D:\a\_work\1\b\PaintApp\mspaint.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
883e0c5cdaa2bfc3464640c311950250N.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
120 seconds
Behavioral task
behavioral2
Sample
883e0c5cdaa2bfc3464640c311950250N.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
120 seconds
General
-
Target
883e0c5cdaa2bfc3464640c311950250N
-
Size
4.3MB
-
MD5
883e0c5cdaa2bfc3464640c311950250
-
SHA1
8469f572543d1ea62679dca50a6e1e0c996c7f9d
-
SHA256
2cb0cf02a630d8d3aed4387e6121163916779c2336b3abf8271794bf4e7904cb
-
SHA512
8a96d5096124220bed24aa279e11a1caaa163833fcd6670139cc2c23818fd09fc2e71e54f67686b940e651245b07a85b47557ca88673a12b4b4201d767f8c77a
-
SSDEEP
98304:SR6PPLI+mgRQNEHI+Rgp0BsY7TyGFJXfg:z8TgR7oObBs4yGFJXf
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 883e0c5cdaa2bfc3464640c311950250N
Files
-
883e0c5cdaa2bfc3464640c311950250N.exe windows:6 windows x64 arch:x64
22a95e508a04134b0b34e89a1ecd7ff3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
api-ms-win-core-com-l1-1-0
CoTaskMemFree
StringFromCLSID
CoGetApartmentType
CoGetObjectContext
CLSIDFromString
FreePropVariantArray
CoTaskMemAlloc
CreateStreamOnHGlobal
GetHGlobalFromStream
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoCreateInstance
PropVariantClear
api-ms-win-core-errorhandling-l1-1-0
GetLastError
SetErrorMode
SetLastError
RaiseException
api-ms-win-core-heap-l2-1-0
GlobalFree
LocalAlloc
LocalFree
GlobalAlloc
api-ms-win-core-file-l1-2-2
FindNextStreamW
AreFileApisANSI
FindFirstStreamW
api-ms-win-core-file-l1-1-0
GetFileAttributesW
GetFileTime
WriteFile
SetFileAttributesW
GetFullPathNameW
ReadFile
SetEndOfFile
FindClose
SetFileTime
GetFileSize
FileTimeToLocalFileTime
DeleteFileW
FindFirstFileW
CreateFileW
GetFileSizeEx
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-handle-l1-1-0
CloseHandle
oleaut32
SysStringLen
SetErrorInfo
GetErrorInfo
SysAllocString
VariantInit
SysFreeString
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
IsDebuggerPresent
DebugBreak
api-ms-win-core-processthreads-l1-1-0
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-core-localization-l1-2-0
GetThreadLocale
GetLocaleInfoEx
GetLocaleInfoW
FormatMessageW
FormatMessageA
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemInfo
GetTickCount64
api-ms-win-core-sysinfo-l1-2-0
VerSetConditionMask
api-ms-win-core-file-l1-2-0
GetTempPathW
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-psapi-l1-1-0
QueryFullProcessImageNameW
api-ms-win-core-file-l2-1-0
MoveFileExW
api-ms-win-core-file-l2-1-2
CopyFileW
api-ms-win-core-registry-l1-1-0
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
api-ms-win-core-libraryloader-l1-2-0
GetModuleFileNameA
LoadLibraryExA
GetProcAddress
GetModuleHandleW
FreeLibrary
GetModuleHandleExW
api-ms-win-core-synch-l1-1-0
CreateSemaphoreExW
ReleaseSemaphore
OpenSemaphoreW
CreateMutexExW
InitializeCriticalSectionEx
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
DeleteCriticalSection
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
HeapAlloc
api-ms-win-core-util-l1-1-0
EncodePointer
api-ms-win-core-string-l1-1-0
WideCharToMultiByte
MultiByteToWideChar
propsys
PSGetPropertyDescriptionListFromString
PropVariantToStringVectorAlloc
dwmapi
DwmDefWindowProc
DwmSetWindowAttribute
api-ms-win-ntuser-sysparams-l1-1-0
GetMonitorInfoW
GetSystemMetrics
api-ms-win-core-heap-obsolete-l1-1-0
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalSize
api-ms-win-core-kernel32-legacy-l1-1-1
VerifyVersionInfoW
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
lstrlenW
api-ms-win-core-com-l2-1-1
WriteClassStg
api-ms-win-core-largeinteger-l1-1-0
MulDiv
api-ms-win-shcore-stream-winrt-l1-1-0
CreateStreamOverRandomAccessStream
CreateRandomAccessStreamOverStream
api-ms-win-security-provider-l1-1-0
GetNamedSecurityInfoW
SetNamedSecurityInfoW
api-ms-win-core-memory-l1-1-0
VirtualProtect
VirtualQuery
reporting
?SendBackgroundRemovalProcessPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@II@Z
?SendBackgroundRemovalProcessPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@_N@Z
?SendCertGenerationPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@XZ
?SendDrawShapeOperation@TraceOperationLogger@Telemetry@Paint@@YAXIIKW4ToolMedia@3@K0@Z
?GetInstance@TraceLogger@Telemetry@Paint@@SAAEBV123@XZ
?SendFailureEvent@TraceLogger@Telemetry@Paint@@QEBAXAEBUhstring@winrt@@AEBUhresult@5@@Z
?SendErrorEvent@TraceLogger@Telemetry@Paint@@QEBAXAEBUhstring@winrt@@V?$function@$$A6AXAEAULoggingFields@Diagnostics@Foundation@Windows@winrt@@@Z@std@@@Z
?SendDrawOperation@TraceOperationLogger@Telemetry@Paint@@YAXIIKK@Z
?GetInstance@TracePerformanceLogger@Telemetry@Paint@@SAAEBV123@XZ
?SendCertGenerationPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@_N@Z
?SendCommitToolPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@I@Z
?SendCommandPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@@Z
?SendCommitToolPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@@Z
?SendBackgroundRemovalInitPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@AEBUhstring@winrt@@_N@Z
?SendResizeOperation@TraceOperationLogger@Telemetry@Paint@@YAXW4OperationTarget@23@@Z
?SendSelectToolPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@I@Z
?SendSelectToolPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@@Z
?SendImageSavePerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@XZ
?SendImageSavePerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@_N11@Z
?SendOperationEvent@TraceLogger@Telemetry@Paint@@QEBAXW4OperationName@23@V?$function@$$A6AXAEAULoggingFields@Diagnostics@Foundation@Windows@winrt@@@Z@std@@@Z
?TrySetCorrelationVector@CorrelationVectorFactory@Telemetry@Paint@@YA_NAEBUhstring@winrt@@@Z
?SendImageOpenPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@XZ
?SendImageOpenPerformanceComplete@TracePerformanceLogger@Telemetry@Paint@@QEBAXAEBU_GUID@@@Z
?SendEndPreviewShapeOperation@TraceOperationLogger@Telemetry@Paint@@YAXW4PreviewType@3@@Z
?SendAppStartStateEvent@TraceLogger@Telemetry@Paint@@QEBAX_N00AEBUhstring@winrt@@00@Z
?SendTextOperation@TraceOperationLogger@Telemetry@Paint@@YAXW4TextAction@3@_N@Z
?SendCanvasInteraction@TraceOperationLogger@Telemetry@Paint@@YAXW4CanvasInteraction@23@@Z
?SendCommandEvent@TraceLogger@Telemetry@Paint@@QEBAXW4PaintCommand@PaintUI@winrt@@W4PaintCommandOrigin@56@V?$function@$$A6AXAEAULoggingFields@Diagnostics@Foundation@Windows@winrt@@@Z@std@@@Z
?GetCurrentCV@CorrelationVectorFactory@Telemetry@Paint@@YA?AUhstring@winrt@@XZ
?SendSelectOperation@TraceOperationLogger@Telemetry@Paint@@YAXW4SelectionType@3@_NAEBUtagSIZE@@@Z
?SendSkewOperation@TraceOperationLogger@Telemetry@Paint@@YAXW4OperationTarget@23@_N@Z
?SendCommandPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@W4PaintCommand@PaintUI@winrt@@@Z
?SendStartPreviewShapeOperation@TraceOperationLogger@Telemetry@Paint@@YAXW4PreviewType@3@W4ToolMedia@3@@Z
?SendBackgroundRemovalInitPerformanceStart@TracePerformanceLogger@Telemetry@Paint@@QEBA?BU_GUID@@AEBUhstring@winrt@@@Z
mfc140u
ord7222
ord13956
ord11757
ord11817
ord2223
ord2358
ord5886
ord2495
ord894
ord7116
ord2170
ord5676
ord3731
ord11921
ord11929
ord11933
ord11901
ord12606
ord5555
ord9941
ord6614
ord2011
ord1665
ord5971
ord5401
ord9835
ord10124
ord7920
ord14216
ord4445
ord12213
ord12608
ord12609
ord2931
ord1844
ord13586
ord2273
ord13545
ord2194
ord1360
ord865
ord1450
ord983
ord7393
ord9842
ord5706
ord1410
ord941
ord5674
ord12782
ord12176
ord5512
ord10861
ord10128
ord6260
ord5750
ord10703
ord8730
ord12769
ord3964
ord6118
ord877
ord8866
ord13758
ord7541
ord9114
ord13761
ord2311
ord10202
ord4585
ord1667
ord10961
ord10717
ord10670
ord5391
ord10934
ord3801
ord3310
ord9968
ord10882
ord11102
ord11175
ord9180
ord9095
ord11178
ord5262
ord9825
ord11096
ord8878
ord12215
ord9947
ord5090
ord5937
ord11215
ord6115
ord12369
ord1880
ord5973
ord6704
ord5541
ord9670
ord11432
ord9054
ord10828
ord10827
ord10412
ord10123
ord5190
ord5197
ord14132
ord11776
ord9175
ord10941
ord8891
ord8772
ord2779
ord13697
ord8093
ord2511
ord7395
ord2767
ord13023
ord12100
ord12341
ord4549
ord3728
ord5554
ord9942
ord8913
ord9843
ord9848
ord9098
ord5981
ord5408
ord3739
ord11675
ord2345
ord1682
ord2864
ord1687
ord14235
ord2810
ord2795
ord1047
ord345
ord3532
ord1367
ord864
ord4462
ord4459
ord4461
ord1039
ord323
ord2342
ord10027
ord13469
ord12267
ord12240
ord3947
ord2269
ord12635
ord2357
ord320
ord14148
ord2663
ord12467
ord12256
ord10960
ord10716
ord10668
ord1364
ord861
ord7219
ord7355
ord9845
ord7096
ord280
ord4181
ord9168
ord11751
ord2615
ord7518
ord9270
ord10804
ord10967
ord10964
ord2627
ord4588
ord7114
ord10694
ord2187
ord1379
ord891
ord7362
ord5916
ord6619
ord5240
ord10093
ord11184
ord4443
ord3723
ord5189
ord11484
ord11489
ord9043
ord8521
ord5743
ord11119
ord5726
ord13358
ord5727
ord13360
ord1766
ord12142
ord5917
ord4873
ord4872
ord8095
ord7912
ord13322
ord363
ord14227
ord13617
ord8063
ord8501
ord11763
ord11859
ord4353
ord2510
ord13351
ord5722
ord11784
ord8904
ord10548
ord11323
ord4726
ord13199
ord8928
ord8993
ord4725
ord3081
ord1129
ord502
ord7245
ord6879
ord4947
ord9739
ord11435
ord8604
ord8614
ord10199
ord9217
ord11229
ord9677
ord9205
ord9215
ord9200
ord10968
ord10965
ord8003
ord11770
ord6630
ord2628
ord11805
ord8917
ord11813
ord10704
ord11085
ord3951
ord3308
ord3307
ord6000
ord13397
ord2697
ord11854
ord5755
ord8901
ord6285
ord1492
ord1490
ord5168
ord10835
ord10807
ord9738
ord13864
ord5212
ord13136
ord4335
ord8702
ord6098
ord6074
ord7551
ord6090
ord3952
ord6006
ord1121
ord489
ord4946
ord2350
ord10811
ord5152
ord1381
ord896
ord2307
ord2346
ord2344
ord1382
ord1446
ord979
ord8731
ord10163
ord2686
ord13767
ord3071
ord1089
ord448
ord7893
ord6002
ord13401
ord3212
ord3209
ord7913
ord2698
ord14360
ord9976
ord9978
ord9977
ord9975
ord9979
ord5451
ord11414
ord11415
ord8830
ord11771
ord3718
ord11625
ord14209
ord8656
ord11902
ord6729
ord10691
ord8947
ord3173
ord13513
ord11944
ord11940
ord1700
ord1722
ord1748
ord1734
ord1755
ord4776
ord4843
ord4788
ord4806
ord4800
ord4794
ord4853
ord4837
ord4782
ord4859
ord4814
ord4752
ord4767
ord4828
ord4360
ord9384
ord4352
ord2967
ord14211
ord7651
ord14217
ord6631
ord11406
ord13354
ord5723
ord2629
ord11806
ord3812
ord8568
ord5668
ord11081
ord3993
ord897
ord3279
ord3278
ord266
ord11850
ord5080
ord5363
ord5552
ord9041
ord5339
ord265
ord5582
ord8507
ord9158
ord5083
ord5229
ord3517
ord3992
ord3989
ord8161
ord7389
ord7173
ord8409
ord1670
ord5709
ord285
ord2921
ord10121
ord13116
ord11662
ord11663
ord2821
ord6122
ord7712
ord3334
ord5062
ord7460
ord3333
ord8431
ord12350
ord1847
ord7461
ord5969
ord5399
ord8170
ord5749
ord8902
ord6578
ord8167
ord8084
ord12544
ord8023
ord5183
ord7450
ord5227
ord2439
ord12222
ord12223
ord14210
ord7650
ord9089
ord4011
ord3949
ord12625
ord7922
ord9946
ord7668
ord11665
ord8900
ord14088
ord12212
ord3713
ord7719
ord3172
ord2316
ord14288
ord6121
ord14290
ord6123
ord1491
ord1489
ord438
ord1086
ord2473
ord1033
ord488
ord1120
ord1503
ord296
ord1454
ord990
ord7394
ord7182
ord6505
ord6542
ord3825
ord1452
ord985
ord8544
ord4357
ord2514
ord2212
ord3742
ord12765
ord4722
ord12746
ord2475
ord6320
ord3756
ord2270
ord6247
ord4721
ord3051
ord4878
ord12559
ord2222
ord8452
kernel32
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadResource
FindResourceExW
LockResource
SizeofResource
RegisterApplicationRestart
Sleep
ApplicationRecoveryFinished
CreateThread
ApplicationRecoveryInProgress
RegisterApplicationRecoveryCallback
GetTempFileNameW
FileTimeToSystemTime
CompareFileTime
SystemTimeToFileTime
GetSystemTime
SetEvent
CompareStringOrdinal
CreateEventExW
LoadLibraryExW
GetCurrentPackageFullName
ParseApplicationUserModelId
GetCurrentApplicationUserModelId
GetStartupInfoW
Process32NextW
Process32FirstW
GlobalAddAtomW
CreateToolhelp32Snapshot
GlobalDeleteAtom
user32
SetProcessDefaultLayout
GetClientRect
SetWindowLongPtrW
PostQuitMessage
IsWindowVisible
GetWindowRect
LoadIconW
GetClassInfoW
DestroyMenu
RegisterClipboardFormatW
GetWindowThreadProcessId
MonitorFromRect
ScreenToClient
GetCursorPos
DestroyCursor
SetCursor
NotifyWinEvent
SetWindowTextW
SetDlgItemTextW
SendDlgItemMessageW
GetWindowLongPtrW
SetDlgItemInt
CheckDlgButton
GetDlgItem
DestroyWindow
SendMessageW
SetActiveWindow
GetParent
PostMessageW
RemoveMenu
GetSystemMenu
LoadCursorW
UpdateWindow
PeekMessageW
InvalidateRect
SetPropW
OffsetRect
GetKeyState
SetRectEmpty
IsRectEmpty
KillTimer
SetTimer
UnionRect
SetRect
InflateRect
CopyRect
FillRect
IsClipboardFormatAvailable
EnableWindow
IntersectRect
GetDC
GetDlgItemInt
ReleaseDC
SetWindowPos
GetDpiForWindow
GetSystemMetricsForDpi
SetClassLongPtrW
MonitorFromWindow
IsMenu
SetCursorPos
SendInput
GetWindowLongW
SetFocus
DeleteMenu
DefWindowProcW
IsWindow
CreateWindowExW
GetMessageW
TranslateMessage
DispatchMessageW
MoveWindow
RegisterClassExW
AdjustWindowRectExForDpi
IsIconic
PtInRect
LoadImageW
gdi32
EndDoc
SetWorldTransform
SetGraphicsMode
StretchBlt
Rectangle
SetLayout
GetLayout
GetStockObject
AbortDoc
LPtoDP
EndPage
StartPage
DPtoLP
StartDocW
SetAbortProc
CreateDCW
CreateDIBitmap
CreateBitmap
SelectObject
CreateCompatibleDC
CreateDIBSection
GetDIBits
DeleteObject
DeleteDC
CreateCompatibleBitmap
SaveDC
SetMapMode
GetObjectW
GetDeviceCaps
RestoreDC
CreateSolidBrush
SetViewportExtEx
PlayMetaFile
SetStretchBltMode
BitBlt
RealizePalette
CreatePalette
comdlg32
GetFileTitleW
PrintDlgExW
GetOpenFileNameW
winspool.drv
OpenPrinterW
GetJobW
advapi32
RegDeleteKeyW
EncryptFileW
DecryptFileW
DuplicateEncryptionInfoFile
EventSetInformation
EventRegister
EventUnregister
EventWriteTransfer
RegGetValueW
RegSetKeyValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
shell32
SHChangeNotify
DragQueryFileW
DragFinish
SHGetKnownFolderPath
SHCreateItemFromParsingName
ord75
SHGetSpecialFolderPathW
SHAddToRecentDocs
ord165
DragAcceptFiles
shlwapi
PathFileExistsW
PathFindFileNameW
PathStripPathW
ord12
ole32
OleGetClipboard
WriteFmtUserTypeStg
CoWaitForMultipleHandles
CoCreateFreeThreadedMarshaler
ReleaseStgMedium
msvcp140
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?good@ios_base@std@@QEBA_NXZ
?uncaught_exceptions@std@@YAHXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Incref@facet@locale@std@@UEAAXXZ
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
_Mbrtowc
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Xbad_alloc@std@@YAXXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$numpunct@_W@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xbad_function_call@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??Bios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
_Thrd_yield
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Xlength_error@std@@YAXPEBD@Z
concrt140
?_Trace_ppl_function@Concurrency@@YAXAEBU_GUID@@EW4ConcRT_EventType@1@@Z
??0_Cancellation_beacon@details@Concurrency@@QEAA@XZ
??1_Cancellation_beacon@details@Concurrency@@QEAA@XZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QEBA_NXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QEAA?AW4_TaskCollectionStatus@23@PEAV_UnrealizedChore@23@@Z
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?Free@Concurrency@@YAXPEAX@Z
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IEAAXXZ
??1_StructuredTaskCollection@details@Concurrency@@QEAA@XZ
?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QEAAXPEAV_UnrealizedChore@23@@Z
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QEAA_NXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QEAA_NXZ
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcmp
__RTDynamicCast
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_terminate
__std_type_info_compare
memcpy
memmove
__current_exception_context
__current_exception
memset
__C_specific_handler
_purecall
api-ms-win-crt-runtime-l1-1-0
abort
_invalid_parameter_noinfo
_errno
__p___wargv
_seh_filter_exe
_invalid_parameter_noinfo_noreturn
_configure_wide_argv
__p___argc
_set_app_type
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_wide_environment
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
terminate
_exit
exit
_initterm_e
_initterm
_get_wide_winmain_command_line
api-ms-win-crt-string-l1-1-0
_wcsicmp
strcpy_s
_wcsdup
wcsncpy_s
iswspace
wcscpy_s
wcscat_s
api-ms-win-crt-convert-l1-1-0
wcstoul
wcstol
api-ms-win-crt-math-l1-1-0
sqrtf
ceilf
roundf
_ldsign
_dsign
_fdsign
__setusermatherr
floorf
round
tan
tanf
api-ms-win-crt-stdio-l1-1-0
__p__commode
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf
_set_fmode
__stdio_common_vsprintf_s
api-ms-win-crt-heap-l1-1-0
free
calloc
_set_new_mode
malloc
api-ms-win-crt-utility-l1-1-0
rand
api-ms-win-crt-locale-l1-1-0
_wsetlocale
_configthreadlocale
___lc_codepage_func
provenancesdk
PROV_AuthoringInitFromFile
PROV_AuthoringAddAssertions
PROV_ValidationGetRawManifestStore
PROV_ValidationInitFromBuffer
PROV_CONTEXT_alloc
PROV_AuthoringSetGeneratorMetadata
PROV_AuthoringEmbedItem
PROV_AuthoringFinalizeOutputToFile
PROV_UTIL_GenerateSignature
PROV_UTIL_GenerateCOSESigStructure
PROV_HASHED_URI_Free
PROV_CONTEXT_free
PROV_UTIL_GetManifestFromRawManifestStoreBytes
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsDeleteString
WindowsCreateString
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
rpcrt4
RpcStringFreeW
UuidCreate
UuidToStringW
winmm
timeGetTime
libcrypto-3-x64
EVP_PKEY_free
X509_free
EVP_PKEY_CTX_free
X509_NAME_free
PEM_write_bio_X509
BIO_ctrl
PEM_write_bio_PKCS8PrivateKey
BIO_s_mem
BIO_new
EVP_sha256
X509_sign
X509_set_pubkey
X509_getm_notAfter
X509_getm_notBefore
X509_gmtime_adj
X509_set_issuer_name
X509_set_subject_name
X509_NAME_add_entry_by_txt
X509_NAME_new
X509_get_serialNumber
ASN1_INTEGER_set
X509_set_version
ERR_get_error
X509_new
EVP_PKEY_keygen
EVP_PKEY_CTX_set_ec_paramgen_curve_nid
EVP_PKEY_keygen_init
EVP_PKEY_CTX_new_id
X509_check_private_key
PEM_read_bio_X509
PEM_read_bio_PrivateKey
BIO_new_mem_buf
BIO_free
api-ms-win-core-interlocked-l1-1-0
InterlockedPushEntrySList
api-ms-win-core-threadpool-l1-2-0
TrySubmitThreadpoolCallback
Sections
.text Size: 1008KB - Virtual size: 1007KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 706KB - Virtual size: 706KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 259KB - Virtual size: 267KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ