e:\KINGSOFT_DUBA\Build\Build_Src\kisengine\kis_v11_released_sp5.1_tmp_dgcleaner191223_fb\product\win32\dbginfo\kcleaner.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0c61b3a89caa2ddbb527625038ed33e00eb392a4c079245aadc0ed1f02d95285.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
0c61b3a89caa2ddbb527625038ed33e00eb392a4c079245aadc0ed1f02d95285.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
0c61b3a89caa2ddbb527625038ed33e00eb392a4c079245aadc0ed1f02d95285
-
Size
3.6MB
-
MD5
f1bdaf812d220fa366714e2e73ca5250
-
SHA1
73fbe6f7cdd4fce99cc752d6c5e8c67d98d11487
-
SHA256
0c61b3a89caa2ddbb527625038ed33e00eb392a4c079245aadc0ed1f02d95285
-
SHA512
f67f6a293cdd24357c77a31037938669229c0f2dc5055cb1846375361dbea550e6fdfed8c850c82e4c20860c4471a9235f2a470f5f74ff7c8c08b069e76f6d52
-
SSDEEP
98304:kMoQaNH6raF1PJODHXZ+3NvEWLyTeqY86BDs:FrrDHXM/yTeqDT
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0c61b3a89caa2ddbb527625038ed33e00eb392a4c079245aadc0ed1f02d95285
Files
-
0c61b3a89caa2ddbb527625038ed33e00eb392a4c079245aadc0ed1f02d95285.exe windows:4 windows x86 arch:x86
e127d31d5a05c6c1896c688934f257d8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetDiskFreeSpaceExW
GetComputerNameA
lstrcmpW
MulDiv
InterlockedIncrement
InterlockedDecrement
GlobalUnlock
GlobalLock
GlobalAlloc
IsBadWritePtr
InterlockedCompareExchange
GetSystemInfo
MoveFileExW
ReplaceFileW
MoveFileW
GetFileAttributesExW
SetCurrentDirectoryW
GetVolumeInformationW
GetVolumePathNameW
CopyFileW
GetLongPathNameW
GetTempFileNameW
GetSystemTimeAsFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LoadLibraryA
ReleaseMutex
lstrcmpiW
GlobalFree
FreeResource
LoadLibraryExW
OutputDebugStringW
GetCompressedFileSizeW
QueryPerformanceCounter
QueryPerformanceFrequency
OpenEventW
CreateEventA
HeapAlloc
GetProcessHeap
HeapFree
GlobalDeleteAtom
GlobalGetAtomNameW
GlobalAddAtomW
GlobalMemoryStatusEx
GetDriveTypeW
CreateFileMappingW
SetErrorMode
FormatMessageW
GetCurrentProcessId
EnumResourceNamesW
FileTimeToLocalFileTime
HeapReAlloc
GetFileTime
GetUserDefaultLangID
LocalAlloc
GetVersion
CreateFileA
SetFileAttributesA
SetFileAttributesW
GetFileAttributesA
FindFirstFileA
FindNextFileA
GetFileAttributesExA
DeleteFileA
CopyFileA
RemoveDirectoryA
MoveFileA
MoveFileExA
InterlockedExchangeAdd
InterlockedExchange
CreateWaitableTimerA
SetWaitableTimer
TlsSetValue
TlsGetValue
CreateMutexA
TlsAlloc
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapSize
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
RaiseException
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetCurrentThread
FlushInstructionCache
SetThreadPriority
SuspendThread
ResumeThread
lstrcmpA
WaitNamedPipeW
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
GetSystemDirectoryW
GetTempPathW
Module32NextW
GetLogicalDriveStringsW
QueryDosDeviceW
CreateThread
TerminateThread
ExpandEnvironmentStringsW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
TerminateProcess
WritePrivateProfileSectionW
GetCommandLineW
WritePrivateProfileStringA
GetPrivateProfileStringA
WritePrivateProfileStringW
GetPrivateProfileStringW
FlushFileBuffers
GetFileSizeEx
SetFilePointerEx
Module32FirstW
OutputDebugStringA
CreateProcessW
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
VirtualFreeEx
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
GetFullPathNameW
GetSystemTime
CreateMutexW
OpenMutexW
GetModuleFileNameW
GetLocalTime
SystemTimeToFileTime
GetTickCount
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
GetCurrentThreadId
GetPrivateProfileIntW
ProcessIdToSessionId
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetModuleHandleW
GetProcAddress
SetLastError
LocalFree
GetCurrentProcess
GetVersionExW
SetFilePointer
WriteFile
SetEndOfFile
CreateFileW
GetFileSize
ReadFile
CloseHandle
GetFileAttributesW
CreateDirectoryW
lstrlenW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GetLogicalDrives
user32
IsIconic
SetActiveWindow
SetForegroundWindow
AttachThreadInput
GetForegroundWindow
EnableWindow
IsWindowEnabled
GetActiveWindow
MessageBoxW
SetRectEmpty
PtInRect
SetCursor
SetTimer
KillTimer
EqualRect
DrawFrameControl
IntersectRect
GetNextDlgTabItem
GetMonitorInfoW
MonitorFromWindow
GetCursorPos
UnionRect
DestroyCursor
LoadStringW
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
GetDC
EndPaint
GetLastActivePopup
UnregisterClassA
SwitchToThisWindow
LoadImageW
IsDialogMessageW
InflateRect
ReleaseDC
MapWindowPoints
SetRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
GetFocus
PostThreadMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
GetClassNameW
FindWindowExW
GetWindow
GetDesktopWindow
FindWindowW
GetParent
PostMessageW
RegisterWindowMessageW
DefWindowProcW
LoadCursorW
GetClassInfoExW
IsWindow
IsWindowVisible
ShowWindow
UpdateWindow
BringWindowToTop
SetWindowPos
SetWindowLongW
DestroyWindow
GetWindowRect
SetFocus
DestroyAcceleratorTable
FillRect
ReleaseCapture
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ScreenToClient
CharNextW
GetSysColor
EnumChildWindows
GetDlgItem
GetDlgCtrlID
MoveWindow
SystemParametersInfoW
RegisterClassExW
CreateWindowExW
UpdateLayeredWindow
SetWindowRgn
ClientToScreen
GetClientRect
GetWindowLongW
OffsetRect
CallWindowProcW
BeginPaint
DrawIconEx
DrawIcon
LoadIconW
LoadBitmapW
DrawTextW
SendMessageW
DestroyIcon
CopyRect
IsRectEmpty
GetShellWindow
wsprintfW
GetIconInfo
GetWindowThreadProcessId
gdi32
GetClipRgn
ExtSelectClipRgn
GetViewportOrgEx
CreateRectRgnIndirect
GetTextExtentPoint32W
TextOutW
RectInRegion
GetTextColor
CreateBitmap
SelectClipRgn
RestoreDC
SaveDC
CreateSolidBrush
GetDeviceCaps
OffsetRgn
CombineRgn
CreateRectRgn
CreateDIBSection
SetViewportOrgEx
CreateDCW
CreateRoundRectRgn
BitBlt
GetCurrentObject
DeleteDC
CreateFontIndirectW
GetObjectW
CreateBrushIndirect
CreatePen
GetStockObject
SetBkColor
ExtTextOutW
RoundRect
Rectangle
StretchBlt
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
SetStretchBltMode
SetTextColor
MoveToEx
CreatePolygonRgn
GetDIBits
CreateCompatibleBitmap
LineTo
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegEnumValueW
RegEnumValueA
RegEnumKeyA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegOpenKeyA
ControlService
StartServiceW
QueryServiceStatus
DeleteService
CreateServiceW
RegQueryValueW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyW
CreateProcessAsUserW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceConfigW
ChangeServiceConfigW
GetUserNameW
RegSetValueExW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
DuplicateTokenEx
ImpersonateLoggedOnUser
SetTokenInformation
RevertToSelf
SetEntriesInAclW
AllocateLocallyUniqueId
BuildTrusteeWithSidW
LookupAccountNameW
LookupAccountSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetTokenInformation
RegSetValueExA
shell32
SHCreateDirectoryExW
SHGetFolderPathW
SHGetFileInfoW
SHGetSpecialFolderPathW
ShellExecuteW
SHChangeNotify
CommandLineToArgvW
ShellExecuteExW
ord680
ord165
SHFileOperationW
ole32
OleInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
oleaut32
VariantTimeToSystemTime
SysFreeString
SysStringLen
VarUI4FromStr
OleCreateFontIndirect
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysAllocStringLen
SysAllocString
VariantClear
VariantInit
VarDateFromStr
msvcp80
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIABV12@@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIABV12@@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??1locale@std@@QAE@XZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
??0locale@std@@QAE@PBDH@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?eof@?$char_traits@_W@std@@SAGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@_W@std@@SAIPB_W@Z
??0?$allocator@_W@std@@QAE@ABV01@@Z
?max_size@?$allocator@_W@std@@QBEIXZ
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
??0?$allocator@_W@std@@QAE@XZ
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??0id@locale@std@@QAE@I@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WII@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?fail@ios_base@std@@QBE_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
msvcr80
asin
_gmtime64
_stricmp
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_cexit
__wgetmainargs
_amsg_exit
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
strpbrk
_vswprintf_p
_vscwprintf_p
_vsprintf_p
_vscprintf_p
__isascii
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isupper
isxdigit
_snwprintf_s
_resetstkoflw
towupper
strtol
_scwprintf
_set_errno
_get_errno
wcsnlen
realloc
_wrename
_exit
_vsnwprintf
_i64tow
sin
pow
_localtime64
fabs
_atoi64
_wtof
swscanf
??0exception@std@@QAE@ABQBDH@Z
floor
ceil
__RTDynamicCast
_mbschr
labs
vsprintf_s
_vscprintf
wcscat_s
_mbsicmp
towlower
_wremove
toupper
sscanf
fwrite
_errno
_isnan
_strnicmp
_open_osfhandle
_fdopen
_fsopen
_wfsopen
_getpid
_wfullpath
_fileno
_chsize
sprintf
strcat
srand
rand
strncpy
strcpy
isalnum
isalpha
tolower
isspace
fseek
ftell
_vsnprintf_s
atof
sscanf_s
fprintf
fputc
ferror
fopen_s
memmove
swprintf_s
wcstok
_strtoui64
_ui64toa
_strtoi64
_i64toa
_itow_s
_i64tow_s
_vsnwprintf_s
atoi
_snwprintf
strstr
strncmp
_ultoa_s
_strlwr_s
_wtol
_mktime64
_wcslwr
wcsncpy
_localtime64_s
_wcsupr_s
strcpy_s
??3@YAXPAX@Z
memcpy_s
memmove_s
wcscmp
wcschr
_vscwprintf
vswprintf_s
wcslen
free
wcsncmp
strlen
calloc
_recalloc
malloc
??2@YAPAXI@Z
memcmp
??_V@YAXPAX@Z
memset
_wcslwr_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
wcspbrk
_local_unwind4
strcat_s
_itoa_s
strncpy_s
sprintf_s
_wcsicmp
iswspace
wcsstr
wcsrchr
_wcsnicmp
wcsncpy_s
_waccess
_beginthreadex
_time64
_wtoi64
wcscpy_s
_wtoi
_purecall
_mbscmp
memcpy
wcscpy
strcmp
abs
_mbsstr
_vswprintf
swscanf_s
fclose
fread
_wfopen
wcscat
wcsspn
wcscspn
wcstol
_wcstoi64
wcstoul
_wcstoui64
wcstod
strchr
_mkdir
strncat_s
shlwapi
SHDeleteKeyW
PathFindExtensionW
PathIsFileSpecW
AssocCreate
PathRemoveArgsW
PathUnquoteSpacesW
PathIsDirectoryW
PathIsUNCW
StrToIntA
PathAddBackslashW
PathRemoveFileSpecW
PathAppendW
SHEnumKeyExW
PathFileExistsW
PathRemoveBackslashW
StrToIntW
StrCpyW
PathIsDirectoryA
PathFileExistsA
SHGetValueA
SHGetValueW
SHSetValueA
SHSetValueW
SHDeleteValueA
SHDeleteValueW
PathFindFileNameW
comctl32
_TrackMouseEvent
InitCommonControlsEx
msimg32
AlphaBlend
gdiplus
GdipClosePathFigure
GdipAddPathArcI
GdipFillPath
GdipCreatePen1
GdipDeletePen
GdipSetSmoothingMode
GdipDrawPath
GdipAddPathStringI
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipSetPixelOffsetMode
GdipGraphicsClear
GdipDrawImageI
GdipGetFamily
GdipGetFontSize
GdipSetPenDashStyle
GdipDrawLinesI
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenMode
GdipDrawLine
GdipDrawRectangleI
GdipAddPathRectangleI
GdipAddPathPieI
GdipSetClipPath
GdipResetWorldTransform
GdipDeletePath
GdipRotateWorldTransform
GdipFillRectangle
GdipCreateLineBrushFromRectI
GdipDrawLineI
GdipSaveImageToStream
GdipAddPathLine2I
GdipCreateBitmapFromHICON
GdipAddPathPolygonI
GdipAddPathEllipseI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetDC
GdipReleaseDC
GdipCreatePath
GdipCloneBrush
GdipCreateFont
GdipCreateFontFromLogfontW
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipPrivateAddFontFile
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipGetFontCollectionFamilyCount
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDrawImagePointsRectI
GdipDrawImageRectRect
GdipImageRotateFlip
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipCloneFontFamily
GdiplusShutdown
GdipAlloc
GdipDeleteFontFamily
GdipFree
GdiplusStartup
GdipTranslateWorldTransform
GdipGetFontCollectionFamilyList
GdipDisposeImage
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
wtsapi32
WTSEnumerateSessionsW
WTSFreeMemory
userenv
LoadUserProfileW
CreateEnvironmentBlock
UnloadUserProfile
DestroyEnvironmentBlock
psapi
GetProcessImageFileNameW
EnumProcesses
GetMappedFileNameW
winmm
timeGetTime
ws2_32
WSASend
WSAGetOverlappedResult
WSAConnect
WSAEnumNetworkEvents
WSACloseEvent
freeaddrinfo
send
recv
socket
WSASocketW
htons
WSAResetEvent
WSAEventSelect
WSAGetLastError
closesocket
__WSAFDIsSet
getsockopt
inet_addr
gethostbyname
ntohl
select
WSAStartup
WSACleanup
ioctlsocket
WSARecv
WSASetLastError
getaddrinfo
WSASetEvent
connect
WSACreateEvent
htonl
wininet
InternetCrackUrlA
InternetCrackUrlW
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 356KB - Virtual size: 355KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 40KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE