3e7e9fd923a6eee332a38f040e82fad2173ebc7146e95b27f8ec0c67c15ddfab

Sharing

Copy URL Twitter E-mail

General

Target

3e7e9fd923a6eee332a38f040e82fad2173ebc7146e95b27f8ec0c67c15ddfab
Size

3.0MB
MD5

abfb94ae9bca5762ec84bf3d50f177bb
SHA1

ae164e08b80c520047ad5b2a4cec0621308b34e0
SHA256

3e7e9fd923a6eee332a38f040e82fad2173ebc7146e95b27f8ec0c67c15ddfab
SHA512

e8df7e4c6400227726d1b4a209802250f8b7796a883b789f0471b990fda5e532832899ae9eff03f2c0525c5ea15b32cdfd6d9ee986ebf429f9fe976c33d43c69
SSDEEP

49152:5nnbGxazAhDJFW5IS7+uKjA+lu5jKo44vnTqrjS:d8TJNSS3uhR44/Ue

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7e9fd923a6eee332a38f040e82fad2173ebc7146e95b27f8ec0c67c15ddfab

Files

3e7e9fd923a6eee332a38f040e82fad2173ebc7146e95b27f8ec0c67c15ddfab
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0?$BaseImplement@UIState@@@@QAE@ABV0@@Z
??0?$BaseImplement@UIState@@@@QAE@XZ
??0?$State@UIState@@@@QAE@ABV0@@Z
??0?$State@UIState@@@@QAE@PAUIScheduler@@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CCalendarImpl@@QAE@XZ
??0CContentImplBase@@QAE@ABV0@@Z
??0CContentImplBase@@QAE@XZ
??0CCycleContentImplBase@@QAE@$$QAV0@@Z
??0CCycleContentImplBase@@QAE@ABV0@@Z
??0CCycleContentImplBase@@QAE@XZ
??0CDataBaseImpl@@QAE@ABV0@@Z
??0CDataBaseImpl@@QAE@XZ
??0CDumpsHelpCategory@StatesToolBox@@QAE@$$QAV01@@Z
??0CDumpsHelpCategory@StatesToolBox@@QAE@ABV01@@Z
??0CDumpsHelpCategory@StatesToolBox@@QAE@XZ
??0CEEPROM@@QAE@ABV0@@Z
??0CEEPROM@@QAE@XZ
??0CEISourceImpl@@QAE@ABV0@@Z
??0CEISourceImpl@@QAE@XZ
??0CEvidenceBlob@@QAE@XZ
??0CEvidenceHelper@@QAE@$$QAV0@@Z
??0CEvidenceHelper@@QAE@XZ
??0CEvidencePhoneNative@@QAE@ABV0@@Z
??0CEvidencePhoneNative@@QAE@XZ
??0CExtraInfoImpl@@QAE@ABV0@@Z
??0CExtraInfoImpl@@QAE@XZ
??0CExtractionUserActivityLog@@QAE@ABV0@@Z
??0CExtractionUserActivityLog@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CFileWrite@@QAE@ABV0@@Z
??0CFileWrite@@QAE@PBG0I@Z
??0CFileWrite@@QAE@PBGI@Z
??0CForensicReportHandler@@QAE@XZ
??0CFunctions@@QAE@ABV0@@Z
??0CFunctions@@QAE@XZ
??0CGlobalParamStorage@StatesToolBox@@QAE@ABV01@@Z
??0CGlobalParamStorage@StatesToolBox@@QAE@XZ
??0CHelpProvider@@QAE@ABV0@@Z
??0CHelpProvider@@QAE@XZ
??0CKey@Stat@@QAE@ABV01@@Z
??0CKey@Stat@@QAE@W4EIndex@1@00@Z
??0CLastSelectedPhonesStorage@@QAE@ABV0@@Z
??0CLastSelectedPhonesStorage@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CLastSelectedPhonesStorage@@QAE@XZ
??0CLastSelectedPhonesStorageUplApp@@QAE@ABV0@@Z
??0CLastSelectedPhonesStorageUplApp@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CMessagesImpl@@QAE@XZ
??0CModTestIniCreate@@QAE@$$QAV0@@Z
??0CModTestIniCreate@@QAE@ABV0@@Z
??0CModTestIniCreate@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CMultimediaImpl@@QAE@ABV0@@Z
??0CMultimediaImpl@@QAE@XZ
??0CMultimediaImplBase@@QAE@ABV0@@Z
??0CMultimediaImplBase@@QAE@XZ
??0CPhoneBookImpl@@QAE@XZ
??0CPhoneBookSIMImpl@@QAE@XZ
??0CPrefixChange@@QAE@AAV?$map@GV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@U?$less@G@2@V?$allocator@U?$pair@$$CBGV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@std@@@2@@std@@@Z
??0CPrefixChange@@QAE@ABV0@@Z
??0CPrefixChangeEx@@QAE@$$QAV0@@Z
??0CPrefixChangeEx@@QAE@AAV?$map@GV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@U?$less@G@2@V?$allocator@U?$pair@$$CBGV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@std@@@2@@std@@@Z
??0CPrefixChangeEx@@QAE@ABV0@@Z
??0CProduceDeactivationKey@@QAE@$$QAV0@@Z
??0CProduceDeactivationKey@@QAE@ABV0@@Z
??0CProduceDeactivationKey@@QAE@K@Z
??0CSmartFlowState@@QAE@PAUIScheduler@@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@1V23@@Z
??0CStatCollector@@QAE@$$QAV0@@Z
??0CStatCollector@@QAE@ABV0@@Z
??0CStatCollector@@QAE@XZ
??0CStatFasade@Stat@@QAE@ABV01@@Z
??0CStatFasade@Stat@@QAE@H@Z
??0CStatFasade@Stat@@QAE@XZ
??0CStateCloneSimId@@QAE@ABV0@@Z
??0CStateCloneSimId@@QAE@PAUIScheduler@@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CStateMemoryDump@@QAE@PAUIScheduler@@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@1V23@@Z
??0CStateReading@@QAE@PAUIScheduler@@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CStateRunAndroidInfo@@QAE@ABV0@@Z
??0CStateRunAndroidInfo@@QAE@XZ
??0CStateSaveReports@@QAE@ABV0@@Z
??0CStateSaveReports@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CStateToolsExecute@@QAE@ABV0@@Z
??0CStateToolsExecute@@QAE@PAUIScheduler@@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CStateWriteFileToTarget@@QAE@ABV0@@Z
??0CStateWriteFileToTarget@@QAE@XZ
??0CToolTipHelper@@QAE@ABV0@@Z
??0CToolTipHelper@@QAE@XZ
??0CToolTipHelperCAIS@@QAE@ABV0@@Z
??0CToolTipHelperCAIS@@QAE@XZ
??0CUserInstructions@@QAE@$$QAV0@@Z
??0CUserInstructions@@QAE@ABV0@@Z
??0CUserInstructions@@QAE@XZ
??0CValue@Stat@@QAE@ABV01@@Z
??0CValue@Stat@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
??0CValue@Stat@@QAE@H@Z
??0CValue@Stat@@QAE@K@Z
??0CValue@Stat@@QAE@PBG@Z
??0CValue@Stat@@QAE@XZ
??0CValue@Stat@@QAE@_J@Z
??0CValue@Stat@@QAE@_N@Z
??0CableTypeInfo@@QAE@$$QAV0@@Z
??0CableTypeInfo@@QAE@ABV0@@Z
??0ChatCaptureManager@@QAE@XZ
??0ChatCaptureManagerFactory@@QAE@$$QAU0@@Z
??0ChatCaptureManagerFactory@@QAE@ABU0@@Z
??0ChatCaptureManagerFactory@@QAE@XZ
??0selected_phone@CLastSelectedPhonesStorage@@QAE@ABU01@@Z
??0selected_phone@CLastSelectedPhonesStorage@@QAE@XZ
??1?$BaseImplement@UIState@@@@UAE@XZ
??1?$State@UIState@@@@UAE@XZ
??1CCalendarImpl@@UAE@XZ
??1CContentImplBase@@UAE@XZ
??1CCycleContentImplBase@@UAE@XZ
??1CDataBaseImpl@@UAE@XZ
??1CDumpsHelpCategory@StatesToolBox@@QAE@XZ
??1CEEPROM@@UAE@XZ
??1CEISourceImpl@@UAE@XZ
??1CEvidenceBlob@@QAE@XZ
??1CEvidenceHelper@@QAE@XZ
??1CEvidencePhoneNative@@UAE@XZ
??1CExtraInfoImpl@@UAE@XZ
??1CExtractionUserActivityLog@@QAE@XZ
??1CFileWrite@@UAE@XZ
??1CForensicReportHandler@@UAE@XZ
??1CFunctions@@UAE@XZ
??1CGlobalParamStorage@StatesToolBox@@UAE@XZ
??1CHelpProvider@@UAE@XZ
??1CKey@Stat@@UAE@XZ
??1CLastSelectedPhonesStorage@@UAE@XZ
??1CLastSelectedPhonesStorageUplApp@@UAE@XZ
??1CMessagesImpl@@UAE@XZ
??1CModTestIniCreate@@QAE@XZ
??1CMultimediaImpl@@UAE@XZ
??1CMultimediaImplBase@@UAE@XZ
??1CPhoneBookImpl@@UAE@XZ
??1CPhoneBookSIMImpl@@UAE@XZ
??1CPrefixChange@@QAE@XZ
??1CPrefixChangeEx@@QAE@XZ
??1CProduceDeactivationKey@@QAE@XZ
??1CSmartFlowState@@UAE@XZ
??1CStatCollector@@QAE@XZ
??1CStatFasade@Stat@@UAE@XZ
??1CStateCloneSimId@@UAE@XZ
??1CStateMemoryDump@@UAE@XZ
??1CStateReading@@UAE@XZ
??1CStateRunAndroidInfo@@UAE@XZ
??1CStateSaveReports@@QAE@XZ
??1CStateToolsExecute@@UAE@XZ
??1CStateWriteFileToTarget@@UAE@XZ
??1CToolTipHelper@@UAE@XZ
??1CToolTipHelperCAIS@@UAE@XZ
??1CUserInstructions@@UAE@XZ
??1CValue@Stat@@UAE@XZ
??1CableTypeInfo@@QAE@XZ
??1ChatCaptureManager@@UAE@XZ
??1ChatCaptureManagerFactory@@UAE@XZ
??1selected_phone@CLastSelectedPhonesStorage@@QAE@XZ
??4?$BaseImplement@UIState@@@@QAEAAV0@ABV0@@Z
??4?$State@UIState@@@@QAEAAV0@ABV0@@Z
??4CContentImplBase@@QAEAAV0@ABV0@@Z
??4CCycleContentImplBase@@QAEAAV0@$$QAV0@@Z
??4CCycleContentImplBase@@QAEAAV0@ABV0@@Z
??4CDataBaseImpl@@QAEAAV0@ABV0@@Z
??4CDataSource@@QAEAAV0@$$QAV0@@Z
??4CDataSource@@QAEAAV0@ABV0@@Z
??4CDumpsHelpCategory@StatesToolBox@@QAEAAV01@$$QAV01@@Z
??4CDumpsHelpCategory@StatesToolBox@@QAEAAV01@ABV01@@Z
??4CEEPROM@@QAEAAV0@ABV0@@Z
??4CEISourceImpl@@QAEAAV0@ABV0@@Z
??4CEvidenceBlob@@QAEAAV0@ABV0@@Z
??4CEvidenceHelper@@QAEAAV0@$$QAV0@@Z
??4CEvidencePhoneNative@@QAEAAV0@ABV0@@Z
??4CExtraInfoImpl@@QAEAAV0@ABV0@@Z
??4CFileWrite@@QAEAAV0@ABV0@@Z
??4CFunctions@@QAEAAV0@ABV0@@Z
??4CGlobalParamStorage@StatesToolBox@@QAEAAV01@ABV01@@Z
??4CHelpProvider@@QAEAAV0@ABV0@@Z
??4CKey@Stat@@QAEAAV01@ABV01@@Z
??4CLastSelectedPhonesStorage@@QAEAAV0@ABV0@@Z
??4CLastSelectedPhonesStorageUplApp@@QAEAAV0@ABV0@@Z
??4CModTestIniCreate@@QAEAAV0@$$QAV0@@Z
??4CModTestIniCreate@@QAEAAV0@ABV0@@Z
??4CMultimediaImpl@@QAEAAV0@ABV0@@Z
??4CMultimediaImplBase@@QAEAAV0@ABV0@@Z
??4CProduceDeactivationKey@@QAEAAV0@$$QAV0@@Z
??4CProduceDeactivationKey@@QAEAAV0@ABV0@@Z
??4CStatCollector@@QAEAAV0@$$QAV0@@Z
??4CStatCollector@@QAEAAV0@ABV0@@Z
??4CStatFasade@Stat@@QAEAAV01@ABV01@@Z
??4CStateCloneSimId@@QAEAAV0@ABV0@@Z
??4CStateRunAndroidInfo@@QAEAAV0@ABV0@@Z
??4CStateSaveReports@@QAEAAV0@ABV0@@Z
??4CStateToolsExecute@@QAEAAV0@ABV0@@Z
??4CStateWriteFileToTarget@@QAEAAV0@ABV0@@Z
??4CTimestampUtil@@QAEAAV0@$$QAV0@@Z
??4CTimestampUtil@@QAEAAV0@ABV0@@Z
??4CToolTipHelper@@QAEAAV0@ABV0@@Z
??4CToolTipHelperCAIS@@QAEAAV0@ABV0@@Z
??4CUserInstructions@@QAEAAV0@$$QAV0@@Z
??4CUserInstructions@@QAEAAV0@ABV0@@Z
??4CValue@Stat@@QAEAAV01@ABV01@@Z
??4CableTypeInfo@@QAEAAV0@$$QAV0@@Z
??4CableTypeInfo@@QAEAAV0@ABV0@@Z
??4ChatCaptureManagerFactory@@QAEAAU0@$$QAU0@@Z
??4ChatCaptureManagerFactory@@QAEAAU0@ABU0@@Z
??4selected_phone@CLastSelectedPhonesStorage@@QAEXABU01@@Z
??ACLastSelectedPhonesStorage@@UAEPAUselected_phone@0@G@Z
??ACStatFasade@Stat@@QAEAAVCValue@1@ABVCKey@1@@Z
??ECValue@Stat@@QAEAAV01@H@Z
??ECValue@Stat@@QAEAAV01@XZ
??MCKey@Stat@@QBE_NABV01@@Z
??YCValue@Stat@@QAEAAV01@ABV01@@Z
??_7?$BaseImplement@UIState@@@@6B@
??_7?$State@UIState@@@@6B@
??_7CCalendarImpl@@6B@
??_7CContentImplBase@@6B@
??_7CCycleContentImplBase@@6B@
??_7CDataBaseImpl@@6B@
??_7CEEPROM@@6B@
??_7CEISourceImpl@@6B@
??_7CEvidenceHelper@@6BIServices@@@
??_7CEvidenceHelper@@6BITransferState@@@
??_7CEvidencePhoneNative@@6B@
??_7CExtraInfoImpl@@6B@
??_7CExtractionUserActivityLog@@6B@
??_7CFileWrite@@6B@
??_7CForensicReportHandler@@6B@
??_7CFunctions@@6B@
??_7CGlobalParamStorage@StatesToolBox@@6B@
??_7CHelpProvider@@6B@
??_7CKey@Stat@@6B@
??_7CLastSelectedPhonesStorage@@6B@
??_7CLastSelectedPhonesStorageUplApp@@6B@
??_7CMessagesImpl@@6B@
??_7CMultimediaImpl@@6B@
??_7CMultimediaImplBase@@6B@
??_7CPhoneBookImpl@@6B@
??_7CPhoneBookSIMImpl@@6B@
??_7CSmartFlowState@@6B?$State@UIState@@@@@
??_7CSmartFlowState@@6BCFunctions@@@
??_7CStatFasade@Stat@@6B@
??_7CStateCloneSimId@@6B?$State@UIState@@@@@
??_7CStateCloneSimId@@6BCUserInteractionEx@@@
??_7CStateMemoryDump@@6B?$State@UIState@@@@@
??_7CStateMemoryDump@@6BCFunctions@@@
??_7CStateReading@@6B?$State@UIState@@@@@
??_7CStateReading@@6BCFunctions@@@
??_7CStateReading@@6BIFlowControlCallbacks@@@
??_7CStateReading@@6BIServices@@@
??_7CStateReading@@6BITransferState@@@
??_7CStateRunAndroidInfo@@6B@
??_7CStateToolsExecute@@6B?$State@UIState@@@@@
??_7CStateToolsExecute@@6BCFunctions@@@
??_7CStateWriteFileToTarget@@6B@
??_7CToolTipHelper@@6B@
??_7CToolTipHelperCAIS@@6B@
??_7CUserInstructions@@6B@
??_7CValue@Stat@@6B@
??_7ChatCaptureManager@@6BIApplicationsManager@@@
??_7ChatCaptureManager@@6BIChatsCapturer@@@
??_7ChatCaptureManagerFactory@@6B@
?Abort@CMessagesImpl@@IAE?AW4EContentTypes@IContentImpl@@PAVCStatCollector@@I_N@Z
?Add@CValue@Stat@@QAEXABV12@@Z
?AddCheckBoxSelection@CExtractionUserActivityLog@@UAEX_N0ABV?$vector@IV?$allocator@I@std@@@std@@@Z
?AddDirectoryName@CEvidencePhoneNative@@IAEXAAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@K@Z
?AddEraseNoteForTarget@CHelpProvider@@UAEX_N@Z
?AddFileInfo4ForensicReport@CEvidencePhoneNative@@IAEXPAXAAU_SYSTEMTIME@@@Z
?AddHelpTopic@CHelpProvider@@UAE_NPAUIDataProvider@@PAUIBaseLink@@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@ABV45@@Z
?AddLSourceLinkInfo@CStateMemoryDump@@IAEXPAUIBaseLink@@@Z
?AddListBoxSelection@CExtractionUserActivityLog@@UAEXH@Z
?AddLogicalContentTYpe@CModTestIniCreate@@AAEX_K@Z
?AddMMSelectContentSelection@CExtractionUserActivityLog@@UAEX_N0ABV?$vector@IV?$allocator@I@std@@@std@@@Z
?AddMask@CValue@Stat@@QAEXK@Z
?AddMessageBoxSelection@CExtractionUserActivityLog@@UAEXABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?AddMethodMenuStr@CStateMemoryDump@@IAEXW4EMenuItemId@@@Z
?AddMultimediaStats@CStatCollector@@QAE_NHHPAVCMmStats@@@Z
?AddPBAccountSelection@CExtractionUserActivityLog@@UAEX_N0ABV?$vector@IV?$allocator@I@std@@@std@@@Z
?AddPhone@CLastSelectedPhonesStorage@@UAEXABUselected_phone@1@@Z
?AddSourceLinkInfo@CModTestIniCreate@@AAEXW4EMenuItemId@@PAVCResultsManager@@@Z
?AddSourceMemoryInfo@CModTestIniCreate@@AAEXK@Z
?AddSourcePhoneInfoInfo@CModTestIniCreate@@AAEXW4EMenuItemId@@PAVCResultsManager@@@Z
?AddSuggestedMethodInfo@CStateMemoryDump@@IAEXW4EMenuItemId@@H@Z
?AddTheRest@CModTestIniCreate@@AAEXXZ
?AddToFlowControl@CStateReading@@IAE_NW4EContentTypes@IContentImpl@@W4EOperation@3@@Z
?AddTransferType@CModTestIniCreate@@AAEXW4EMenuItemId@@@Z
?AddUFEDTexts2Stat@CStateReading@@IAEXXZ
?AddUserTextSelection@CExtractionUserActivityLog@@UAEXABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?AddXmlRecord@CStatFasade@Stat@@QAE_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?AnalyzeServerResponse@CStatFasade@Stat@@QAE?AW4EResponseAnalyzingResult@2@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PA_N@Z
?AndroidPackagesMetaData@CStateMemoryDump@@QAEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCPkgMetaData@@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCPkgMetaData@@@std@@@2@@std@@XZ
?ApplyParams@CPrefixChange@@IAE_NXZ
?AskAboutSkipEmptyPB@CStateReading@@IAE_NPAUIPhone@@@Z
?AskForRemoveSomeContentTypes@CStateReading@@IAEX_KPAPA_K@Z
?AttachmentEventCb@CStateReading@@KA_NPAVIAttachmentField@@W4EStorageEvents@IContainer@@PAX@Z
?AttachmentManagerTargetConnect@CEvidenceHelper@@UAEXXZ
?AttachmentManagerTargetConnect@CStateReading@@MAEXXZ
?AttachmentManagerTargetDisconnect@CEvidenceHelper@@UAEXXZ
?AttachmentManagerTargetDisconnect@CStateReading@@MAEXXZ
?BackupContent@CMultimediaImpl@@MAE?AW4EErrorCode@@PAUIBaseLink@@0AAW4eSide@@@Z
?BackupExtraInfo@CExtraInfoImpl@@AAE_NPAUIBaseLink@@@Z
?BackupPreProcessBook@CPhoneBookImpl@@IAEXXZ
?BackupRestorePB@CPhoneBookImpl@@IAE_NPAUIBaseLink@@PAUIUserInteraction@@PAVCModuleInfo@@_N@Z
?Beep@CDataSource@@SAXKKH@Z
?Beep@CDataSource@@SAXW4BeepType@@H@Z
?Beep@CStateReading@@QAEXKKH@Z
?CalendarProxy@CCalendarImpl@@IAE?AW4ErrorCode@@PAUIBaseCalendarLib@@PAVICalendar@@_N@Z
?CaptureChat@ChatCaptureManager@@UAE?AW4ErrorCode@@V?$shared_ptr@UChatCaptureConfig@@@std@@V?$shared_ptr@$$CBUIChatCaptureCallback@@@4@@Z
?ChangeInOrder@CLastSelectedPhonesStorage@@UAEXXZ
?Check4XMLFiles@CStatFasade@Stat@@QAEXXZ
?CheckOverCurrentOnUSB@CFunctions@@SA_NPAUIBaseLink@@PAUIUserInteraction@@@Z
?CheckUserAbortMM@CMultimediaImplBase@@AAEXPAVICntModule@@PAVCModuleInfo@@PAUIUserInteraction@@@Z
?ChoosePhonebookAccounts@CPhoneBookImpl@@IAEXPAUIBasePhoneLib@@PAUIUserInteraction@@@Z
?Clear@CGlobalParamStorage@StatesToolBox@@QAEXXZ
?Clear@CLastSelectedPhonesStorage@@UAEXXZ
?ClearAndInitializeDatabase@CDataSource@@SAHXZ
?ClearFakeXMLs@CDataSource@@SAXXZ
?ClearOTFMethodsOnly@CDataSource@@SAXXZ
?ClearOTFXMLsOnly@CDataSource@@SAXXZ
?ClearReferenceXMLs@CDataSource@@SAX_N@Z
?Close@CFileWrite@@QAE_NXZ
?CloseExtraction@ChatCaptureManager@@UAE?AW4ErrorCode@@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@W42@_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?CollectChangeSetNames@CPrefixChangeEx@@QAEXXZ
?ComposeFullHelp@CHelpProvider@@UAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIDataProvider@@@Z
?ComposeHandsetIdMessage@CStateReading@@IAEXABUhandsetInfo@@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@_N@Z
?ConfigSourceLink@CStateMemoryDump@@IAEXAAV?$InterfaceFromDllPtr@UIBaseLink@@@@@Z
?ConfigSourceModuleImplementation@CStateMemoryDump@@MAEXAAV?$InterfaceFromDllPtr@UIBaseDumperModule@@@@PAUIValue@@AAUExtendedDLLParams@@@Z
?ConfigTargetModuleImplementation@CStateMemoryDump@@MAEXAAV?$InterfaceFromDllPtr@UIDumperTargetModule@@@@PAUIValue@@AAUExtendedDLLParams@@@Z
?Connect@CCalendarImpl@@IAE_NAAV?$InterfaceFromDllPtr@UIBaseCalendarLib@@@@_N@Z
?Connect@CEEPROM@@IAE_NXZ
?Connect@CForensicReportHandler@@AAE_NXZ
?ConnectCleanup@CMessagesImpl@@IAEXI_N@Z
?ConnectSource@CEvidencePhoneNative@@IAE?AW4ErrorCode@@XZ
?ConnectTarget@CEvidencePhoneNative@@IAE_NXZ
?ContainText@CHelpProvider@@IAE_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?ContentImplFactory@CStateReading@@MAEPAVIContentImpl@@W4EContentTypes@2@@Z
?ContentImplTypeToMemoryContentMask@CForensicReportHandler@@AAE_KI@Z
?Create@CDataSource@@SA_NXZ
?Create@CModTestIniCreate@@QAEXPAVCResultsManager@@@Z
?Create@ChatCaptureManagerFactory@@UAEPAUIChatCaptureManager@@XZ
?CreateAPK_DowngradeFolderName@CStateMemoryDump@@IAEXW4EMenuItemId@@@Z
?CreateBackupRestoreLink@CStateReading@@IAEXAAV?$InterfaceFromDllPtr@UIBaseLink@@@@_N@Z
?CreateFakeUFD@CForensicReportHandler@@AAEXXZ
?CreateFileSystemTarget@CStateReading@@AAEXXZ
?CreateForensicModule@CForensicReportHandler@@AAE_NXZ
?CreateHideTypesString@CHelpProvider@@IAEXW4EHelpSections@@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?CreateInitModule@CPhoneBookImpl@@MAE_NAAV?$InterfaceFromDllPtr@UIBasePhoneLib@@@@PBGPAUIPhone@@PAUIUserInteraction@@_N@Z
?CreateLinks@CStateReading@@IAEXXZ
?CreateMediaAsPhone@CStateReading@@IAEXXZ
?CreateModelNameForFolder@CStateReading@@IAEXXZ
?CreateNativePhoneStates@@YAPAUIPhone@@PBGK00KW4eSide@@W4ETransferType@1@@Z
?CreateSource@CSmartFlowState@@IAEHXZ
?CreateSourceLink@CEvidenceHelper@@QAE_NPBG@Z
?CreateSourceModuleImplementation@CDataBaseImpl@@MAEXAAV?$InterfaceFromDllPtr@UIBaseDumperModule@@@@PAUIValue@@AAUExtendedDLLParams@@@Z
?CreateStandartListBox@?$State@UIState@@@@QAEXXZ
?CreateStatisticsCommon@CSmartFlowState@@IAEXXZ
?CreateTagName4Search@CToolTipHelper@@IAEXABU_toolTipRule@@KAAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?CreateTargetModuleImplementation@CDataBaseImpl@@MAEXAAV?$InterfaceFromDllPtr@UIDumperTargetModule@@@@PAUIValue@@AAUExtendedDLLParams@@@Z
?CreateTopWindow@?$State@UIState@@@@QAEXV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?CreateTopWindow@?$State@UIState@@@@QAEXXZ
?Cycle@CContentImplBase@@IAE?AW4EContentImplStatus@@W4EOperation@IContentImpl@@P81@AE_N0@ZV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?CycleAction@CContentImplBase@@MAE_NW4EOperation@IContentImpl@@@Z
?CycleCalendar@CCalendarImpl@@IAE?AW4EContentImplStatus@@PAUIBaseLink@@W4EMenuItemId@@1_N@Z
?CycleContentTransfer@CMultimediaImplBase@@IAE?AW4EContentImplStatus@@XZ
?CycleDBExtract@CDataBaseImpl@@AAE?AW4EContentImplStatus@@W4EMenuItemId@@PAUIBaseLink@@1@Z
?CycleExtSIM@CPhoneBookSIMImpl@@IAE?AW4EContentImplStatus@@_N@Z
?CycleExtraInfoRead@CExtraInfoImpl@@IAE?AW4EContentImplStatus@@PAUIBaseLink@@W4EMenuItemId@@1_N@Z
?CycleExtraInfoWrite@CExtraInfoImpl@@IAE?AW4EContentImplStatus@@PAUIBaseLink@@W4EMenuItemId@@1@Z
?CycleMemDump@CStateMemoryDump@@MAEXW4EMenuItemId@@@Z
?CycleMessages@CMessagesImpl@@IAE?AW4EContentTypes@IContentImpl@@I_N@Z
?CyclePB@CPhoneBookImpl@@IAE?AW4EContentImplStatus@@_N@Z
?CycleSaveFile@CEvidencePhoneNative@@IAE?AW4eEvidence_status@1@ABU_evidence_file@@KAAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@1@Z
?DBExtract@CDataBaseImpl@@AAEXPAUIBaseLink@@0@Z
?DBExtractMock@CDataBaseImpl@@AAEXPAUIBaseLink@@0@Z
?DeleteAPK_DowngradeFolderOnSuccess@CStateMemoryDump@@IAEXXZ
?DeleteAllZipFiles@CStatFasade@Stat@@QAEXXZ
?DeleteTopWindow@?$State@UIState@@@@QAEXXZ
?Destroy@CDataSource@@SAXXZ
?DetectPhoneOSType@@YAXPAUIPhone@@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?Disconnect@CEEPROM@@IAE_NXZ
?Disconnect@CForensicReportHandler@@AAE_N_N@Z
?DisconnectCleanup@CPhoneBookImpl@@IAEX_N0@Z
?DisconnectCleanupSource@CCalendarImpl@@IAEX_NW4EMenuItemId@@0@Z
?DisconnectCleanupSource@CEISourceImpl@@EAEXW4EMenuItemId@@_N@Z
?DisconnectInternalSource@CEvidencePhoneNative@@IAEXXZ
?DisconnectInternalTarget@CEvidencePhoneNative@@IAEX_N@Z
?DisconnectSource@CEvidencePhoneNative@@QAEXXZ
?DisconnectTarget@CEvidencePhoneNative@@QAEXXZ
?DoClone@CStateCloneSimId@@IAEHXZ
?DoTransfer@CMultimediaImpl@@MAE?AW4EErrorCode@@PAUIBaseLink@@0AAW4eSide@@_N2@Z
?EnableBF4Transfer@CStateMemoryDump@@QAEX_N@Z
?EnableFeature@CStateMemoryDump@@IAE_NH@Z
?EnsureFileSize@CEEPROM@@IAE_NH@Z
?EraseAfterRestore@CStateReading@@IAEXXZ
?EraseStatFiles@CStatFasade@Stat@@SAXXZ
?ErrorExit@?$State@UIState@@@@UAEHW4StateErrorCode@@@Z
?EvaluateHelpHtmReplacement@CHelpProvider@@IAEPBGXZ
?ExcludeHugeFiles@CMultimediaImplBase@@AAEXPAVCFileStore@@_N@Z
?Execute@CStateRunAndroidInfo@@QAE?AW4ErrorCode@@XZ
?ExecuteAttackAndAction@CStateMemoryDump@@MAEXW4EMenuItemId@@@Z
?ExecuteMemDump@CStateMemoryDump@@MAEXXZ
?ExecuteTransMgr@CMultimediaImplBase@@IAE?AW4EErrorCode@@PAVCEndPoint@@KAAW4eSide@@_N2PAVICntModule@@@Z
?ExtractHandsetInfo@CExtraInfoImpl@@AAEX_N@Z
?ExtractSIMAfterPhoneQ@CStateReading@@IAE_NW4EMenuItemId@@0H@Z
?ExtractionIsCowGirl@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@0PAUIPhone@@@Z
?ExtractionResultCode@CStateMemoryDump@@QAE?AW4PhysicalExtractionResult@@XZ
?Filter4ClientName@CHelpProvider@@IAEXW4HelpCategoryId@GenesisHelp@@W4eSide@@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?FilterDeletedSMS@CStateReading@@IAEXXZ
?FinalActions@CSmartFlowState@@IAEXXZ
?FinalActions@CStateReading@@IAEHXZ
?FinalCleanup@CStateReading@@IAEXXZ
?Finalize@CContentImplBase@@UAE_NXZ
?Finalize@CForensicReportHandler@@UAEXXZ
?Finalize@CStatFasade@Stat@@QAE_NAA_N@Z
?Finalize@ChatCaptureManager@@UAE?AW4ErrorCode@@W42@@Z
?FinalizeCycle@CCycleContentImplBase@@UAEXW4EOperation@IContentImpl@@@Z
?FinalizeStatReport@CStateReading@@IAEXXZ
?FinishAttachmentManager@CStateReading@@MAEXXZ
?FinishBaro@CStateMemoryDump@@IAEXXZ
?FinishStatRecord@CStateCloneSimId@@IAE_NAA_N0@Z
?FinishStatRecord@CStateMemoryDump@@IAE_NAA_N0@Z
?FlagsConvert@CPrefixChange@@IAEKABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?FlushCachedData@CFileWrite@@QAE_NXZ
?FolderNameBuilder@CEvidencePhoneNative@@IAEXPAVCModuleInfo@@PAUIUserInteraction@@W4eEvidence_type@1@@Z
?FolderNameBuilder@CStateMemoryDump@@IAEXPAVCModuleInfo@@PAUIUserInteraction@@W4EMenuItemId@@@Z
?FolderNameBuilder@CStateReading@@QAEX_NPAVCModuleInfo@@PAUIUserInteraction@@0@Z
?ForceDisconnectTimeEstimation@CMultimediaImplBase@@AAEXPAVICntModule@@PAVCModuleInfo@@@Z
?FormatDateTime@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAU_SYSTEMTIME@@@Z
?GenerateHelp@CHelpProvider@@UAE_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@W4eSide@@@Z
?GenerateHelp@CHelpProvider@@UAE_NABVCHelpAttributes@@@Z
?GenerateHelp@CHelpProvider@@UAE_NW4EShowHelpFor@@W4HelpCategoryId@GenesisHelp@@W4eSide@@_N3W4EHelpSections@@4V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?GenerateKey@CProduceDeactivationKey@@QAEXXZ
?GetAltera@CEvidenceHelper@@UAEPAVCAltera@@XZ
?GetAltera@CStateReading@@MAEPAVCAltera@@XZ
?GetApplications@ChatCaptureManager@@UAE?AW4ErrorCode@@AAV?$vector@UApplicationInfo@@V?$allocator@UApplicationInfo@@@std@@@std@@@Z
?GetApplicationsContent@CEvidenceHelper@@UAEPAUApplicationsContent@NativeTypes@ApplicationsTbr@Interop@Cellebrite@@XZ
?GetApplicationsContent@CStateReading@@MAEPAUApplicationsContent@NativeTypes@ApplicationsTbr@Interop@Cellebrite@@XZ
?GetApplicationsInstallation@CEvidenceHelper@@UAEPAUApplicationsInstallation@NativeTypes@ApplicationsTbr@Interop@Cellebrite@@XZ
?GetApplicationsInstallation@CStateReading@@MAEPAUApplicationsInstallation@NativeTypes@ApplicationsTbr@Interop@Cellebrite@@XZ
?GetApropriateAbortString@CContentImplBase@@IAE?AVCStringArg@@XZ
?GetAttachmentManager@CEvidenceHelper@@UAEPAVIAttachmentManager@@XZ
?GetAttachmentManager@CStateReading@@MAEPAVIAttachmentManager@@XZ
?GetBackupName@CEvidenceHelper@@UAEPBGW4EMenuItemId@@@Z
?GetBackupName@CStateReading@@MAEPBGW4EMenuItemId@@@Z
?GetCalendar@CEvidenceHelper@@UAEPAVICalendar@@XZ
?GetCalendar@CStateReading@@MAEPAVICalendar@@XZ
?GetCalendarImplementator@CFunctions@@SAPBGPBG@Z
?GetCategoryTitle@CHelpProvider@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@W4HelpCategoryId@GenesisHelp@@@Z
?GetChangeSetNames@CPrefixChangeEx@@QAEABV?$vector@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$allocator@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@@std@@XZ
?GetChannel@CFunctions@@SAPBGPBGPAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@Z
?GetChatsList@ChatCaptureManager@@UAE?AW4ErrorCode@@V?$shared_ptr@UChatsListScanningConfig@@@std@@V?$shared_ptr@$$CBUIChatInfoCallback@@@4@@Z
?GetCompletedContentMask@CEvidenceHelper@@UAEI_N@Z
?GetCompletedContentMask@CStateReading@@MAEI_N@Z
?GetConnectLaterStuff@CStateReading@@QAEAAU_ConnectLaterStuff@1@XZ
?GetContentCountFailSpecificTitle@CCalendarImpl@@MAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?GetContentCountFailSpecificTitle@CContentImplBase@@MAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?GetContentCountFailSpecificTitle@CMessagesImpl@@MAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?GetContentCountFailSpecificTitle@CMultimediaImplBase@@EAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?GetContentCountFailSpecificTitle@CPhoneBookImpl@@MAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?GetContentCountFailSpecificTitle@CPhoneBookSIMImpl@@MAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?GetContentCountSide@CContentImplBase@@MAE?AW4eSide@@XZ
?GetContentFilterSource@CEvidenceHelper@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetContentFilterSource@CStateReading@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetContentFilterTarget@CEvidenceHelper@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetContentFilterTarget@CStateReading@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetCopyMemoryType@CFunctions@@SA?AW4CopyMemoryType@@PBG@Z
?GetDFUEnterEvent@CHelpProvider@@UAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@W4eSide@@@Z
?GetData@CEvidenceBlob@@QAEPAXXZ
?GetDataSourceInterface@CDataSource@@SAPAUIDataSource@@XZ
?GetDate@CDataSource@@SA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAU_SYSTEMTIME@@@Z
?GetDifSourceFrendlyName@CFunctions@@SA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAV23@@Z
?GetDisabledMemoryContentMask@CDataSource@@SA_KXZ
?GetDisabledMemoryContentMaskWeb@CDataSource@@SA_KXZ
?GetDisplay@CDataSource@@SAPAVIDisplay@LCDGraphics@@_N@Z
?GetDumperTarget@CEvidenceHelper@@UAEPAUIDumperTargetModule@@XZ
?GetDumperTarget@CStateReading@@MAEPAUIDumperTargetModule@@XZ
?GetEnglishString@CDataSource@@SA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V23@@Z
?GetErrorMessageId@CCalendarImpl@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIBaseCalendarLib@@@Z
?GetErrorMessageId@CDataBaseImpl@@AAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIBaseDumperModule@@@Z
?GetErrorMessageId@CEvidencePhoneNative@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIBaseEvidenceCollectionModule@@@Z
?GetErrorMessageId@CExtraInfoImpl@@AAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAVIBaseExtraInfoModule@@@Z
?GetErrorMessageId@CPhoneBookImpl@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIBasePhoneLib@@@Z
?GetErrorMessageId@CPhoneBookSIMImpl@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIBasePhoneLib@@@Z
?GetErrorMessageId@CStateMemoryDump@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@PAUIBaseDumperModule@@@Z
?GetEstimatedRawDataSize@CStatFasade@Stat@@QAEIXZ
?GetEthernetData@CDataSource@@SAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PAG@Z
?GetExtraInfoImplementator@CFunctions@@SAPBGPBG@Z
?GetExtracInfoCount@CExtraInfoImpl@@AAEIQBKI@Z
?GetFSSelectiveSupportByPhone@CStateMemoryDump@@QAEXPAUIPhone@@AAV?$vector@HV?$allocator@H@std@@@std@@@Z
?GetFailedContentMask@CEvidenceHelper@@UAEI_N@Z
?GetFailedContentMask@CStateReading@@MAEI_N@Z
?GetFamily@CEvidenceHelper@@UAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@_N@Z
?GetFamily@CStateReading@@MAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@_N@Z
?GetFileData@CStatFasade@Stat@@QAE_NPBGAAVCRawDataChunk@2@AAI@Z
?GetFilteredOutContentTypes@CStateReading@@QAE_KXZ
?GetFolderListInfo4FileDump@CFunctions@@CA_NPAUIPhone@@AAV?$map@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$vector@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$allocator@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@@2@U?$less@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$vector@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$allocator@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@@2@@std@@@2@@std@@PBG@Z
?GetFolderListInfo4FileDump@CFunctions@@SA_NPAUIPhone@@AAV?$map@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$vector@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$allocator@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@@2@U?$less@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$vector@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@V?$allocator@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@@2@@std@@@2@@std@@PBGK@Z
?GetFolderPrefix@CStateMemoryDump@@IAE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@W4EMenuItemId@@@Z
?GetFullExtract@ChatCaptureManager@@UAE?AW4ErrorCode@@V?$shared_ptr@$$CBUIChatCaptureCallback@@@std@@@Z
?GetGeneric@CEvidenceHelper@@UAEPAVIGenericStorage@@XZ
?GetGeneric@CStateReading@@MAEPAVIGenericStorage@@XZ
?GetHandsetInfo@CEvidenceHelper@@UAEPAUhandsetInfo@@_N@Z
?GetHandsetInfo@CStateReading@@MAEPAUhandsetInfo@@_N@Z
?GetHelp4Link@CHelpProvider@@IAE_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@W4eSide@@0AAV23@@Z

Sections

Size: 376KB - Virtual size: 965KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 87KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 42KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 376KB - Virtual size: 965KB

Size: 87KB - Virtual size: 347KB

Size: 3KB - Virtual size: 17KB

Size: 1024B - Virtual size: 1KB

Size: 42KB - Virtual size: 62KB

.edata Size: 81KB - Virtual size: 81KB

.idata Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.themida Size: - Virtual size: 3.9MB

.boot Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 16B - Virtual size: 4KB

.edata
Size: 81KB - Virtual size: 81KB

.idata
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.themida
Size: - Virtual size: 3.9MB

.boot
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 16B - Virtual size: 4KB