d:\work\MRP\output\win32\unlimited\PartAssist.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c53c95599e051b5b1e6f89d52a4d37c6750e0838122b4e5516e26405434c6e9d.exe
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
c53c95599e051b5b1e6f89d52a4d37c6750e0838122b4e5516e26405434c6e9d.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
c53c95599e051b5b1e6f89d52a4d37c6750e0838122b4e5516e26405434c6e9d
-
Size
10.6MB
-
MD5
a5e094565cfef234d0033a9540d2ae34
-
SHA1
897c52cfd8554e38008af42b6f21836f2055c1ac
-
SHA256
c53c95599e051b5b1e6f89d52a4d37c6750e0838122b4e5516e26405434c6e9d
-
SHA512
8068f06b6e3538e09f3ccb6c97aa971fe5d9cb4f251d4078dff3207f5abd56d143bdc3164885d167a8ef87749b3e119d3cbfc8420dfb2ddf7756918cbfaba328
-
SSDEEP
98304:9bKKCJynQ9ApWb2JenDUDUHbyQjbbFtRfks7V/R/gE:IKCPApWbfDZdXzRfz9dgE
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c53c95599e051b5b1e6f89d52a4d37c6750e0838122b4e5516e26405434c6e9d
Files
-
c53c95599e051b5b1e6f89d52a4d37c6750e0838122b4e5516e26405434c6e9d.exe windows:4 windows x86 arch:x86
3dd64ae17ddf94311a0ebc24ea18b5c0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntdll
memcpy
_alldiv
_chkstk
ZwClose
memset
strncmp
vsprintf
ZwQueryVolumeInformationFile
_allmul
NtLoadDriver
NtUnloadDriver
ZwQuerySymbolicLinkObject
ZwOpenSymbolicLinkObject
ZwQueryDirectoryObject
ZwOpenDirectoryObject
_allrem
_aulldiv
wcsncmp
ZwUnloadKey
_aullrem
RtlNtStatusToDosError
ZwSetInformationFile
ZwOpenFile
_strlwr
strrchr
atoi
wcsrchr
sprintf
_allshl
wcstoul
mbstowcs
wcsstr
wcstombs
_wcsupr
NtQueryInformationFile
NtQuerySystemTime
NtReadFile
NtWriteFile
NtDeviceIoControlFile
NtFsControlFile
NtCreateFile
RtlAnsiStringToUnicodeString
NtClose
RtlTimeToSecondsSince1970
_strnicmp
_wcsnicmp
ZwCreateFile
RtlInitUnicodeString
_wcsicmp
strncpy
strchr
_itow
_wtoi64
_wcslwr
_vsnprintf
wcsncpy
_wtoi
wcschr
strstr
scanpartition
DeletePartList
SearchLosePartition
GetDiskCurPartList
DeleteDiskList
SearchCancel
InitDiskList
pe
GetUSBBootLogicObj
GetObjGAHelp
GetObjGATrackingData
IsSupportMakePE
ClsWinrePath
GetPOLoigcObject
wimmgr
Del_File
PackToolToRecovery
GetToolNeedSpace
ssdsecurityerase
ord1
exfat
ord2
upgradeshow
PAGetGlobalDataObject
PAShowRegisterDlg
diskinfo
CreateDiskInfo
mfc80u
ord3108
ord5940
ord5567
ord3393
ord2712
ord4108
ord4111
ord6062
ord3754
ord2647
ord5798
ord4118
ord6060
ord6085
ord3982
ord2154
ord5827
ord5828
ord2137
ord1303
ord1311
ord5311
ord6715
ord1718
ord6716
ord3198
ord4026
ord2648
ord502
ord3281
ord5637
ord4117
ord3995
ord3990
ord5558
ord5524
ord266
ord265
ord777
ord3570
ord2361
ord3678
ord3395
ord6061
ord6161
ord3983
ord4078
ord860
ord754
ord6751
ord416
ord651
ord6749
ord2364
ord1176
ord2981
ord1555
ord3322
ord3877
ord3590
ord347
ord602
ord5723
ord1270
ord5633
ord326
ord5884
ord5636
ord3155
ord2632
ord4573
ord4120
ord3634
ord2709
ord1609
ord1355
ord4193
ord4664
ord4357
ord3930
ord6075
ord2793
ord6083
ord3785
ord6253
ord2139
ord4361
ord4494
ord5511
ord6147
ord3058
ord2674
ord3434
ord2723
ord6157
ord2257
ord350
ord604
ord1384
ord985
ord5388
ord3706
ord3698
ord2812
ord3894
ord1975
ord1634
ord1572
ord3286
ord715
ord5973
ord3070
ord4921
ord4259
ord4271
ord1297
ord2164
ord5144
ord2136
ord3939
ord4013
ord1039
ord2418
ord2419
ord2986
ord5352
ord6140
ord940
ord5201
ord4898
ord2933
ord4129
ord4303
ord5006
ord5003
ord2609
ord1904
ord2932
ord2237
ord5855
ord2135
ord1994
ord3201
ord1548
ord5161
ord395
ord635
ord3150
ord5965
ord736
ord1637
ord1579
ord3306
ord3922
ord1058
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord1178
ord6282
ord5096
ord1172
ord1007
ord5316
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord421
ord655
ord5105
ord3249
ord1434
ord384
ord629
ord5083
ord6284
ord1430
ord4461
ord4463
ord3677
ord6293
ord566
ord547
ord5327
ord757
ord956
ord2239
ord334
ord593
ord3176
ord5113
ord1096
ord5221
ord3824
ord3327
ord1121
ord2832
ord4025
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord368
ord616
ord4699
ord4258
ord4476
ord6039
ord5930
ord2762
ord3034
ord4216
ord1913
ord4733
ord4846
ord4251
ord5491
ord2736
ord5408
ord1370
ord5588
ord5152
ord2042
ord2007
ord6234
ord2615
ord2608
ord4560
ord3444
ord3639
ord3585
ord3676
ord565
ord756
ord5170
ord567
ord758
ord1352
ord5147
ord4855
ord4858
ord4771
ord4585
ord4175
ord4166
ord3599
ord4743
ord3914
ord1403
ord4882
ord2362
ord1719
ord4686
ord2151
ord563
ord1006
ord3417
ord1957
ord4109
ord4155
ord6050
ord5604
ord6056
ord5607
ord2521
ord6058
ord3174
ord5715
ord5917
ord3900
ord5410
ord5584
ord5519
ord5643
ord5638
ord6033
ord6053
ord3875
ord1396
ord5485
ord1765
ord2083
ord4232
ord2952
ord3224
ord2489
ord658
ord1921
ord2867
ord2876
ord2877
ord3873
ord2788
ord5869
ord5742
ord3869
ord2656
ord287
ord5398
ord2460
ord2132
ord3596
ord3627
ord5351
ord3923
ord4190
ord6010
ord1920
ord6077
ord2066
ord1953
ord5157
ord5198
ord6265
ord5141
ord1343
ord2030
ord2072
ord1903
ord3981
ord336
ord595
ord3631
ord3500
ord1416
ord2784
ord1156
ord2268
ord2068
ord3289
ord4290
ord6001
ord3946
ord3857
ord3079
ord3499
ord3103
ord6301
ord5710
ord4902
ord530
ord722
ord1334
ord5058
ord3426
ord5493
ord3561
ord544
ord732
ord4754
ord3666
ord4300
ord5984
ord6087
ord5616
ord4929
ord3331
ord3415
ord3636
ord5909
ord1338
ord4980
ord1543
ord3436
ord357
ord606
ord753
ord4275
ord4715
ord3569
ord1581
ord1727
ord552
ord1735
ord740
ord5357
ord4600
ord1725
ord3668
ord1937
ord6100
ord6098
ord1927
ord1912
ord4930
ord2423
ord4632
ord5700
ord1358
ord4391
ord944
ord4658
ord2008
ord2043
ord2044
ord3791
ord2826
ord2791
ord3296
ord6142
ord6138
ord2067
ord6006
ord6104
ord6106
ord3571
ord553
ord742
ord3669
ord3073
ord5168
ord4235
ord1341
ord4984
ord1344
ord4191
ord1583
ord1639
ord2087
ord3577
ord4237
ord1585
ord1641
ord2089
ord748
ord3670
ord3471
ord3644
ord6115
ord3448
ord1565
ord4074
ord444
ord1633
ord677
ord3508
ord531
ord1564
ord2261
ord1272
ord3240
ord1960
ord5476
ord2265
ord5441
ord1959
ord849
ord277
ord3885
ord5705
ord1244
ord1087
ord435
ord1946
ord3250
ord5673
ord965
ord2254
ord2368
ord423
ord3503
ord4057
ord862
ord3227
ord660
ord5462
ord3497
ord1000
ord669
ord5477
ord723
ord330
ord609
ord589
ord4094
ord5440
ord314
ord5943
ord3290
ord3460
ord3238
ord4100
ord5166
ord2121
ord5353
ord5704
ord1264
ord730
msvcr80
feof
fgets
realloc
calloc
wcscpy_s
free
malloc
_purecall
_time64
srand
exit
system
setlocale
_wfreopen
_open_osfhandle
__iob_func
_wfdopen
_vsnwprintf
_mktime64
printf
rename
_wtof
wprintf
fopen
fclose
fread
fopen_s
sprintf_s
strcat_s
strcpy_s
swscanf
_beginthreadex
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
memcpy_s
memmove_s
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
swprintf_s
?what@exception@std@@UBEPBDXZ
_vswprintf
_swprintf
_CIcos
_vswprintf_c_l
wcscat_s
_localtime64
_endthread
__CxxFrameHandler3
wcsncpy_s
_CxxThrowException
isdigit
memmove
qsort
ceil
fprintf
fflush
_endthreadex
memcmp
_isatty
_fileno
fputs
fputc
wcslen
fgetc
wcscpy
sin
cos
strcpy
swscanf_s
strcat
_localtime64_s
_beginthread
wcscat
_msize
strcmp
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_except_handler4_common
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_crt_debugger_hook
rand
_CIsin
kernel32
IsBadReadPtr
GetSystemWow64DirectoryW
GetVersionExA
GetSystemInfo
SetEvent
CreateEventW
lstrlenW
WinExec
lstrcpyW
OutputDebugStringW
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetSystemDirectoryW
IsBadWritePtr
GetCurrentThread
CreateFileA
OutputDebugStringA
FlushFileBuffers
QueryDosDeviceW
LocalAlloc
CreateMutexW
DefineDosDeviceW
GetVersion
GetDiskFreeSpaceW
LocalFree
FormatMessageW
GetFileSizeEx
FindNextFileW
WriteFile
SetFilePointer
FreeEnvironmentStringsW
SetFileTime
GetEnvironmentStringsW
SystemTimeToFileTime
SetEndOfFile
SetFilePointerEx
RemoveDirectoryW
SetFileAttributesW
MoveFileW
SetFileAttributesA
SetThreadExecutionState
GetDriveTypeA
GlobalLock
LockResource
GlobalAlloc
LoadResource
SizeofResource
FindResourceW
GlobalFree
GetThreadContext
GetTickCount
GetConsoleWindow
ReleaseMutex
SetConsoleTitleW
FreeConsole
GetStdHandle
AttachConsole
GetLocalTime
CopyFileA
CreateThread
GetPrivateProfileStringW
TerminateProcess
GetPrivateProfileIntA
GetDriveTypeW
GetSystemWindowsDirectoryA
GetPrivateProfileIntW
CreateProcessW
DeleteFileW
OpenProcess
CopyFileW
Process32NextW
GetWindowsDirectoryW
Process32FirstW
CreateToolhelp32Snapshot
MulDiv
GetSystemDefaultLangID
ReadFile
GetCurrentProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcess
SetLastError
LoadLibraryW
GetProcAddress
GetModuleHandleW
LoadLibraryA
FreeLibrary
FindClose
FindFirstFileW
GetLogicalDrives
Sleep
GetVersionExW
WideCharToMultiByte
MultiByteToWideChar
GetExitCodeThread
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
DeleteFileA
GetFileAttributesA
TerminateThread
GetLastError
DeviceIoControl
GetSystemPowerStatus
GetSystemWindowsDirectoryW
GetFileAttributesW
CloseHandle
WritePrivateProfileStringW
CreateFileW
GetModuleFileNameW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
FormatMessageA
MoveFileA
GetFullPathNameA
GetTempPathA
GetTempPathW
GetFullPathNameW
MoveFileExW
LockFileEx
HeapFree
HeapDestroy
HeapReAlloc
InterlockedCompareExchange
HeapCreate
UnlockFile
HeapValidate
LockFile
CreateFileMappingA
HeapCompact
WaitForSingleObjectEx
CreateFileMappingW
TryEnterCriticalSection
UnlockFileEx
GetDiskFreeSpaceA
GetProcessHeap
GetSystemTimeAsFileTime
HeapAlloc
HeapSize
InterlockedExchange
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
FindFirstFileA
FindNextFileA
CreateDirectoryA
RemoveDirectoryA
CreateDirectoryW
GetVolumeNameForVolumeMountPointW
WriteConsoleW
AllocConsole
CreatePipe
DuplicateHandle
GetWindowsDirectoryA
GetCurrentDirectoryW
GetDiskFreeSpaceExW
GetVolumeInformationW
SuspendThread
ResumeThread
GetFileAttributesExW
SetVolumeMountPointW
DeleteVolumeMountPointW
GlobalMemoryStatusEx
UnmapViewOfFile
MapViewOfFile
OpenEventW
OpenFileMappingW
SetHandleInformation
GetSystemTime
SetVolumeLabelW
VirtualFree
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
ResetEvent
CreateEventA
InitializeCriticalSection
GetTimeZoneInformation
DeleteCriticalSection
QueryPerformanceCounter
GetFileSize
LoadLibraryExA
AreFileApisANSI
OpenFileMappingA
OpenEventA
GetLogicalDriveStringsW
lstrlenA
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
GlobalUnlock
user32
GetMenuInfo
SetRect
DrawFocusRect
CallWindowProcW
DrawEdge
IsWindow
DrawStateW
GetWindowTextW
IsWindowVisible
ClientToScreen
RedrawWindow
SetCapture
GetWindow
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
SystemParametersInfoW
GetSysColorBrush
InflateRect
GetDCEx
OffsetRect
ReleaseCapture
GetSysColor
IsChild
GetKeyState
ReleaseDC
ExitWindowsEx
RemovePropW
SetPropW
GetPropW
SetForegroundWindow
FrameRect
GetFocus
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CopyRect
GetDC
ChangeDisplaySettingsW
EnumDisplaySettingsW
DispatchMessageW
TranslateMessage
PeekMessageW
UpdateWindow
WindowFromDC
PtInRect
LoadBitmapW
DrawMenuBar
IsIconic
SetMenu
wsprintfW
FindWindowW
DeleteMenu
GetSubMenu
GetMenuDefaultItem
AppendMenuW
IntersectRect
GetMenuItemID
GetClassNameW
DestroyIcon
InsertMenuW
CallNextHookEx
ModifyMenuW
IsMenu
GetIconInfo
SetMenuInfo
GetMenuItemRect
LoadMenuW
GetMenuItemInfoW
GetMenuState
SetWindowsHookExW
SetWindowPos
GetMenuItemCount
EnableMenuItem
CreatePopupMenu
GetActiveWindow
UnhookWindowsHookEx
GetMessagePos
UnregisterClassA
SetWindowRgn
GetAsyncKeyState
WindowFromPoint
CharLowerW
CopyIcon
DestroyCursor
GetDlgItem
EndDialog
GetDlgItemTextA
GetCapture
CharPrevA
CharUpperA
CharUpperW
IsZoomed
LoadImageW
FillRect
MessageBeep
GetWindowLongW
ShowWindow
MessageBoxW
SetWindowLongW
InvalidateRect
SetCursor
LoadCursorW
ShowScrollBar
PostMessageW
GetMenu
GetSystemMenu
DestroyMenu
GetCursorPos
GetParent
DrawIconEx
LoadIconW
MoveWindow
ScreenToClient
GetClientRect
KillTimer
EnableWindow
GetDesktopWindow
GetWindowRect
GetSystemMetrics
SetTimer
SendMessageW
CharNextA
TrackMouseEvent
IsWindowEnabled
CreateWindowExW
RegisterClassW
SetParent
CreateDialogParamW
GetMessageW
DefWindowProcW
GetDlgCtrlID
SetScrollInfo
GetScrollInfo
IsDlgButtonChecked
GetWindowDC
gdi32
GetTextMetricsW
ExcludeClipRect
GetGlyphOutlineW
GetCurrentObject
SetTextJustification
MoveToEx
SetBkMode
CreatePolygonRgn
CreateRoundRectRgn
FrameRgn
Pie
StrokeAndFillPath
EndPath
BeginPath
Arc
SetBrushOrgEx
GetNearestColor
UnrealizeObject
RoundRect
SetPixel
SelectClipRgn
FillRgn
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
CreatePatternBrush
GetPixel
PatBlt
EnumFontFamiliesW
CreateSolidBrush
CreateFontW
DeleteDC
GetTextExtentPoint32W
CreateCompatibleDC
GetBkColor
GetStockObject
GetObjectW
CreateCompatibleBitmap
CreateBitmap
SelectObject
DPtoLP
BitBlt
StretchBlt
GetMapMode
SetBkColor
SetTextColor
DeleteObject
CreatePen
Rectangle
GetTextColor
CreateDCW
GetDeviceCaps
CreateFontIndirectW
PtVisible
RectVisible
TextOutW
ExtTextOutW
LineTo
Escape
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegOpenKeyExA
RegQueryValueExW
SetSecurityInfo
RegOpenKeyW
RegCreateKeyExW
ConvertStringSidToSidW
SetNamedSecurityInfoW
RegSetValueExW
RegCloseKey
BuildExplicitAccessWithNameW
SetEntriesInAclW
OpenSCManagerW
CloseServiceHandle
LookupPrivilegeValueW
AdjustTokenPrivileges
AllocateAndInitializeSid
OpenThreadToken
OpenProcessToken
FreeSid
GetTokenInformation
EqualSid
OpenServiceW
EnumServicesStatusW
QueryServiceStatus
QueryServiceConfigW
ControlService
RegSaveKeyW
RegFlushKey
RegOpenKeyA
RegDeleteValueW
RegDeleteKeyW
RegSetKeySecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegGetKeySecurity
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegLoadKeyW
RegQueryValueExA
RegQueryValueW
RegOpenKeyExW
shell32
SHGetFileInfoW
DragQueryFileW
SHGetSpecialFolderPathW
ShellExecuteA
SHGetFolderPathW
DragAcceptFiles
ShellExecuteW
CommandLineToArgvW
SHAppBarMessage
ExtractIconW
SHGetPathFromIDListW
SHBrowseForFolderW
comctl32
InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
shlwapi
PathAppendW
StrStrIW
ole32
CoUninitialize
CoCreateInstance
CoCreateGuid
CoInitialize
CreateStreamOnHGlobal
oleaut32
SysAllocString
VariantCopy
VariantInit
SysStringByteLen
VariantClear
urlmon
URLDownloadToFileA
msvcp80
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@0@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
gdiplus
GdiplusShutdown
GdipDeleteGraphics
GdiplusStartup
GdipAlloc
GdipFree
GdipCreateFromHDC
GdipCloneImage
GdipLoadImageFromStreamICM
GdipDrawImageRectRect
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
wininet
DeleteUrlCacheEntryA
netapi32
NetUserEnum
mpr
WNetGetUniversalNameW
rpcrt4
UuidCreate
psapi
GetProcessImageFileNameW
Exports
Exports
FormatExtFs
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 944KB - Virtual size: 940KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 120KB - Virtual size: 32.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6.4MB - Virtual size: 6.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE