c:\workarea\8.753.5\install\Monet\Apps\Bin\Win32\B_rel\InstallManager.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
b25107b9d281e7860bfa28f6a763ab1a_JaffaCakes118.dll
Resource
win7-20240708-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
b25107b9d281e7860bfa28f6a763ab1a_JaffaCakes118.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
b25107b9d281e7860bfa28f6a763ab1a_JaffaCakes118
-
Size
1.3MB
-
MD5
b25107b9d281e7860bfa28f6a763ab1a
-
SHA1
155f659cbede3e5b6d4c106b70b80af3b507714d
-
SHA256
ddb31b0ce81f2250d8caa0e162f38f6886dc342736370e065f23530e73f5aa56
-
SHA512
ad7d97eeebcca60239075ab2a8dbcb46e48038c530e0365cd846626e65ad91ee61aa1e2f9e72073b35ef7ad9f9448f566d35ca8dc815314f5e86125d5ebc4df5
-
SSDEEP
12288:Gnas4ALc3XEhSxdV4zHJzktLmN85ZuDPIyVtssFF/WF9Y3jhSqfImli2TM:GaDALcHEhXHxk1mS5ZwAy5FFs4oSM
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b25107b9d281e7860bfa28f6a763ab1a_JaffaCakes118
Files
-
b25107b9d281e7860bfa28f6a763ab1a_JaffaCakes118.dll windows:4 windows x86 arch:x86
95dbc8260f7ba8922ad2664fba0dbc85
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
msi
ord118
ord159
ord8
ord32
ord92
ord160
xerces-c_2_6
?handleElementPSVI@AbstractDOMParser@xercesc_2_6@@UAEXQBG0PAVPSVIElement@2@@Z
?TextDecl@AbstractDOMParser@xercesc_2_6@@UAEXQBG0@Z
?startExtSubset@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?startIntSubset@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?startAttList@AbstractDOMParser@xercesc_2_6@@UAEXABVDTDElementDecl@2@@Z
?notationDecl@AbstractDOMParser@xercesc_2_6@@UAEXABVXMLNotationDecl@2@_N@Z
?resetDocType@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?entityDecl@AbstractDOMParser@xercesc_2_6@@UAEXABVDTDEntityDecl@2@_N1@Z
?endExtSubset@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?endIntSubset@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?endAttList@AbstractDOMParser@xercesc_2_6@@UAEXABVDTDElementDecl@2@@Z
?elementDecl@AbstractDOMParser@xercesc_2_6@@UAEXABVDTDElementDecl@2@_N@Z
?doctypeWhitespace@AbstractDOMParser@xercesc_2_6@@UAEXQBGI@Z
?doctypePI@AbstractDOMParser@xercesc_2_6@@UAEXQBG0@Z
?doctypeDecl@AbstractDOMParser@xercesc_2_6@@UAEXABVDTDElementDecl@2@QBG1_N2@Z
?doctypeComment@AbstractDOMParser@xercesc_2_6@@UAEXQBG@Z
?attDef@AbstractDOMParser@xercesc_2_6@@UAEXABVDTDElementDecl@2@ABVDTDAttDef@2@_N@Z
?startInputSource@XercesDOMParser@xercesc_2_6@@UAEXABVInputSource@2@@Z
?resolveEntity@XercesDOMParser@xercesc_2_6@@UAEPAVInputSource@2@QBG00@Z
?resolveEntity@XercesDOMParser@xercesc_2_6@@UAEPAVInputSource@2@PAVXMLResourceIdentifier@2@@Z
?resetEntities@XercesDOMParser@xercesc_2_6@@UAEXXZ
?expandSystemId@XercesDOMParser@xercesc_2_6@@UAE_NQBGAAVXMLBuffer@2@@Z
?endInputSource@XercesDOMParser@xercesc_2_6@@UAEXABVInputSource@2@@Z
?parse@AbstractDOMParser@xercesc_2_6@@QAEXQBG@Z
?error@XercesDOMParser@xercesc_2_6@@UAEXIQBGW4ErrTypes@XMLErrorReporter@2@000JJ@Z
?createElementNSNode@AbstractDOMParser@xercesc_2_6@@MAEPAVDOMElement@2@PBG0@Z
?setPSVIHandler@AbstractDOMParser@xercesc_2_6@@UAEXQAVPSVIHandler@2@@Z
?elementTypeInfo@AbstractDOMParser@xercesc_2_6@@UAEXQBG0@Z
?XMLDecl@AbstractDOMParser@xercesc_2_6@@UAEXQBG000@Z
?startEntityReference@AbstractDOMParser@xercesc_2_6@@UAEXABVXMLEntityDecl@2@@Z
?handlePartialElementPSVI@AbstractDOMParser@xercesc_2_6@@UAEXQBG0PAVPSVIElement@2@@Z
?startElement@AbstractDOMParser@xercesc_2_6@@UAEXABVXMLElementDecl@2@IQBGABV?$RefVectorOf@VXMLAttr@xercesc_2_6@@@2@I_N3@Z
?startDocument@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?resetDocument@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?ignorableWhitespace@AbstractDOMParser@xercesc_2_6@@UAEXQBGI_N@Z
?endEntityReference@AbstractDOMParser@xercesc_2_6@@UAEXABVXMLEntityDecl@2@@Z
?endElement@AbstractDOMParser@xercesc_2_6@@UAEXABVXMLElementDecl@2@I_NQBG@Z
?endDocument@AbstractDOMParser@xercesc_2_6@@UAEXXZ
?docPI@AbstractDOMParser@xercesc_2_6@@UAEXQBG0@Z
?docComment@AbstractDOMParser@xercesc_2_6@@UAEXQBG@Z
?docCharacters@AbstractDOMParser@xercesc_2_6@@UAEXQBGI_N@Z
?fgXercescDefaultLocale@XMLUni@xercesc_2_6@@2QBDB
?Initialize@XMLPlatformUtils@xercesc_2_6@@SGXQBD0QAVPanicHandler@2@QAVMemoryManager@2@@Z
??2XMemory@xercesc_2_6@@SGPAXI@Z
?fgMemoryManager@XMLPlatformUtils@xercesc_2_6@@2PAVMemoryManager@2@A
??0XercesDOMParser@xercesc_2_6@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??3XMemory@xercesc_2_6@@SGXPAX@Z
??1HandlerBase@xercesc_2_6@@UAE@XZ
?resetErrors@HandlerBase@xercesc_2_6@@UAEXXZ
?startDocument@HandlerBase@xercesc_2_6@@UAEXXZ
?setDocumentLocator@HandlerBase@xercesc_2_6@@UAEXQBVLocator@2@@Z
?processingInstruction@HandlerBase@xercesc_2_6@@UAEXQBG0@Z
?endElement@HandlerBase@xercesc_2_6@@UAEXQBG@Z
?endDocument@HandlerBase@xercesc_2_6@@UAEXXZ
?resetDocType@HandlerBase@xercesc_2_6@@UAEXXZ
?unparsedEntityDecl@HandlerBase@xercesc_2_6@@UAEXQBG000@Z
?notationDecl@HandlerBase@xercesc_2_6@@UAEXQBG00@Z
?resolveEntity@HandlerBase@xercesc_2_6@@UAEPAVInputSource@2@QBG0@Z
??_7EntityResolver@xercesc_2_6@@6B@
??_7DTDHandler@xercesc_2_6@@6B@
??_7DocumentHandler@xercesc_2_6@@6B@
?handleAttributesPSVI@AbstractDOMParser@xercesc_2_6@@UAEXQBG0PAVPSVIAttributeList@2@@Z
?Terminate@XMLPlatformUtils@xercesc_2_6@@SGXXZ
??1XercesDOMParser@xercesc_2_6@@UAE@XZ
?setErrorHandler@XercesDOMParser@xercesc_2_6@@QAEXQAVErrorHandler@2@@Z
?getMessage@OutOfMemoryException@xercesc_2_6@@QBEPBGXZ
?getDocument@AbstractDOMParser@xercesc_2_6@@QAEPAVDOMDocument@2@XZ
?resetErrors@XercesDOMParser@xercesc_2_6@@UAEXXZ
setupapi
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
kernel32
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetShortPathNameW
LoadLibraryExW
GetWindowsDirectoryW
WideCharToMultiByte
GetTickCount
CreateProcessW
FreeLibrary
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
MoveFileW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
WriteFile
GetCurrentThread
IsBadWritePtr
VirtualQuery
FormatMessageW
SetFilePointer
SetUnhandledExceptionFilter
RaiseException
CreateEventA
GetLogicalDriveStringsW
GetDriveTypeW
RemoveDirectoryW
CreateDirectoryW
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
lstrlenW
GetSystemInfo
GetProcAddress
GetCurrentProcess
GetVersionExW
MultiByteToWideChar
OutputDebugStringW
CreateEventW
CloseHandle
WaitForSingleObject
SetEvent
GetLastError
WriteConsoleW
CreateFileW
Sleep
DeleteFileW
CreateMutexW
ReleaseMutex
GetModuleHandleW
lstrcpyW
GetModuleFileNameW
ResumeThread
TerminateThread
GetExitCodeThread
SetThreadPriority
user32
wsprintfW
wvsprintfW
shell32
SHGetFolderLocation
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
msvcp80
?find_first_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?at@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
?_Myptr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@IAEPAGXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?str@?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@2@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?find_first_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?swap@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXAAV12@@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV?$_String_const_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV?$_String_const_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@AAV21@@Z
??_D?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEXXZ
?close@?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEXXZ
?is_open@?$basic_ofstream@GU?$char_traits@G@std@@@std@@QBE_NXZ
?open@?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEXPBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
?fail@ios_base@std@@QBE_NXZ
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??_D?$basic_fstream@GU?$char_traits@G@std@@@std@@QAEXXZ
?close@?$basic_fstream@GU?$char_traits@G@std@@@std@@QAEXXZ
?eof@ios_base@std@@QBE_NXZ
?open@?$basic_fstream@GU?$char_traits@G@std@@@std@@QAEXPBGHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
?clear@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?find_first_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??7ios_base@std@@QBE_NXZ
??_D?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEXXZ
??0locale@std@@QAE@PBDH@Z
?sync_with_stdio@ios_base@std@@SA_N_N@Z
?imbue@?$basic_ios@GU?$char_traits@G@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?rdbuf@?$basic_ifstream@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_filebuf@GU?$char_traits@G@std@@@2@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE_NXZ
??_D?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?str@?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@V32@0@Z
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
?wcout@std@@3V?$basic_ostream@GU?$char_traits@G@std@@@1@A
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEHPBGH@Z
?eq_int_type@?$char_traits@G@std@@SA_NABG0@Z
?eof@?$char_traits@G@std@@SAGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@G@std@@SAIPBG@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEXXZ
?widen@?$ctype@G@std@@QBEGD@Z
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@G@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?length@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHPBG@Z
?find_first_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?getline@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@PAGH@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?rend@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@XZ
?rbegin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@@2@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHABV12@@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIPBG@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
msvcr80
_wstat64i32
free
fread
malloc
_wfopen
rewind
ftell
fseek
fwrite
wcstoul
isspace
wcschr
_errno
_waccess
_wchmod
_wrmdir
_wmkdir
_wtof
_wtol
wcscpy
wcsncpy
_wstrtime
_wstrdate
wcsstr
fwprintf
wcsftime
_localtime64
_time64
_vswprintf
_wcsicmp
memmove_s
_ctime64
wcscat_s
memcpy
printf
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_memicmp
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3
memset
_wtoi
_CxxThrowException
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
strlen
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
fclose
fopen
_swprintf
__RTDynamicCast
wcsrchr
??_V@YAXPAX@Z
_beginthreadex
wcsncpy_s
mbstowcs_s
wcstombs_s
_itow_s
_wfopen_s
_vsnprintf_s
_vsnwprintf_s
wcslen
toupper
towupper
tolower
towlower
wcscmp
shlwapi
PathIsDirectoryW
advapi32
RegGetKeySecurity
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDecrypt
CryptDeriveKey
CryptEncrypt
CryptDestroyKey
RegCloseKey
GetSecurityDescriptorDacl
GetAclInformation
GetAce
LookupAccountSidW
RegSetKeySecurity
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
Exports
Exports
GetCoreCounter
GetIInstallMgr
IMCore_SetErrorHandler
RemoveIInstallMgr
Sections
.text Size: 520KB - Virtual size: 516KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 596KB - Virtual size: 595KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 64KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.text Size: 108KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE