QBEEPBV1@@Z
?IsSameObject@OBJECT@@QBEEPBV1@@Z
?IsSuppressedMessage@MESSAGE@@UAEEXZ
?IsValueSet@ARGUMENT@@QAEEXZ
?IsYesResponse@CHKDSK_MESSAGE@@UAEEE@Z
?IsYesResponse@MESSAGE@@UAEEE@Z
?IsYesResponse@STREAM_MESSAGE@@UAEEE@Z
?Lock@MESSAGE@@QAEXXZ
?Log@MESSAGE@@QAAEPBDZZ
?LogMessage@MESSAGE@@QAEEPBVWSTRING@@@Z
?LogMsg@MESSAGE@@QAAEKPBDZZ
?LogMsg@MESSAGE@@QAEEK@Z
?MachinePlatform@@3VMACHINE@@A
?MakeDirectory@SYSTEM@@SGPAVFSN_DIRECTORY@@PBVPATH@@0PAW4_COPY_ERROR@@P6GKT_LARGE_INTEGER@@222KKPAX33@Z3PAHK@Z
?MakeFile@SYSTEM@@SGPAVFSN_FILE@@PBVPATH@@@Z
?MakeTemporaryFile@SYSTEM@@SGPAVFSN_FILE@@PBVWSTRING@@PBVPATH@@@Z
?ModifyName@PATH@@QAEEPBVWSTRING@@@Z
?MoveCursorTo@SCREEN@@QAEEGG@Z
?NewBuf@BDSTRING@@UAEEK@Z
?NewBuf@DSTRING@@UAEEK@Z
?NewBuf@FSTRING@@UAEEK@Z
?NextChar@BSTRING@@QAEKK@Z
?PrepareToParse@ARGUMENT_LEXEMIZER@@QAEEPAVWSTRING@@@Z
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
?Put@LIST@@UAEEPAVOBJECT@@@Z
?Put@SORTED_LIST@@UAEEPAVOBJECT@@@Z
?PutMultipleSwitch@ARGUMENT_LEXEMIZER@@QAEXPBD@Z
?PutMultipleSwitch@ARGUMENT_LEXEMIZER@@QAEXPBVWSTRING@@@Z
?PutSeparators@ARGUMENT_LEXEMIZER@@QAEXPBD@Z
?PutString@BSTRING@@IAEXPADK@Z
?PutString@WSTRING@@IAEXPAG@Z
?PutString@WSTRING@@IAEXPAGK@Z
?PutSwitches@ARGUMENT_LEXEMIZER@@QAEXPBD@Z
?PutSwitches@ARGUMENT_LEXEMIZER@@QAEXPBVWSTRING@@@Z
?QueryByteCount@WSTRING@@QBEKXZ
?QueryChAt@WSTRING@@QBEGK@Z
?QueryChCount@BSTRING@@QBEKXZ
?QueryChCount@WSTRING@@QBEKXZ
?QueryClassId@OBJECT@@QBEKXZ
?QueryCodePage@SCREEN@@QAEKXZ
?QueryComponentArray@PATH@@QBEPAVARRAY@@PAV2@@Z
?QueryCurrentDosDriveName@SYSTEM@@SGEPAVWSTRING@@@Z
?QueryDate@TIMEINFO@@QBEEPAVWSTRING@@@Z
?QueryDirectory@SYSTEM@@SGPAVFSN_DIRECTORY@@PBVPATH@@E@Z
?QueryDriveType@SYSTEM@@SG?AW4DRIVE_TYPE@@PBVWSTRING@@@Z
?QueryEnvironmentVariable@SYSTEM@@SGPAVWSTRING@@PBV2@@Z
?QueryFile@SYSTEM@@SGPAVFSN_FILE@@PBVPATH@@EPAE@Z
?QueryFileType@SYSTEM@@SG?AW4FILE_TYPE@@PBVWSTRING@@@Z
?QueryFsnodeArray@FSN_DIRECTORY@@QBEPAVARRAY@@PAVFSN_FILTER@@@Z
?QueryFullPath@PATH@@QBEPAV1@XZ
?QueryFullPathString@PATH@@QBEPAVWSTRING@@XZ
?QueryGuidString@PATH@@QAEPAVWSTRING@@PAV2@PAE0@Z
?QueryInvalidArgument@ARGUMENT_LEXEMIZER@@QAEPAVWSTRING@@XZ
?QueryIterator@ARRAY@@UBEPAVITERATOR@@XZ
?QueryIterator@LIST@@UBEPAVITERATOR@@XZ
?QueryIterator@SORTED_LIST@@UBEPAVITERATOR@@XZ
?QueryLibraryEntryPoint@SYSTEM@@SGP6GHXZPBVWSTRING@@0PAPAX@Z
?QueryLocalTimeFromUTime@SYSTEM@@SGEPBVTIMEINFO@@PAV2@@Z
?QueryMemberCount@SORTED_LIST@@UBEKXZ
?QueryMountPointPath@PATH@@QAEPAV1@XZ
?QueryNextLoggedMessage@MESSAGE@@QAEEPAVFSTRING@@@Z
?QueryNumber@WSTRING@@QBEEPAJKK@Z
?QueryPackedLog@MESSAGE@@QAEEPAVHMEM@@PAK@Z
?QueryPath@PATH@@QBEPAV1@XZ
?QueryResourceString@BASE_SYSTEM@@SAEPAVWSTRING@@KPBDZZ
?QueryResourceStringV@BASE_SYSTEM@@SGEPAVWSTRING@@KPBDPAD@Z
?QueryRoot@PATH@@QAEPAVWSTRING@@XZ
?QuerySTR@BSTRING@@QBEPADKKPADKE@Z
?QuerySTR@WSTRING@@QBEPADKKPADKE@Z
?QueryScreenSize@SCREEN@@QBEXPAG000@Z
?QueryStream@FSN_FILE@@QAEPAVFILE_STREAM@@W4STREAMACCESS@@K@Z
?QueryString@WSTRING@@QBEPAV1@KK@Z
?QueryStringInput@MESSAGE@@UAEEPAVWSTRING@@@Z
?QuerySystemDirectory@SYSTEM@@SGPAVPATH@@XZ
?QueryTime@TIMEINFO@@QBEEPAVWSTRING@@@Z
?QueryTimeOut@COMM_DEVICE@@QBEEXZ
?QueryVolumeLabel@SYSTEM@@SGPAVWSTRING@@PAVPATH@@PAU_VOL_SERIAL_NUMBER@@@Z
?QueryWCExpansion@PATH@@QAEPAV1@PAV1@@Z
?QueryWSTR@WSTRING@@QBEPAGKKPAGKE@Z
?QueryWindowsErrorMessage@SYSTEM@@SGEKPAVWSTRING@@@Z
?ReadAt@FILE_STREAM@@QAEEPAEK_JW4SEEKORIGIN@@PAK@Z
?ReadLine@STREAM@@QAEEPAVWSTRING@@E@Z
?ReadMbLine@STREAM@@QAEEPADKPAKEK@Z
?ReadWLine@STREAM@@QAEEPAGKPAKEK@Z
?Remove@ARRAY@@UAEPAVOBJECT@@PAVITERATOR@@@Z
?RemoveNode@SYSTEM@@SGEPAPAVFSNODE@@E@Z
?Replace@WSTRING@@QAEEKKPBV1@KK@Z
?ReplaceWithChars@BSTRING@@QAEEKKDK@Z
?ReplaceWithChars@WSTRING@@QAEEKKGK@Z
?ResetBit@BITVECTOR@@QAEXKK@Z
?ResetConversions@WSTRING@@SGXXZ
?ResetLoggingIterator@MESSAGE@@QAEXXZ
?Resize@BDSTRING@@UAEEK@Z
?Resize@DSTRING@@UAEEK@Z
?Resize@FSTRING@@UAEEK@Z
?Resize@HMEM@@QAEEKK@Z
?SearchPathW@SYSTEM@@SGPAVPATH@@PAVWSTRING@@0@Z
?SelectResponse@MESSAGE@@UAAKKZZ
?Set@CHKDSK_MESSAGE@@UAEEKW4MESSAGE_TYPE@@K@Z
?Set@STREAM_MESSAGE@@UAEEKW4MESSAGE_TYPE@@K@Z
?SetAllowSwitchGlomming@ARGUMENT_LEXEMIZER@@QAEXE@Z
?SetAnsiConversions@WSTRING@@SGXXZ
?SetAttributes@FSN_FILTER@@QAEEKKK@Z
?SetBaudRate@COMM_DEVICE@@QAEEK@Z
?SetBit@BITVECTOR@@QAEXKK@Z
?SetCaseSensitive@ARGUMENT_LEXEMIZER@@QAEXE@Z
?SetChAt@WSTRING@@QAEGGK@Z
?SetClassDescriptor@OBJECT@@IAEXPBVCLASS_DESCRIPTOR@@@Z
?SetCodePage@SCREEN@@QAEEK@Z
?SetConsoleConversions@WSTRING@@SGXXZ
?SetDataBits@COMM_DEVICE@@QAEEK@Z
?SetDevice@PATH@@QAEEPBVWSTRING@@@Z
?SetDotsOnly@MESSAGE@@UAEEE@Z
?SetDtrControl@COMM_DEVICE@@QAEEW4DTR_CONTROL@@@Z
?SetFileName@FSN_FILTER@@QAEEPBD@Z
?SetFileName@FSN_FILTER@@QAEEPBVWSTRING@@@Z
?SetIdsr@COMM_DEVICE@@QAEEE@Z
?SetLoggingEnabled@MESSAGE@@QAEXE@Z
?SetName@PATH@@QAEEPBVWSTRING@@@Z
?SetNoSpcBetweenDstAndSwitch@ARGUMENT_LEXEMIZER@@QAEXE@Z
?SetOcts@COMM_DEVICE@@QAEEE@Z
?SetOdsr@COMM_DEVICE@@QAEEE@Z
?SetOemConversions@WSTRING@@SGXXZ
?SetOutputCodePage@SCREEN@@QAEEK@Z
?SetParity@COMM_DEVICE@@QAEEW4PARITY@@@Z
?SetRtsControl@COMM_DEVICE@@QAEEW4RTS_CONTROL@@@Z
?SetSize@BITVECTOR@@QAEKKW4BIT@@@Z
?SetStopBits@COMM_DEVICE@@QAEEW4STOPBITS@@@Z
?SetTimeInfo@FSN_FILTER@@QAEEPBVTIMEINFO@@W4FSN_TIME@@G@Z
?SetTimeOut@COMM_DEVICE@@QAEEE@Z
?SetXon@COMM_DEVICE@@QAEEE@Z
?SkipWhite@WSTRING@@SGPAGPAG@Z
?Sort@STRING_ARRAY@@UAEEE@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
?Strchr@BSTRING@@QBEKDK@Z
?Strchr@WSTRING@@QBEKGK@Z
?Strcmp@WSTRING@@QBEJPBV1@@Z
?Strcmp@WSTRING@@QBEJPBV1@K@Z
?Strcmp@WSTRING@@QBEJPBV1@KKKK@Z
?Strcmp@WSTRING@@SGHPAG0@Z
?Strcmpis@MBSTR@@SGHPAD0@Z
?Strcmpis@WSTRING@@SGHPAG0@Z
?Strcmps@MBSTR@@SGHPAD0@Z
?Strcmps@WSTRING@@SGHPAG0@Z
?Strcspn@WSTRING@@QBEKPBV1@K@Z
?Stricmp@MBSTR@@SGHPAD0@Z
?Stricmp@WSTRING@@QBEJPBV1@@Z
?Stricmp@WSTRING@@QBEJPBV1@K@Z
?Stricmp@WSTRING@@QBEJPBV1@KKKK@Z
?Stricmp@WSTRING@@SGHPAG0@Z
?Strlwr@WSTRING@@QAEPAV1@KK@Z
?Strlwr@WSTRING@@QAEPAV1@XZ
?Strrchr@WSTRING@@QBEKGK@Z
?Strspn@WSTRING@@QBEKPBV1@K@Z
?Strstr@MBSTR@@SGPADPAD0@Z
?Strstr@WSTRING@@QBEKPBV1@@Z
?Strupr@WSTRING@@QAEPAV1@KK@Z
?Strupr@WSTRING@@QAEPAV1@XZ
?SyncLength@WSTRING@@QAEKXZ
?Traverse@FSN_DIRECTORY@@QBEEPAXPAVFSN_FILTER@@PAVPATH@@P6GE0PAVFSNODE@@2@Z@Z
?Truncate@WSTRING@@QAEKK@Z
?TruncateBase@PATH@@QAEEXZ
?TruncateDelimiter@PATH@@QAEXXZ
?TruncateNameAtColon@PATH@@QAEXXZ
?UlibRealloc@@YGPAXPAXK@Z
?Unlock@MESSAGE@@QAEXXZ
?Usage@PROGRAM@@UBEXXZ
?UseAlternateName@FSNODE@@QAEEXZ
?ValidateVersion@PROGRAM@@UBEXKK@Z
?WaitForUserSignal@MESSAGE@@UAEEXZ
?WriteByte@STREAM@@QAEEE@Z
?_UseAnsiConversions@WSTRING@@0EA
?_UseAnsiConversionsPrev@WSTRING@@0EA
?_UseConsoleConversions@WSTRING@@0EA
?_UseConsoleConversionsPrev@WSTRING@@0EA
Sections
.text Size: 83KB - Virtual size: 83KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 404B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 180KB - Virtual size: 179KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ