E:\Thunder6\xl7_client\pdb\ProductRelease\Thunder.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
88a93a6e5ea358a5217119d2caebdf57_JaffaCakes118.exe
Resource
win7-20240729-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
88a93a6e5ea358a5217119d2caebdf57_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
88a93a6e5ea358a5217119d2caebdf57_JaffaCakes118
-
Size
992KB
-
MD5
88a93a6e5ea358a5217119d2caebdf57
-
SHA1
49e6954c1fa5043e011007e9b239c7864299022c
-
SHA256
9b7f781c790ad72669dd2821e66c1a66ce2785dfc1d4c644a83c35d87bfece0e
-
SHA512
b7ac089c4f1e102899f1ef871fcfea21384bb1e0d08bd4f517e69978a5e81f5c801e5a386e4445b6d3b7f11cdf13af670841bd409e50dc2f9282701057cd5d1b
-
SSDEEP
24576:lVFcdVcUXNMKZs0mBbKFfoL1JMzTHmgbxtVHU:McUXGysBKFgL1JMzTGgd/HU
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 88a93a6e5ea358a5217119d2caebdf57_JaffaCakes118
Files
-
88a93a6e5ea358a5217119d2caebdf57_JaffaCakes118.exe windows:4 windows x86 arch:x86
96bb848382190c500c96c60f0a4e0023
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
gdiplus
GdipLoadImageFromStream
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipAlloc
GdipCloneImage
GdipLoadImageFromFile
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageThumbnail
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipFree
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDisposeImage
GdipDeleteGraphics
GdipCreateBitmapFromGdiDib
xlue
_XLUE_PushBitmap@8
_XLUE_PushColor2@8
_XLUE_InitLoader@4
_XLUE_GC@4
_XLUE_GetHostWndWindowHandle@4
_XLUE_AddXARSearchPath@4
_XLUE_GetHostWndByID@4
_XLUE_Stat@4
_XLUE_LoadXAR@4
xlgraphic
_XL_GetBitmapBuffer@12
_XL_ReleaseBitmap@4
_XL_Blend@20
_XL_DefaultGraphicHint@0
_XL_SetMaskBmpStretch@8
_XL_BindMaskSource@20
_XL_ReleaseTexture@4
_XL_SetTextureBitmap@12
_XL_PaintBitmap@16
_XL_SetMaskSize@16
_XL_BuildMaskCache@20
_XL_ClipSubBindBitmap@8
_XL_GetBitmapInfo@8
_XL_StretchBitmap@12
_XL_LoadBitmapFromMemory@12
_XL_GetColorVariance@8
_XL_RGB2HSV@4
_XL_HSV2RGB@8
_XL_ReleaseMask@4
_XL_AddRefMask@4
_XL_GetBitmapMainColor@12
_XL_SetTextureOrigin@12
_XL_AddTextureBlock@24
_XL_CreateTexture@4
_XL_NewMask@0
_XL_AddRefBitmap@4
_XL_PrepareGraphicParam@4
_XL_InitGraphicLib@4
_XL_SetFreeTypeEnabled@4
_XL_StatObject@4
_XL_CreateBitmap@12
_XL_CloneBitmap@4
xlluaruntime
_XLLRT_ReleaseRunTime@4
_XLLRT_ReleaseEnv@4
lua_settop
lua_gettop
lua_gc
luaL_checkudata
lua_tointeger
lua_pushnumber
luaL_checklstring
luaL_checkinteger
lua_type
lua_toboolean
lua_isstring
lua_isuserdata
lua_settable
lua_touserdata
lua_pushlstring
luaL_unref
lua_pushvalue
luaL_ref
lua_pushlightuserdata
_XLLRT_RegisterClass@20
lua_tolstring
luaL_checktype
lua_objlen
lua_rawgeti
lua_createtable
lua_rawseti
_XLLRT_RegisterGlobalObj@28
luaL_checknumber
_XLLRT_GetLuaState@4
_XLLRT_GetRuntime@8
_XLLRT_GetEnv@4
_XLLRT_ReleaseChunk@4
_XLLRT_LuaCall@16
_XLLRT_PrepareChunk@8
_XLLRT_CreateChunkFromModule@16
_XLLRT_RunChunk@8
_XLLRT_CreateChunkFromFile@12
_XLLRT_ErrorHandle@4
ord7
lua_tonumber
_XLLRT_PushXLObject@12
lua_pushinteger
lua_pushnil
lua_pushstring
lua_pushboolean
lua_next
downloadkernel
XL_DKLH_RegisterToEnv
XL_DKLH_GetDownloadKernel
libexpat
ord20
ord16
ord25
ord50
ord35
ord48
ord52
ord21
minizip
unzLocateFile
unzGetCurrentFileInfo
unzReadCurrentFile
unzCloseCurrentFile
unzClose
unzGoToFirstFile
unzOpen
mini_unzip_dll
unzOpen2
unzGoToNextFile
unzOpenCurrentFile
psapi
GetModuleBaseNameW
winmm
PlaySoundW
wininet
InternetGetCookieExW
kernel32
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
ExitProcess
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
MoveFileW
GetModuleFileNameA
CreateEventA
OpenFileMappingA
GetProcAddress
GetModuleHandleW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
HeapFree
GetProcessHeap
CloseHandle
CreateFileW
MapViewOfFileEx
CreateFileMappingW
GetFileSize
UnmapViewOfFile
lstrlenW
MultiByteToWideChar
lstrlenA
MapViewOfFile
OpenMutexA
OutputDebugStringW
GetCurrentThread
ResumeThread
CreateDirectoryW
CreateDirectoryExW
CreateProcessW
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
FlushInstructionCache
GetCurrentProcess
HeapAlloc
lstrcatW
lstrcpyW
GlobalMemoryStatusEx
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
SetThreadExecutionState
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GetTickCount
SetProcessWorkingSetSize
OpenEventW
SetEvent
FreeLibrary
GetModuleFileNameW
GetTempPathW
ReleaseMutex
CreateMutexW
OpenMutexW
GetVersion
ResetEvent
WaitForMultipleObjects
CreateEventW
UnhandledExceptionFilter
GetSystemDirectoryW
SetLastError
LocalFree
GetPrivateProfileStringW
GlobalUnlock
GlobalLock
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrcpynW
lstrcmpW
Sleep
ReadFile
SetFilePointer
lstrcpynA
CopyFileW
MulDiv
DeleteFileW
GetDiskFreeSpaceExW
GetVolumeInformationW
GetDriveTypeW
GlobalAddAtomW
GlobalDeleteAtom
GetFileSizeEx
SetFileAttributesW
GlobalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
GetLocalTime
GetExitCodeProcess
WaitForSingleObject
CreateThread
WriteFile
SystemTimeToFileTime
GetSystemTime
SetSystemPowerState
GetLogicalDriveStringsW
GlobalSize
VirtualQuery
IsBadCodePtr
GetFileAttributesW
WideCharToMultiByte
FindClose
FindFirstFileW
GetFileAttributesExW
FindNextFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
OutputDebugStringA
FileTimeToSystemTime
GetFileTime
MoveFileExW
GetModuleHandleA
SetErrorMode
IsDebuggerPresent
VirtualQueryEx
GetThreadSelectorEntry
ReadProcessMemory
GetTempFileNameW
CompareFileTime
GetFullPathNameW
VirtualProtect
lstrcmpiW
VirtualAlloc
InterlockedCompareExchange
GetThreadContext
SetThreadContext
SuspendThread
CreateSemaphoreW
ReleaseSemaphore
GetSystemDirectoryA
VerifyVersionInfoW
VerSetConditionMask
CreateFileMappingA
CreateMutexA
OpenFileMappingW
user32
PostMessageW
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
wsprintfW
DestroyWindow
GetClassInfoExW
CreateWindowExW
DispatchMessageW
TranslateMessage
SendMessageW
GetMessageW
PeekMessageW
IsIconic
IsWindowVisible
MsgWaitForMultipleObjects
SetRectEmpty
EqualRect
IsRectEmpty
LoadStringW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
MessageBoxW
ExitWindowsEx
ShowCursor
PtInRect
GetTopWindow
IntersectRect
GetWindow
GetClientRect
GetCursorPos
EmptyClipboard
SetClipboardData
EnumWindows
GetAsyncKeyState
GetKeyState
UnregisterHotKey
RegisterHotKey
PostQuitMessage
WindowFromPoint
ScreenToClient
RegisterClipboardFormatW
GetActiveWindow
FindWindowW
GetLastActivePopup
GetForegroundWindow
AttachThreadInput
BringWindowToTop
SetForegroundWindow
SystemParametersInfoW
SetFocus
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetClipboardViewer
GetClipboardOwner
GetWindowThreadProcessId
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
GetDesktopWindow
ShowWindow
ClientToScreen
GetWindowPlacement
GetWindowRect
GetWindowDC
EnumThreadWindows
GetWindowTextW
GetClassNameW
DrawIconEx
DrawTextW
GetIconInfo
GetDC
ReleaseDC
CreateIconIndirect
DestroyIcon
SetTimer
IsWindow
KillTimer
GetSystemMetrics
LoadImageW
RegisterWindowMessageW
gdi32
GetTextExtentPoint32W
SetBkMode
SetTextColor
Rectangle
CreateCompatibleBitmap
CreateDIBSection
GetStockObject
DeleteObject
GetDIBColorTable
GetObjectW
SetDIBColorTable
CreateCompatibleDC
CreatePen
CreateSolidBrush
TextOutW
SelectObject
DeleteDC
StretchBlt
BitBlt
EnumFontFamiliesExW
GetDeviceCaps
SetBkColor
ExtTextOutW
SetDCBrushColor
SetDCPenColor
SetStretchBltMode
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegCloseKey
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeSelfRelativeSD
GetNamedSecurityInfoW
GetAclInformation
GetAce
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
EqualSid
SetNamedSecurityInfoW
InitializeAcl
AddAce
GetLengthSid
CopySid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegCreateKeyW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
IsValidSid
GetSecurityDescriptorSacl
shell32
SHCreateDirectoryExW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW
ExtractIconExW
SHGetSpecialFolderPathW
SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
SHFileOperationW
ord74
ord165
ole32
StringFromGUID2
CLSIDFromString
CoCreateGuid
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
CoInitialize
CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
VarBstrCat
SafeArrayDestroy
LoadTypeLi
LoadRegTypeLi
VariantChangeType
VariantCopy
VariantClear
VariantInit
OleLoadPicturePath
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysAllocString
msvcp71
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??7ios_base@std@@QBE_NXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??Bios_base@std@@QBEPAXXZ
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?eof@?$char_traits@_W@std@@SAGXZ
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1locale@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?width@ios_base@std@@QBEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?eof@?$char_traits@D@std@@SAHXZ
?to_char_type@?$char_traits@D@std@@SADABH@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?clear@ios_base@std@@QAEXH_N@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?uncaught_exception@std@@YA_NXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??1ostrstream@std@@UAE@XZ
??0ostrstream@std@@QAE@PADHH@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?_Nomemory@std@@YAXXZ
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1ios_base@std@@UAE@XZ
?widen@?$ctype@_W@std@@QBE_WD@Z
??1istrstream@std@@UAE@XZ
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1strstreambuf@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?overflow@strstreambuf@std@@MAEHH@Z
?pbackfail@strstreambuf@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JHH@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
??0_Lockit@std@@QAE@H@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
atl71
ord58
ord31
ord10
ord11
ord45
ord30
ord32
ord61
ord23
ord64
ord62
ord44
ord43
ord65
ord66
shlwapi
StrCatW
StrStrIA
StrChrIA
StrToIntW
PathIsRelativeW
PathCanonicalizeW
StrCmpW
StrCpyNW
PathFileExistsA
SHDeleteKeyW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathCombineW
PathRemoveFileSpecW
PathAppendW
PathAddBackslashW
PathIsDirectoryW
PathIsSameRootW
StrCmpIW
StrStrIW
StrCmpNIW
PathRemoveBlanksA
StrCmpNIA
msimg32
AlphaBlend
TransparentBlt
msvcr71
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
free
_CxxThrowException
memset
iswspace
wcscmp
_wcsupr
memcpy
wcslen
memmove
malloc
??_V@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_wcsnicmp
_wtoi
_wcslwr
wcscpy
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
_strnicmp
_except_handler3
_purecall
wcsstr
__p___wargv
_resetstkoflw
tolower
abs
_wcsicmp
_vscwprintf
vswprintf
strlen
wcstombs
_beginthreadex
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
rand
srand
fclose
fwrite
_wfopen
_waccess
swprintf
_ltow
_vscprintf
vsprintf
memcmp
wcsspn
wcscspn
strcpy
wcsncat
_localtime64
_wrename
_time64
_i64toa
_atoi64
_mktime64
_gmtime64
swscanf
wcsrchr
wcschr
fwprintf
getc
fgetwc
fseek
fread
toupper
_ultow
_ui64toa
_ui64tow
sprintf
atol
_wtol
_wtoi64
sscanf
_stricmp
_vsnwprintf
_snwprintf
_wsplitpath
_findclose
_wfindnext
_wfindfirst
?swprintf@@YAHPA_WIPB_WZZ
_snprintf
time
fputs
wcsncpy
wcsftime
localtime
__RTDynamicCast
_wmkdir
ftell
wcscat
wcsncmp
_mbsinc
_ismbcspace
atoi
_errno
strcmp
_beginthread
_mbsstr
calloc
strncpy
strtoul
strchr
strcat
strstr
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strcmpi
strftime
gmtime
_wstat
strncmp
realloc
wintrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
crypt32
CryptMsgClose
CryptMsgGetParam
CryptQueryObject
CertCloseStore
sqlite3
sqlite3_close
sqlite3_open16
sqlite3_step
sqlite3_column_text16
sqlite3_column_int
sqlite3_bind_text16
sqlite3_bind_int
sqlite3_finalize
sqlite3_prepare16_v2
sqlite3_reset
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
ws2_32
WSACleanup
WSAStartup
inet_addr
WSAGetLastError
gethostbyname
socket
send
recv
closesocket
WSAAsyncSelect
WSACancelAsyncRequest
getsockname
getpeername
connect
inet_ntoa
htonl
getservbyname
htons
gethostbyaddr
ntohs
getservbyport
WSAAsyncGetHostByName
Sections
.text Size: 696KB - Virtual size: 695KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 189KB - Virtual size: 188KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 15KB - Virtual size: 304KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 85KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE