E:\KINGSOFT_DUBA\Build\Build_Src\kisengine_git\1517\product\win32\dbginfo\KCleaner.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5da8284b9a8a3ffe30fb5755d27040a5fc98aae7441df39fb6a87dbcfb27e097.dll
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
5da8284b9a8a3ffe30fb5755d27040a5fc98aae7441df39fb6a87dbcfb27e097.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
5da8284b9a8a3ffe30fb5755d27040a5fc98aae7441df39fb6a87dbcfb27e097
-
Size
6.2MB
-
MD5
177cb2fdf359bc742e2a7f655c1281eb
-
SHA1
3810b74e9a1c25308b420027167570d0bd0bc52e
-
SHA256
5da8284b9a8a3ffe30fb5755d27040a5fc98aae7441df39fb6a87dbcfb27e097
-
SHA512
bb44d37e783e296a0551e9adc4a9051824b6d2be60cf7ab6a11d56e0a386c280864f68775a38e475b909a9455cc24e26f1e568474e8c02fe1e03fd88269a95ae
-
SSDEEP
196608:zCpuB6l4fuUnfEbhjik4YhRhYv14tI9HTWpdGNq/5:zsuB8UfiCNm
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5da8284b9a8a3ffe30fb5755d27040a5fc98aae7441df39fb6a87dbcfb27e097
Files
-
5da8284b9a8a3ffe30fb5755d27040a5fc98aae7441df39fb6a87dbcfb27e097.dll windows:6 windows x86 arch:x86
d9cce85dd797ae0f3bdf3d4f27454327
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
CreateProcessW
FreeResource
GlobalFree
OpenMutexW
VerSetConditionMask
OutputDebugStringW
QueryPerformanceFrequency
VerifyVersionInfoW
WritePrivateProfileSectionW
FileTimeToLocalFileTime
GetDriveTypeW
GetLogicalDrives
SetErrorMode
GlobalMemoryStatusEx
GetCommandLineW
EnumResourceNamesW
GlobalDeleteAtom
GlobalGetAtomNameW
DisableThreadLibraryCalls
lstrcmpiW
GetCompressedFileSizeW
QueryPerformanceCounter
GlobalAddAtomW
GetVersion
CreateDirectoryA
DeleteFileA
FindFirstFileA
FindNextFileA
GetFileAttributesA
GetFileAttributesExA
RemoveDirectoryA
SetFileAttributesA
VirtualProtectEx
CopyFileA
MoveFileA
MoveFileExA
ExpandEnvironmentStringsW
TerminateProcess
GetExitCodeProcess
Module32NextW
OpenFileMappingW
GetSystemTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WaitNamedPipeW
LocalFree
LocalAlloc
FlushFileBuffers
ConvertThreadToFiber
ConvertFiberToThread
GetModuleHandleExW
CreateFiber
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
VerifyVersionInfoA
PeekNamedPipe
GetFileType
GetStdHandle
GetEnvironmentVariableA
SetFileAttributesW
LoadLibraryA
OutputDebugStringA
GetSystemDirectoryA
SleepEx
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
TryAcquireSRWLockShared
TryAcquireSRWLockExclusive
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualFreeEx
WriteProcessMemory
ReadProcessMemory
VirtualAllocEx
GetFullPathNameW
IsBadWritePtr
lstrcmpW
CreateFileA
GetProcAddress
GetTempFileNameW
GetFileTime
CopyFileW
GetPrivateProfileIntW
GetModuleHandleW
GetVersionExW
GetSystemDirectoryW
FormatMessageW
GetCurrentThreadId
GetCurrentProcessId
Sleep
CreateMutexW
WaitForSingleObject
ReleaseMutex
SetLastError
GetFileSizeEx
DeleteFileW
SetEndOfFile
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
GetUserDefaultLangID
GetModuleFileNameW
FileTimeToSystemTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetTickCount
GetLocalTime
GetFileSize
GetFileInformationByHandle
WideCharToMultiByte
MulDiv
GlobalLock
GlobalUnlock
GlobalAlloc
ResetEvent
TzSpecificLocalTimeToSystemTime
GetSystemInfo
lstrlenW
ReplaceFileW
MoveFileW
QueryDosDeviceW
GetVolumePathNameW
GetVolumeInformationW
GetLongPathNameW
GetLogicalDriveStringsW
GetFileAttributesExW
SetCurrentDirectoryW
LoadLibraryExW
GetExitCodeThread
WaitForMultipleObjects
OpenEventW
CreateEventW
SetEvent
ResumeThread
SuspendThread
TerminateThread
CreateThread
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
ProcessIdToSessionId
SetThreadPriority
GetCurrentThread
SetFilePointerEx
GetComputerNameA
GetDiskFreeSpaceExW
RemoveDirectoryW
FindNextFileW
FindFirstFileW
FindClose
lstrcmpA
GetWindowsDirectoryW
WritePrivateProfileStringW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentProcess
SystemTimeToTzSpecificLocalTime
MoveFileExW
GetModuleHandleA
GetTempPathW
LoadLibraryW
FreeLibrary
CompareFileTime
MultiByteToWideChar
SystemTimeToFileTime
CloseHandle
WriteFile
SetFileTime
SetFilePointer
ReadFile
LocalFileTimeToFileTime
GetFileAttributesW
CreateFileW
CreateDirectoryW
GetPrivateProfileStringW
GetCurrentDirectoryW
user32
IntersectRect
InflateRect
SetRectEmpty
SetRect
MapWindowPoints
GetCursorPos
SetCursor
UnionRect
GetForegroundWindow
SetActiveWindow
IsWindowEnabled
EnableWindow
KillTimer
SetTimer
GetActiveWindow
GetNextDlgTabItem
AttachThreadInput
GetSystemMetrics
GetShellWindow
GetWindowThreadProcessId
FindWindowW
GetWindow
PostMessageW
SetWindowTextW
RedrawWindow
SendMessageW
InvalidateRect
IsRectEmpty
EqualRect
PtInRect
LoadImageW
IsDialogMessageW
MonitorFromWindow
GetMonitorInfoW
EnumDisplaySettingsW
DefWindowProcW
EnumDisplayDevicesW
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
IsIconic
SwitchToThisWindow
GetLastActivePopup
DestroyCursor
LoadStringW
GetIconInfo
GetWindowTextW
DestroyWindow
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
CallWindowProcW
SetForegroundWindow
GetClassNameW
EnumChildWindows
FillRect
GetSysColor
ScreenToClient
GetWindowTextLengthW
ShowWindow
UpdateLayeredWindow
SetWindowPos
IsWindowVisible
BringWindowToTop
UpdateWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
SetWindowRgn
GetClientRect
GetWindowRect
ClientToScreen
OffsetRect
GetWindowLongW
SetWindowLongW
GetParent
FindWindowExW
LoadCursorW
SystemParametersInfoW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
PostThreadMessageW
DrawIcon
DrawTextW
CopyRect
LoadBitmapW
LoadIconW
DestroyIcon
DrawIconEx
IsChild
MoveWindow
GetDlgItem
GetDlgCtrlID
CharNextW
SetFocus
GetFocus
SetCapture
ReleaseCapture
DestroyAcceleratorTable
CreateAcceleratorTableW
RegisterWindowMessageW
wsprintfW
UnregisterClassW
GetDesktopWindow
InvalidateRgn
gdi32
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectInRegion
GetWindowOrgEx
GetViewportOrgEx
GetTextExtentPoint32W
GetTextColor
GetRgnBox
GetDIBits
GetClipRgn
CreateRoundRectRgn
CreateRectRgnIndirect
CreateDCW
GetDeviceCaps
CreateSolidBrush
ExtTextOutW
MoveToEx
GetObjectW
SetTextColor
SetGraphicsMode
SetBkColor
RoundRect
Rectangle
LineTo
GetCurrentObject
CreatePen
CreateFontIndirectW
CreateBrushIndirect
SetViewportOrgEx
CreateDIBSection
StretchBlt
SetBkMode
SelectObject
OffsetRgn
GetStockObject
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
GetWorldTransform
SetWorldTransform
TextOutW
SetWindowOrgEx
CreateBitmap
SetStretchBltMode
CreatePolygonRgn
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
CryptGenRandom
RegQueryValueW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumKeyW
RegQueryInfoKeyW
ImpersonateLoggedOnUser
RevertToSelf
RegOpenCurrentUser
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
AllocateLocallyUniqueId
CopySid
GetLengthSid
GetTokenInformation
LookupAccountSidW
LookupAccountNameW
SetEntriesInAclW
BuildTrusteeWithSidW
SetTokenInformation
DuplicateTokenEx
RegEnumKeyExW
GetUserNameW
CreateProcessAsUserW
ChangeServiceConfigW
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
ControlService
CreateServiceW
DeleteService
QueryServiceStatus
StartServiceW
RegCreateKeyA
RegCreateKeyW
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
OpenProcessToken
RegEnumValueW
RegOpenKeyA
RegSetValueExA
shell32
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFileInfoW
SHGetFolderPathW
SHChangeNotify
CommandLineToArgvW
ord165
ShellExecuteExW
ord680
SHCreateDirectoryExW
ole32
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
OleLockRunning
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoCreateGuid
CoGetClassObject
CreateStreamOnHGlobal
CoCreateInstance
oleaut32
OleCreateFontIndirect
DispCallFunc
LoadRegTypeLi
LoadTypeLi
VarDateFromStr
VariantInit
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString
VarUI4FromStr
VariantTimeToSystemTime
VariantClear
msvcp140
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
?_Syserror_map@std@@YAPBDH@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_W_Getdays@_Locinfo@std@@QBEPBGXZ
?_W_Getmonths@_Locinfo@std@@QBEPBGXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
shlwapi
PathFileExistsA
PathIsDirectoryA
SHDeleteValueA
SHDeleteValueW
StrCpyW
SHGetValueW
SHSetValueA
SHSetValueW
StrToIntA
SHGetValueA
AssocCreate
PathRemoveArgsW
StrToIntW
StrCmpW
PathFindExtensionW
SHEnumKeyExW
SHDeleteKeyW
PathRemoveBackslashW
PathIsRootW
PathAddBackslashW
PathIsDirectoryW
PathUnquoteSpacesW
PathIsFileSpecW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW
PathAppendW
PathFileExistsW
comctl32
InitCommonControlsEx
DrawShadowText
_TrackMouseEvent
msimg32
AlphaBlend
gdiplus
GdipSetPenMode
GdipSetPenDashStyle
GdipSetPenStartCap
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawLine
GdipDrawLinesI
GdipDrawRectangleI
GdipDrawPath
GdipGraphicsClear
GdipFillRectangle
GdipFillRectangleI
GdipFillPath
GdipDrawImageI
GdipDrawImageRectRect
GdipDeletePen
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipCreateFont
GdipDeleteFont
GdipGetFamily
GdipGetFontSize
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreatePen1
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetImagePixelFormat
GdipCloneBitmapArea
GdipCreateSolidFill
GdipDrawLineI
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipDeleteBrush
GdipGetDC
GdipReleaseDC
GdipCloneBrush
GdipCreateLineBrushFromRectI
GdipImageRotateFlip
GdipSetPenEndCap
GdipDrawImagePointsRectI
GdipAddPathLine2I
GdipAddPathPieI
GdipResetPath
GdipAddPathBeziersI
GdipCreateLineBrushI
GdipSaveImageToStream
GdipAddPathRectangleI
GdipAddPathArcI
GdipAddPathStringI
GdipClosePathFigure
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipSetClipPath
GdipDrawImageRectRectI
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipAddPathEllipseI
GdipDeletePath
GdipCreatePath
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipPrivateAddFontFile
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipCloneFontFamily
GdiplusShutdown
GdiplusStartup
GdipDeleteFontFamily
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdipAddPathPolygonI
GdipCreateBitmapFromHICON
GdipSetClipHrgn
ws2_32
WSAGetLastError
sendto
recvfrom
gethostbyname
getnameinfo
shutdown
ntohl
closesocket
WSAStartup
WSACleanup
WSASetLastError
gethostname
WSACloseEvent
WSAConnect
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetOverlappedResult
WSARecv
WSAResetEvent
WSASend
WSASetEvent
WSASocketW
GetAddrInfoW
FreeAddrInfoW
recv
send
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSAIoctl
accept
htonl
listen
ioctlsocket
__WSAFDIsSet
select
getaddrinfo
freeaddrinfo
crypt32
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenSystemStoreA
wldap32
ord35
ord33
ord32
ord27
ord26
ord79
ord41
ord50
ord45
ord60
ord211
ord46
ord217
ord143
ord30
ord200
ord301
ord22
normaliz
IdnToAscii
IdnToUnicode
wtsapi32
WTSEnumerateSessionsW
WTSFreeMemory
psapi
GetMappedFileNameW
wininet
InternetCrackUrlA
InternetCrackUrlW
userenv
UnloadUserProfile
CreateEnvironmentBlock
DestroyEnvironmentBlock
LoadUserProfileW
vcruntime140
memchr
memcmp
__CxxFrameHandler3
wcschr
memmove
strstr
__std_exception_destroy
__std_exception_copy
wcsstr
memset
memcpy
_purecall
wcsrchr
_local_unwind4
strchr
_CxxThrowException
__RTDynamicCast
__std_type_info_destroy_list
strrchr
_except_handler4_common
__current_exception
__std_terminate
__current_exception_context
api-ms-win-crt-string-l1-1-0
wcsspn
wcscspn
_wcsnicmp
strcpy_s
wcsncpy_s
strcat_s
wcscpy
wcscat
wcspbrk
_wcsicmp
strnlen
wcsncmp
wmemcpy_s
isalpha
isupper
islower
isdigit
isxdigit
isspace
ispunct
isalnum
isprint
isgraph
iscntrl
toupper
__isascii
strncmp
_wcslwr_s
wcscat_s
wcsnlen
wcscmp
iswspace
towupper
strncpy
strcat
tolower
strlen
strcpy
strcmp
_wcsupr_s
wcsncpy
wcslen
_strlwr_s
wcstok
strncat_s
_strnicmp
_stricmp
strpbrk
strcspn
strspn
_strdup
wcscpy_s
strncpy_s
api-ms-win-crt-heap-l1-1-0
malloc
calloc
_callnewh
_recalloc
free
realloc
_msize
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vswprintf_s
_close
_setmode
__stdio_common_vswprintf_p
__stdio_common_vsprintf_p
clearerr
__stdio_common_vsnwprintf_s
fopen_s
ferror
setbuf
fseek
__stdio_common_vfprintf
__stdio_common_vswprintf
__acrt_iob_func
fputs
__stdio_common_vswscanf
_wfopen
fclose
fread
__stdio_common_vsnprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
_lseeki64
ungetc
setvbuf
fwrite
_open_osfhandle
fgets
_open
fopen
_wfopen_s
ftell
_chsize
_read
_fseeki64
fsetpos
_fsopen
_write
fputc
feof
_wfsopen
_get_stream_buffer_pointers
fflush
fgetc
fgetpos
_fileno
api-ms-win-crt-utility-l1-1-0
rand
labs
qsort
srand
abs
api-ms-win-crt-runtime-l1-1-0
_initterm_e
strerror
_getpid
_initterm
__sys_nerr
terminate
raise
strerror_s
signal
_set_errno
_get_errno
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_cexit
_configure_narrow_argv
_invalid_parameter_noinfo
_errno
_initialize_narrow_environment
_initialize_onexit_table
_exit
_register_onexit_function
_execute_onexit_table
_crt_atexit
_beginthreadex
_crt_at_quick_exit
api-ms-win-crt-convert-l1-1-0
_atoi64
_ui64toa
_i64toa
strtoul
_wcstoui64
_wcstoi64
wcstoul
_i64tow
wcstod
_strtoui64
_strtoi64
_itoa_s
strtoll
atoi
_i64tow_s
_itow_s
_ultoa_s
_wtof
strtol
wcstol
_wtol
atof
wcstombs
_wtoi64
_wtoi
wcstoull
api-ms-win-crt-time-l1-1-0
_gmtime64
_mkgmtime64
_time32
_time64
_mktime64
_localtime64_s
strftime
wcsftime
_gmtime64_s
api-ms-win-crt-multibyte-l1-1-0
_mbschr
_mbscmp
_mbsstr
_mbsinc
_mbsicmp
api-ms-win-crt-filesystem-l1-1-0
_stat64
_stat64i32
_access
_unlock_file
_lock_file
_fstat64
_wfullpath
_chmod
_unlink
_waccess
_mkdir
_wrename
_fstat64i32
api-ms-win-crt-math-l1-1-0
pow
floor
sqrt
_except1
_fdopen
fabs
cos
sin
modf
_finite
_isnan
_dclass
asin
ceil
api-ms-win-crt-environment-l1-1-0
getenv
Exports
Exports
DllCanUnloadNow
DllGetClassObject
isblank
Sections
.text Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 804KB - Virtual size: 804KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 65KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 200KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ