HostNetSvc[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

HostNetSvc.dll
Size

3.3MB
MD5

b6ba6e232e302495395154d8cb5249b5
SHA1

002d0c4558ae09629cf42f76a110ac0f3413950a
SHA256

15cbe32ca1f7f04e2d1c19bc52edae3fb53c32c3fa036fa080ef057cdb427ea2
SHA512

5070ea83c0629ea5685632e3dbdabb2e9b4cdf05c200f6f8e05d53ace75835bdfb3bd7f97bd07425c9fd23466a75dd6a683d584e5a9e269d312206c322311f4f
SSDEEP

49152:quaWe8TecAZYn2VlSQobSZ8y34VFEN6no3NCWAX+YgQaqIZvMGk6DFXEpI779Et6:MC2mb2Txz77z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HostNetSvc.dll

Files

HostNetSvc.dll
.dll windows:10 windows x64 arch:x64

30574620b7d6a99ca9a1c34dcba7351d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

HostNetSvc.pdb

Imports

msvcp_win

?widen@?$ctype@G@std@@QEBAGD@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
_Cnd_do_broadcast_at_thread_exit
_Xtime_get_ticks
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Throw_Cpp_error@std@@YAXH@Z
?id@?$ctype@G@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Xbad_function_call@std@@YAXXZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?_Xbad_alloc@std@@YAXXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
_Thrd_join
_Query_perf_counter
_Query_perf_frequency
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Thrd_id

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__purecall
_o__register_onexit_function
_o__resetstkoflw
_o__seh_filter_dll
_o__wcsicmp
_o__wcsnicmp
_o__wstat64i32
_o__wtoi
_o_abort
memmove
_o_free
_o_malloc
_o_rand
_o_realloc
_o_srand
_o_terminate
_o_wcscat_s
_o_wcscpy_s
_o_wcstod
_o_wcstok
_o_wcstol
_o_wcstoul
_o_wmemcpy_s
__CxxFrameHandler3
_CxxThrowException
_o__crt_atexit
_o__configure_narrow_argv
wcsstr
__std_type_info_compare
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__cexit
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o__execute_onexit_table
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o__errno
__C_specific_handler
__std_terminate
__CxxFrameHandler4
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__RTDynamicCast
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

memset
wcsncmp

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleExW
GetProcAddress

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
CreateEventW
CreateEventExW
SetEvent
CreateSemaphoreExW
WaitForSingleObjectEx
ReleaseSemaphore
OpenSemaphoreW
InitializeCriticalSectionEx
ResetEvent
TryAcquireSRWLockExclusive
ReleaseMutex
WaitForMultipleObjectsEx
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateMutexExW
AcquireSRWLockShared
ReleaseSRWLockShared
TryAcquireSRWLockShared
ReleaseSRWLockExclusive

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

SetLastError
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TerminateProcess
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
OpenThreadToken
SetThreadToken

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventSetInformation
EventRegister
EventActivityIdControl
EventWrite

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

ws2_32

htons
htonl
WSAGetLastError
WSAIoctl
WSACleanup
WSAStartup
closesocket
ntohl
socket
ntohs

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemTimeAsFileTime
GetVersionExW
GetTickCount

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WaitOnAddress
InitOnceComplete
Sleep
InitOnceBeginInitialize
WakeByAddressAll
WakeAllConditionVariable

api-ms-win-core-kernel32-legacy-l1-1-0

RegisterWaitForSingleObject
UnregisterWait

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolCleanupGroup
CreateThreadpoolTimer
CloseThreadpoolCleanupGroupMembers
CloseThreadpoolCleanupGroup
SetThreadpoolTimer
CloseThreadpool
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWork
CloseThreadpoolTimer
SetThreadpoolThreadMaximum
CreateThreadpool
SetThreadpoolThreadMinimum
CreateThreadpoolWait
WaitForThreadpoolTimerCallbacks
WaitForThreadpoolWaitCallbacks

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegNotifyChangeKeyValue
RegGetValueW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegDeleteTreeW
RegCloseKey
RegEnumValueW
RegSetValueExW
RegCreateKeyExW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
RtlCompareMemory

api-ms-win-service-core-l1-1-3

GetServiceRegistryStateKey

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

vmsif

VmsIfNicDeleteMiniport
VmsIfPortEnumerate
VmsIfNicEnableMiniport
VmsIfSwitchExtensionEnumerate
VmsIfSwitchExtensionFree
VmsIfMemFree
VmsIfDriverOpen
VmsIfDriverClose
VmsIfNicInitializeMiniportLW
VmsIfNicNotifyInitializeMiniport
VmsIfNicDeleteMiniportLW
VmsIfNicInitializeMiniport
VmsIfNicDisableMiniport

api-ms-win-service-management-l1-1-0

StartServiceW
CloseServiceHandle
OpenSCManagerW
OpenServiceW

api-ms-win-core-file-l1-1-0

SetEndOfFile
ReadFile
GetFileSizeEx
CreateDirectoryW
WriteFile
CreateFileW
DeleteFileW
FlushFileBuffers
SetFilePointerEx

rpcrt4

RpcServerInqCallAttributesW
RpcServerInqBindings
NdrServerCallAll
NdrServerCall2
RpcExceptionFilter
RpcBindingFree
RpcEpRegisterW
RpcBindingCreateW
RpcBindingSetOption
UuidFromStringW
RpcBindingBind
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcEpResolveBinding
NdrClientCall3
RpcBindingVectorFree
RpcServerUseProtseqEpW
RpcServerUseProtseqW
RpcServerUnregisterIf
RpcImpersonateClient
RpcStringBindingParseW
RpcStringFreeW
RpcRevertToSelfEx
RpcServerRegisterIf3
NdrDllGetClassObject
RpcBindingToStringBindingW
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_CountRefs
CStdStubBuffer_QueryInterface
NdrOleAllocate
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
IUnknown_QueryInterface_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
RpcServerRegisterIfEx
UuidCreate
RpcEpUnregister

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoTaskMemFree
CoCancelCall
CoSetProxyBlanket
CoSwitchCallContext
CoRevokeClassObject
CLSIDFromString
CoCreateInstance
CoInitializeEx
CoImpersonateClient
CoCreateGuid
CoRevertToSelf
CoDisableCallCancellation
StringFromGUID2
CoRegisterClassObject
CoUninitialize

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-io-l1-1-0

CancelIoEx
DeviceIoControl

ntdll

RtlInitUnicodeString
RtlEqualUnicodeString
RtlIpv6AddressToStringW
RtlIpv6StringToAddressW
RtlIpv4AddressToStringW
RtlIpv4StringToAddressW
RtlIpv6StringToAddressExW
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWaitForCompletion

iphlpapi

GetAdaptersAddresses
InitializeIpForwardEntry
InternalCreateIpForwardEntry2
InternalCreateUnicastIpAddressEntry
InternalDeleteUnicastIpAddressEntry
InitializeIpInterfaceEntry
GetIpInterfaceEntry
SetIpInterfaceEntry
InternalGetUnicastIpAddressTable
ConvertInterfaceGuidToLuid
InternalDeleteIpForwardEntry2
DeleteIpNetEntry
SetCurrentThreadCompartmentId
FreeMibTable
ConvertCompartmentIdToGuid
NotifyIpInterfaceChange
ConvertLengthToIpv4Mask
ConvertInterfaceLuidToIndex
GetIfEntry2
CreateUnicastIpAddressEntry
InitializeUnicastIpAddressEntry
ConvertCompartmentGuidToId
GetIpNetTable2
GetUnicastIpAddressEntry
GetIpForwardEntry2
SetInterfaceDnsSettings
NotifyUnicastIpAddressChange
NotifyRouteChange2
CancelMibChangeNotify2
ConvertInterfaceIndexToLuid
GetIpForwardTable2
GetUnicastIpAddressTable
ConvertInterfaceLuidToGuid
GetIpNetEntry2
SetCurrentThreadCompartmentScope
GetIfTable2
ResolveIpNetEntry2

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx
QueryServiceConfigW
NotifyServiceStatusChangeW

api-ms-win-service-winsvc-l1-1-0

ControlService

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW
GetEnvironmentVariableW

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient7
ObjectStublessClient5
ObjectStublessClient6
ObjectStublessClient3
ObjectStublessClient4

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-security-trustee-l1-1-0

BuildSecurityDescriptorW

api-ms-win-security-base-l1-1-0

CreateWellKnownSid
ImpersonateLoggedOnUser
AccessCheck
ImpersonateSelf
RevertToSelf
FreeSid
CheckTokenMembership

api-ms-win-security-cryptoapi-l1-1-0

CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextW
CryptGetHashParam
CryptReleaseContext

api-ms-win-core-file-l2-1-2

CopyFileW

dhcpcsvc

DhcpEnableDhcp

nsi

NsiSetAllParameters
NsiFreeTable
NsiAllocateAndGetTable
NsiGetAllParameters
NsiSetParameter

winnsi

NsiRpcRegisterChangeNotification
NsiConnectToServer
NsiDisconnectFromServer
NsiRpcDeregisterChangeNotification

firewallapi

NetworkIsolationDeleteContainer
FWDeleteFirewallRule
FWFreeFirewallRules
FWClosePolicyStore
FWAddFirewallRule
FWQueryFirewallRules
NetworkIsolationCreateContainer
FWOpenPolicyStore

fwpuclnt

FwpmFilterDeleteByKey0
FwpmEngineClose0
FwpmEngineOpen0
FwpmTransactionBegin0
FwpmFilterAdd0
FwpmTransactionCommit0
FwpmTransactionAbort0

netmgmtif

NetMgmtDeleteVirtualSwitchPort
NetMgmtDeleteVirtualSwitch
NetMgmtEnumerateVirtualSwitch
NetMgmtFindInternalNicByName
NetMgmtEnumerateNic
NetMgmtEnumerateAdapter
NetMgmtGetPortHandleRefCount
NetMgmtDeleteInternalEthernetAdapter
NetMgmtUnbindExternalAdapter
NetMgmtGetVmSwitchInitState
NetMgmtEnumerateVirtualSwitchPorts
NetMgmtIsInternalEthernetAdapterEnabledLW
NetMgmtGetNetworkAdapterType
NetMgmtFindExternalNicByName
NetMgmtEnableVirtualSwitchExtension
NetMgmtUpdateContainerRegistryBasedOnCompartment
NetMgmtUpdateContainerRegistryBasedOnContainer
NetMgmtIsNetworkCompartmentPresent
NetMgmtSetPortEncapInfo
NetMgmtFindInternalNic
NetMgmtGetVirtualSwitchPort
NetMgmtCreateVirtualSwitchPort
NetMgmtSetSecurityInfoOnVirtualSwitchPort
NetMgmtCreateVirtualSwitchPortWithHandle
NetMgmtOpenVirtualSwitchPortHandle
NetMgmtAddBandwidthSettingsOnVirtualSwitchPort
NetMgmtConnectSwitchPort
NetMgmtSetConnectionInfo
NetMgmtDisconnectSwitchPort
NetMgmtSendNicStatus
NetMgmtAddVirtualSwitchPortProperty
NetMgmtBindExternalAdapter
NetMgmtUpdateVirtualSwitchPortProperty
NetMgmtDeleteVirtualSwitchPortProperty
NetMgmtGetNicStats
NetMgmtDeleteInternalEthernetAdapterLW
NetMgmtCreateVirtualSwitch
NetMgmtGetVirtualSwitchInfo
NetMgmtSetEthernetAdapterMacAddress
NetMgmtCreateInternalEthernetAdapter
NetMgmtCreateInternalEthernetAdapterLW

netsetupapi

NetSetupFreeObjects
NetSetupFreeObjectProperties
NetSetupSetObjectProperties
NetSetupCreateObject
NetSetupDeleteObject
NetSetupGetObjectProperties
NetSetupCommit
NetSetupGetObjects
NetSetupInitialize
NetSetupClose
NetSetupSynchronizeDevices

devobj

DevObjCreateDeviceInfoList
DevObjOpenDevRegKey
DevObjGetClassDevs
DevObjEnumDeviceInfo
DevObjChangeState
DevObjGetDeviceProperty
DevObjOpenDeviceInfo
DevObjCreateDeviceInfo
DevObjSetDeviceRegistryProperty
DevObjRegisterDeviceInfo
DevObjGetDeviceInstanceId
DevObjCreateDevRegKey
DevObjDeleteDevice
DevObjUninstallDevice
DevObjDestroyDeviceInfoList

vfpapi

VfcDeregisterEventEx
VfcDeregisterEvent
VfcInterceptEventEx3
VfcInterceptEventEx2
VfcInjectPacketEx
VfcInitializeDescriptor
VfcReleaseList
VfcAddObject
VfcNatEventAsync
VfcRemoveAllObject
VfcRemoveMapping
VfcReplaceObjectSet
VfcSetInformation
VfcListObject
VfcUnblockPort
VfcGetInformation
VfcRemoveObject
VfcEnablePort
VfcOpenDevice
VfcWithdrawNatRange
VfcDepositNatRange
VfcRemoveNatRange

api-ms-win-devices-config-l1-1-1

CM_Get_Parent
CM_Get_Device_ID_Size
CM_Get_Device_IDW
CM_Locate_DevNodeW
CM_Get_DevNode_Status

oleaut32

SafeArrayGetElement
SysFreeString
VariantClear
VariantInit
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocString
SafeArrayCreate
SafeArrayPutElement
SysAllocStringLen

api-ms-win-security-systemfunctions-l1-1-0

SystemFunction036

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GetProxyDllInfo
ServiceMain
SvchostPushServiceGlobals

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 641KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30574620b7d6a99ca9a1c34dcba7351d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-service-core-l1-1-0

ws2_32

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-service-core-l1-1-3

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

vmsif

api-ms-win-service-management-l1-1-0

api-ms-win-core-file-l1-1-0

rpcrt4

api-ms-win-core-string-l1-1-0

api-ms-win-stateseparation-helpers-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-io-l1-1-0

ntdll

iphlpapi

api-ms-win-service-management-l2-1-0

api-ms-win-service-winsvc-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-com-midlproxystub-l1-1-0

api-ms-win-core-realtime-l1-1-0

api-ms-win-security-trustee-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-security-cryptoapi-l1-1-0

api-ms-win-core-file-l2-1-2

dhcpcsvc

nsi

winnsi

firewallapi

fwpuclnt

netmgmtif

netsetupapi

devobj

vfpapi

api-ms-win-devices-config-l1-1-1

oleaut32

api-ms-win-security-systemfunctions-l1-1-0

api-ms-win-core-threadpool-legacy-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 641KB - Virtual size: 641KB

.data Size: 109KB - Virtual size: 117KB

.pdata Size: 92KB - Virtual size: 91KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 641KB - Virtual size: 641KB

.data
Size: 109KB - Virtual size: 117KB

.pdata
Size: 92KB - Virtual size: 91KB

.didat
Size: 512B - Virtual size: 56B

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 23KB - Virtual size: 22KB