D:\Diskeeper11\Diskeeper\Build\Sources\Diskeeper\Symbols\Win32\Release\DkService.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3c4b66f9c0f7fd75819d74bb9f279d6ba1b7f019613751015c1b37bf15ffa24e.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
3c4b66f9c0f7fd75819d74bb9f279d6ba1b7f019613751015c1b37bf15ffa24e.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
3c4b66f9c0f7fd75819d74bb9f279d6ba1b7f019613751015c1b37bf15ffa24e
-
Size
904KB
-
MD5
bc4215d78e738e2dc09dd253005ca8a7
-
SHA1
72909d78ea7487a724636dec8347a1db39aea6b1
-
SHA256
3c4b66f9c0f7fd75819d74bb9f279d6ba1b7f019613751015c1b37bf15ffa24e
-
SHA512
0e45f63de3a9caa4048bcaac54457f5de84bde4174f88d6fdfb9b2c5f9cc26bc4aa85395fad8bd4007d63f7818c1fcae46074e7f735ec0848a486b12169a963f
-
SSDEEP
12288:VIentgxdRgxw3xXbkajmWg8rgo/GCnwXc7FYvBuhRlpN:VIWwiCtkajHf1rZYQh3pN
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3c4b66f9c0f7fd75819d74bb9f279d6ba1b7f019613751015c1b37bf15ffa24e
Files
-
3c4b66f9c0f7fd75819d74bb9f279d6ba1b7f019613751015c1b37bf15ffa24e.exe windows:4 windows x86 arch:x86
6e57c88ab65e7db9e7169906f68cf0b3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntdll
_wcsicmp
_wcsnicmp
_chkstk
_wtol
strstr
_stricmp
strncpy
sprintf
wcsstr
wcsspn
wcscspn
_i64tow
towupper
_itow
mbstowcs
wcschr
memset
_wtoi
memcpy
_alldiv
_allmul
_aulldiv
_aullrem
wcsncat
wcstombs
NtFsControlFile
NtWaitForSingleObject
_wtoi64
_snwprintf
NtQueryVolumeInformationFile
isalpha
_fltused
atoi
sscanf
VerSetConditionMask
wcsrchr
iswspace
iswalpha
toupper
wcsncpy
wcsncmp
rpcrt4
RpcBindingFree
RpcStringFreeW
RpcStringBindingParseW
RpcBindingToStringBindingW
RpcBindingServerFromClient
RpcStringFreeA
RpcStringBindingParseA
RpcBindingToStringBindingA
RpcImpersonateClient
RpcRevertToSelfEx
RpcBindingFromStringBindingW
RpcServerUnregisterIf
RpcMgmtStopServerListening
RpcStringBindingComposeW
RpcServerRegisterIfEx
RpcServerUseProtseqEpW
RpcServerRegisterAuthInfoW
NdrServerCall2
NdrClientCall2
RpcBindingSetAuthInfoW
RpcServerListen
ws2_32
inet_addr
WSAStartup
WSAGetLastError
socket
gethostbyname
htons
connect
closesocket
WSACleanup
inet_ntoa
pdh
PdhEnumObjectItemsW
PdhValidatePathW
PdhExpandCounterPathW
PdhOpenQueryW
PdhAddCounterW
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhRemoveCounter
PdhCloseQuery
PdhMakeCounterPathW
PdhLookupPerfNameByIndexW
netapi32
NetSessionEnum
NetApiBufferFree
psapi
GetModuleFileNameExW
EnumProcesses
userenv
EnterCriticalPolicySection
RegisterGPNotification
LeaveCriticalPolicySection
wininet
InternetCloseHandle
HttpSendRequestW
InternetConnectW
InternetOpenW
InternetReadFile
HttpQueryInfoW
HttpOpenRequestW
dklib
??0CDkcException@@QAE@IABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0I@Z
?GetErrorMessage@CDkcException@@QAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?CreateXMLDoc@CXMLDoc@@SAPAV1@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
prfacade
??1PerformanceDataCollector@@QAE@XZ
?RecordAutoJob@PerformanceDataCollector@@QAEH_K0@Z
?Initialize@PerformanceDataCollector@@QAEXPB_W_KW4_JOB_TYPE@@_N@Z
??0PerformanceDataCollector@@QAE@XZ
kernel32
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetVersionExA
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
GetACP
LoadLibraryA
DeleteTimerQueueTimer
CreateTimerQueueTimer
CreateTimerQueue
DeleteTimerQueueEx
ResumeThread
ReadDirectoryChangesW
CopyFileW
RemoveDirectoryW
SystemTimeToTzSpecificLocalTime
GetSystemDefaultLCID
LocalFileTimeToFileTime
OpenMutexW
GetPriorityClass
GetThreadPriority
GetEnvironmentVariableW
CompareStringW
GetWindowsDirectoryW
CreateMutexW
GetDateFormatW
GetTimeFormatW
GlobalSize
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
GetSystemTime
GetExitCodeProcess
GlobalMemoryStatus
GetModuleHandleW
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
ReleaseMutex
GetSystemDirectoryW
CreateProcessW
lstrcmpW
FindFirstVolumeMountPointW
FindNextVolumeMountPointW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GlobalLock
ExitThread
CloseHandle
GetLastError
OutputDebugStringW
CreateThread
GetLocalTime
GetComputerNameW
lstrcpynW
lstrcpyW
GlobalFree
GlobalUnlock
GlobalAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
WaitForSingleObject
CreateEventW
GetVolumeNameForVolumeMountPointW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
CreateDirectoryW
SetLastError
DeleteCriticalSection
InitializeCriticalSection
SetEvent
ResetEvent
Sleep
GetSystemTimeAsFileTime
GetSystemPowerStatus
SetEndOfFile
SetFilePointerEx
ReadFile
GetFileSize
CreateFileW
WriteFile
GetTickCount
FindNextFileW
FindFirstFileW
FindClose
FindFirstFileExW
GetCurrentProcessId
InterlockedExchange
RaiseException
PostQueuedCompletionStatus
GetCurrentThreadId
GetQueuedCompletionStatus
TerminateThread
GetExitCodeThread
GetSystemInfo
MoveFileW
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
lstrlenW
GetFileInformationByHandle
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
CreateIoCompletionPort
GetVolumePathNameW
DebugBreak
HeapUnlock
HeapWalk
HeapLock
GetProcessHeap
IsBadReadPtr
GetVersionExW
GetDiskFreeSpaceW
DeviceIoControl
FormatMessageW
GetModuleFileNameW
GetDiskFreeSpaceExW
GetFileSizeEx
QueryDosDeviceW
GetDriveTypeW
GetVolumeInformationW
SetErrorMode
VirtualFree
VirtualAlloc
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerW
VerifyVersionInfoW
lstrcmpiW
OpenProcess
WideCharToMultiByte
LocalAlloc
LocalFree
lstrcatW
FindVolumeMountPointClose
user32
DestroyWindow
MessageBoxW
DestroyIcon
UnregisterDeviceNotification
LoadIconW
LoadCursorW
wsprintfW
RegisterClassW
CreateWindowExW
DefWindowProcW
PostQuitMessage
SystemParametersInfoW
LoadStringW
PostThreadMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PostMessageW
RegisterDeviceNotificationW
CharUpperW
CheckDlgButton
CharLowerW
UnregisterClassA
wvsprintfW
ExitWindowsEx
gdi32
GetStockObject
advapi32
OpenSCManagerW
RegEnumValueW
SetServiceStatus
RegisterServiceCtrlHandlerExW
ImpersonateLoggedOnUser
GetTokenInformation
GetUserNameW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegSaveKeyW
RegLoadKeyW
OpenThreadToken
AbortSystemShutdownW
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownW
CreateProcessAsUserW
OpenProcessToken
AllocateAndInitializeSid
IsValidSid
EqualSid
FreeSid
RegisterEventSourceW
ReportEventW
DeregisterEventSource
CryptDeriveKey
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptGenRandom
CryptDecrypt
CryptEncrypt
CryptGetKeyParam
CryptImportKey
CryptExportKey
CryptAcquireContextW
CryptGenKey
CryptGetUserKey
CryptDestroyKey
CryptReleaseContext
StartServiceCtrlDispatcherW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
CloseServiceHandle
CreateServiceW
RegEnumKeyExW
shell32
Shell_NotifyIconW
SHFileOperationW
ole32
StringFromCLSID
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
CLSIDFromString
StringFromGUID2
CoGetClassObject
CoTaskMemFree
CoCreateGuid
oleaut32
SysFreeString
shlwapi
PathAddBackslashW
PathAppendW
PathRemoveBackslashW
PathRemoveFileSpecW
PathFileExistsW
msvcp80
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??_7facet@locale@std@@6B@
?do_length@?$codecvt@_WDH@std@@MBEHABHPBD1I@Z
?do_out@?$codecvt@_WDH@std@@MBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??_7?$codecvt@_WDH@std@@6B@
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@JH@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
?classic@locale@std@@SAABV12@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??1locale@std@@QAE@XZ
?open@?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAEXPB_WHH@Z
?read@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_WH@Z
?seekp@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@JH@Z
?write@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PB_WH@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?close@?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??1_Locimp@locale@std@@MAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??1_Lockit@std@@QAE@XZ
?_Id_cnt@id@locale@std@@0HA
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIPB_WI@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@AAV21@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
??_7codecvt_base@std@@6B@
tab
AddPACW
GetFeatureInfo
StartTAB
AddAllLMF
AddAllLicenseFiles
RemoveLicense
AddLicense
StopTAB
ActivateAllLicenses
SetOfflineActivationResponse
GetOfflineActivationRequest
GetLicenseInfo
TabFreeMemory
msvcr80
__dllonexit
_encode_pointer
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
_vscwprintf
vswprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_onexit
_decode_pointer
?terminate@@YAXXZ
_except_handler4_common
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_unlock
_endthreadex
_wcsupr_s
fputws
fputwc
fclose
_vswprintf
wcsncpy_s
_time64
memmove_s
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??_V@YAXPAX@Z
strcpy_s
_wcslwr_s
wcsnlen
_itow_s
strtok_s
wcsftime
__RTDynamicCast
malloc
swscanf
wprintf
_getpid
_winver
_purecall
_localtime64_s
_mktime64
_local_unwind4
wcscat_s
free
_recalloc
_beginthreadex
printf
_wfullpath
??2@YAPAXI@Z
swprintf_s
_swprintf
wcscpy_s
fgetws
ferror
feof
_wfopen
_lock
Exports
Exports
??0Crypto@@QAE@PA_W_N@Z
??1Crypto@@QAE@XZ
??4Crypto@@QAEAAV0@ABV0@@Z
??_FCrypto@@QAEXXZ
?CreateSessionKey@Crypto@@QAEIPAEI_N@Z
?CreateSessionKey@Crypto@@QAEIPA_W_N@Z
?CreateSessionKey@Crypto@@QAEI_N@Z
?Decrypt@Crypto@@QAEIPAEAAI_N@Z
?DecryptString@Crypto@@QAEIPA_WAAIPAEI@Z
?DeleteKeyPair@Crypto@@QAEIPA_W_N@Z
?DynamicKeyTest@@YAXXZ
?Encrypt@Crypto@@QAEIPAEAAII_N@Z
?EncryptString@Crypto@@QAEIPAEAAIPB_W@Z
?ExportPublicKey@Crypto@@QAEIPAEAAI@Z
?ExportSessionKey@Crypto@@QAEIPAEAAI@Z
?GenKeyPair@Crypto@@QAEII_N@Z
?GetRandom@Crypto@@QAEIAAI@Z
?GetRandom@Crypto@@QAEIAA_K@Z
?GetRandom@Crypto@@QAEIPAEI@Z
?GetRandom@Crypto@@QAEIPA_WI@Z
?GetSessionKeyParam@Crypto@@QAEIPAI0@Z
?HashBytes@Crypto@@QAEIPAEAAI0I@Z
?HashBytes@Crypto@@QAEIPA_WIPAEIPBD@Z
?ImportPublicKey@Crypto@@QAEIPAEI@Z
?ImportSessionKey@Crypto@@QAEIPAEI_N@Z
?IsKeyPairExist@Crypto@@QAE_NXZ
?SetSessionKeyParam@Crypto@@QAEIII@Z
?StaticKeyTest@@YAXXZ
?_GetKeyLenFlag@Crypto@@AAEIXZ
?_GetMultiByte@Crypto@@AAEIPAPADPB_W@Z
?_GetTChar@Crypto@@AAEIPAPA_WPBD@Z
?_HashBytes@Crypto@@AAEIPAKPAEAAI1IPBD@Z
?_OpenProvider@Crypto@@AAEIPA_W_N@Z
DecryptPasswordStr
EncryptPasswordStr
Sections
.text Size: 740KB - Virtual size: 737KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ