E:\Thunder6\xl7_client\pdb\ProductRelease\Thunder.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8969d94fe9d9738e1103efa5fd57d8cc_JaffaCakes118.exe
Resource
win7-20240705-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
8969d94fe9d9738e1103efa5fd57d8cc_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
8969d94fe9d9738e1103efa5fd57d8cc_JaffaCakes118
-
Size
934KB
-
MD5
8969d94fe9d9738e1103efa5fd57d8cc
-
SHA1
920e994faca90337053f58762e131a0e732d93ef
-
SHA256
b385a24f1e59a89a2b17e66d5a346ae921915924c08ddb19dc3bb57119f1374d
-
SHA512
331ae3fad552aecb7db518bb88c23f7937a9257872fe029474c2d3e88eea0311ff7f703bbafb52ba32270cb4ceab428b7973e2bd09089675e753fee28e94c74e
-
SSDEEP
24576:Kl0ShPZFhup1UaSKc6pX9xGDT2LTTFmUciaw5H:KGShYp1Ju2X98DT2LTTEUctw5H
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8969d94fe9d9738e1103efa5fd57d8cc_JaffaCakes118
Files
-
8969d94fe9d9738e1103efa5fd57d8cc_JaffaCakes118.exe windows:4 windows x86 arch:x86
03468ed03fbaa91aaa553627cc3ced03
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
gdiplus
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipAlloc
GdipLoadImageFromFile
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageThumbnail
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromGdiDib
GdipSaveImageToFile
GdipLoadImageFromStream
GdiplusStartup
GdiplusShutdown
GdipFree
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDisposeImage
GdipDeleteGraphics
GdipCloneImage
xlue
_XLUE_GC@4
_XLUE_GetHostWndWindowHandle@4
_XLUE_GetHostWndByID@4
_XLUE_PushBitmap@8
_XLUE_PushColor2@8
_XLUE_Stat@4
_XLUE_InitLoader@4
_XLUE_LoadXAR@4
_XLUE_AddXARSearchPath@4
xlgraphic
_XL_GetBitmapMainColor@12
_XL_SetTextureOrigin@12
_XL_AddTextureBlock@24
_XL_CreateTexture@4
_XL_AddRefMask@4
_XL_ReleaseMask@4
_XL_HSV2RGB@8
_XL_RGB2HSV@4
_XL_Blend@20
_XL_DefaultGraphicHint@0
_XL_GetColorVariance@8
_XL_LoadBitmapFromMemory@12
_XL_StretchBitmap@12
_XL_GetBitmapInfo@8
_XL_ClipSubBindBitmap@8
_XL_BuildMaskCache@20
_XL_GetBitmapBuffer@12
_XL_AddRefBitmap@4
_XL_PrepareGraphicParam@4
_XL_InitGraphicLib@4
_XL_SetFreeTypeEnabled@4
_XL_StatObject@4
_XL_CreateBitmap@12
_XL_CloneBitmap@4
_XL_SetMaskSize@16
_XL_PaintBitmap@16
_XL_SetTextureBitmap@12
_XL_NewMask@0
_XL_SetMaskBmpStretch@8
_XL_BindMaskSource@20
_XL_ReleaseBitmap@4
_XL_ReleaseTexture@4
xlluaruntime
_XLLRT_GetRuntime@8
_XLLRT_GetEnv@4
_XLLRT_GetLuaState@4
lua_gc
lua_gettop
lua_settop
_XLLRT_ReleaseRunTime@4
_XLLRT_ReleaseChunk@4
_XLLRT_LuaCall@16
_XLLRT_PrepareChunk@8
_XLLRT_CreateChunkFromModule@16
_XLLRT_RunChunk@8
_XLLRT_CreateChunkFromFile@12
_XLLRT_ErrorHandle@4
ord7
lua_tonumber
_XLLRT_ReleaseEnv@4
_XLLRT_PushXLObject@12
lua_pushinteger
lua_pushnil
lua_pushstring
lua_pushboolean
lua_pushnumber
lua_tointeger
luaL_checkudata
luaL_checkinteger
lua_type
lua_toboolean
luaL_checknumber
lua_isstring
lua_isuserdata
lua_settable
lua_next
lua_pushlstring
luaL_unref
lua_touserdata
_XLLRT_RegisterGlobalObj@28
lua_rawseti
lua_createtable
lua_rawgeti
lua_pushvalue
luaL_ref
lua_pushlightuserdata
_XLLRT_RegisterClass@20
lua_tolstring
lua_objlen
luaL_checktype
luaL_checklstring
downloadkernel
XL_DKLH_RegisterToEnv
XL_DKLH_GetDownloadKernel
libexpat
ord20
ord16
ord25
ord50
ord35
ord48
ord52
ord21
minizip
unzLocateFile
unzGetCurrentFileInfo
unzReadCurrentFile
unzCloseCurrentFile
unzClose
unzGoToFirstFile
unzOpen
mini_unzip_dll
unzOpen2
unzGoToNextFile
unzOpenCurrentFile
psapi
GetModuleBaseNameW
winmm
PlaySoundW
wininet
InternetGetCookieExW
kernel32
GetModuleFileNameA
MoveFileW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
CreateEventA
OpenFileMappingA
GetProcAddress
GetModuleHandleW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
HeapFree
GetProcessHeap
CloseHandle
CreateFileW
MapViewOfFileEx
CreateFileMappingW
GetFileSize
UnmapViewOfFile
lstrlenW
MultiByteToWideChar
OpenMutexA
MapViewOfFile
OpenFileMappingW
OutputDebugStringW
GetCurrentThread
ResumeThread
CreateDirectoryW
CreateDirectoryExW
CreateProcessW
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
FlushInstructionCache
GetCurrentProcess
HeapAlloc
lstrcatW
lstrcpyW
GlobalMemoryStatusEx
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
SetThreadExecutionState
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GetTickCount
SetProcessWorkingSetSize
OpenEventW
SetEvent
FreeLibrary
GetModuleFileNameW
GetTempPathW
ReleaseMutex
CreateMutexW
OpenMutexW
GetVersion
ResetEvent
WaitForMultipleObjects
CreateEventW
UnhandledExceptionFilter
GetSystemDirectoryW
SetLastError
LocalFree
GetPrivateProfileStringW
GlobalUnlock
GlobalLock
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrcpynW
lstrcmpW
Sleep
ReadFile
SetFilePointer
lstrcpynA
CopyFileW
MulDiv
GetDiskFreeSpaceExW
GetVolumeInformationW
GetDriveTypeW
GlobalAddAtomW
GlobalDeleteAtom
GetFileSizeEx
DeleteFileW
SetFileAttributesW
GlobalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
GetLocalTime
GetExitCodeProcess
WaitForSingleObject
CreateThread
WriteFile
SystemTimeToFileTime
GetSystemTime
SetSystemPowerState
GetLogicalDriveStringsW
GlobalSize
VirtualQuery
IsBadCodePtr
GetFileAttributesW
WideCharToMultiByte
FindClose
FindFirstFileW
GetFileAttributesExW
FindNextFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
OutputDebugStringA
FileTimeToSystemTime
GetFileTime
MoveFileExW
GetModuleHandleA
SetErrorMode
IsDebuggerPresent
VirtualQueryEx
GetThreadSelectorEntry
ReadProcessMemory
CompareFileTime
GetFullPathNameW
VirtualProtect
lstrcmpiW
VirtualAlloc
InterlockedCompareExchange
GetThreadContext
SetThreadContext
SuspendThread
VerifyVersionInfoW
VerSetConditionMask
CreateFileMappingA
CreateMutexA
lstrlenA
user32
MsgWaitForMultipleObjects
IsWindowVisible
IsIconic
PeekMessageW
SendMessageW
PostMessageW
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
wsprintfW
DestroyWindow
GetClassInfoExW
CreateWindowExW
DispatchMessageW
TranslateMessage
SetRectEmpty
GetMessageW
EqualRect
IsRectEmpty
LoadStringW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
MessageBoxW
ExitWindowsEx
ShowCursor
PtInRect
GetTopWindow
IntersectRect
GetWindow
GetClientRect
GetCursorPos
EmptyClipboard
SetClipboardData
EnumWindows
GetAsyncKeyState
GetKeyState
UnregisterHotKey
RegisterHotKey
PostQuitMessage
WindowFromPoint
ScreenToClient
RegisterClipboardFormatW
GetActiveWindow
FindWindowW
GetLastActivePopup
GetForegroundWindow
AttachThreadInput
BringWindowToTop
SetForegroundWindow
SystemParametersInfoW
SetFocus
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetClipboardOwner
GetWindowThreadProcessId
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
GetDesktopWindow
ShowWindow
ClientToScreen
GetWindowPlacement
GetWindowRect
GetWindowDC
EnumThreadWindows
GetWindowTextW
GetClassNameW
DrawIconEx
DrawTextW
GetIconInfo
GetDC
ReleaseDC
CreateIconIndirect
DestroyIcon
SetTimer
IsWindow
KillTimer
GetSystemMetrics
LoadImageW
RegisterWindowMessageW
gdi32
GetObjectW
GetDIBColorTable
DeleteObject
SetDIBColorTable
CreateDIBSection
CreateCompatibleBitmap
StretchBlt
TextOutW
SetTextColor
SetBkMode
BitBlt
SelectObject
DeleteDC
GetStockObject
EnumFontFamiliesExW
GetDeviceCaps
SetBkColor
ExtTextOutW
SetDCBrushColor
SetDCPenColor
SetStretchBltMode
CreateSolidBrush
CreatePen
Rectangle
GetTextExtentPoint32W
CreateCompatibleDC
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
GetAclInformation
EqualSid
SetNamedSecurityInfoW
InitializeAcl
AddAce
GetLengthSid
CopySid
IsValidSid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegCreateKeyW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorLength
GetSecurityDescriptorControl
MakeSelfRelativeSD
GetNamedSecurityInfoW
GetSidSubAuthority
GetAce
GetSidLengthRequired
InitializeSid
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
shell32
ord165
SHCreateDirectoryExW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteExW
ExtractIconExW
SHGetSpecialFolderPathW
SHChangeNotify
SHGetPathFromIDListW
SHBrowseForFolderW
ord74
SHFileOperationW
ole32
StringFromGUID2
CLSIDFromString
CoCreateGuid
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
CoInitialize
CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
VarBstrCat
SafeArrayDestroy
LoadTypeLi
LoadRegTypeLi
VariantChangeType
VariantCopy
VariantClear
VariantInit
OleLoadPicturePath
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysAllocString
msvcp71
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??Bios_base@std@@QBEPAXXZ
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?eof@?$char_traits@_W@std@@SAGXZ
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1locale@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?width@ios_base@std@@QBEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??7ios_base@std@@QBE_NXZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@III_W@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?clear@ios_base@std@@QAEXH_N@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@AAD@Z
?unget@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??1ostrstream@std@@UAE@XZ
??0ostrstream@std@@QAE@PADHH@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Nomemory@std@@YAXXZ
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1ios_base@std@@UAE@XZ
?widen@?$ctype@_W@std@@QBE_WD@Z
??1istrstream@std@@UAE@XZ
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1strstreambuf@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?overflow@strstreambuf@std@@MAEHH@Z
?pbackfail@strstreambuf@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JHH@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
??0_Lockit@std@@QAE@H@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
atl71
ord11
ord45
ord32
ord61
ord10
ord58
ord31
ord23
ord64
ord62
ord44
ord43
ord65
ord66
ord30
shlwapi
PathIsRelativeW
PathCanonicalizeW
StrCpyNW
PathFileExistsA
SHDeleteKeyW
StrCmpNIA
PathRemoveBlanksA
StrCmpNIW
StrStrIW
StrCmpIW
PathIsSameRootW
PathIsDirectoryW
PathAddBackslashW
PathAppendW
PathRemoveFileSpecW
PathCombineW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
StrCatW
msimg32
TransparentBlt
AlphaBlend
msvcr71
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
free
_CxxThrowException
memset
iswspace
wcscmp
_wcsupr
memcpy
wcslen
memmove
malloc
_strnicmp
??_V@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_wcsnicmp
_wtoi
_wcslwr
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
_except_handler3
_purecall
realloc
wcsstr
__p___wargv
_resetstkoflw
tolower
abs
_wcsicmp
_vscwprintf
vswprintf
strlen
wcstombs
_beginthreadex
rand
srand
fclose
fwrite
_wfopen
_waccess
swprintf
_ltow
_vscprintf
vsprintf
memcmp
strcpy
wcsncat
_localtime64
_wrename
_time64
_i64toa
_atoi64
_mktime64
_gmtime64
swscanf
wcsrchr
wcschr
fwprintf
getc
fgetwc
fseek
fread
toupper
_ultow
_ui64toa
_ui64tow
sprintf
atol
_wtol
_wtoi64
sscanf
_stricmp
_vsnwprintf
_snwprintf
_wsplitpath
_findclose
_wfindnext
_wfindfirst
?swprintf@@YAHPA_WIPB_WZZ
_snprintf
time
fputs
wcsncpy
wcsftime
localtime
__RTDynamicCast
_wmkdir
ftell
wcscat
wcsncmp
_mbsinc
_ismbcspace
atoi
_errno
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strcmpi
strftime
gmtime
_wstat
strncmp
wcscpy
wintrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext
CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
WinVerifyTrust
crypt32
CertCloseStore
CryptMsgClose
CryptQueryObject
CryptMsgGetParam
sqlite3
sqlite3_close
sqlite3_open16
sqlite3_step
sqlite3_column_text16
sqlite3_column_int
sqlite3_bind_text16
sqlite3_bind_int
sqlite3_finalize
sqlite3_prepare16_v2
sqlite3_reset
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
ws2_32
getpeername
getsockname
WSACancelAsyncRequest
WSAAsyncSelect
closesocket
WSAStartup
WSACleanup
socket
inet_addr
recv
send
htons
ntohs
connect
WSAAsyncGetHostByName
WSAGetLastError
Sections
.text Size: 641KB - Virtual size: 640KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 179KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 15KB - Virtual size: 303KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 93KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE