D:\AutoBuild\crash20131115(7.9.13)\build\pdb\ProductRelease\Thunder.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5b5104c2ad04f8794d5cbeb9228988ade753f6d24b01b3f673099ec773eef077.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
5b5104c2ad04f8794d5cbeb9228988ade753f6d24b01b3f673099ec773eef077.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
5b5104c2ad04f8794d5cbeb9228988ade753f6d24b01b3f673099ec773eef077
-
Size
1.4MB
-
MD5
7fabecf40cd00c319996ad853221675a
-
SHA1
5e7f47a5319ccf625bbe894b4c322c211199c5a0
-
SHA256
5b5104c2ad04f8794d5cbeb9228988ade753f6d24b01b3f673099ec773eef077
-
SHA512
36ccea948021f32e1b6725c20ab75417a0a7a8cac01858a5b3764afb61131d69014151f6208e9f73b27affc104358fbdb30e029b8f5281335eba4da0996cce30
-
SSDEEP
24576:SOtDzYMbXWYcRK0S6M8kvXbMkmwEwGErIPbym1Ly1bOmyzJDkhCxd:fzYMbXD0SB8pwEFbh1LAObwCx
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5b5104c2ad04f8794d5cbeb9228988ade753f6d24b01b3f673099ec773eef077
Files
-
5b5104c2ad04f8794d5cbeb9228988ade753f6d24b01b3f673099ec773eef077.exe windows:5 windows x86 arch:x86
d86897553d98d234b913a6f73992c6eb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ws2_32
WSADuplicateSocketW
closesocket
WSACleanup
ntohl
WSASocketW
socket
recv
send
connect
WSAAsyncGetHostByName
getpeername
ntohs
getsockname
WSACancelAsyncRequest
WSAAsyncSelect
WSAStartup
gethostname
htonl
inet_ntoa
gethostbyname
WSARecvFrom
WSASendTo
WSAHtons
bind
WSAIoctl
WSARecv
WSASend
WSAGetLastError
htons
WSASetLastError
inet_addr
xlfsio
XLFS_MountDir
XLFS_GetFileSize
XLFS_OpenFile
XLFS_IsEOF
XLFS_CloseFile
XLFS_UnMount
XLFS_CacheGC
XLFS_Init
XLFS_ReadFile
xlluaruntime
XLLRT_GetLuaState
luaL_unref
XLLRT_ReleaseRunTime
XLLRT_GetEnv
XLLRT_GetRuntime
lua_tonumber
lua_touserdata
lua_pushvalue
luaL_argerror
lua_createtable
lua_setfield
lua_pushlstring
lua_objlen
luaL_checktype
XLLRT_RegisterClass
lua_gettop
XLLRT_CreateChunkFromModule
XLLRT_PrepareChunk
XLLRT_LuaCall
luaL_ref
lua_pushstring
XLLRT_ReleaseChunk
XLLRT_ReleaseEnv
luaL_checklstring
luaL_register
lua_newuserdata
lua_setmetatable
lua_getmetatable
lua_rawequal
luaL_typerror
XLLRT_PushXLObject
lua_rawgeti
lua_insert
lua_getfield
lua_pushnil
XLLRT_CreateChunkFromFile
XLLRT_RunChunk
lua_pushlightuserdata
lua_settop
luaL_checkinteger
lua_isuserdata
luaL_checknumber
lua_next
lua_rawseti
XLLRT_IsGlobalObjRegistered
XLLRT_RemoveGlobalObj
lua_settable
lua_isnumber
lua_isstring
lua_pushnumber
lua_pushboolean
lua_tolstring
XLLRT_RegisterGlobalObj
luaL_checkudata
XLLRT_ErrorHandle
XLLRT_DebugInit
lua_gettable
lua_pushinteger
lua_type
lua_toboolean
lua_tointeger
lua_gc
xlgraphic
XL_StatObject
XL_PrepareGraphicParam
XL_InitGraphicLib
XL_AddRefBitmap
XL_ReleaseBitmap
XL_ReleaseMask
XL_GetColorVariance
XL_SetTextureBitmap
XL_ReleaseTexture
XL_BindMaskSource
XL_SetMaskBmpStretch
XL_NewMask
XL_LoadBitmapFromMemory
XL_GetBitmapBuffer
XL_SetFreeTypeEnabled
XL_PaintBitmap
XL_GetBitmapInfo
XL_HSV2RGB
XL_RGB2HSV
XL_LoadBitmapFromFile
XL_CreateBitmap
XL_BuildMaskCache
XL_DefaultGraphicHint
XL_Blend
XL_SetTextureOrigin
XL_AddTextureBlock
XL_CreateTexture
XL_StretchBitmap
XL_GetBitmapMainColor
XL_CloneBitmap
XL_ClipSubBindBitmap
XL_SetMaskSize
xlue
XLUE_GetHostWndWindowHandle
XLUE_GetHostWndByID
XLUE_LoadXAR
XLUE_SetTextObjectDefaultTextType
XLUE_InitLoader
XLUE_GC
XLUE_CheckBitmap
XLUE_CheckColor2
XLUE_PushColor2
XLUE_AsynLoadXAR
XLUE_IsXARLoaded
XLUE_PushBitmap
shlwapi
PathRemoveFileSpecW
PathCombineW
PathFindFileNameW
PathFileExistsW
PathAppendW
PathIsDirectoryW
StrStrW
StrCmpNIW
PathMatchSpecW
StrCpyW
PathIsRelativeW
StrCmpIW
PathFindFileNameA
StrCatW
StrCpyNW
SHDeleteKeyW
PathFindExtensionW
PathFileExistsA
AssocQueryStringW
SHStrDupW
UrlUnescapeW
UrlIsOpaqueW
UrlIsNoHistoryW
UrlIsW
UrlHashW
UrlGetPartW
UrlGetLocationW
UrlEscapeW
UrlCreateFromPathW
UrlCompareW
UrlCombineW
UrlCanonicalizeW
UrlApplySchemeW
PathUnquoteSpacesW
PathUnmakeSystemFolderW
PathUnExpandEnvStringsW
PathUndecorateW
PathStripToRootW
PathStripPathW
PathSkipRootW
PathSetDlgItemPathW
PathSearchAndQualifyW
PathRenameExtensionW
PathRemoveExtensionW
PathRemoveBlanksW
PathRemoveBackslashW
PathRemoveArgsW
PathRelativePathToW
PathQuoteSpacesW
PathParseIconLocationW
PathMakeSystemFolderW
PathMakePrettyW
PathIsURLW
PathIsUNCServerShareW
PathIsUNCServerW
PathIsUNCW
PathIsSystemFolderW
PathIsSameRootW
PathIsRootW
PathIsPrefixW
PathIsNetworkPathW
PathIsLFNFileSpecW
PathIsFileSpecW
PathIsDirectoryEmptyW
PathIsContentTypeW
PathGetDriveNumberW
PathGetArgsW
PathFindSuffixArrayW
PathFindOnPathW
PathFindNextComponentW
PathCreateFromUrlW
PathCompactPathExW
PathCompactPathW
PathCommonPrefixW
PathCanonicalizeW
PathBuildRootW
PathAddExtensionW
PathAddBackslashW
StrStrIW
wnsprintfW
psapi
GetModuleInformation
GetModuleFileNameExW
EnumProcessModules
EmptyWorkingSet
GetProcessMemoryInfo
GetModuleBaseNameW
downloadkernel
XL_DKLH_RegisterToEnv
XL_DKLH_GetDownloadKernel
libexpat
ord27
ord31
ord18
ord3
ord34
ord47
ord53
ord36
ord49
ord38
ord44
ord21
ord20
ord52
ord16
ord28
ord11
ord10
ord2
ord12
ord25
ord50
ord48
ord35
ord63
ord26
ord46
xlusers
ord1
basecommunity
ord1
xlgraphicplus
XLGP_PushIcon
XLGP_InitGraphicPlus
XLGP_ConvertDDBToXLBitmap
XLGP_LoadIconFromFile
XLGP_LoadIconFromFileExt
XLGP_LoadIconFromModuleFile
XLGP_ReleaseIcon
XLGP_PrepareGraphicPlusParam
XLGP_RegisterLuaHost
zlib1
crc32
deflate
deflateInit2_
inflate
inflateEnd
deflateEnd
get_crc_table
compress
uncompress
inflateInit2_
xlstat
XLSTAT_TrackClick
_XLSTAT_Init2@40
XLSTAT_RegisterClass
XLSTAT_Uninit
XLSTAT_AddStat
imm32
ImmDisableIME
kernel32
Module32FirstW
QueryPerformanceFrequency
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesExW
GetFileSizeEx
MoveFileW
SetFileTime
GetFileAttributesW
CreateDirectoryW
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetVolumeInformationW
GetDriveTypeW
GetModuleHandleW
GetProcAddress
GetCurrentThread
LoadLibraryA
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
OutputDebugStringW
OutputDebugStringA
GetFullPathNameW
InterlockedExchange
lstrlenA
MultiByteToWideChar
GetDiskFreeSpaceExW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
LeaveCriticalSection
RaiseException
EnterCriticalSection
DeleteCriticalSection
CloseHandle
GetTempPathW
GetCurrentProcess
InitializeCriticalSection
OpenEventW
SetEvent
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetSystemTime
SystemTimeToFileTime
GetProcessTimes
VirtualQuery
InterlockedCompareExchange
VirtualProtect
ResumeThread
FlushInstructionCache
SetThreadContext
GetThreadContext
VirtualFree
SuspendThread
VirtualAlloc
SetLastError
GlobalLock
GlobalUnlock
LocalFree
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
GlobalAddAtomW
GetTickCount
lstrcpyW
lstrlenW
GetModuleFileNameW
CreateFileA
DeviceIoControl
GetSystemInfo
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
Sleep
GetPriorityClass
GetThreadPriority
SetPriorityClass
SetThreadPriority
WideCharToMultiByte
GetSystemDefaultLangID
GetCurrentProcessId
GetLocalTime
GetPrivateProfileStringW
GetProcessId
WaitForSingleObject
CreateMutexW
ReleaseMutex
lstrcmpW
lstrcpynW
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
OpenMutexW
GetProcessIoCounters
OpenFileMappingW
MapViewOfFile
CreateFileW
GetFileSize
DuplicateHandle
CopyFileW
GetTempFileNameW
WriteFile
FileTimeToSystemTime
FormatMessageW
FreeLibrary
LocalLock
GlobalAddAtomA
GlobalDeleteAtom
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
GetExitCodeThread
WaitForMultipleObjects
ReadFile
GetPrivateProfileIntW
WritePrivateProfileStringW
CreateEventW
LocalAlloc
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
GetVersion
GetVersionExW
TerminateThread
CreateThread
GetSystemDirectoryW
IsBadWritePtr
ResetEvent
GetWindowsDirectoryW
GetWindowsDirectoryA
FindFirstFileA
GetModuleHandleA
SetErrorMode
UnhandledExceptionFilter
VirtualQueryEx
GetThreadSelectorEntry
ReadProcessMemory
lstrcatW
lstrcpynA
MulDiv
lstrcmpiW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetExitCodeProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
GetVolumeInformationA
GetSystemDirectoryA
GetModuleFileNameA
IsBadCodePtr
lstrcatA
CreateDirectoryA
GetFileAttributesA
lstrcpyA
GetVersionExA
GlobalFree
GlobalAlloc
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
CreatePipe
IsBadReadPtr
SetThreadExecutionState
GetLogicalDriveStringsW
lstrcmpiA
CreateProcessW
GetLastError
user32
wsprintfW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowVisible
MoveWindow
SetTimer
BringWindowToTop
SetWindowPos
GetWindowRect
GetWindow
DestroyWindow
DestroyIcon
GetSystemMetrics
LoadImageW
MessageBoxW
SendMessageTimeoutW
SetDlgItemTextW
GetWindowTextW
ShowWindow
GetDesktopWindow
SendMessageW
PeekMessageW
GetMessageW
TranslateMessage
DefWindowProcW
DispatchMessageW
FindWindowW
wsprintfA
RegisterWindowMessageW
SetWindowsHookExW
CharNextW
UnhookWindowsHookEx
CallNextHookEx
CreateWindowExW
CallWindowProcW
GetWindowLongW
InSendMessage
EqualRect
IsRectEmpty
SetRectEmpty
LoadStringW
PostQuitMessage
GetIconInfo
CreateIconIndirect
GetDC
ReleaseDC
GetWindowDC
PostThreadMessageW
IsIconic
GetWindowPlacement
DrawIconEx
DrawTextW
GetTopWindow
PtInRect
LockWorkStation
ExitWindowsEx
GetAncestor
WindowFromPoint
GetCursorPos
SetClipboardData
EmptyClipboard
EnumWindows
GetMonitorInfoW
MonitorFromPoint
GetActiveWindow
RegisterClipboardFormatW
GetAsyncKeyState
SystemParametersInfoW
GetLastInputInfo
UnregisterClassA
GetForegroundWindow
RegisterClassExW
GetClassInfoExW
LoadCursorW
IntersectRect
SetWindowLongW
ChangeClipboardChain
KillTimer
SetClipboardViewer
EnumThreadWindows
GetClassNameW
UnregisterHotKey
GetKeyState
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
PostMessageW
GetClipboardOwner
GetWindowThreadProcessId
IsWindow
GetClientRect
ClientToScreen
RegisterHotKey
gdi32
DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
SelectObject
SetDIBColorTable
GetObjectW
SetStretchBltMode
CreateCompatibleBitmap
CreateSolidBrush
StretchBlt
Rectangle
SetTextColor
GetTextExtentPoint32W
GetStockObject
SetBkMode
SetDCBrushColor
SetDCPenColor
TextOutW
GetDIBits
BitBlt
CreateBitmap
EnumFontFamiliesExW
SelectPalette
RealizePalette
CreatePen
GetDIBColorTable
CreateDCW
PatBlt
GetDeviceCaps
advapi32
RegSetValueExW
RegSetKeySecurity
InitializeSecurityDescriptor
CloseServiceHandle
StartServiceW
OpenServiceW
RegQueryMultipleValuesW
OpenSCManagerW
RegCreateKeyW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryInfoKeyW
RegGetKeySecurity
RegNotifyChangeKeyValue
RegSaveKeyExW
RegSaveKeyW
RegUnLoadKeyW
RegLoadKeyW
RegFlushKey
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegOpenUserClassesRoot
RegOpenCurrentUser
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
GetSecurityDescriptorControl
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetSidLengthRequired
SetSecurityDescriptorDacl
InitializeSid
GetSidSubAuthority
CopySid
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetAce
GetAclInformation
AddAce
InitializeAcl
EqualSid
IsValidSid
GetLengthSid
shell32
SHGetFolderPathW
SHGetSpecialFolderPathA
ShellExecuteExW
SHFileOperationW
SHCreateDirectoryExW
SHGetFileInfoW
ExtractIconW
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW
ord165
DragQueryFileW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHChangeNotify
SHBrowseForFolderW
ord74
ole32
CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
ReleaseStgMedium
CoSetProxyBlanket
CoLoadLibrary
GetHGlobalFromStream
CoCreateGuid
StringFromGUID2
CoInitialize
CoFreeLibrary
CoUninitialize
DoDragDrop
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
VarBstrCmp
SysAllocStringLen
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SysStringLen
VariantChangeType
VariantInit
VariantCopy
msvcp90
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?max@?$numeric_limits@K@std@@SAKXZ
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0strstreambuf@std@@QAE@PBDH@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??1strstreambuf@std@@UAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIPB_W@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIABV12@@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?_Incref@facet@locale@std@@QAEXXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??1locale@std@@QAE@XZ
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
atl90
ord30
ord64
ord23
ord61
msimg32
AlphaBlend
TransparentBlt
msvcr90
_beginthreadex
_itow
_vswprintf
_wcsicmp
wcsstr
_vsnwprintf_s
wcschr
iswspace
_wcsnicmp
_wcsupr_s
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
printf
setlocale
wcsncpy
wcstombs
_itoa_s
_snprintf
_wfopen
fwrite
fclose
feof
fread
_i64toa
_atoi64
_itoa
strncpy
__CxxFrameHandler3
_CxxThrowException
ldiv
wcslen
wcscmp
strlen
_itow_s
sscanf
atoi
wcscpy_s
clock
_resetstkoflw
_vscwprintf
vswprintf_s
memcmp
wcsrchr
strcpy
wcscpy
realloc
strncpy_s
strcmp
_time64
_vswprintf_c_l
atol
fopen
fgetc
isalpha
isdigit
_localtime64
wcsftime
_wmkdir
_errno
_swprintf
_wcslwr_s
wcsncmp
_mbsinc
_ismbcspace
_mktime64
_strdup
labs
_ultoa
isprint
isspace
isalnum
abs
memmove
_localtime64_s
_wtol
fputs
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__RTDynamicCast
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_stricmp
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
swscanf
ferror
_gmtime64
strftime
_wstat64i32
_strnicmp
strncmp
_ultow
_ui64toa
_ui64tow
_wtoi64
wcsncat
_wrename
_ltow_s
wcsspn
wcscspn
towlower
ftell
fseek
_filelength
_fileno
strstr
toupper
fwprintf
getc
fgetwc
_CIsqrt
?terminate@@YAXXZ
??3@YAXPAX@Z
_wcslwr
free
memcpy_s
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove_s
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
calloc
_recalloc
swprintf_s
wcsncpy_s
sprintf_s
??_V@YAXPAX@Z
memset
memcpy
_wtoi
_purecall
malloc
tolower
wcsnlen
srand
rand
sprintf
__argc
__wargv
wtsapi32
WTSRegisterSessionNotification
crypt32
CertGetNameStringW
CertFindCertificateInStore
CryptMsgClose
CertCloseStore
CryptMsgGetParam
CryptQueryObject
iphlpapi
GetAdaptersInfo
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
powrprof
SetSuspendState
dnsapi
DnsQueryConfig
imagehlp
CheckSumMappedFile
ImageNtHeader
mini_unzip_dll
mini_unzip_dll
gdiplus
GdipLoadImageFromFile
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipLoadImageFromStream
GdipSaveImageToFile
GdipSaveImageToStream
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipGetImageEncoders
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageThumbnail
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateBitmapFromScan0
GdipSetPixelOffsetMode
GdipDisposeImageAttributes
GdipSetImageAttributesWrapMode
GdipDrawImageRectRectI
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageEncodersSize
GdipCreateImageAttributes
winmm
PlaySoundW
sensapi
IsNetworkAlive
comdlg32
GetOpenFileNameW
GetSaveFileNameW
comctl32
ImageList_GetIconSize
ImageList_Draw
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 261KB - Virtual size: 260KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 35KB - Virtual size: 315KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE