C:\02Code\trunk\msvc2013\SafedogServer\Windows\trunk\Version\ServerSln\openssl-1.1.1k\Release_Unicode\Symbols\SafeDogGuardCenter.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3350bfcd3d650e5e31fbe66c46fdba0b1c6d85252276e1775f574dd65c03635c.exe
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
3350bfcd3d650e5e31fbe66c46fdba0b1c6d85252276e1775f574dd65c03635c.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
3350bfcd3d650e5e31fbe66c46fdba0b1c6d85252276e1775f574dd65c03635c
-
Size
2.1MB
-
MD5
b1f59a4b9a09258d91cc5a0270891a43
-
SHA1
a05ac078e6d2de8d5cd16e15872605a234ea60cb
-
SHA256
3350bfcd3d650e5e31fbe66c46fdba0b1c6d85252276e1775f574dd65c03635c
-
SHA512
1132e0a0f26d5509433ba70f1d36fab43eb8eaddee5564a4e4cc17386837c4f89ec0fad85aeb0f7de6669cd5b05e89eb7072648f0d936fb0e0d1cd73a5f01f86
-
SSDEEP
49152:njTZCEuU4KGtpdJ4vjV/A0hz8bVzb4xVfIOXzj/4+RCa6cQK4C2qXenaaA2gTBvf:nPZCEuU4KGtpTyjZAnVWfIOXPfRMK48
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3350bfcd3d650e5e31fbe66c46fdba0b1c6d85252276e1775f574dd65c03635c
Files
-
3350bfcd3d650e5e31fbe66c46fdba0b1c6d85252276e1775f574dd65c03635c.exe windows:5 windows x86 arch:x86
11d8ae8965f5b4f8dc8465504d1c1a84
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
log4cplusu
??1ConfigureAndWatchThread@log4cplus@@UAE@XZ
??0Logger@log4cplus@@QAE@$$QAV01@@Z
?isEnabledFor@Logger@log4cplus@@QBE_NH@Z
?getInstance@Logger@log4cplus@@SA?AV12@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?get_macro_body_oss@detail@log4cplus@@YAAAV?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?macro_forced_log@detail@log4cplus@@YAXABVLogger@2@HABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBDH2@Z
?getRoot@Logger@log4cplus@@SA?AV12@XZ
??0ConfigureAndWatchThread@log4cplus@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@I@Z
??1Logger@log4cplus@@UAE@XZ
crashreport
UnInstallCrashReport
InstallCrashReportW
kernel32
RemoveDirectoryW
OpenFileMappingA
GetCurrentThread
SetThreadPriority
UnmapViewOfFile
WaitForMultipleObjects
MapViewOfFile
CreateFileMappingA
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
CompareFileTime
GetProcessTimes
FreeLibrary
GetCommandLineW
Process32NextW
TerminateProcess
TlsSetValue
SystemTimeToFileTime
TlsGetValue
Process32FirstW
CreateToolhelp32Snapshot
InterlockedDecrement
SleepEx
InterlockedCompareExchange
FindClose
FindNextFileW
FindFirstFileW
lstrcmpiW
FormatMessageA
GetModuleHandleW
GetVersion
WriteFile
ReadFile
DisconnectNamedPipe
ConnectNamedPipe
SetLastError
CreateNamedPipeA
ReleaseMutex
CreateMutexA
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
GetLongPathNameW
OpenProcess
LoadLibraryW
GetSystemDirectoryW
GetCurrentProcess
WTSGetActiveConsoleSessionId
GetWindowsDirectoryW
Sleep
OutputDebugStringA
GetCurrentThreadId
GetModuleFileNameW
WaitForSingleObjectEx
CreateThread
CreateEventW
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
HeapAlloc
HeapFree
GetProcessHeap
GetLastError
GetModuleHandleA
GetTickCount
CreateEventA
CloseHandle
ResetEvent
SetEvent
OpenEventA
GetCurrentProcessId
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetFileAttributesW
GetSystemTimeAsFileTime
CreateSemaphoreA
SwitchToThread
MapViewOfFileEx
DuplicateHandle
WaitForMultipleObjectsEx
GetStringTypeExA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
GetStringTypeExW
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
GetDiskFreeSpaceW
ReleaseSemaphore
DeleteFileW
LockFileEx
GetTempPathW
FlushFileBuffers
GetFileAttributesA
FormatMessageW
UnlockFileEx
LockFile
UnlockFile
QueryPerformanceCounter
SetEndOfFile
SetFilePointer
GetFullPathNameA
GetFullPathNameW
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
CreateFileMappingW
CreateFileW
GetFileSize
QueryDosDeviceW
IsWow64Process
ProcessIdToSessionId
GetLogicalDriveStringsW
CreateProcessW
SetWaitableTimer
ResumeThread
TlsFree
CreateWaitableTimerA
EncodePointer
DecodePointer
TlsAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
DeviceIoControl
CreateDirectoryExW
CopyFileW
SetFileAttributesW
user32
CharLowerW
CharNextW
LoadStringW
LoadStringA
ExitWindowsEx
advapi32
DuplicateTokenEx
OpenServiceA
RegQueryValueExW
RegOpenKeyW
RegCloseKey
QueryServiceConfigA
CloseServiceHandle
StartServiceCtrlDispatcherW
RegOpenKeyExW
CreateServiceW
DeleteService
OpenServiceW
LockServiceDatabase
ChangeServiceConfig2W
StartServiceW
QueryServiceStatus
ChangeServiceConfigW
UnlockServiceDatabase
ControlService
LsaOpenPolicy
LsaQueryInformationPolicy
LsaSetInformationPolicy
LsaFreeMemory
LsaClose
OpenEventLogW
ReadEventLogW
CloseEventLog
RegisterServiceCtrlHandlerExW
SetServiceStatus
OpenProcessToken
SetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
CreateProcessAsUserW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupAccountSidW
GetAclInformation
GetAce
GetSecurityInfo
OpenSCManagerW
shell32
ord51
ShellExecuteW
CommandLineToArgvW
communicate
_Initial@4
_UnInitial@4
config7
?Finish@config7@@YAXXZ
?SetBool@config7@@YA_NPB_W00_N11@Z
??0CConfigArray@config7@@QAE@PB_W000_N1@Z
?GetString@config7@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W000_N@Z
?GetBool@config7@@YA_NPB_W00_N1@Z
?size@CConfigArray@config7@@QBEIXZ
??BCConfigElem@config7@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
??ACConfigArray@config7@@QAEAAVCConfigElem@1@I@Z
?GetBoolByFile@config7@@YA_NPB_W00_N1@Z
??4CConfigElem@config7@@QBE_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetInt@config7@@YAHPB_W00H_N@Z
?SetString@config7@@YA_NPB_W000_N1@Z
?GetStringByFile@config7@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W000_N@Z
?SetInt@config7@@YA_NPB_W00H_N1@Z
??1CConfigArray@config7@@QAE@XZ
?Init@config7@@YAXI@Z
log7
?InitSync@log7@@YAXXZ
?WriteLogA@log7@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_N1@Z
?UnInitSync@log7@@YAXXZ
procmon
SetProcNotifier
sdbase
?getProcessLoadModuleByPid@Process@SDBase@@YAXKAAV?$list@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@Z
?SDMoudleVerifySign@SDFile@File@SDBase@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?getTcpIPV4StatesByPid@Net@SDBase@@YA_NKAAV?$list@Ust_tcp_netstat_info@Net@SDBase@@V?$allocator@Ust_tcp_netstat_info@Net@SDBase@@@std@@@std@@@Z
?getTcpIPV6StatesByPid@Net@SDBase@@YA_NKAAV?$list@Ust_tcp_netstat_info@Net@SDBase@@V?$allocator@Ust_tcp_netstat_info@Net@SDBase@@@std@@@std@@@Z
?UnicodeToGb2312@Conv@SDBase@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@@Z
?getProcessUserNameByHandle@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAX@Z
?getProcessImageFileNameByPid@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@K@Z
?getProcessGroupNameByHandle@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAX@Z
?getUdpIPV4StatesByPid@Net@SDBase@@YA_NKAAV?$list@Ust_udp_netstat_info@Net@SDBase@@V?$allocator@Ust_udp_netstat_info@Net@SDBase@@@std@@@std@@@Z
?getUdpIPV6StatesByPid@Net@SDBase@@YA_NKAAV?$list@Ust_udp_netstat_info@Net@SDBase@@V?$allocator@Ust_udp_netstat_info@Net@SDBase@@@std@@@std@@@Z
?enumAllProcess@Process@SDBase@@YAXAAV?$list@Ust_process_info@Process@SDBase@@V?$allocator@Ust_process_info@Process@SDBase@@@std@@@std@@@Z
?GetFileNameA@Path@File@SDBase@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV45@@Z
?getTcpIPV4Estab@Net@SDBase@@YA_NAAV?$list@Ust_tcp_netstat_info@Net@SDBase@@V?$allocator@Ust_tcp_netstat_info@Net@SDBase@@@std@@@std@@K_N@Z
?getTcpIPV6Estab@Net@SDBase@@YA_NAAV?$list@Ust_tcp_netstat_info@Net@SDBase@@V?$allocator@Ust_tcp_netstat_info@Net@SDBase@@@std@@@std@@K_N@Z
?getProcessSubsystem@Process@SDBase@@YAKABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?getProcessHandleInfoByPid@Process@SDBase@@YA_NKAAUst_handle_info@12@@Z
?getProcessUserNameByPid@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@K@Z
?getProcessCurrentDirByPid@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@K@Z
?getProcessCmdlineByPid@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@K@Z
?getProcessParentIdByHandle@Process@SDBase@@YAKPAX@Z
?getProcessImageFileNameByHandle@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAX@Z
?getProcessCmdlineByHandle@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAX@Z
?getProcessCurrentDirByHandle@Process@SDBase@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAX@Z
?GetOsVersion@Kernel32@SDBase@@YAHXZ
?ClearDumpFile@File@SDBase@@YAHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0I_K@Z
sdoperation
?getProcTree@ReversShellBase@@YAXHAAV?$list@Ust_rshell_proc_info@@V?$allocator@Ust_rshell_proc_info@@@std@@@std@@@Z
?IfCanRunUpdateQhVirusEngine@GuardHelper@@YA_NXZ
?IfCanRunInstallQhEngine@GuardHelper@@YA_NXZ
?IfCanRunInstallAntianEngine@GuardHelper@@YA_NXZ
?IfCanRunRiskScan@GuardHelper@@YA_NXZ
?IfCanRunVirusWebCommand@GuardHelper@@YA_NXZ
?IfCanRunUpdateVul@GuardHelper@@YA_NXZ
?IfCanRunUpdateVirusEngine@GuardHelper@@YA_NXZ
updatehelp
?UpdateHelp@@YAXXZ
antivirudll
?Load@VirusFilePlusInfoLoader@@SA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAVVirusFilePlusInfo@@@Z
?isAutoUploadVirusOpen@ScannerControl@@SA_NXZ
sdmonitor
?startMonitor@CFileMonitor@NSSafeDogMonitor@@QAE_NXZ
?isMonitoring@CAccountMonitor@NSSafeDogMonitor@@QAE_NXZ
?instance@CAccountMonitor@NSSafeDogMonitor@@SAPAV12@XZ
?stopMonitor@CFileMonitor@NSSafeDogMonitor@@QAE_NXZ
?startMonitor@CAccountMonitor@NSSafeDogMonitor@@QAE_NXZ
?instance@CFileMonitor@NSSafeDogMonitor@@SAPAV12@XZ
?isMonitoring@CFileMonitor@NSSafeDogMonitor@@QAE_NXZ
?stopMonitor@CAccountMonitor@NSSafeDogMonitor@@QAE_NXZ
serverdll
SetUserLogonNotifyRoutine
AcceptRemoteConnect
AccountSafeStop
AccountSafeStart
msvcp120
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?_BADOFF@std@@3_JB
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?classic@locale@std@@SAABV12@XZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??0_Container_base12@std@@QAE@XZ
?global@locale@std@@SA?AV12@ABV12@@Z
?_Xruntime_error@std@@YAXPBD@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?_Getname@_Locinfo@std@@QBEPBDXZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@HPBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
?_Incref@facet@locale@std@@UAEXXZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??0_Locinfo@std@@QAE@PBD@Z
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?tolower@?$ctype@D@std@@QBEDD@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?widen@?$ctype@D@std@@QBEDD@Z
??Bios_base@std@@QBE_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?toupper@?$ctype@_W@std@@QBE_W_W@Z
?narrow@?$ctype@D@std@@QBEDDD@Z
?precision@ios_base@std@@QAE_J_J@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?exceptions@ios_base@std@@QAEXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?narrow@?$ctype@_W@std@@QBED_WD@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE_W_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
?_Winerror_map@std@@YAPBDH@Z
??0id@locale@std@@QAE@I@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBUtm@@PBD3@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?toupper@?$ctype@D@std@@QBEDD@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
??7ios_base@std@@QBE_NXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?width@ios_base@std@@QBE_JXZ
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QAE_J_J@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Syserror_map@std@@YAPBDH@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??_7_Facet_base@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?flags@ios_base@std@@QAEHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??_7facet@locale@std@@6B@
??0?$codecvt@_WDH@std@@QAE@I@Z
??_7codecvt_base@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QBE_JXZ
psapi
GetProcessImageFileNameA
GetModuleFileNameExW
EnumProcessModules
GetModuleFileNameExA
shlwapi
PathQuoteSpacesW
PathFileExistsW
PathAppendW
StrStrIW
PathRemoveFileSpecA
PathAppendA
wnsprintfW
PathIsPrefixW
StrCmpW
PathFileExistsA
PathIsDirectoryW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
msvcr120
fgetc
fputc
ungetc
_lock_file
_unlock_file
fwrite
memcpy_s
_fseeki64
fgetpos
fsetpos
setvbuf
fflush
fclose
wcscmp
_stat32
_get_errno
srand
rand
_localtime64_s
towlower
_wstat32
atoi
_wstat64i32
?terminate@@YAXXZ
??8type_info@@QBE_NABV0@@Z
toupper
isalnum
swscanf_s
abort
isalpha
isdigit
_errno
fprintf
strchr
sprintf
_vacopy
__CxxFrameHandler3
ferror
fread
fseek
ftell
_vsnprintf_s
strncmp
realloc
_time32
_localtime32_s
strftime
_wfopen_s
_wfsopen
_gmtime64
_mktime64
_snwscanf_s
wcsstr
wcsftime
clock
_vsnwprintf_s
_stricmp
_vscwprintf
_wmkdir
vsprintf_s
_beginthreadex
_CxxThrowException
strerror
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
_vsnprintf
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
wcsrchr
atof
isspace
ispunct
wcschr
wcsncpy_s
_strnicmp
malloc
free
_wtoi
wcscpy_s
_wchdir
strcmp
printf
_wcsicmp
_localtime64
_time64
memchr
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBDH@Z
wcslen
??_V@YAXPAX@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
_purecall
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
strrchr
_strlwr_s
sprintf_s
strcat_s
tolower
memcmp
memmove
??2@YAPAXI@Z
memcpy
strlen
memset
??3@YAXPAX@Z
_except1
_write
??4exception@std@@QAEAAV01@ABV01@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
swprintf_s
netapi32
NetServerGetInfo
NetApiBufferFree
NetUserGetInfo
secur32
LsaFreeReturnBuffer
LsaGetLogonSessionData
userenv
CreateEnvironmentBlock
DestroyEnvironmentBlock
iphlpapi
GetIfTable
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
ws2_32
getaddrinfo
WSACleanup
WSAStartup
gethostname
htons
freeaddrinfo
libcrypto-1_1
OPENSSL_sk_num
X509_get_ext_by_NID
OBJ_obj2nid
X509_get_issuer_name
X509V3_EXT_d2i
OPENSSL_sk_value
X509_NAME_get_text_by_NID
ASN1_OBJECT_free
X509_get_ext
d2i_PKCS7
OPENSSL_sk_pop_free
X509_get_subject_name
ole32
CoInitializeEx
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 316KB - Virtual size: 316KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 62KB - Virtual size: 87KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ