e:\KINGSOFT_DUBA\Build\Build_Src\kisengine_git\kisengine_git\product\win32\dbginfo\ksoftpurifier.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7235d9410c4d4920593cb343ceccacd69e37a026299d900acea429062f69a82f.exe
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
7235d9410c4d4920593cb343ceccacd69e37a026299d900acea429062f69a82f.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
7235d9410c4d4920593cb343ceccacd69e37a026299d900acea429062f69a82f
-
Size
3.3MB
-
MD5
3e25df291754f0a2730d764f641b50f6
-
SHA1
999bbbe1b033791ec82c5e992e07f692c2b66bbf
-
SHA256
7235d9410c4d4920593cb343ceccacd69e37a026299d900acea429062f69a82f
-
SHA512
951d576b6ac15eeafb8563552dcd1eb5eaca4b3ddf5a191aa55d9e8b622530fef7924c840fac99232679886bd8ee3f7b3322487d261da62c858ec7cad858caa6
-
SSDEEP
49152:OtcVBNJcVHlf5zrzo6PKDMjExXI+k99q0UqzIu0FzZiTavoARrDT4ZOibQ/BV7B/:YcV/JcVHlftq0D2oAFTUvC7Bo5Que1
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7235d9410c4d4920593cb343ceccacd69e37a026299d900acea429062f69a82f
Files
-
7235d9410c4d4920593cb343ceccacd69e37a026299d900acea429062f69a82f.exe windows:4 windows x86 arch:x86
d89af7b777290a738436d034607319d4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetFileSizeEx
FormatMessageW
GetCurrentProcessId
CreateMutexW
FlushFileBuffers
CreateFileA
GetExitCodeThread
OpenEventW
GetExitCodeProcess
OpenFileMappingW
WaitNamedPipeW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
OpenMutexW
GetTempPathW
GetTempFileNameW
CopyFileW
MapViewOfFileEx
ReleaseMutex
TerminateThread
CreateThread
SetThreadPriority
SuspendThread
Sleep
ResumeThread
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
Module32NextW
GetLogicalDriveStringsW
QueryDosDeviceW
ExpandEnvironmentStringsW
ReadProcessMemory
TerminateProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetFileInformationByHandle
SetFilePointer
LocalAlloc
OutputDebugStringA
OutputDebugStringW
FreeResource
FlushInstructionCache
CreateProcessW
GetFileTime
DeleteCriticalSection
GetTickCount
InterlockedCompareExchange
DeviceIoControl
LoadLibraryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedExchange
EnterCriticalSection
RaiseException
LeaveCriticalSection
Module32FirstW
GetSystemTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetPrivateProfileStringW
GetLocalTime
GetComputerNameA
GetSystemDirectoryW
GetDiskFreeSpaceExW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetWindowsDirectoryW
FindNextFileW
RemoveDirectoryW
SystemTimeToFileTime
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
GetCurrentThreadId
LoadLibraryW
FreeLibrary
ProcessIdToSessionId
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetModuleFileNameW
DeleteFileW
GetModuleHandleW
GetProcAddress
SetLastError
LocalFree
GetCurrentProcess
GetVersionExW
FindFirstFileW
FindClose
InitializeCriticalSection
WriteFile
SetEndOfFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
GetFileAttributesW
CreateDirectoryW
lstrlenW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GetCommandLineW
user32
GetSystemMetrics
PostThreadMessageW
DispatchMessageW
TranslateMessage
GetClipboardData
CloseClipboard
OpenClipboard
GetWindowPlacement
GetClassNameW
EnumDisplaySettingsW
FillRect
UnionRect
GetIconInfo
GetMessageW
DestroyCursor
GetWindowTextLengthW
GetWindowTextW
FindWindowExW
CharNextW
SendMessageTimeoutW
BringWindowToTop
PostQuitMessage
IsIconic
SetWindowTextW
GetShellWindow
wsprintfW
GetActiveWindow
IsWindowEnabled
EnableWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetActiveWindow
GetCursorPos
ReleaseCapture
UpdateLayeredWindow
EndPaint
BeginPaint
MonitorFromWindow
GetMonitorInfoW
GetFocus
IsDialogMessageW
IsChild
GetNextDlgTabItem
SetFocus
SetCapture
ScreenToClient
ClientToScreen
CallWindowProcW
GetWindow
SystemParametersInfoW
MapWindowPoints
GetClassInfoExW
KillTimer
SetTimer
GetClientRect
MoveWindow
PostMessageW
GetWindowLongW
SetWindowLongW
DestroyWindow
RegisterWindowMessageW
IntersectRect
GetParent
SetCursor
OffsetRect
LoadImageW
SetWindowPos
IsWindowVisible
InvalidateRect
EqualRect
ShowWindow
GetDlgItem
GetDlgCtrlID
SendMessageW
PtInRect
InflateRect
SetRectEmpty
SetRect
PeekMessageW
UnregisterClassA
PrintWindow
GetWindowRect
GetWindowDC
IsRectEmpty
IsWindow
DestroyIcon
CopyRect
DrawTextW
LoadBitmapW
LoadIconW
DrawIcon
DrawIconEx
FindWindowW
RegisterClassExW
LoadCursorW
DefWindowProcW
GetDC
CreateWindowExW
GetDesktopWindow
ReleaseDC
gdi32
CreateSolidBrush
CreateBitmap
GetTextMetricsW
CreateRoundRectRgn
SetViewportOrgEx
OffsetRgn
ExtSelectClipRgn
GetViewportOrgEx
CombineRgn
GetTextExtentPoint32W
TextOutW
RestoreDC
SaveDC
GetClipRgn
CreateRectRgnIndirect
CreateRectRgn
SelectClipRgn
GetTextColor
RectInRegion
CreateFontIndirectW
GetCurrentObject
CreateBrushIndirect
CreatePen
GetStockObject
SetBkColor
ExtTextOutW
RoundRect
Rectangle
LineTo
MoveToEx
SetTextColor
SetStretchBltMode
SetBkMode
DeleteObject
GetDIBits
GetObjectW
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
BitBlt
GetDeviceCaps
CreateDCW
SetDIBColorTable
CreateDIBSection
GetPixel
StretchBlt
advapi32
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegQueryValueW
AllocateAndInitializeSid
EqualSid
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceConfigW
ChangeServiceConfigW
CreateProcessAsUserW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteKeyW
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegSetValueExW
RegOpenCurrentUser
RegOpenKeyW
RegCreateKeyExW
DuplicateTokenEx
ImpersonateLoggedOnUser
SetTokenInformation
RevertToSelf
SetEntriesInAclW
AllocateLocallyUniqueId
BuildTrusteeWithSidW
GetLengthSid
CopySid
LookupAccountNameW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
shell32
ord727
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ord680
SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHFileOperationW
ole32
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoCreateGuid
oleaut32
SysFreeString
SystemTimeToVariantTime
VarUI4FromStr
SysAllocStringLen
VariantTimeToSystemTime
shlwapi
PathIsDirectoryW
SHDeleteKeyW
StrToIntW
PathAppendW
PathRemoveFileSpecW
SHEnumKeyExW
PathFileExistsW
PathAddBackslashW
PathFindFileNameW
StrToIntA
PathFindExtensionW
msvcr80
memcpy
_stricmp
??3@YAXPAX@Z
memcpy_s
memmove_s
wcscmp
wcschr
_vscwprintf
vswprintf_s
wcslen
free
wcsncmp
strlen
calloc
_recalloc
malloc
??2@YAPAXI@Z
memcmp
??_V@YAXPAX@Z
??_U@YAPAXI@Z
memset
_wcslwr_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
wcspbrk
wcsstr
wcsrchr
sprintf_s
_wcsicmp
_waccess
_beginthreadex
_purecall
swscanf_s
_time64
wcscat
strcpy_s
sprintf
rand
srand
_wtol
_vswprintf
iswspace
_wtoi
fclose
fread
_wfopen
_wcsnicmp
wcstol
wcsspn
wcscspn
labs
_resetstkoflw
memmove
_wtoi64
_vscprintf
vsprintf_s
wcscpy_s
abs
fopen_s
strcmp
ferror
fputc
fprintf
sscanf_s
atoi
atof
_vsnprintf_s
ftell
fseek
isspace
tolower
isalpha
isalnum
strncmp
strchr
_mbscmp
_wtof
wcscpy
_mbschr
ceil
_mbsicmp
swprintf_s
floor
__RTDynamicCast
_strtoi64
_strtoui64
strcpy
strncpy
strcat
wcsncpy
wcsncpy_s
_wcstoi64
wcstoul
_wcstoui64
wcstod
_wcslwr
_mktime64
_localtime64_s
_local_unwind4
strstr
wcscat_s
_vscprintf_p
_vsprintf_p
_vscwprintf_p
_vswprintf_p
toupper
realloc
isxdigit
isupper
ispunct
isprint
islower
isgraph
isdigit
iscntrl
__isascii
_vsnwprintf
_exit
strncpy_s
_itow_s
_snwprintf
_mbsstr
fwprintf
_vsnwprintf_s
fflush
_wfopen_s
swscanf
_time32
strtol
wcsftime
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_amsg_exit
__wgetmainargs
_cexit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
strpbrk
sscanf
comctl32
_TrackMouseEvent
InitCommonControlsEx
msimg32
AlphaBlend
msvcp80
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?eof@?$char_traits@_W@std@@SAGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@_W@std@@SAIPB_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?fail@ios_base@std@@QBE_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
gdiplus
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipCreateFont
GdipCloneBrush
GdipDrawImageRectRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreatePath
GdipDeletePath
GdipSetImageAttributesColorMatrix
GdipClosePathFigure
GdipAddPathRectangleI
GdipAddPathPieI
GdipSetSmoothingMode
GdipSetClipPath
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawImageRectRect
GdipDeleteStringFormat
GdipAddPathArcI
GdipSetStringFormatFlags
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipAddPathStringI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipDrawImageRectI
GdipGetFamily
GdipGetFontSize
GdipSetPenDashStyle
GdipDrawLinesI
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenMode
GdipDrawLine
GdipDrawRectangleI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipImageRotateFlip
GdipDrawImagePointsRectI
GdipCloneBitmapArea
GdipDrawLineI
GdipCreateStringFormat
GdipDeleteBrush
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipCreateSolidFill
GdipFillPath
GdipDeleteFont
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipGetImageGraphicsContext
GdipGetFontCollectionFamilyCount
GdipSaveImageToStream
GdipCloneImage
GdipFillRectangle
GdipDrawImageI
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdiplusShutdown
GdipDeleteFontFamily
GdipFree
GdipNewPrivateFontCollection
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
wtsapi32
WTSFreeMemory
WTSEnumerateSessionsW
userenv
UnloadUserProfile
LoadUserProfileW
CreateEnvironmentBlock
DestroyEnvironmentBlock
wininet
InternetCrackUrlA
InternetCrackUrlW
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 268KB - Virtual size: 267KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 28KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE