D:\a\_work\1\b\release\x64\EntPlat\EntPlat.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
95dcf7e1cbc69d19f32b87a8174965c0N.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
120 seconds
Behavioral task
behavioral2
Sample
95dcf7e1cbc69d19f32b87a8174965c0N.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
120 seconds
General
-
Target
95dcf7e1cbc69d19f32b87a8174965c0N.exe
-
Size
7.1MB
-
MD5
95dcf7e1cbc69d19f32b87a8174965c0
-
SHA1
577fe9d5af8889116c86dbce3bf35865d03b9917
-
SHA256
87cff903a621f2417577cc2b898f01e446036375628983a7decc42d70507cc81
-
SHA512
b4d19b411b44c75965408b3418b0da056d6d746260893b05771886b96b444bf8e78b06d65de7a213c5a6552a15ad8609ad58d3cf5d3590764340571963d142f8
-
SSDEEP
98304:OT6rB2xNFMkrT9ngB48m7sB9F8/Jvl/biYyESQyUi4uwptwkqiehcBPWMvVmRhT:E9pMkvy8iJacR
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 95dcf7e1cbc69d19f32b87a8174965c0N.exe
Files
-
95dcf7e1cbc69d19f32b87a8174965c0N.exe.dll windows:6 windows x64 arch:x64
719925ab1c30275a749ed82271d24a96
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
api-ms-win-core-winrt-string-l1-1-0
WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsCreateStringReference
WindowsPreallocateStringBuffer
WindowsStringHasEmbeddedNull
WindowsDeleteString
WindowsSubstringWithSpecifiedLength
WindowsGetStringLen
WindowsIsStringEmpty
WindowsConcatString
WindowsCreateString
WindowsTrimStringEnd
WindowsDeleteStringBuffer
WindowsPromoteStringBuffer
WindowsCompareStringOrdinal
WindowsReplaceString
api-ms-win-core-com-l1-1-0
GetHGlobalFromStream
CreateStreamOnHGlobal
CoCreateInstanceFromApp
CoIncrementMTAUsage
CLSIDFromString
StringFromGUID2
CoCreateFreeThreadedMarshaler
CoGetApartmentType
CoTaskMemAlloc
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CoTaskMemRealloc
CoUnmarshalInterface
CoReleaseMarshalData
CoMarshalInterface
api-ms-win-eventing-provider-l1-1-0
EventRegister
EventWriteTransfer
EventUnregister
EventSetInformation
api-ms-win-core-util-l1-1-0
DecodePointer
EncodePointer
api-ms-win-core-synch-l1-1-0
TryAcquireSRWLockShared
InitializeSRWLock
ResetEvent
CreateEventW
CreateMutexW
ReleaseMutex
DeleteCriticalSection
AcquireSRWLockShared
ReleaseSRWLockShared
WaitForSingleObjectEx
WaitForSingleObject
LeaveCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
TryAcquireSRWLockExclusive
InitializeCriticalSectionEx
EnterCriticalSection
SetEvent
api-ms-win-core-winrt-error-l1-1-0
GetRestrictedErrorInfo
RoTransformError
RoOriginateError
SetRestrictedErrorInfo
RoOriginateErrorW
api-ms-win-core-errorhandling-l1-1-0
GetLastError
RaiseException
entcommon
SetEntPlatBaseAddress
GetEntCommonBaseAddress
GetEntPlatBaseAddress
GetSingletonManager
msvcp140_app
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?width@ios_base@std@@QEBA_JXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W0@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXPEA_W00@Z
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXH@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?_Xbad_function_call@std@@YAXXZ
?_Xbad_alloc@std@@YAXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_J@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_lock
_Mtx_unlock
_Cnd_broadcast
_Cnd_wait
_Mtx_current_owns
_Cnd_timedwait
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Query_perf_counter
_Query_perf_frequency
_Xtime_get_ticks
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Xout_of_range@std@@YAXPEBD@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEBAPEA_WXZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_Xruntime_error@std@@YAXPEBD@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z
?_Getname@_Locinfo@std@@QEBAPEBDXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@HPEBD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?good@ios_base@std@@QEBA_NXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?write@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@PEB_W_J@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
_Wcsxfrm
_Wcscoll
?_Incref@facet@locale@std@@UEAAXXZ
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?id@?$collate@_W@std@@2V0locale@2@A
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?setf@ios_base@std@@QEAAHHH@Z
?setf@ios_base@std@@QEAAHH@Z
?unsetf@ios_base@std@@QEAAXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?_Syserror_map@std@@YAPEBDH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@N@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
_Thrd_sleep
??Bios_base@std@@QEBA_NXZ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??Bid@locale@std@@QEAA_KXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Cnd_init_in_situ
_Cnd_destroy_in_situ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?width@ios_base@std@@QEAA_J_J@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?widen@?$ctype@_W@std@@QEBA_WD@Z
?flags@ios_base@std@@QEBAHXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
oleaut32
VarBstrFromI4
SafeArrayLock
SafeArrayCreate
SafeArrayDestroy
SafeArrayUnlock
SafeArrayCopy
SysAllocStringLen
SysReAllocStringLen
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrCmp
VariantInit
SysStringByteLen
SafeArrayGetVartype
SysAllocStringByteLen
VariantClear
VariantCopy
SysStringLen
SysAllocString
SystemTimeToVariantTime
SafeArrayRedim
VariantTimeToSystemTime
SysFreeString
VariantChangeType
VarBstrFromUI4
concrt140_app
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IEBAXXZ
??1critical_section@Concurrency@@QEAA@XZ
??0message_not_found@Concurrency@@QEAA@XZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
??1scoped_lock@critical_section@Concurrency@@QEAA@XZ
??0scoped_lock@critical_section@Concurrency@@QEAA@AEAV12@@Z
??0critical_section@Concurrency@@QEAA@XZ
?wait@Concurrency@@YAXI@Z
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
??0?$_SpinWait@$00@details@Concurrency@@QEAA@P6AXXZ@Z
?Alloc@Concurrency@@YAPEAX_K@Z
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
??0invalid_link_target@Concurrency@@QEAA@PEBD@Z
??0bad_target@Concurrency@@QEAA@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Runtime_object@details@Concurrency@@QEAA@XZ
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPEAX@Z0@Z
??0_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@AEAV123@@Z
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QEAA@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IEAA@_K@Z
??1_Concurrent_queue_base_v4@details@Concurrency@@MEAA@XZ
?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXPEBX@Z
?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IEAA_NPEAX@Z
??1scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@XZ
??0scoped_lock_read@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
??1scoped_lock@reader_writer_lock@Concurrency@@QEAA@XZ
??0scoped_lock@reader_writer_lock@Concurrency@@QEAA@AEAV12@@Z
?unlock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock@reader_writer_lock@Concurrency@@QEAAXXZ
?lock_read@reader_writer_lock@Concurrency@@QEAAXXZ
??1reader_writer_lock@Concurrency@@QEAA@XZ
??0reader_writer_lock@Concurrency@@QEAA@XZ
?Free@Concurrency@@YAXPEAX@Z
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
??0_StructuredTaskCollection@details@Concurrency@@QEAA@PEAV_CancellationTokenState@12@@Z
?reset@event@Concurrency@@QEAAXXZ
??1event@Concurrency@@QEAA@XZ
??0event@Concurrency@@QEAA@XZ
?wait@event@Concurrency@@QEAA_KI@Z
?set@event@Concurrency@@QEAAXXZ
?_Byte_reverse_table@details@Concurrency@@3QBEB
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QEBAJXZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IEBA_NXZ
?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IEAAXXZ
vcruntime140_1_app
__CxxFrameHandler4
vcruntime140_app
memmove
memset
strstr
memcpy
_CxxThrowException
memcmp
_purecall
__std_terminate
__std_exception_destroy
__std_exception_copy
wcsstr
wcschr
wcsrchr
strchr
__C_specific_handler
__current_exception
__current_exception_context
__std_type_info_destroy_list
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_invalid_parameter_noinfo
_set_errno
_cexit
terminate
_crt_atexit
_execute_onexit_table
_register_onexit_function
abort
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_initterm
_invalid_parameter_noinfo_noreturn
api-ms-win-crt-heap-l1-1-0
realloc
_recalloc
malloc
free
_callnewh
calloc
api-ms-win-crt-time-l1-1-0
_time64
_localtime64_s
api-ms-win-crt-string-l1-1-0
iswspace
wcsspn
towlower
_wcsicoll_l
towupper
iswascii
iswprint
wcspbrk
_wcsnicmp
_wcsicmp
wcsncpy_s
wcscmp
strncmp
iswdigit
iswpunct
wmemcpy_s
wcsncmp
wcscpy_s
api-ms-win-crt-locale-l1-1-0
_create_locale
api-ms-win-crt-stdio-l1-1-0
fwrite
fread
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vfwprintf
fclose
__stdio_common_vswprintf_s
__stdio_common_vsprintf_s
fgets
_wfopen_s
__stdio_common_vsnwprintf_s
__stdio_common_vswscanf
__stdio_common_vswprintf
api-ms-win-crt-convert-l1-1-0
_ultow_s
wcstol
_itow_s
_wtoi
wcstoul
_wtoi64
_wtol
strtod
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-shcore-stream-winrt-l1-1-0
CreateStreamOverRandomAccessStream
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-string-l1-1-0
CompareStringEx
CompareStringOrdinal
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
RoActivateInstance
api-ms-win-core-localization-l1-2-0
FindNLSStringEx
FormatMessageW
LocaleNameToLCID
GetLocaleInfoEx
api-ms-win-core-rtlsupport-l1-1-0
RtlCaptureStackBackTrace
api-ms-win-core-timezone-l1-1-0
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
WakeAllConditionVariable
InitOnceBeginInitialize
InitOnceComplete
SleepConditionVariableSRW
api-ms-win-core-sysinfo-l1-1-0
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount64
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-core-handle-l1-1-0
CloseHandle
rpcrt4
NdrDllGetClassObject
NdrStubForwardingFunction
NdrStubCall3
IUnknown_QueryInterface_Proxy
NdrOleAllocate
IUnknown_AddRef_Proxy
NdrCStdStubBuffer2_Release
NdrOleFree
IUnknown_Release_Proxy
api-ms-win-core-com-midlproxystub-l1-1-0
ObjectStublessClient6
NdrProxyForwardingFunction5
NdrProxyForwardingFunction4
NdrProxyForwardingFunction3
api-ms-win-core-localization-l1-2-2
LCIDToLocaleName
api-ms-win-core-file-l1-1-0
GetFileAttributesExW
propsys
ord435
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-datetime-l1-1-1
GetTimeFormatEx
api-ms-win-core-interlocked-l1-1-0
InterlockedPushEntrySList
InitializeSListHead
api-ms-win-crt-filesystem-l1-1-0
_wstat32
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-libraryloader-l2-1-0
LoadPackagedLibrary
api-ms-win-core-libraryloader-l1-2-0
GetProcAddress
api-ms-win-core-winrt-error-l1-1-1
RoOriginateLanguageException
api-ms-win-crt-math-l1-1-0
atan2f
cos
atan2
asinf
floor
fmod
ceil
acos
log
ceilf
pow
powf
exp
sin
sqrt
sqrtf
Exports
Exports
?WarningNoSymbolsLoaded@@YAJPEB_W0@Z
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
Sections
.text Size: 4.7MB - Virtual size: 4.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.orpc Size: 512B - Virtual size: 43B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 372KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 287KB - Virtual size: 286KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 231KB - Virtual size: 230KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ