217ffe5a78fa9806498463f3befd9ee5a97e48d8cb5629ce03cca6077d761e2f

Sharing

Copy URL Twitter E-mail

General

Target

217ffe5a78fa9806498463f3befd9ee5a97e48d8cb5629ce03cca6077d761e2f
Size

748KB
MD5

59b890695ff8c172337fa96bcc0e2799
SHA1

da213f20ce5d364b09d39b34b6aa5606e3217265
SHA256

217ffe5a78fa9806498463f3befd9ee5a97e48d8cb5629ce03cca6077d761e2f
SHA512

6bbae842cae835b2221676436964009ac2628e3caf68f23a31b9114e7b1f167a00c57f67be2c80a9dc266125a2d169852fcb79b2cbb3bc69ad312f13d95daa42
SSDEEP

12288:PKBEPV/MQGC+jGlVzsPQ52uSLmR9LBXvAeYcf9X+GMY0Go9RpeqzV:PKBEPVkQGC+jGXz4kfcmRxBXvAe5f9Ih

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
217ffe5a78fa9806498463f3befd9ee5a97e48d8cb5629ce03cca6077d761e2f

Files

217ffe5a78fa9806498463f3befd9ee5a97e48d8cb5629ce03cca6077d761e2f
.dll windows:10 windows x64 arch:x64

3be703fc5aeedb69dab4c398e468abb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

configmanager2.pdb

Imports

msvcp110_win

??Bid@locale@std@@QEAA_KXZ
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?pbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Add_vtordisp1@?$basic_ios@GU?$char_traits@G@std@@@std@@UEAAXXZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Add_vtordisp2@?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAAXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?endl@std@@YAAEAV?$basic_ostream@GU?$char_traits@G@std@@@1@AEAV21@@Z
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA_N_N@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?_Add_vtordisp1@?$basic_istream@GU?$char_traits@G@std@@@std@@UEAAXXZ
??Bios_base@std@@QEBAPEAXXZ
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
?_Add_vtordisp2@?$basic_ios@GU?$char_traits@G@std@@@std@@UEAAXXZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Orphan_all@_Container_base12@std@@QEAAXXZ
??1_Container_base12@std@@QEAA@XZ
??0_Container_base12@std@@QEAA@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBGHH@Z
?_Getcat@?$codecvt@DDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDH@std@@QEBAHAEAHPEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?in@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UEAAXXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Swap_all@_Container_base0@std@@QEAAXAEAU12@@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
??0id@locale@std@@QEAA@_K@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?good@ios_base@std@@QEBA_NXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

msvcrt

fsetpos
ungetc
setvbuf
fgetpos
fwrite
fgetc
fclose
fflush
fputc
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
swprintf_s
sprintf_s
strrchr
strtol
_set_errno
strncpy_s
strchr
memset
memmove
memcpy
memcmp
_CxxThrowException
_fseeki64
??3@YAXPEAX@Z
realloc
__CxxFrameHandler3
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
towlower
free
malloc
wcsncpy_s
wcschr
_errno
wcstoul
wcsstr
wcsnlen
_wtoi
_wcsicmp
memmove_s
__C_specific_handler
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_purecall
memcpy_s
_vsnwprintf
??_V@YAXPEAX@Z
__CxxFrameHandler4
wcscmp

api-ms-win-core-libraryloader-l1-2-0

FindStringOrdinal
GetModuleFileNameA
GetProcAddress
LoadLibraryExW
GetModuleHandleExW
GetModuleHandleExA
FreeLibrary
GetModuleFileNameW
SizeofResource
LoadResource
DisableThreadLibraryCalls
GetModuleHandleW
FindResourceExW

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
OpenProcessToken

api-ms-win-core-localization-l1-2-0

FormatMessageW

oleaut32

SafeArrayUnaccessData
SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayUnlock
SafeArrayAccessData
SafeArrayCreate
SysFreeString
SafeArrayLock
SafeArrayGetLBound
SysStringLen
VariantInit
VariantClear
VariantCopy
VarUI4FromStr
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
VariantChangeTypeEx
SysAllocString

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
OutputDebugStringA
DebugBreak

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventSetInformation
EventWriteTransfer
EventRegister
EventActivityIdControl

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
InitializeCriticalSection
OpenSemaphoreW
WaitForSingleObject
ReleaseMutex
AcquireSRWLockShared
AcquireSRWLockExclusive
CreateSemaphoreExW
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
SetEvent
OpenEventW
ReleaseSRWLockShared
OpenMutexW
ReleaseSRWLockExclusive
WaitForSingleObjectEx
CreateMutexExW

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
RaiseException
GetLastError
UnhandledExceptionFilter
SetLastError

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalFree
LocalAlloc
LocalReAlloc
GlobalAlloc

api-ms-win-core-com-l1-1-0

CoRevertToSelf
StringFromGUID2
CoTaskMemRealloc
CLSIDFromString
CoCreateInstance
GetHGlobalFromStream
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer

rpcrt4

RpcBindingBind
UuidCreate
NdrClientCall3
UuidFromStringW
RpcBindingFree
I_RpcExceptionFilter
RpcBindingCreateW

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetTickCount64
GetSystemTime
GetSystemTimeAsFileTime

api-ms-win-core-file-l1-1-0

GetTempFileNameW
DeleteFileW
CreateFileW
WriteFile
CreateDirectoryW
SetFilePointer
ReadFile
GetFileAttributesW

api-ms-win-core-string-l2-1-0

CharLowerW
CharNextW

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegDeleteTreeW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegGetValueW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
Sleep
SleepConditionVariableSRW
InitOnceComplete
InitOnceBeginInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock

dmcmnutils

SafeMultiByteToWideChar
MBToUnicode
Hash_Create
Hash_Destroy
OmaDmRegistryGetDWORD
DmIsRunningInSystemContext
Hash_Get
Hash_Insert
Hash_EnumCallback
InvStrCmpIW
DmRevertToSelf
DmImpersonate
SafeStringToDword
InvStrCmpNIW
OmaDmRegistrySetBinary
OmaDmRegistrySetString
OmDmRegistryAllocAndGetString
OmaDmRegistryGetAllSubKeys
UnicodeToMB
DmGetEnrollmentTypeName
DmIsSystemOrUserIsAdmin
DmGetActiveUserSid
CopyString
BigStrcat
OmaDmRegistrySetDWORD
InvStrCmpW
Hash_DestroyCallback
SafeWideCharToMultiByte

dmiso8601utils

ISO8601StringToSystemTime

dmoleaututils

ReadVariantFromStream
MultiStringToSafeArray
Base64StrToSafeArray
WriteVariantToStream
WriteBSTRToStreamEx
ReadVariantFromStreamEx
ReadBSTRFromStreamEx
WriteVariantToStreamEx

enterpriseresourcemanager

EnterpriseResourceManagerStore_DeleteResource
EnterpriseResourceManagerStore_IsResourceProvisioned
EnterpriseResourceManagerStore_DeleteTrackedResourcesForEnrollment
EnterpriseResourceManagerStore_NormalizeURI
EnterpriseResourceManagerStore_GenerateWmiResourcePath
EnterpriseResourceManagerStore_ReplaceResourceNodePath
EnterpriseResourceManager_ScopeData_IsValid

dmenrollengine

GetEnrollmentLinkedEnrollmentId
GetEnrollmentType
GetFirstEnrollmentGuidOfTypes
GetEnrollmentState
ord10

ntdll

NtDeleteWnfStateName
NtCreateWnfStateName
RtlNtStatusToDosErrorNoTeb
RtlIsStateSeparationEnabled

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrStrIW

api-ms-win-service-management-l2-1-0

QueryServiceConfigW
ChangeServiceConfigW
QueryServiceStatusEx

api-ms-win-service-management-l1-1-0

CloseServiceHandle
StartServiceW
OpenSCManagerW
OpenServiceW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

xmllite

CreateXmlReaderInputWithEncodingName
CreateXmlReader

api-ms-win-shcore-stream-l1-1-0

SHCreateMemStream

api-ms-win-core-timezone-l1-1-0

SystemTimeToTzSpecificLocalTime

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

umpdc

Pdcv2ActivationClientRegister
Pdcv2ActivationClientDeactivate
Pdcv2ActivationClientRenewActivation
Pdcv2ActivationClientUnregister
Pdcv2ActivationClientActivate

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteStringBuffer
WindowsDeleteString
WindowsPromoteStringBuffer
WindowsPreallocateStringBuffer
WindowsGetStringRawBuffer

api-ms-win-core-path-l1-1-0

PathAllocCombine
PathCchAppend
PathCchSkipRoot

api-ms-win-core-firmware-l1-1-0

GetFirmwareEnvironmentVariableW
SetFirmwareEnvironmentVariableW

api-ms-win-security-base-l1-1-0

AdjustTokenPrivileges

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

CmLockSvcDeinit
CmLockSvcInit
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 532KB - Virtual size: 529KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3be703fc5aeedb69dab4c398e468abb3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp110_win

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

oleaut32

api-ms-win-core-debug-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-threadpool-l1-2-0

rpcrt4

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-string-l2-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-heap-obsolete-l1-1-0

dmcmnutils

dmiso8601utils

dmoleaututils

enterpriseresourcemanager

dmenrollengine

ntdll

api-ms-win-core-shlwapi-obsolete-l1-1-0

api-ms-win-service-management-l2-1-0

api-ms-win-service-management-l1-1-0

api-ms-win-core-registry-l2-1-0

xmllite

api-ms-win-shcore-stream-l1-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-security-sddl-l1-1-0

umpdc

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-path-l1-1-0

api-ms-win-core-firmware-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-security-lsalookup-l2-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 532KB - Virtual size: 529KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 24KB - Virtual size: 23KB

.didat Size: 4KB - Virtual size: 208B

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 532KB - Virtual size: 529KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 24KB - Virtual size: 23KB

.didat
Size: 4KB - Virtual size: 208B

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 4KB - Virtual size: 2KB