Hydrogen[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

Hydrogen.dll
Size

24.1MB
MD5

d5f8fba681bd59ec1f4d34475ad5d203
SHA1

5b2ad863b2ebf22141d3c94406071f832a20d7db
SHA256

853499b7447fa3d04ca072b1baa81e8cfa5533080667647f7f30f6ea70dd7a38
SHA512

c77983ad0f4c488d996b38476f64b8cc6190a2986bfdcfc0fa05e779e6cd5bc0d17628e18e2492fb219c6320e872beb756c3cb0bbe57aac5eaa456cbb63d41e3
SSDEEP

196608:/557fQic10sw+NYit+8wWGJu34MbiW2ei:/5lfQic1dw+NYit+8wLJuK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Hydrogen.dll

Files

Hydrogen.dll
.dll windows:10 windows x64 arch:x64

c93ade084f783699dca03951d1fa1aa8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Hydrogen.pdb

Imports

msvcp_win

??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Strcoll
_Strxfrm
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
_Mtx_lock
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Mtx_unlock
?_Xbad_alloc@std@@YAXXZ
_Cnd_broadcast
??0task_continuation_context@Concurrency@@AEAA@XZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
_Cnd_wait
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
??1_Locinfo@std@@QEAA@XZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Cnd_init_in_situ
_Mtx_init_in_situ
_Cnd_destroy_in_situ
_Mtx_destroy_in_situ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_Throw_C_error@std@@YAXH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?uncaught_exception@std@@YA_NXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Xbad_function_call@std@@YAXXZ

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__lock_file
_o__malloc_base
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__strtod_l
_o__strtoi64_l
_o__strtoui64_l
_o__unlock_file
_o__wfopen
memmove
_o_abort
_o_atan2f
_o_atanf
_o_atoi
_o_cosf
_o_expf
_o_fclose
_o_fflush
_o_fgetc
_o_fgetpos
_o_fmodf
_o_fputc
_o_fread
_o_free
_o_fseek
_o_fsetpos
_o_ftell
_o_fwrite
_o_isxdigit
_o_log10f
_o_logf
_o_malloc
_o_mbstowcs_s
_o_modff
_o_nextafterf
_o_pow
_o_powf
_o_realloc
_o_roundf
_o_setvbuf
_o_strcpy_s
_o_strncpy_s
_o_strtod
_o_strtol
_o_strtoul
_o_tanf
_o_terminate
_o_tolower
_o_ungetc
_o_wcscpy_s
__C_specific_handler
__CxxFrameHandler3
__current_exception
__current_exception_context
strstr
_CxxThrowException
_o__get_stream_buffer_pointers
_o__fseeki64
_o__free_base
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__create_locale
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__aligned_malloc
_o__aligned_free
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsscanf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfprintf
_o___std_type_info_name
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
__std_terminate
__CxxFrameHandler4
strchr
strrchr
memcpy
__std_type_info_hash
__std_type_info_compare
__RTtypeid
__RTDynamicCast
memchr
memcmp

api-ms-win-crt-string-l1-1-0

strcmp
memset
strncmp

hrtfapo

ord2
ord1

api-ms-win-core-winrt-string-l1-1-0

WindowsCompareStringOrdinal
WindowsGetStringLen
WindowsStringHasEmbeddedNull
WindowsIsStringEmpty
WindowsDuplicateString
WindowsGetStringRawBuffer
WindowsCreateStringReference
WindowsDeleteString
WindowsCreateString

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoTransformError
GetRestrictedErrorInfo
SetRestrictedErrorInfo
RoOriginateError
RoFailFastWithErrorContext

api-ms-win-core-com-l1-1-0

CoUnmarshalInterface
CoInitializeEx
CoUninitialize
CoMarshalInterface
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid
CoCreateFreeThreadedMarshaler

api-ms-win-core-errorhandling-l1-1-0

RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak
OutputDebugStringA

api-ms-win-core-processthreads-l1-1-0

CreateThread
GetCurrentProcess
GetCurrentThreadId
GetProcessId
ProcessIdToSessionId
OpenProcessToken
GetCurrentProcessId
TerminateProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
InitializeCriticalSectionEx
ReleaseSemaphore
CreateEventExW
ReleaseMutex
TryAcquireSRWLockShared
OpenEventW
CreateMutexExW
ReleaseSRWLockShared
ResetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateSemaphoreExW
ReleaseSRWLockExclusive
AcquireSRWLockShared
AcquireSRWLockExclusive
InitializeSRWLock
OpenSemaphoreW
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
CreateEventW
SetEvent
LeaveCriticalSection

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventRegister
EventSetInformation
EventUnregister

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
InitOnceComplete
Sleep
SleepConditionVariableCS
InitializeConditionVariable
WakeConditionVariable
InitOnceBeginInitialize
InitOnceExecuteOnce

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoUninitialize
RoInitialize
RoGetActivationFactory

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetProcAddress
GetModuleFileNameW
DisableThreadLibraryCalls
GetModuleHandleExW
GetModuleFileNameA

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-file-l1-1-0

FindFirstFileExW
FlushFileBuffers
WriteFile
ReadFile
FindClose
FindNextFileW
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
RemoveDirectoryW
CreateFileA
SetFilePointerEx
CreateDirectoryW

api-ms-win-core-file-l2-1-0

MoveFileExW

api-ms-win-core-file-l1-2-0

CreateFile2

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo
GetSystemTimePreciseAsFileTime

ws2_32

bind
listen
setsockopt
WSAStartup
closesocket
connect
FreeAddrInfoW
socket
getsockname
recv
WSAGetLastError
GetAddrInfoW
send
WSAEventSelect
WSACreateEvent
htons
ntohs
select
recvfrom
__WSAFDIsSet
accept
inet_ntop
ioctlsocket
GetHostNameW
inet_ntoa
sendto
inet_pton

mfplat

MFStartup
MFCreateAttributes
MFShutdown
MFCreateWaveFormatExFromMFMediaType
MFCreateMediaType

mfreadwrite

MFCreateSourceReaderFromURL

xaudio2_9

ord2
ord6
ord1
ord5

api-ms-win-core-registry-l1-1-0

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegGetValueW
RegOpenKeyExW
RegSetValueExA
RegGetValueA
RegCreateKeyExA

coremessaging

CoreUICallSend
CoreUICallReceive
CoreUICreate
CoreUICallCreateEndpointHost

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-security-base-l1-1-0

GetTokenInformation
CheckTokenMembership
AllocateAndInitializeSid
AddAccessAllowedAce
CopySid
FreeSid
IsValidSid
GetLengthSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
EqualSid
InitializeAcl

api-ms-win-ro-typeresolution-l1-1-0

RoResolveNamespace

api-ms-win-shcore-stream-winrt-l1-1-0

CreateStreamOverRandomAccessStream

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile

api-ms-win-core-memory-l1-1-1

CreateFileMappingFromApp
MapViewOfFileFromApp

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolWait
SetThreadpoolTimer
CloseThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolCleanupGroup
CreateThreadpoolWait
CreateThreadpoolCleanupGroup
SetThreadpoolWait
WaitForThreadpoolWorkCallbacks
WaitForThreadpoolWaitCallbacks
WaitForThreadpoolTimerCallbacks
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
CloseThreadpoolCleanupGroupMembers

api-ms-win-core-featurestaging-l1-1-0

GetFeatureEnabledState
SubscribeFeatureStateChangeNotification
UnsubscribeFeatureStateChangeNotification
RecordFeatureUsage

dwrite

DWriteCreateFactory

dxgi

CreateDXGIFactory2

d3d11

D3D11CreateDevice
CreateDirect3D11DeviceFromDXGIDevice

d3d12

D3D12SerializeRootSignature
ord102
ord101

api-ms-win-security-provider-l1-1-0

GetSecurityInfo
SetEntriesInAclW
SetSecurityInfo

api-ms-win-core-psm-app-l1-1-0

PsmUnregisterAppStateChangeNotification
PsmRegisterAppStateChangeNotification

ntdll

NtAlpcCancelMessage
NtCompleteConnectPort
NtAlpcAcceptConnectPort
NtAlpcOpenSenderProcess
NtAlpcCreatePort
RtlInitUnicodeString
RtlPublishWnfStateData
NtAlpcConnectPort
AlpcGetMessageAttribute
RtlSubscribeWnfStateChangeNotification
NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
NtAlpcSendWaitReceivePort

api-ms-win-rtcore-ntuser-window-l1-1-0

SetTimer
KillTimer

api-ms-win-crt-time-l1-1-0

clock
_time64

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoReportUnhandledError

api-ms-win-security-provider-ansi-l1-1-0

GetExplicitEntriesFromAclA
SetEntriesInAclA

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

rometadata

MetaDataGetDispenser

api-ms-win-security-appcontainer-l1-1-0

GetAppContainerNamedObjectPath

api-ms-win-core-namedpipe-l1-1-0

CreateNamedPipeW
DisconnectNamedPipe
ConnectNamedPipe

api-ms-win-core-namedpipe-ansi-l1-1-0

WaitNamedPipeA

api-ms-win-core-io-l1-1-0

GetOverlappedResult

api-ms-win-core-io-l1-1-1

CancelIo

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 13.9MB - Virtual size: 13.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.7MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 428KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c93ade084f783699dca03951d1fa1aa8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

hrtfapo

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-synch-l1-2-1

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-errorhandling-l1-1-2

api-ms-win-core-file-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-sysinfo-l1-2-0

ws2_32

mfplat

mfreadwrite

xaudio2_9

api-ms-win-core-registry-l1-1-0

coremessaging

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-ro-typeresolution-l1-1-0

api-ms-win-shcore-stream-winrt-l1-1-0

api-ms-win-core-memory-l1-1-0

api-ms-win-core-memory-l1-1-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-featurestaging-l1-1-0

dwrite

dxgi

d3d11

d3d12

api-ms-win-security-provider-l1-1-0

api-ms-win-core-psm-app-l1-1-0

ntdll

api-ms-win-rtcore-ntuser-window-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-security-provider-ansi-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

rometadata

api-ms-win-security-appcontainer-l1-1-0

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-core-namedpipe-ansi-l1-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-core-io-l1-1-1

Exports

Exports

Sections

.text Size: 13.9MB - Virtual size: 13.9MB

.text
Size: 13.9MB - Virtual size: 13.9MB

.rdata
Size: 6.4MB - Virtual size: 6.4MB

.data
Size: 2.7MB - Virtual size: 2.8MB

.pdata
Size: 428KB - Virtual size: 426KB

.didat
Size: 4KB - Virtual size: 56B

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 628KB - Virtual size: 627KB