c:\jenkins\workspace\Client\Client\Windows_VDI\release\Bin\Release\zTscoder.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
abf761b890a49a7a679cfea194830fb37144bf19179f984a17a93d8e4447845e.exe
Resource
win7-20240729-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
abf761b890a49a7a679cfea194830fb37144bf19179f984a17a93d8e4447845e.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
abf761b890a49a7a679cfea194830fb37144bf19179f984a17a93d8e4447845e
-
Size
395KB
-
MD5
a0b0bc205ce27d5ec1aa2e60e7f3e8d4
-
SHA1
8fd1ed68a6672c664d4849c3d89a700524e960da
-
SHA256
abf761b890a49a7a679cfea194830fb37144bf19179f984a17a93d8e4447845e
-
SHA512
7b672145bd318b5dd717e45c2429c6688c90e67398159f6a4856c441a25e84d526be9b5dbfb2d30fbad3c71ee7deecf361da12b9ca4df49af83d55d17b098e48
-
SSDEEP
6144:VAtgZI3h/0kn3tC8p5i5PhAMqvQnRaR9bYLw5T:VAt19dC87a5ZHRiN
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource abf761b890a49a7a679cfea194830fb37144bf19179f984a17a93d8e4447845e
Files
-
abf761b890a49a7a679cfea194830fb37144bf19179f984a17a93d8e4447845e.exe windows:5 windows x86 arch:x86
2061447a238a1b1f2e2f8411aa066862
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
cmmlib
?IntToString@Cmm@@YAXHAAV?$CStringT@_W@1@@Z
??M?$CStringT@_W@Cmm@@QBE_NABV01@@Z
?substr@?$CStringT@_W@Cmm@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@II@Z
??0?$CStringT@_W@Cmm@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?SetLength@?$CStringT@D@Cmm@@QAEXI@Z
?length@?$CStringT@_W@Cmm@@QBEIXZ
?length@?$CStringT@D@Cmm@@QBEIXZ
?size@?$CStringT@D@Cmm@@QBEIXZ
??0?$CStringT@D@Cmm@@QAE@XZ
??0?$CStringT@D@Cmm@@QAE@PBD@Z
??1?$CStringT@D@Cmm@@UAE@XZ
??4?$CStringT@D@Cmm@@QAEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?c_str@?$CStringT@D@Cmm@@QBEPBDXZ
?GetBuffer@?$CStringT@D@Cmm@@QAEPADI@Z
?GetBufferSetLength@?$CStringT@D@Cmm@@QAEPADI@Z
?ReleaseBuffer@?$CStringT@D@Cmm@@QAEXXZ
?size@?$CStringT@_W@Cmm@@QBEIXZ
??0?$CStringT@_W@Cmm@@QAE@V?$CRangeT@PB_W@1@@Z
??H?$CStringT@_W@Cmm@@QBE?AV01@ABV01@@Z
??4?$CStringT@_W@Cmm@@QAEAAV01@ABV01@@Z
??4?$CStringT@_W@Cmm@@QAEAAV01@V?$CRangeT@PB_W@1@@Z
??A?$CStringT@_W@Cmm@@QBE_WI@Z
?GetBuffer@?$CStringT@_W@Cmm@@QAEPA_WI@Z
?AssignOther@?$CStringT@_W@Cmm@@QAEAAV12@ABV?$CStringT@D@2@@Z
?CompareNoCase@?$CStringT@_W@Cmm@@QBEHPB_W@Z
?CompareNoCase@?$CStringT@_W@Cmm@@QBEHABV12@@Z
?GetLength@?$CStringT@_W@Cmm@@QBEIXZ
?SetLength@?$CStringT@_W@Cmm@@QAEXI@Z
?Replace@?$CStringT@_W@Cmm@@QAEXPB_W0@Z
?Left@?$CStringT@_W@Cmm@@QBE?AV?$CRangeT@PB_W@2@I@Z
?Right@?$CStringT@_W@Cmm@@QBE?AV?$CRangeT@PB_W@2@I@Z
??4?$CStringT@_W@Cmm@@QAEAAV01@$$QAV01@@Z
??0?$CStringT@_W@Cmm@@QAE@$$QAV01@@Z
?Int64ToString@Cmm@@YAH_JAAV?$CStringT@D@1@@Z
?Close@CFile@Cmm@@QAEXXZ
?Write@CFile@Cmm@@QAEIPBXI@Z
?Read@CFile@Cmm@@QAEIPAXI@Z
?OpenExisting@CFile@Cmm@@QAEXPB_WW4EAccess@12@H@Z
?CreateAlways@CFile@Cmm@@QAEXPB_WW4EAccess@12@@Z
??1CFile@Cmm@@QAE@XZ
??0CFileName@Cmm@@QAE@XZ
?BaseInitLoggingImpl_built_with_NDEBUG@logging@@YA_NPB_WW4LoggingDestination@1@W4LogLockingState@1@W4OldFileDeletionState@1@W4LogEncryptPolicy@1@K@Z
cmm_fs_find_first
?StringToInt64@Cmm@@YAHABV?$CStringT@D@1@AA_J@Z
?CreateAppContext@Cmm@@YAPAVISSBAppContext@1@ABV?$CStringT@_W@1@HH@Z
?DestroyAppContext@Cmm@@YAXPAVISSBAppContext@1@@Z
?AssignOther@?$CStringT@D@Cmm@@QAEAAV12@PB_W@Z
?find@?$CStringT@_W@Cmm@@QBEIABV12@I@Z
?compare@?$CStringT@_W@Cmm@@QBEHABV12@@Z
??H?$CStringT@_W@Cmm@@QBE?AV01@PB_W@Z
??8?$CStringT@_W@Cmm@@QBE_NPB_W@Z
??8?$CStringT@_W@Cmm@@QBE_NABV01@@Z
?AssignOther@?$CStringT@_W@Cmm@@QAEAAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Pos@?$CStringT@_W@Cmm@@QBEHPB_W@Z
?Mid@?$CStringT@_W@Cmm@@QBE?AV?$CRangeT@PB_W@2@II@Z
?Trim@?$CStringT@_W@Cmm@@QAEXXZ
?MakeLower@?$CStringT@_W@Cmm@@QAEXXZ
?GetPath@CFileName@Cmm@@QBE?AV?$CFnRangeT@_W@2@H@Z
?GetSecond@CTime@Cmm@@QBEHXZ
?GetMinute@CTime@Cmm@@QBEHXZ
?GetHour@CTime@Cmm@@QBEHXZ
?GetDay@CTime@Cmm@@QBEHXZ
?GetMonth@CTime@Cmm@@QBEHXZ
?GetYear@CTime@Cmm@@QBEHXZ
?GetTickCount@CTime@Cmm@@SA?AV12@XZ
?cmm_str_convert@@YAIHPADIPB_WI@Z
?cmm_str_convert@@YAIHPA_WIPBDI@Z
?empty@?$CStringT@_W@Cmm@@QBE_NXZ
??0CmmFunctionLogger@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1CmmFunctionLogger@@QAE@XZ
?Format@?$CStringT@_W@Cmm@@QAAXPB_WZZ
??0LogMessage@logging@@QAE@PBDHH@Z
??1LogMessage@logging@@QAE@XZ
?GetMinLogLevel@logging@@YAHXZ
?MakeSlash@CFileName@Cmm@@QAEXXZ
??1CFileName@Cmm@@UAE@XZ
??0?$CStringT@_W@Cmm@@QAE@ABV01@@Z
?IsExists@CFileName@Cmm@@QBEHXZ
??_7CFileName@Cmm@@6B@
?IsEmpty@?$CStringT@_W@Cmm@@QBEHXZ
?c_str@?$CStringT@_W@Cmm@@QBEPB_WXZ
??Y?$CStringT@_W@Cmm@@QAEAAV01@ABV01@@Z
??Y?$CStringT@_W@Cmm@@QAEAAV01@PB_W@Z
??4?$CStringT@_W@Cmm@@QAEAAV01@PB_W@Z
??1?$CStringT@_W@Cmm@@UAE@XZ
?GetSpecialDirectory@CFileName@Cmm@@QAEXW4SpecialFolder@12@H@Z
??0?$CStringT@_W@Cmm@@QAE@PB_W@Z
??0?$CStringT@_W@Cmm@@QAE@XZ
?GetSize@CFile@Cmm@@QBE_KXZ
duilib
?SetShowHtml@CLabelUI@DuiLib@@QAEX_N@Z
?IsAccSupportEnabled@DuiLib@@YAHXZ
?HandleMessage@CWindowWnd@DuiLib@@MAEJIIJ@Z
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ
?GetHwnd@CWindowWnd@DuiLib@@UAEPAUHWND__@@XZ
?ResizeClient@CWindowWnd@DuiLib@@QAEXHH@Z
?PostMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z
?CreateDuiWindow@CWindowWnd@DuiLib@@UAEPAUHWND__@@PAU3@PB_WKKI0_N@Z
?Create@CWindowWnd@DuiLib@@UAEPAUHWND__@@PAU3@PB_WKKUtagRECT@@PAUHMENU__@@I0_N@Z
?Create@CWindowWnd@DuiLib@@UAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@I0_N@Z
?SetValue@CProgressUI@DuiLib@@QAEXH@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??1CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@XZ
?CreateControlEx@IDialogBuilderCallback@DuiLib@@UAEPAVCControlUI@2@PB_WPAVCPaintManagerUI@2@@Z
?ProcessWindowMessage@CDropObjectWnd@DuiLib@@QAEHPAUHWND__@@IIJAAJK@Z
?ProcessWindowMessage@CHighDpiWnd@DuiLib@@QAEHPAUHWND__@@IIJAAJK@Z
?SetSupportHighContrast@CHighContrast@DuiLib@@QAEX_N@Z
?Instance@CHighContrast@DuiLib@@SAPAV12@XZ
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPB_W@Z
?SetResourceDll@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?GetAppUseLightTheme@DuiLib@@YA_NAA_N@Z
?LoadIconHighDpi@CHighDpi@DuiLib@@SAPAUHICON__@@PAUHINSTANCE__@@I_NI@Z
?SetAwarenessMode@CHighDpi@DuiLib@@SA_NW4DPIAwareMode@CDpiAwarenessMode@2@@Z
?UnInitHdpi@CHighDpi@DuiLib@@SAXXZ
?InitHdpi@CHighDpi@DuiLib@@SAHXZ
?Init@CResManager@DuiLib@@SAXVSTRINGorID@2@PAUHINSTANCE__@@PB_W@Z
?IsSysSupportDarkMode@DuiLib@@YA_NXZ
?SetSkinType@CSkinManager@DuiLib@@QAEXW4emSkinType@2@@Z
?SetFollowSysDarkSetting@CUIlibApp@DuiLib@@QAEX_N@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??BCDuiString@DuiLib@@QBEPB_WXZ
?GetInstance@?$TSingleton@VCSkinManager@DuiLib@@@DuiLib@@SAPAVCSkinManager@2@XZ
?GetInstance@?$TSingleton@VCUIlibApp@DuiLib@@@DuiLib@@SAPAVCUIlibApp@2@XZ
?ChangeDpiParent@CHighDpiWnd@DuiLib@@UAEXPAUHWND__@@I@Z
?AccNotifyEvent@DuiLib@@YAXKPAUHWND__@@JJ@Z
?RemoveDpiChildWnd@CHighDpiWnd@DuiLib@@UAEXPAUHWND__@@@Z
?AddDpiChildWnd@CHighDpiWnd@DuiLib@@UAEXPAUHWND__@@@Z
?SetDpiParentWnd@CHighDpiWnd@DuiLib@@UAEXPAUHWND__@@@Z
?SetCustomTitleButtonRect@CCustomTitleWnd@DuiLib@@UAEXUtagRECT@@@Z
?ToPixel@CHighDpi@DuiLib@@SAHHPAVIScalable@2@@Z
?GetCustomScaleFactor@CScalable@DuiLib@@UAEIXZ
?SetLabelProxyType@CAccLabelProxy@DuiLib@@QAEXW4ACC_LABEL_PROXY_TYPE@12@@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
?PreHandleCustomTitleMsg@CCustomTitleWnd@DuiLib@@UAEHPAUHWND__@@IIJAAJ@Z
?IsApplyColorToTitle@CCustomTitleWnd@DuiLib@@UAEHXZ
?GetCustomTitleColor@CCustomTitleWnd@DuiLib@@UAEKXZ
?NotifyCustomTitleSkinChanged@CCustomTitleWnd@DuiLib@@UAEXXZ
?GetInActiveTitleTextColor@CCustomTitleWnd@DuiLib@@UAEKXZ
?GetActiveTitleTextColor@CCustomTitleWnd@DuiLib@@UAEKXZ
?TranslateMessage@CPaintManagerUI@DuiLib@@SA_NQAUtagMSG@@@Z
?MessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?ProcessWindowMessage@CCustomTitleWnd@DuiLib@@QAEHPAUHWND__@@IIJAAJ@Z
?EnableCustomTitle@CCustomTitleWnd@DuiLib@@UAEX_N@Z
?IsCustomTitleEnabled@CCustomTitleWnd@DuiLib@@UAE_NXZ
?PaintTitle@CCustomTitleWnd@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetNonClientRect@CCustomTitleWnd@DuiLib@@UAEXABUtagRECT@@_N@Z
?GetNonClientRect@CCustomTitleWnd@DuiLib@@UAE?AUtagRECT@@_N@Z
?GetTitleRect@CCustomTitleWnd@DuiLib@@UAE?AUtagRECT@@_N@Z
?GetCurTitleTextColor@CCustomTitleWnd@DuiLib@@UAEKXZ
reslib
??0CResIniter@@QAE@XZ
??1CResIniter@@QAE@XZ
?InitResModule@CResIniter@@QAEXPAUHINSTANCE__@@I@Z
LoadStringFromRes
uibase
?OnParentDpiChanged@CZUIWindowBaseImpl@UIBase@@UAEXI@Z
?KillTimer@CZUIWindowBaseImpl@UIBase@@QAEHI@Z
?SetTimer@CZUIWindowBaseImpl@UIBase@@QAEIIIP6GXPAUHWND__@@IIK@Z@Z
?SetWindowTextW@CZUIWindowBaseImpl@UIBase@@QAEHPB_W@Z
?DestroyWindow@CZUIWindowBaseImpl@UIBase@@QAEHXZ
?IsWindow@CZUIWindowBaseImpl@UIBase@@QBEHXZ
?CreateControl@CZUIWindowBaseImpl@UIBase@@UAEPAVCControlUI@DuiLib@@PB_W@Z
?SetScaleFactor@CZUIWindowBaseImpl@UIBase@@UAEXI@Z
?OnDefalutOK@CZUIWindowBaseImpl@UIBase@@UAEXXZ
?Notify@CZUIWindowBaseImpl@UIBase@@UAEXAAUtagTNotifyUI@DuiLib@@@Z
?OnFinalMessage@CZUIWindowBaseImpl@UIBase@@UAEXPAUHWND__@@@Z
??1CZUIWindowBaseImpl@UIBase@@UAE@XZ
?GetDropWnd@CZUIWindowBaseImpl@UIBase@@UAEPAUHWND__@@XZ
?ActiveWindowToTop@UIBase@@YAXPAUHWND__@@H@Z
?CenterWindow@CZUIWindowBaseImpl@UIBase@@QAEHPAUHWND__@@@Z
?ShowWindow@CZUIWindowBaseImpl@UIBase@@QAEHH@Z
?GetCurrentScaleFactor@CZUIWindowBaseImpl@UIBase@@UAEIXZ
?GetCurrentDpi@CZUIWindowBaseImpl@UIBase@@UAEIXZ
??0CZUIWindowBaseImpl@UIBase@@QAE@XZ
?GetSmallIcon@CZUIWindowBaseImpl@UIBase@@UAEPAUHICON__@@XZ
?GetDpi@CZUIWindowBaseImpl@UIBase@@UAEIXZ
?LoadResStringEx@UIBase@@YA?AV?$CStringT@_W@Cmm@@I@Z
?DoCreate@CZUIWindowBaseImpl@UIBase@@IAEXABVSTRINGorID@DuiLib@@PAUHINSTANCE__@@@Z
?GetCurrentSkinType@CZUIWindowBaseImpl@UIBase@@UAE?AW4emSkinType@DuiLib@@XZ
?GetScaleFactor@CZUIWindowBaseImpl@UIBase@@UAEIXZ
?SetDpi@CZUIWindowBaseImpl@UIBase@@UAEXI@Z
?GetRepositionFlag@CZUIWindowBaseImpl@UIBase@@UAE_NXZ
?SetRepositionFlag@CZUIWindowBaseImpl@UIBase@@UAEX_N@Z
?GetSimpleRepositionFlag@CZUIWindowBaseImpl@UIBase@@UAE_NXZ
?OnDefaultCancel@CZUIWindowBaseImpl@UIBase@@UAEXXZ
?SetSimpleRepositionFlag@CZUIWindowBaseImpl@UIBase@@UAEX_N@Z
?GetCustomTitleWnd@CZUIWindowBaseImpl@UIBase@@UAEPAUHWND__@@XZ
kernel32
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeCriticalSectionEx
CreateToolhelp32Snapshot
CreateEventW
GetLastError
Process32NextW
Process32FirstW
CloseHandle
RaiseException
DecodePointer
DeleteCriticalSection
GetCurrentProcessId
FindFirstFileW
FindNextFileW
FindClose
DeleteFileW
GetProcAddress
GetModuleHandleW
WritePrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryW
FreeLibrary
GetTickCount
SetEvent
CreateDirectoryW
SizeofResource
HeapFree
EnterCriticalSection
lstrcpynW
GetModuleFileNameW
GetUserDefaultUILanguage
LeaveCriticalSection
GetFileAttributesW
GetCurrentThreadId
MultiByteToWideChar
Sleep
LoadResource
FindResourceW
HeapAlloc
GetProcessHeap
GetTempFileNameW
lstrcmpiW
LoadLibraryExW
QueryDosDeviceW
VirtualProtect
GetCurrentProcess
ReleaseSemaphore
WriteFile
TerminateProcess
WaitForMultipleObjects
InitializeCriticalSection
SetFilePointer
ResumeThread
GetModuleHandleA
OpenProcess
GetCommandLineA
GetLogicalDriveStringsW
CreateFileA
CreateThread
GetWindowsDirectoryW
VerSetConditionMask
CreateSemaphoreW
FlushInstructionCache
VerifyVersionInfoW
CreateDirectoryA
SetDllDirectoryW
VirtualQuery
FlushFileBuffers
SetErrorMode
GetPrivateProfileStringW
CreateFileW
user32
IsWindow
EnumWindows
GetWindowThreadProcessId
PostQuitMessage
FindWindowW
SendMessageW
GetDesktopWindow
LoadIconW
TranslateMessage
CharNextW
PeekMessageW
DispatchMessageW
DestroyWindow
GetMessageW
GetProcessWindowStation
GetUserObjectInformationA
PostMessageW
MessageBoxW
advapi32
GetUserNameW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
CheckTokenMembership
RevertToSelf
SetTokenInformation
AllocateAndInitializeSid
CreateWellKnownSid
ImpersonateLoggedOnUser
CreateRestrictedToken
FreeSid
DuplicateTokenEx
OpenProcessToken
RegGetValueW
GetTokenInformation
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
shell32
SHGetMalloc
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
oleaut32
VariantInit
SysAllocString
VariantClear
VarUI4FromStr
SysFreeString
msvcp140
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?uncaught_exception@std@@YA_NXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
shlwapi
PathIsUNCW
PathAppendW
StrCmpNIW
PathFileExistsW
PathIsRelativeW
PathIsDirectoryW
comctl32
InitCommonControlsEx
gdiplus
GdiplusShutdown
GdiplusStartup
psapi
GetModuleInformation
EnumProcessModules
GetMappedFileNameW
GetModuleFileNameExW
wintrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust
crypt32
CertGetNameStringW
vcruntime140
memmove
_CxxThrowException
memset
__current_exception_context
__current_exception
memcpy
memcmp
memchr
_except_handler4_common
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
_purecall
__std_terminate
wcschr
wcsstr
api-ms-win-crt-string-l1-1-0
wmemcpy_s
wcscat_s
towupper
isdigit
_wcsnicmp
strcat_s
towlower
wcsncpy_s
_wcsicmp
wcsnlen
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf
__p__commode
_set_fmode
api-ms-win-crt-runtime-l1-1-0
_initialize_wide_environment
_invalid_parameter_noinfo_noreturn
_errno
_invalid_parameter_noinfo
_configure_wide_argv
_controlfp_s
_initterm
abort
_register_thread_local_exe_atexit_callback
_c_exit
_set_app_type
_exit
exit
_initterm_e
terminate
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_get_wide_winmain_command_line
api-ms-win-crt-math-l1-1-0
_isnan
_finite
__setusermatherr
_dclass
modf
api-ms-win-crt-heap-l1-1-0
_callnewh
malloc
free
_set_new_mode
_recalloc
api-ms-win-crt-utility-l1-1-0
rand
srand
api-ms-win-crt-filesystem-l1-1-0
_wstat64i32
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
zcrashreport
ord16
ord7
ord9
Sections
.text Size: 131KB - Virtual size: 131KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 63KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 171KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ