virus[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

virus.rar
Size

2.4MB
MD5

6205febc3a0fc77551fc007c2dff3ff9
SHA1

6e6677f8c64b214a5d5ea3318f8dce9d4f31c903
SHA256

cc5b7862b712213b7b0c42e707a903aa0bb63c92fee4ee12b12b56baeceabd89
SHA512

2d6ba01085d59221c60255051d830b20b41df526849ab89e4e866fe4b37657a074c9cbedd8fb9e5c95bbf2183687ceeb0f28d35b9475282a6fec46463639b1a2
SSDEEP

49152:YFhunzSaDbh/omNP2GOmj/PG5ezePg7wJF9cUKwBB0Gx/VS:eU3Db/AcW5eI99ctwzS

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/virus/Administrator.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/virus/Administrator.exe
unpack001/virus/H7Ucs/rPcDo~m7/common.dll
unpack001/virus/dyxdgwfc/QQgames.exe

Files

virus.rar
.rar
virus/Administrator.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 920KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 265KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 427KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
virus/H7Ucs/rPcDo~m7/AK.TXT
virus/H7Ucs/rPcDo~m7/Lua51.dll
.dll windows:6 windows x86 arch:x86

3a6d420059802f11d6a8618c0671a808

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:43:69:c3:59:c2:c5:56:53:e3:43:ef:fa:03:ee:55:d6:94:94:ad:e2:94:f7:1b:d9:d7:e2:42:d3:0d:7f:f9
Signer

Actual PE Digest

6b:43:69:c3:59:c2:c5:56:53:e3:43:ef:fa:03:ee:55:d6:94:94:ad:e2:94:f7:1b:d9:d7:e2:42:d3:0d:7f:f9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\git\wegame_client\dependences\Lua\include\lua51.pdb

Imports

kernel32

GetLastError
SetLastError
VirtualAlloc
VirtualFree
VirtualQuery
VirtualProtect
FreeLibrary
GetModuleHandleExA
GetProcAddress
LoadLibraryA
FormatMessageA
GetModuleFileNameA
GetModuleHandleA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW

vcruntime140

memcpy
memset
memmove
strchr
strstr
strrchr
memchr
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_errno
_register_onexit_function
_initterm
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
system
_initterm_e
exit
_initialize_onexit_table
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_execute_onexit_table
strerror

api-ms-win-crt-stdio-l1-1-0

fopen
fputs
ferror
feof
fclose
putchar
__stdio_common_vsscanf
fgets
clearerr
_fseeki64
_ftelli64
getc
_pclose
_popen
setvbuf
tmpfile
ungetc
__stdio_common_vsprintf_p
__stdio_common_vsnprintf_s
__p__fmode
fwrite
fread
__stdio_common_vsprintf
__stdio_common_vfscanf
__stdio_common_vfprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfprintf
__stdio_common_vswscanf
tmpnam
__stdio_common_vswprintf_p
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf_s
__stdio_common_vswprintf
__stdio_common_vfwscanf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vfwprintf
__acrt_iob_func
fputc
fflush
__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
strlen
strpbrk

api-ms-win-crt-math-l1-1-0

tanh
_CIcosh
_CIsinh
_CItanh
floor
ldexp
_except1
sinh
cosh

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-time-l1-1-0

_localtime64
_difftime64
_mktime64
_time64
clock
strftime
_gmtime64

api-ms-win-crt-filesystem-l1-1-0

rename
remove

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-locale-l1-1-0

setlocale

Exports

Exports

__swprintf_l
__vswprintf_l
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fscanf_l
_fscanf_s_l
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwscanf_l
_fwscanf_s_l
_printf_l
_printf_p
_printf_p_l
_printf_s_l
_scanf_l
_scanf_s_l
_scprintf
_scprintf_l
_scprintf_p
_scprintf_p_l
_scwprintf
_scwprintf_l
_scwprintf_p
_scwprintf_p_l
_snprintf
_snprintf_c
_snprintf_c_l
_snprintf_l
_snprintf_s
_snprintf_s_l
_snscanf
_snscanf_l
_snscanf_s
_snscanf_s_l
_snwprintf
_snwprintf_l
_snwprintf_s
_snwprintf_s_l
_snwscanf
_snwscanf_l
_snwscanf_s
_snwscanf_s_l
_sprintf_l
_sprintf_p
_sprintf_p_l
_sprintf_s_l
_sscanf_l
_sscanf_s_l
_swprintf
_swprintf_c
_swprintf_c_l
_swprintf_l
_swprintf_p
_swprintf_p_l
_swprintf_s_l
_swscanf_l
_swscanf_s_l
_vfprintf_l
_vfprintf_p
_vfprintf_p_l
_vfprintf_s_l
_vfscanf_l
_vfscanf_s_l
_vfwprintf_l
_vfwprintf_p
_vfwprintf_p_l
_vfwprintf_s_l
_vfwscanf_l
_vfwscanf_s_l
_vprintf_l
_vprintf_p
_vprintf_p_l
_vprintf_s_l
_vscanf_l
_vscanf_s_l
_vscprintf
_vscprintf_l
_vscprintf_p
_vscprintf_p_l
_vscwprintf
_vscwprintf_l
_vscwprintf_p
_vscwprintf_p_l
_vsnprintf
_vsnprintf_c
_vsnprintf_c_l
_vsnprintf_l
_vsnprintf_s
_vsnprintf_s_l
_vsnwprintf
_vsnwprintf_l
_vsnwprintf_s
_vsnwprintf_s_l
_vsnwscanf_l
_vsnwscanf_s_l
_vsprintf_l
_vsprintf_p
_vsprintf_p_l
_vsprintf_s_l
_vsscanf_l
_vsscanf_s_l
_vswprintf
_vswprintf_c
_vswprintf_c_l
_vswprintf_l
_vswprintf_p
_vswprintf_p_l
_vswprintf_s_l
_vswscanf_l
_vswscanf_s_l
_vwprintf_l
_vwprintf_p
_vwprintf_p_l
_vwprintf_s_l
_vwscanf_l
_vwscanf_s_l
_wprintf_l
_wprintf_p
_wprintf_p_l
_wprintf_s_l
_wscanf_l
_wscanf_s_l
fprintf
fprintf_s
fscanf
fscanf_s
fwprintf
fwprintf_s
fwscanf
fwscanf_s
luaJIT_setmode
luaJIT_version_2_0_5
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_error
luaL_execresult
luaL_fileresult
luaL_findtable
luaL_getmetafield
luaL_gsub
luaL_loadbuffer
luaL_loadbufferx
luaL_loadfile
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffer
luaL_pushresult
luaL_ref
luaL_register
luaL_traceback
luaL_typerror
luaL_unref
luaL_where
lua_atpanic
lua_call
lua_checkstack
lua_close
lua_concat
lua_cpcall
lua_createtable
lua_dump
lua_equal
lua_error
lua_gc
lua_getallocf
lua_getfenv
lua_getfield
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_insert
lua_iscfunction
lua_isnumber
lua_isstring
lua_isuserdata
lua_lessthan
lua_load
lua_loadx
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_objlen
lua_pcall
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawset
lua_rawseti
lua_remove
lua_replace
lua_resume
lua_setallocf
lua_setfenv
lua_setfield
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointeger
lua_tolstring
lua_tonumber
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_xmove
lua_yield
luaopen_base
luaopen_bit
luaopen_debug
luaopen_ffi
luaopen_io
luaopen_jit
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table
printf
printf_s
scanf
scanf_s
snprintf
sprintf
sprintf_s
sscanf
sscanf_s
swprintf
swprintf_s
swscanf
swscanf_s
vfprintf
vfprintf_s
vfscanf
vfscanf_s
vfwprintf
vfwprintf_s
vfwscanf
vfwscanf_s
vprintf
vprintf_s
vscanf
vscanf_s
vsnprintf
vsnprintf_s
vsprintf
vsprintf_s
vsscanf
vsscanf_s
vswprintf
vswprintf_s
vswscanf
vswscanf_s
vwprintf
vwprintf_s
vwscanf
vwscanf_s
wprintf
wprintf_s
wscanf
wscanf_s

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
virus/H7Ucs/rPcDo~m7/adapt_for_imports.dll
.dll windows:5 windows x86 arch:x86

337670dc854d4bbbff6f7ed8ca42353b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:2e:4e:1a:24:01:a8:f0:cc:a0:f1:0d:69:36:26:6e:f4:4c:76:80:99:17:45:1b:7d:09:1a:b6:3a:f6:78:83
Signer

Actual PE Digest

dd:2e:4e:1a:24:01:a8:f0:cc:a0:f1:0d:69:36:26:6e:f4:4c:76:80:99:17:45:1b:7d:09:1a:b6:3a:f6:78:83

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dailybuild_fix_5.4\wegame_client\build\lib\Release\adapt_for_imports.pdb

Imports

common

?loc_to_u8@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?get_workingdir_path_ex@Application@common@ierd_tgp@@SA?AVpath@filesystem@3@XZ
?instance@Application@common@ierd_tgp@@SAPAV123@XZ
?PushUniqueThreadAsyncTask@common@ierd_tgp@@YAIV?$function@$$A6AXXZ@std@@IK@Z
??_0path@filesystem@ierd_tgp@@QAEAAV012@PB_W@Z
?u8to16@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@@Z
?get_tcls_path@util_version_cfg@ierd_tgp@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV34@@Z
?u16to8@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?CPEncode@common@ierd_tgp@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@I@Z
?get_workingdir_path@Application@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetLocalVersion@util_version_cfg@ierd_tgp@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?get_proxy_config@net@ierd_tgp@@YA_NPAUproxy_config_t@12@@Z
?get_client_version_type@overseas@ierd_tgp@@YAHXZ
?get_log_instance@base@@YAPAVILogger@1@XZ
?CPEncode@common@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@I@Z
??_0path@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z

version

VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathFileExistsW

kernel32

GetCurrentThread
FlushViewOfFile
GetProcAddress
VirtualQuery
VirtualAllocEx
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentThreadId
OpenThread
SetErrorMode
ReadProcessMemory
WriteProcessMemory
SuspendThread
InitializeCriticalSection
EnterCriticalSection
WaitForMultipleObjects
CloseHandle
DuplicateHandle
CreateEventA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
CreateProcessW
SearchPathW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
GetLongPathNameW
GetLastError
GetCommandLineW
OutputDebugStringW
FreeLibrary
GetLocalTime
LoadLibraryW
OutputDebugStringA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
SetEvent
Sleep
WriteFile
ConnectNamedPipe
CreateFileW
CreateNamedPipeW
GetFileSize
FormatMessageA
LoadLibraryA
GetModuleFileNameA
CreateFileA
SetFileAttributesA
GetFileAttributesA
DeleteFileA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
UnmapViewOfFile
MapViewOfFile
GetTickCount
SleepEx
OpenFileMappingA
CreateFileMappingA
GetEnvironmentVariableA
CreateWaitableTimerA
GetSystemInfo
TlsFree
ResumeThread
SetWaitableTimer
OpenEventA
WaitForMultipleObjectsEx
ReleaseSemaphore
QueryPerformanceFrequency
TlsSetValue
TlsGetValue
TlsAlloc
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LeaveCriticalSection
IsDebuggerPresent
GetShortPathNameA
CreateDirectoryA
ReadFile

advapi32

SetSecurityDescriptorDacl
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid
AddAccessAllowedAce
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
InitializeSecurityDescriptor

msvcp140

?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xbad_function_call@std@@YAXXZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?_Syserror_map@std@@YAPBDH@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
??Bid@locale@std@@QAEIXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?is@?$ctype@_W@std@@QBE_NF_W@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?narrow@?$ctype@_W@std@@QBED_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bios_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
?exceptions@ios_base@std@@QAEXH@Z
?flags@ios_base@std@@QBEHXZ
?flags@ios_base@std@@QAEHH@Z
?precision@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

ws2_32

ntohl
closesocket
getsockopt
setsockopt
gethostbyname
ioctlsocket
__WSAFDIsSet
htons
connect
inet_addr
socket
WSAGetLastError
select
send

vcruntime140

strrchr
memcmp
__std_type_info_compare
__std_exception_destroy
__std_exception_copy
memchr
__std_type_info_destroy_list
_purecall
__CxxFrameHandler3
wcsrchr
memmove
memset
memcpy
_except_handler4_common
__std_terminate
strchr
_set_purecall_handler
__RTDynamicCast
strstr
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initterm_e
_initterm
terminate
_cexit
_set_invalid_parameter_handler
_crt_atexit
_beginthreadex
strerror
_execute_onexit_table
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_configure_narrow_argv
_initialize_narrow_environment
_errno

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
fflush
__acrt_iob_func
__stdio_common_vsnwprintf_s
fwrite
__stdio_common_vsprintf
__stdio_common_vsnprintf_s
_wfopen
fclose
__stdio_common_vfprintf
rewind
ftell
fseek
setvbuf
fread
fopen
__stdio_common_vswprintf

api-ms-win-crt-string-l1-1-0

wcscpy_s
wcslen
strlen
strncpy_s
strspn
_strdup
strncmp
_stricmp
toupper
tolower
strnlen
wcscat_s

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64
_time32
_localtime32
strftime

api-ms-win-crt-multibyte-l1-1-0

_mbscmp

api-ms-win-crt-filesystem-l1-1-0

_stat32
_access
_mkdir
rename

api-ms-win-crt-heap-l1-1-0

_callnewh
free
calloc
malloc

api-ms-win-crt-convert-l1-1-0

wcstombs
atoi

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-math-l1-1-0

_except1

Exports

Exports

??0?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@IAE@ABV01@@Z
??0?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@IAE@XZ
??0CTP_Proxy@ierd_tgp@@QAE@ABV01@@Z
??0CTP_Proxy@ierd_tgp@@QAE@XZ
??0CrashReportHelperTester@crash_report@@QAE@ABV01@@Z
??0CrashReportHelperTester@crash_report@@QAE@XZ
??0CrashReportLoader@crash_report@@AAE@XZ
??0CrashReportLoader@crash_report@@QAE@ABV01@@Z
??0Cross_helper@adapt_for_imports@ierd_tgp@@QAE@ABVpath@filesystem@2@@Z
??0Js_tdr_wrapper@adapt_for_imports@ierd_tgp@@QAE@XZ
??0LoginQ_wrapper@adapt_for_imports@ierd_tgp@@QAE@ABVpath@filesystem@2@@Z
??0Pipe@adapt_for_imports@ierd_tgp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4side_t@012@V?$function@$$A6AXV?$shared_ptr@UPacket@trans@adapt_for_imports@ierd_tgp@@@std@@@Z@4@@Z
??0Pipe_mgr@adapt_for_imports@ierd_tgp@@QAE@XZ
??0Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE@ABV012@@Z
??0Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE@XZ
??1?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@IAE@XZ
??1CTP_Proxy@ierd_tgp@@UAE@XZ
??1CrashReportHelperTester@crash_report@@QAE@XZ
??1CrashReportLoader@crash_report@@QAE@XZ
??1Cross_helper@adapt_for_imports@ierd_tgp@@QAE@XZ
??1LoginQ_wrapper@adapt_for_imports@ierd_tgp@@QAE@XZ
??1Pipe@adapt_for_imports@ierd_tgp@@QAE@XZ
??1Pipe_mgr@adapt_for_imports@ierd_tgp@@QAE@XZ
??1Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE@XZ
??4?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@IAEAAV01@ABV01@@Z
??4CTGCBugReport@GameCenter@@QAEAAV01@$$QAV01@@Z
??4CTGCBugReport@GameCenter@@QAEAAV01@ABV01@@Z
??4CTP_Proxy@ierd_tgp@@QAEAAV01@ABV01@@Z
??4CrashReportHelperTester@crash_report@@QAEAAV01@ABV01@@Z
??4CrashReportLoader@crash_report@@QAEAAV01@ABV01@@Z
??4LoginQ_wrapper@adapt_for_imports@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAEAAV012@ABV012@@Z
??4js_tdr_wrapper_instace@adapt_for_imports@ierd_tgp@@QAEAAU012@$$QAU012@@Z
??4js_tdr_wrapper_instace@adapt_for_imports@ierd_tgp@@QAEAAU012@ABU012@@Z
??_7CTP_Proxy@ierd_tgp@@6B@
??_7Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@6B@
?AddCrashReportHelperFile@CrashReportHelperTester@crash_report@@QAEHPB_W00K@Z
?AddCrashReportHelperFile@CrashReportLoader@crash_report@@QAEHPB_W00K@Z
?BinaryData2HexString@CTP_Proxy@ierd_tgp@@AAE_NPAEHPADH@Z
?GetFileVersion@CrashReportLoader@crash_report@@AAE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV34@@Z
?GetFileVersionInfoA@CTGCBugReport@GameCenter@@SAHPB_WPAUtagVS_FIXEDFILEINFO@@@Z
?GetRootPath@CTP_Proxy@ierd_tgp@@AAE_NPADH@Z
?GetVersionInfo@CTGCBugReport@GameCenter@@SAHPAUtagVS_FIXEDFILEINFO@@@Z
?GetWorkPath@CTGCBugReport@GameCenter@@SAHPA_WK@Z
?Init@CTGCBugReport@GameCenter@@SAXP6AXXZ0PB_W@Z
?Init@CrashReportHelperTester@crash_report@@QAE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?Init@CrashReportLoader@crash_report@@QAEXPB_W_K1HP6GHPAUtagCrashReportHelperCallbackInfo@@@Z0@Z
?InitCrashReportHelper@CrashReportHelperTester@crash_report@@QAEHPAUtagCrashReportHelperConfig@@@Z
?Instance@CrashReportLoader@crash_report@@SAAAV12@XZ
?InvalidParameterHandler@CrashReportLoader@crash_report@@SAXPB_W00II@Z
?NewHandler@CrashReportLoader@crash_report@@SAHI@Z
?NotifyCrtException@CrashReportHelperTester@crash_report@@QAEHI@Z
?OnCfgUpdate@CrashReportLoader@crash_report@@QAEXV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?OnCreateInitConnectionFail@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAVIGameServerProtocalHandler@Tenio@@H@Z
?OnCreateInitConnectionSuccess@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAVIGameServerProtocalHandler@Tenio@@@Z
?OnCreateRelayConnectionFail@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAVIGameServerProtocalHandler@Tenio@@H@Z
?OnCreateRelayConnectionSuccess@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAVIGameServerProtocalHandler@Tenio@@@Z
?OnGetQueueInfo@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAVIGameServerProtocalHandler@Tenio@@PAUtagQueInfo@5@@Z
?OnMBAVerifyFail@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAD@Z
?OnMBAVerifySuccess@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXXZ
?OnMBKPicDisplay@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPADH@Z
?OnNotyfyPGItem@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPADHHQAUtagMBA_Item@@W4tagMBA_ITEM_TYPE@@@Z
?OnTconndStop@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@EAEXPAVIGameServerProtocalHandler@Tenio@@H@Z
?PureCallHandler@CrashReportLoader@crash_report@@SAXXZ
?Send@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NPAEK@Z
?SetBugReportUin@CTGCBugReport@GameCenter@@SAXKPB_W@Z
?SetCrashReportHelperCallback@CrashReportHelperTester@crash_report@@QAEHP6GHPAUtagCrashReportHelperCallbackInfo@@@ZPAX@Z
?SetCrashReportHelperOffline@CrashReportHelperTester@crash_report@@QAEHH@Z
?SetExtRptFilePath@CTGCBugReport@GameCenter@@SAHPB_W@Z
?SetExtRptFilePathInDataPath@CTGCBugReport@GameCenter@@SAHPB_W@Z
?SmartDeleteFile@CTP_Proxy@ierd_tgp@@AAEHPBD@Z
?TraceOutBinaryData@CTP_Proxy@ierd_tgp@@AAE_NPAEHPBD@Z
?Uninit@CrashReportHelperTester@crash_report@@QAE_NXZ
?Uninit@CrashReportLoader@crash_report@@QAEXXZ
?UninitCrashReportHelper@CrashReportHelperTester@crash_report@@QAEHXZ
?UpdateCrashReportHelperFullDumpConfig@CrashReportHelperTester@crash_report@@QAEHPB_W@Z
?UpdateCrashReportHelperInbarFlag@CrashReportHelperTester@crash_report@@QAEHH@Z
?UpdateCrashReportHelperUserId@CrashReportHelperTester@crash_report@@QAEH_K@Z
?UpdateInbar@CrashReportLoader@crash_report@@QAEXH@Z
?UpdateUin@CrashReportLoader@crash_report@@QAEX_K@Z
?connect@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@GABUTgp_login_info@tgpserver_proxy@3@@Z
?create_pipe@Pipe_mgr@adapt_for_imports@ierd_tgp@@QAE?AV?$weak_ptr@VPipe@adapt_for_imports@ierd_tgp@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@W4side_t@Pipe@23@V?$function@$$A6AXV?$shared_ptr@UPacket@trans@adapt_for_imports@ierd_tgp@@@std@@@Z@5@@Z
?create_unreal_signature@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NAAUTgp_login_info@tgpserver_proxy@3@@Z
?delete_map_file@CTP_Proxy@ierd_tgp@@AAEHPBD@Z
?disconnect@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NXZ
?enable_phone@Cross_helper@adapt_for_imports@ierd_tgp@@QAE_NK_N@Z
?finalize@CTP_Proxy@ierd_tgp@@UAEXXZ
?free_handler@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAEXXZ
?get_error_string@CTP_Proxy@ierd_tgp@@UAE_NPADHH@Z
?get_in_window@LoginQ_wrapper@adapt_for_imports@ierd_tgp@@QAE_NAAH@Z
?get_js_tdr_wrapper_instance@adapt_for_imports@ierd_tgp@@YAAAVJs_tdr_wrapper@12@XZ
?get_phone_enabled@Cross_helper@adapt_for_imports@ierd_tgp@@QAE_NKAA_N@Z
?get_pipe@Pipe_mgr@adapt_for_imports@ierd_tgp@@QAE?AV?$weak_ptr@VPipe@adapt_for_imports@ierd_tgp@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@@Z
?good@Pipe@adapt_for_imports@ierd_tgp@@QBE_NXZ
?hton_tdr@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NPAX0H@Z
?init@Js_tdr_wrapper@adapt_for_imports@ierd_tgp@@QAE_NXZ
?init@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NABVpath@filesystem@3@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?initialize@CTP_Proxy@ierd_tgp@@UAEHPBD0HI_N@Z
?instance@js_tdr_wrapper_instace@adapt_for_imports@ierd_tgp@@SAAAVJs_tdr_wrapper@23@XZ
?load_meta@Js_tdr_wrapper@adapt_for_imports@ierd_tgp@@AAE_NXZ
?log_formatted_pkg@Js_tdr_wrapper@adapt_for_imports@ierd_tgp@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAUtagTDRData@@@Z
?recv@CTP_Proxy@ierd_tgp@@UAEHPAXAAH@Z
?recv@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NAAUtagTDRData@@@Z
?reg_listener@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NV?$weak_ptr@VProthandler_event@adapt_for_imports@ierd_tgp@@@std@@@Z
?remove_pipe@Pipe_mgr@adapt_for_imports@ierd_tgp@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?send@CTP_Proxy@ierd_tgp@@UAEHPAXH@Z
?send@Pipe@adapt_for_imports@ierd_tgp@@QAE_NABUPacket@trans@23@@Z
?send_package@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAE_NABUtagTDRData@@@Z
?set_in_window@LoginQ_wrapper@adapt_for_imports@ierd_tgp@@QAE_NH@Z
?shared_from_this@?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@QAE?AV?$shared_ptr@VPipe@adapt_for_imports@ierd_tgp@@@2@XZ
?shared_from_this@?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@QBE?AV?$shared_ptr@$$CBVPipe@adapt_for_imports@ierd_tgp@@@2@XZ
?update@Prothandler_wrapper_v2@adapt_for_imports@ierd_tgp@@QAEXN@Z
?weak_from_this@?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@QAE?AV?$weak_ptr@VPipe@adapt_for_imports@ierd_tgp@@@2@XZ
?weak_from_this@?$enable_shared_from_this@VPipe@adapt_for_imports@ierd_tgp@@@std@@QBE?AV?$weak_ptr@$$CBVPipe@adapt_for_imports@ierd_tgp@@@2@XZ
ctp
rtp

Sections

.text
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
virus/H7Ucs/rPcDo~m7/common.dll
.dll windows:5 windows x86 arch:x86

e9a8414b4c66192f35d21736ab1fa1f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ReadFile
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GetSystemTimeAsFileTime
HeapReAlloc
HeapQueryInformation
HeapSize
WriteConsoleW
ExitThread
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
RaiseException
RtlUnwind
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
GetNumberFormatW
GetWindowsDirectoryW
SearchPathW
Sleep
GetProfileIntW
GetTickCount
InitializeCriticalSectionAndSpinCount
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
FileTimeToSystemTime
lstrlenA
CreateThread
GlobalGetAtomNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
CreateFileW
lstrcmpiW
FreeResource
GlobalFindAtomW
GetVersionExW
lstrcpyW
DeleteFileW
InterlockedIncrement
CopyFileW
GlobalSize
FormatMessageW
CompareStringW
GlobalFlags
MulDiv
GetCurrentDirectoryW
SetErrorMode
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileIntW
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameW
GetLocaleInfoW
ActivateActCtx
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
InterlockedExchange
FreeLibrary
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
CreateFileA
GetFileSize

user32

EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
LoadImageW
InsertMenuItemW
TranslateAcceleratorW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
OffsetRect
IsRectEmpty
IntersectRect
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
DestroyIcon
IsIconic
ShowWindow
MoveWindow
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
RegisterClipboardFormatW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetSysColorBrush
GetClassInfoW
DefWindowProcW
MapWindowPoints
GetClientRect
LoadCursorW
SetLayeredWindowAttributes
GetSystemMetrics
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetMenuStringW
AppendMenuW
GetMenuItemID
GetSubMenu
RemoveMenu
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetIconInfo
IsCharLowerW
GetKeyNameTextW
GetWindowRgn
DestroyCursor
DrawIcon
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
MapDialogRect
GetNextDlgGroupItem
HideCaret
InvertRect
SubtractRect
LoadIconW
MapVirtualKeyExW
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
InsertMenuW
GetMenuItemCount
DeleteMenu
UnregisterClassW
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
MessageBoxA
FindWindowW
RedrawWindow

gdi32

CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
SetRectRgn
CombineRgn
PatBlt
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
CreateDCW
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateHatchBrush
CopyMetaFileW
SetViewportOrgEx
CreateSolidBrush
CreatePen
GetDeviceCaps
SetWindowOrgEx
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
Rectangle
CreateBitmap
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectW
CreateRectRgn
SelectClipRgn
DeleteObject
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
OffsetWindowOrgEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey
RegEnumValueW

shell32

SHGetFileInfoW
ShellExecuteW
DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecA
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoTaskMemFree
CoCreateGuid

oleaut32

SysFreeString
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Exports

Exports

??$json_value_to_obj@H@@YAHABVValue@Json@@AAH@Z
??$json_value_to_obj@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@@YAHABVValue@Json@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$json_value_to_obj@Vjsonb_LPVOID@@@@YAHABVValue@Json@@AAVjsonb_LPVOID@@@Z
??$json_value_to_obj@Vjsonb_bool@@@@YAHABVValue@Json@@AAVjsonb_bool@@@Z
??$json_value_to_obj@Vjsonb_double@@@@YAHABVValue@Json@@AAVjsonb_double@@@Z
??$json_value_to_obj@Vjsonb_int64@@@@YAHABVValue@Json@@AAVjsonb_int64@@@Z
??$json_value_to_obj@Vjsonb_int@@@@YAHABVValue@Json@@AAVjsonb_int@@@Z
??$json_value_to_obj@Vjsonb_uint64@@@@YAHABVValue@Json@@AAVjsonb_uint64@@@Z
??$json_value_to_obj@_K@@YAHABVValue@Json@@AA_K@Z
??$obj_to_json_value@H@@YAHAAVValue@Json@@AAH@Z
??$obj_to_json_value@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@@YAHAAVValue@Json@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$obj_to_json_value@Vjsonb_LPVOID@@@@YAHAAVValue@Json@@AAVjsonb_LPVOID@@@Z
??$obj_to_json_value@Vjsonb_bool@@@@YAHAAVValue@Json@@AAVjsonb_bool@@@Z
??$obj_to_json_value@Vjsonb_double@@@@YAHAAVValue@Json@@AAVjsonb_double@@@Z
??$obj_to_json_value@Vjsonb_int64@@@@YAHAAVValue@Json@@AAVjsonb_int64@@@Z
??$obj_to_json_value@Vjsonb_int@@@@YAHAAVValue@Json@@AAVjsonb_int@@@Z
??$obj_to_json_value@Vjsonb_uint64@@@@YAHAAVValue@Json@@AAVjsonb_uint64@@@Z
??$obj_to_json_value@_K@@YAHAAVValue@Json@@AA_K@Z
??0Application@common@ierd_tgp@@QAE@HQAPAD_NKK1ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Asy_udp@common@ierd_tgp@@QAE@XZ
??0BaseNamedPipe@base@@QAE@$$QAV01@@Z
??0BaseNamedPipe@base@@QAE@ABV01@@Z
??0BaseNamedPipe@base@@QAE@XZ
??0BaseTimer@base@@QAE@XZ
??0CLogTrace@@IAE@XZ
??0CLogTrace@@QAE@ABV0@@Z
??0CPerfSample@@QAE@PBD@Z
??0CShareMem@@QAE@ABV0@@Z
??0CShareMem@@QAE@XZ
??0CSimpleIPC@@QAE@ABV0@@Z
??0CSimpleIPC@@QAE@XZ
??0CSymmetryString@ieg_common@@QAE@ABV01@@Z
??0CSymmetryString@ieg_common@@QAE@XZ
??0CThread@@QAE@ABV0@@Z
??0CThread@@QAE@XZ
??0CThreadLock@@QAE@XZ
??0ChildProcess@common@ierd_tgp@@QAE@PBD@Z
??0Component_mgr@common@ierd_tgp@@AAE@XZ
??0Component_mgr@common@ierd_tgp@@QAE@$$QAV012@@Z
??0Component_mgr@common@ierd_tgp@@QAE@ABV012@@Z
??0CurlWrapper@curl_wrapper@ierd_tgp@@AAE@XZ
??0DumpManager@common@ierd_tgp@@AAE@XZ
??0ILogger@base@@QAE@ABV01@@Z
??0ILogger@base@@QAE@XZ
??0InfoTraceSystem@trace_system@ierd_tgp@@QAE@XZ
??0PerfScopeClass@common@ierd_tgp@@QAE@PBD_N0@Z
??0Qos@qos@adapt_for_imports@ierd_tgp@@QAE@XZ
??0ShareMemory@Memory@ierd_tgp@@QAE@PB_WK@Z
??0Shared_mem_obj@acce_common@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I0_N@Z
??0Shared_mem_obj@common@ierd_tgp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I0_N@Z
??0Syn_tcp@common@ierd_tgp@@QAE@XZ
??0Sys_wrapper@common@ierd_tgp@@QAE@XZ
??0Tcp_port_detect@game_misc@ierd_tgp@@QAE@XZ
??0WndMsg@common@ierd_tgp@@QAE@IIJ@Z
??0WndMsgReceiver2@Tenio@@QAE@$$QAV01@@Z
??0WndMsgReceiver2@Tenio@@QAE@ABV01@@Z
??0WndMsgReceiver2@Tenio@@QAE@XZ
??0WndMsgReceiver@Tenio@@QAE@ABV01@@Z
??0WndMsgReceiver@Tenio@@QAE@XZ
??0directory_entry@filesystem@ierd_tgp@@QAE@ABV012@@Z
??0directory_entry@filesystem@ierd_tgp@@QAE@ABVpath@12@@Z
??0directory_entry@filesystem@ierd_tgp@@QAE@XZ
??0directory_iterator@filesystem@ierd_tgp@@QAE@ABV012@@Z
??0directory_iterator@filesystem@ierd_tgp@@QAE@ABVpath@12@@Z
??0directory_iterator@filesystem@ierd_tgp@@QAE@ABVpath@12@AAVerror_code@std@@@Z
??0directory_iterator@filesystem@ierd_tgp@@QAE@XZ
??0file_status@filesystem@ierd_tgp@@QAE@$$QAV012@@Z
??0file_status@filesystem@ierd_tgp@@QAE@ABV012@@Z
??0file_status@filesystem@ierd_tgp@@QAE@W4file_type@12@@Z
??0file_status@filesystem@ierd_tgp@@QAE@W4file_type@12@W4perms@12@@Z
??0file_status@filesystem@ierd_tgp@@QAE@XZ
??0iterator@path@filesystem@ierd_tgp@@QAE@$$QAV0123@@Z
??0iterator@path@filesystem@ierd_tgp@@QAE@ABV0123@@Z
??0iterator@path@filesystem@ierd_tgp@@QAE@XZ
??0md5@@QAE@XZ
??0path@filesystem@ierd_tgp@@QAE@$$QAV012@@Z
??0path@filesystem@ierd_tgp@@QAE@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0path@filesystem@ierd_tgp@@QAE@ABV012@@Z
??0path@filesystem@ierd_tgp@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0path@filesystem@ierd_tgp@@QAE@PA_W@Z
??0path@filesystem@ierd_tgp@@QAE@PB_W@Z
??0path@filesystem@ierd_tgp@@QAE@XZ
??0port_scan@game_misc@ierd_tgp@@QAE@XZ
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@$$QAV012@@Z
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@ABV012@@Z
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@ABVpath@12@@Z
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@ABVpath@12@AAVerror_code@std@@@Z
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@ABVpath@12@W4symlink_option@12@@Z
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@ABVpath@12@W4symlink_option@12@AAVerror_code@std@@@Z
??0recursive_directory_iterator@filesystem@ierd_tgp@@QAE@XZ
??0server_detect@game_misc@ierd_tgp@@QAE@XZ
??1Application@common@ierd_tgp@@UAE@XZ
??1Asy_udp@common@ierd_tgp@@QAE@XZ
??1BaseTimer@base@@QAE@XZ
??1CLogTrace@@IAE@XZ
??1CPerfSample@@QAE@XZ
??1CShareMem@@QAE@XZ
??1CSimpleIPC@@QAE@XZ
??1CSymmetryString@ieg_common@@UAE@XZ
??1CThread@@UAE@XZ
??1CThreadLock@@QAE@XZ
??1ChildProcess@common@ierd_tgp@@QAE@XZ
??1DumpManager@common@ierd_tgp@@QAE@XZ
??1ILogger@base@@UAE@XZ
??1InfoTraceSystem@trace_system@ierd_tgp@@QAE@XZ
??1PerfScopeClass@common@ierd_tgp@@QAE@XZ
??1Qos@qos@adapt_for_imports@ierd_tgp@@QAE@XZ
??1ShareMemory@Memory@ierd_tgp@@QAE@XZ
??1Shared_mem_obj@acce_common@@QAE@XZ
??1Shared_mem_obj@common@ierd_tgp@@QAE@XZ
??1Syn_tcp@common@ierd_tgp@@QAE@XZ
??1Tcp_port_detect@game_misc@ierd_tgp@@QAE@XZ
??1WndMsgReceiver2@Tenio@@QAE@XZ
??1WndMsgReceiver@Tenio@@QAE@XZ
??1directory_entry@filesystem@ierd_tgp@@QAE@XZ
??1directory_iterator@filesystem@ierd_tgp@@QAE@XZ
??1iterator@path@filesystem@ierd_tgp@@QAE@XZ
??1path@filesystem@ierd_tgp@@QAE@XZ
??1port_scan@game_misc@ierd_tgp@@QAE@XZ
??1recursive_directory_iterator@filesystem@ierd_tgp@@QAE@XZ
??1server_detect@game_misc@ierd_tgp@@QAE@XZ
??4AS_communication_helper@common@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4AS_communication_helper@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Asy_udp@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4BaseNamedPipe@base@@QAEAAV01@$$QAV01@@Z
??4BaseNamedPipe@base@@QAEAAV01@ABV01@@Z
??4BaseTimer@base@@QAEAAV01@ABV01@@Z
??4CLogTrace@@QAEAAV0@ABV0@@Z
??4CPerfSample@@QAEAAU0@ABU0@@Z
??4CShareMem@@QAEAAV0@ABV0@@Z
??4CSimpleIPC@@QAEAAV0@ABV0@@Z
??4CSymmetryString@ieg_common@@QAEAAV01@ABV01@@Z
??4CThread@@QAEAAV0@ABV0@@Z
??4CThreadLock@@QAEAAV0@ABV0@@Z
??4ChildProcess@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Component_mgr@common@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4Component_mgr@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4DumpManager@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4File_info@common@ierd_tgp@@QAEAAU012@$$QAU012@@Z
??4File_info@common@ierd_tgp@@QAEAAU012@ABU012@@Z
??4ILogger@base@@QAEAAV01@ABV01@@Z
??4InfoTraceSystem@trace_system@ierd_tgp@@QAEAAV012@ABV012@@Z
??4PerfScopeClass@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Shared_mem_obj@acce_common@@QAEAAV01@ABV01@@Z
??4Shared_mem_obj@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Syn_tcp@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Sys_wrapper@common@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4Sys_wrapper@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4Tcp_port_detect@game_misc@ierd_tgp@@QAEAAV012@ABV012@@Z
??4WndMsg@common@ierd_tgp@@QAEAAU012@$$QAU012@@Z
??4WndMsg@common@ierd_tgp@@QAEAAU012@ABU012@@Z
??4WndMsgReceiver2@Tenio@@QAEAAV01@$$QAV01@@Z
??4WndMsgReceiver2@Tenio@@QAEAAV01@ABV01@@Z
??4WndMsgReceiver@Tenio@@QAEAAV01@ABV01@@Z
??4comp_mgr_instace@common@ierd_tgp@@QAEAAU012@$$QAU012@@Z
??4comp_mgr_instace@common@ierd_tgp@@QAEAAU012@ABU012@@Z
??4directory_entry@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??4directory_iterator@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??4file_status@filesystem@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4file_status@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??4iterator@path@filesystem@ierd_tgp@@QAEAAV0123@$$QAV0123@@Z
??4iterator@path@filesystem@ierd_tgp@@QAEAAV0123@ABV0123@@Z
??4md5@@QAEAAV0@$$QAV0@@Z
??4md5@@QAEAAV0@ABV0@@Z
??4path@filesystem@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4path@filesystem@ierd_tgp@@QAEAAV012@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??4path@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??4path@filesystem@ierd_tgp@@QAEAAV012@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??4path@filesystem@ierd_tgp@@QAEAAV012@PA_W@Z
??4path@filesystem@ierd_tgp@@QAEAAV012@PB_W@Z
??4port_scan@game_misc@ierd_tgp@@QAEAAV012@ABV012@@Z
??4qos_instace@qos@adapt_for_imports@ierd_tgp@@QAEAAU0123@$$QAU0123@@Z
??4qos_instace@qos@adapt_for_imports@ierd_tgp@@QAEAAU0123@ABU0123@@Z
??4recursive_directory_iterator@filesystem@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4recursive_directory_iterator@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??4server_detect@game_misc@ierd_tgp@@QAEAAV012@ABV012@@Z
??4silence_update@common@ierd_tgp@@QAEAAV012@$$QAV012@@Z
??4silence_update@common@ierd_tgp@@QAEAAV012@ABV012@@Z
??4version_t@common@ierd_tgp@@QAEAAU012@$$QAU012@@Z
??4version_t@common@ierd_tgp@@QAEAAU012@ABU012@@Z
??8directory_entry@filesystem@ierd_tgp@@QBE_NABV012@@Z
??8directory_iterator@filesystem@ierd_tgp@@QAE_NABV012@@Z
??8file_status@filesystem@ierd_tgp@@QBE_NABV012@@Z
??8recursive_directory_iterator@filesystem@ierd_tgp@@QAE_NABV012@@Z
??9directory_entry@filesystem@ierd_tgp@@QBE_NABV012@@Z
??9directory_iterator@filesystem@ierd_tgp@@QAE_NABV012@@Z
??9file_status@filesystem@ierd_tgp@@QBE_NABV012@@Z
??9recursive_directory_iterator@filesystem@ierd_tgp@@QAE_NABV012@@Z
??Bdirectory_entry@filesystem@ierd_tgp@@QBEABVpath@12@XZ
??Cdirectory_iterator@filesystem@ierd_tgp@@QBEPBVdirectory_entry@12@XZ
??Citerator@path@filesystem@ierd_tgp@@QBEPBV123@XZ
??Crecursive_directory_iterator@filesystem@ierd_tgp@@QBEPBVdirectory_entry@12@XZ
??Ddirectory_iterator@filesystem@ierd_tgp@@QBEABVdirectory_entry@12@XZ
??Diterator@path@filesystem@ierd_tgp@@QBEABV123@XZ
??Drecursive_directory_iterator@filesystem@ierd_tgp@@QBEABVdirectory_entry@12@XZ
??Edirectory_iterator@filesystem@ierd_tgp@@QAEAAV012@XZ
??Eiterator@path@filesystem@ierd_tgp@@QAEAAV0123@XZ
??Erecursive_directory_iterator@filesystem@ierd_tgp@@QAEAAV012@XZ
??Fiterator@path@filesystem@ierd_tgp@@QAEAAV0123@XZ
??Mversion_t@common@ierd_tgp@@QAE_NU012@@Z
??Oversion_t@common@ierd_tgp@@QAE_NU012@@Z
??Ypath@filesystem@ierd_tgp@@QAEAAV012@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??Ypath@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??Ypath@filesystem@ierd_tgp@@QAEAAV012@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??Ypath@filesystem@ierd_tgp@@QAEAAV012@PA_W@Z
??Ypath@filesystem@ierd_tgp@@QAEAAV012@PB_W@Z
??Ypath@filesystem@ierd_tgp@@QAEAAV012@_W@Z
??_0path@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??_0path@filesystem@ierd_tgp@@QAEAAV012@PB_W@Z
??_7Application@common@ierd_tgp@@6B@
??_7BaseNamedPipe@base@@6B@
??_7CSimpleIPC@@6B@
??_7CSymmetryString@ieg_common@@6B@
??_7CThread@@6B@
??_7Component_mgr@common@ierd_tgp@@6B@
??_7ILogger@base@@6B@
??_7WndMsgReceiver2@Tenio@@6B@
??_7WndMsgReceiver@Tenio@@6B@
?AddFilesToZip@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$unordered_map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$hash@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@U?$equal_to@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@4@@Z
?AddFilesToZip@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@@Z
?AddFilesToZip@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$unordered_map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@U?$hash@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@U?$equal_to@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@std@@@2@@4@_N@Z
?AddFilesToZip@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@4@@Z
?AddPathSlashW@silence_update@common@ierd_tgp@@KAHAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?BeginTrace@CLogTrace@@QAEXPBD@Z
?BeginTrace@PerfScopeClass@common@ierd_tgp@@QAEXXZ
?CPEncode@common@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@I@Z
?CPEncode@common@ierd_tgp@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@I@Z
?CanExit@Component_mgr@common@ierd_tgp@@UAE_NXZ
?ChangeProcessImageName@Sys_wrapper@common@ierd_tgp@@SA_NPAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?CheckIsNetworkValid@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?CheckLogFile@CLogTrace@@AAEXXZ
?ClearIPCInfo@CSimpleIPC@@AAEXXZ
?Close@ShareMemory@Memory@ierd_tgp@@QAEXXZ
?CloseZipU@@YAKPAUHZIP__@@@Z
?ConvertJsonStringToQos@qos@adapt_for_imports@ierd_tgp@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAUtagQOSRep@@@Z
?ConvertNtPathToDrivePath@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V45@@Z
?ConvertQosToJsonString@qos@adapt_for_imports@ierd_tgp@@YAXABUtagQOSRep@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?CopyDir@Sys_wrapper@common@ierd_tgp@@SA_NABVpath@filesystem@3@0@Z
?CovertToTPLangValue@overseas@ierd_tgp@@YAHH@Z
?CreatDesktopShortcut@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@00000@Z
?Create@CShareMem@@QAEHPBDH@Z
?Create@CSimpleIPC@@QAEHHPBD@Z
?Create@ShareMemory@Memory@ierd_tgp@@QAEHH@Z
?CreateDirectoryRecursively@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?CreateNamePipe@BaseNamedPipe@base@@SA?AV?$shared_ptr@VBaseNamedPipe@base@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@_NP6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@PBDI1@Z1@Z
?CreateUserLogger@base@@YAPAVILogger@1@XZ
?CreateWnd@WndMsgReceiver2@Tenio@@UAEPAUHWND__@@PBD@Z
?CreateWnd@WndMsgReceiver@Tenio@@EAEPAUHWND__@@PBD@Z
?CreateWndImpl@WndMsgReceiver@Tenio@@IAEPAUHWND__@@PBDP6GJPAU3@IIJ@Z@Z
?CreateXMLConfig@common@ierd_tgp@@YAPAVCTXMLConfig@12@XZ
?CutStringByMaxCharacters@common@ierd_tgp@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?CutStringByMaxCharactersEx@common@ierd_tgp@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?DESDecrypt@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV12@PBDW4EPadType@@W4EDESMode@@@Z
?DESEncrypt@@YA_NPBDAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0W4EPadType@@W4EDESMode@@@Z
?Decode16@common@ierd_tgp@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAXI@Z
?Decode@md5@@AAEXPAIPAEI@Z
?DelOldSilenceUpdate@silence_update@common@ierd_tgp@@SAXPB_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@K_N@Z
?DeleteExpiredFiles@common@ierd_tgp@@YAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@00I_K@Z
?DeleteFileA@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Destroy@CShareMem@@QAEXXZ
?Destroy@CSimpleIPC@@QAEXXZ
?DestroyWnd@WndMsgReceiver@Tenio@@AAE_NPAUHWND__@@@Z
?Digest@md5@@QAEPAEXZ
?DumpNow@DumpManager@common@ierd_tgp@@QAE_NW4EnumInfoLevel@123@_NPAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@6@K@Z
?DynLoadStr@overseas@ierd_tgp@@YAPB_WV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?EnableDebugPriv@Sys_wrapper@common@ierd_tgp@@SAHXZ
?EnableDynamicPeekMessage@Application@common@ierd_tgp@@QAEX_N@Z
?EnableFileAccountPrivilege@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0@Z
?Encode16@common@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBXI@Z
?Encode@md5@@AAEXPAEPAII@Z
?EndTrace@CLogTrace@@QAEXPBDH@Z
?EndTrace@PerfScopeClass@common@ierd_tgp@@QAEXXZ
?EndsWith@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_N@Z
?EndsWith@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0_N@Z
?EnterLowPowerMode@Application@common@ierd_tgp@@QAEXXZ
?EnterNormalMode@Application@common@ierd_tgp@@QAEXXZ
?Exists@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Exists@Sys_wrapper@common@ierd_tgp@@SA_NABVpath@filesystem@3@@Z
?ExtractFilePathAndNameW@silence_update@common@ierd_tgp@@KAHPB_WAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@1@Z
?ExtractFromUrlProtocol@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0AAV45@@Z
?ExtractFromUrlProtocol@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAV45@@Z
?F@md5@@AAEIIII@Z
?FF@md5@@AAEXAAIIIIIII@Z
?FileHasVMP@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAW4type@ImageArchitectureType@12@PAW45ShellType@12@@Z
?FileSeek@@YA_JPAX_JK@Z
?Finalize@md5@@QAEXXZ
?FindChildProcess@Sys_wrapper@common@ierd_tgp@@SAPAXK@Z
?FindFile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?FindFirstFileW_fixed_remote@Sys_wrapper@common@ierd_tgp@@SAPAXPB_WPAU_WIN32_FIND_DATAW@@@Z
?FindLatestFile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV45@HK@Z
?FindZipItem@@YAKPAUHZIP__@@PB_W_NPAHPAUZIPENTRY@@@Z
?FormatZipMessageU@@YAIKPA_WI@Z
?FreeTrace@CLogTrace@@SAXXZ
?G@md5@@AAEIIII@Z
?GG@md5@@AAEXAAIIIIIII@Z
?GeneralExptTrace@common@ierd_tgp@@YAXV_TGameID@12@IHIIIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N1ABV?$vector@HV?$allocator@H@std@@@5@ABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@5@ABV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@5@@Z
?GenerateRandomData@common@ierd_tgp@@YA_NPAEI@Z
?GenerateUniqueMemLog@common@ierd_tgp@@YA_NPAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?GetAfterTimePairSecond@InfoTraceSystem@trace_system@ierd_tgp@@QAE?AU?$pair@II@std@@I@Z
?GetAllDriveInfo@Sys_wrapper@common@ierd_tgp@@SAXPAV?$vector@UDriveInfo@common@ierd_tgp@@V?$allocator@UDriveInfo@common@ierd_tgp@@@std@@@std@@@Z
?GetAtQuitQosData@Qos@qos@adapt_for_imports@ierd_tgp@@QAE_NPAPAX@Z
?GetAutoRunRegKeyW@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetBaseBoardByCmd@Sys_wrapper@common@ierd_tgp@@SAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV45@@Z
?GetBuffer@ShareMemory@Memory@ierd_tgp@@QBEPAEXZ
?GetCertificateSubjectName@common@ierd_tgp@@YAHPB_WAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAK1@Z
?GetCmdOutput@common@ierd_tgp@@YAHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?GetCpuNo@Sys_wrapper@common@ierd_tgp@@SAHXZ
?GetCrashInfo@Qos@qos@adapt_for_imports@ierd_tgp@@QAE_NPAUCrashInfo@234@@Z
?GetCurrentStage@Qos@qos@adapt_for_imports@ierd_tgp@@QAE?AW4ProcessStage@234@XZ
?GetDateOfTimeStamp@Sys_wrapper@common@ierd_tgp@@SAHPAU_CMSG_SIGNER_INFO@@PAU_FILETIME@@@Z
?GetDoMainStr@overseas@ierd_tgp@@YAPBDV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetDownLoadAndSetupDefDirNameW@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetDriveLetter@Sys_wrapper@common@ierd_tgp@@SA_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetEnCryptLength@CSymmetryString@ieg_common@@SAHH@Z
?GetErrorCode@InfoTraceSystem@trace_system@ierd_tgp@@QBE?AW4EnumTraceSystemErrorCode@23@XZ
?GetErrorInfo@common@ierd_tgp@@YAIIPA_WI@Z
?GetExitCode@ChildProcess@common@ierd_tgp@@QAEKXZ
?GetFileBuffer@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?GetFileCRC@common@ierd_tgp@@YAIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?GetFileLength@common@ierd_tgp@@YA_KABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetFileSha1@ZEN_LIB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?GetFileSha1@ZEN_LIB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@3@@Z
?GetFolderSize@common@ierd_tgp@@YA_KABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetGraphicCardSize@Sys_wrapper@common@ierd_tgp@@SAHXZ
?GetGuidString@common@ierd_tgp@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetHWnd@WndMsgReceiver@Tenio@@QAEPAUHWND__@@XZ
?GetHandle@CThread@@QAEPAXXZ
?GetHandle@ChildProcess@common@ierd_tgp@@QBEPAXXZ
?GetIEUserAgent@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetInstance@InfoTraceSystem@trace_system@ierd_tgp@@SAAAV123@XZ
?GetInterval@BaseTimer@base@@QAEIXZ
?GetLastLoginedUin@common@ierd_tgp@@YA_KXZ
?GetLastLoginedWegameId@common@ierd_tgp@@YAIXZ
?GetLastTickElapse@Application@common@ierd_tgp@@QAEIXZ
?GetLastUnzipError@@YAKXZ
?GetLastZipError@common@ierd_tgp@@YAIXZ
?GetLocalMmogVersion@util_version_cfg@ierd_tgp@@YAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetLocalVersion@util_version_cfg@ierd_tgp@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?GetLogRelativePath@common@ierd_tgp@@YA_NW4EnumTgpLogType@12@PAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetLoggerLevel@common@ierd_tgp@@YAHXZ
?GetLuaPluginPath@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W0@Z
?GetMD5@common@ierd_tgp@@YAXPBD0@Z
?GetOutput@ChildProcess@common@ierd_tgp@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetPathList@Sys_wrapper@common@ierd_tgp@@SA_NABVpath@filesystem@3@ABV?$basic_regex@DV?$regex_traits@D@std@@@std@@PAV?$vector@Vpath@filesystem@ierd_tgp@@V?$allocator@Vpath@filesystem@ierd_tgp@@@std@@@7@_N3@Z
?GetPrivateKey@common@ierd_tgp@@YA?BV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?GetQQList@common@ierd_tgp@@YAHAAV?$vector@KV?$allocator@K@std@@@std@@@Z
?GetQQLoginList@common@ierd_tgp@@YAXAAKPADH@Z
?GetRefererFromUrl@common@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@_N@Z
?GetRootPathToLua@common@ierd_tgp@@YAPBDXZ
?GetSaltKey@common@ierd_tgp@@YA?BV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@I@Z
?GetSecFromFileTime@Sys_wrapper@common@ierd_tgp@@SA_KKK@Z
?GetSha1@ZEN_LIB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_istream@DU?$char_traits@D@std@@@3@@Z
?GetSha1Parts@ZEN_LIB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_istream@DU?$char_traits@D@std@@@3@IAAV?$map@_KUSha1Part@ZEN_LIB@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUSha1Part@ZEN_LIB@@@std@@@4@@3@V?$function@$$A6AX_K0@Z@3@@Z
?GetSha1Parts@ZEN_LIB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@IAAV?$map@_KUSha1Part@ZEN_LIB@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUSha1Part@ZEN_LIB@@@std@@@4@@3@V?$function@$$A6AX_K0@Z@3@@Z
?GetSize@ShareMemory@Memory@ierd_tgp@@QBEKXZ
?GetStatus@BaseTimer@base@@QAE?AW4TimerStatus@2@XZ
?GetStrValueFromReg@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAUHKEY__@@ABV45@1_N@Z
?GetStringCharacters@common@ierd_tgp@@YAIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetSystemAvgCpuUsage@Sys_wrapper@common@ierd_tgp@@SAHXZ
?GetSystemResolution@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTenioDLPath@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTgpId@InfoTraceSystem@trace_system@ierd_tgp@@QAEIXZ
?GetTgpWorkState@common@ierd_tgp@@YA?AW4EnumTgpTaskState@12@XZ
?GetTimeStampSignerInfo@Sys_wrapper@common@ierd_tgp@@SAHPAU_CMSG_SIGNER_INFO@@PAPAU4@PAU_FILETIME@@@Z
?GetTodayDateStr@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTpfUiVfsPath@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTrace@CLogTrace@@SAPAV1@XZ
?GetTraceIdByType@InfoTraceSystem@trace_system@ierd_tgp@@QAEII@Z
?GetTraceInstanceID@InfoTraceSystem@trace_system@ierd_tgp@@QAE_K_KII@Z
?GetUIN@InfoTraceSystem@trace_system@ierd_tgp@@QAEIXZ
?GetUpdatedFilePath@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W0@Z
?GetUpdatedFilePathEx@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W0AAK@Z
?GetUpdatedFilePathv2@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W00AAK@Z
?GetUrlProtocolFromCMD@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV45@@Z
?GetUrlProtocolFromCMD@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetWeGameADVirtualPathA@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetWeGameADVirtualPathW@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetWeGameAppDataPathW@Sys_wrapper@common@ierd_tgp@@SA_NAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetWeGameInstallRegPathA@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetWeGameInstallRegPathW@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetWegameProcessCount@util_multi_instance@ierd_tgp@@YAHXZ
?GetXMLDataInt@common@ierd_tgp@@YAHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBEI0H@Z
?GetXMLDataStr@common@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@PBEI0ABV34@@Z
?GetXMLDataStr@common@ierd_tgp@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV34@PBEI00@Z
?GetZipItem@@YAKPAUHZIP__@@HPAUZIPENTRY@@@Z
?H@md5@@AAEIIII@Z
?HH@md5@@AAEXAAIIIIIII@Z
?HasModalExist@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?I@md5@@AAEIIII@Z
?II@md5@@AAEXAAIIIIIII@Z
?Init@CurlWrapper@curl_wrapper@ierd_tgp@@QAEXXZ
?Init@DumpManager@common@ierd_tgp@@QAEXII@Z
?Init@InfoTraceSystem@trace_system@ierd_tgp@@QAE_N_NV?$weak_ptr@VIInfoTraceSystemListener@trace_system@ierd_tgp@@@std@@@Z
?Init@WndMsgReceiver@Tenio@@QAE_NPBD@Z
?Init@md5@@QAEXXZ
?InitMainThreadWarningComponent@common@ierd_tgp@@YAX_NIIII0@Z
?Instance@CurlWrapper@curl_wrapper@ierd_tgp@@SAAAV123@XZ
?Instance@DumpManager@common@ierd_tgp@@SAAAV123@XZ
?Is64BitProcess@Sys_wrapper@common@ierd_tgp@@SA_NPAX@Z
?Is64Bit_OS@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsCJKChar@common@ierd_tgp@@YAH_W@Z
?IsDirectoryExist@common@ierd_tgp@@YA_NPBD@Z
?IsHighThanWin7@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsInited@WndMsgReceiver@Tenio@@QAE_NXZ
?IsLaptop@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsOpen@ShareMemory@Memory@ierd_tgp@@QBEHXZ
?IsOverseasVer@overseas@ierd_tgp@@YAHXZ
?IsPathPure@common@ierd_tgp@@YA_NPBD@Z
?IsProcessRunning@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@5@@Z
?IsSSDDrive@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?IsStartFromUrlProtocol@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsSubWegameProcess@util_multi_instance@ierd_tgp@@YA_NXZ
?IsSuspend@CThread@@QAEHXZ
?IsUrlIp@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?IsWin10_OS@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsWin7@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsWow64@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsXpOs@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?IsZipHandleU@@YA_NPAUHZIP__@@@Z
?JsonAddQosTask@qos@adapt_for_imports@ierd_tgp@@YAXABUtagQOSRep@@AB_N_N@Z
?KillAllProcess@Sys_wrapper@common@ierd_tgp@@SA_NAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?LoadIconForOversea@overseas@ierd_tgp@@YAPAUHICON__@@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?LoadStr@overseas@ierd_tgp@@YAPB_WV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?Lock@CShareMem@@QAEPAXAAH@Z
?Lock@CThreadLock@@QAEHH@Z
?LockUserMem@CSimpleIPC@@IAEPAXAAH@Z
?LogFilter@CLogTrace@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?LuaGetFileSize@common@ierd_tgp@@YA_JPBD@Z
?LuaRemoveFile@common@ierd_tgp@@YA_NPBD@Z
?MD5BigFileSafe@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@PAV12@@Z
?MD5Buffer@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PADI@Z
?MD5File@@YAPADPB_W@Z
?MD5FileChunk@@YAKABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@_J1AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?MD5FileSafe@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?MD5String2Hex@@YAXPADPBDH@Z
?MD5String@@YAPADPAD@Z
?MD5StringEx@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?MainThreadTaskUpdate@common@ierd_tgp@@YAXXZ
?ModifyFileAccessTrustee@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0_N@Z
?MonitorDump@DumpManager@common@ierd_tgp@@QAE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@W4EnumInfoLevel@123@_NK@Z
?MovDirToDir@common@ierd_tgp@@YAXPBD0H0@Z
?Notify@CSimpleIPC@@QAEHKKPAXH@Z
?Notify@CSimpleIPC@@QAEHKPAXH@Z
?OnIPCNotify@CSimpleIPC@@MAEXKPAXH@Z
?OnIPCWndMsg@CSimpleIPC@@AAEJPAUHWND__@@IIJ@Z
?OnRecvMsg@WndMsgReceiver2@Tenio@@EAEXPAUHWND__@@IIJ@Z
?OnUserMsg@CSimpleIPC@@MAEXIIJ@Z
?Open@ShareMemory@Memory@ierd_tgp@@QAEHXZ
?OpenProcessIdByName@Sys_wrapper@common@ierd_tgp@@SAPAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?OpenRegKey@common@ierd_tgp@@YA_NHPBD_NPAULuaHelperRegKey@12@@Z
?OpenZip@@YAPAUHZIP__@@PAXIPBD@Z
?OpenZip@@YAPAUHZIP__@@PB_WPBD@Z
?OpenZipHandle@@YAPAUHZIP__@@PAXPBD@Z
?ParseTime@common@ierd_tgp@@YA_JABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?PostMainThreadTask@common@ierd_tgp@@YAXV?$function@$$A6AXXZ@std@@V?$shared_ptr@X@4@@Z
?PostMainThreadTaskv2@common@ierd_tgp@@YA_NV?$function@$$A6AXXZ@std@@V?$shared_ptr@X@4@@Z
?PrefetchImage@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?PrintMD5@@YAPADQAE@Z
?PrintMD5Ex@@YAXQAEAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ProcIPCMsg@CSimpleIPC@@AAEXPAUTCOPYDATA@1@@Z
?PushAsyncTask@common@ierd_tgp@@YAXV?$function@$$A6AXXZ@std@@K@Z
?PushUniqueThreadAsyncTask@common@ierd_tgp@@YAIV?$function@$$A6AXXZ@std@@IK@Z
?QosTraceSystemError@common@ierd_tgp@@YAXW4EnumTraceSystemError@12@K@Z
?QosTraceTaskFiles@common@ierd_tgp@@YAXV_TGameID@12@IABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1ABV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@5@_N@Z
?ReSetIconForShortcutLnk@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?ReSetIconForShortcutLnk@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@00@Z
?ReSetIconForShortcutLnkByLinkPath@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?ReSetIconForShortcutLnkByLinkPathImpl@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0@Z
?ReadIPCInfo@CSimpleIPC@@AAEXXZ
?ReadPeerList@CSimpleIPC@@AAEXPAXH@Z
?ReadPrivateProfile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00AAV45@1@Z
?ReadPrivateProfile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAHAAV45@@Z
?RedirectIconLnk@Sys_wrapper@common@ierd_tgp@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@000@Z
?RedirectIconLnk@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@000@Z
?RegexSearch@common@ierd_tgp@@YA_NPBD0@Z
?ReleaseUserLogger@base@@YAXPAVILogger@1@@Z
?ReleaseXMLConfig@common@ierd_tgp@@YAXPAPAVCTXMLConfig@12@@Z
?RemoveDir@common@ierd_tgp@@YAXPBD0@Z
?RemoveDir@silence_update@common@ierd_tgp@@KAHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?RemovePathSlashW@silence_update@common@ierd_tgp@@KAHAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?ReplaceForbiddenChar@common@ierd_tgp@@YAXAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?ReportFailedTask@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N1@Z
?ReportFailedTask@qos@adapt_for_imports@ierd_tgp@@YAXXZ
?Resume@CThread@@QAEXXZ
?ResumeProcess@Sys_wrapper@common@ierd_tgp@@SA_NI@Z
?Run@ChildProcess@common@ierd_tgp@@QAE_NPBD_N@Z
?SaveFailedTask@qos@adapt_for_imports@ierd_tgp@@YAXXZ
?SaveOfflineReportData@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?SendAsynMsg@CSimpleIPC@@IAEXIIJ@Z
?SetCrashInfo@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABUCrashInfo@234@@Z
?SetCurrentStage@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXW4ProcessStage@234@@Z
?SetDesktopWallpaper@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4EnumWallpaperStyle@23@@Z
?SetFileAccessTrustee@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetFileAccessTrustee@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?SetFileAuthority@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetFileAuthority@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?SetGamePromoteId@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetInterval@BaseTimer@base@@QAEXI@Z
?SetIsMultiInstance@Qos@qos@adapt_for_imports@ierd_tgp@@QAEX_N@Z
?SetLastLoginedUin@common@ierd_tgp@@YAX_K@Z

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 534KB - Virtual size: 534KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
virus/H7Ucs/rPcDo~m7/msvcp140.dll
.dll windows:6 windows x86 arch:x86

6dbd7763e94344402d4206b7bab40e1f

Code Sign

33:00:00:00:f3:67:3d:83:61:98:0f:1c:a6:00:00:00:00:00:f3
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:19

Not After

23/11/2019, 20:19

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft America Operations+OU=Thales TSS ESN:F6FF-2DA7-BB75,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d
Signer

Actual PE Digest

52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d

Digest Algorithm

sha256

PE Digest Matches

true

11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b
Signer

Actual PE Digest

11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

Imports

vcruntime140

_except_handler4_common
__uncaught_exceptions
__uncaught_exception
memmove
__std_terminate
_purecall
__CxxFrameHandler3
_CxxThrowException
__AdjustPointer
__processing_throw
__current_exception
__std_exception_destroy
__std_exception_copy
memset
memcmp
memchr
__std_type_info_destroy_list
memcpy

api-ms-win-crt-heap-l1-1-0

_callnewh
free
calloc
malloc
realloc

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_func
___lc_locale_name_func
___lc_collate_cp_func
localeconv
___lc_codepage_func
_lock_locales
_unlock_locales
setlocale
__pctype_func

api-ms-win-crt-string-l1-1-0

__strncnt
tolower
isalnum
isxdigit
isspace
wcsnlen
isdigit
wcscpy_s
_wcsdup
islower
isupper
iswctype
strcspn

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_register_onexit_function
_set_new_handler
terminate
_crt_atexit
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
_initterm
_initterm_e
_initialize_onexit_table
_beginthreadex
_endthreadex
_errno

api-ms-win-crt-stdio-l1-1-0

fputwc
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fputs
fgetc
fflush
fclose
_get_stream_buffer_pointers
_wfsopen
_fsopen
__acrt_iob_func
fgetpos
fseek
fputc
__stdio_common_vsprintf_s
fgetwc
ungetwc

api-ms-win-crt-math-l1-1-0

ldexp
_CIpow
_CIlog
frexp

api-ms-win-crt-convert-l1-1-0

btowc
strtod
strtof

api-ms-win-crt-filesystem-l1-1-0

_wchdir
_wrmdir
_unlock_file
_wremove
_lock_file
_wrename

api-ms-win-crt-time-l1-1-0

_W_Getdays
_Getmonths
_Strftime
_Wcsftime
_Getdays
_Gettnames
_W_Gettnames
_W_Getmonths

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

RtlCaptureStackBackTrace
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
GetStringTypeW
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
LoadLibraryExA
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
InitializeSListHead
GetCurrentProcessId
IsDebuggerPresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
CloseHandle
TryEnterCriticalSection
FormatMessageW
CreateHardLinkW
CopyFileW
GetLastError
AreFileApisANSI
GetTempPathW
SetFileTime
SetFilePointerEx
SetFileAttributesW
SetEndOfFile
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
CreateDirectoryW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
RaiseException
DecodePointer
EncodePointer

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@G@std@@QAE@ABV01@@Z
??0?$_Yarn@G@std@@QAE@PBG@Z
??0?$_Yarn@G@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@ABV01@@Z
??0?$_Yarn@_W@std@@QAE@PB_W@Z
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0task_continuation_context@Concurrency@@AAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@G@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@G@std@@QAEAAV01@PBG@Z
??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z
??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@G@std@@QBEPBGXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@G@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
virus/H7Ucs/rPcDo~m7/vcruntime140.dll
.dll windows:6 windows x86 arch:x86

6a84b7445ccacd5d29ac27de2745f356

Code Sign

33:00:00:01:14:96:9a:0d:f8:95:e4:71:49:00:00:00:00:01:14
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft America Operations+OU=Thales TSS ESN:C3B0-0F6A-4111,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2
Signer

Actual PE Digest

7c:83:07:f2:ab:ac:ee:45:72:8a:94:b8:52:1c:71:d9:cf:2a:02:0f:3d:2a:40:23:c8:ae:be:94:e0:2b:de:b2

Digest Algorithm

sha256

PE Digest Matches

true

69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a
Signer

Actual PE Digest

69:f0:3a:b3:d3:e2:76:74:1b:68:d7:40:21:2e:c8:f1:01:72:80:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\agent\_work\2\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

abort
terminate

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

DeleteCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FreeLibrary
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
virus/H7Ucs/rPcDo~m7/wegame.exe
.exe windows:5 windows x86 arch:x86

ea7e251e74e8b82b229ec965a99aaf13

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a2:c3:41:8c:53:c3:7a:49:35:0a:1b:41:13:62:e5:af:9f:50:3f:48:7c:c8:46:86:2f:6c:ef:df:2b:0e:ef:c3
Signer

Actual PE Digest

a2:c3:41:8c:53:c3:7a:49:35:0a:1b:41:13:62:e5:af:9f:50:3f:48:7c:c8:46:86:2f:6c:ef:df:2b:0e:ef:c3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\dailybuild_fix_5.4\wegame_client\build\bin\Release\wegame.pdb

Imports

adapt_for_imports

?Instance@CrashReportLoader@crash_report@@SAAAV12@XZ
?AddCrashReportHelperFile@CrashReportLoader@crash_report@@QAEHPB_W00K@Z
?Uninit@CrashReportLoader@crash_report@@QAEXXZ
?Init@CrashReportLoader@crash_report@@QAEXPB_W_K1HP6GHPAUtagCrashReportHelperCallbackInfo@@@Z0@Z

lua51

lua_type
lua_settop
lua_gettop
lua_pcall
lua_getfield
lua_pushstring
lua_tolstring

common

??1Shared_mem_obj@common@ierd_tgp@@QAE@XZ
??0Shared_mem_obj@common@ierd_tgp@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I0_N@Z
?unreg_all_msg_handler@@YAXPAX@Z
?unreg_all_service@@YAXPAX@Z
?reg_service@@YAXPBDV?$function@$$A6AXV?$shared_ptr@Umsg_base@@@std@@@Z@std@@PAX@Z
?reg_service@@YAXPBDV?$function@$$A6AXPBDAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@std@@PAX@Z
?send_msg@@YAXPBDV?$shared_ptr@Umsg_base@@@std@@@Z
?post_msg@@YAXPBDV?$shared_ptr@Umsg_base@@@std@@@Z
?get_comp_mgr_instance@common@ierd_tgp@@YAAAVComponent_mgr@12@XZ
?find_component@Component_mgr@common@ierd_tgp@@QAE?AV?$weak_ptr@UIComponent@common@ierd_tgp@@@std@@ABVcomponent_interface_type@23@@Z
?file_size@filesystem@ierd_tgp@@YA_KABVpath@12@AAVerror_code@std@@@Z
?file_size@filesystem@ierd_tgp@@YA_KABVpath@12@@Z
?GetBuffer@ShareMemory@Memory@ierd_tgp@@QBEPAEXZ
?from_json@jsonbind@@YAHPAXABVValue@Json@@@Z
?to_json@jsonbind@@YAHPAXAAVValue@Json@@@Z
??$json_value_to_obj@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@@YAHABVValue@Json@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$json_value_to_obj@Vjsonb_bool@@@@YAHABVValue@Json@@AAVjsonb_bool@@@Z
??$json_value_to_obj@Vjsonb_uint64@@@@YAHABVValue@Json@@AAVjsonb_uint64@@@Z
??$json_value_to_obj@Vjsonb_int64@@@@YAHABVValue@Json@@AAVjsonb_int64@@@Z
??$json_value_to_obj@Vjsonb_int@@@@YAHABVValue@Json@@AAVjsonb_int@@@Z
??$obj_to_json_value@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@@YAHAAVValue@Json@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??$obj_to_json_value@Vjsonb_uint64@@@@YAHAAVValue@Json@@AAVjsonb_uint64@@@Z
??$obj_to_json_value@Vjsonb_int64@@@@YAHAAVValue@Json@@AAVjsonb_int64@@@Z
??$obj_to_json_value@Vjsonb_bool@@@@YAHAAVValue@Json@@AAVjsonb_bool@@@Z
??$obj_to_json_value@Vjsonb_int@@@@YAHAAVValue@Json@@AAVjsonb_int@@@Z
?MD5FileSafe@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?appdata_project_folder@File_info@common@ierd_tgp@@SA?AVpath@filesystem@3@XZ
?get_log_instance@base@@YAPAVILogger@1@XZ
?get_ie_version@Sys_wrapper@common@ierd_tgp@@SAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?u8to16@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@@Z
?remove@filesystem@ierd_tgp@@YA_NABVpath@12@AAVerror_code@std@@@Z
?directory_iterator_increment@detail@filesystem@ierd_tgp@@YAXAAVdirectory_iterator@23@PAVerror_code@std@@@Z
?directory_iterator_construct@detail@filesystem@ierd_tgp@@YAXAAVdirectory_iterator@23@ABVpath@23@PAVerror_code@std@@@Z
?dir_itr_close@detail@filesystem@ierd_tgp@@YAXAAPAX@Z
?extension@path@filesystem@ierd_tgp@@QBE?AV123@XZ
?get_workingdir_path@Application@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?StopThread@CThread@@QAEXXZ
?StartThread@CThread@@QAEHPAXH@Z
??1CThread@@UAE@XZ
??0CThread@@QAE@XZ
?GetAutoRunRegKeyW@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?set_same_client_type_multi_instance@util_multi_instance@ierd_tgp@@YAX_N@Z
?get_coexist_name@util_multi_instance@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?get_process_count@util_multi_instance@ierd_tgp@@YAHPBD@Z
?IsSubWegameProcess@util_multi_instance@ierd_tgp@@YA_NXZ
?GetWegameProcessCount@util_multi_instance@ierd_tgp@@YAHXZ
?get_client_id@util_client_info@ierd_tgp@@YAHXZ
?GetUpdatedFilePath@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W0@Z
?is_certificate_open@util_curl_certificate@ierd_tgp@@YA_NXZ
?get_cert_pwd@util_curl_certificate@ierd_tgp@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?export_crt_file@util_curl_certificate@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@000@Z
?decode_string@common@ierd_tgp@@YA?AV?$optional@V?$reference_wrapper@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@std@@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?GetFileBuffer@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
??0WndMsgReceiver@Tenio@@QAE@XZ
??1WndMsgReceiver@Tenio@@QAE@XZ
?Init@WndMsgReceiver@Tenio@@QAE_NPBD@Z
?Uninit@WndMsgReceiver@Tenio@@QAE_NXZ
?CreateWnd@WndMsgReceiver2@Tenio@@UAEPAUHWND__@@PBD@Z
?open@Shared_mem_obj@common@ierd_tgp@@QAEPAXW4mode_t@interprocess@boost@@_N@Z
?IsStartFromUrlProtocol@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?close@Shared_mem_obj@common@ierd_tgp@@QAEXXZ
?instance@Application@common@ierd_tgp@@SAPAV123@XZ
?MD5String@@YAPADPAD@Z
?MD5Buffer@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PADI@Z
?GetTpfUiVfsPath@silence_update@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?IsXpOs@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?PostMainThreadTask@common@ierd_tgp@@YAXV?$function@$$A6AXXZ@std@@V?$shared_ptr@X@4@@Z
?is_shared_mem_exist@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??_0path@filesystem@ierd_tgp@@QAEAAV012@ABV012@@Z
??_0path@filesystem@ierd_tgp@@QAEAAV012@PB_W@Z
?remove_filename@path@filesystem@ierd_tgp@@QAEAAV123@XZ
?parent_path@path@filesystem@ierd_tgp@@QBE?AV123@XZ
?exists@filesystem@ierd_tgp@@YA_NABVpath@12@@Z
?is_regular_file@filesystem@ierd_tgp@@YA_NABVpath@12@AAVerror_code@std@@@Z
?copy_file@filesystem@ierd_tgp@@YAXABVpath@12@0W4copy_option@12@AAVerror_code@std@@@Z
?to_string@version_t@common@ierd_tgp@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??0Application@common@ierd_tgp@@QAE@HQAPAD_NKK1ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1Application@common@ierd_tgp@@UAE@XZ
?get_session_id@Application@common@ierd_tgp@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_machine_id@Application@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?set_machine_guid_async@Application@common@ierd_tgp@@SAXXZ
?get_exe_path@Application@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_exe_path_ex@Application@common@ierd_tgp@@SA?AVpath@filesystem@3@XZ
?get_workingdir_path_ex@Application@common@ierd_tgp@@SA?AVpath@filesystem@3@XZ
?get_app_sub_path@Application@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V45@@Z
?TaskBarPin@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@_N@Z
?PrefetchImage@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?get_app_sub_path_ex@Application@common@ierd_tgp@@SA?AVpath@filesystem@3@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_app_path@Application@common@ierd_tgp@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?exit_app@Application@common@ierd_tgp@@QAEXH@Z
?process@Application@common@ierd_tgp@@QAEXXZ
?get_ret@Application@common@ierd_tgp@@QBEHXZ
?PushAsyncTask@common@ierd_tgp@@YAXV?$function@$$A6AXXZ@std@@K@Z
?MainThreadTaskUpdate@common@ierd_tgp@@YAXXZ
?u16_to_loc@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?ReadPrivateProfile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00AAV45@1@Z
?load_config@Component_mgr@common@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?init@Component_mgr@common@ierd_tgp@@QAE_NXZ
?inited@Component_mgr@common@ierd_tgp@@QAEXXZ
?uninitialize@Component_mgr@common@ierd_tgp@@QAEXXZ
?ReadPrivateProfile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAHAAV45@@Z
?WritePrivateProfile@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@000@Z
?IsLaptop@Sys_wrapper@common@ierd_tgp@@SA_NXZ
?GetAllDriveInfo@Sys_wrapper@common@ierd_tgp@@SAXPAV?$vector@UDriveInfo@common@ierd_tgp@@V?$allocator@UDriveInfo@common@ierd_tgp@@@std@@@std@@@Z
?tick@Component_mgr@common@ierd_tgp@@QAEXN@Z
?enable_profile_on@common@ierd_tgp@@YAX_N@Z
?set_quick_login_uin@common@ierd_tgp@@YAXK@Z
?get_quick_login_uin@common@ierd_tgp@@YAKXZ
?enable_static_detail_log@common@ierd_tgp@@YAX_N@Z
?is_static_detail_log@common@ierd_tgp@@YA_NXZ
?enable_one_more_instance@common@ierd_tgp@@YAX_N@Z
?enable_offline_mode_on@common@ierd_tgp@@YAX_N@Z
?is_offline_mode_on@common@ierd_tgp@@YA_NXZ
?set_offline_login_account@common@ierd_tgp@@YAX_K@Z
?set_game_launcher_flag@common@ierd_tgp@@YAX_N@Z
?get_game_launcher_flag@common@ierd_tgp@@YA_NXZ
?set_game_launcher_msg@common@ierd_tgp@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_restart_after_update@common@ierd_tgp@@YAX_N@Z
?stamp_init@@YAXXZ
?stamp_point@@YAXPBD@Z
?enable_app_session_end@common@ierd_tgp@@YAX_N@Z
?stamp_uninit@@YAXXZ
?name@Shared_mem_obj@common@ierd_tgp@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??0ShareMemory@Memory@ierd_tgp@@QAE@PB_WK@Z
?size@Shared_mem_obj@common@ierd_tgp@@QAEIXZ
??1ShareMemory@Memory@ierd_tgp@@QAE@XZ
?set_start_from_host@common@ierd_tgp@@YAX_N@Z
?get_cfg_by_path@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_ptree@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@property_tree@boost@@_N@Z
?set_cfg_by_path@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_ptree@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@property_tree@boost@@@Z
?set_qos_id@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXK@Z
?set_ver@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABUversion_t@common@4@@Z
?set_machine_id@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_qm_report_guid@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_launcher_info@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
?set_session_id@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_uid@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_channel_id@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABH@Z
?set_bind_game_id@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXAB_K@Z
?report@Qos@qos@adapt_for_imports@ierd_tgp@@QAE_NABUQos_data_base@234@W4Qos_occasion@234@@Z
?WaitForStop@Qos@qos@adapt_for_imports@ierd_tgp@@QAE_NI@Z
?SetStartForID@Qos@qos@adapt_for_imports@ierd_tgp@@QAEX_K@Z
?SetCurrentStage@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXW4ProcessStage@234@@Z
?GetCurrentStage@Qos@qos@adapt_for_imports@ierd_tgp@@QAE?AW4ProcessStage@234@XZ
?set_account_id@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?set_client_version_type@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXH@Z
?SetCrashInfo@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABUCrashInfo@234@@Z
?SetIsMultiInstance@Qos@qos@adapt_for_imports@ierd_tgp@@QAEX_N@Z
?SetGamePromoteId@Qos@qos@adapt_for_imports@ierd_tgp@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?get_qos_instance@qos@adapt_for_imports@ierd_tgp@@YAAAVQos@123@XZ
?save_proxy_settings@client_helper@net@ierd_tgp@@YAXPBD@Z
?sync_proxy_settings@client_helper@net@ierd_tgp@@YAXXZ
?get_client_version_type@overseas@ierd_tgp@@YAHXZ
?extract_path@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?extract_name@common@ierd_tgp@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?extract_name@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAV34@@Z
?file_exists@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?scale_path2absolute_path@common@ierd_tgp@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV34@@Z
?GetLastLoginedUin@common@ierd_tgp@@YA_KXZ
?GetLastLoginedWegameId@common@ierd_tgp@@YAIXZ
?open_web@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?extract_op_from_cmd@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV45@@Z
?extract_op_from_cmd@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV45@@Z
?extract_op_from_cmd@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?extract_op_from_cmd@Sys_wrapper@common@ierd_tgp@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PA_K@Z
?get_system_name@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_system_hardware@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_system_all_build_version@Sys_wrapper@common@ierd_tgp@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?get_graphic_card_name@Sys_wrapper@common@ierd_tgp@@SAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?filename@path@filesystem@ierd_tgp@@QBE?AV123@XZ
?get_cpu_name@Sys_wrapper@common@ierd_tgp@@SAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?u16to8@common@ierd_tgp@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?Create@ShareMemory@Memory@ierd_tgp@@QAEHH@Z
?exists@filesystem@ierd_tgp@@YA_NABVpath@12@AAVerror_code@std@@@Z

psapi

GetModuleFileNameExW

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathFileExistsA
PathFindFileNameW
PathAppendW
PathFileExistsW

kernel32

InitializeSListHead
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
CreateEventW
InitializeCriticalSection
CreateThread
GetFileAttributesExW
LeaveCriticalSection
EnterCriticalSection
FlushFileBuffers
SetFileAttributesW
SetEndOfFile
SetFilePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
Process32Next
Process32First
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MultiByteToWideChar
MoveFileW
FindNextFileW
FindFirstFileW
RemoveDirectoryW
GetTempPathW
GetPrivateProfileIntW
OutputDebugStringA
SetEnvironmentVariableW
GetEnvironmentVariableW
GetCommandLineW
GetCommandLineA
CreateProcessW
CreateFileMappingW
GetStartupInfoW
CreateEventA
CreateMutexA
UnmapViewOfFile
MapViewOfFile
GetTickCount
FindClose
Sleep
WaitForSingleObject
SetEvent
SetLastError
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
OpenProcess
LocalFree
FreeLibrary
WideCharToMultiByte
GetFileAttributesW
CreateDirectoryW
OutputDebugStringW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
GetFileSize
GetLongPathNameW
GetProcAddress
GetSystemInfo
DeleteFileW
CreateFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetLocalTime
CloseHandle
ReadFile
WriteFile
GetLastError
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
FormatMessageA
OpenEventA
QueryPerformanceFrequency
ResetEvent

user32

UnregisterClassA
FindWindowW
FindWindowA
ClipCursor
SendMessageA
PostMessageA
DefWindowProcA
IsWindow
MessageBoxA
SetCursor

shell32

SHCreateDirectoryExW
CommandLineToArgvW

ole32

CoCreateGuid
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoInitialize
StringFromCLSID

advapi32

RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW

msvcp140

?bad@ios_base@std@@QBE_NXZ
?fail@ios_base@std@@QBE_NXZ
?eof@ios_base@std@@QBE_NXZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?narrow@?$ctype@_W@std@@QBED_WD@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
_Wcsxfrm
_Wcscoll
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?unsetf@ios_base@std@@QAEXH@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?precision@ios_base@std@@QAE_J_J@Z
?flags@ios_base@std@@QAEHH@Z
?flags@ios_base@std@@QBEHXZ
?exceptions@ios_base@std@@QAEXH@Z
?good@ios_base@std@@QBE_NXZ
??7ios_base@std@@QBE_NXZ
??Bios_base@std@@QBE_NXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?narrow@?$ctype@D@std@@QBEDDD@Z
?widen@?$ctype@D@std@@QBEDD@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??Bid@locale@std@@QAEIXZ
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Winerror_message@std@@YAKKPADK@Z
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Xlength_error@std@@YAXPBD@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setf@ios_base@std@@QAEHH@Z
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
_Open_dir
_Read_dir
_Close_dir
_To_byte
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$collate@_W@std@@2V0locale@2@A
_Mbrtowc
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_W_Getdays@_Locinfo@std@@QBEPBGXZ
?_W_Getmonths@_Locinfo@std@@QBEPBGXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setf@ios_base@std@@QAEHHH@Z
?rdstate@ios_base@std@@QBEHXZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

vcruntime140

_except_handler4_common
_purecall
memcpy
memmove
memset
__std_type_info_destroy_list
strrchr
__std_type_info_name
strchr
memchr
__RTDynamicCast
__std_type_info_compare
__std_exception_destroy
__std_exception_copy
wcsrchr
wcschr
memcmp
__CxxFrameHandler3
_CxxThrowException
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_get_initial_narrow_environment
_initterm_e
_set_app_type
_seh_filter_exe
exit
_cexit
_crt_at_quick_exit
_exit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
__p___argv
_c_exit
_initterm
_errno
strerror
_invalid_parameter_noinfo
_crt_atexit
_invalid_parameter_noinfo_noreturn
__p___argc
terminate
strerror_s
_controlfp_s
_register_thread_local_exe_atexit_callback

api-ms-win-crt-stdio-l1-1-0

__p__commode
fwrite
ftell
__stdio_common_vsprintf
ferror
__acrt_iob_func
__stdio_common_vsnprintf_s
__stdio_common_vfprintf
__stdio_common_vswprintf_s
__stdio_common_vfwprintf
fseek
fopen_s
_ftelli64
__stdio_common_vsscanf
_set_fmode
fputc
fopen
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
__stdio_common_vsprintf_s
ungetc
setvbuf
_fseeki64
fsetpos
fread

api-ms-win-crt-string-l1-1-0

wcsncpy_s
wcscmp
wcslen
wcsncpy
strncpy
wcscpy_s
wcscat_s
wcsncat_s
strlen
strcmp
_wcsicmp
_stricmp
isprint
_wcsnicmp
strncpy_s
strcpy_s
strpbrk
towlower

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc
_recalloc
calloc
_set_new_mode
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s
_wremove
_waccess
_unlock_file
_lock_file
_wrmdir
_wmkdir
_wrename

api-ms-win-crt-convert-l1-1-0

_wtoi
strtoul
strtoull

api-ms-win-crt-math-l1-1-0

_ldtest
_dsign
_dtest
_except1
__setusermatherr

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-time-l1-1-0

_time64

Sections

.text
Size: 758KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 754KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
virus/dyxdgwfc/QQgames.exe
.exe windows:6 windows x64 arch:x64

5f74a5c747508e2822fdb9b687deaf42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\buildslave\unity\build\artifacts\WindowsPlayer\Win64_VS2019_nondev_i_r\WindowsPlayer_Master_il2cpp_x64.pdb

Imports

unityplayer

UnityMain

kernel32

WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
CloseHandle
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
virus/dyxdgwfc/UnityPlayer.dll

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 920KB

UPX1 Size: 265KB - Virtual size: 268KB

.rsrc Size: 427KB - Virtual size: 428KB

3a6d420059802f11d6a8618c0671a808

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

6b:43:69:c3:59:c2:c5:56:53:e3:43:ef:fa:03:ee:55:d6:94:94:ad:e2:94:f7:1b:d9:d7:e2:42:d3:0d:7f:f9Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 482KB - Virtual size: 481KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 1024B - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 4KB

.00cfg Size: 512B - Virtual size: 260B

.reloc Size: 8KB - Virtual size: 8KB

337670dc854d4bbbff6f7ed8ca42353b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

dd:2e:4e:1a:24:01:a8:f0:cc:a0:f1:0d:69:36:26:6e:f4:4c:76:80:99:17:45:1b:7d:09:1a:b6:3a:f6:78:83Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

common

version

shlwapi

kernel32

advapi32

UPX0
Size: - Virtual size: 920KB

UPX1
Size: 265KB - Virtual size: 268KB

.rsrc
Size: 427KB - Virtual size: 428KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

6b:43:69:c3:59:c2:c5:56:53:e3:43:ef:fa:03:ee:55:d6:94:94:ad:e2:94:f7:1b:d9:d7:e2:42:d3:0d:7f:f9
Signer

.text
Size: 482KB - Virtual size: 481KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 1024B - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 4KB

.00cfg
Size: 512B - Virtual size: 260B

.reloc
Size: 8KB - Virtual size: 8KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

dd:2e:4e:1a:24:01:a8:f0:cc:a0:f1:0d:69:36:26:6e:f4:4c:76:80:99:17:45:1b:7d:09:1a:b6:3a:f6:78:83
Signer

.text
Size: 234KB - Virtual size: 234KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 44KB - Virtual size: 83KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 19KB - Virtual size: 19KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 534KB - Virtual size: 534KB

.data
Size: 23KB - Virtual size: 85KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 176KB - Virtual size: 175KB

33:00:00:00:f3:67:3d:83:61:98:0f:1c:a6:00:00:00:00:00:f3
Certificate

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

52:10:da:22:0d:a5:13:d1:15:42:f3:81:b9:b7:fd:51:49:e7:ed:ae:02:29:2e:ad:81:b7:c2:b1:1e:b7:45:5d
Signer

11:97:14:5a:0a:50:e7:57:e3:ec:f6:60:3b:cf:a9:e5:7e:b3:02:8b
Signer