h:\work\SRM\release\SpywareRemover2009.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
bdb700c5538375a3b41d11beeeaa31a4_JaffaCakes118.exe
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
bdb700c5538375a3b41d11beeeaa31a4_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
bdb700c5538375a3b41d11beeeaa31a4_JaffaCakes118
-
Size
1.4MB
-
MD5
bdb700c5538375a3b41d11beeeaa31a4
-
SHA1
ba05f2ed7f07ce3425f041532560f357a1a3f191
-
SHA256
977e8103bcdc2eba6d8252fe633a889a4e3e87d1fd7844dfa13166f3d99b8232
-
SHA512
7116289a06170cbe03134b9c2b08c2439005be63b842d9b4cd53a0034e43ccd439e383d4d0c90ec5f9f802e3d537745f8600eb31325bd3c6847e887cbd0f0913
-
SSDEEP
24576:dyogiQ1zC1PIqCFkiF+aV2gdGiCAKRGE12UncrseGo8kD:cliiFEAsrqJGo8
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bdb700c5538375a3b41d11beeeaa31a4_JaffaCakes118
Files
-
bdb700c5538375a3b41d11beeeaa31a4_JaffaCakes118.exe windows:4 windows x86 arch:x86
f8fb282448933566609de9915a30cff6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
useragent
?ModifyEntry@UserAgentManager@UserAgent@@AAE_NPBD0@Z
iphlpapi
GetAdaptersInfo
mfc80
ord2130
ord2469
ord629
ord384
ord287
ord1486
ord1979
ord2794
ord5746
ord2495
ord2654
ord3651
ord3423
ord2160
ord1545
ord1377
ord3164
ord2991
ord4232
ord2086
ord587
ord5710
ord1916
ord6172
ord6178
ord4078
ord6037
ord3952
ord2346
ord2234
ord1580
ord1929
ord2233
ord5642
ord5727
ord2272
ord4081
ord6020
ord4085
ord2451
ord2371
ord3473
ord3214
ord4236
ord1558
ord1637
ord2090
ord642
ord908
ord3317
ord4240
ord1591
ord2095
ord741
ord3229
ord4237
ord1570
ord2091
ord4099
ord1484
ord1933
ord6266
ord1397
ord657
ord3171
ord4234
ord1547
ord2089
ord4098
ord1483
ord1931
ord591
ord3195
ord620
ord3307
ord1587
ord731
ord3178
ord1550
ord599
ord3249
ord1575
ord1576
ord671
ord3326
ord2985
ord752
ord3319
ord4242
ord2097
ord743
ord3328
ord2987
ord754
ord3215
ord1559
ord1638
ord643
ord3315
ord1589
ord1647
ord739
ord3312
ord1588
ord1646
ord736
ord3292
ord1581
ord1643
ord715
ord3324
ord774
ord4243
ord1594
ord1650
ord2098
ord748
ord3157
ord1543
ord1635
ord583
ord3304
ord730
ord3298
ord3172
ord1548
ord1636
ord592
ord3227
ord1568
ord1639
ord656
ord3228
ord1569
ord1640
ord2328
ord299
ord6703
ord1265
ord777
ord2327
ord4032
ord282
ord6704
ord1264
ord4036
ord4037
ord2321
ord1262
ord4033
ord4034
ord2319
ord1260
ord259
ord1971
ord2938
ord911
ord4109
ord1092
ord423
ord3233
ord660
ord4063
ord866
ord5466
ord3454
ord1554
ord3474
ord2802
ord3563
ord1586
ord5991
ord4761
ord5994
ord3406
ord3488
ord3430
ord4001
ord4123
ord502
ord5647
ord5059
ord3551
ord3139
ord3571
ord3583
ord3676
ord3587
ord3799
ord1598
ord2876
ord3680
ord4104
ord5871
ord3574
ord3437
ord2131
ord783
ord416
ord651
ord300
ord293
ord6018
ord1263
ord330
ord589
ord280
ord1482
ord577
ord865
ord297
ord3641
ord5640
ord5641
ord5731
ord3989
ord5658
ord2368
ord3287
ord1966
ord2719
ord3401
ord4692
ord4394
ord4648
ord1968
ord3441
ord356
ord5203
ord354
ord605
ord3835
ord2020
ord4580
ord3255
ord1161
ord265
ord266
ord784
ord572
ord3684
ord3596
ord5320
ord5331
ord1181
ord6297
ord6286
ord3204
ord3302
ord2092
ord658
ord3934
ord2958
ord567
ord758
ord2075
ord1425
ord2074
ord760
ord3163
ord2264
ord326
ord5613
ord4125
ord6275
ord3348
ord6120
ord3244
ord2882
ord1571
ord2873
ord2094
ord6725
ord4100
ord5915
ord1955
ord1402
ord2370
ord4238
ord5634
ord5073
ord2367
ord5214
ord781
ord3230
ord5866
ord5491
ord709
ord501
ord1903
ord6090
ord1283
ord5570
ord2468
ord3174
ord769
ord4038
ord4014
ord6278
ord3801
ord6276
ord747
ord4326
ord2063
ord2018
ord5583
ord3806
ord559
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord5975
ord1207
ord2931
ord1101
ord5226
ord1054
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord304
ord4481
ord4261
ord757
ord566
ord3333
ord3830
ord762
ord5224
ord628
ord378
ord3683
ord1063
ord5403
ord6065
ord4035
ord3088
ord2021
ord630
ord385
ord4118
ord4115
ord5833
ord2372
ord3875
ord5873
ord3879
ord6017
ord2263
ord3161
ord5637
ord6752
ord3210
ord1934
ord1280
ord2322
ord6754
ord1123
ord876
ord1564
ord1930
ord1279
ord602
ord347
ord3397
ord2902
ord2657
ord2164
ord2168
ord3761
ord578
ord310
ord2271
ord6724
ord2714
ord5912
ord2862
ord1620
ord2540
ord1617
ord2646
ord3946
ord2533
ord1401
ord3718
ord4244
ord3719
ord5152
ord3709
ord1908
ord2644
ord3949
ord1191
ord4486
ord4185
ord4262
ord3403
ord4722
ord4282
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord1185
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6067
ord6277
ord3345
ord4967
ord1362
ord5175
ord5182
ord1964
ord4212
ord1656
ord4735
ord1655
ord4890
ord1599
ord5200
ord1084
ord1671
ord2537
ord1670
ord2731
ord1395
ord1551
ord2835
ord1187
ord4307
ord764
ord2983
msvcr80
malloc
calloc
_resetstkoflw
free
_recalloc
__RTDynamicCast
memcpy_s
memmove_s
_vscprintf
_wcsdup
_gmtime64
_setmbcp
??0exception@std@@QAE@ABQBDH@Z
_mbsstr
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_mbsicmp
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
_mbschr
_time64
_beginthreadex
_purecall
_mbscspn
__CxxFrameHandler3
_CxxThrowException
_mbscmp
memset
_localtime64_s
_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_localtime64
isxdigit
toupper
tolower
memmove
isalnum
floor
isspace
realloc
_mbspbrk
_local_unwind2
_strlwr_s
isdigit
_strnicmp
strncmp
strerror
_mbsspn
_vscwprintf
_strdup
_strlwr
wcschr
_mbsrchr
_errno
srand
rand
getenv
strnlen
_mbsnbcpy_s
strcpy_s
_itoa
_atoi64
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
memchr
_mbslwr_s
strlen
strftime
_mktime64
_mbsinc
_ltoa_s
atoi
strtol
_mbslen
_ismbcspace
vswprintf_s
vsprintf_s
sprintf
_mbsnbcpy
strtoul
atol
_except_handler3
memcpy
kernel32
GetCurrentThreadId
lstrcpyA
SetFilePointer
GetFileSize
ReadFile
InterlockedDecrement
InterlockedIncrement
GetVersionExA
FreeLibrary
lstrcatA
CreateFileA
lstrcpynA
GlobalFree
MulDiv
GlobalUnlock
GlobalLock
ResumeThread
SetWaitableTimer
CreateWaitableTimerA
GlobalAlloc
TerminateThread
CreateThread
CreateEventA
GetProcessHeap
HeapAlloc
CloseHandle
HeapFree
GetLocaleInfoA
WaitForMultipleObjects
GetModuleFileNameA
DeleteCriticalSection
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
OpenProcess
TerminateProcess
WaitForSingleObject
Sleep
LoadResource
LockResource
SizeofResource
FindResourceA
FindResourceExA
GetProcAddress
GetModuleHandleA
LoadLibraryA
SetLastError
MultiByteToWideChar
GetEnvironmentVariableA
lstrlenW
GetVersion
InterlockedExchange
lstrcmpiA
lstrlenA
WideCharToMultiByte
GetLastError
InterlockedCompareExchange
lstrcmpA
WriteProcessMemory
GetCurrentProcess
VirtualProtect
FindResourceW
FindResourceExW
GetTempPathA
GetFileAttributesA
GetDriveTypeA
CreateMutexA
GetPrivateProfileStringA
CreateDirectoryA
WritePrivateProfileStringA
GetLocalTime
DeleteFileA
WriteFile
GetComputerNameA
PulseEvent
SystemTimeToFileTime
LocalFileTimeToFileTime
RaiseException
CreateProcessA
FindFirstFileA
FindNextFileA
FindClose
GetPrivateProfileSectionNamesA
GetTickCount
FlushFileBuffers
MapViewOfFileEx
CreateFileMappingA
UnmapViewOfFile
ReleaseMutex
SetThreadPriority
GetVolumeInformationA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetWindowsDirectoryA
GetShortPathNameA
MoveFileExA
GetLogicalDriveStringsA
GetCurrentThread
Module32Next
Module32First
CreateToolhelp32Snapshot
LocalFree
GetLongPathNameA
lstrcatW
lstrcpyW
lstrcmpW
CreateFileW
GetFileAttributesW
GetSystemDirectoryA
ExpandEnvironmentStringsA
SetFileAttributesA
GetFileAttributesExA
Process32Next
Process32First
RemoveDirectoryA
GetTempFileNameA
DeviceIoControl
SetEndOfFile
QueryPerformanceCounter
UnlockFile
LockFile
GetSystemTimeAsFileTime
FormatMessageA
LoadLibraryW
GetTempPathW
LockFileEx
DeleteFileW
GetCurrentProcessId
GetSystemTime
GetFullPathNameW
AreFileApisANSI
GetFullPathNameA
LocalAlloc
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ResetEvent
GetACP
GetThreadLocale
HeapDestroy
HeapReAlloc
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
user32
SetWindowTextA
MsgWaitForMultipleObjects
GetAsyncKeyState
DrawFocusRect
GetCapture
GetComboBoxInfo
DestroyCursor
CallWindowProcA
DestroyMenu
IsZoomed
GetMenuItemID
SetMenuDefaultItem
EnableMenuItem
AppendMenuA
WindowFromPoint
LoadImageW
LoadImageA
LoadCursorW
LoadIconW
LoadBitmapW
LoadStringW
LoadStringA
UnhookWindowsHookEx
LoadMenuA
SetFocus
MapWindowPoints
GetSubMenu
IsRectEmpty
ClientToScreen
GetWindowTextA
SetWindowsHookExA
GetKeyboardState
SetKeyboardState
IsWindowUnicode
GetActiveWindow
SystemParametersInfoA
SetRectEmpty
GetMenuItemRect
UnionRect
TrackPopupMenuEx
TrackPopupMenu
GetMessageW
SetMenuItemBitmaps
GetMenuItemInfoA
GetMenuDefaultItem
OffsetRect
GetMenuItemCount
GetMenuState
IsMenu
InsertMenuItemA
GetDlgCtrlID
DrawTextA
ReleaseCapture
LoadCursorA
SetCapture
SetCursor
GetKeyState
IsWindowEnabled
ValidateRect
UpdateWindow
CopyImage
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
GetWindow
GetClassNameA
FindWindowExA
ScreenToClient
SetWindowRgn
LoadBitmapA
PtInRect
GetSystemMenu
DrawStateA
DestroyIcon
PostThreadMessageA
RegisterWindowMessageA
GetMessageA
RedrawWindow
InflateRect
FrameRect
SetRect
CopyRect
EnableScrollBar
SetScrollPos
GetSysColor
CreateWindowExA
RegisterClassExA
FillRect
GetWindowLongA
DispatchMessageA
TranslateMessage
PeekMessageA
DialogBoxParamA
KillTimer
EndPaint
BeginPaint
ReleaseDC
DispatchMessageW
DefWindowProcA
UnregisterClassA
GetDC
SetWindowPos
SetWindowLongA
DestroyWindow
BringWindowToTop
SetMenuItemInfoA
wsprintfA
CreatePopupMenu
IsWindowVisible
SetTimer
ShowWindowAsync
ShowWindow
SetParent
DrawIcon
GetClientRect
IsIconic
GetCursorPos
SetForegroundWindow
LoadAcceleratorsA
MessageBoxA
TranslateAcceleratorA
LoadIconA
GetWindowRect
FindWindowA
InvalidateRect
IsWindow
PostMessageA
GetFocus
SendMessageA
GetParent
GetSystemMetrics
GetDesktopWindow
GetWindowDC
EnableWindow
CallNextHookEx
gdi32
StretchBlt
SetColorAdjustment
SetStretchBltMode
CreateCompatibleBitmap
CreateCompatibleDC
PatBlt
GetTextMetricsA
CreateFontA
GetTextColor
SetPixel
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
GetBitmapBits
SetBitmapBits
GetPixel
CreateBrushIndirect
MoveToEx
LineTo
GetBkColor
GetBkMode
SetBkColor
TextOutA
SetBkMode
SetTextColor
CreateDIBitmap
GetDIBits
CreateEllipticRgn
Rectangle
CreateFontIndirectA
ExtCreatePen
CreatePen
GetStockObject
CreateRectRgn
CombineRgn
GetObjectA
GetTextExtentPoint32A
CreateRectRgnIndirect
GetDeviceCaps
CreateSolidBrush
GetColorAdjustment
SelectObject
DeleteObject
DeleteDC
BitBlt
msimg32
AlphaBlend
advapi32
CryptHashData
RegOpenKeyExA
RegCreateKeyExA
RegEnumValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
CryptDestroyHash
RegNotifyChangeKeyValue
GetUserNameA
OpenProcessToken
OpenThreadToken
QueryServiceStatus
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle
CreateServiceA
CryptCreateHash
CryptGetHashParam
RegDeleteValueA
CryptAcquireContextA
CryptReleaseContext
RegSaveKeyA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumKeyA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
shell32
ShellExecuteA
SHAppBarMessage
SHFileOperationA
SHGetFolderPathW
SHGetFolderPathA
SHGetSpecialFolderPathA
Shell_NotifyIconA
comctl32
InitCommonControlsEx
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
_TrackMouseEvent
shlwapi
PathRenameExtensionA
PathFileExistsA
PathRemoveFileSpecA
PathAppendA
PathRemoveBackslashA
PathIsDirectoryA
PathCombineA
SHCreateStreamOnFileA
PathAddBackslashA
PathFindExtensionA
SHDeleteValueA
PathCanonicalizeA
PathMatchSpecA
PathUnquoteSpacesA
PathStripPathA
SHDeleteKeyA
ole32
CLSIDFromString
StringFromGUID2
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoInitialize
CoCreateInstance
OleRun
CoUninitialize
CreateStreamOnHGlobal
oleaut32
VariantCopy
VariantClear
VariantInit
VariantChangeType
SysStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SysAllocStringByteLen
SysAllocString
SysFreeString
SafeArrayGetVartype
OleLoadPicture
LoadTypeLi
msvcp80
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@1@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@PBD1@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??Bid@locale@std@@QAEIXZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?_Incref@facet@locale@std@@QAEXXZ
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?id@?$ctype@D@std@@2V0locale@2@A
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?allocate@?$allocator@D@std@@QAEPADI@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
??0locale@std@@QAE@XZ
?toupper@?$ctype@D@std@@QBEDD@Z
??1locale@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
imagehlp
ImageDirectoryEntryToData
wininet
InternetOpenUrlA
InternetSetOptionA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA
psapi
EnumProcesses
GetModuleFileNameExA
EnumProcessModules
userenv
UnloadUserProfile
netapi32
NetApiBufferFree
NetUserGetInfo
NetGetDCName
NetLocalGroupEnum
NetLocalGroupGetMembers
NetWkstaUserGetInfo
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
Exports
Exports
??0UserAgentManager@UserAgent@@AAE@XZ
??0UserAgentManager@UserAgent@@QAE@ABV01@@Z
??1UserAgentManager@UserAgent@@QAE@XZ
??4UserAgentManager@UserAgent@@QAEAAV01@ABV01@@Z
??_B?1??I@UserAgentManager@UserAgent@@SAPAV12@XZ@51
?I@UserAgentManager@UserAgent@@SAPAV12@XZ
?Init@UserAgentManager@UserAgent@@AAEXPAUAgentParams@2@@Z
?RemoveFree@UserAgentManager@UserAgent@@QAE_NXZ
?RemovePaid@UserAgentManager@UserAgent@@QAE_NXZ
?SetPurchased@UserAgentManager@UserAgent@@QAE_NXZ
?SetUnpurchased@UserAgentManager@UserAgent@@QAE_NXZ
?UpdateFreeVersion@UserAgentManager@UserAgent@@QAE_NXZ
?UpdatePaidVersion@UserAgentManager@UserAgent@@QAE_NXZ
?uam@?1??I@UserAgentManager@UserAgent@@SAPAV23@XZ@4V23@A
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 216KB - Virtual size: 213KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 541B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ