Khorvie TR[.]zip

Resubmissions

29/06/2024, 02:47

240629-daagtszakd 7

Sharing

Copy URL Twitter E-mail

General

Target

Khorvie TR.zip
Size

9.2MB
MD5

6509d8c118b7abead8b8851fcb2ed357
SHA1

9fa35d32f72780098167a24e2647b1f7c0b75379
SHA256

0625905030c0c5998225f261cca39fd169216de8542c1e1e6ad34c9f1192b362
SHA512

e86c29fd52d3e835635a3f7b7a4df719f7b31a08dfd5c4defd02fbc7678a7a23c4be47b7bd1d7f6bc230a3a8c638237e21f249443f4998586ddf551d722f2543
SSDEEP

196608:jqx+qSjalEts4a2VlGWGwFC3R0QXFPxIe8DsGwvE25qkbeQ6zOjmg:jqwK4s4ZEvwYzVPae+zK

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Amit Timer Res/2 program/MeasureSleep.exe
unpack001/Amit Timer Res/2 program/SetTimerResolution.exe
unpack001/Amit Timer Res/3 powershell/Prime95/libgmp-gw1.dll
unpack001/Amit Timer Res/3 powershell/Prime95/libhwloc-15.dll
unpack001/Amit Timer Res/3 powershell/Prime95/prime95.exe

Files

Khorvie TR.zip
.zip
Amit Timer Res/1 fix/1.reg
Amit Timer Res/2 program/MeasureSleep.exe
.exe windows:6 windows x64 arch:x64

11f2665eaaaf2de7cb4e3312fbfeab4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\TimerResolution\TimerResolution\MeasureSleep\x64\Release\MeasureSleep.pdb

Imports

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
NtQueryTimerResolution
RtlVirtualUnwind

kernel32

Sleep
SetPriorityClass
CloseHandle
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceFrequency
GetCurrentProcess
GetModuleHandleW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter

advapi32

GetTokenInformation
OpenProcessToken

msvcp140

?_Xbad_function_call@std@@YAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?in_avail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xout_of_range@std@@YAXPEBD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?good@ios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xbad_alloc@std@@YAXXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exceptions@std@@YAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??Bid@locale@std@@QEAA_KXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
_CxxThrowException
__std_exception_destroy
__std_exception_copy
_purecall
memmove
__std_terminate
__current_exception
memcpy
__current_exception_context
memcmp
memchr
__C_specific_handler

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-string-l1-1-0

isspace

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_crt_atexit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
_get_initial_narrow_environment
__p___argv
terminate
_c_exit
_seh_filter_exe
_set_app_type
_configure_narrow_argv
_cexit
_initterm
__p___argc
_initterm_e
_exit
exit
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

pow
sqrt
__setusermatherr
ceilf

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Amit Timer Res/2 program/SetTimerResolution.exe
.exe windows:6 windows x64 arch:x64

c1c671ec492bcf13ef9a966821b522cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\TimerResolution\TimerResolution\SetTimerResolution\x64\Release\SetTimerResolution.pdb

Imports

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
NtQueryTimerResolution
NtSetTimerResolution

kernel32

GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
FreeConsole
LoadLibraryW
GetProcAddress
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess

msvcp140

?_Xbad_function_call@std@@YAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?in_avail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xout_of_range@std@@YAXPEBD@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?good@ios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??Bid@locale@std@@QEAA_KXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
memmove
memcpy
_CxxThrowException
memcmp
memchr
__std_exception_destroy
__std_exception_copy
__C_specific_handler
__current_exception_context
__current_exception
_purecall
__std_terminate

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
_callnewh
malloc

api-ms-win-crt-string-l1-1-0

isspace

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_c_exit
_cexit
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
__p___argv
terminate
_initterm
_seh_filter_exe
__p___argc
_initterm_e
_exit
exit
_set_app_type

api-ms-win-crt-math-l1-1-0

__setusermatherr
ceilf

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Amit Timer Res/2 program/bench.ps1
.ps1
Amit Timer Res/3 powershell/Prime95/libcurl-x64.dll
.dll windows:6 windows x64 arch:x64

76b44a61d1fa1791259b77cf5efbfa43

Code Sign

0f:07:dd:d7:18:7f:eb:e5:92:aa:9d:cb:35:81:8f:8a:94:06:ac:9d
Certificate

Issuer

CN=curl-for-win Root CA 2021

Not Before

17/01/2021, 22:40

Not After

17/01/2024, 22:40

Subject

CN=curl-for-win Code Signing Authority

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:08:26:c5:81:9f:76:fc:32:01:f2:dc:10:c9:a7:1e:73:c5:71:25
Certificate

Issuer

CN=curl-for-win Root CA 2021

Not Before

17/01/2021, 22:40

Not After

17/01/2026, 22:40

Subject

CN=curl-for-win Root CA 2021

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a6:1a:d1:e7:94:df:30:bc:95:92:2b:1c:38:1f:f5:f9:e2:e3:3b:6f:03:23:9c:ad:dd:e9:c0:67:f4:09:bf:5b:d8:e9:ad:53:ea:3b:fc:ab:71:5a:0a:4a:05:43:4e:cd:5f:0c:88:27:15:59:a9:d0:63:bc:31:15:b3:7f:e9:23
Signer

Actual PE Digest

a6:1a:d1:e7:94:df:30:bc:95:92:2b:1c:38:1f:f5:f9:e2:e3:3b:6f:03:23:9c:ad:dd:e9:c0:67:f4:09:bf:5b:d8:e9:ad:53:ea:3b:fc:ab:71:5a:0a:4a:05:43:4e:cd:5f:0c:88:27:15:59:a9:d0:63:bc:31:15:b3:7f:e9:23

Digest Algorithm

sha512

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext

bcrypt

BCryptGenRandom

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertGetNameStringA
CertOpenStore
CertOpenSystemStoreA
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryA
PFXImportCertStore

kernel32

AcquireSRWLockExclusive
CancelIo
CloseHandle
CompareFileTime
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
FormatMessageW
FreeLibrary
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesA
GetFileSizeEx
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOverlappedResult
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetTickCount64
GetTimeZoneInformation
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MoveFileExA
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
RtlVirtualUnwind
SetConsoleMode
SetHandleInformation
SetLastError
Sleep
SleepEx
TerminateProcess
TlsGetValue
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeA
WideCharToMultiByte
WriteFile

normaliz

IdnToAscii
IdnToUnicode

api-ms-win-crt-convert-l1-1-0

atoi
mbrtowc
strtol
strtoll
strtoul
strtoull
wcrtomb
wcstombs

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
getenv

api-ms-win-crt-filesystem-l1-1-0

_access
_findclose
_findfirst64
_findnext64
_fstat64
_fullpath
_lock_file
_stat64
_unlock_file
_unlink

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-math-l1-1-0

_fdopen

api-ms-win-crt-private-l1-1-0

memchr
memcmp
memcpy
memmove
strchr
strrchr
strstr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__sys_errlist
__sys_nerr
_assert
_beginthreadex
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort
exit
strerror

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
_fileno
_fseeki64
_get_osfhandle
_lseeki64
_write
fclose
feof
ferror
fflush
fgets
fopen
fputc
fputs
fread
fseek
ftell
fwrite
getc
rewind
setvbuf
ungetc
_write
_read
_open
_open
_fileno
_close

api-ms-win-crt-string-l1-1-0

_strnicmp
isalnum
isspace
isxdigit
mbrlen
memset
strcmp
strcpy
strcspn
strlen
strncmp
strncpy
strpbrk
strspn
tolower
wcslen
_stricmp
_strdup

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_difftime64
_gmtime64
_time64
_tzset
strftime

api-ms-win-crt-utility-l1-1-0

_byteswap_uint64
qsort

user32

FindWindowA
SendMessageA

wldap32

ber_free
ldap_bind_s
ldap_err2string
ldap_first_attribute
ldap_first_entry
ldap_get_dn
ldap_get_values_len
ldap_init
ldap_memfree
ldap_msgfree
ldap_next_attribute
ldap_next_entry
ldap_search_s
ldap_set_option
ldap_simple_bind_s
ldap_sslinit
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSAResetEvent
WSASetEvent
WSASetLastError
WSAStartup
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_header
curl_easy_init
curl_easy_nextheader
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_global_trace
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_get_handles
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_url_strerror
curl_version
curl_version_info
curl_ws_meta
curl_ws_recv
curl_ws_send

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 712KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Amit Timer Res/3 powershell/Prime95/libgmp-gw1.dll
.dll windows:4 windows x64 arch:x64

8c7592704133eab82dcbffc35f77efa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
ferror
fgetc
fprintf
fputc
fread
free
fscanf
fwrite
getc
islower
isspace
isxdigit
localeconv
malloc
memcpy
memmove
memset
printf
putc
putchar
puts
raise
realloc
sprintf
sscanf
strchr
strlen
strncmp
strstr
strtol
ungetc
vfprintf
vsprintf

Exports

Exports

__gmp_0
__gmp_allocate_func
__gmp_asprintf
__gmp_asprintf_final
__gmp_asprintf_funs
__gmp_asprintf_memory
__gmp_asprintf_reps
__gmp_assert_fail
__gmp_assert_header
__gmp_binvert_limb_table
__gmp_bits_per_limb
__gmp_default_allocate
__gmp_default_fp_limb_precision
__gmp_default_free
__gmp_default_reallocate
__gmp_digit_value_tab
__gmp_divide_by_zero
__gmp_doprnt
__gmp_doprnt_integer
__gmp_doprnt_mpf2
__gmp_doscan
__gmp_errno
__gmp_exception
__gmp_extract_double
__gmp_fac2cnt_table
__gmp_fib_table
__gmp_fprintf
__gmp_fprintf_funs
__gmp_free_func
__gmp_fscanf
__gmp_fscanf_funs
__gmp_get_memory_functions
__gmp_init_primesieve
__gmp_invalid_operation
__gmp_jacobi_table
__gmp_junk
__gmp_limbroots_table
__gmp_mt_recalc_buffer
__gmp_nextprime
__gmp_odd2fac_table
__gmp_oddfac_table
__gmp_primesieve
__gmp_printf
__gmp_randclear
__gmp_randclear_mt
__gmp_randget_mt
__gmp_randinit
__gmp_randinit_default
__gmp_randinit_lc_2exp
__gmp_randinit_lc_2exp_size
__gmp_randinit_mt
__gmp_randinit_mt_noseed
__gmp_randinit_set
__gmp_randiset_mt
__gmp_rands
__gmp_rands_initialized
__gmp_randseed
__gmp_randseed_ui
__gmp_reallocate_func
__gmp_replacement_vsnprintf
__gmp_scanf
__gmp_set_memory_functions
__gmp_snprintf
__gmp_snprintf_funs
__gmp_sprintf
__gmp_sprintf_funs
__gmp_sqrt_of_negative
__gmp_sscanf
__gmp_sscanf_funs
__gmp_tmp_reentrant_alloc
__gmp_tmp_reentrant_free
__gmp_urandomb_ui
__gmp_urandomm_ui
__gmp_vasprintf
__gmp_version
__gmp_vfprintf
__gmp_vfscanf
__gmp_vprintf
__gmp_vscanf
__gmp_vsnprintf
__gmp_vsprintf
__gmp_vsscanf
__gmpf_abs
__gmpf_add
__gmpf_add_ui
__gmpf_ceil
__gmpf_clear
__gmpf_clears
__gmpf_cmp
__gmpf_cmp_d
__gmpf_cmp_si
__gmpf_cmp_ui
__gmpf_cmp_z
__gmpf_div
__gmpf_div_2exp
__gmpf_div_ui
__gmpf_dump
__gmpf_eq
__gmpf_fits_sint_p
__gmpf_fits_slong_p
__gmpf_fits_sshort_p
__gmpf_fits_uint_p
__gmpf_fits_ulong_p
__gmpf_fits_ushort_p
__gmpf_floor
__gmpf_get_d
__gmpf_get_d_2exp
__gmpf_get_default_prec
__gmpf_get_prec
__gmpf_get_si
__gmpf_get_str
__gmpf_get_ui
__gmpf_init
__gmpf_init2
__gmpf_init_set
__gmpf_init_set_d
__gmpf_init_set_si
__gmpf_init_set_str
__gmpf_init_set_ui
__gmpf_inits
__gmpf_inp_str
__gmpf_integer_p
__gmpf_mul
__gmpf_mul_2exp
__gmpf_mul_ui
__gmpf_neg
__gmpf_out_str
__gmpf_pow_ui
__gmpf_random2
__gmpf_reldiff
__gmpf_set
__gmpf_set_d
__gmpf_set_default_prec
__gmpf_set_prec
__gmpf_set_prec_raw
__gmpf_set_q
__gmpf_set_si
__gmpf_set_str
__gmpf_set_ui
__gmpf_set_z
__gmpf_size
__gmpf_sqrt
__gmpf_sqrt_ui
__gmpf_sub
__gmpf_sub_ui
__gmpf_swap
__gmpf_trunc
__gmpf_ui_div
__gmpf_ui_sub
__gmpf_urandomb
__gmpn_add
__gmpn_add_1
__gmpn_add_err1_n
__gmpn_add_err2_n
__gmpn_add_err3_n
__gmpn_add_n
__gmpn_add_n_atom
__gmpn_add_n_bd1
__gmpn_add_n_bt1
__gmpn_add_n_core2
__gmpn_add_n_coreihwl
__gmpn_add_n_coreisbr
__gmpn_add_n_goldmont
__gmpn_add_n_init
__gmpn_add_n_pentium4
__gmpn_add_n_silvermont
__gmpn_add_n_sub_n
__gmpn_add_n_x86_64
__gmpn_add_nc_atom
__gmpn_add_nc_bd1
__gmpn_add_nc_bt1
__gmpn_add_nc_core2
__gmpn_add_nc_coreihwl
__gmpn_add_nc_coreisbr
__gmpn_add_nc_goldmont
__gmpn_add_nc_pentium4
__gmpn_add_nc_silvermont
__gmpn_add_nc_x86_64
__gmpn_addlsh1_n
__gmpn_addlsh1_n_atom
__gmpn_addlsh1_n_bd1
__gmpn_addlsh1_n_core2
__gmpn_addlsh1_n_coreisbr
__gmpn_addlsh1_n_init
__gmpn_addlsh1_n_pentium4
__gmpn_addlsh1_n_silvermont
__gmpn_addlsh1_n_x86_64
__gmpn_addlsh1_n_zen
__gmpn_addlsh1_nc_atom
__gmpn_addlsh1_nc_bd1
__gmpn_addlsh1_nc_coreisbr
__gmpn_addlsh1_nc_zen
__gmpn_addlsh2_n
__gmpn_addlsh2_n_atom
__gmpn_addlsh2_n_core2
__gmpn_addlsh2_n_coreisbr
__gmpn_addlsh2_n_init
__gmpn_addlsh2_n_pentium4
__gmpn_addlsh2_n_silvermont
__gmpn_addlsh2_n_x86_64
__gmpn_addlsh2_nc_coreisbr
__gmpn_addlsh_n
__gmpn_addmul_1
__gmpn_addmul_1_atom
__gmpn_addmul_1_bd1
__gmpn_addmul_1_bt1
__gmpn_addmul_1_core2
__gmpn_addmul_1_coreibwl
__gmpn_addmul_1_coreihwl
__gmpn_addmul_1_coreinhm
__gmpn_addmul_1_coreisbr
__gmpn_addmul_1_goldmont
__gmpn_addmul_1_init
__gmpn_addmul_1_pentium4
__gmpn_addmul_1_silvermont
__gmpn_addmul_1_x86_64
__gmpn_addmul_1_zen
__gmpn_addmul_1c_core2
__gmpn_addmul_1c_silvermont
__gmpn_addmul_2
__gmpn_addmul_2_atom
__gmpn_addmul_2_bd1
__gmpn_addmul_2_coreihwl
__gmpn_addmul_2_coreisbr
__gmpn_addmul_2_fat
__gmpn_addmul_2_init
__gmpn_addmul_2_k8
__gmpn_addmul_2_pentium4
__gmpn_and_n
__gmpn_andn_n
__gmpn_bases
__gmpn_bc_mulmod_bnm1
__gmpn_bc_set_str
__gmpn_bdiv_dbm1c
__gmpn_bdiv_dbm1c_init
__gmpn_bdiv_dbm1c_x86_64
__gmpn_bdiv_q
__gmpn_bdiv_q_1
__gmpn_bdiv_q_itch
__gmpn_bdiv_qr
__gmpn_bdiv_qr_itch
__gmpn_binvert
__gmpn_binvert_itch
__gmpn_broot
__gmpn_broot_invm1
__gmpn_brootinv
__gmpn_bsqrt
__gmpn_bsqrtinv
__gmpn_cmp
__gmpn_cnd_add_n
__gmpn_cnd_add_n_atom
__gmpn_cnd_add_n_coreisbr
__gmpn_cnd_add_n_init
__gmpn_cnd_add_n_x86_64
__gmpn_cnd_sub_n
__gmpn_cnd_sub_n_atom
__gmpn_cnd_sub_n_coreisbr
__gmpn_cnd_sub_n_init
__gmpn_cnd_sub_n_x86_64
__gmpn_cnd_swap
__gmpn_com
__gmpn_com_atom
__gmpn_com_bd1
__gmpn_com_bt2
__gmpn_com_core2
__gmpn_com_init
__gmpn_com_x86_64
__gmpn_com_zen
__gmpn_compute_powtab
__gmpn_copyd
__gmpn_copyd_atom
__gmpn_copyd_bd1
__gmpn_copyd_bt1
__gmpn_copyd_bt2
__gmpn_copyd_core2
__gmpn_copyd_init
__gmpn_copyd_nano
__gmpn_copyd_x86_64
__gmpn_copyd_zen
__gmpn_copyi
__gmpn_copyi_atom
__gmpn_copyi_bd1
__gmpn_copyi_bt1
__gmpn_copyi_bt2
__gmpn_copyi_core2
__gmpn_copyi_init
__gmpn_copyi_nano
__gmpn_copyi_x86_64
__gmpn_copyi_zen
__gmpn_cpuid
__gmpn_cpuvec
__gmpn_cpuvec_init
__gmpn_cpuvec_initialized
__gmpn_dc_set_str
__gmpn_dcpi1_bdiv_q
__gmpn_dcpi1_bdiv_qr
__gmpn_dcpi1_bdiv_qr_n
__gmpn_dcpi1_bdiv_qr_n_itch
__gmpn_dcpi1_div_q
__gmpn_dcpi1_div_qr
__gmpn_dcpi1_div_qr_n
__gmpn_dcpi1_divappr_q
__gmpn_div_q
__gmpn_div_qr_1
__gmpn_div_qr_1n_pi1
__gmpn_div_qr_2
__gmpn_div_qr_2n_pi1
__gmpn_div_qr_2u_pi1
__gmpn_divexact
__gmpn_divexact_1
__gmpn_divexact_1_atom
__gmpn_divexact_1_init
__gmpn_divexact_1_nano
__gmpn_divexact_1_x86_64
__gmpn_divexact_by3
__gmpn_divexact_by3c
__gmpn_divisible_p
__gmpn_divmod_1
__gmpn_divrem
__gmpn_divrem_1
__gmpn_divrem_1_core2
__gmpn_divrem_1_coreisbr
__gmpn_divrem_1_init
__gmpn_divrem_1_x86_64
__gmpn_divrem_2
__gmpn_dump
__gmpn_fft_best_k
__gmpn_fft_next_size
__gmpn_fib2_ui
__gmpn_fib2m
__gmpn_gcd
__gmpn_gcd_1
__gmpn_gcd_11
__gmpn_gcd_11_bd1
__gmpn_gcd_11_bt1
__gmpn_gcd_11_bt2
__gmpn_gcd_11_core2
__gmpn_gcd_11_coreisbr
__gmpn_gcd_11_init
__gmpn_gcd_11_k10
__gmpn_gcd_11_nano
__gmpn_gcd_11_x86_64
__gmpn_gcd_11_zen
__gmpn_gcd_22
__gmpn_gcd_subdiv_step
__gmpn_gcdext
__gmpn_gcdext_1
__gmpn_gcdext_hook
__gmpn_gcdext_lehmer_n
__gmpn_get_d
__gmpn_get_str
__gmpn_hamdist
__gmpn_hgcd
__gmpn_hgcd2
__gmpn_hgcd2_jacobi
__gmpn_hgcd_appr
__gmpn_hgcd_appr_itch
__gmpn_hgcd_itch
__gmpn_hgcd_jacobi
__gmpn_hgcd_matrix_adjust
__gmpn_hgcd_matrix_init
__gmpn_hgcd_matrix_mul
__gmpn_hgcd_matrix_mul_1
__gmpn_hgcd_matrix_update_q
__gmpn_hgcd_mul_matrix1_vector
__gmpn_hgcd_reduce
__gmpn_hgcd_reduce_itch
__gmpn_hgcd_step
__gmpn_invert
__gmpn_invert_limb
__gmpn_invert_limb_table
__gmpn_invertappr
__gmpn_ior_n
__gmpn_iorn_n
__gmpn_jacobi_2
__gmpn_jacobi_base
__gmpn_jacobi_n
__gmpn_lshift
__gmpn_lshift_atom
__gmpn_lshift_core2
__gmpn_lshift_coreisbr
__gmpn_lshift_init
__gmpn_lshift_k10
__gmpn_lshift_pentium4
__gmpn_lshift_silvermont
__gmpn_lshift_x86_64
__gmpn_lshift_zen
__gmpn_lshiftc
__gmpn_lshiftc_atom
__gmpn_lshiftc_core2
__gmpn_lshiftc_coreisbr
__gmpn_lshiftc_init
__gmpn_lshiftc_k10
__gmpn_lshiftc_pentium4
__gmpn_lshiftc_silvermont
__gmpn_lshiftc_x86_64
__gmpn_lshiftc_zen
__gmpn_matrix22_mul
__gmpn_matrix22_mul1_inverse_vector
__gmpn_matrix22_mul_itch
__gmpn_mod_1
__gmpn_mod_1_1p
__gmpn_mod_1_1p_cps
__gmpn_mod_1_1p_cps_init
__gmpn_mod_1_1p_cps_x86_64
__gmpn_mod_1_1p_init
__gmpn_mod_1_1p_x86_64
__gmpn_mod_1_fat
__gmpn_mod_1_init
__gmpn_mod_1s_2p
__gmpn_mod_1s_2p_cps
__gmpn_mod_1s_2p_cps_init
__gmpn_mod_1s_2p_cps_x86_64
__gmpn_mod_1s_2p_init
__gmpn_mod_1s_2p_x86_64
__gmpn_mod_1s_3p
__gmpn_mod_1s_3p_cps
__gmpn_mod_1s_4p
__gmpn_mod_1s_4p_cps
__gmpn_mod_1s_4p_cps_init
__gmpn_mod_1s_4p_cps_x86_64
__gmpn_mod_1s_4p_init
__gmpn_mod_1s_4p_x86_64
__gmpn_mod_34lsub1
__gmpn_mod_34lsub1_init
__gmpn_mod_34lsub1_pentium4
__gmpn_mod_34lsub1_x86_64
__gmpn_modexact_1_odd_x86_64
__gmpn_modexact_1c_odd
__gmpn_modexact_1c_odd_init
__gmpn_modexact_1c_odd_x86_64
__gmpn_mu_bdiv_q
__gmpn_mu_bdiv_q_itch
__gmpn_mu_bdiv_qr
__gmpn_mu_bdiv_qr_itch
__gmpn_mu_div_q
__gmpn_mu_div_q_itch
__gmpn_mu_div_qr
__gmpn_mu_div_qr_itch
__gmpn_mu_divappr_q
__gmpn_mu_divappr_q_itch
__gmpn_mul
__gmpn_mul_1
__gmpn_mul_1_atom
__gmpn_mul_1_bd1
__gmpn_mul_1_bt1
__gmpn_mul_1_coreihwl
__gmpn_mul_1_coreisbr
__gmpn_mul_1_goldmont
__gmpn_mul_1_init
__gmpn_mul_1_pentium4
__gmpn_mul_1_silvermont
__gmpn_mul_1_x86_64
__gmpn_mul_1_zen
__gmpn_mul_1c_atom
__gmpn_mul_1c_bd1
__gmpn_mul_1c_bt1
__gmpn_mul_1c_coreisbr
__gmpn_mul_1c_goldmont
__gmpn_mul_1c_pentium4
__gmpn_mul_1c_silvermont
__gmpn_mul_1c_x86_64
__gmpn_mul_1c_zen
__gmpn_mul_2
__gmpn_mul_basecase
__gmpn_mul_basecase_bd1
__gmpn_mul_basecase_bt1
__gmpn_mul_basecase_core2
__gmpn_mul_basecase_coreibwl
__gmpn_mul_basecase_coreihwl
__gmpn_mul_basecase_coreisbr
__gmpn_mul_basecase_fat
__gmpn_mul_basecase_init
__gmpn_mul_basecase_k8
__gmpn_mul_basecase_pentium4
__gmpn_mul_basecase_silvermont
__gmpn_mul_basecase_zen
__gmpn_mul_fft
__gmpn_mul_n
__gmpn_mullo_basecase
__gmpn_mullo_basecase_core2
__gmpn_mullo_basecase_coreibwl
__gmpn_mullo_basecase_coreihwl
__gmpn_mullo_basecase_coreisbr
__gmpn_mullo_basecase_fat
__gmpn_mullo_basecase_init
__gmpn_mullo_basecase_k8
__gmpn_mullo_basecase_pentium4
__gmpn_mullo_basecase_silvermont
__gmpn_mullo_basecase_zen
__gmpn_mullo_n
__gmpn_mulmid
__gmpn_mulmid_basecase
__gmpn_mulmid_n
__gmpn_mulmod_bnm1
__gmpn_mulmod_bnm1_next_size
__gmpn_nand_n
__gmpn_neg
__gmpn_ni_invertappr
__gmpn_nior_n

Sections

.text
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Amit Timer Res/3 powershell/Prime95/libhwloc-15.dll
.dll windows:4 windows x64 arch:x64

1b7682c2168a4f10abf95ed8d159ffa3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetComputerNameA
GetCurrentProcess
GetCurrentThread
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemInfo
GetVersionExA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
SwitchToThread
TlsGetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_assert
_close
_errno
_findclose
_findfirst64
_findnext64
_fstat64
_fullpath
_initterm
_lock
_open
_read
_stat64
_strdup
_stricmp
_strnicmp
_unlock
abort
atof
atoi
calloc
fclose
ferror
fgets
fopen
fputc
fread
free
fseek
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
realloc
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strrchr
strspn
strtol
strtoul
tolower
ungetc
vfprintf
wcslen

Exports

Exports

RtlGetVersionProc
hwloc__add_info
hwloc__add_info_nodup
hwloc__attach_memory_object
hwloc__free_infos
hwloc__insert_object_by_cpuset
hwloc__move_infos
hwloc__object_cpusets_compare_first
hwloc__reorder_children
hwloc__tma_dup_infos
hwloc__topology_disadopt
hwloc__topology_dup
hwloc__xml_export_diff
hwloc__xml_export_topology
hwloc__xml_import_diff
hwloc__xml_verbose
hwloc_add_uname_info
hwloc_alloc
hwloc_alloc_heap
hwloc_alloc_membind
hwloc_alloc_root_sets
hwloc_alloc_setup_object
hwloc_backend_alloc
hwloc_backend_distances_add_commit
hwloc_backend_distances_add_create
hwloc_backend_distances_add_values
hwloc_backend_enable
hwloc_backends_disable_all
hwloc_backends_find_callbacks
hwloc_backends_is_thissystem
hwloc_bitmap_allbut
hwloc_bitmap_alloc
hwloc_bitmap_alloc_full
hwloc_bitmap_and
hwloc_bitmap_andnot
hwloc_bitmap_asprintf
hwloc_bitmap_clr
hwloc_bitmap_clr_range
hwloc_bitmap_compare
hwloc_bitmap_compare_first
hwloc_bitmap_compare_inclusion
hwloc_bitmap_copy
hwloc_bitmap_dup
hwloc_bitmap_fill
hwloc_bitmap_first
hwloc_bitmap_first_unset
hwloc_bitmap_free
hwloc_bitmap_from_ith_ulong
hwloc_bitmap_from_ulong
hwloc_bitmap_from_ulongs
hwloc_bitmap_intersects
hwloc_bitmap_isequal
hwloc_bitmap_isfull
hwloc_bitmap_isincluded
hwloc_bitmap_isset
hwloc_bitmap_iszero
hwloc_bitmap_last
hwloc_bitmap_last_unset
hwloc_bitmap_list_asprintf
hwloc_bitmap_list_snprintf
hwloc_bitmap_list_sscanf
hwloc_bitmap_next
hwloc_bitmap_next_unset
hwloc_bitmap_not
hwloc_bitmap_nr_ulongs
hwloc_bitmap_only
hwloc_bitmap_or
hwloc_bitmap_set
hwloc_bitmap_set_ith_ulong
hwloc_bitmap_set_range
hwloc_bitmap_singlify
hwloc_bitmap_singlify_per_core
hwloc_bitmap_snprintf
hwloc_bitmap_sscanf
hwloc_bitmap_taskset_asprintf
hwloc_bitmap_taskset_snprintf
hwloc_bitmap_taskset_sscanf
hwloc_bitmap_tma_dup
hwloc_bitmap_to_ith_ulong
hwloc_bitmap_to_ulong
hwloc_bitmap_to_ulongs
hwloc_bitmap_weight
hwloc_bitmap_xor
hwloc_bitmap_zero
hwloc_compare_types
hwloc_components_fini
hwloc_components_init
hwloc_cpukinds_get_by_cpuset
hwloc_cpukinds_get_info
hwloc_cpukinds_get_nr
hwloc_cpukinds_register
hwloc_decode_from_base64
hwloc_disc_component_force_enable
hwloc_disc_components_enable_others
hwloc_distances_add
hwloc_distances_add_commit
hwloc_distances_add_create
hwloc_distances_add_values
hwloc_distances_get
hwloc_distances_get_by_depth
hwloc_distances_get_by_name
hwloc_distances_get_by_type
hwloc_distances_get_name
hwloc_distances_release
hwloc_distances_release_remove
hwloc_distances_remove
hwloc_distances_remove_by_depth
hwloc_distances_transform
hwloc_encode_to_base64
hwloc_export_obj_userdata
hwloc_export_obj_userdata_base64
hwloc_fallback_memsize
hwloc_fallback_nbprocessors
hwloc_find_insert_io_parent_by_complete_cpuset
hwloc_free
hwloc_free_heap
hwloc_free_object_and_children
hwloc_free_object_siblings_and_children
hwloc_free_unlinked_object
hwloc_free_xmlbuffer
hwloc_get_api_version
hwloc_get_area_membind
hwloc_get_area_memlocation
hwloc_get_closest_objs
hwloc_get_cpubind
hwloc_get_depth_type
hwloc_get_largest_objs_inside_cpuset
hwloc_get_last_cpu_location
hwloc_get_local_numanode_objs
hwloc_get_membind
hwloc_get_memory_parents_depth
hwloc_get_nbobjs_by_depth
hwloc_get_obj_by_depth
hwloc_get_obj_by_type_and_gp_index
hwloc_get_obj_with_same_locality
hwloc_get_proc_cpubind
hwloc_get_proc_last_cpu_location
hwloc_get_proc_membind
hwloc_get_thread_cpubind
hwloc_get_type_depth
hwloc_hide_errors
hwloc_insert_object_by_parent
hwloc_internal_cpukinds_destroy
hwloc_internal_cpukinds_dup
hwloc_internal_cpukinds_init
hwloc_internal_cpukinds_rank
hwloc_internal_cpukinds_register
hwloc_internal_cpukinds_restrict
hwloc_internal_distances_add
hwloc_internal_distances_add_by_index
hwloc_internal_distances_destroy
hwloc_internal_distances_dup
hwloc_internal_distances_init
hwloc_internal_distances_invalidate_cached_objs
hwloc_internal_distances_prepare
hwloc_internal_distances_refresh
hwloc_internal_memattr_set_value
hwloc_internal_memattrs_destroy
hwloc_internal_memattrs_dup
hwloc_internal_memattrs_guess_memory_tiers
hwloc_internal_memattrs_init
hwloc_internal_memattrs_need_refresh
hwloc_internal_memattrs_prepare
hwloc_internal_memattrs_refresh
hwloc_memattr_get_best_initiator
hwloc_memattr_get_best_target
hwloc_memattr_get_by_name
hwloc_memattr_get_flags
hwloc_memattr_get_initiators
hwloc_memattr_get_name
hwloc_memattr_get_targets
hwloc_memattr_get_value
hwloc_memattr_register
hwloc_memattr_set_value
hwloc_noos_component
hwloc_obj_add_children_sets
hwloc_obj_add_info
hwloc_obj_add_other_obj_sets
hwloc_obj_attr_snprintf
hwloc_obj_type_is_cache
hwloc_obj_type_is_dcache
hwloc_obj_type_is_icache
hwloc_obj_type_is_io
hwloc_obj_type_is_memory
hwloc_obj_type_is_normal
hwloc_obj_type_snprintf
hwloc_obj_type_string
hwloc_pci_class_string
hwloc_pci_discovery_exit
hwloc_pci_discovery_init
hwloc_pci_discovery_prepare
hwloc_pci_find_by_busid
hwloc_pci_find_parent_by_busid
hwloc_pcidisc_check_bridge_type
hwloc_pcidisc_find_bridge_buses
hwloc_pcidisc_find_cap
hwloc_pcidisc_find_linkspeed
hwloc_pcidisc_tree_attach
hwloc_pcidisc_tree_insert_by_busid
hwloc_progname
hwloc_set_area_membind
hwloc_set_binding_hooks
hwloc_set_cpubind
hwloc_set_membind
hwloc_set_native_binding_hooks
hwloc_set_proc_cpubind
hwloc_set_proc_membind
hwloc_set_thread_cpubind
hwloc_set_windows_hooks
hwloc_setup_pu_level
hwloc_shmem_topology_adopt
hwloc_shmem_topology_get_length
hwloc_shmem_topology_write
hwloc_synthetic_component
hwloc_topology_abi_check
hwloc_topology_alloc_group_object
hwloc_topology_allow
hwloc_topology_check
hwloc_topology_clear
hwloc_topology_components_fini
hwloc_topology_components_init
hwloc_topology_destroy
hwloc_topology_diff_apply
hwloc_topology_diff_build
hwloc_topology_diff_destroy
hwloc_topology_diff_export_xml
hwloc_topology_diff_export_xmlbuffer
hwloc_topology_diff_load_xml
hwloc_topology_diff_load_xmlbuffer
hwloc_topology_dup
hwloc_topology_export_synthetic
hwloc_topology_export_xml
hwloc_topology_export_xmlbuffer
hwloc_topology_get_allowed_cpuset
hwloc_topology_get_allowed_nodeset
hwloc_topology_get_complete_cpuset
hwloc_topology_get_complete_nodeset
hwloc_topology_get_depth
hwloc_topology_get_flags
hwloc_topology_get_support
hwloc_topology_get_topology_cpuset
hwloc_topology_get_topology_nodeset
hwloc_topology_get_type_filter
hwloc_topology_get_userdata
hwloc_topology_init
hwloc_topology_insert_group_object
hwloc_topology_insert_misc_object
hwloc_topology_is_thissystem
hwloc_topology_load
hwloc_topology_reconnect
hwloc_topology_refresh
hwloc_topology_restrict
hwloc_topology_set_all_types_filter
hwloc_topology_set_cache_types_filter
hwloc_topology_set_components
hwloc_topology_set_flags
hwloc_topology_set_icache_types_filter
hwloc_topology_set_io_types_filter
hwloc_topology_set_pid
hwloc_topology_set_synthetic
hwloc_topology_set_type_filter
hwloc_topology_set_userdata
hwloc_topology_set_userdata_export_callback
hwloc_topology_set_userdata_import_callback
hwloc_topology_set_xml
hwloc_topology_set_xmlbuffer
hwloc_topology_setup_defaults
hwloc_type_sscanf
hwloc_type_sscanf_as_depth
hwloc_windows_component
hwloc_windows_get_nr_processor_groups
hwloc_windows_get_processor_group_cpuset
hwloc_x86_component
hwloc_xml_callbacks_register
hwloc_xml_callbacks_reset
hwloc_xml_component
hwloc_xml_nolibxml_component

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 599KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 607KB - Virtual size: 606KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Amit Timer Res/3 powershell/Prime95/prime.txt
Amit Timer Res/3 powershell/Prime95/prime95.exe
.exe windows:6 windows x64 arch:x64

3ac2b20ee4e4ebacafad091010891a2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\woltm\mersenne\prime95\x64\Release\prime95.pdb

Imports

libhwloc-15

ord179
ord32
ord186
ord133
ord132
ord140
ord203
ord249
ord245
ord54
ord67
ord56
ord73
ord47
ord238
ord90
ord89
ord240

libgmp-gw1

ord833
ord816
ord807
ord771
ord766
ord734
ord823
ord873
ord869
ord868
ord835
ord832
ord831
ord814
ord809
ord846
ord867
ord877
ord806
ord810
ord803
ord802
ord798
ord794
ord792
ord778
ord773
ord757
ord754
ord752
ord751
ord733
ord893
ord75
ord878

libcurl-x64

curl_easy_init
curl_easy_setopt
curl_easy_perform
curl_global_init
curl_free
curl_easy_escape
curl_mime_data
curl_mime_name
curl_mime_addpart
curl_mime_free
curl_mime_init
curl_easy_cleanup

kernel32

GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CompareStringA
SuspendThread
ResumeThread
GetVersionExA
lstrcmpA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileTime
SetFileTime
GlobalLock
ReplaceFileA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GlobalReAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
GetAtomNameA
FileTimeToSystemTime
GetThreadLocale
GlobalFlags
GetACP
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
GetVolumeInformationA
DuplicateHandle
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetStringTypeExA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
SetFileAttributesA
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
SetErrorMode
GetProfileIntA
SearchPathA
LocalLock
LocalUnlock
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
GetCurrentThreadId
TryEnterCriticalSection
AreFileApisANSI
ReadFile
HeapCreate
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetSystemDirectoryW
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
CreateFileW
GetFileAttributesW
UnmapViewOfFile
HeapValidate
MultiByteToWideChar
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
LoadLibraryW
HeapCompact
UnlockFile
LockFileEx
GetFileSize
GetCurrentProcessId
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
FlushFileBuffers
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
SystemTimeToFileTime
GetProcAddress
VirtualFree
VirtualAlloc
GetSystemTime
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
EncodePointer
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
DecodePointer
Process32Next
Process32First
CreateToolhelp32Snapshot
GetLocaleInfoA
GetSystemPowerStatus
GetComputerNameA
SetThreadAffinityMask
GetTickCount
GlobalMemoryStatusEx
OpenProcess
SetPriorityClass
SetThreadPriorityBoost
SetThreadPriority
GetCurrentThread
GetCurrentProcess
GetProcessHeap
HeapFree
HeapAlloc
FindNextFileA
FindFirstFileA
FindClose
LocalFree
LocalAlloc
GetModuleFileNameA
Sleep
CreateMutexA
GetLastError
CloseHandle
WideCharToMultiByte
lstrlenA
lstrcatA
lstrcpyA
WinExec
LoadLibraryA
FindResourceW
SizeofResource
LockResource
LoadResource
FreeLibrary
GetWindowsDirectoryA
CopyFileA
MulDiv
LockFile
GlobalFree
VirtualQuery
RtlPcToFileHeader
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetFileType
GetDriveTypeW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetStdHandle
WriteConsoleW
ExitProcess
GetCommandLineA
GetCommandLineW
HeapQueryInformation
SetStdHandle
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
MoveFileExW
GetTimeZoneInformation
SetConsoleCtrlHandler
GetStringTypeW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTempFileNameA
RtlUnwind

psapi

EnumProcessModules
GetModuleFileNameExA
EnumProcesses

user32

GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetTabbedTextExtentA
GetTabbedTextExtentW
SetParent
DeleteMenu
UnionRect
MapVirtualKeyA
GetKeyNameTextA
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
CopyImage
LoadImageW
TrackMouseEvent
RealChildWindowFromPoint
GetSysColorBrush
IsRectEmpty
SetWindowRgn
DrawIcon
LoadMenuW
LoadAcceleratorsW
ShowOwnedPopups
PostQuitMessage
IsZoomed
LoadCursorW
SetCapture
WaitMessage
TranslateMessage
GetMessageA
WindowFromPoint
FillRect
ClientToScreen
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
LoadImageA
DestroyIcon
GetWindowThreadProcessId
IntersectRect
InsertMenuItemA
CreatePopupMenu
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseCapture
BringWindowToTop
SystemParametersInfoA
GetMenuItemInfoA
GetSystemMetrics
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
MapVirtualKeyExA
GetClassLongPtrA
GetClassLongA
EqualRect
CopyRect
DrawFocusRect
MessageBoxA
AdjustWindowRectEx
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
PeekMessageA
DispatchMessageA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
GetFocus
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetWindow
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
UnregisterClassA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
wsprintfA
IsCharAlphaNumericA
FlashWindow
LoadIconW
EnumWindows
GetWindowLongPtrA
ShowWindow
SetWindowLongPtrA
GetCursorPos
RemovePropA
GetPropA
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemInfoA
TrackPopupMenu
GetSubMenu
DestroyMenu
LoadMenuA
IsIconic
IsWindowVisible
PostMessageA
RegisterWindowMessageA
CopyIcon
LoadCursorA
GetParent
SetWindowLongA
PtInRect
InflateRect
GetSysColor
ScreenToClient
SetCursor
MessageBeep
GetWindowRect
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
LockWindowUpdate
GetDCEx
FrameRect
SetCursorPos
DrawFrameControl
DrawEdge
SetClassLongPtrA
DrawStateA
EnumDisplayMonitors
GetClientRect
InvalidateRect
SetLayeredWindowAttributes
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
GetClassNameA
ReleaseDC
GetDC
KillTimer
SetTimer
IsWindow
GetMessagePos
EnableMenuItem
GetSystemMenu
EnableWindow
SendMessageA
DrawIconEx
GetNextDlgGroupItem
CharUpperA
MapWindowPoints
SetRect
RedrawWindow

gdi32

CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
CreateFontA
GetCharWidthA
StretchDIBits
GetBkColor
GetStockObject
GetTextExtentPoint32A
GetObjectA
CopyMetaFileA
CreateDCA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
BitBlt
CreateCompatibleDC
ExtTextOutA
CreateCompatibleBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
CreatePalette
GetLayout
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
GetTextMetricsA
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EnumFontFamiliesExA
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetStretchBltMode
SetROP2
SetDIBColorTable
CreateFontIndirectA
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipRgn
SetPolyFillMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
GetJobA
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
ConvertSidToStringSidA
RegGetValueA
RegSetValueExA
RegSetKeySecurity
RegCloseKey
RegOpenKeyA
RegGetKeySecurity
RegDeleteValueA
RegCreateKeyExA
LookupAccountNameA
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
SetEntriesInAclA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
RegQueryValueA

shell32

Shell_NotifyIconA
DragQueryFileA
DragFinish
SHAddToRecentDocs
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA
PathFindExtensionA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindFileNameA

uxtheme

GetWindowTheme
GetCurrentThemeName
GetThemeColor
IsAppThemed
GetThemePartSize
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText
GetThemeSysColor

ole32

CoTaskMemAlloc
CoTaskMemFree
WriteClassStg
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRun
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes
WriteClassStm
StgCreateDocfileOnILockBytes
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
CoTreatAsClass
ReadClassStg
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoInitializeEx
CreateStreamOnHGlobal
StringFromCLSID
CLSIDFromString
CoDisconnectObject
StringFromGUID2
PropVariantCopy
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx

oleaut32

SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocString
SysStringByteLen
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetElemsize
SysFreeString
SafeArrayGetDim

gdiplus

GdipCreateBitmapFromStreamICM
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromStream
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFile
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateFromHDC
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipCreateBitmapFromFileICM

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

oledlg

ord8

Exports

Exports

cJSON_AddArrayToObject
cJSON_AddBoolToObject
cJSON_AddFalseToObject
cJSON_AddItemReferenceToArray
cJSON_AddItemReferenceToObject
cJSON_AddItemToArray
cJSON_AddItemToObject
cJSON_AddItemToObjectCS
cJSON_AddNullToObject
cJSON_AddNumberToObject
cJSON_AddObjectToObject
cJSON_AddRawToObject
cJSON_AddStringToObject
cJSON_AddTrueToObject
cJSON_Compare
cJSON_CreateArray
cJSON_CreateArrayReference
cJSON_CreateBool
cJSON_CreateDoubleArray
cJSON_CreateFalse
cJSON_CreateFloatArray
cJSON_CreateIntArray
cJSON_CreateNull
cJSON_CreateNumber
cJSON_CreateObject
cJSON_CreateObjectReference
cJSON_CreateRaw
cJSON_CreateString
cJSON_CreateStringArray
cJSON_CreateStringReference
cJSON_CreateTrue
cJSON_Delete
cJSON_DeleteItemFromArray
cJSON_DeleteItemFromObject
cJSON_DeleteItemFromObjectCaseSensitive
cJSON_DetachItemFromArray
cJSON_DetachItemFromObject
cJSON_DetachItemFromObjectCaseSensitive
cJSON_DetachItemViaPointer
cJSON_Duplicate
cJSON_GetArrayItem
cJSON_GetArraySize
cJSON_GetErrorPtr
cJSON_GetNumberValue
cJSON_GetObjectItem
cJSON_GetObjectItemCaseSensitive
cJSON_GetStringValue
cJSON_HasObjectItem
cJSON_InitHooks
cJSON_InsertItemInArray
cJSON_IsArray
cJSON_IsBool
cJSON_IsFalse
cJSON_IsInvalid
cJSON_IsNull
cJSON_IsNumber
cJSON_IsObject
cJSON_IsRaw
cJSON_IsString
cJSON_IsTrue
cJSON_Minify
cJSON_Parse
cJSON_ParseWithLength
cJSON_ParseWithLengthOpts
cJSON_ParseWithOpts
cJSON_Print
cJSON_PrintBuffered
cJSON_PrintPreallocated
cJSON_PrintUnformatted
cJSON_ReplaceItemInArray
cJSON_ReplaceItemInObject
cJSON_ReplaceItemInObjectCaseSensitive
cJSON_ReplaceItemViaPointer
cJSON_SetNumberHelper
cJSON_SetValuestring
cJSON_Version
cJSON_free
cJSON_malloc

Sections

.text
Size: 26.0MB - Virtual size: 26.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_GWDATA
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Amit Timer Res/3 powershell/Prime95/results.txt
Amit Timer Res/3 powershell/Windows PowerShell.lnk
.lnk
Amit Timer Res/3 powershell/run this as admin.txt
Amit Timer Res/4 results/Plot.url
.url
Amit Timer Res/4 results/Startup.lnk
.lnk
Amit Timer Res/4 results/text document.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

11f2665eaaaf2de7cb4e3312fbfeab4a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

advapi32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 636B

c1c671ec492bcf13ef9a966821b522cb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 636B

76b44a61d1fa1791259b77cf5efbfa43

Code Sign

0f:07:dd:d7:18:7f:eb:e5:92:aa:9d:cb:35:81:8f:8a:94:06:ac:9dCertificate

Extended Key Usages

Key Usages

05:08:26:c5:81:9f:76:fc:32:01:f2:dc:10:c9:a7:1e:73:c5:71:25Certificate

Key Usages

a6:1a:d1:e7:94:df:30:bc:95:92:2b:1c:38:1f:f5:f9:e2:e3:3b:6f:03:23:9c:ad:dd:e9:c0:67:f4:09:bf:5b:d8:e9:ad:53:ea:3b:fc:ab:71:5a:0a:4a:05:43:4e:cd:5f:0c:88:27:15:59:a9:d0:63:bc:31:15:b3:7f:e9:23Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bcrypt

crypt32

kernel32

normaliz

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 636B

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 636B

0f:07:dd:d7:18:7f:eb:e5:92:aa:9d:cb:35:81:8f:8a:94:06:ac:9d
Certificate

05:08:26:c5:81:9f:76:fc:32:01:f2:dc:10:c9:a7:1e:73:c5:71:25
Certificate

a6:1a:d1:e7:94:df:30:bc:95:92:2b:1c:38:1f:f5:f9:e2:e3:3b:6f:03:23:9c:ad:dd:e9:c0:67:f4:09:bf:5b:d8:e9:ad:53:ea:3b:fc:ab:71:5a:0a:4a:05:43:4e:cd:5f:0c:88:27:15:59:a9:d0:63:bc:31:15:b3:7f:e9:23
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 712KB - Virtual size: 711KB

.data
Size: 44KB - Virtual size: 57KB

.pdata
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 21KB - Virtual size: 21KB

.text
Size: 453KB - Virtual size: 453KB

.data
Size: 1024B - Virtual size: 576B

.rdata
Size: 82KB - Virtual size: 81KB

.pdata
Size: 8KB - Virtual size: 7KB

.xdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 384B

.edata
Size: 25KB - Virtual size: 25KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 788B

/4
Size: 1024B - Virtual size: 736B

/19
Size: 177KB - Virtual size: 176KB

/31
Size: 7KB - Virtual size: 6KB

/45
Size: 10KB - Virtual size: 10KB

/57
Size: 2KB - Virtual size: 1KB

/70
Size: 1024B - Virtual size: 774B

/81
Size: 10KB - Virtual size: 10KB

/92
Size: 1KB - Virtual size: 1KB

.text
Size: 257KB - Virtual size: 257KB

.data
Size: 1024B - Virtual size: 688B

.rdata
Size: 37KB - Virtual size: 37KB

.pdata
Size: 7KB - Virtual size: 7KB

.xdata
Size: 8KB - Virtual size: 7KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 10KB - Virtual size: 9KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 216B

/4
Size: 3KB - Virtual size: 2KB

/19
Size: 599KB - Virtual size: 598KB

/31
Size: 43KB - Virtual size: 43KB

/45
Size: 214KB - Virtual size: 214KB

/57
Size: 43KB - Virtual size: 42KB