F:\p4_base\w_dbanz_NeroSnap_xp\NeroSnap\Bin\Release\pdb\PhotoSnap.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
cb9dbe450cef7be06bc0334b0e51eb60N.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
120 seconds
Behavioral task
behavioral2
Sample
cb9dbe450cef7be06bc0334b0e51eb60N.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
120 seconds
General
-
Target
cb9dbe450cef7be06bc0334b0e51eb60N.exe
-
Size
2.7MB
-
MD5
cb9dbe450cef7be06bc0334b0e51eb60
-
SHA1
7475e5d3f4110f818e0f4c8254f2d2a06a6a21ff
-
SHA256
ff6a1ed62a2bcef1abe1cb9f918777b074ebcc4cb2aaecd9759033342b5c1b9b
-
SHA512
25e31f1c60e28468b0906127f309e2e12fe2ffed75a4d2464a5ecd477b88c9b4a0b57ca7ab0b483bed7c304d841c749372d40015e2a91f7c713da98057fe5db3
-
SSDEEP
24576:F3iYic0C+Kpn0aqfr3JmraF4H13PBP25hKZ575:FSvC+SmTp4V35P2SZ5
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cb9dbe450cef7be06bc0334b0e51eb60N.exe
Files
-
cb9dbe450cef7be06bc0334b0e51eb60N.exe.exe windows:4 windows x86 arch:x86
af7b7378eaff89c83fead7a189c8569f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
gdiplus
GdipFree
GdipDrawImageRectI
GdipCreateFromHDC
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDeleteGraphics
mfc80u
ord709
ord602
ord2066
ord347
ord501
ord1079
ord2362
ord1270
ord5633
ord2366
ord1894
ord1058
ord894
ord860
ord2895
ord1906
ord266
ord776
ord265
ord4026
ord2311
ord3927
ord899
ord896
ord283
ord280
ord1479
ord6111
ord282
ord6700
ord762
ord774
ord1472
ord1555
ord1271
ord651
ord751
ord416
ord562
ord3319
ord1953
ord5157
ord4960
ord2396
ord5198
ord6265
ord5141
ord1342
ord1336
ord4985
ord1343
ord2030
ord2068
ord2072
ord1903
ord3981
ord5351
ord3923
ord4192
ord6010
ord1586
ord1642
ord2869
ord3671
ord6005
ord5736
ord5398
ord2461
ord4109
ord3395
ord5735
ord2472
ord1461
ord3155
ord3204
ord1925
ord4035
ord6751
ord1176
ord6749
ord3390
ord2364
ord6172
ord6171
ord1047
ord3417
ord4226
ord1536
ord2077
ord587
ord3678
ord3158
ord3570
ord4234
ord1582
ord2086
ord741
ord6061
ord5638
ord6063
ord6033
ord2255
ord2424
ord3756
ord3311
ord3543
ord620
ord3099
ord508
ord2025
ord1289
ord1785
ord1772
ord1871
ord1864
ord3659
ord6013
ord5630
ord2254
ord5884
ord2361
ord1722
ord4728
ord4205
ord3296
ord3189
ord754
ord591
ord1883
ord1781
ord2155
ord2651
ord5558
ord5524
ord5609
ord2861
ord2121
ord3842
ord3165
ord4228
ord1538
ord2080
ord4092
ord1474
ord1922
ord3322
ord2981
ord3877
ord5864
ord2589
ord3910
ord1282
ord457
ord5392
ord3547
ord721
ord977
ord524
ord4266
ord1512
ord4274
ord5208
ord1573
ord2027
ord4577
ord1318
ord526
ord3662
ord715
ord3286
ord1572
ord1634
ord287
ord1476
ord1021
ord5740
ord3400
ord2488
ord1086
ord657
ord3161
ord2935
ord2401
ord2406
ord2383
ord919
ord4227
ord1537
ord2078
ord4090
ord1475
ord1924
ord6262
ord1388
ord4502
ord3223
ord4231
ord1561
ord2082
ord4093
ord3444
ord3639
ord616
ord368
ord4258
ord4476
ord2832
ord6039
ord5930
ord2762
ord3034
ord4216
ord1913
ord5491
ord2736
ord5408
ord5588
ord5152
ord2007
ord6234
ord2615
ord2608
ord4560
ord4699
ord6227
ord4468
ord1370
ord900
ord3082
ord2012
ord2260
ord2261
ord3841
ord3050
ord3990
ord4251
ord1908
ord5416
ord313
ord2040
ord6133
ord2282
ord3289
ord5440
ord1182
ord1178
ord530
ord722
ord1189
ord6001
ord5710
ord1299
ord2167
ord747
ord559
ord3168
ord3493
ord3647
ord740
ord748
ord552
ord430
ord1954
ord4271
ord1297
ord2164
ord1895
ord5144
ord3939
ord1548
ord4014
ord2418
ord2419
ord2986
ord5352
ord941
ord4898
ord2934
ord4119
ord5007
ord5003
ord2609
ord1904
ord2237
ord1563
ord635
ord5164
ord5004
ord4294
ord5762
ord4923
ord4444
ord3070
ord5701
ord6086
ord4303
ord5203
ord4259
ord3318
ord2977
ord4237
ord1585
ord1641
ord2089
ord3875
ord3561
ord3666
ord4465
ord4466
ord732
ord544
ord4267
ord1351
ord3338
ord5147
ord3968
ord4857
ord4373
ord4378
ord4375
ord4393
ord4395
ord4380
ord4770
ord4784
ord4438
ord3734
ord5170
ord5984
ord6087
ord2035
ord4585
ord5636
ord326
ord5616
ord2626
ord5637
ord502
ord3345
ord4166
ord6140
ord3344
ord5755
ord1330
ord1959
ord458
ord4300
ord578
ord872
ord300
ord4175
ord4929
ord4854
ord3281
ord3157
ord4117
ord3995
ord3238
ord2085
ord4094
ord1946
ord2365
ord1274
ord2010
ord333
ord1386
ord4089
ord3677
ord4467
ord4475
ord5562
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord1007
ord3800
ord5579
ord2054
ord4320
ord3795
ord6272
ord4008
ord4032
ord593
ord5113
ord334
ord956
ord437
ord4025
ord5971
ord1049
ord1117
ord1121
ord3824
ord630
ord385
ord5096
ord5209
ord557
ord3315
ord745
ord5442
ord3860
ord6002
ord3858
ord284
ord288
ord1172
ord5316
ord1154
ord6282
ord1202
ord5999
ord5708
ord5712
ord2297
ord2250
ord784
ord777
ord310
ord4101
ord1782
ord1784
ord2151
ord4347
ord1416
ord3494
ord3648
ord742
ord553
ord431
ord5204
ord1896
ord4015
ord2420
ord940
ord2933
ord5008
ord1905
ord1595
ord3751
ord1198
ord1460
ord5855
ord1994
ord2136
ord2135
ord4293
ord4588
ord4272
ord5005
ord5165
ord4304
ord4261
ord4244
ord3436
ord606
ord357
ord5909
ord1338
ord4980
ord4190
ord1543
ord3636
ord1334
ord3546
ord718
ord516
ord4714
ord5207
ord4730
ord4207
ord4838
ord4861
ord4611
ord4791
ord5064
ord5066
ord5065
ord6744
ord3661
ord4184
ord5891
ord3453
ord4713
ord4904
ord4459
ord4619
ord4578
ord4458
ord4488
ord3630
ord4966
msvcr80
wcsrchr
memcpy_s
fclose
fgetws
_wfopen_s
wcsstr
fread
fopen_s
wcsncpy_s
swprintf_s
memmove_s
tolower
strncmp
fseek
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
wcstoul
wcschr
strcmp
_strupr_s
strncpy_s
_wfindfirst64
_wstat64i32
strcat_s
_vsnprintf_s
_snwprintf_s
_wassert
ftell
fprintf
isspace
isalpha
isalnum
strchr
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_recalloc
calloc
_wmakepath_s
??4exception@std@@QAEAAV01@ABV01@@Z
_wtof
abs
malloc
free
_wcsdup
sscanf_s
__RTDynamicCast
_wfindfirst64i32
_wfindnext64i32
_findclose
_wtoi
memcmp
_purecall
memcpy
swscanf_s
wcscmp
wcslen
strlen
_wcsicmp
_stricmp
_wsplitpath_s
memset
wcstok_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
_CxxThrowException
__CxxFrameHandler3
?terminate@@YAXXZ
kernel32
GetVersion
GlobalFree
LockResource
LoadResource
FindResourceW
lstrlenW
SizeofResource
GetLocaleInfoA
WinExec
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenA
GetWindowsDirectoryW
GetLocaleInfoW
GetSystemDefaultLangID
GetModuleFileNameA
GetEnvironmentVariableW
IsBadReadPtr
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetLongPathNameW
FormatMessageW
LocalFree
InterlockedDecrement
InterlockedIncrement
Sleep
WaitForSingleObject
GetCurrentDirectoryW
SetCurrentDirectoryW
ResumeThread
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteCriticalSection
FindActCtxSectionGuid
MultiByteToWideChar
LoadLibraryA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
VirtualProtect
GetCurrentProcess
GetModuleFileNameW
FreeLibrary
GetModuleHandleW
LoadLibraryW
GetProcAddress
GetLastError
GetACP
GetThreadLocale
GetVersionExA
WideCharToMultiByte
GetTickCount
SetLastError
user32
InvalidateRect
GetCapture
GetWindowRect
LoadCursorW
LoadImageW
GetClientRect
GetCursorPos
SetCapture
GetWindowLongW
PostMessageW
GetParent
GetSysColor
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
BringWindowToTop
IsWindowVisible
ReleaseCapture
SendMessageW
EnableWindow
SetCursor
GetWindow
SetWindowTextW
SetWindowLongW
MessageBeep
CopyIcon
DestroyCursor
InflateRect
DrawFocusRect
ModifyMenuW
GetDlgCtrlID
IsWindowEnabled
IsDialogMessageW
GetWindowTextW
AdjustWindowRect
GetSysColorBrush
DestroyWindow
MapDialogRect
IsRectEmpty
IsMenu
GetClassNameW
GetMenu
IsChild
WinHelpW
GetFocus
DestroyIcon
MessageBoxW
GetKeyState
SetRectEmpty
CopyRect
IsZoomed
IsIconic
GetWindowPlacement
SystemParametersInfoW
KillTimer
SetTimer
GetMenuItemID
GetMenuItemCount
AppendMenuW
DeleteMenu
CreatePopupMenu
CreateMenu
IsWindow
ShowWindow
SetWindowPos
UpdateWindow
LoadIconW
GetDesktopWindow
RedrawWindow
ScreenToClient
ClientToScreen
LoadMenuW
GetSubMenu
OffsetRect
SetRect
PtInRect
SetCursorPos
GetDC
ReleaseDC
GetSystemMetrics
InvertRect
gdi32
SelectObject
GetTextExtentPointW
SetTextJustification
TextOutW
SetDIBitsToDevice
GetTextFaceW
CreateFontW
SelectPalette
CreateDIBitmap
CreatePalette
ExtTextOutW
RealizePalette
CreateCompatibleBitmap
CreateFontIndirectW
Arc
CreateDIBSection
ExtFloodFill
SetPixel
GetPixel
CreateBitmap
GetObjectW
StretchBlt
GetDeviceCaps
CreateRectRgn
DeleteDC
DeleteObject
GetTextExtentPoint32W
GetStockObject
BitBlt
CreateCompatibleDC
advapi32
RegDeleteKeyW
RegOpenKeyW
RegCloseKey
RegQueryValueExW
RegEnumKeyW
RegOpenKeyExW
RegCreateKeyW
RegEnumKeyExW
RegOpenCurrentUser
RegQueryValueW
RegCreateKeyExW
RegQueryValueExA
RegSetValueExA
RegSetValueExW
shell32
ShellExecuteW
SHCreateDirectoryExW
SHGetFolderPathW
DragAcceptFiles
DragQueryFileW
ExtractIconExW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
DragFinish
comctl32
ord17
shlwapi
PathRemoveFileSpecW
ole32
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
IIDFromString
StringFromIID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
oleaut32
SysAllocString
SysAllocStringLen
SysFreeString
msvcp80
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
?_Xran@_String_base@std@@SAXXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?facet_Register@facet@locale@std@@CAXPAV123@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Id_cnt@id@locale@std@@0HA
??1_Lockit@std@@QAE@XZ
?id@?$ctype@_W@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
??1locale@std@@QAE@XZ
?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IABV12@@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?rbegin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$reverse_iterator@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
?rend@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$reverse_iterator@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@XZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
dbghelp
ImageDirectoryEntryToData
psapi
EnumProcessModules
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 372KB - Virtual size: 372KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 136KB - Virtual size: 133KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE