O:\webex-productivitytools\output\maps\release\pt\ptMgr.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
d2d2279bde34f5047b684c30e2a83531bc6ad23b9bdd7f1b5752ac0c03218f8a.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
d2d2279bde34f5047b684c30e2a83531bc6ad23b9bdd7f1b5752ac0c03218f8a.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
d2d2279bde34f5047b684c30e2a83531bc6ad23b9bdd7f1b5752ac0c03218f8a
-
Size
3.2MB
-
MD5
d64584119c1dc78cd495837589a894cd
-
SHA1
4cfa85e462099543b1fba4aff3e2432db8070ad1
-
SHA256
d2d2279bde34f5047b684c30e2a83531bc6ad23b9bdd7f1b5752ac0c03218f8a
-
SHA512
46910defada2cf043ad245ccfc349d914dbc14b09bea55e3041b40c6aa20dd39e1a3922ff7eb95ecb34eb20d0b98675f354d7e23230b9ed760f941a39f331513
-
SSDEEP
98304:f7xPoLc93dFDjH700lMd5d4geGWnrmAD:zxPac93dFDjH71lMd5dgJ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d2d2279bde34f5047b684c30e2a83531bc6ad23b9bdd7f1b5752ac0c03218f8a
Files
-
d2d2279bde34f5047b684c30e2a83531bc6ad23b9bdd7f1b5752ac0c03218f8a.dll windows:6 windows x86 arch:x86
4378268df65915f43640a602977e0338
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
wcldll
wclClientToScreenI
wclUpdateWindow
wclGetStyle
wclUnsubclassMgr
wclSubclassMgr
wclEndDialog
wclDoDialogBox
wclGetDlgItem
wclGetParent
gxGetApp20210815
wclGetWindowRect
wclSetWindowPos
wclGetWindowText
wclSendMessage
wclGetHWND
wclUnsubclassWindow
wclSubclassWindow
wclGetApp20210823
gxTextCreate
wclEnableWindow
wclScreenToClientI
at_mem_cpy
at_wstr_len
comctl32
ord17
wininet
InternetConnectW
HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
InternetSetOptionW
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
HttpQueryInfoW
HttpSendRequestW
InternetReadFileExW
InternetReadFileExA
InternetConnectA
InternetOpenA
HttpOpenRequestW
InternetOpenW
InternetQueryOptionW
InternetCrackUrlA
InternetCrackUrlW
InternetErrorDlg
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
crypt32
CertGetNameStringW
CertComparePublicKeyInfo
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertFreeCertificateChain
CryptUnprotectData
CertFreeCertificateContext
CryptVerifyMessageSignature
CryptProtectData
imagehlp
ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData
kernel32
CreateMutexW
Sleep
CreateThread
GetTickCount64
FreeLibraryAndExitThread
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetEnvironmentVariableW
TerminateThread
DeleteFileW
GetWindowsDirectoryW
CopyFileW
GetDriveTypeW
GetFileAttributesExW
SetFileAttributesW
GetCurrentThread
lstrcmpiW
MoveFileExW
RemoveDirectoryW
DebugBreak
MoveFileW
InitializeCriticalSection
lstrcatW
SetProcessWorkingSetSize
GetLongPathNameW
GetPrivateProfileStringW
GetModuleHandleA
SetEvent
ResetEvent
CreateEventW
WaitForMultipleObjects
GlobalUnlock
GlobalLock
lstrcmpW
GlobalHandle
DisableThreadLibraryCalls
SetThreadUILanguage
GetFileTime
GetFullPathNameW
SystemTimeToTzSpecificLocalTime
WritePrivateProfileStringW
IsDBCSLeadByteEx
GetTempPathW
ExpandEnvironmentStringsW
LoadLibraryA
TzSpecificLocalTimeToSystemTime
SetLastError
QueryDosDeviceW
SetEndOfFile
QueryPerformanceCounter
QueryPerformanceFrequency
OpenEventW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
OpenFile
GetOEMCP
lstrcpyA
lstrcatA
GetWindowsDirectoryA
GetPrivateProfileIntW
ResumeThread
CreateEventA
GetDiskFreeSpaceExW
GetSystemTimes
GlobalMemoryStatusEx
GetNativeSystemInfo
K32GetProcessMemoryInfo
CreateFileMappingA
OpenFileMappingA
CompareFileTime
GetProfileIntW
IsProcessInJob
SetHandleInformation
CreatePipe
CancelSynchronousIo
GetCommandLineA
GetCommandLineW
CreateDirectoryA
CreateFileA
DeleteFileA
FindFirstFileA
FindNextFileA
GetFileAttributesA
GetTempFileNameW
SetFileAttributesA
SetFilePointerEx
GetTempPathA
GetTempFileNameA
OpenEventA
GetVersionExA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
CopyFileA
MoveFileExA
EnumSystemGeoID
GetUserGeoID
DeleteCriticalSection
InterlockedPushEntrySList
InterlockedPopEntrySList
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
GetStartupInfoW
InitializeSListHead
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitOnceComplete
InitOnceBeginInitialize
InitializeCriticalSectionEx
DecodePointer
IsDebuggerPresent
GetUserDefaultLCID
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
GetLocalTime
GetSystemTimeAsFileTime
FindResourceW
SizeofResource
LockResource
LoadResource
lstrcpynW
LocalAlloc
GetCurrentProcess
lstrlenW
lstrcpyW
GetFileAttributesW
FindNextFileW
CreateDirectoryW
MulDiv
GetVersionExW
GetCurrentProcessId
GetSystemTime
RaiseException
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GlobalFree
GlobalAlloc
GetSystemDirectoryW
OpenProcess
ProcessIdToSessionId
CreateProcessW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
GetShortPathNameW
FindFirstFileW
FindClose
lstrcmpiA
CloseHandle
WriteFile
SetFilePointer
ReadFile
GetFileSize
CreateFileW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
LocalFree
GetLastError
IsBadReadPtr
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
FreeLibrary
VirtualQuery
OutputDebugStringW
OutputDebugStringA
GetEnvironmentVariableW
GetTickCount
FlushInstructionCache
VirtualAlloc
ReleaseMutex
VirtualFree
LoadLibraryExA
GetProcessId
ReadProcessMemory
GetGeoInfoW
FormatMessageW
FileTimeToLocalFileTime
FormatMessageA
SetCurrentDirectoryW
GetCurrentDirectoryW
FindFirstFileExW
GetFileInformationByHandle
SetFileTime
AreFileApisANSI
DeviceIoControl
CreateDirectoryExW
GetLogicalDriveStringsW
CreateHardLinkW
user32
GetActiveWindow
DialogBoxParamW
BringWindowToTop
AttachThreadInput
GetMessageW
MonitorFromPoint
DialogBoxIndirectParamW
MapDialogRect
GetClassNameW
GetDesktopWindow
FillRect
ScreenToClient
ClientToScreen
SetWindowContextHelpId
GetWindowTextLengthW
RedrawWindow
InvalidateRgn
SetForegroundWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
GetFocus
MoveWindow
IsChild
FindWindowExW
SendMessageTimeoutW
GetWindowThreadProcessId
DestroyWindow
IsWindowEnabled
FindWindowW
CharNextW
wvsprintfW
wsprintfW
GetMonitorInfoW
MonitorFromWindow
LoadImageW
LoadIconW
GetWindow
GetParent
GetSysColor
MapWindowPoints
GetWindowRect
GetClientRect
GetWindowTextW
SetWindowTextW
InvalidateRect
EndPaint
BeginPaint
UpdateWindow
DrawTextW
GetSystemMetrics
EnableWindow
SetCapture
GetCapture
SetFocus
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
PostMessageW
LoadStringW
LoadCursorW
SetWindowLongW
SetActiveWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsDialogMessageW
CharUpperW
RegisterClassW
SendMessageA
IsWindowVisible
GetPropA
GetPropW
FindWindowExA
TranslateMessage
DispatchMessageW
PeekMessageW
PostQuitMessage
MsgWaitForMultipleObjects
GetDC
ReleaseDC
SendMessageW
IsWindow
UnregisterClassW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
GetForegroundWindow
RegisterWindowMessageW
MessageBoxW
GetShellWindow
CreateWindowExW
KillTimer
SetTimer
GetWindowLongW
SetCursor
gdi32
CreateCompatibleDC
GetTextExtentPoint32W
SetBkMode
SetBkColor
SelectObject
DeleteObject
GetDeviceCaps
CreateFontW
CreatePen
CreateSolidBrush
CreateFontIndirectW
GetObjectW
BitBlt
CreateCompatibleBitmap
SetTextColor
GetStockObject
DeleteDC
advapi32
CryptHashData
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
CryptDeriveKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
CryptDecrypt
RegDeleteTreeW
RegDeleteTreeA
RegSetValueExA
RegSetValueW
RegSetValueA
RegQueryValueExA
SetTokenInformation
CryptEncrypt
CryptImportKey
GetLengthSid
CryptExportKey
CryptGetUserKey
CryptDestroyKey
CryptGenKey
GetSecurityDescriptorSacl
RegCopyTreeW
SetFileSecurityW
RevertToSelf
ImpersonateSelf
GetSidSubAuthorityCount
GetSidSubAuthority
GetFileSecurityW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
RegQueryValueW
CreateProcessAsUserW
OpenProcessToken
DuplicateTokenEx
GetTokenInformation
LookupAccountSidW
GetUserNameW
CreateProcessWithTokenW
RegDeleteKeyW
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
RegQueryValueA
CryptDestroyHash
AccessCheck
AdjustTokenPrivileges
AllocateAndInitializeSid
DuplicateToken
EqualSid
FreeSid
GetSecurityDescriptorDacl
MapGenericMask
LookupPrivilegeValueW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExW
SetEntriesInAclW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
OpenThreadToken
shell32
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListA
CommandLineToArgvW
ShellExecuteExA
ole32
CoTaskMemFree
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CoCreateGuid
CoUninitialize
CoInitialize
CoSetProxyBlanket
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
OleInitialize
OleUninitialize
OleLockRunning
CoTaskMemRealloc
oleaut32
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayLock
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
VarBstrCmp
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SafeArrayUnlock
msvcp140
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Syserror_map@std@@YAPBDH@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
_Thrd_detach
?_Xinvalid_argument@std@@YAXPBD@Z
_Strcoll
_Strxfrm
??0_Locinfo@std@@QAE@PBD@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
_Cnd_do_broadcast_at_thread_exit
?good@ios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?fail@ios_base@std@@QBE_NXZ
??7ios_base@std@@QBE_NXZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
_Xtime_get_ticks
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
?_Throw_future_error@std@@YAXABVerror_code@1@@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?flags@ios_base@std@@QBEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Winerror_map@std@@YAHH@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
_Cnd_signal
_Cnd_broadcast
_Cnd_wait
_Cnd_destroy_in_situ
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Thrd_id
_Thrd_join
?_Xbad_function_call@std@@YAXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?setiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setf@ios_base@std@@QAEHHH@Z
?setf@ios_base@std@@QAEHH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
??Bid@locale@std@@QAEIXZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_W_Getmonths@_Locinfo@std@@QBEPBGXZ
?_W_Getdays@_Locinfo@std@@QBEPBGXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Xlength_error@std@@YAXPBD@Z
?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xruntime_error@std@@YAXPBD@Z
_Mbrtowc
??0_Locinfo@std@@QAE@HPBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
shlwapi
PathGetDriveNumberW
StrStrW
SHDeleteKeyW
PathAddBackslashW
PathIsDirectoryW
PathRemoveBackslashW
StrRChrW
StrTrimA
StrStrIA
StrCmpNW
PathFileExistsA
SHDeleteKeyA
StrChrA
PathBuildRootW
StrCmpIW
StrCmpW
wnsprintfW
PathFindFileNameW
PathQuoteSpacesW
StrChrW
StrCpyW
PathFileExistsW
PathCombineW
PathRemoveFileSpecW
PathAppendW
msi
ord205
wtsapi32
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSQueryUserToken
WTSFreeMemory
psapi
EnumProcesses
GetModuleFileNameExW
rpcrt4
UuidCreateSequential
urlmon
ObtainUserAgentString
sensapi
IsNetworkAlive
vcruntime140
_except_handler4_common
__RTDynamicCast
strchr
__current_exception_context
__current_exception
__std_type_info_compare
memcpy
memmove
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
_purecall
memset
memcmp
__std_terminate
memchr
__std_type_info_name
wcschr
wcsrchr
wcsstr
__std_type_info_destroy_list
api-ms-win-crt-runtime-l1-1-0
_register_onexit_function
_initterm
_crt_at_quick_exit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
abort
_initterm_e
_cexit
_configure_narrow_argv
_invalid_parameter_noinfo
_beginthreadex
terminate
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_errno
_crt_atexit
api-ms-win-crt-string-l1-1-0
toupper
_wcsupr
wcscat_s
wcscpy_s
strncmp
isalnum
isalpha
iswdigit
_wcsrev
towupper
_strnicmp
isdigit
_wcslwr
_wcsicmp
strlen
towlower
wcslen
strncpy_s
wcsnlen
wcsncpy_s
isspace
iswspace
strtok
strnlen
strcmp
tolower
_wcsnicmp
wcstok_s
api-ms-win-crt-convert-l1-1-0
_i64tow
_wtoi64
atoi
wcstol
atof
strtol
atol
_wtoll
_itow
_wtol
_atoi64
_wtoi
atoll
wcstoul
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsnwprintf_s
__stdio_common_vfprintf
ferror
fopen_s
__stdio_common_vsnprintf_s
ungetc
__stdio_common_vswscanf
setvbuf
fsetpos
fputc
fgetpos
_wfopen_s
fgetc
_get_stream_buffer_pointers
fflush
__stdio_common_vsscanf
ftell
fseek
fread
fwrite
fclose
_wfopen
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__stdio_common_vswprintf_s
__stdio_common_vswprintf
_fseeki64
api-ms-win-crt-heap-l1-1-0
free
_recalloc
realloc
_callnewh
malloc
calloc
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_wsplitpath
_wmakepath
_waccess
_access
_wsplitpath_s
_wrename
_unlock_file
api-ms-win-crt-time-l1-1-0
_mktime64
_gmtime64_s
__daylight
_localtime64_s
strftime
_tzset
_ftime64_s
_difftime64
wcsftime
_ftime64
_localtime64
_time64
__timezone
asctime_s
clock
api-ms-win-crt-utility-l1-1-0
qsort
srand
labs
abs
rand
api-ms-win-crt-math-l1-1-0
modf
_isnan
ceil
_finite
_except1
api-ms-win-crt-locale-l1-1-0
localeconv
___lc_codepage_func
api-ms-win-crt-environment-l1-1-0
getenv
_dupenv_s
_wgetenv
wintrust
WinVerifyTrust
authz
AuthzFreeContext
AuthzInitializeContextFromToken
AuthzFreeResourceManager
AuthzInitializeResourceManager
AuthzAccessCheck
Exports
Exports
AddMetricValueLong
AddMetricValueString
CreatePTMgr
DestroyMeetingServiceFactory
GetCAMetricsID
GetMeetingServiceFactory
GetMetricsID
InitCATelemetry
InitTelemetry
RetrieveTelemetryInfo
SendCAMetrics
SendMetrics
UnInitCATelemetry
UnInitTelemetry
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 684KB - Virtual size: 683KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 47KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 146KB - Virtual size: 145KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ