d:\프로그램개발\Dev\BSFaxMarking-2016-04-27-Ver2.0.0-Hwpctrl\Debug\BSFaxMarking.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
6569729aa4526fa856a4f9bf03e2795ff435de2f2456cf6830e3ba25feb32a2c_NeikiAnalytics.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
6569729aa4526fa856a4f9bf03e2795ff435de2f2456cf6830e3ba25feb32a2c_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
6569729aa4526fa856a4f9bf03e2795ff435de2f2456cf6830e3ba25feb32a2c_NeikiAnalytics.exe
-
Size
1.4MB
-
MD5
98b8788fb9b30f2c6d105b3727901870
-
SHA1
278c6ade0a3fd9d84e2861e2a6b0c23e8cb45937
-
SHA256
6569729aa4526fa856a4f9bf03e2795ff435de2f2456cf6830e3ba25feb32a2c
-
SHA512
4a0f26fb0f19d7a9a6a0ede44b71b31efc91be1b97dc932ed1b40a6ac0abae3ef92cd5c61edc06d4eef023ee1082951eafe4756a0094e423ce3ca58821061ecd
-
SSDEEP
24576:Iwo5QS3/DcGBui75m8hyNiGf2zOXgSHIrxcvNWWSZ3nkkTt:ITDc4u25hGbXxHIrxcvNiXk
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6569729aa4526fa856a4f9bf03e2795ff435de2f2456cf6830e3ba25feb32a2c_NeikiAnalytics.exe
Files
-
6569729aa4526fa856a4f9bf03e2795ff435de2f2456cf6830e3ba25feb32a2c_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
556e0f0f9dff8f45164089f38c5d393b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
gdiplus
GdipDeleteRegion
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipCreateRegion
GdipGetImageHorizontalResolution
GdipGetImageVerticalResolution
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipSaveImageToFile
GdipImageSelectActiveFrame
GdipGetClip
GdipDrawImageRectI
GdipFillRegion
GdipRotateWorldTransform
GdipDeleteGraphics
GdipFlush
GdipCreateFromHWNDICM
GdipCreateFromHWND
GdipAlloc
GdipGetImageHeight
GdiplusStartup
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipFree
lcppn
?GetLastModified@LNNote@@QBE?AVLNDatetime@@XZ
?Open@LNNote@@UAEKK@Z
?GetBody@LNMailMessage@@QBEKPAVLNRichText@@@Z
?GetYear@LNDatetime@@QBEKXZ
?GetMonth@LNDatetime@@QBEKXZ
?GetDay@LNDatetime@@QBEKXZ
?GetHour@LNDatetime@@QBEKXZ
?GetMinute@LNDatetime@@QBEKXZ
?GetSecond@LNDatetime@@QBEKXZ
?Remove@LNNoteArray@@UAEKABV1@@Z
?Remove@LNNoteArray@@UAEKK@Z
?Remove@LNNoteArray@@UAEKABVLNNote@@@Z
?RemoveAll@LNNoteArray@@UAEKXZ
??1LNVFPosition@@UAE@XZ
?DeleteAllObjects@LNObjectList@@QAEXXZ
?Free@LNVFFindKeys@@AAEXXZ
??1LNObjectList@@UAE@XZ
??0LNObjectList@@QAE@XZ
??0LNString@@QAE@XZ
??0LNVFNavigator@@QAE@XZ
?InitThread@LNNotesSession@@QAEKXZ
?Append@LNVFFindKeys@@QAEKABVLNString@@@Z
?Find@LNViewFolder@@QBEKABVLNVFFindKeys@@ABVLNVFFindOptions@@PAVLNVFEntry@@PAKPAVLNVFNavigator@@@Z
?TermThread@LNNotesSession@@QAEKXZ
??1LNItem@@QAE@XZ
?SetFlag@LNVFFindOptions@@AAEXGH@Z
??0LNNotesClass@@IAE@XZ
?CreateNoteBody@LNNote@@MAEKKKH@Z
?ValidateNoteType@LNViewFolder@@EBEXK@Z
?ValidateNoteType@LNViewFolder@@EBEXPBVLNNoteBody@@@Z
?ValidateNoteType@LNViewFolder@@EBEXABVLNNote@@@Z
?GetViewFolder@LNDatabase@@QAEKABVLNString@@PAVLNViewFolder@@@Z
?Open@LNViewFolder@@UAEKK@Z
?Find@LNViewFolder@@QBEKABVLNString@@ABVLNVFFindOptions@@PAVLNVFEntry@@PAKPAVLNVFNavigator@@@Z
?GetDocument@LNVFEntry@@QBEKPAVLNDocument@@@Z
??0LNDocument@@QAE@XZ
??0LNNote@@QAE@XZ
??1LNNote@@QAE@XZ
?GetNote@LNDatabase@@QAEKKPAVLNNote@@@Z
??4LNDocument@@QAEAAV0@ABV0@@Z
?Open@LNDocument@@UAEKK@Z
?Save@LNNote@@QAEKG@Z
?Close@LNNote@@UAEKXZ
??0LNDocument@@QAE@ABVLNNote@@K@Z
??0LNDocument@@QAE@ABV0@@Z
??1LNDocument@@QAE@XZ
?GetMailDatabase@LNNotesSession@@QAEKPAVLNDatabase@@@Z
?GetTitle@LNDatabase@@QAE?AVLNString@@XZ
?GetFilename@LNDatabase@@QBE?AVLNString@@XZ
?IsOpen@LNDatabase@@QBEHXZ
?Close@LNDatabase@@QAEKXZ
?GetDatabase@LNNotesSession@@QAEKABVLNString@@PAVLNDatabase@@0@Z
?LNSetThrowAllErrorsGlobal@@YAXH@Z
?Open@LNDatabase@@QAEKXZ
?GetUserNameText@LNNotesSession@@AAE?AVLNString@@XZ
?GetPlatformTextPtr@LNString@@QBEPBDXZ
?Term@LNNotesSession@@QAEKH@Z
?Initialize@LNNotesSession@@AAEKKHQAPADHPBD@Z
??0LNNotesSession@@QAE@XZ
??1LNNotesSession@@UAE@XZ
?LNDelete@@YAXPAX@Z
??1LNNotesClass@@UAE@XZ
?IsOnHeap@LNNotesClass@@UBEHXZ
?LNGetClassName@@YAPBDW4LNCLASSID@@H@Z
?Setup@LNString@@AAEXPBD@Z
?DeleteBody@LNSmartPtr@@UAEHXZ
?IsNull@LNString@@UBEHXZ
??0LNDatetime@@QAE@ABVLNString@@PAK@Z
??1LNString@@QAE@XZ
?GetDayOfWeek@LNDatetime@@QBE?AW4LNDAYOFWEEK@@XZ
??0LNDatetime@@QAE@ABV0@@Z
?GetDateSent@LNMailMessage@@QBEKPAVLNDatetime@@@Z
?AdjustDate@LNDatetime@@QAEKJJJ@Z
?GetSubject@LNMailMessage@@QBEKPAVLNText@@@Z
?GetRecipients@LNMailMessage@@ABEKW4LNRECIPIENTTYPE@@PAVLNText@@@Z
??1LNTextElement@@UAE@XZ
??4LNString@@QAEAAV0@ABV0@@Z
??0LNString@@QAE@ABV0@@Z
??BLNTextElement@@QBE?AVLNString@@XZ
??ALNText@@QBE?AVLNTextElement@@K@Z
?GetCount@LNText@@QBEKXZ
?Detach@LNNote@@QBEKABVLNString@@0@Z
?GetAttachmentName@LNAttachment@@QBE?AVLNString@@XZ
?GetCount@LNItemArray@@QBEKXZ
?GetAttachments@LNNote@@QBEKPAVLNAttachmentArray@@@Z
??0LNItemArray@@QAE@XZ
??1LNItemArray@@QAE@XZ
??0LNAttachment@@QAE@ABVLNItem@@@Z
??ALNItemArray@@QBE?AVLNItem@@K@Z
?GetColumnItem@LNVFEntry@@QBE?AVLNItem@@KH@Z
?LNGetErrorMessageText@@YAKKPADKH@Z
?GetColumnTitle@LNViewFolder@@QBE?AVLNString@@K@Z
?GetColumnCount@LNViewFolder@@QBEKXZ
?Find@LNViewFolder@@QBEKABVLNVFFindKeys@@PAVLNVFEntry@@PAKPAVLNVFNavigator@@@Z
?GetEntryCount@LNViewFolder@@QBEKXZ
?GetEntryCount@LNVFNavigator@@QBEKXZ
?FTSearch@LNViewFolder@@QBEKABVLNString@@PAVLNVFNavigator@@@Z
?Goto@LNVFNavigator@@AAEKW4LNNAVIGATION@@PAVLNVFEntry@@@Z
?GetText@LNUniversalID@@QBE?AVLNString@@XZ
??0LNUniversalID@@QAE@PBUUNIVERSALNOTEID_tag@@@Z
?Compare@LNDatetime@@ABEHABV1@@Z
??0LNDatetime@@QAE@XZ
?GetUniversalID@LNNote@@QBEPAUUNIVERSALNOTEID_tag@@XZ
?Send@LNDocument@@QBEKH@Z
?GetCurrentDatetime@LNNotesSession@@QBE?AVLNDatetime@@XZ
??4LNDatetime@@QAEAAV0@ABV0@@Z
?GetType@LNItem@@QBEKXZ
??1LNRTCursor@@QAE@XZ
??0LNRTCursor@@QAE@XZ
??1LNFontStyle@@QAE@XZ
?SetFontStyle@LNRichText@@UAEKABVLNRTCursor@@0ABVLNFontStyle@@K@Z
?Append@LNRichText@@QAEKABVLNString@@H@Z
?Delete@LNRichText@@QAEKPAVLNRTCursor@@0@Z
?GotoFirst@LNRTCursor@@QAEKW4LNRTTYPE@@PAVLNRTObject@@@Z
?GetEndCursor@LNRichText@@QBEKPAVLNRTCursor@@@Z
??0LNFontStyle@@QAE@XZ
?CreateItem@LNNote@@QBEKABVLNString@@PAVLNItem@@GW4LNITEMOPTION@@@Z
?SetPointSize@LNFontStyle@@QAEKK@Z
?GetNote@LNItem@@QBE?AVLNNote@@XZ
??4LNNote@@QAEAAV0@ABV0@@Z
?GetNoteID@LNNote@@QBEKXZ
?GetText@LNRichText@@QBEKPAVLNString@@PAVLNRTCursor@@@Z
??0LNRichText@@QAE@XZ
??4LNRichText@@QAEAAV0@ABV0@@Z
??1LNRichText@@QAE@XZ
?HasItem@LNNote@@QBEHABVLNString@@@Z
?GetItem@LNNote@@QBEKABVLNString@@PAVLNItem@@@Z
??4LNItem@@QAEAAV0@ABV0@@Z
?ValidateNoteType@LNDocument@@MBEXK@Z
?SetColor@LNFontStyle@@QAEKABVLNColor@@@Z
??0LNColor@@QAE@G@Z
?SetFaceID@LNFontStyle@@QAEKE@Z
?SetAttributes@LNFontStyle@@QAEKG@Z
?SetDefaults@LNFontStyle@@QAEKXZ
?CreateItem@LNNote@@QBEKABVLNString@@ABVLNItem@@GW4LNITEMOPTION@@PAV3@@Z
?DeleteItem@LNNote@@QBEKABVLNString@@@Z
?SetValue@LNText@@QAEKABVLNString@@H@Z
?SetValue@LNNumbers@@QAEKABN@Z
??6LNText@@QAEAAV0@ABVLNString@@@Z
?Insert@LNDatetimes@@QAEKKABVLNDatetime@@@Z
?GetDatetimeCount@LNDatetimes@@QBEKXZ
?SetDate@LNDatetime@@QAEKKKK@Z
?SetTime@LNDatetime@@QAEKKKKK@Z
?AdjustTime@LNDatetime@@QAEKJJJJ@Z
?ValidateNoteType@LNDocument@@MBEXPBVLNNoteBody@@@Z
?ValidateNoteType@LNDocument@@MBEXABVLNNote@@@Z
?GetFormNote@LNDocument@@ABEKPAVLNString@@@Z
?LNStringCompare@@YAJABVLNString@@0K@Z
?Assign@LNString@@AAEAAV1@PBD@Z
?Append@LNVFFindKeys@@QAEKABN@Z
?Goto@LNViewFolder@@ABEKW4LNNAVIGATION@@PAVLNVFEntry@@@Z
?GetNoteID@LNVFEntry@@QBEKXZ
?GetDocument@LNDatabase@@QAEKKPAVLNDocument@@@Z
?SetFormNote@LNDocument@@ABEKABVLNString@@@Z
?CreateDocument@LNDatabase@@QAEKPAVLNDocument@@@Z
??1LNNoteArray@@UAE@XZ
??0LNNoteArray@@QAE@XZ
?Add@LNNoteArray@@UAEKPAX@Z
?Add@LNNoteArray@@UAEKABVLNVFNavigator@@@Z
?Add@LNNoteArray@@UAEKABVLNViewFolder@@@Z
?Add@LNNoteArray@@UAEKABV1@@Z
?Add@LNNoteArray@@UAEKK@Z
?Add@LNNoteArray@@UAEKABVLNNote@@@Z
?Copy@LNNoteArray@@UBEKPAV1@@Z
?Contains@LNNoteArray@@UBEHK@Z
?Contains@LNNoteArray@@UBEHABVLNNote@@@Z
?Remove@LNNoteArray@@UAEKPAX@Z
??4LNText@@QAEAAV0@ABVLNItem@@@Z
?GetText@LNNumber@@QBEKPAVLNString@@@Z
??1LNNumbersElement@@UAE@XZ
??BLNNumbersElement@@QBENXZ
??ALNNumbers@@QBE?AVLNNumbersElement@@K@Z
?GetCount@LNNumbers@@QBEKXZ
??4LNNumbers@@QAEAAV0@ABVLNItem@@@Z
??1LNDatetimesElement@@UAE@XZ
??BLNDatetimesElement@@QBE?AVLNDatetime@@XZ
??ALNDatetimes@@QBE?AVLNDatetimesElement@@K@Z
?GetCount@LNDatetimes@@QBEKXZ
??4LNDatetimes@@QAEAAV0@ABVLNItem@@@Z
??1LNRTObject@@QAE@XZ
??1LNRTContainer@@QAE@XZ
??4LNRichText@@QAEAAV0@ABVLNItem@@@Z
??0LNRTContainer@@QAE@XZ
??0LNRTObject@@QAE@XZ
?HasAttachments@LNNote@@QBEHXZ
?Remove@LNNoteArray@@UAEKABVLNVFNavigator@@@Z
?GetSender@LNMailMessage@@QBEKPAVLNString@@@Z
?Remove@LNNoteArray@@UAEKABVLNViewFolder@@@Z
imm32
ImmReleaseContext
ImmGetContext
ImmGetConversionStatus
ImmSetConversionStatus
version
VerQueryValueA
mfc71d
ord2184
ord3291
ord3311
ord3292
ord3304
ord3281
ord3285
ord3287
ord3289
ord3279
ord7056
ord7058
ord6394
ord4670
ord4668
ord7618
ord928
ord4674
ord3648
ord8246
ord8475
ord1613
ord4650
ord1565
ord1569
ord893
ord7270
ord3507
ord4465
ord5289
ord7905
ord8703
ord4395
ord7851
ord8236
ord639
ord869
ord4629
ord1760
ord2893
ord4188
ord5968
ord6462
ord2154
ord2335
ord2345
ord7251
ord6092
ord6314
ord2331
ord2572
ord8449
ord8447
ord2560
ord2540
ord3320
ord7722
ord1880
ord1203
ord2654
ord2689
ord2690
ord5280
ord3977
ord3913
ord8527
ord8523
ord2723
ord8283
ord8455
ord8461
ord7520
ord1480
ord5874
ord7246
ord7607
ord5583
ord8702
ord5510
ord5936
ord2815
ord1694
ord4330
ord7009
ord6966
ord484
ord1784
ord2582
ord5989
ord5666
ord3373
ord7772
ord2965
ord2966
ord2639
ord7808
ord1423
ord4394
ord5793
ord871
ord432
ord641
ord747
ord5952
ord5964
ord1812
ord3004
ord6948
ord5506
ord2119
ord5632
ord3314
ord3315
ord4199
ord1199
ord6660
ord4146
ord5803
ord6783
ord6780
ord3652
ord2525
ord3089
ord4878
ord5060
ord1438
ord1589
ord8248
ord7873
ord6684
ord936
ord5053
ord5095
ord5663
ord5621
ord8675
ord5287
ord8673
ord6017
ord2700
ord2655
ord7576
ord5295
ord1346
ord6881
ord8607
ord7282
ord5321
ord2533
ord4122
ord7040
ord7042
ord5511
ord6274
ord7052
ord7017
ord7559
ord3516
ord3811
ord3980
ord5998
ord3788
ord3983
ord3519
ord3692
ord3511
ord5159
ord5160
ord5150
ord3690
ord5514
ord6182
ord5948
ord2902
ord1768
ord7691
ord4646
ord662
ord908
ord888
ord910
ord1440
ord8653
ord8430
ord701
ord7041
ord6901
ord360
ord1228
ord632
ord900
ord5656
ord8233
ord1499
ord1403
ord6983
ord5892
ord6476
ord6646
ord6286
ord2657
ord2256
ord2255
ord2112
ord2111
ord8123
ord2190
ord2187
ord5507
ord1927
ord5930
ord6952
ord2519
ord6849
ord8672
ord5864
ord7007
ord3005
ord1813
ord4783
ord6463
ord5969
ord2164
ord8200
ord1178
ord1183
ord1187
ord1185
ord1189
ord3299
ord3283
ord3302
ord3297
ord3274
ord3276
ord3294
ord3013
ord3003
ord2075
ord8676
ord5288
ord8674
ord4663
ord6738
ord1875
ord6976
ord2591
ord2233
ord2232
ord2163
ord7004
ord4007
ord6187
ord5949
ord2795
ord1680
ord4495
ord386
ord714
ord2645
ord6255
ord1493
ord3091
ord674
ord310
ord5059
ord4877
ord5197
ord6141
ord6140
ord6534
ord5884
ord6525
ord6082
ord6751
ord5850
ord5857
ord6293
ord6520
ord6080
ord6096
ord6094
ord6075
ord6078
ord6073
ord6618
ord6615
ord5556
ord8125
ord1928
ord6951
ord4662
ord1873
ord6975
ord2118
ord5960
ord695
ord699
ord929
ord348
ord358
ord316
ord430
ord3309
ord3310
ord3308
ord3307
ord859
ord2405
ord7008
ord7954
ord3704
ord3858
ord1693
ord2814
ord8397
ord1095
ord926
ord2034
ord4077
ord5226
ord303
ord3200
ord7668
ord1408
ord3411
ord4656
ord6877
ord2041
ord305
ord4124
ord8472
ord870
ord640
ord1123
ord3011
ord1817
ord7466
ord5716
ord2945
ord3350
ord7554
ord5477
ord887
ord661
ord5594
ord5766
ord831
ord564
ord1113
ord521
ord809
ord567
ord1157
ord2607
ord1798
ord522
ord2038
ord6173
ord6172
ord764
ord269
ord457
ord901
ord270
ord7018
ord4672
ord2681
ord5792
ord3477
ord8009
ord2127
ord8251
ord6692
ord5057
ord4862
ord6272
ord3651
ord3659
ord8630
ord2653
ord2688
ord6957
ord7585
ord1893
ord7376
ord3824
ord7476
ord5944
ord6607
ord6480
ord6446
ord2541
ord5905
ord4271
ord3853
ord8100
ord5532
ord8164
ord8348
ord6183
ord5951
ord400
ord725
ord7723
ord1547
ord5003
ord2344
ord367
ord5518
ord3321
ord5563
ord1687
ord2802
ord6351
ord6344
ord7510
ord4342
ord8252
ord8432
ord1363
ord2992
ord6387
ord5094
ord5851
ord5860
ord6297
ord6521
ord6619
ord6616
ord8126
ord1874
ord660
ord886
ord5580
ord4779
ord4671
ord1767
ord2901
ord8621
ord1364
ord740
ord4352
ord2658
ord420
ord6831
ord6268
ord6695
ord903
ord895
ord5941
ord5169
ord7748
ord3359
ord745
ord2319
ord426
ord5988
ord8219
ord7960
ord1070
ord1086
ord1213
ord7407
ord2896
ord1762
ord7698
ord4634
ord646
ord874
ord1153
ord6044
ord3599
ord4073
ord1442
ord5096
ord2214
ord2120
ord5922
ord2905
ord1771
ord4527
ord755
ord445
ord711
ord855
ord2593
ord7513
ord3956
ord2717
ord2767
ord4010
ord4814
ord2558
ord7642
ord2329
ord621
ord7581
ord1780
ord379
msvcr71d
time
localtime
__CxxFrameHandler
memcpy
srand
rand
abs
fclose
fputs
fopen
fflush
fprintf
sprintf
vsprintf
_CxxThrowException
atoi
_setmbcp
wcsncpy
wcslen
memcmp
realloc
_snwprintf
_vsnwprintf
_vsnprintf
_snprintf
_localtime64
_gmtime64
_mktime64
_time64
_unlink
_strupr
_purecall
strcpy
memset
strlen
_controlfp
_itoa
atol
atof
strcmp
malloc
free
wcscmp
sscanf
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
memmove
_CrtDbgReport
_resetstkoflw
_except_handler3
wcscpy
_CRT_RTC_INIT
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_ismbblead
_acmdln
tmpnam
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
kernel32
CreateFileMappingA
MapViewOfFile
GetSystemInfo
IsBadReadPtr
UnmapViewOfFile
VirtualAlloc
WaitForSingleObject
lstrcpynW
OutputDebugStringW
OutputDebugStringA
lstrcpyW
lstrcpyA
OpenEventA
SetEvent
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
GetCurrentThread
OpenFileMappingA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
CloseHandle
GetProcessHeap
HeapAlloc
HeapFree
ExitProcess
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
DebugBreak
RaiseException
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
WideCharToMultiByte
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
GetVersion
GetEnvironmentVariableW
CreateThread
TerminateThread
FindFirstFileA
MultiByteToWideChar
GetSystemTime
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetLastError
LocalFree
FormatMessageA
GetTempPathA
GetTempFileNameA
CreateFileA
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetUserDefaultLangID
FreeResource
WinExec
GetLocalTime
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
InterlockedIncrement
user32
GetSysColor
ReleaseCapture
SendMessageA
FindWindowA
PostMessageA
IsWindow
FindWindowExA
GetClientRect
ShowScrollBar
SetScrollPos
GetKeyState
SetScrollInfo
MessageBoxA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
DefWindowProcA
RegisterClassA
UnregisterClassA
GetSystemMetrics
SetFocus
SetWindowLongA
EmptyClipboard
SetClipboardData
CloseClipboard
GetAsyncKeyState
SetScrollRange
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
PeekMessageA
MsgWaitForMultipleObjects
gdi32
GetStockObject
shell32
SHFileOperationA
ole32
StringFromGUID2
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
oleaut32
SysFreeString
VariantInit
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
msvcp71d
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
wininet
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile
ws2_32
WSACleanup
gethostbyname
gethostname
WSAStartup
inet_ntoa
advapi32
RevertToSelf
OpenThreadToken
SetThreadToken
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 160KB - Virtual size: 157KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 104KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 56KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ