64054239aaef685905d9372d35af3aad09134057cb56fb9e8d2d2cb398c1ba9b

Sharing

Copy URL

Twitter E-mail

General

Target

64054239aaef685905d9372d35af3aad09134057cb56fb9e8d2d2cb398c1ba9b
Size

2.2MB
MD5

853b922715bd2605d8e41558029e19f0
SHA1

8823e5a68c1acf84fb9cc196e853ceb3057c728e
SHA256

64054239aaef685905d9372d35af3aad09134057cb56fb9e8d2d2cb398c1ba9b
SHA512

40c62043233216b5d771ee1cb47d3291043fcc6a457448c396d74100112fd92bd175c9b4b38bc1ee8c5dacb6b0d236b1d359e11a7d164b7a66c49546e2ff887d
SSDEEP

49152:fW14/P0vSgK7fGp61CrfEMsRroNfnE/feadCAhO6cxQZkBm7m4x:DkvST6p6ArfEMssvFadCGR+W7m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64054239aaef685905d9372d35af3aad09134057cb56fb9e8d2d2cb398c1ba9b

Files

64054239aaef685905d9372d35af3aad09134057cb56fb9e8d2d2cb398c1ba9b
.dll windows:6 windows x86 arch:x86

d2876008e77fbdc5fa78ff156a9ff754

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileA
FindNextFileA
RemoveDirectoryA
GetCurrentProcess
GetCurrentThread
GetModuleFileNameA
SetProcessWorkingSetSize
K32GetProcessMemoryInfo
GetExitCodeThread
GetCommandLineA
VirtualProtect
GetPrivateProfileIntA
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadStringPtrA
IsBadReadPtr
GetACP
GetCurrentDirectoryA
LocalFileTimeToFileTime
SetFileTime
GetFileInformationByHandle
TerminateThread
CreateProcessA
WinExec
TerminateProcess
GetTickCount64
WritePrivateProfileStringA
GetPrivateProfileStringA
FileTimeToSystemTime
CreateDirectoryA
lstrcmpiA
GetLocalTime
CreateThread
GetCurrentThreadId
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapSize
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
FindClose
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
GetTickCount
FlushFileBuffers
AreFileApisANSI
ReadFile
HeapCreate
HeapFree
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
UnmapViewOfFile
HeapValidate
GetLocaleInfoA
LoadLibraryA
GetProcAddress
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
VerSetConditionMask
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
LoadLibraryExA
lstrlenA
ExitProcess
MulDiv
lstrcpyA
IsDBCSLeadByte
FreeResource
LoadResource
LockResource
SizeofResource
FindResourceA
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
lstrcpynA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
GlobalAlloc
GetSystemDirectoryA
SetLastError
MoveFileExA
GetEnvironmentVariableA
GetStdHandle
GetFileType
PeekNamedPipe
WaitForMultipleObjects
SleepEx
GetFileSizeEx
ResetEvent
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
CreateEventA
SetEvent
GetSystemTimeAsFileTime
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

EndPaint
BeginPaint
KillTimer
GetFocus
GetActiveWindow
SetFocus
IsZoomed
DestroyWindow
RegisterClassA
CallWindowProcA
PostQuitMessage
DefWindowProcA
wsprintfA
GetMonitorInfoA
LoadImageA
GetWindow
GetParent
CharNextA
GetMessageA
CreateWindowExA
IsWindow
GetUpdateRect
InvalidateRect
GetWindowLongA
PtInRect
RegisterClassExA
RegisterClassExW
GetClassInfoExA
GetClassInfoExW
CreateWindowExW
EnableWindow
GetMenu
SetPropA
GetPropA
AdjustWindowRectEx
SetWindowRgn
UpdateWindow
MoveWindow
SetForegroundWindow
EqualRect
GetWindowTextA
GetWindowTextLengthA
IsWindowEnabled
IsRectEmpty
IntersectRect
GetSysColor
SetWindowLongA
GetWindowRect
GetDesktopWindow
OffsetRect
UnionRect
InflateRect
IsIconic
ExitWindowsEx
CreatePopupMenu
DestroyMenu
DispatchMessageA
EnableMenuItem
AppendMenuA
TrackPopupMenu
TranslateMessage
GetAsyncKeyState
CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
UpdateLayeredWindow
GetWindowRgn
SendNotifyMessageA
SetWindowPos
FindWindowA
PostMessageA
SetWindowTextA
CharPrevA
DrawTextA
MessageBoxA
DrawTextW
SetTimer
IsWindowVisible
ShowWindow
FillRect
SetRect
SendMessageA
CreateAcceleratorTableA
InvalidateRgn
GetGUIThreadInfo
GetKeyNameTextA
MonitorFromWindow
LoadCursorA
ScreenToClient
MapVirtualKeyExA
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
ReleaseDC
GetDC
GetForegroundWindow
IsWindowUnicode
ReleaseCapture
SetCapture
GetCapture
GetKeyState
GetMessageExtraInfo
TrackMouseEvent
GetKeyboardLayout
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
MapWindowPoints

gdi32

DeleteObject
CreateRectRgn
CreatePen
GetDeviceCaps
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
GdiFlush
TextOutA
MoveToEx
SetStretchBltMode
StretchBlt
SetBkColor
ExtSelectClipRgn
SelectClipRgn
LineTo
GetTextExtentPoint32A
GetClipBox
GetCharABCWidthsA
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateDIBSection
PtInRegion
SetTextColor
SetBkMode
CreateSolidBrush
CreatePatternBrush
CreateRoundRectRgn
BitBlt
SetWindowOrgEx
GetObjectA
GetTextMetricsA
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileA
CloseEnhMetaFile
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SaveDC
CreateDIBitmap
CreateFontIndirectA
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
DeleteDC

comdlg32

ChooseColorA

advapi32

CryptEncrypt
CryptImportKey
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
CryptDestroyKey

shell32

ShellExecuteA
DragQueryFileA

msvcp140

?_BADOFF@std@@3_JB
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Strcoll
_Strxfrm
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??7ios_base@std@@QBE_NXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??Bid@locale@std@@QAEIXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?is@?$ctype@D@std@@QBE_NFD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

imm32

ImmGetContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext

winmm

timeGetTime

dbghelp

SymGetModuleBase64
SymInitialize
SymGetSymFromAddr64
SymFunctionTableAccess64
StackWalk64
SymCleanup

ntdll

NtQueryVirtualMemory

ws2_32

WSACreateEvent
WSACloseEvent
getsockopt
WSAEventSelect
WSAGetLastError
WSACleanup
WSAResetEvent
WSAStartup
gethostbyname
WSAWaitForMultipleEvents
socket
setsockopt
WSASetLastError
sendto
WSAIoctl
send
select
__WSAFDIsSet
getaddrinfo
freeaddrinfo
recvfrom
recv
ntohs
listen
gethostname
inet_ntoa
inet_addr
htons
htonl
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
WSAEnumNetworkEvents

wldap32

ord27
ord26
ord22
ord41
ord32
ord45
ord60
ord211
ord217
ord301
ord200
ord33
ord30
ord50
ord79
ord35
ord143
ord46

crypt32

CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertFreeCertificateChain
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertGetNameStringA
CertOpenStore

normaliz

IdnToAscii
IdnToUnicode

d3dx9_43

D3DXCreateFontA

bcrypt

BCryptGenRandom

vcruntime140

__std_exception_destroy
_purecall
longjmp
_setjmp3
__RTDynamicCast
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
__std_type_info_destroy_list
strrchr
strchr
memset
memcmp
strstr
memmove
memchr
memcpy
__CxxFrameHandler3
_CxxThrowException
__std_exception_copy

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
strerror
__sys_nerr
__sys_errlist
abort
_invalid_parameter_noinfo
system
_invalid_parameter_noinfo_noreturn
_initterm
exit
_errno
terminate
_endthreadex
_beginthreadex
_initterm_e

api-ms-win-crt-stdio-l1-1-0

fread
fseek
ftell
__stdio_common_vfprintf
fgets
_ftelli64
_popen
tmpfile
fflush
clearerr
__stdio_common_vsscanf
_wfopen
__acrt_iob_func
fwrite
fclose
__stdio_common_vsprintf_s
fopen_s
tmpnam
fputs
__stdio_common_vswprintf
_get_stream_buffer_pointers
fgetc
fgetpos
fputc
fsetpos
_fseeki64
setvbuf
ungetc
_open
_lseeki64
feof
getc
fopen
ferror
freopen
_read
_write
_fileno
_close
_pclose
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

_stricmp
isspace
strcoll
strpbrk
strspn
strncpy
isalnum
isdigit
_strdup
strlen
strcpy
isgraph
tolower
strcat
islower
isupper
isalpha
toupper
isxdigit
strcpy_s
iscntrl
ispunct
strncmp
strcspn
strcmp

api-ms-win-crt-heap-l1-1-0

calloc
_callnewh
_msize
realloc
free
malloc

api-ms-win-crt-utility-l1-1-0

abs
qsort
rand
srand
_lrotl

api-ms-win-crt-math-l1-1-0

_CIfmod
_libm_sse2_pow_precise
_libm_sse2_log_precise
sqrt
_CIatan2
_libm_sse2_sin_precise
round
frexp
cos
_libm_sse2_cos_precise
sin
_libm_sse2_sqrt_precise
_libm_sse2_acos_precise
floor
_except1
_libm_sse2_asin_precise
_libm_sse2_exp_precise
_libm_sse2_log10_precise
ldexp
_fdopen
ceil
_libm_sse2_tan_precise

api-ms-win-crt-convert-l1-1-0

atol
atoll
strtoul
_atoi64
_itoa
strtoll
wcstombs
strtod
_strtoui64
atoi
strtol

api-ms-win-crt-time-l1-1-0

_time64
clock
_difftime64
_localtime64
_mktime64
_gmtime64
strftime
_localtime64_s

api-ms-win-crt-multibyte-l1-1-0

_mbscmp
_mbsicmp
_mbschr
_mbslwr
_mbsnbcpy
_mbsrchr
_mbsstr
_ismbcspace
_mbsnbcat
_mbsnbcmp
_ismbcalnum

api-ms-win-crt-filesystem-l1-1-0

_findfirst64i32
_findclose
_findnext64i32
_stat64
_fstat64
remove
rename
_lock_file
_access
_unlink
_unlock_file

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-environment-l1-1-0

getenv

ole32

CoCreateInstance
DoDragDrop
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocStringLen
SysAllocString

comctl32

InitCommonControlsEx
_TrackMouseEvent
ord17

gdiplus

GdipSetInterpolationMode
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLine
GdipAddPathArc
GdipCreateMatrix
GdipDrawImageI
GdipTranslateMatrix
GdipRotateMatrix
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipDeleteGraphics
GdipReleaseDC
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipDeleteMatrix
GdipSetWorldTransform
GdipResetWorldTransform
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipFillPath
GdipDrawImageRectRect
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetStringFormatHotkeyPrefix
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipCreatePen2
GdipSetPenStartCap
GdipSetPenEndCap
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDrawLine

Exports

Exports

V

Sections

.text
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 513KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2876008e77fbdc5fa78ff156a9ff754

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcp140

imm32

winmm

dbghelp

ntdll

ws2_32

wldap32

crypt32

normaliz

d3dx9_43

bcrypt

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

ole32

oleaut32

comctl32

gdiplus

Exports

Exports

Sections

.text Size: - Virtual size: 3.4MB

.rdata Size: - Virtual size: 513KB

.data Size: - Virtual size: 192KB

.gfids Size: - Virtual size: 104B

.tls Size: 512B - Virtual size: 21B

.vmp0 Size: - Virtual size: 708KB

.vmp1 Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 512B - Virtual size: 372B

.text
Size: - Virtual size: 3.4MB

.rdata
Size: - Virtual size: 513KB

.data
Size: - Virtual size: 192KB

.gfids
Size: - Virtual size: 104B

.tls
Size: 512B - Virtual size: 21B

.vmp0
Size: - Virtual size: 708KB

.vmp1
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 512B - Virtual size: 372B