t:\work\svn\srm_uniqfixes\release\SpywareRemover2009.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3b27749c4af89bdf39e0881c25d92306_JaffaCakes118.exe
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
3b27749c4af89bdf39e0881c25d92306_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
3b27749c4af89bdf39e0881c25d92306_JaffaCakes118
-
Size
1.4MB
-
MD5
3b27749c4af89bdf39e0881c25d92306
-
SHA1
3c7fa01404f23cc5b57f0b66be817bfc8834e9a6
-
SHA256
50ff709b0b8da34f0be69f1216f8c82c71785643df8f3bec50fc77fc2f0fe46b
-
SHA512
05938d2f3d6982f50069033946a32dfe23badee32232927d5011e90e3109d00f22147396065160fbb8e2f2c27518fb3ecd506f9d3ca8cb31213f60268061d767
-
SSDEEP
24576:MOUypsb2a9mrR6tiQqDRqpSXi5wcBEK4gFY2FlTKx2y/Zbxf:Z2tjqDdc/7/3yBbJ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3b27749c4af89bdf39e0881c25d92306_JaffaCakes118
Files
-
3b27749c4af89bdf39e0881c25d92306_JaffaCakes118.exe windows:4 windows x86 arch:x86
530111a9213debe28045ac37ac2eae47
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
useragent
?ModifyEntry@UserAgentManager@UserAgent@@AAE_NPBD0@Z
iphlpapi
GetAdaptersInfo
mfc80
ord2131
ord774
ord2130
ord2469
ord629
ord384
ord287
ord1486
ord1979
ord2794
ord5746
ord2495
ord2654
ord3651
ord3423
ord2160
ord1545
ord1377
ord3164
ord2991
ord4232
ord2086
ord587
ord5710
ord1916
ord6172
ord6178
ord4078
ord6037
ord3952
ord2346
ord2234
ord1580
ord1929
ord2233
ord5642
ord5727
ord2272
ord4081
ord6020
ord4085
ord2451
ord2371
ord3473
ord3214
ord4236
ord1558
ord1637
ord2090
ord642
ord908
ord3317
ord4240
ord1591
ord2095
ord741
ord3229
ord4237
ord1570
ord2091
ord4099
ord1484
ord1933
ord6266
ord1397
ord657
ord3171
ord4234
ord1547
ord2089
ord4098
ord1483
ord1931
ord591
ord3195
ord620
ord3307
ord1587
ord731
ord3178
ord1550
ord599
ord3249
ord1575
ord1576
ord671
ord3326
ord2985
ord752
ord3319
ord4242
ord2097
ord743
ord3328
ord2987
ord754
ord3215
ord1559
ord1638
ord643
ord3315
ord1589
ord1647
ord739
ord3312
ord1588
ord1646
ord736
ord3292
ord1581
ord1643
ord715
ord783
ord2983
ord4243
ord1594
ord1650
ord2098
ord748
ord3157
ord1543
ord1635
ord583
ord3304
ord730
ord3298
ord3172
ord1548
ord1636
ord592
ord3227
ord1568
ord1639
ord656
ord3228
ord1569
ord1640
ord2328
ord299
ord6703
ord1265
ord777
ord2327
ord4032
ord282
ord6704
ord1264
ord4036
ord4037
ord2321
ord1262
ord4033
ord4034
ord2319
ord1260
ord259
ord1971
ord2938
ord911
ord4109
ord1092
ord423
ord3233
ord660
ord4063
ord866
ord5466
ord3454
ord1554
ord3474
ord2802
ord3563
ord1586
ord5991
ord4761
ord5994
ord3406
ord3488
ord3430
ord4001
ord4123
ord502
ord5647
ord5059
ord3551
ord3139
ord3571
ord3583
ord3676
ord3587
ord3799
ord1598
ord2876
ord3680
ord4104
ord5871
ord3574
ord3437
ord416
ord651
ord300
ord293
ord6018
ord1263
ord330
ord589
ord280
ord1482
ord577
ord865
ord3641
ord5640
ord5641
ord5731
ord3989
ord5658
ord2368
ord3287
ord1966
ord2719
ord3401
ord4692
ord4394
ord4648
ord1968
ord3441
ord356
ord5203
ord354
ord605
ord3835
ord2020
ord4580
ord3255
ord1161
ord265
ord266
ord784
ord572
ord3684
ord3596
ord5320
ord5331
ord1181
ord6297
ord6286
ord5214
ord3230
ord3204
ord3302
ord2092
ord658
ord3934
ord2958
ord567
ord758
ord2075
ord2074
ord760
ord1425
ord3163
ord2264
ord326
ord5613
ord6275
ord4125
ord3348
ord3244
ord6120
ord2882
ord2873
ord1571
ord2094
ord4100
ord1955
ord6725
ord2370
ord5915
ord5634
ord1402
ord4238
ord2367
ord5073
ord781
ord5866
ord272
ord1283
ord709
ord501
ord1903
ord5491
ord5213
ord5566
ord2838
ord304
ord4481
ord4261
ord757
ord566
ord3333
ord3830
ord762
ord5570
ord628
ord378
ord3683
ord5224
ord5403
ord2468
ord1063
ord3174
ord769
ord4038
ord4014
ord6278
ord3801
ord6276
ord747
ord4326
ord2063
ord2018
ord5583
ord1207
ord3806
ord559
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord5975
ord2931
ord1101
ord5226
ord1054
ord2248
ord3948
ord4568
ord5230
ord6065
ord4035
ord297
ord3088
ord2021
ord630
ord385
ord4118
ord4115
ord3879
ord5833
ord2372
ord3875
ord5873
ord1279
ord602
ord347
ord6017
ord2263
ord3161
ord5637
ord6752
ord3210
ord1934
ord1280
ord2322
ord6754
ord1123
ord876
ord1564
ord1930
ord2271
ord3397
ord2902
ord2657
ord2164
ord2168
ord3761
ord578
ord310
ord5912
ord2862
ord1620
ord2540
ord1617
ord2646
ord3946
ord2533
ord1401
ord3718
ord4244
ord3719
ord5152
ord3709
ord1908
ord2644
ord3949
ord1084
ord4486
ord4185
ord4262
ord1395
ord3403
ord4722
ord4282
ord1600
ord5960
ord1191
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord1185
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord5182
ord1964
ord4212
ord1656
ord6067
ord4735
ord1655
ord4890
ord1599
ord5200
ord1671
ord2537
ord1670
ord2731
ord1551
ord2835
ord1187
ord6090
ord4307
ord6724
ord2714
ord764
ord3324
msvcr80
_resetstkoflw
calloc
free
_recalloc
malloc
__RTDynamicCast
memcpy_s
memmove_s
_mbsspn
_wcsdup
_gmtime64
_setmbcp
??0exception@std@@QAE@ABQBDH@Z
atoi
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_localtime64
isxdigit
tolower
toupper
memmove
isalnum
floor
isspace
_strlwr_s
isdigit
strncmp
realloc
_strnicmp
_mbspbrk
_local_unwind2
strerror
_mbsicmp
_invalid_parameter_noinfo
_strdup
_strlwr
wcschr
_mbsrchr
_errno
srand
rand
getenv
strcpy_s
strnlen
_mbsnbcpy_s
_itoa
memchr
_atoi64
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
_mbslwr_s
strlen
_mktime64
strftime
_mbsinc
_ltoa_s
strtol
_mbslen
_ismbcspace
vswprintf_s
_vscwprintf
sprintf
_mbsnbcpy
strtoul
atol
memcpy
_mbschr
_mbscspn
_time64
_beginthreadex
vsprintf_s
_vscprintf
_purecall
_except_handler3
_mbsstr
__CxxFrameHandler3
_CxxThrowException
_mbscmp
memset
_localtime64_s
kernel32
GetCurrentThreadId
lstrcpyA
SetFilePointer
GetFileSize
ReadFile
InterlockedDecrement
InterlockedIncrement
GetVersionExA
FreeLibrary
lstrcatA
CreateFileA
lstrcpynA
GlobalAlloc
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
ResumeThread
SetWaitableTimer
CreateWaitableTimerA
TerminateThread
CreateThread
CloseHandle
HeapFree
CreateEventA
GetProcessHeap
HeapAlloc
GetLocaleInfoA
ResetEvent
WaitForMultipleObjects
GetModuleFileNameA
DeleteCriticalSection
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
OpenProcess
TerminateProcess
Sleep
WaitForSingleObject
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
GetProcAddress
GetModuleHandleA
LoadLibraryA
SetLastError
WideCharToMultiByte
lstrlenA
GetLastError
MultiByteToWideChar
GetEnvironmentVariableA
lstrlenW
GetVersion
InterlockedExchange
lstrcmpiA
InterlockedCompareExchange
lstrcmpA
WriteProcessMemory
GetCurrentProcess
VirtualProtect
FindResourceW
FindResourceExW
GetTempPathA
GetFileAttributesA
GetDriveTypeA
CreateMutexA
CreateDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
GetLocalTime
DeleteFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
PulseEvent
RaiseException
CreateProcessA
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileSectionNamesA
GetComputerNameA
GetTickCount
MapViewOfFileEx
CreateFileMappingA
UnmapViewOfFile
ReleaseMutex
FlushFileBuffers
SetThreadPriority
GetVolumeInformationA
GetLogicalDriveStringsA
GetCurrentThread
Module32Next
Module32First
CreateToolhelp32Snapshot
LocalFree
GetWindowsDirectoryA
GetLongPathNameA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
MoveFileExA
GetFileAttributesExA
SetFileAttributesA
Process32Next
Process32First
lstrcatW
lstrcpyW
lstrcmpW
CreateFileW
GetFileAttributesW
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetTempFileNameA
RemoveDirectoryA
DeviceIoControl
DeleteFileW
GetCurrentProcessId
GetSystemTime
GetFullPathNameW
AreFileApisANSI
GetFullPathNameA
SetEndOfFile
QueryPerformanceCounter
UnlockFile
LockFile
GetSystemTimeAsFileTime
FormatMessageA
LoadLibraryW
GetTempPathW
LockFileEx
LocalAlloc
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetACP
GetThreadLocale
HeapDestroy
HeapReAlloc
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
user32
UnregisterClassA
BringWindowToTop
GetAsyncKeyState
DrawFocusRect
GetCapture
GetComboBoxInfo
DestroyCursor
CallWindowProcA
DestroyMenu
IsZoomed
GetMenuItemID
SetMenuDefaultItem
EnableMenuItem
AppendMenuA
WindowFromPoint
LoadImageW
LoadImageA
LoadCursorW
LoadIconW
LoadBitmapW
LoadStringW
LoadStringA
UnhookWindowsHookEx
LoadMenuA
SetFocus
MapWindowPoints
GetSubMenu
IsRectEmpty
ClientToScreen
GetWindowTextA
SetWindowsHookExA
GetKeyboardState
SetKeyboardState
DefWindowProcA
GetActiveWindow
SystemParametersInfoA
SetRectEmpty
GetMenuItemRect
UnionRect
TrackPopupMenuEx
TrackPopupMenu
SetMenuItemInfoA
SetMenuItemBitmaps
GetMenuItemInfoA
GetMenuDefaultItem
wsprintfA
GetMenuItemCount
GetMenuState
IsMenu
InsertMenuItemA
GetDlgCtrlID
DrawTextA
ReleaseCapture
SetCapture
GetKeyState
IsWindowEnabled
ValidateRect
UpdateWindow
CopyImage
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
GetWindow
GetClassNameA
FindWindowExA
ScreenToClient
SetWindowRgn
LoadBitmapA
PtInRect
GetSystemMenu
DrawStateA
DestroyIcon
PostThreadMessageA
RegisterWindowMessageA
GetMessageA
EnableScrollBar
SetScrollPos
RedrawWindow
InflateRect
FrameRect
SetRect
CopyRect
GetSysColor
CreateWindowExA
RegisterClassExA
FillRect
GetWindowLongA
DispatchMessageA
TranslateMessage
PeekMessageA
DialogBoxParamA
KillTimer
EndPaint
BeginPaint
ReleaseDC
GetDC
SetWindowPos
DispatchMessageW
GetMessageW
IsWindowUnicode
SetWindowLongA
DestroyWindow
SetParent
CreatePopupMenu
MsgWaitForMultipleObjects
SetWindowTextA
DrawIcon
GetClientRect
SetCursor
LoadCursorA
OffsetRect
SetTimer
EnableWindow
IsIconic
IsWindowVisible
GetCursorPos
SetForegroundWindow
TranslateAcceleratorA
LoadIconA
LoadAcceleratorsA
MessageBoxA
GetWindowRect
FindWindowA
InvalidateRect
IsWindow
PostMessageA
GetFocus
SendMessageA
GetParent
GetDesktopWindow
GetWindowDC
GetSystemMetrics
ShowWindowAsync
ShowWindow
CallNextHookEx
gdi32
StretchBlt
SelectObject
GetColorAdjustment
CreateCompatibleBitmap
CreateCompatibleDC
PatBlt
GetTextMetricsA
CreateFontA
GetTextColor
SetPixel
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
GetBitmapBits
SetBitmapBits
GetPixel
CreateBrushIndirect
MoveToEx
LineTo
GetBkColor
GetBkMode
SetBkColor
TextOutA
SetBkMode
SetTextColor
CreateDIBitmap
GetDIBits
CreateEllipticRgn
Rectangle
CreateFontIndirectA
ExtCreatePen
CreatePen
GetStockObject
CreateRectRgn
CombineRgn
GetObjectA
GetTextExtentPoint32A
CreateRectRgnIndirect
GetDeviceCaps
CreateSolidBrush
DeleteObject
DeleteDC
SetStretchBltMode
SetColorAdjustment
BitBlt
msimg32
AlphaBlend
advapi32
CryptHashData
RegCreateKeyExA
RegEnumValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
CryptDestroyHash
RegNotifyChangeKeyValue
GetUserNameA
OpenProcessToken
OpenThreadToken
QueryServiceStatus
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle
CreateServiceA
CryptCreateHash
CryptGetHashParam
RegOpenKeyExA
CryptAcquireContextA
CryptReleaseContext
RegSaveKeyA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
shell32
Shell_NotifyIconA
SHGetSpecialFolderPathA
SHAppBarMessage
ShellExecuteA
SHGetFolderPathA
SHFileOperationA
SHGetFolderPathW
comctl32
InitCommonControlsEx
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
_TrackMouseEvent
shlwapi
PathRenameExtensionA
PathFileExistsA
PathAppendA
PathUnquoteSpacesA
SHDeleteValueA
PathCanonicalizeA
PathRemoveBackslashA
PathRemoveFileSpecA
PathCombineA
SHCreateStreamOnFileA
PathAddBackslashA
PathFindExtensionA
SHDeleteKeyA
PathStripPathA
PathIsDirectoryA
PathMatchSpecA
ole32
CLSIDFromString
StringFromGUID2
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoInitialize
CoCreateInstance
OleRun
CoUninitialize
CreateStreamOnHGlobal
oleaut32
SysAllocString
SysFreeString
SysStringLen
VariantInit
VariantCopy
VariantClear
SysAllocStringByteLen
LoadTypeLi
OleLoadPicture
SafeArrayGetVartype
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
VariantChangeType
SafeArrayDestroy
SafeArrayUnlock
msvcp80
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@1@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@PBD1@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?id@?$ctype@D@std@@2V0locale@2@A
?allocate@?$allocator@D@std@@QAEPADI@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
??0locale@std@@QAE@XZ
?toupper@?$ctype@D@std@@QBEDD@Z
??1locale@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Bid@locale@std@@QAEIXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?_Incref@facet@locale@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@H@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
imagehlp
ImageDirectoryEntryToData
wininet
InternetCloseHandle
InternetOpenUrlA
InternetCanonicalizeUrlA
HttpQueryInfoA
InternetSetOptionA
InternetOpenA
psapi
EnumProcesses
GetModuleFileNameExA
EnumProcessModules
userenv
UnloadUserProfile
netapi32
NetApiBufferFree
NetUserGetInfo
NetGetDCName
NetLocalGroupEnum
NetLocalGroupGetMembers
NetWkstaUserGetInfo
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Exports
Exports
??0UserAgentManager@UserAgent@@AAE@XZ
??0UserAgentManager@UserAgent@@QAE@ABV01@@Z
??1UserAgentManager@UserAgent@@QAE@XZ
??4UserAgentManager@UserAgent@@QAEAAV01@ABV01@@Z
??_B?1??I@UserAgentManager@UserAgent@@SAPAV12@XZ@51
?I@UserAgentManager@UserAgent@@SAPAV12@XZ
?Init@UserAgentManager@UserAgent@@AAEXPAUAgentParams@2@@Z
?RemoveFree@UserAgentManager@UserAgent@@QAE_NXZ
?RemovePaid@UserAgentManager@UserAgent@@QAE_NXZ
?SetPurchased@UserAgentManager@UserAgent@@QAE_NXZ
?SetUnpurchased@UserAgentManager@UserAgent@@QAE_NXZ
?UpdateFreeVersion@UserAgentManager@UserAgent@@QAE_NXZ
?UpdatePaidVersion@UserAgentManager@UserAgent@@QAE_NXZ
?uam@?1??I@UserAgentManager@UserAgent@@SAPAV23@XZ@4V23@A
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 216KB - Virtual size: 215KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 541B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ