tll[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tll.exe
Size

58.1MB
MD5

843cb4454aab0b8abd25de6c9e2d8416
SHA1

07cb3a698e7e02410ffee86f96f93f7c54f656fb
SHA256

c4354a9bdef8ff999b1c73da21c2207a5c2917bbfef8fffaa099d23f77b5d519
SHA512

7614e42f44c19d6305abccd50198d8e2455471c6c60a91d4a0cbf4d44e954d19fc435448d8e0e7680ea2131c2852caf47a361cad57dd22f9de113b20abd8fb14
SSDEEP

393216:V03SSnqr4C9IlaQT/iSFpeu/VAK0KSCZvSFJ5IuW39D74bNn/tKRAU+rzLebYYdd:cAFsrgwCRsEO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tll.exe

Files

tll.exe
.exe windows:6 windows x64 arch:x64

b877749d544ff4d0cafb8a6afac70df7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\build\buildbot\code\big4final-tll-release\big4\pc\MSVS\RTM\tll.pdb

Imports

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod
timeGetDevCaps

wininet

InternetSetOptionA
InternetTimeFromSystemTime
InternetTimeToSystemTime
InternetCrackUrlA
InternetReadFile
InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
HttpQueryInfoA
InternetConnectA
InternetCreateUrlA
InternetCloseHandle

advapi32

SetEntriesInAclA
RegOpenKeyExW
RegSetKeyValueW
RegGetValueA
RegGetValueW
RegDeleteKeyExW
RegCreateKeyExW
RegCloseKey
FreeSid
SetNamedSecurityInfoA
RegQueryValueExW
AllocateAndInitializeSid
GetNamedSecurityInfoA
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
GetUserNameA
CryptAcquireContextA
CryptCreateHash

gfsdk_aftermath_lib.x64

GFSDK_Aftermath_EnableGpuCrashDumps
GFSDK_Aftermath_DX12_Initialize
GFSDK_Aftermath_SetEventMarker
GFSDK_Aftermath_DX12_CreateContextHandle
GFSDK_Aftermath_DX12_RegisterResource
GFSDK_Aftermath_DX12_UnregisterResource
GFSDK_Aftermath_GetDeviceStatus
GFSDK_Aftermath_GetPageFaultInformation
GFSDK_Aftermath_GetData

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeW

imm32

ImmDisableIME

iggy_w64_final

IggyPlayerGetUserdata
IggyPlayerDestroy
IggyPlayerCallbackResultPath
IggyValueSetBooleanRS
IggyPlayerPause
IggyValueSetS32RS
IggyMakeEventMouseMove
IggyPlayerDispatchEventRS
IggyMakeEventMouseWheel
IggyPlayerReadyToTick
IggyPlayerTickRS
IggyPlayerInitializeAndTickRS
IggyPlayerDraw
IggyValueSetStringUTF8RS
IggySetWarningCallback
IggyDebugSetLeakResultCallback
IggyInit
IggyPlayerSetDisplaySize
IggyPlayerEnableMouseProcessing
IggyPlayerCallMethodRS
IggyConfigureBool
IggyPlayerCreateFastNameUTF8
IggyValuePathMakeNameRef
IggyValueGetTypeRS
IggyValueGetBooleanRS
IggyValueGetF64RS
IggyValueGetStringUTF8RS
IggyPlayerGarbageCollect
IggySetFontCachingCalculationBuffer
IggySetAssertCallback
IggyDiscardVertexBufferCallback
IggyGDrawSendWarning
IggySetValueRefLimit
IggyGDrawFree
IggyPlayerConfigureGCBehavior
IggyGDrawMallocAnnotated
IggyPlayerSetUserdata
IggyPlayerCreateFromMemory
IggyPlayerPlay
IggyPlayerSetBitmapFontCaching
IggyLibraryCreateFromMemory
IggySetAutoGeneratedInstancesIndex
IggyLibraryDestroy
IggyPlayerRootPath
IggyGetAutoGeneratedInstancesIndex
IggyValueSetValueRefRS
IggyValuePathSetArrayIndex
IggyValuePathMakeArrayRef
IggyValuePathFromRef
IggyValueRefCreateArray
IggyValueSetF64RS
IggyValueSetF32RS
IggyValueSetU32RS
IggyValueRefFree
IggyFontSetIndirectUTF8
IggyShutdown
IggySetGDraw
IggySetAS3ExternalProfileFunctionCallback
IggySetTextureSubstitutionCallbacksUTF8
IggyForceBitmapSmoothing
IggyFastTextFilterEffects
IggySetAS3ExternalFunctionCallbackUTF8
IggySetTraceCallbackUTF8

cuesdk.x64_2017

CorsairRequestControl
CorsairReleaseControl
CorsairSetLedsColorsAsync
CorsairSubscribeForEvents
CorsairPerformProtocolHandshake
CorsairGetLedPositions
CorsairGetLastError
CorsairSetLayerPriority

bink2w64

BinkSetSoundSystem
BinkShouldSkip
BinkCopyToBuffer
BinkOpenDirectSound
BinkSetOSFileCallbacks
BinkSetFrameRate
BinkStartAsyncThread
BinkGoto
BinkGetSummary
BinkSetVolume
BinkDoFrameAsync
BinkDoFrameAsyncWait
BinkWaitStopAsyncThread
BinkClose
BinkWait
BinkNextFrame
BinkRequestStopAsyncThread
BinkOpen
BinkDoFrame

xinput1_4

ord3
ord2
ord4

bcrypt

BCryptFinishHash
BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptCloseAlgorithmProvider
BCryptHashData
BCryptDestroyHash
BCryptGetProperty

gfesdk

NVGSDK_Highlights_OpenGroupAsync
NVGSDK_Highlights_SetScreenshotHighlightAsync
NVGSDK_Highlights_ConfigureAsync
NVGSDK_RequestPermissionsAsync
NVGSDK_Create
NVGSDK_Highlights_SetVideoHighlightAsync
NVGSDK_Highlights_OpenSummaryAsync

amd_ags_x64

agsDeInitialize
agsInitialize

oo2core_9_win64

OodleCore_Plugins_SetAllocators
OodleLZ_Decompress
OodleLZDecoder_MemorySizeNeeded

psnaccountlinking

StopAccountLinkingPoll
Init
SetUserStateChangeCallback
SetOutput
InitiateAccountLinkingPoll
Deregister
SetAuthorizationCallback
OpenRegistrationPage
GetUserPSNAccountID
ScaleRegistrationQR
Shutdown

steam_api64

SteamAPI_GetHSteamUser
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
SteamAPI_Init
SteamAPI_Shutdown
SteamAPI_RunCallbacks
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback

ws2_32

inet_ntoa
getaddrinfo
freeaddrinfo
WSAGetLastError
WSACleanup
WSAStartup
gethostbyname
gethostbyaddr
socket
shutdown
setsockopt
sendto
send
select
recvfrom
WSAAsyncSelect
ntohs
ntohl
listen
inet_addr
htons
htonl
getsockopt
getpeername
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
gethostname
recv

kernel32

CreateEventW
CreateSemaphoreW
TerminateThread
WaitForSingleObjectEx
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
GlobalAlloc
ReleaseSemaphore
GetModuleHandleExA
CreateProcessW
GetStdHandle
GetFullPathNameW
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
lstrcmpA
SetLastError
GetFileAttributesW
GetSystemDirectoryW
FlushFileBuffers
RemoveDirectoryA
SetFilePointerEx
GetFileInformationByHandle
SetEndOfFile
WriteFileEx
SleepEx
ReadFileEx
WriteConsoleA
FormatMessageW
TlsAlloc
TlsFree
CancelIoEx
VirtualQuery
RtlCaptureContext
GetCurrentProcess
LoadLibraryW
TlsSetValue
MoveFileExA
GetFileSizeEx
SetConsoleTextAttribute
SetConsoleMode
GetConsoleMode
InitializeCriticalSectionAndSpinCount
CreateSemaphoreA
RaiseException
CreateThread
GetCurrentThreadId
GetExitCodeThread
GetFullPathNameA
ReleaseMutex
CreateMutexA
SetConsoleWindowInfo
SetConsoleCursorInfo
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
SetStdHandle
SetConsoleTitleA
AllocConsole
HeapAlloc
SetFilePointer
CreateDirectoryW
CreateFileW
SetFileTime
WriteFile
DeleteFileA
ReadFile
GetFileSize
GetFileTime
CreateFileA
HeapFree
GetProcessHeap
MoveFileA
FindNextFileW
FindFirstFileW
FindClose
FindNextFileA
FindFirstFileA
CreateDirectoryA
GetFileAttributesExA
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesA
OpenThread
GetThreadPriority
SetWaitableTimer
CreateWaitableTimerA
GetDiskFreeSpaceA
SetFileInformationByHandle
OutputDebugStringW
GetSystemTimeAsFileTime
LocalAlloc
FormatMessageA
LocalFree
GetNumberFormatA
SystemTimeToFileTime
GetSystemTime
CreateEventExA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetTempPathA
CreateProcessA
CreateEventA
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
GetOverlappedResult
QueryPerformanceFrequency
FlsGetValue
FlsSetValue
FlsAlloc
FlsFree
VirtualFree
VirtualAlloc
SetThreadAffinityMask
ConvertThreadToFiber
CreateFiberEx
ConvertFiberToThread
DeleteFiber
SwitchToFiber
SetThreadDescription
GetThreadId
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThread
SwitchToThread
Sleep
WaitForSingleObject
CloseHandle
GetConsoleWindow
GetLastError
GetModuleHandleA
TlsGetValue
WideCharToMultiByte
GetModuleFileNameA
GlobalMemoryStatusEx
GetUserDefaultLocaleName
LocalSize
ExitThread
WaitForMultipleObjects
SetEvent
ResetEvent
MultiByteToWideChar
GetSystemInfo
LoadLibraryA
GetProcAddress
FreeLibrary
IsDebuggerPresent
OutputDebugStringA
GetTimeZoneInformation

user32

EnumDisplaySettingsA
GetWindowThreadProcessId
MessageBoxA
EnumDisplayMonitors
EnumDisplayDevicesA
GetSystemMetrics
SendMessageA
GetForegroundWindow
ClipCursor
GetRawInputData
ClientToScreen
ScreenToClient
GetCursorPos
GetKeyboardState
DispatchMessageA
GetCapture
PeekMessageA
ShowCursor
RegisterRawInputDevices
GetClientRect
GetWindowRect
CreateWindowExA
AdjustWindowRect
RegisterClassExA
LoadCursorA
LoadIconA
GetKeyboardLayout
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
GetWindowDpiAwarenessContext
GetAwarenessFromDpiAwarenessContext
GetDpiForSystem
MessageBoxW
PostQuitMessage
TranslateMessage
DefWindowProcA
SetForegroundWindow
ShowWindow
MoveWindow
SetWindowLongPtrA
GetMonitorInfoA
SetCursorPos
MonitorFromWindow
IsWindowVisible

shell32

SHCreateItemFromParsingName
SHGetKnownFolderPath

ole32

CoUninitialize
PropVariantClear
StringFromGUID2
CoCreateInstance
CoCreateGuid
CoInitializeEx
CoTaskMemFree

api-ms-win-shcore-scaling-l1-1-1

SetProcessDpiAwareness

msvcp140

?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_Incref@facet@locale@std@@UEAAXXZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Xlength_error@std@@YAXPEBD@Z
?sync_with_stdio@ios_base@std@@SA_N_N@Z
?_Xbad_function_call@std@@YAXXZ
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
_Xtime_get_ticks
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getdays@_Locinfo@std@@QEBAPEBDXZ
?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc

d3d12

D3D12SerializeRootSignature
D3D12SerializeVersionedRootSignature
ord102
ord101

dxgi

CreateDXGIFactory2
DXGIGetDebugInterface1

dbghelp

SymFunctionTableAccess64
SymGetModuleBase64
StackWalk64
SymGetSymFromAddr64
SymSetParentWindow
SymRegisterCallback64
SymGetSearchPath
SymGetLineFromAddr64
SymSetSearchPath
SymInitialize
SymSetOptions
SymGetOptions

shlwapi

PathFileExistsW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo

crypt32

CertGetNameStringW
CryptVerifyMessageSignature
CertFreeCertificateContext

wintrust

WinVerifyTrust

imagehlp

ImageGetCertificateHeader
ImageEnumerateCertificates
ImageGetCertificateData

vcruntime140

_purecall
strrchr
strstr
strchr
__std_exception_destroy
__std_exception_copy
memset
wcsstr
memcpy
wcsrchr
memcmp
_CxxThrowException
memmove
__C_specific_handler
__std_type_info_destroy_list
__RTDynamicCast
__CxxFrameHandler3
__std_terminate

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
realloc
free
malloc
_set_new_mode
_aligned_free
calloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
fseek
fwrite
__stdio_common_vfprintf_s
clearerr
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
ungetc
ferror
_fseeki64
_ftelli64
fopen_s
__stdio_common_vsscanf
fopen
feof
fgetc
fclose
ftell
__stdio_common_vswscanf
_set_fmode
fgets
__p__commode
fread
_wfsopen
putc
__stdio_common_vswprintf
_wfopen_s
_open_osfhandle
setvbuf
fflush
fputs
__stdio_common_vsprintf_s

api-ms-win-crt-string-l1-1-0

strncat
isxdigit
isspace
strncmp
wcscpy_s
strcmp
strpbrk
tolower
wcsncpy_s
strncpy_s
wcstok
strcpy_s
wcsncpy
isdigit
strcat_s
_strnicmp
isalpha
strtok
_wcsnicmp
_wcsicmp
_stricmp
strncpy
wcscat_s
_wcsdup
isgraph
wcscmp
_wcslwr
strtok_s
toupper
isprint
strnlen
wcsncmp
isalnum
iswspace

api-ms-win-crt-runtime-l1-1-0

strerror
__p___argc
__p___argv
_endthreadex
_errno
_register_thread_local_exe_atexit_callback
_c_exit
strerror_s
_exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_invalid_parameter_noinfo
exit
_beginthread
_beginthreadex
_invalid_parameter_noinfo_noreturn
abort
_endthread
_set_invalid_parameter_handler

api-ms-win-crt-convert-l1-1-0

strtoull
wcstombs_s
wcstombs
atoi
strtol
mbstowcs
atol
_strtoi64
wcstod
strtod
atof
strtoul
_atoi64

api-ms-win-crt-utility-l1-1-0

rand
bsearch
qsort

api-ms-win-crt-filesystem-l1-1-0

_waccess
_wremove
remove
_mkdir
rename

api-ms-win-crt-time-l1-1-0

_gmtime64
_localtime64
_localtime64_s
_gmtime64_s
_mktime64
_mkgmtime64
_ctime64
_time64
strftime

api-ms-win-crt-math-l1-1-0

modff
floorf
copysignf
_fdopen
tanf
frexp
acosf
asinf
log10f
atan2f
cosf
ldexp
_fdtest
log10
log2f
exp2f
fmod
powf
truncf
round
atanf
lroundf
expf
roundf
sqrt
sqrtf
sin
sinhf
cos
fmodf
pow
floor
atan2
sinf
ceilf
logf
__setusermatherr

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

hid

HidP_GetCaps
HidD_GetAttributes
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidD_GetFeature
HidD_SetFeature
HidD_GetManufacturerString
HidD_GetProductString
HidD_GetSerialNumberString
HidP_GetValueCaps

Exports

Exports

NVSDK_NGX_D3D12_AllocateParameters
NVSDK_NGX_D3D12_CreateFeature
NVSDK_NGX_D3D12_DestroyParameters
NVSDK_NGX_D3D12_EvaluateFeature
NVSDK_NGX_D3D12_EvaluateFeature_C
NVSDK_NGX_D3D12_GetCapabilityParameters
NVSDK_NGX_D3D12_GetParameters
NVSDK_NGX_D3D12_GetScratchBufferSize
NVSDK_NGX_D3D12_ReleaseFeature
NVSDK_NGX_D3D12_Shutdown
NVSDK_NGX_D3D12_Shutdown1
NVSDK_NGX_Parameter_GetD
NVSDK_NGX_Parameter_GetD3d11Resource
NVSDK_NGX_Parameter_GetD3d12Resource
NVSDK_NGX_Parameter_GetF
NVSDK_NGX_Parameter_GetI
NVSDK_NGX_Parameter_GetUI
NVSDK_NGX_Parameter_GetULL
NVSDK_NGX_Parameter_GetVoidPointer
NVSDK_NGX_Parameter_SetD
NVSDK_NGX_Parameter_SetD3d11Resource
NVSDK_NGX_Parameter_SetD3d12Resource
NVSDK_NGX_Parameter_SetF
NVSDK_NGX_Parameter_SetI
NVSDK_NGX_Parameter_SetUI
NVSDK_NGX_Parameter_SetULL
NVSDK_NGX_Parameter_SetVoidPointer
ffxFsr2ContextCreate
ffxFsr2ContextDestroy
ffxFsr2ContextDispatch
ffxFsr2ContextGenerateReactiveMask
ffxFsr2GetInterfaceDX12
ffxFsr2GetJitterOffset
ffxFsr2GetJitterPhaseCount
ffxFsr2GetRenderResolutionFromQualityMode
ffxFsr2GetScratchMemorySizeDX12
ffxFsr2GetUpscaleRatioFromQualityMode
ffxFsr2ResourceIsNull
ffxGetCommandListDX12
ffxGetDX12ResourcePtr
ffxGetDeviceDX12
ffxGetResourceDX12

Sections

.text
Size: 37.9MB - Virtual size: 37.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.0MB - Virtual size: 10.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7.6MB - Virtual size: 61.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 606KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bind
Size: 202KB - Virtual size: 204KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b877749d544ff4d0cafb8a6afac70df7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

wininet

advapi32

gfsdk_aftermath_lib.x64

version

imm32

iggy_w64_final

cuesdk.x64_2017

bink2w64

xinput1_4

bcrypt

gfesdk

amd_ags_x64

oo2core_9_win64

psnaccountlinking

steam_api64

ws2_32

kernel32

user32

shell32

ole32

api-ms-win-shcore-scaling-l1-1-1

msvcp140

d3d12

dxgi

dbghelp

shlwapi

setupapi

crypt32

wintrust

imagehlp

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

hid

Exports

Exports

Sections

.text Size: 37.9MB - Virtual size: 37.9MB

.rdata Size: 10.0MB - Virtual size: 10.0MB

.data Size: 7.6MB - Virtual size: 61.8MB

.pdata Size: 1.4MB - Virtual size: 1.4MB

_RDATA Size: 53KB - Virtual size: 56KB

.rsrc Size: 606KB - Virtual size: 608KB

.reloc Size: 316KB - Virtual size: 316KB

.bind Size: 202KB - Virtual size: 204KB

.text
Size: 37.9MB - Virtual size: 37.9MB

.rdata
Size: 10.0MB - Virtual size: 10.0MB

.data
Size: 7.6MB - Virtual size: 61.8MB

.pdata
Size: 1.4MB - Virtual size: 1.4MB

_RDATA
Size: 53KB - Virtual size: 56KB

.rsrc
Size: 606KB - Virtual size: 608KB

.reloc
Size: 316KB - Virtual size: 316KB

.bind
Size: 202KB - Virtual size: 204KB