D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\Corehost.Static\singlefilehost.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
BloxDump.exe
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
BloxDump.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
PVRTexToolCLI.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral4
Sample
PVRTexToolCLI.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral5
Sample
ffmpeg.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral6
Sample
ffmpeg.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
BloxDump-v5.0.0-x64.zip
-
Size
36.5MB
-
MD5
290a3e73e700d29b4bb6c0e1ba361da6
-
SHA1
f9d7d04ee5d4f5381a498839f1509b2dc0dcc593
-
SHA256
7ccd5b25f4f11967f2be063f3932fd920a895de1a868db773bb3cfbce1f46b82
-
SHA512
4ea487ff2ef52dc9a9f766a1e2f39e5af2bfa53fb940a97e4d0774b86baee3d69f4fb90dafd211823b41e83d888e83b9817ccb7d26e80a9d2ea7c36ab37c3981
-
SSDEEP
786432:PrX0QcHQ2FZRvzbm5sBvgqjjYBjUcDKHBPkes8Kg1pCuQy:jX0o2FZRWhMYBjgHB+8jpCu1
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/BloxDump.exe unpack001/ffmpeg.exe
Files
-
BloxDump-v5.0.0-x64.zip.zip
-
BloxDump.exe.exe windows:6 windows x64 arch:x64
7d82737f015fa3a1a4cef33dc096d571
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
RaiseException
FreeLibrary
SetErrorMode
RaiseFailFastException
GetExitCodeProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
AddVectoredExceptionHandler
MultiByteToWideChar
GetTickCount
FlushInstructionCache
QueryPerformanceFrequency
QueryPerformanceCounter
RtlLookupFunctionEntry
LocateXStateFeature
RtlDeleteFunctionTable
InterlockedPushEntrySList
InterlockedFlushSList
InitializeSListHead
GetTickCount64
DuplicateHandle
QueueUserAPC
WaitForSingleObjectEx
SetThreadPriority
GetThreadPriority
GetCurrentThreadId
TlsAlloc
GetCurrentThread
GetCurrentProcessId
CreateThread
GetModuleHandleW
WaitForMultipleObjectsEx
SignalObjectAndWait
RtlCaptureContext
SetThreadStackGuarantee
VirtualQuery
WriteFile
GetStdHandle
GetConsoleOutputCP
MapViewOfFileEx
UnmapViewOfFile
GetStringTypeExW
InterlockedPopEntrySList
ExitProcess
Sleep
CreateMemoryResourceNotification
VirtualAlloc
VirtualFree
VirtualProtect
SleepEx
SwitchToThread
SuspendThread
ResumeThread
InitializeContext
SetXStateFeaturesMask
RtlRestoreContext
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
ReadFile
GetFileSize
GetEnvironmentVariableW
SetEnvironmentVariableW
CreateEventW
SetEvent
ResetEvent
GetThreadContext
SetThreadContext
GetEnabledXStateFeatures
CopyContext
WerRegisterRuntimeExceptionModule
RtlInstallFunctionTableCallback
GetSystemDefaultLCID
GetUserDefaultLCID
RtlUnwind
HeapAlloc
HeapFree
GetProcessHeap
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
FormatMessageW
CreateSemaphoreExW
ReleaseSemaphore
GetACP
LCMapStringEx
LocalFree
VerSetConditionMask
VerifyVersionInfoW
QueryThreadCycleTime
GetLogicalProcessorInformationEx
SetThreadGroupAffinity
GetThreadGroupAffinity
GetProcessGroupAffinity
GetCurrentProcessorNumberEx
GetProcessAffinityMask
QueryInformationJobObject
CloseHandle
GetSystemTimeAsFileTime
GetModuleFileNameW
CreateProcessW
GetCPInfo
GetTempPathW
LoadLibraryExW
CreateFileW
GetFileAttributesExW
GetFullPathNameW
LoadLibraryExA
OutputDebugStringA
OpenEventW
ReleaseMutex
ExitThread
CreateMutexW
HeapReAlloc
CreateNamedPipeA
WaitForMultipleObjects
DisconnectNamedPipe
CreateFileA
CancelIoEx
GetOverlappedResult
ConnectNamedPipe
FlushFileBuffers
SetFilePointer
MapViewOfFile
GetActiveProcessorGroupCount
GetSystemTime
SetConsoleCtrlHandler
GetLocaleInfoEx
GetUserDefaultLocaleName
RtlAddFunctionTable
LoadLibraryW
CreateDirectoryW
RemoveDirectoryW
CreateActCtxW
ActivateActCtx
FindResourceW
GetWindowsDirectoryW
GetFileSizeEx
FindFirstFileExW
FindNextFileW
FindClose
LoadLibraryA
GetCurrentDirectoryW
IsWow64Process
EncodePointer
DecodePointer
CreateFileMappingA
TlsSetValue
TlsGetValue
GetSystemInfo
GetCurrentProcess
OutputDebugStringW
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
GetCommandLineW
GetProcAddress
GetModuleHandleExW
SetThreadErrorMode
FlushProcessWriteBuffers
SetLastError
DebugBreak
WaitForSingleObject
GetNumaHighestNodeNumber
SetThreadAffinityMask
SetThreadIdealProcessorEx
GetThreadIdealProcessorEx
VirtualAllocExNuma
GetNumaProcessorNodeEx
VirtualUnlock
GetLargePageMinimum
IsProcessInJob
K32GetProcessMemoryInfo
GetLogicalProcessorInformation
GlobalMemoryStatusEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlVirtualUnwind
IsProcessorFeaturePresent
RtlUnwindEx
InitializeCriticalSectionAndSpinCount
TlsFree
RtlPcToFileHeader
TryAcquireSRWLockExclusive
GetExitCodeThread
GetStringTypeW
InitializeCriticalSectionEx
GetLastError
CreateFileMappingW
advapi32
ReportEventW
AdjustTokenPrivileges
RegGetValueW
SetKernelObjectSecurity
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
OpenProcessToken
DeregisterEventSource
RegisterEventSourceW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
EventRegister
SetThreadToken
RevertToSelf
OpenThreadToken
EventWriteTransfer
EventWrite
LookupPrivilegeValueW
ole32
CreateStreamOnHGlobal
CoRevokeInitializeSpy
CoGetClassObject
CoGetContextToken
CoGetObjectContext
CoUnmarshalInterface
CoMarshalInterface
CoGetMarshalSizeMax
CLSIDFromProgID
CoReleaseMarshalData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoInitializeEx
CoRegisterInitializeSpy
CoWaitForMultipleHandles
CoUninitialize
CoCreateFreeThreadedMarshaler
oleaut32
CreateErrorInfo
SysFreeString
GetErrorInfo
SetErrorInfo
SysStringLen
SysAllocString
SysAllocStringLen
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayDestroy
QueryPathOfRegTypeLi
LoadTypeLibEx
SafeArrayGetVartype
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantInit
VarCyFromDec
SafeArrayAllocDescriptorEx
GetRecordInfoFromTypeInfo
SafeArraySetRecordInfo
SafeArrayAllocData
SafeArrayGetElemsize
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreateVector
SafeArrayPutElement
LoadRegTypeLi
user32
LoadStringW
MessageBoxW
shell32
ShellExecuteW
api-ms-win-crt-string-l1-1-0
strncat_s
wcsncat_s
strcmp
wcsnlen
wcscat_s
towupper
iswascii
_strdup
strncpy
strnlen
wcstok_s
isdigit
isupper
isalpha
towlower
_wcsdup
iswspace
isspace
islower
strtok_s
_wcsnicmp
strcspn
__strncnt
strlen
wcscpy_s
toupper
wcsncpy_s
strcpy_s
strcat_s
strncpy_s
_strnicmp
tolower
wcsncmp
iswupper
strncmp
_stricmp
_wcsicmp
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsscanf
fflush
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vswprintf
__stdio_common_vfwprintf
fputws
fputwc
_get_stream_buffer_pointers
_fseeki64
fread
fsetpos
ungetc
fgetpos
fgets
fgetc
fputc
_wfsopen
_wfopen
__p__commode
_set_fmode
__stdio_common_vsnprintf_s
setvbuf
_setmode
_dup
_fileno
ftell
fseek
fputs
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf_s
fwrite
_flushall
fopen
fclose
api-ms-win-crt-runtime-l1-1-0
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_register_onexit_function
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
_exit
_invalid_parameter_noinfo_noreturn
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_beginthreadex
terminate
_controlfp_s
_wcserror_s
_invalid_parameter_noinfo
_errno
exit
abort
api-ms-win-crt-convert-l1-1-0
_atoi64
_ltow_s
_wtoi
strtoul
_wcstoui64
atol
_itow_s
strtoull
wcstoul
api-ms-win-crt-heap-l1-1-0
free
_set_new_mode
calloc
malloc
realloc
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-math-l1-1-0
asinhf
atanhf
cbrtf
acoshf
cosh
cbrt
coshf
exp
expf
acosh
atanh
floor
floorf
fma
fmaf
cosf
_fdopen
cos
ceilf
_copysignf
_isnanf
trunc
truncf
ilogb
ilogbf
tanhf
ceil
fmod
fmodf
atanf
frexp
atan2f
atan2
log
log10
log10f
atan
asinf
log2
log2f
logf
pow
powf
sin
sinf
asin
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
acosf
_copysign
asinh
_isnan
_finite
modf
modff
acos
__setusermatherr
api-ms-win-crt-time-l1-1-0
_time64
_gmtime64_s
wcsftime
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-locale-l1-1-0
_unlock_locales
setlocale
__pctype_func
___lc_locale_name_func
_lock_locales
___lc_codepage_func
___mb_cur_max_func
_configthreadlocale
localeconv
api-ms-win-crt-filesystem-l1-1-0
_wrename
_unlock_file
_wremove
_lock_file
Exports
Exports
CLRJitAttachState
DotNetRuntimeInfo
MetaDataGetDispenser
g_CLREngineMetrics
g_dacTable
Sections
.text Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.CLR_UEF Size: 512B - Virtual size: 221B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 38KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 216KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Section Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
PVRTexToolCLI.exe.exe windows:6 windows x64 arch:x64
a91678b308ddf48e133abed13f7d5550
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
01:a7:bd:d0:b0:0f:3c:4f:ee:18:26:bd:25:fe:98:c3Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before01/04/2022, 00:00Not After05/04/2025, 23:59SubjectCN=Imagination Technologies Limited,O=Imagination Technologies Limited,L=Kings Langley,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/01/2016, 00:00Not After11/01/2031, 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before23/12/2017, 00:00Not After22/03/2029, 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
5d:fb:9f:24:eb:1a:4e:82:be:57:e5:81:fb:5a:12:ed:18:a2:ed:b2:7a:5e:70:8f:a0:ab:d5:cc:4d:f3:e5:81Signer
Actual PE Digest5d:fb:9f:24:eb:1a:4e:82:be:57:e5:81:fb:5a:12:ed:18:a2:ed:b2:7a:5e:70:8f:a0:ab:d5:cc:4d:f3:e5:81Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetCommandLineW
LocalFree
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GetCurrentProcessId
GetSystemInfo
WaitForSingleObject
CloseHandle
CreateMutexA
ReleaseMutex
SwitchToThread
WaitForMultipleObjects
CreateThread
QueryPerformanceFrequency
QueryPerformanceCounter
CreateFileW
SetStdHandle
SetEnvironmentVariableW
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
WaitForSingleObjectEx
GetExitCodeThread
GetNativeSystemInfo
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
RtlPcToFileHeader
RaiseException
IsProcessorFeaturePresent
GetLastError
GetModuleHandleExW
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
SetLastError
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ReadFile
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetStdHandle
GetFileType
GetModuleFileNameW
WriteConsoleW
HeapSize
WriteFile
GetCommandLineA
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileSizeEx
FlushFileBuffers
GetConsoleOutputCP
DeleteFileW
HeapReAlloc
OutputDebugStringW
GetProcessHeap
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEndOfFile
shell32
CommandLineToArgvW
Sections
.text Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 915KB - Virtual size: 914KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 107KB - Virtual size: 222KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 91KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 117KB - Virtual size: 117KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ffmpeg.exe.exe windows:4 windows x64 arch:x64
62b0daa49f511fd8cdee198c3a6f9e54
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptReleaseContext
CryptSetHashParam
CryptSetProvParam
CryptSignHashA
DeregisterEventSource
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegisterEventSourceW
ReportEventW
SetSecurityDescriptorDacl
SystemFunction036
crypt32
CertCloseStore
CertDeleteCertificateFromStore
CertEnumCRLsInStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
PFXImportCertStore
gdi32
BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
EnumFontFamiliesW
ExtTextOutW
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetICMProfileW
GetObjectA
GetPixelFormat
GetStockObject
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
Rectangle
SelectObject
SetBkMode
SetDeviceGammaRamp
SetPixelFormat
SetTextColor
SwapBuffers
imm32
ImmAssociateContext
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetIMEFileNameA
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionStringW
ImmSetCompositionWindow
iphlpapi
GetAdaptersAddresses
if_indextoname
if_nametoindex
kernel32
AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AreFileApisANSI
CancelIo
CancelIoEx
CloseHandle
CompareStringA
ConvertFiberToThread
ConvertThreadToFiberEx
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateSemaphoreA
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFiber
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileExW
FindFirstFileW
FindNextFileW
FormatMessageA
FormatMessageW
FreeLibrary
GetACP
GetCommandLineW
GetComputerNameA
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileType
GetFinalPathNameByHandleA
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetNumaNodeProcessorMaskEx
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessTimes
GetStdHandle
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTempPathA
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTickCount64
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
K32GetProcessMemoryInfo
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExA
MoveFileExW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleA
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleTextAttribute
SetCurrentDirectoryW
SetDllDirectoryA
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetHandleInformation
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadErrorMode
SetThreadExecutionState
SetThreadGroupAffinity
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SuspendThread
SwitchToFiber
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualQuery
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler
lstrcmpiW
msvcrt
___lc_codepage_func
___mb_cur_max_func
__argv
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_access
_access
_aligned_free
_aligned_malloc
_aligned_realloc
_amsg_exit
_assert
_beginthreadex
_cexit
_chmod
_close
_commode
_close
_dup
_dup2
_endthreadex
_errno
_exit
_fdopen
_filelengthi64
_fileno
_findclose
_fileno
_findfirst64
_findnext64
_fmode
_fstat64
_ftime64
_fullpath
_get_osfhandle
_getch
_getcwd
_getmaxstdio
_getpid
_gmtime64
_hypot
_i64toa
_initterm
_isatty
_isctype
_itoa
_kbhit
_localtime64
_lock
_locking
_lseeki64
_ltoa
_mbsrchr
_mkdir
_mkdir
_mktime64
_onexit
_open
_open
_open_osfhandle
_read
_rmdir
_rmdir
_read
_nextafter
_setjmp
_setmaxstdio
_setmode
_setmode
_sopen
_stat64
_strdup
_strdup
_stricmp
_strlwr
_strnicmp
_strrev
_strtoi64
_strtoui64
_strtoui64
_strupr
_time64
_ui64toa
_ultoa
_unlink
_unlink
_unlock
_vscprintf
_vsnprintf
_vsnwprintf
_waccess
_wassert
_wcsdup
_wcsicmp
_wcsnicmp
_wfindfirst64
_wfindnext64
_wfopen
_wfullpath
_wgetcwd
_wgetenv
_wmkdir
_wopen
_wrename
_write
_wrmdir
_wsopen
_wstat64
_wunlink
abort
acos
asin
atan
atof
atoi
bsearch
calloc
clock
cosh
div
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fopen_s
fprintf
fputc
fputs
fputwc
fread
free
fsetpos
fwprintf
fseek
ftell
fwrite
getc
getchar
getenv
getwc
isalnum
isalpha
iscntrl
isgraph
islower
isprint
ispunct
isspace
isupper
iswctype
isxdigit
localeconv
log10
longjmp
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
perror
printf
putc
puts
putwc
qsort
raise
rand
realloc
rename
rewind
setlocale
setvbuf
signal
sinh
sprintf
srand
strcat
strchr
strcmp
strcoll
strcpy
strcpy_s
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strncpy_s
strpbrk
strrchr
strspn
strstr
strtok
strtok_s
strtol
strtoul
strxfrm
tan
tanh
tolower
toupper
towlower
towupper
ungetwc
ungetc
vfprintf
wcscat
wcschr
wcscmp
wcscoll
wcscpy
wcscpy_s
wcsftime
wcslen
wcsncmp
wcsrchr
wcsstr
wcstombs
wcstombs_s
wcstoul
wcsxfrm
ncrypt
BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider
NCryptDecrypt
NCryptDeleteKey
NCryptFreeObject
NCryptGetProperty
NCryptOpenKey
NCryptOpenStorageProvider
NCryptSignHash
ole32
CLSIDFromString
CoCreateInstance
CoGetMalloc
CoInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
OleLoadFromStream
OleSaveToStream
PropVariantClear
StringFromGUID2
oleaut32
OleCreatePropertyFrame
SysFreeString
setupapi
CM_Get_Device_IDA
CM_Get_Parent
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
shell32
CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
SHGetFolderPathW
SHGetSpecialFolderPathA
ShellExecuteW
shlwapi
SHCreateStreamOnFileA
user32
AdjustWindowRectEx
AttachThreadInput
BeginPaint
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CopyIcon
CopyImage
CreateIconFromResource
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyCursor
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageA
DispatchMessageW
DrawIcon
DrawTextW
EmptyClipboard
EndDialog
EndPaint
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
FillRect
FindWindowW
FlashWindowEx
FrameRect
GetAsyncKeyState
GetClassInfoExW
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardSequenceNumber
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMessageW
GetMonitorInfoW
GetParent
GetProcessWindowStation
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetUpdateRect
GetUserObjectInformationW
GetWindowLongPtrA
GetWindowLongPtrW
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
IntersectRect
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsRectEmpty
KillTimer
LoadCursorA
LoadCursorW
LoadIconW
MapVirtualKeyW
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostThreadMessageW
PtInRect
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
RegisterRawInputDevices
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetTimer
SetWindowLongPtrA
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
ValidateRect
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
avicap32
capCreateCaptureWindowA
capGetDriverDescriptionA
winmm
timeBeginPeriod
timeEndPeriod
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite
ws2_32
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEventSelect
WSAGetLastError
WSAIoctl
WSARecvFrom
WSASendTo
WSASetLastError
WSASocketA
WSAStartup
WSAStringToAddressA
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyaddr
gethostbyname
gethostname
getnameinfo
getpeername
getservbyname
getservbyport
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket
Exports
Exports
FT_Activate_Size
FT_Add_Default_Modules
FT_Add_Module
FT_Angle_Diff
FT_Atan2
FT_Attach_File
FT_Attach_Stream
FT_Bitmap_Blend
FT_Bitmap_Convert
FT_Bitmap_Copy
FT_Bitmap_Done
FT_Bitmap_Embolden
FT_Bitmap_Init
FT_Bitmap_New
FT_CeilFix
FT_Cos
FT_DivFix
FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Done_Library
FT_Done_MM_Var
FT_Done_Size
FT_Error_String
FT_Face_GetCharVariantIndex
FT_Face_GetCharVariantIsDefault
FT_Face_GetCharsOfVariant
FT_Face_GetVariantSelectors
FT_Face_GetVariantsOfChar
FT_Face_Properties
FT_FloorFix
FT_Get_Advance
FT_Get_Advances
FT_Get_BDF_Charset_ID
FT_Get_BDF_Property
FT_Get_CMap_Format
FT_Get_CMap_Language_ID
FT_Get_Char_Index
FT_Get_Charmap_Index
FT_Get_Color_Glyph_ClipBox
FT_Get_Color_Glyph_Layer
FT_Get_Color_Glyph_Paint
FT_Get_Colorline_Stops
FT_Get_First_Char
FT_Get_Font_Format
FT_Get_Glyph
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Get_MM_Blend_Coordinates
FT_Get_MM_Var
FT_Get_MM_WeightVector
FT_Get_Module
FT_Get_Multi_Master
FT_Get_Name_Index
FT_Get_Next_Char
FT_Get_PS_Font_Info
FT_Get_PS_Font_Private
FT_Get_PS_Font_Value
FT_Get_Paint
FT_Get_Paint_Layers
FT_Get_Postscript_Name
FT_Get_Renderer
FT_Get_Sfnt_LangTag
FT_Get_Sfnt_Name
FT_Get_Sfnt_Name_Count
FT_Get_Sfnt_Table
FT_Get_SubGlyph_Info
FT_Get_Track_Kerning
FT_Get_Transform
FT_Get_TrueType_Engine_Type
FT_Get_Var_Axis_Flags
FT_Get_Var_Blend_Coordinates
FT_Get_Var_Design_Coordinates
FT_Get_X11_Font_Format
FT_GlyphSlot_Own_Bitmap
FT_Glyph_Copy
FT_Glyph_Get_CBox
FT_Glyph_Stroke
FT_Glyph_StrokeBorder
FT_Glyph_To_Bitmap
FT_Glyph_Transform
FT_Has_PS_Glyph_Names
FT_Init_FreeType
FT_Library_SetLcdFilter
FT_Library_SetLcdFilterWeights
FT_Library_SetLcdGeometry
FT_Library_Version
FT_List_Add
FT_List_Finalize
FT_List_Find
FT_List_Insert
FT_List_Iterate
FT_List_Remove
FT_List_Up
FT_Load_Char
FT_Load_Glyph
FT_Load_Sfnt_Table
FT_Matrix_Invert
FT_Matrix_Multiply
FT_MulDiv
FT_MulFix
FT_New_Face
FT_New_Glyph
FT_New_Library
FT_New_Memory_Face
FT_New_Size
FT_Open_Face
FT_Outline_Check
FT_Outline_Copy
FT_Outline_Decompose
FT_Outline_Done
FT_Outline_Embolden
FT_Outline_EmboldenXY
FT_Outline_GetInsideBorder
FT_Outline_GetOutsideBorder
FT_Outline_Get_Bitmap
FT_Outline_Get_CBox
FT_Outline_Get_Orientation
FT_Outline_New
FT_Outline_Render
FT_Outline_Reverse
FT_Outline_Transform
FT_Outline_Translate
FT_Palette_Data_Get
FT_Palette_Select
FT_Palette_Set_Foreground_Color
FT_Property_Get
FT_Property_Set
FT_Reference_Face
FT_Reference_Library
FT_Remove_Module
FT_Render_Glyph
FT_Request_Size
FT_RoundFix
FT_Select_Charmap
FT_Select_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Debug_Hook
FT_Set_Default_Log_Handler
FT_Set_Default_Properties
FT_Set_Log_Handler
FT_Set_MM_Blend_Coordinates
FT_Set_MM_Design_Coordinates
FT_Set_MM_WeightVector
FT_Set_Named_Instance
FT_Set_Pixel_Sizes
FT_Set_Renderer
FT_Set_Transform
FT_Set_Var_Blend_Coordinates
FT_Set_Var_Design_Coordinates
FT_Sfnt_Table_Info
FT_Sin
FT_Stream_OpenLZW
FT_Stroker_BeginSubPath
FT_Stroker_ConicTo
FT_Stroker_CubicTo
FT_Stroker_Done
FT_Stroker_EndSubPath
FT_Stroker_Export
FT_Stroker_ExportBorder
FT_Stroker_GetBorderCounts
FT_Stroker_GetCounts
FT_Stroker_LineTo
FT_Stroker_New
FT_Stroker_ParseOutline
FT_Stroker_Rewind
FT_Stroker_Set
FT_Tan
FT_Trace_Set_Default_Level
FT_Trace_Set_Level
FT_Vector_From_Polar
FT_Vector_Length
FT_Vector_Polarize
FT_Vector_Rotate
FT_Vector_Transform
FT_Vector_Unit
TT_New_Context
TT_RunIns
gme_ay_type
gme_clear_playlist
gme_delete
gme_enable_accuracy
gme_equalizer
gme_free_info
gme_gbs_type
gme_gym_type
gme_hes_type
gme_identify_extension
gme_identify_file
gme_identify_header
gme_ignore_silence
gme_kss_type
gme_load_custom
gme_load_data
gme_load_file
gme_multi_channel
gme_mute_voice
gme_mute_voices
gme_new_emu
gme_new_emu_multi_channel
gme_nsf_type
gme_nsfe_type
gme_open_data
gme_open_file
gme_play
gme_sap_type
gme_seek
gme_seek_samples
gme_set_autoload_playback_limit
gme_set_equalizer
gme_set_fade
gme_set_stereo_depth
gme_set_tempo
gme_set_user_cleanup
gme_set_user_data
gme_spc_type
gme_start_track
gme_tell
gme_tell_samples
gme_track_count
gme_track_ended
gme_track_info
gme_type
gme_type_extension
gme_type_list
gme_type_multitrack
gme_type_system
gme_user_data
gme_vgm_type
gme_vgz_type
gme_voice_count
gme_voice_name
gme_warning
gme_wrong_file_type
Sections
.text Size: 62.6MB - Virtual size: 62.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rodata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 11.2MB - Virtual size: 11.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 905KB - Virtual size: 905KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 9.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 252KB - Virtual size: 251KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ