d:\builds\eic_2019r1_p02\products\eic\src\SOAP\SOAPTracer\ReleaseU\SOAPTracerU.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
002da5f1e5a63c721193148ce0c07b150b943a25b069db3d46adf2103e25836b_NeikiAnalytics.exe
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
002da5f1e5a63c721193148ce0c07b150b943a25b069db3d46adf2103e25836b_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
002da5f1e5a63c721193148ce0c07b150b943a25b069db3d46adf2103e25836b_NeikiAnalytics.exe
-
Size
522KB
-
MD5
c87fb39b5bf4f1a878eac116d15994d0
-
SHA1
2b106d1862927fdf5bef7f3ce5a8c58868036e91
-
SHA256
002da5f1e5a63c721193148ce0c07b150b943a25b069db3d46adf2103e25836b
-
SHA512
95fdd75f8c81bc26e854455475e510e10aecc82ed5a1cac80adfaafbec9494232d79f3fa4b4ef54c31de346e547765c4b86fd215370cd9cc8fa28c5fa9c14410
-
SSDEEP
6144:M/SbgmrS/iE6AcSrvyUG0KjOExKf7pLlNKQKQr0AQHJsksViEtYpFbl+Sinr:M/SbgCS/iE6OrKjeFQ0Afb7inr
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 002da5f1e5a63c721193148ce0c07b150b943a25b069db3d46adf2103e25836b_NeikiAnalytics.exe
Files
-
002da5f1e5a63c721193148ce0c07b150b943a25b069db3d46adf2103e25836b_NeikiAnalytics.exe.exe windows:6 windows x86 arch:x86
3e562b13e97455ab39c45583efb1d97d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
i3core-w32r-19-1
?to_string@i3core@@YA?AV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@PB_W@Z
??$to_string@G$S@i3core@@YA?AV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@G@Z
??$to_string@K$S@i3core@@YA?AV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@K@Z
?safe_cast_throw_value_truncated@impl@i3core@@YAXABVtype_info@@_K@Z
?now@TimeProviderMm@i3core@@SA?AVRelativeTime@2@XZ
??0MonotonicTimeBase@i3core@@IAE@ABVRelativeTime@1@@Z
??0MonotonicTimeBase@i3core@@IAE@ABV01@@Z
??1Cpu@hardware@i3core@@QAE@XZ
?frequency@Cpu@hardware@i3core@@QBENXZ
??0Cpu@hardware@i3core@@QAE@XZ
??HRelativeTime@i3core@@QBE?AV01@ABV01@@Z
?nanoseconds@RelativeTime@i3core@@SA?AV12@_J@Z
??0RelativeTime@i3core@@QAE@XZ
??8AbsoluteTime@i3core@@QBE_NABV01@@Z
??GAbsoluteTime@i3core@@QBE?AVRelativeTime@1@ABV01@@Z
?now@AbsoluteTime@i3core@@SA?AV12@XZ
??0AbsoluteTime@i3core@@QAE@XZ
?safe_cast_throw_sign_reversal@impl@i3core@@YAXABVtype_info@@_K@Z
stlport-w32r-19-1
?setstate@?$basic_ios@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEXH@Z
?sputc@?$basic_streambuf@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEHD@Z
?sputn@?$basic_streambuf@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE_JPBD_J@Z
??0?$_Osentry@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE@AAV?$basic_ostream@DV?$char_traits@D@stlp_std@@@1@@Z
??1?$_Osentry@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE@XZ
??B?$_Osentry@DV?$char_traits@D@stlp_std@@@stlp_std@@QBE_NXZ
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@U_String_reserve_t@priv@1@IABV?$allocator@_W@1@@Z
?rdbuf@?$basic_ios@DV?$char_traits@D@stlp_std@@@stlp_std@@QBEPAV?$basic_streambuf@DV?$char_traits@D@stlp_std@@@2@XZ
?swap@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAEXAAV12@@Z
??Y?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAEAAV01@ABV01@@Z
?end@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBEPB_WXZ
?begin@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBEPB_WXZ
??4?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@ABV01@@Z
??0?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@ABV?$allocator@_W@1@@Z
?_M_compare@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@SAHPBD000@Z
?data@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
?append@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV12@ABV12@@Z
?size@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEIXZ
?end@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
?begin@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@U_String_reserve_t@priv@1@IABV?$allocator@D@1@@Z
?get_allocator@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBE?AV?$allocator@D@2@XZ
?_M_Start@?$_String_base@_WV?$allocator@_W@stlp_std@@@priv@stlp_std@@IBEPB_WXZ
?compare@?$char_traits@D@stlp_std@@SAHPBD0I@Z
?eof@?$__char_traits_base@DH@stlp_std@@SAHXZ
?eq_int_type@?$__char_traits_base@DH@stlp_std@@SA_NABH0@Z
??1?$allocator@_W@stlp_std@@QAE@XZ
??0?$allocator@_W@stlp_std@@QAE@XZ
??_D?$basic_ostringstream@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEXXZ
?str@?$basic_ostringstream@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBE?AV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@H@Z
??6?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEAAV01@K@Z
??6?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEAAV01@H@Z
?_M_put_nowiden@?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEXPBD@Z
?_M_put_char@?$basic_ostream@DV?$char_traits@D@stlp_std@@@stlp_std@@QAEXD@Z
?imbue@?$basic_ios@DV?$char_traits@D@stlp_std@@@stlp_std@@QAE?AVlocale@2@ABV32@@Z
??4?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAEAAV01@PBD@Z
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@ABV01@@Z
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@ABV?$allocator@D@1@@Z
?classic@locale@stlp_std@@SAABV12@XZ
??_D?$basic_ostringstream@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAEXXZ
?str@?$basic_ostringstream@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBE?AV?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@2@XZ
??0?$basic_ostringstream@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@H@Z
?_M_formatted_get@?$basic_istream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEXAA_W@Z
?putback@?$basic_istream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV12@_W@Z
??5?$basic_istream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV01@AAM@Z
??B?$_Osentry@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QBE_NXZ
??1?$_Osentry@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAE@XZ
??0?$_Osentry@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAE@AAV?$basic_ostream@_WV?$char_traits@_W@stlp_std@@@1@@Z
??6?$basic_ostream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV01@O@Z
??6?$basic_ostream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV01@N@Z
??6?$basic_ostream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEAAV01@M@Z
?_M_put_char@?$basic_ostream@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEX_W@Z
?sputn@?$basic_streambuf@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAE_JPB_W_J@Z
?sputc@?$basic_streambuf@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEG_W@Z
?_M_ctype_facet@?$basic_ios@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QBEPBV?$ctype@_W@2@XZ
?widen@?$basic_ios@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QBE_WD@Z
?imbue@?$basic_ios@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAE?AVlocale@2@ABV32@@Z
?setstate@?$basic_ios@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QAEXH@Z
?fill@?$basic_ios@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QBE_WXZ
?rdbuf@?$basic_ios@_WV?$char_traits@_W@stlp_std@@@stlp_std@@QBEPAV?$basic_streambuf@_WV?$char_traits@_W@stlp_std@@@2@XZ
?widen@?$ctype@_W@stlp_std@@QBEPBDPBD0PA_W@Z
??Bios_base@stlp_std@@QBEPAXXZ
?getloc@ios_base@stlp_std@@QBE?AVlocale@2@XZ
?width@ios_base@stlp_std@@QAE_J_J@Z
?precision@ios_base@stlp_std@@QAE_J_J@Z
?precision@ios_base@stlp_std@@QBE_JXZ
?flags@ios_base@stlp_std@@QAEHH@Z
?flags@ios_base@stlp_std@@QBEHXZ
?data@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBEPB_WXZ
?size@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBEIXZ
??1locale@stlp_std@@QAE@XZ
?eof@?$__char_traits_base@_WG@stlp_std@@SAGXZ
?eq_int_type@?$__char_traits_base@_WG@stlp_std@@SA_NABG0@Z
?eq@?$__char_traits_base@_WG@stlp_std@@SA_NAB_W0@Z
??4?$complex@O@stlp_std@@QAEAAU01@ABU01@@Z
?imag@?$complex@O@stlp_std@@QBEOXZ
?real@?$complex@O@stlp_std@@QBEOXZ
??0?$complex@O@stlp_std@@QAE@OO@Z
??4?$complex@N@stlp_std@@QAEAAU01@ABU01@@Z
?imag@?$complex@N@stlp_std@@QBENXZ
?real@?$complex@N@stlp_std@@QBENXZ
??0?$complex@N@stlp_std@@QAE@NN@Z
??4?$complex@M@stlp_std@@QAEAAU01@ABU01@@Z
?imag@?$complex@M@stlp_std@@QBEMXZ
?real@?$complex@M@stlp_std@@QBEMXZ
??0?$complex@M@stlp_std@@QAE@MM@Z
?_S_prev_sizes@?$_Stl_prime@_N@priv@stlp_std@@SAXIAAPBI0@Z
?_S_next_size@?$_Stl_prime@_N@priv@stlp_std@@SAII@Z
?swap@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAEXAAV12@@Z
?assign@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAEXIABQAU_Slist_node_base@priv@2@@Z
?reserve@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAEXI@Z
??1?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAE@XZ
??0?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAE@IABQAU_Slist_node_base@priv@1@ABV?$allocator@PAU_Slist_node_base@priv@stlp_std@@@1@@Z
??0?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAE@ABV?$allocator@PAU_Slist_node_base@priv@stlp_std@@@1@@Z
??A?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QBEABQAU_Slist_node_base@priv@1@I@Z
??A?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAEAAPAU_Slist_node_base@priv@1@I@Z
?size@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QBEIXZ
?begin@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QBEPBQAU_Slist_node_base@priv@2@XZ
?begin@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QAEPAPAU_Slist_node_base@priv@2@XZ
?get_allocator@?$vector@PAU_Slist_node_base@priv@stlp_std@@V?$allocator@PAU_Slist_node_base@priv@stlp_std@@@3@@stlp_std@@QBE?AV?$allocator@PAU_Slist_node_base@priv@stlp_std@@@2@XZ
??1?$allocator@PAU_Slist_node_base@priv@stlp_std@@@stlp_std@@QAE@XZ
?__splice_after@?$_Sl_global@_N@priv@stlp_std@@SAXPAU_Slist_node_base@23@0@Z
?__splice_after@?$_Sl_global@_N@priv@stlp_std@@SAXPAU_Slist_node_base@23@00@Z
??1?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QAE@XZ
?__i3stlport_pfn_deallocate@stlp_std@@3P6AXPAXI@ZA
?__i3stlport_pfn_allocate@stlp_std@@3P6APAXAAI@ZA
?__stl_throw_length_error@stlp_std@@YAXPBD@Z
?c_str@?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@QBEPB_WXZ
??1?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@XZ
?c_str@?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QBEPBDXZ
??0?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$allocator@D@stlp_std@@QAE@XZ
??0?$allocator@D@stlp_std@@QAE@XZ
?fill@?$basic_ios@DV?$char_traits@D@stlp_std@@@stlp_std@@QBEDXZ
mfc140u
ord4495
ord11430
ord5955
ord8831
ord1151
ord8209
ord9213
ord11795
ord5369
ord12177
ord3843
ord4587
ord12102
ord9237
ord12081
ord11495
ord10402
ord9302
ord11540
ord7505
ord2303
ord13282
ord1076
ord968
ord13628
ord1447
ord984
ord8476
ord1460
ord461
ord1112
ord930
ord1815
ord7408
ord966
ord3256
ord3627
ord3644
ord6469
ord13924
ord7926
ord12482
ord9919
ord10527
ord9581
ord3621
ord3903
ord14265
ord14263
ord3888
ord3856
ord5038
ord13226
ord2692
ord1794
ord4089
ord4140
ord4141
ord1444
ord7907
ord5756
ord5688
ord14379
ord14372
ord4173
ord13973
ord14276
ord14289
ord9254
ord11001
ord11582
ord7638
ord2383
ord2990
ord6589
ord8062
ord9132
ord7432
ord991
ord8304
ord11276
ord11279
ord9509
ord9524
ord9514
ord9986
ord9991
ord9526
ord11118
ord10509
ord8923
ord8913
ord11122
ord9011
ord11146
ord10047
ord10048
ord2557
ord2681
ord6876
ord9226
ord12123
ord12088
ord7649
ord14490
ord6300
ord5027
ord5026
ord5029
ord5025
ord5024
ord6834
ord3257
ord4236
ord1446
ord9135
ord2680
ord11117
ord7787
ord11275
ord11278
ord11581
ord7137
ord511
ord1149
ord10504
ord9528
ord3173
ord12176
ord8920
ord8912
ord13754
ord6219
ord7504
ord1653
ord5884
ord1525
ord1692
ord1687
ord2996
ord4663
ord8756
ord8360
ord10250
ord5763
ord14234
ord12219
ord12251
ord8217
ord12239
ord5918
ord3852
ord366
ord12037
ord1072
ord6860
ord995
ord6349
ord14668
ord6350
ord14669
ord6348
ord14667
ord8000
ord12531
ord14466
ord1866
ord5602
ord6189
ord11982
ord11983
ord2034
ord12027
ord7941
ord12947
ord4090
ord4152
ord9398
ord14595
ord7922
ord14589
ord12541
ord12542
ord2486
ord10144
ord10147
ord5357
ord8324
ord4589
ord12865
ord12928
ord10433
ord12247
ord8386
ord1472
ord7653
ord8470
ord953
ord2205
ord3849
ord2246
ord2562
ord4499
ord7121
ord481
ord14065
ord13832
ord2858
ord5609
ord6199
ord9081
ord3857
ord10976
ord11024
ord11267
ord9197
ord12786
ord5577
ord12575
ord11252
ord8395
ord7655
ord2843
ord13352
ord2558
ord12418
ord12660
ord4703
ord9484
ord2718
ord12964
ord12093
ord1128
ord4138
ord4088
ord14511
ord5377
ord5368
ord10431
ord10251
ord10721
ord11138
ord11139
ord9363
ord11743
ord9979
ord9212
ord7501
ord5765
ord2304
ord7441
ord8124
ord5938
ord13707
ord5939
ord13709
ord13700
ord5934
ord1788
ord12460
ord6130
ord5034
ord5033
ord8398
ord3174
ord514
ord7138
ord4815
ord1523
ord286
ord4323
ord6751
ord1511
ord9126
ord1066
ord4219
ord3145
ord6490
ord7493
ord12131
ord6218
ord13752
ord2760
ord9210
ord12172
ord1111
ord9040
ord11015
ord11396
ord10472
ord4092
ord458
ord3403
ord3404
ord3164
ord6531
ord6129
ord6220
ord13756
ord3305
ord3302
ord10255
ord8210
ord2761
ord1476
ord14785
ord10285
ord10287
ord10286
ord10284
ord10288
ord5652
ord11725
ord11726
ord9139
ord12089
ord3838
ord3833
ord11936
ord14588
ord8965
ord12220
ord6978
ord9468
ord11002
ord9256
ord3266
ord13878
ord12262
ord12258
ord1722
ord1744
ord1770
ord1756
ord1777
ord4936
ord5003
ord4948
ord4966
ord4960
ord4954
ord5013
ord4997
ord4942
ord5019
ord4974
ord4912
ord4927
ord4988
ord4502
ord5790
ord9693
ord4494
ord3055
ord14590
ord7923
ord14596
ord6877
ord11717
ord13028
ord8817
ord13703
ord5935
ord14137
ord2682
ord12124
ord3941
ord3296
ord3371
ord3372
ord3265
ord12168
ord1002
ord5249
ord5549
ord5760
ord9350
ord5525
ord7450
ord5252
ord5411
ord5228
ord7722
ord7723
ord7712
ord5409
ord8219
ord9209
ord3697
ord8464
ord1045
ord280
ord296
ord8182
ord1663
ord2389
ord2385
ord1513
ord14127
ord8100
ord8811
ord8365
ord1108
ord13070
ord890
ord1391
ord362
ord1068
ord4884
ord4216
ord6973
ord8773
ord4886
ord14328
ord11080
ord7654
ord3190
ord5837
ord13654
ord5222
ord4225
ord1180
ord7509
ord5984
ord6570
ord3175
ord3342
ord4223
ord1162
ord9130
ord1468
ord14115
ord14047
ord13922
ord13293
ord13289
ord13084
ord13087
ord13086
ord12867
ord12953
ord450
ord2520
ord4881
ord6812
ord6486
ord6559
ord358
ord6489
ord898
ord6795
ord3882
ord2522
ord4882
ord6566
ord1450
ord13257
ord974
ord4664
ord1689
ord5109
ord14657
ord12405
ord14604
ord12348
ord2378
ord265
ord12784
ord5513
ord2409
kernel32
CreateDirectoryW
GetModuleFileNameW
SystemTimeToFileTime
GetSystemTime
GetCurrentProcessId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
CloseHandle
WriteFile
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
FormatMessageA
LocalFree
OutputDebugStringW
GetTempPathW
DecodePointer
RaiseException
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
OutputDebugStringA
SetLastError
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryW
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
CreateFileW
user32
GetFocus
IsWindow
EnableWindow
GetWindowRect
IsRectEmpty
SetTimer
RegisterWindowMessageW
PostMessageW
WinHelpW
GetParent
PtInRect
OffsetRect
IntersectRect
InflateRect
CopyRect
SetRectEmpty
FillRect
DrawFocusRect
GetSysColorBrush
UnregisterClassW
UpdateWindow
InvalidateRect
KillTimer
SendMessageW
GetSysColor
GetClientRect
oleaut32
SysFreeString
VariantClear
GetErrorInfo
VariantInit
VariantChangeType
SetErrorInfo
CreateErrorInfo
icidkeyu
??0IcIdKey@I3STD@@QAE@XZ
??1IcIdKey@I3STD@@QAE@XZ
??4IcIdKey@I3STD@@QAEAAV01@$$QAV01@@Z
?as_string@IcIdKey@I3STD@@QBEABV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@XZ
?as_wstring@IcIdKey@I3STD@@QBEABVi3wstring@2@XZ
?key@IcIdKey@I3STD@@QBEABVStringKey@i3core@@XZ
??0IcIdKey@I3STD@@QAE@ABV01@@Z
?clear@IcIdKey@I3STD@@QAEXXZ
?swap@IcIdKey@I3STD@@QAEXAAV12@@Z
??8IcIdKey@I3STD@@QBE_NABV01@@Z
??9IcIdKey@I3STD@@QBE_NABV01@@Z
??MIcIdKey@I3STD@@QBE_NABV01@@Z
??0IcIdKey@I3STD@@QAE@ABV?$basic_string@DV?$char_traits@D@stlp_std@@V?$allocator@D@2@@stlp_std@@@Z
?hash@IcIdKey@I3STD@@QBEIXZ
??0IcIdKey@I3STD@@QAE@ABV?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@@Z
??4IcIdKey@I3STD@@QAEAAV01@ABV01@@Z
notifierlibu
??5CMessage@@QBEABV0@AAK@Z
??0CNotifierExtractException@@QAE@I@Z
??1CNotifierExtractException@@UAE@XZ
?GetErrorMessage@CNotifierExtractException@@UAEHPA_WIPAI@Z
?GetRuntimeClass@CNotifierExtractException@@UBEPAUCRuntimeClass@@XZ
?GetData@CMessage@@QBEPBXXZ
?NotifierClientConnect@@YA?AW4eNotifierConnect@@ABVi3idstring_arg@I3STD@@00ABVi3wstring_arg@3@K@Z
?NotifierServerInfo@@YAKAA_N00AAVi3idstring@I3STD@@11@Z
?NotifierDisconnect@@YAX_N@Z
??0CEntityId@@QAE@W4ObjectTypes@@KH@Z
?QueryObjectType@CEntityId@@QBE?AW4ObjectTypes@@XZ
?PutData@CMessage@@QAEXPBXH@Z
??5CMessage@@QBEABV0@AAV?$basic_string@_WV?$char_traits@_W@stlp_std@@V?$allocator@_W@2@@stlp_std@@@Z
?QueryObjectId@CEntityId@@QBEKXZ
??1CMessage@@UAE@XZ
??0ANotificationWatcher@@QAE@PB_WP6AXXZ_N2@Z
??1ANotificationWatcher@@UAE@XZ
?Watch@ANotificationWatcher@@QAEXABVCEntityId@@K@Z
?StopWatching@ANotificationWatcher@@QAEXABVCEntityId@@K@Z
??0CMessage@@QAE@XZ
??4CMessage@@QAEAAV0@ABV0@@Z
?QueryDataPosition@CMessage@@QBEKXZ
?SetDataPosition@CMessage@@QBEXK@Z
??6CMessage@@QAEAAV0@H@Z
??6CMessage@@QAEAAV0@_N@Z
??6CMessage@@QAEAAV0@K@Z
??6CMessage@@QAEAAV0@PB_W@Z
??5CMessage@@QBEABV0@AAH@Z
??5CMessage@@QBEABV0@AA_N@Z
?StringIn@CMessage@@QAEXPB_WI@Z
i3localizeru
??0HookResourceFunctions@I3Localizer@@QAE@K@Z
??1HookResourceFunctions@I3Localizer@@QAE@XZ
vcruntime140
wcschr
memcpy
__std_type_info_destroy_list
_except_handler4_common
__vcrt_InitializeCriticalSectionEx
memset
__std_terminate
_purecall
__RTDynamicCast
memcmp
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memmove
__CxxFrameHandler3
api-ms-win-crt-string-l1-1-0
strncpy
_wcsnicmp
api-ms-win-crt-heap-l1-1-0
_set_new_mode
free
_recalloc
malloc
api-ms-win-crt-runtime-l1-1-0
_exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
exit
_initialize_wide_environment
_configure_wide_argv
_seh_filter_dll
_initterm_e
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_initterm
terminate
_controlfp_s
_errno
_configure_narrow_argv
_set_app_type
_get_wide_winmain_command_line
_seh_filter_exe
_invalid_parameter_noinfo
api-ms-win-crt-math-l1-1-0
__setusermatherr
_except1
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-convert-l1-1-0
_ultow
_wtol
gdi32
GetObjectW
GetTextExtentPoint32W
GetStockObject
GetBkColor
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
SetBrushOrgEx
BitBlt
advapi32
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
comctl32
ImageList_Draw
ImageList_GetIconSize
Sections
.text Size: 241KB - Virtual size: 240KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 71KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 390B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 1024B - Virtual size: 777B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 154KB - Virtual size: 153KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ