Solara Executor[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Solara Executor.zip
Size

20.6MB
MD5

78cfa6c39155ac337d4aca11f12acf34
SHA1

ea2f83ac01ca20e112a4ada5aa7651f9d0b008b8
SHA256

cab45b3afeacdaa791525f848fa4b2b81754d19def881f7a320b282560fb3033
SHA512

b5cbb585a06725666ffbb00420f3f16ebc7000c7802b3ac52332ed79a20305d092c86bbeb5615b52ebc0e272189027c3e74947ee74607c6bacd256f35560d888
SSDEEP

393216:ZSfJmDlNqMMBTGphhXJiUBdCmX9cpECgnhAP1E6eTHXb84pWW70aJ6YUsNSFMJ:SyMBa/FsUBdUpjgnhAP1aHXb84pWW7Zp

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Solara Executor/Solara.exe
unpack001/Solara Executor/cfg/BingMaps.dll
unpack001/Solara Executor/cfg/Windows.UI.Xaml.dll
unpack001/Solara Executor/cfg/mstscax.dll
unpack001/Solara Executor/cfg/prm0019.dll
unpack001/Solara Executor/cfg/wmp.dll

Files

Solara Executor.zip
.zip

Password: 2024
Solara Executor/Solara.exe
.exe windows:4 windows x86 arch:x86

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 598KB - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Solara Executor/Sript.txt
Solara Executor/cfg/BingMaps.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

6858de0d7f98c27c4ba700bc92b21099

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BingMaps.pdb

Imports

msvcp_win

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA_N_N@Z
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGD@Z
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGXZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAM@Z
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??Bid@locale@std@@QEAA_KXZ
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?widen@?$ctype@G@std@@QEBAGD@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAN@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?in@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAG3AEAPEAG@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Random_device@std@@YAIXZ
?put@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@PEBX@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exception@std@@YA_NXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Xruntime_error@std@@YAXPEBD@Z
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
?toupper@?$ctype@G@std@@QEBAGG@Z
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__free_locale
_o__gmtime64_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__msize
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o__wcsnicmp
__intrinsic_setjmp
_o__wstat64i32
_o__wtoi_l
_o_acos
_o_asin
_o_atan
_o_atan2
_o_atof
_o_atoi
_o_atol
_o_ceil
_o_cos
_o_exp
_o_exp2f
_o_fclose
_o_floor
_o_fmod
_o_fopen
_o_fread
_o_free
_o_fseek
_o_ftell
_o_isdigit
_o_islower
_o_isspace
_o_isupper
_o_log
_o_log2
_o_lroundf
_o_malloc
_o_modf
_o_pow
_o_powf
_o_qsort
_o_rand_s
_o_realloc
_o_round
_o_roundf
_o_sin
_o_sinh
_o_sqrt
_o_strcpy_s
_o_tan
_o_terminate
_o_tolower
_o_toupper
_o_towlower
_o_towupper
_o_wcstod
_o_wcstol
_o_wcstoll
_o_wcstoul
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__aligned_malloc
_o__aligned_free
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsscanf
_o___stdio_common_vsprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o__crt_atexit
_o__create_locale
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__configure_narrow_argv
__std_type_info_compare
__std_terminate
__CxxFrameHandler4
_o__expand
_o__cexit
_o__execute_onexit_table
strchr
longjmp
_o__errno
_o__callnewh
strrchr
strstr
__RTtypeid
_o__dtest
__RTDynamicCast
memchr
memcmp
memcpy
memmove

api-ms-win-crt-string-l1-1-0

strcmp
strncmp
memset
strncpy

mapconfiguration

ConfigurationManager_GetLocaleMapConfiguration
ConfigurationManager_Create

api-ms-win-core-psm-app-l1-1-0

PsmRegisterAppStateChangeNotification
PsmUnregisterAppStateChangeNotification

api-ms-win-core-libraryloader-l1-2-0

LockResource
GetModuleFileNameA
GetModuleHandleExW
DisableThreadLibraryCalls
SizeofResource
LoadLibraryExW
LoadResource
GetModuleHandleW
GetProcAddress

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
SetLastError
UnhandledExceptionFilter
RaiseException

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsConcatString
WindowsDuplicateString
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString

api-ms-win-core-winrt-error-l1-1-0

RoFailFastWithErrorContext
RoOriginateError
RoTransformError
GetRestrictedErrorInfo
RoOriginateErrorW
SetRestrictedErrorInfo

api-ms-win-core-com-l1-1-0

CoMarshalInterface
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoReleaseMarshalData
CreateStreamOnHGlobal
CoGetApartmentType

api-ms-win-core-synch-l1-1-0

ResetEvent
CreateEventW
WaitForMultipleObjectsEx
WaitForSingleObject
CreateSemaphoreExW
WaitForSingleObjectEx
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
CreateEventExW
TryEnterCriticalSection
ReleaseSRWLockExclusive
ReleaseSemaphore
ReleaseMutex
OpenSemaphoreW
CreateMutexExW
AcquireSRWLockShared
AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
ReleaseSRWLockShared
InitializeSRWLock

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory

api-ms-win-core-winrt-error-l1-1-1

IsErrorPropagationEnabled
RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate

api-ms-win-core-synch-l1-2-0

WaitOnAddress
InitOnceExecuteOnce
WakeByAddressSingle

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
OpenProcessToken
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-security-base-l1-1-0

GetTokenInformation

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
GetTimeZoneInformation
FileTimeToSystemTime

api-ms-win-core-string-l1-1-0

CompareStringOrdinal

api-ms-win-core-path-l1-1-0

PathCchCanonicalize

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-localization-l1-2-0

FormatMessageW
FormatMessageA
GetLocaleInfoEx

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-file-l1-1-0

SetFileAttributesW
DeleteFileW
CreateDirectoryW
GetFileAttributesExW
ReadFile
FindFirstFileW
GetFileSizeEx
FindNextFileW
WriteFile
RemoveDirectoryW
FindClose

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWrite
EventUnregister

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegGetValueW
RegOpenKeyExW

api-ms-win-core-file-l1-2-0

CreateFile2

api-ms-win-core-sysinfo-l1-2-0

GetNativeSystemInfo

api-ms-win-core-io-l1-1-0

CancelIoEx

api-ms-win-core-psapi-l1-1-0

K32GetPerformanceInfo

api-ms-win-core-kernel32-legacy-l1-1-0

BindIoCompletionCallback

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-downlevel-shlwapi-l2-1-0

SHCreateMemStream

d2d1

ord1

d3d11

D3D11CreateDevice

dwrite

DWriteCreateFactory

dxgi

CreateDXGIFactory2
DXGIGetDebugInterface1
CreateDXGIFactory1

api-ms-win-shcore-stream-winrt-l1-1-0

CreateRandomAccessStreamOverStream

ztrace_maps

ZTraceReportPropagationNoThis
ZTraceReportPropagation
ZTraceReportOrigination
ZTraceClose
ZTraceInit
ZTraceReportOriginationNoThis
ZTraceReportIgnore
ZTraceHelper
ZTraceReportIgnoreNoThis

api-ms-win-crt-math-l1-1-0

ceilf
sinf
fmodf
truncf
cosf
modff
floorf
sqrtf

api-ms-win-crt-time-l1-1-0

_time64

moshostclient

MosHostClose
MosHostOpen
MosGetDataAsyncOperation
MosDeleteDataAsyncOperation

Exports

Exports

GetBingMapsFactory

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 527KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Solara Executor/cfg/Windows.UI.Xaml.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

5bdb058d8bd5a4fb017b7e63aab20627

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

windows.ui.xaml.pdb

Imports

msvcp_win

??0facet@locale@std@@IEAA@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@J@Z
?_Incref@facet@locale@std@@UEAAXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?widen@?$ctype@G@std@@QEBAGD@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bid@locale@std@@QEAA_KXZ
?is@?$ctype@G@std@@QEBA_NFG@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
_Wcscoll
_Wcsxfrm
??1_Locinfo@std@@QEAA@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@I@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?id@?$collate@G@std@@2V0locale@2@A
??0_Lockit@std@@QEAA@H@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
??1_Lockit@std@@QEAA@XZ
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?tolower@?$ctype@G@std@@QEBAGG@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?setf@ios_base@std@@QEAAHHH@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@N@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGD@Z
?put@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@G@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
_Mtx_lock
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
_Mtx_init_in_situ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?flags@ios_base@std@@QEBAHXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
_Mtx_destroy_in_situ
?_Throw_C_error@std@@YAXH@Z
??1facet@locale@std@@MEAA@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
_Mtx_unlock
?_Xbad_function_call@std@@YAXXZ

api-ms-win-crt-string-l1-1-0

memset
wcscspn
wcscmp
wcsncmp

api-ms-win-crt-math-l1-1-0

cosf
ceilf
atan2f
_isnan
_finite
fminf
fmaxf
_fdtest
floorf
fmodf
logf
sinf
tanf
sqrtf

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_invoke_watson

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__itow_s
_o__purecall
_o__recalloc
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o__wcsnicmp
_o__wcstoi64
memmove
_o__wsplitpath_s
_o__wtoi
_o_abort
_o_bsearch
_o_calloc
_o_ceil
_o_cos
_o_exp
_o_floor
_o_fmod
_o_free
_o_isalpha
_o_isspace
_o_iswalnum
_o_iswblank
_o_iswcntrl
_o_iswdigit
_o_iswgraph
_o_iswprint
_o_iswpunct
_o_iswspace
_o_log
_o_log2f
_o_lroundf
_o_malloc
_o_pow
_o_powf
_o_realloc
_o_round
_o_sin
_o_terminate
_o_tolower
_o_toupper
_o_towlower
_o_towupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstod
_o_wcstol
_o_wcstoll
_o_wcstoul
_o_wcstoull
wcsstr
__std_type_info_compare
wcschr
strchr
__C_specific_handler
wcsrchr
__CxxFrameHandler3
_o__execute_onexit_table
_o__errno
_o__dtest
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__beginthreadex
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
_CxxThrowException
memcmp
memcpy

api-ms-win-core-libraryloader-l1-2-0

LoadResource
GetModuleHandleExW
GetProcAddress
SizeofResource
FreeLibrary
FindResourceExW
LoadLibraryExW
LockResource
GetModuleFileNameW
GetModuleFileNameA
GetModuleHandleW

api-ms-win-core-featurestaging-l1-1-0

RecordFeatureError
GetFeatureEnabledState
SubscribeFeatureStateChangeNotification
RecordFeatureUsage
UnsubscribeFeatureStateChangeNotification

api-ms-win-core-synch-l1-1-0

OpenEventW
CreateSemaphoreExW
InitializeSRWLock
InitializeCriticalSectionAndSpinCount
SetEvent
TryAcquireSRWLockExclusive
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
WaitForSingleObject
LeaveCriticalSection
ResetEvent
OpenMutexW
ReleaseMutex
CreateEventW
CreateMutexW
ReleaseSRWLockExclusive
ReleaseSemaphore
AcquireSRWLockShared
CreateMutexExW
CreateEventExW
WaitForMultipleObjectsEx
ReleaseSRWLockShared
AcquireSRWLockExclusive
InitializeCriticalSectionEx
OpenSemaphoreW
WaitForSingleObjectEx

api-ms-win-core-heap-l1-1-0

HeapSize
HeapDestroy
HeapCreate
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
SetLastError
RaiseException

api-ms-win-eventing-classicprovider-l1-1-0

UnregisterTraceGuids
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage
TraceEvent
GetTraceLoggerHandle
RegisterTraceGuidsW

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CreateThreadpoolCleanupGroup
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolWork
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolWait
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolWait
SetThreadpoolTimer
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks

api-ms-win-core-processthreads-l1-1-0

TlsFree
SetPriorityClass
SwitchToThread
GetPriorityClass
GetCurrentThreadId
OpenProcessToken
GetProcessId
GetCurrentProcessId
SetThreadPriority
TlsAlloc
GetThreadPriority
TlsGetValue
TlsSetValue
TerminateProcess
GetCurrentThread
GetExitCodeProcess
CreateThread
GetCurrentProcess
OpenThreadToken

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetTickCount64
GetSystemTimeAsFileTime
GetVersionExW
GetSystemInfo
GetWindowsDirectoryW

api-ms-win-core-localization-l1-2-0

SetProcessPreferredUILanguages
GetLocaleInfoW
GetLocaleInfoEx
FormatMessageW
GetThreadUILanguage
LocaleNameToLCID
LCMapStringEx
ResolveLocaleName
GetUserDefaultLCID
FindNLSStringEx

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-featurestaging-l1-1-1

GetFeatureVariant

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventSetInformation
EventRegister
EventProviderEnabled
EventUnregister
EventActivityIdControl

api-ms-win-core-wow64-l1-1-1

IsWow64Process2

api-ms-win-core-wow64-l1-1-0

Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection

coremessaging

CreateDispatcherQueueController
CoreUICreate

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureStackBackTrace

api-ms-win-core-registry-l1-1-0

RegDeleteValueW
RegQueryInfoKeyW
RegGetValueW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
CompareStringEx
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeExW

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
InitOnceInitialize
Sleep
InitOnceBeginInitialize
InitOnceComplete

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled

api-ms-win-rtcore-ntuser-window-l1-1-0

SetTimer
GetAncestor
SetParent
GetClientRect
GetFocus
GetMessageW
DispatchMessageW
RegisterWindowMessageW
IsWindow
KillTimer
TranslateMessage
GetWindow
PostQuitMessage
GetDesktopWindow
GetQueueStatus
SetWindowLongW
ScreenToClient
SetWindowLongPtrW
GetWindowThreadProcessId
RegisterClassW
GetWindowLongPtrW
PostMessageW
FindWindowW
GetCursorPos
SendMessageW
GetWindowRect
GetMessageTime
GetWindowTextW
DefWindowProcW
GetPropW
RemovePropW
SetPropW
ClientToScreen
ShowWindow
SetWindowPos
DestroyWindow
CreateWindowExW
RegisterClassExW
PeekMessageW
GetClassInfoW
IsChild
GetClassNameW
EnumChildWindows
SetFocus
CallWindowProcW
GetParent
GetForegroundWindow

api-ms-win-core-shlwapi-legacy-l1-1-0

PathAddBackslashW
PathFindExtensionW
PathRemoveFileSpecW
PathCombineW

api-ms-win-rtcore-ntuser-wmpointer-l1-1-0

GetPointerFrameInfoHistory
GetPointerDeviceProperties
EnableMouseInPointer
GetPointerDevices
GetPointerDeviceRects
GetPointerInfo

api-ms-win-core-kernel32-legacy-l1-1-1

PowerClearRequest
PowerCreateRequest
PowerSetRequest

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-oobe-notification-l1-1-0

OOBEComplete

api-ms-win-shcore-stream-l1-1-0

SHCreateMemStream

api-ms-win-shcore-stream-winrt-l1-1-0

CreateRandomAccessStreamOverStream

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-processtopology-obsolete-l1-1-0

GetProcessAffinityMask

api-ms-win-core-psapi-l1-1-0

K32GetProcessMemoryInfo
QueryFullProcessImageNameW

api-ms-win-core-file-l1-1-0

GetFileAttributesW
ReadFile
GetFileSize
GetFileSizeEx
SetEndOfFile
GetTempFileNameW
CreateFileW
WriteFile
SetFilePointerEx
GetFileTime

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess
GetThreadTimes

api-ms-win-core-memory-l1-1-0

MapViewOfFile
VirtualProtect
VirtualFree
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
VirtualAlloc

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentVariableW
ExpandEnvironmentStringsW
SearchPathW

api-ms-win-security-base-l1-1-0

GetSidSubAuthority
GetSidSubAuthorityCount
DuplicateTokenEx
GetTokenInformation
AccessCheck
DuplicateToken

api-ms-win-core-url-l1-1-0

PathCreateFromUrlW
UrlCanonicalizeW
UrlCreateFromPathW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-timezone-l1-1-0

GetDynamicTimeZoneInformation
SystemTimeToFileTime

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage
GetSystemDefaultUILanguage

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

ntdll

RtlAcquireSRWLockShared
RtlReleaseSRWLockShared
RtlClearBits
RtlInitializeBitMap
NtQueryInformationThread
NtSetInformationVirtualMemory
RtlFindClearBitsAndSet
RtlRaiseException
RtlAreBitsClear
RtlInitializeSRWLock
RtlCompareMemory
RtlAcquireSRWLockExclusive
RtlCopyUnicodeString
RtlNtStatusToDosError
ZwQueryWnfStateData
RtlInitUnicodeString
RtlUnsubscribeWnfStateChangeNotification
RtlSubscribeWnfStateChangeNotification
RtlQueryWnfStateData
RtlQueryPackageClaims
NtQuerySecurityAttributesToken
RtlIsMultiSessionSku
RtlGetDeviceFamilyInfoEnum
RtlPublishWnfStateData
RtlFreeHeap
RtlAllocateHeap
NtPowerInformation
RtlReleaseSRWLockExclusive

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalAlloc
LocalAlloc

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-provider-l1-1-0

GetSecurityInfo

api-ms-win-rtcore-ntuser-synch-l1-1-0

MsgWaitForMultipleObjects
MsgWaitForMultipleObjectsEx

api-ms-win-dx-d3dkmt-l1-1-0

GdiEntry13

api-ms-win-core-errorhandling-l1-1-3

TerminateProcessOnMemoryExhaustion

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

bcp47langs

LanguageListAsMuiForm
Bcp47GetAbbreviation
Bcp47GetLanguageName
Bcp47FromLcid
Bcp47GetNlsForm
Bcp47FromHkl
GetFontFallbackLanguageList
SetApplicationLanguageOverride
ClearApplicationLanguageOverride
GetApplicationLanguages

combase

ord157
ord90
ord134

iertutil

PrivateCoInternetCombineIUri
ord811

dcomp

ord1040
ord1045

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-security-capability-l1-1-0

CapabilityCheck

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW

api-ms-win-core-path-l1-1-0

PathCchAppend

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrCSpnW
QISearch

Exports

Exports

CreateString
CreateXamlUIPresenter
DeleteString
DisableDeferredInvoke
DllCanUnloadNow
DllGetActivationFactory
DllMain
GetDependencyObjectAddress
GetErrorContextIndex
GetGlobalModuleParams
GetStringLen
GetStringRawBuffer
InitializeXamlDiagnosticsEx
OverrideXamlMetadataProvider
OverrideXamlResourcePropertyBag

Sections

.text
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 726KB - Virtual size: 725KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Solara Executor/cfg/config.toml
Solara Executor/cfg/mstscax.dll
.dll regsvr32 windows:10 windows x64 arch:x64

Password: 2024

ad5c6cdd3284530f6718d4b994a9106e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

mstscax.pdb

Imports

msvcrt

_ultow
wcsncat_s
wcstoul
wcsftime
tolower
_ltow
printf
isdigit
towupper
_itow_s
isalpha
memcpy
memcmp
memchr
strnlen
log10f
log10
log
floorf
floor
cos
_waccess_s
_wfopen
vswprintf_s
wcsnlen
memcpy_s
memmove_s
swscanf_s
_snprintf_s
_strnicmp
_strlwr_s
srand
time
rand
_vsnprintf
wcschr
wcstol
iswdigit
iswspace
toupper
wcstombs_s
_wcsnicmp
__CxxFrameHandler3
wcstok_s
wcsrchr
??1exception@@UEAA@XZ
??0exception@@QEAA@XZ
??0exception@@QEAA@AEBV0@@Z
_vsnprintf_s
realloc
_vscwprintf
exp
wcscat_s
wcsncmp
bsearch
wcsstr
vsprintf_s
memmove
memset
pow
sin
sqrt
_onexit
__dllonexit
_unlock
_lock
__C_specific_handler
_initterm
_amsg_exit
towlower
_XcptFilter
free
_callnewh
swprintf_s
_aligned_free
_aligned_malloc
gmtime
_wfopen_s
fclose
fprintf
fwrite
_wtoi
_itoa_s
wcscspn
sprintf_s
_ltow_s
_snwprintf_s
_stricmp
wcsncpy_s
wcscpy_s
_resetstkoflw
calloc
strtok_s
_wtol
strncmp
iswalnum
wcspbrk
malloc
_wcsicmp
_vsnwprintf
_wcslwr
?terminate@@YAXXZ
_purecall
??1type_info@@UEAA@XZ
_errno
ceilf
ceil
atan2
__RTDynamicCast
_CxxThrowException
wcscmp

ntdll

RtlGetLastNtStatus
RtlVerifyVersionInfo
RtlFreeUnicodeString
RtlAreBitsSet
RtlClearBits
RtlInitializeBitMap
RtlFindClearBitsAndSet
NtSetInformationFile
RtlCaptureContext
RtlStringFromGUID
RtlNtStatusToDosError
RtlInitString
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlAppendUnicodeToString
NtReadFile
NtWriteFile
RtlEnumerateGenericTableWithoutSplaying
RtlLookupElementGenericTable
RtlDeleteElementGenericTable
RtlInsertElementGenericTable
RtlEnumerateGenericTable
RtlInitializeGenericTable
NtDeviceIoControlFile
NtClose
NtOpenSection

kernel32

VerifyVersionInfoW
VerSetConditionMask
TlsGetValue
FlushFileBuffers
CreateSemaphoreExW
LeaveCriticalSection
GetSystemDefaultLangID
CreateMutexExW
DeviceIoControl
FindCloseChangeNotification
QueryDosDeviceW
FindFirstChangeNotificationW
FindNextChangeNotification
GetVolumeInformationW
GetFileInformationByHandle
GetFileAttributesExW
CreateTimerQueueTimer
DeleteTimerQueueTimer
LocalAlloc
LocalFree
SystemTimeToFileTime
GetSystemTime
LoadLibraryExW
SetFileTime
LoadLibraryA
GetACP
ExpandEnvironmentStringsW
RemoveDirectoryW
MoveFileW
LockFileEx
GetVersionExW
LockFile
CompareStringW
K32GetModuleFileNameExW
UnlockFile
GetDriveTypeW
InitializeSListHead
InterlockedFlushSList
CreateDirectoryW
EscapeCommFunction
GetCommState
PostQueuedCompletionStatus
GlobalDeleteAtom
SetCommState
lstrcmpA
GetVersion
GetModuleHandleA
GetModuleFileNameW
CreateFileW
DuplicateHandle
DeleteFileW
GetFileAttributesW
SetFileAttributesW
GlobalAddAtomW
WriteFile
ReadFile
CreateMutexW
GetDiskFreeSpaceW
TransmitCommChar
IsDBCSLeadByte
WaitCommEvent
TerminateThread
LoadResource
TryAcquireSRWLockExclusive
GetCPInfo
GlobalHandle
GetCommandLineW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
GetVersionExA
SetCommTimeouts
GetCommTimeouts
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathW
InitOnceExecuteOnce
CompareStringOrdinal
SetupComm
GlobalFree
GetCommMask
SetCommMask
GetSystemFirmwareTable
CreateEventW
SetEvent
ResetEvent
CreateThread
PurgeComm
CreateEventExW
CreateWaitableTimerW
SetWaitableTimer
QueryPerformanceFrequency
WaitForMultipleObjectsEx
CancelWaitableTimer
GetComputerNameExW
GetCommModemStatus
ClearCommError
TlsFree
GetComputerNameA
TlsAlloc
SetErrorMode
CancelIo
BindIoCompletionCallback
CreateThreadpoolTimer
OpenSemaphoreW
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
WaitForSingleObjectEx
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
ReleaseMutex
ReleaseSemaphore
SetLastError
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
OutputDebugStringW
IsDebuggerPresent
GetModuleHandleW
DebugBreak
GetModuleFileNameA
GetModuleHandleExW
HeapFree
GetProcessHeap
HeapAlloc
FormatMessageW
LoadLibraryW
GetSystemDirectoryW
GetCommProperties
CreateFileMappingW
CloseHandle
GetCommConfig
GetDefaultCommConfigW
GetLastError
SleepConditionVariableSRW
WakeAllConditionVariable
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
DecodePointer
EncodePointer
VirtualAlloc
VirtualFree
LoadLibraryExA
VirtualProtect
DisableThreadLibraryCalls
SizeofResource
lstrcmpiW
GetTimeZoneInformation
GetLocalTime
OpenThread
SwitchToThread
InitializeCriticalSection
GetComputerNameW
Beep
TrySubmitThreadpoolCallback
CloseThreadpool
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMaximum
CreateThreadpool
InitializeCriticalSectionAndSpinCount
ProcessIdToSessionId
FindFirstVolumeW
FindNextVolumeW
GetVolumePathNamesForVolumeNameW
FindVolumeClose
GetModuleHandleExA
OpenProcess
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
SleepConditionVariableCS
InitializeConditionVariable
WakeConditionVariable
HeapSize
HeapReAlloc
HeapDestroy
GetWindowsDirectoryW
CreateIoCompletionPort
GetQueuedCompletionStatus
GetTempFileNameW
CreateProcessW
GetProcAddress
FreeLibrary
TlsSetValue
GlobalSize
SetFilePointer
SetThreadpoolThreadMinimum
SetThreadPriority
GetOverlappedResult
GetTickCount64
DisconnectNamedPipe
CreateThreadpoolIo
CancelThreadpoolIo
StartThreadpoolIo
CloseThreadpoolIo
WaitForThreadpoolIoCallbacks
QueueUserWorkItem
CreateSemaphoreW
FreeLibraryAndExitThread
CreateWaitableTimerExW
IsProcessorFeaturePresent
WaitForMultipleObjects
GetNativeSystemInfo
CompareStringEx
SearchPathW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetLocaleInfoW
UnmapViewOfFile
MultiByteToWideChar
FindResourceExW
MapViewOfFile
WideCharToMultiByte
DeactivateActCtx
ActivateActCtx
FindActCtxSectionStringW
CreateActCtxW
QueryActCtxW
OutputDebugStringA
PowerCreateRequest
PowerSetRequest
PowerClearRequest
NormalizeString
MulDiv
lstrcmpW
RaiseException
GetExitCodeThread
SuspendThread
ResumeThread
VirtualQuery
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
InitializeSRWLock
GetFileSize
OpenEventW
OpenMutexW
OpenFileMappingW
GetSystemInfo
GetActiveProcessorCount
GetProcessAffinityMask
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
SetEndOfFile
FindFirstFileW
FindNextFileW
FindClose
GetFileSizeEx
SetFilePointerEx

gdi32

OffsetWindowOrgEx
GdiDrawStream
GetDeviceCaps
CreateRectRgn
SetRectRgn
CombineRgn
DeleteObject
OffsetRgn
DPtoLP
IntersectClipRect
CreateRectRgnIndirect
GetRgnBox
ExtCreateRegion
CreateSolidBrush
GetRegionData
CreateDIBPatternBrushPt
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
PtInRegion
CreateFontIndirectW
GetDIBColorTable
GetTextExtentPoint32W
ExtTextOutW
CreatePolygonRgn
GdiFlush
TextOutW
GetMapMode
GetTextExtentPointW
GetClipRgn
UpdateColors
GetPixel
LPtoDP
DeleteDC
CreateDCW
GetSystemPaletteEntries
SelectObject
CreateDIBitmap
CreateCompatibleDC
SelectPalette
SetStretchBltMode
StretchBlt
RealizePalette
SelectClipRgn
CreatePalette
SetBrushOrgEx
GetBrushOrgEx
SetMetaFileBitsEx
GetMetaFileBitsEx
PlayMetaFile
SetBkMode
GetBkMode
SetBkColor
SetTextColor
SetTextAlign
GetPaletteEntries
GetTextAlign
GetClipBox
GetNearestColor
SetDIBColorTable
GetNearestPaletteIndex
SetPixel
StretchDIBits
BitBlt
GetStockObject
SetDCBrushColor
PatBlt
SetROP2
CreateBrushIndirect
CreatePen
SetBitmapBits
CreateBitmap
MoveToEx
LineTo
Rectangle
SetPolyFillMode
Ellipse
Polygon
FrameRgn
FillRgn
GetCurrentObject
GetObjectW
CreateDIBSection
CreateCompatibleBitmap

advapi32

CredDeleteW
IsTextUnicode
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
EventSetInformation
CredUnprotectW
CredProtectW
RegEnumKeyW
RegFlushKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptGenRandom
CryptAcquireContextW
RegQueryInfoKeyW
EventUnregister
EventRegister
CopySid
GetLengthSid
OpenProcessToken
EventWriteTransfer
GetTokenInformation
CryptReleaseContext
CryptSetProvParam
CredFree
CredUnmarshalCredentialW
GetUserNameA
RegDeleteKeyW
CredIsMarshaledCredentialW
CredReadW
CredWriteW
CredGetSessionTypes
RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
EventActivityIdControl
CredReadDomainCredentialsW
CredWriteDomainCredentialsW
GetFileSecurityW
GetSecurityDescriptorLength
SetFileSecurityW
CryptDestroyKey
SystemFunction036
RegSetKeyValueW
TraceEvent
RegCloseKey
RegGetValueW
RegQueryValueExW
RegOpenKeyExW
TraceMessage
UnregisterTraceGuids

user32

EnumWindows
GetCaretBlinkTime
SetWinEventHook
UnhookWinEvent
GetLastInputInfo
UpdateLayeredWindow
RedrawWindow
GetIconInfo
DrawIconEx
SetForegroundWindow
RegisterHotKey
UnregisterHotKey
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetTopWindow
OffsetRect
TranslateMessage
UnionRect
EnumChildWindows
EnumDisplayMonitors
EnumDisplayDevicesW
CopyIcon
PostThreadMessageW
MsgWaitForMultipleObjectsEx
CharNextW
IsChild
CallWindowProcW
DrawTextW
SetWindowLongW
EnumThreadWindows
AllowSetForegroundWindow
MonitorFromPoint
UnregisterClassA
CharLowerW
GetClientRect
GetWindowDC
FillRect
IntersectRect
SetTimer
LoadCursorW
SetWindowPos
ShowWindow
KillTimer
DestroyWindow
UnregisterClassW
GetClassInfoW
RegisterClassW
CreateWindowExW
SetPropW
GetKeyState
SetParent
MoveWindow
GetKeyboardType
ScreenToClient
GetCapture
GetSystemMetrics
SetCursorPos
ClientToScreen
DeferWindowPos
MapVirtualKeyW
GetKeyboardState
keybd_event
GetCursorPos
GetRawInputData
GetAncestor
GetKeyboardLayoutNameW
TrackMouseEvent
DefWindowProcW
GetWindowLongPtrW
SetWindowLongPtrW
GetAsyncKeyState
AttachThreadInput
RegisterClassExW
ReleaseCapture
GetGUIThreadInfo
BeginDeferWindowPos
GetClassNameW
GetActiveWindow
FindWindowExW
SendMessageTimeoutW
SetCapture
GetMessageExtraInfo
MessageBeep
GetWindowTextW
MsgWaitForMultipleObjects
GetWindowThreadProcessId
SetWindowsHookExW
SetCursor
GetWindowLongW
DispatchMessageW
GetMessageW
PostQuitMessage
ValidateRect
GetWindowTextLengthW
CloseClipboard
GetParent
GetLastActivePopup
RemovePropW
SetClipboardData
EmptyClipboard
OpenClipboard
EnableWindow
UpdateWindow
LoadIconW
GetSystemMenu
EnableMenuItem
SetWindowPlacement
CloseWindow
GetWindowPlacement
SystemParametersInfoA
LockWindowUpdate
GetSysColor
SetScrollPos
AdjustWindowRect
ShowScrollBar
SetScrollInfo
GetCursorInfo
CheckDlgButton
EndDialog
IsDlgButtonChecked
SetDlgItemTextW
GetDlgItem
GetProcessDefaultLayout
GetDlgCtrlID
MonitorFromRect
IsWindowEnabled
SetLayeredWindowAttributes
GetSubMenu
TrackPopupMenuEx
SetClassLongPtrW
GetClassLongPtrW
GetMenuItemInfoW
SetMenuItemInfoW
DestroyMenu
DestroyIcon
LoadImageW
AnimateWindow
GetClassInfoExW
IsRectEmpty
SendDlgItemMessageW
GetNextDlgTabItem
GetDlgItemTextW
InflateRect
GetSysColorBrush
SetRectEmpty
LoadStringW
UnhookWindowsHookEx
GetClipboardFormatNameW
CharPrevA
CharNextA
LoadMenuW
DialogBoxParamW
CreateDialogParamW
GetKeyboardLayoutNameA
EqualRect
MapWindowPoints
IsWindow
GetKeyboardLayout
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
SetWindowRgn
SetActiveWindow
IsIconic
IsZoomed
RegisterWindowMessageW
GetWindow
IsWindowVisible
FindWindowW
CreateCursor
SendMessageW
ReleaseDC
GetDC
InvalidateRect
RegisterClipboardFormatW
GetForegroundWindow
GetFocus
PostMessageW
CallNextHookEx
PtInRect
BeginPaint
EndPaint
EnumDisplaySettingsW
CopyRect
SetRect
GetMonitorInfoW
IsClipboardFormatAvailable
DefDlgProcW
MonitorFromWindow
RegisterRawInputDevices
ShowCursor
GetWindowRgn
SetWindowTextW
EndDeferWindowPos
GetWindowRect
FlashWindow
SystemParametersInfoW
CreateIconIndirect
GetDesktopWindow
DestroyCursor
PeekMessageW
SendInput
FlashWindowEx
SetFocus

iphlpapi

FreeMibTable
CreateSortedAddressPairs
ParseNetworkString

d2d1

ord1

dwrite

DWriteCreateFactory

rpcrt4

I_RpcExceptionFilter
IUnknown_AddRef_Proxy
UuidFromStringW
NdrMesTypeEncode3
MesEncodeDynBufferHandleCreate
UuidToStringW
CStdStubBuffer_DebugServerQueryInterface
MesDecodeBufferHandleCreate
RpcStringFreeW
NdrMesTypeDecode3
NdrMesTypeFree3
NdrCStdStubBuffer_Release
CStdStubBuffer_Connect
NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Invoke
NdrOleFree
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
NdrDllUnregisterProxy
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
NdrDllRegisterProxy
NdrDllGetClassObject
MesHandleFree
CStdStubBuffer_Disconnect

msacm32

acmDriverEnum
acmFormatTagDetailsW
acmDriverOpen
acmStreamOpen
acmStreamClose
acmFormatSuggest
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmDriverClose

dwmapi

DwmGetWindowAttribute
DwmSetWindowAttribute

setupapi

CM_Locate_DevNodeW
CM_Get_Parent
CM_Get_Device_ID_Size
CM_Get_Device_IDW
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiOpenDeviceInterfaceW
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiCreateDeviceInfoList
SetupDiGetClassDevsExW
SetupDiOpenClassRegKeyExW
SetupDiOpenDeviceInfoW

secur32

EncryptMessage
AcceptSecurityContext
DeleteSecurityContext
QueryContextAttributesW
AcquireCredentialsHandleW
SetContextAttributesW
FreeCredentialsHandle
DecryptMessage
LsaFreeReturnBuffer
InitializeSecurityContextW
LsaDeregisterLogonProcess
LsaConnectUntrusted
LsaLookupAuthenticationPackage
InitSecurityInterfaceW
QuerySecurityPackageInfoW
FreeContextBuffer
GetUserNameExW
LsaCallAuthenticationPackage

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

uxtheme

SetWindowTheme
GetCurrentThemeName

dxgi

CreateDXGIFactory1

imm32

ImmAssociateContext
ImmGetContext

ncrypt

NCryptFreeObject
NCryptSignHash
NCryptExportKey
NCryptFinalizeKey
NCryptCreatePersistedKey
NCryptOpenStorageProvider
NCryptSetProperty

netapi32

NetGetJoinInformation
NetApiBufferFree

uiautomationcore

UiaReturnRawElementProvider

d3d11

D3D11CreateDevice

cfgmgr32

CM_Get_Child
CM_MapCrToWin32Err
CM_Get_Device_Interface_PropertyW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Sibling

pdh

PdhCollectQueryData
PdhRemoveCounter
PdhGetFormattedCounterValue
PdhAddEnglishCounterW
PdhCloseQuery
PdhOpenQueryW

bcrypt

BCryptCreateHash
BCryptHashData
BCryptImportKeyPair
BCryptDestroyHash
BCryptEncrypt
BCryptDestroyKey
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptGenerateSymmetricKey
BCryptCloseAlgorithmProvider
BCryptImportKey
BCryptFinishHash

api-ms-win-core-path-l1-1-0

PathCchCanonicalize

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetTscCtlVer
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Solara Executor/cfg/prm0019.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Solara Executor/cfg/wmp.dll
.dll regsvr32 windows:10 windows x64 arch:x64

Password: 2024

36b9b1016d85dfa1274194edc17cae71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wmp.pdb

Imports

api-ms-win-crt-string-l1-1-0

strcmp
wcscspn
wcspbrk
memset
strncmp
wcscmp
wcsncpy
wcsnlen
strnlen
wcsspn
wcsncmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-time-l1-1-0

clock
_time32

api-ms-win-crt-private-l1-1-0

_o__wtof
_o__wtoi
_o__wtoi64
_o__wtol
_o_atan2
_o_atoi
_o_bsearch
_o_calloc
_o_ceil
_o_cos
_o_exit
_o_exp
_o_floor
_o_free
_o_isdigit
_o_isspace
_o_iswalnum
_o_iswalpha
_o_iswascii
_o_iswcntrl
_o_iswdigit
_o_iswprint
_o_iswspace
_o_iswxdigit
_o_isxdigit
_o_ldexp
_o_log
_o_malloc
_o_memcpy_s
_o_pow
_o_powf
_o_qsort
_o_qsort_s
_o_rand
_o_rand_s
_o_realloc
_o_sin
_o_sqrt
_o_srand
_o_strncpy_s
_o_terminate
_o_tolower
_o_toupper
_o_towlower
_o_towupper
_o_wcscat_s
_o_wcscpy_s
_o_wcsftime
_o_wcsncpy_s
_o_wcstod
_o_wcstok_s
_o_wcstol
memmove
_o_wcstoul
wcsrchr
wcsstr
wcschr
__CxxFrameHandler3
_o__seh_filter_dll
_o__register_onexit_function
_o__purecall
_o__memicmp
_o__wsplitpath_s
_o__ltow
_o__localtime32
_o__wcsupr_s
_o__wcstoui64
_o__itow_s
_o__itow
_o__itoa_s
_o__wcsnicmp
strchr
_o__wcslwr
_o__wcsicoll
_o__wcsicmp
_o__ultow_s
_o__strnicmp
_o__stricmp
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__execute_onexit_table
_o__errno
_o__endthread
_o__difftime32
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o__beginthreadex
_o__beginthread
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___stdio_common_vfwprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___acrt_iob_func
__C_specific_handler
__std_terminate
__CxxFrameHandler4
_CxxThrowException
memcmp
memcpy

ntdll

RtlNtStatusToDosError
RtlGetPersistedStateLocation
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

kernel32

EncodePointer
HeapAlloc
DecodePointer
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
FreeLibraryAndExitThread
GetUserDefaultLCID
CompareStringOrdinal
MoveFileW
GetFileSize
WideCharToMultiByte
GetLocaleInfoW
CeipIsOptedIn
GlobalAlloc
GlobalFree
GetExitCodeThread
GetLocalTime
GetVolumeInformationW
GetTickCount64
SetThreadExecutionState
GetCurrentDirectoryW
WriteFile
Sleep
TerminateThread
GlobalMemoryStatusEx
WaitForMultipleObjects
DeviceIoControl
SetErrorMode
GetComputerNameW
ReleaseSemaphore
CreateSemaphoreW
ExitThread
GetThreadPriority
ExpandEnvironmentStringsW
GetComputerNameExW
SetFilePointer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
LoadLibraryExA
GetThreadLocale
GetFileAttributesExW
HeapFree
GetProcessHeap
GetDriveTypeW
GlobalUnlock
GlobalLock
FindPackagesByPackageFamily
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateThread
GetDiskFreeSpaceExW
SetFileAttributesW
GetCurrentProcessId
DeleteFileW
GetTickCount
FindClose
FindNextFileW
FindFirstFileW
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
CreateEventW
WaitForSingleObject
DebugBreak
OpenEventW
LocalFree
FormatMessageW
GetUserDefaultUILanguage
SetThreadPriority
SetEvent
lstrlenW
GetVersionExW
GetCurrentThread
RaiseFailFastException
GetCurrentProcess
VirtualFree
GetCurrentThreadId
SetLastError
CopyFileW
SystemTimeToFileTime
GetSystemTime
LockResource
lstrcpyW
HeapDestroy
DisableThreadLibraryCalls
HeapSetInformation
ReadFile
CreateFileW
GetShortPathNameW
FindResourceW
LoadLibraryW
MulDiv
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetModuleFileNameW
FindResourceExW
LoadResource
SizeofResource
MultiByteToWideChar
GetSystemInfo
VirtualQuery
VirtualAlloc
VirtualProtect
lstrcpynW
lstrcmpiW
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetLastError
FreeLibrary
BindIoCompletionCallback
CreateToolhelp32Snapshot
Process32NextW
CloseThreadpoolTimer
CreateThreadpoolTimer
CompareFileTime
FileTimeToSystemTime
CreateMutexW
ReleaseMutex
CopyFileExW
LocalFileTimeToFileTime
CreateDirectoryW
RemoveDirectoryW
GetDateFormatW
GetTimeFormatW
GetVersionExA
ExitProcess
QueryPerformanceFrequency
lstrcmpW
LocalAlloc
DuplicateHandle
HeapCreate
HeapReAlloc
HeapSize
GetLocaleInfoA
GetFileInformationByHandle
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
GetFileType
SetEndOfFile
FlushFileBuffers
OpenMutexW
OpenFileMappingW
GetFullPathNameW
GetLongPathNameW
GetTempFileNameW
IsValidLocale
GetProcessTimes
OpenThread
LCMapStringW
GlobalMemoryStatus
GetTempPathW
GetFileAttributesW
GetPrivateProfileStringW
OutputDebugStringW
MoveFileExW
InitializeCriticalSectionEx
GetDiskFreeSpaceW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FreeEnvironmentStringsA
lstrcatW
FileTimeToLocalFileTime
GetNumberFormatW
GetModuleHandleA
GetACP
GetModuleFileNameA
CreateProcessW
GetExitCodeProcess
Process32FirstW
DelayLoadFailureHook
ResolveDelayLoadedAPI
FindFirstFileExW
GetOverlappedResult
ReadDirectoryChangesW
GetProcessMitigationPolicy
ProcessIdToSessionId
FindNLSString
TryEnterCriticalSection
SetFilePointerEx
WaitForMultipleObjectsEx
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GlobalDeleteAtom
GlobalAddAtomW
GlobalSize
GlobalReAlloc
GetSystemPowerStatus
lstrlenA
GetTimeZoneInformation

oleaut32

SysFreeString
VarUI4FromStr
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetElemsize
SafeArrayGetDim
OleCreatePropertyFrame
VariantChangeTypeEx
SafeArrayCreateVectorEx
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
OleCreatePropertyFrameIndirect
VariantInit
SetErrorInfo
VarCmp
VariantTimeToSystemTime
DispCallFunc
VarR8FromUI8
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVector
SystemTimeToVariantTime
CreateErrorInfo
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW
RegEnumKeyW

api-ms-win-core-com-l1-1-0

CoMarshalInterface
CoUnmarshalInterface
CoReleaseMarshalData
CoSetProxyBlanket
StringFromIID
CoRegisterClassObject
GetHGlobalFromStream
StringFromCLSID
CoRevokeClassObject
CoCreateFreeThreadedMarshaler
CoCreateGuid
PropVariantCopy
IIDFromString
CoWaitForMultipleHandles
CoTaskMemRealloc
CoGetTreatAsClass
CoFreeUnusedLibraries
CLSIDFromString
CoTaskMemFree
CLSIDFromProgID
CreateStreamOnHGlobal
StringFromGUID2
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoDisconnectObject
PropVariantClear
CoInitializeEx
CoGetStandardMarshal
CoUninitialize
CoGetClassObject

api-ms-win-core-string-l2-1-0

CharNextW
CharPrevW
CharLowerW

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegDeleteValueW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegQueryInfoKeyW
RegGetValueW
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceEnableFlags
GetTraceLoggerHandle
TraceEvent
GetTraceEnableLevel

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventEnabled
EventSetInformation
EventUnregister
EventRegister
EventWrite

api-ms-win-core-libraryloader-l1-2-0

LoadStringA
LoadStringW
GetModuleHandleExW
FreeResource

api-ms-win-core-version-l1-1-1

GetFileVersionInfoW
GetFileVersionInfoSizeW

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-mm-time-l1-1-0

timeEndPeriod
timeGetTime
timeBeginPeriod

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW
PathRemoveBackslashW
PathFindExtensionW
PathRemoveFileSpecW

api-ms-win-shcore-comhelpers-l1-1-0

IUnknown_QueryService

api-ms-win-security-cryptoapi-l1-1-0

CryptAcquireContextW
CryptGenRandom

api-ms-win-core-url-l1-1-0

UrlCombineW
UrlCanonicalizeW

api-ms-win-core-com-private-l1-1-0

CoRegisterMessageFilter

api-ms-win-security-base-l1-1-0

GetAce
EqualSid
GetAclInformation
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
MakeSelfRelativeSD
AllocateAndInitializeSid
DuplicateTokenEx
SetFileSecurityW
GetSecurityDescriptorLength
IsValidSecurityDescriptor
GetSecurityDescriptorControl
CreateWellKnownSid
MapGenericMask
GetTokenInformation
FreeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
AccessCheck
GetWindowsAccountDomainSid
GetFileSecurityW

api-ms-win-security-provider-l1-1-0

GetNamedSecurityInfoW
SetEntriesInAclW
SetNamedSecurityInfoW

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileW

api-ms-win-core-perfcounters-l1-1-0

PerfStopProvider
PerfSetCounterSetInfo
PerfStartProviderEx

api-ms-win-core-sysinfo-l2-1-0

GetUserNameW

api-ms-win-core-processthreads-l1-1-0

CreateProcessAsUserW
TlsSetValue
CreateProcessA
OpenThreadToken
OpenProcessToken
TlsGetValue

api-ms-win-core-stringansi-l1-1-0

CharNextA

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrStrIA

api-ms-win-shcore-registry-l1-1-0

SHDeleteKeyW

wmvcore

WMValidateData
WMCreateSyncReader
WMCreateWriter
WMIsContentProtected
WMCreateReader
WMCreateEditor
WMCreateProfileManager

api-ms-win-core-synch-l1-1-0

CreateSemaphoreExW
CreateEventExW
OpenSemaphoreW
CreateMutexExW

api-ms-win-core-localization-l1-2-0

GetUserDefaultLocaleName
GetGeoInfoW
LocaleNameToLCID
GetSystemDefaultLCID
GetUserDefaultLangID
GetUserGeoID

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoActivateInstance

api-ms-win-core-sysinfo-l1-1-0

GetVersion
GetWindowsDirectoryW
GetSystemDirectoryW

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-string-l1-1-0

GetStringTypeExW
CompareStringW

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolWait
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpool
CreateThreadpool
WaitForThreadpoolWaitCallbacks

api-ms-win-core-file-l1-1-0

GetFileSizeEx
QueryDosDeviceW

api-ms-win-core-localization-l1-2-1

EnumSystemLocalesEx

gdiplus

GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetPropertyItemSize
GdipGetImagePalette
GdipGetImagePaletteSize
GdipFillPath
GdipGetImageHorizontalResolution
GdipGetImagePixelFormat
GdipGetPropertyItem
GdipLoadImageFromStream
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipSetSolidFillColor
GdipImageRotateFlip
GdipCreateHBITMAPFromBitmap
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDrawImageRectRectI
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipCreateHICONFromBitmap
GdipDrawImageI
GdipDeleteGraphics
GdipDrawImageRectI
GdiplusShutdown
GdipGetImageEncodersSize
GdipSetWorldTransform
GdipGetDC
GdipSetLineBlend
GdipFillRectangleI
GdipCreateBitmapFromHBITMAP
GdipCreatePath
GdipDeletePath
GdipAddPathRectangleI
GdipCreatePathGradientFromPath
GdipSetPathGradientCenterColor
GdipSetPathGradientCenterPointI
GdipSetPathGradientFocusScales
GdipGetPropertySize
GdipLoadImageFromFile
GdipCreateBitmapFromResource
GdipCreateBitmapFromStream
GdipSetLineSigmaBlend
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipSaveImageToStream
GdipGetTextureTransform
GdipTranslateTextureTransform
GdipGetImageEncoders
GdipResetTextureTransform
GdipCreateFromHDC
GdipReleaseDC
GdipSetTextureTransform
GdipCreateTexture
GdipSetTextureWrapMode
GdipTranslateWorldTransform
GdipGetImageWidth
GdipDrawCachedBitmap
GdipCreateCachedBitmap
GdipCreateSolidFill
GdipGetAllPropertyItems
GdipCreatePen1
GdipDeletePen
GdipDrawRectangleI
GdipGetImageVerticalResolution
GdipBitmapSetResolution
GdipCreateBitmapFromHICON
GdipGetImageHeight
GdipCreateBitmapFromGdiDib
GdipSaveImageToFile
GdipSetPropertyItem
GdiplusStartup
GdipCreateBitmapFromScan0
GdipSetSmoothingMode
GdipDeleteBrush
GdipCloneBrush
GdipCreateImageAttributes
GdipGetImageGraphicsContext
GdipGetImageRawFormat
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetCompositingQuality
GdipDeleteCachedBitmap
GdipSetPathGradientBlend
GdipCreateLineBrushFromRectI
GdipFree

gdi32

Polyline
DPtoLP
DeleteObject
GetDeviceCaps
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetTextExtentPointW
RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateDCW
CreateRectRgnIndirect
CreateCompatibleDC
GetClipBox
OffsetViewportOrgEx
GetStockObject
ExcludeClipRect
RectVisible
SetLayout
SetStretchBltMode
SetBkMode
SetTextColor
CreateFontW
GetObjectW
CreateCompatibleBitmap
CreateRectRgn
CombineRgn
OffsetRgn
StretchBlt
StretchDIBits
CreateSolidBrush
SetRectRgn
GetRgnBox
PtInRegion
SetBkColor
PatBlt
IntersectClipRect
CreatePen
Rectangle
GetLayout
BitBlt
GetObjectType
GetBkColor
ExtTextOutW
SetTextAlign
TextOutW
GetObjectA
GetDIBColorTable
CreateDIBSection
CreateICW
SetDIBits
GetDIBits
SetDIBitsToDevice
ExtCreateRegion
SetDIBColorTable
ExtSelectClipRgn
GetRegionData
GetTextAlign
SelectPalette
RealizePalette
GetPaletteEntries
SetPaletteEntries
GetSystemPaletteEntries
CreatePalette
SelectClipRgn
GdiFlush
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
Ellipse
MoveToEx
LineTo
GetTextColor
SetTextCharacterExtra
CreateBrushIndirect
RoundRect
OffsetWindowOrgEx
GetTextExtentPoint32W

user32

DrawTextExW
SetGestureConfig
CloseGestureInfoHandle
SendMessageCallbackW
SetMenuInfo
SetMenuItemBitmaps
DrawMenuBar
GetScrollRange
GetWindowDC
SystemParametersInfoA
CopyAcceleratorTableW
GetDpiForWindow
UpdateLayeredWindowIndirect
TrackMouseEvent
GetScrollPos
GetQueueStatus
RegisterClipboardFormatW
SystemParametersInfoForDpi
IsMenu
EnumDisplayDevicesW
SetPropW
GetPropW
BringWindowToTop
GetClassLongPtrW
ShowCursor
GetShellWindow
SetLayeredWindowAttributes
EnumDisplayMonitors
RegisterWindowMessageA
CheckRadioButton
GetDlgItemInt
ShowScrollBar
GetScrollBarInfo
GetDlgItemTextW
EnumChildWindows
IsDlgButtonChecked
CheckDlgButton
GetMessageExtraInfo
NotifyWinEvent
GetWindowInfo
CloseWindow
EnumWindows
SetClassLongW
GetDoubleClickTime
CloseClipboard
GetClipboardData
OpenClipboard
GetClipboardOwner
DrawEdge
GetNextDlgTabItem
WindowFromDC
GetScrollInfo
GetMessageTime
SetClassLongPtrW
DrawFocusRect
GetMessagePos
InflateRect
MonitorFromRect
IsZoomed
GetSystemMenu
GetSysColor
MsgWaitForMultipleObjectsEx
InSendMessage
PostThreadMessageW
GetClassNameW
SendMessageTimeoutA
SendMessageTimeoutW
DestroyCursor
MonitorFromWindow
GetDesktopWindow
SetParent
GetClassInfoW
MsgWaitForMultipleObjects
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
EndDialog
LoadIconW
VkKeyScanW
GetDlgCtrlID
DrawTextW
GetSystemMetricsForDpi
GetWindowLongPtrW
SetWindowLongPtrW
GetDC
ReleaseDC
GetDialogBaseUnits
EndPaint
GetClientRect
BeginPaint
GetFocus
IsChild
IsDialogMessageW
WinHelpW
MoveWindow
ShowWindow
IsWindow
RegisterClassExW
GetClassInfoExW
wsprintfW
LoadCursorW
DestroyWindow
DefWindowProcW
CreateWindowExW
GetDlgItem
SendMessageW
CallWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
MessageBoxW
LoadImageW
GetMenuItemCount
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
PostMessageW
GetWindowRect
PtInRect
GetActiveWindow
LoadMenuW
LoadAcceleratorsW
SetWindowPos
InvalidateRect
GetWindowLongW
PostQuitMessage
SetFocus
MapWindowPoints
MessageBeep
RemoveMenu
AppendMenuW
TrackPopupMenuEx
DestroyMenu
CreatePopupMenu
MonitorFromPoint
GetMonitorInfoW
GetParent
IsWindowVisible
SetWindowLongW
FillRect
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
DestroyAcceleratorTable
UnionRect
GetKeyState
UnregisterClassW
CopyRect
InvalidateRgn
GetCapture
SetCapture
ReleaseCapture
GetForegroundWindow
GetCursorPos
SetCursor
SystemParametersInfoW
ClientToScreen
SetRectEmpty
IsRectEmpty
SetRect
GetSubMenu
TrackPopupMenu
EnableWindow
SetWindowTextW
UpdateWindow
CreateDialogParamW
GetWindowTextLengthW
GetWindowTextW
SetTimer
FrameRect
KillTimer
IsWindowUnicode
IsWindowEnabled
AdjustWindowRectEx
IsIconic
GetWindowPlacement
GetAsyncKeyState
SetActiveWindow
SetForegroundWindow
RedrawWindow
GetWindowThreadProcessId
GetTopWindow
GetWindow
GetMenuStringW
GetMenuItemID
EnableMenuItem
DeleteMenu
CheckMenuRadioItem
InsertMenuW
CreateMenu
CheckMenuItem
GetIconInfo
GetSysColorBrush
DrawIconEx
InsertMenuItemW
DestroyIcon
GetMenuInfo
GetAncestor
FindWindowW
SetThreadDpiAwarenessContext
AllowSetForegroundWindow
DialogBoxParamW
GetMenu
GetWindowRgn
CallNextHookEx
FindWindowExW
GetClassLongW
SetWindowPlacement
SetMenu
RegisterClassW
RegisterWindowMessageW
ChangeWindowMessageFilterEx
SetWindowsHookExW
UnhookWindowsHookEx
TranslateAcceleratorW
GetUpdateRect
GetGestureInfo
GetSystemMetrics
ValidateRect

ole32

WriteClassStm
CoAllowSetForegroundWindow
IsAccelerator
OleRegGetUserType
CreateDataAdviseHolder
DoDragDrop
RevokeDragDrop
RegisterDragDrop
OleSaveToStream
OleLoadFromStream
CreateBindCtx
CoInitialize
ReleaseStgMedium
GetRunningObjectTable
OleRegEnumVerbs
CreateOleAdviseHolder
OleRegGetMiscStatus

dwmapi

DwmIsCompositionEnabled

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-featurestaging-l1-1-0

UnsubscribeFeatureStateChangeNotification
RecordFeatureUsage
SubscribeFeatureStateChangeNotification

bcrypt

BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptFinishHash
BCryptGetProperty
BCryptDestroyKey
BCryptVerifySignature
BCryptImportKeyPair
BCryptHashData
BCryptOpenAlgorithmProvider
BCryptCreateHash

mfperfhelper

ord1
ord101
ord58
ord100

api-ms-win-core-io-l1-1-1

CancelIo

api-ms-win-core-com-l1-1-2

CoFileTimeNow

api-ms-win-core-io-l1-1-0

CancelIoEx

api-ms-win-crt-math-l1-1-0

sqrtf
sinf
tanf
cosf
logf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGELK
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 824KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2024

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 598KB - Virtual size: 597KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: 2024

6858de0d7f98c27c4ba700bc92b21099

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

mapconfiguration

api-ms-win-core-psm-app-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-com-l1-1-1

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-security-base-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-path-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-io-l1-1-0

api-ms-win-core-psapi-l1-1-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-stateseparation-helpers-l1-1-0

api-ms-win-downlevel-shlwapi-l2-1-0

d2d1

d3d11

dwrite

dxgi

api-ms-win-shcore-stream-winrt-l1-1-0

ztrace_maps

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

moshostclient

Exports

Exports

Sections

.text Size: 5.3MB - Virtual size: 5.3MB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 598KB - Virtual size: 597KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5.3MB - Virtual size: 5.3MB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.data
Size: 527KB - Virtual size: 548KB

.pdata
Size: 176KB - Virtual size: 176KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 49KB - Virtual size: 49KB