Static task
static1
Behavioral task
behavioral1
Sample
4b995123f935d6e7286c927d024199fae4ec0d466c211a419eed128637f8a1cdN.exe
Resource
win7-20241023-en
windows7-x64
Behavioral task
behavioral2
Sample
4b995123f935d6e7286c927d024199fae4ec0d466c211a419eed128637f8a1cdN.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
General
-
Target
4b995123f935d6e7286c927d024199fae4ec0d466c211a419eed128637f8a1cdN.exe
-
Size
1.7MB
-
MD5
79d409f21233e7fb5a72227a1b46a840
-
SHA1
e3dded8281191633df0eb04b53e0d63ba7799819
-
SHA256
4b995123f935d6e7286c927d024199fae4ec0d466c211a419eed128637f8a1cd
-
SHA512
6f6cbf936b980c84055fe161caa055ba40f09d2d0b70d3abb2060d500f6509296239fe46d14127b75c9106e3c0e645701b9bf8f794e0c8fe113450b91701558e
-
SSDEEP
24576:UeWwS9OErNXHmA5DJRVFwd0qCqa617DgwwN0cx8ubXCHxrDylnRmzMTJZzGY+Wi2:q9OaTRxbqa6rse0l1TJZD+WGuWOv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4b995123f935d6e7286c927d024199fae4ec0d466c211a419eed128637f8a1cdN.exe
Files
-
4b995123f935d6e7286c927d024199fae4ec0d466c211a419eed128637f8a1cdN.exe.exe windows:4 windows x86 arch:x86
480053f52bbf6294737b2e20388046cf
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
burner
??0CWriteSpeed@CBurner@@QAE@HW4EDiscType@1@@Z
?CreateImapiBurner@CBurner@@SAPAV1@XZ
?Init@CBurner@@SA_NXZ
?DestroyImapiBurner@CBurner@@SAXPAV1@@Z
?FreeStr@CBurner@@SAXPBG@Z
?IsImapiSupported@CBurner@@SA_NXZ
?Release@CBurner@@SAXXZ
audiolib
??0CAGC@@QAE@XZ
?Init@CAGC@@QAEXHH@Z
??1CAGC@@QAE@XZ
?GainIt@CAGC@@QAEXPAXHPAH_N2@Z
?Convert@CCodecAudio@@QAEHPAXHPBXH@Z
?CreateDecomp@CCodecAudio@@SAPAV1@ABVCCodecParam@@0@Z
?CreateComp@CCodecAudio@@SAPAV1@ABVCCodecParam@@0@Z
mal1
?SetLightBackground@CListBoxEx@@QAEX_N@Z
?SetItemHeight@CListBoxEx@@QAEXHH@Z
?ChangeFont@CListBoxEx@@QAEXABVCString@@H_N@Z
?SetSelectedTextColor@CListBoxEx@@QAEXK@Z
?SetSelectedBgColor@CListBoxEx@@QAEXKH@Z
?SetBgColor@CListBoxEx@@QAEXKH@Z
?SetImageList@CListBoxEx@@QAEPAVCImageList@@PAV2@@Z
?SetAngle@CGradientStatic@@QAEXH@Z
?HideColumn@CGridCtrlEx@@QAEXH_N@Z
?SetSortState@CGridCtrlEx@@QAEXH_N@Z
?GetTooltipText@CTrayIcon@@QBE?AVCString@@XZ
?DeleteAllItems@CGridCtrlEx@@QAEHXZ
?HSVtoRGB@@YAXPAVCColorValueHSV@@PAUCColorValue24@@@Z
?RGBtoHSV@@YAXPAUCColorValue24@@PAVCColorValueHSV@@@Z
?InsertItem@CGridCtrlEx@@QAEHHPBDHH@Z
??1CItemStyle@@QAE@XZ
?SetBackgroundColor@CItemStyle@@QAEXK@Z
?SetTextColor@CItemStyle@@QAEXK@Z
?AddStyle@CGridCtrlEx@@QAEHABVCItemStyle@@@Z
?SetFont@CItemStyle@@QAE_NPAVCWnd@@ABVCString@@_N2H@Z
??0CItemStyle@@QAE@XZ
?DestroyItemStyles@CGridCtrlEx@@QAEXXZ
?GetSortState@CGridCtrlEx@@QAEXAAHAA_N@Z
?Create@CBalloonWnd@@QAEHPAVCWnd@@ABVCString@@PAUHICON__@@H@Z
?GetItalicsFont@CBalloonWnd@@QAEPAVCFont@@XZ
?GetBoldFont@CBalloonWnd@@QAEPAVCFont@@XZ
?Destroy@CBalloonWnd@@QAEXXZ
?Init@CLogFile@@QAE_NABVCString@@HH@Z
?Open@CMCI@@QAE_NABVCString@@@Z
?IsOpened@CMCI@@QBE_NXZ
?Close@CMCI@@QAE_NXZ
?GetFileName@CMCI@@QBEABVCString@@XZ
?GetLengthMS@CMCI@@QAEHXZ
?IsPlaying@CMCI@@QAE_NXZ
?IsPaused@CMCI@@QAE_NXZ
?GetPosition@CMCI@@QAEHXZ
?Play@CMCI@@QAE_NPAUHWND__@@ABVCString@@@Z
?SetRowFormat@CGridCtrlEx@@QAEXHH@Z
?GetRowFormat@CGridCtrlEx@@QAEHH@Z
?Stop@CCounter@@QAEHXZ
?IsRunning@CCounter@@QBE_NXZ
?GetCheck@CFlatButton@@QBE_NXZ
?SetSelection@CWaveGraphPositionCtrl@@QAEXHH@Z
?Init@CWaveGraphPositionCtrl@@QAEXH@Z
??0CIniFile@@QAE@VCString@@_N@Z
?WriteIniFile@CIniFile@@QAE_N_N@Z
?ExchangeObject@@YA_NPAVCIniFile@@HABVCString@@PA_N@Z
?ExchangeObject@@YA_NPAVCIniFile@@HABVCString@@PAVCRect@@@Z
?Seek@CMCI@@QAE_NH@Z
?GetItemImage@CListBoxEx@@QAEHH@Z
?ResetContent@CListBoxEx@@QAEXXZ
?Pause@CMCI@@QAE_NXZ
?Resume@CMCI@@QAE_NXZ
?Stop@CMCI@@QAE_NXZ
?GetSelectionMS@CWaveGraphCtrl@@QAE_NAAH0@Z
?SetCheck@CFlatButton@@QAEX_N@Z
?SetPositionMS@CWaveGraphCtrl@@QAEXH@Z
?SetRange@CMCI@@QAE_NHH@Z
?SetSelectionMS@CWaveGraphCtrl@@QAEXHH@Z
?AfxMessageBox@@YAHABVCString@@V1@H@Z
?Clear@CWaveGraphPositionCtrl@@QAEXXZ
?Clear@CWaveGraphCtrl@@QAEX_N@Z
?CreateThread@CThreadManager@@SAPAVCWinThread@@P6AIPAX@Z0PBD@Z
??1CWaveFile@@UAE@XZ
?IsOpened@CWaveFile@@QBE_NXZ
?AddWaveData@CWaveGraphCtrl@@QAEHPAXH@Z
?ReadData@CWaveFile@@QAEHPAXH@Z
?Init@CWaveGraphCtrl@@QAE_NHHH_N@Z
?GetDataLength@CWaveFile@@QBEHXZ
?StopRecompress@CWaveFileRecompress@@QAEXPAVCString@@@Z
?GetState@CWaveFileRecompress@@QAEHXZ
?StartRecompress@CWaveFileRecompress@@QAE_NABVCString@@00PAUtWAVEFORMATEX@@PAV2@@Z
?Close@CWaveFile@@QAEXXZ
?IsCompressed@CWaveFile@@QBE_NXZ
?Open@CWaveFile@@QAE_NVCString@@@Z
??0CWaveFile@@QAE@XZ
?CanZoom@CWaveGraphCtrl@@QAE_NXZ
?ZoomMS@CWaveGraphCtrl@@QAEXHH@Z
?SetSelection@CWaveGraphCtrl@@QAEXHH@Z
?GetSelection@CWaveGraphCtrl@@QAE_NAAH0@Z
?SamplesToMS@CWaveGraphCtrl@@QAEHH@Z
?GetVisible@CWaveGraphCtrl@@QBEXAAH00@Z
?CanZoomSelection@CWaveGraphCtrl@@QAE_NXZ
?ZoomOff@CWaveGraphCtrl@@QAEXXZ
??1CNSChartCtrl@@UAE@XZ
?SetIcon@CTrayIcon@@QAEHPAUHICON__@@@Z
?GetIcon@CTrayIcon@@QBEPAUHICON__@@XZ
?GetHiddenColumnWidth@CGridCtrlEx@@QBEHH@Z
?Crypt@CRC4@@SAXPAEHPBEH@Z
?SetStyle@CGridCtrlEx@@QAEXHABVCItemStyle@@@Z
??0CDlgStatusBar@@QAE@XZ
?DrawLED@@YAXPAVCDC@@ABVCRect@@K@Z
??0CGridCtrl@@QAE@XZ
?SetSortState@CGridCtrl@@QAEXH_N@Z
?GetSortState@CGridCtrl@@QAEXAAHAA_N@Z
?IsLocalIp@@YA_NI@Z
??0CNSChartCtrl@@QAE@XZ
?PrepareColors@CNSChartCtrl@@QAEXW4DefaultColors@1@@Z
?SetChartStyle@CNSChartCtrl@@QAEXK@Z
?GetReport@CNSChartCtrl@@QBE?AVCString@@XZ
?SetValue@CNSChartCtrl@@QAE_NHHN_N@Z
?AddDataSeries@CNSChartCtrl@@QAEHABVCString@@_N@Z
?SetValueLabel@CNSChartCtrl@@QAE_NHABVCString@@_N@Z
?SetValueCount@CNSChartCtrl@@QAEXH_N@Z
?SetDataType@CNSChartCtrl@@QAEXW4EDataType@1@@Z
?ResetChart@CNSChartCtrl@@QAEXXZ
?Draw@CNSChartCtrl@@QAEXPAVCDC@@_N@Z
?OnReceive@CClientASocket@@MAEXH@Z
?GetRuntimeClass@CClientASocket@@UBEPAUCRuntimeClass@@XZ
??1CClientASocket@@UAE@XZ
??0CClientASocket@@QAE@XZ
?OnSend@CClientASocket@@MAEXH@Z
?SendPacket@CClientASocket@@QAE_NPAXHH@Z
?SHA1@CHash@@SAXAAY0BE@EPAXH@Z
?Create@CMemory@@QAE_NHPBX@Z
??0CMemory@@QAE@ABV0@@Z
?DecryptString@CCryptString@@SA?AVCString@@ABV2@0@Z
?Assign@CMemory@@QAE_NHPAX_N@Z
??1CCryptoRc5@@UAE@XZ
??0CCryptoRc5@@QAE@XZ
??4CCryptoRc5@@QAEAAV0@ABV0@@Z
?Setup@CCryptoRc5@@QAE_NABVCString@@H@Z
?Encrypt@CCryptoRc5@@QBE_NPAK0H@Z
?Decrypt@CCryptoRc5@@QBE_NPAK0H@Z
??0CMemory@@QAE@XZ
??0CNamedPipe@@QAE@XZ
??4CMemory@@QAEAAV0@ABV0@@Z
?SetState@CThreadManager@@SAXIPBDPBXH@Z
?CreateThread@CThreadManager@@SAPAVCWinThread@@P6AIPAX@Z0HIKPBD@Z
??YCMemory@@QAEAAV0@ABV0@@Z
??0CMemory@@QAE@HPBX@Z
?Read@CNamedPipe@@QAE_NPAXKPAK@Z
?DataAvailable@CNamedPipe@@QAE_NPAK@Z
?TerminateThread@CThreadManager@@SA_NIK@Z
??1CCounter@@QAE@XZ
?GetCounts@CCounter@@QAEHXZ
?Clear@CMemory@@QAEXXZ
?IsEmpty@CMemory@@QBE_NXZ
?ChangeGroupFont@CListBoxEx@@QAEXABVCString@@H_N@Z
?SetItemImage@CListBoxEx@@QAE_NHH@Z
?Create@CTrayIcon@@QAEHPAVCWnd@@IPBDPAUHICON__@@I@Z
?SetIcon@CTrayIcon@@QAEHI@Z
?SetMenuDefaultItem@CTrayIcon@@QAEHIH@Z
?SetMenuModifyCallBack@CTrayIcon@@QAEXP6AXPAVCMenu@@@Z@Z
?SetTooltipText@CTrayIcon@@QAEHPBD@Z
?HideIcon@CTrayIcon@@QAEXXZ
?ShowIcon@CTrayIcon@@QAEXXZ
??0CWaveFileRecompress@@QAE@XZ
??0CMCI@@QAE@XZ
??0CBalloonWnd@@QAE@XZ
??0CTrayIcon@@QAE@XZ
??0CDlgToolBar@@QAE@XZ
?Start@CCounter@@QAEXXZ
??0CCounter@@QAE@XZ
??1CHash@@UAE@XZ
?Close@CNamedPipe@@QAEXXZ
?Write@CNamedPipe@@QAE_NPAXKPAK@Z
?Crypt@CRC4@@SAXPAEHPBD@Z
?StrNCpyZ@@YAPADPADPBDH@Z
?SHA1GetSum@CHash@@QAEXAAY0BE@E@Z
?SHA1Update@CHash@@QAEXPAXH@Z
?SHA1Init@CHash@@QAEXXZ
??0CHash@@QAE@XZ
?Connect@CNamedPipe@@QAE_NABVCString@@KK@Z
??1CProgressCtrlEx@@UAE@XZ
??1CNero@@UAE@XZ
?Release@CNero@@QAEXXZ
?Init@CNero@@QAE_NXZ
??0CNero@@QAE@XZ
?GetFolderFreeSpaceKB@@YAIABVCString@@@Z
?Burn@CNeroConfigDlg@@SAHPAVCNero@@PAUHWND__@@VCString@@@Z
?AddItem@CNero@@QAEPAUtag_NERO_ISO_ITEM@@ABVCString@@0PAU2@_N@Z
?AddFolderTree@CNero@@QAEPAUtag_NERO_ISO_ITEM@@ABVCString@@PAU2@_N@Z
?FileExists@@YA_NABVCString@@@Z
?Add@CLogFile@@QAE_NABVCString@@0H@Z
?CreateDirectoryPath@@YAXABVCString@@@Z
??0CProgressCtrlEx@@QAE@XZ
?SetBackgroundColor@CProgressCtrlEx@@QAEXK@Z
?GetLangDetails@CLanguage@@SAABUSLanguage@@G@Z
?GetSupportedLangIDArray@CLanguage@@SAHAAV?$CArrayEx@GG@@@Z
??0CListBoxEx@@QAE@XZ
??1CListBoxEx@@UAE@XZ
??1CGradientStatic@@UAE@XZ
??0CGradientStatic@@QAE@XZ
?SetBold@CGradientStatic@@QAEX_N@Z
?SetWindowTextA@CGradientStatic@@QAEXPBD@Z
?GetOwnIP@@YA_NAAVCStringArray@@_N@Z
??1CMetasoftBitmap@@UAE@XZ
??0CMetasoftBitmap@@QAE@XZ
?Destroy@CMetasoftBitmap@@QAEXXZ
?CreateBitmap@CMetasoftBitmap@@QAEXPBVCImageBuffer@@PAVCDC@@@Z
?Decompress@CJpeg@@SAPAXAAH00PBXH_NPAH@Z
?Decrypt@CHexText@@SA_NVCString@@PAXH@Z
?StretchBitmap@CMetasoftBitmap@@QAE_NPAVCDC@@HHNNVCRect@@PAUtagCOLORADJUSTMENT@@@Z
?Encrypt@CHexText@@SA?AVCString@@PAXH@Z
?Compress@CJpeg@@SAPAXPBXHHHAAHH@Z
??1CIniFile@@UAE@XZ
?ExchangeObject@@YA_NPAVCIniFile@@HABVCString@@PAH@Z
?ExchangeObject@@YA_NPAVCIniFile@@HABVCString@@PAV2@@Z
??1CGridCtrl@@UAE@XZ
??1CDlgStatusBar@@UAE@XZ
??0CCrashHandler@@QAE@XZ
??1CCrashHandler@@QAE@XZ
?GetResString@@YA?AVCString@@I@Z
??1CLogFile@@UAE@XZ
??0CLogFile@@QAE@XZ
?UnRegister@CThreadManager@@SAXI@Z
?EnumProcesses@CProcess@@SAHAAV?$CArray@VCProcess@@ABV1@@@@Z
?SetLanguage@CLanguage@@SA_NG@Z
?ExchangeObject@@YA_NPAVCIniFile@@HABVCString@@PAG@Z
?ReadIniFile@CIniFile@@QAE_NABVCString@@@Z
?Init@CLanguage@@SA_NABVCString@@G@Z
?GetModulePath@@YA?AVCString@@XZ
?SetVersion@CCrashHandler@@SAXPBD0@Z
?Register@CThreadManager@@SAXIPBD0@Z
?Global_Configure@@YAAAUSGlobal_Configure@@XZ
??1CStaticLinkEx@@UAE@XZ
??1CEditEx@@UAE@XZ
??0CStaticLinkEx@@QAE@XZ
??0CEditEx@@QAE@XZ
?ChangeFont@CEditEx@@QAEXABVCString@@H_N@Z
?SetTextColor@CEditEx@@QAEXK@Z
?SetBackgroundColor@CEditEx@@QAEXK@Z
?GetMessageMap@CBalloonWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetRuntimeClass@CBalloonWnd@@UBEPAUCRuntimeClass@@XZ
??1CGridCtrlEx@@UAE@XZ
??1CWaveGraphCtrl@@UAE@XZ
??1CWaveGraphPositionCtrl@@UAE@XZ
??1CFlatButton@@UAE@XZ
??1CDlgToolBar@@UAE@XZ
??1CTrayIcon@@UAE@XZ
??1CMCI@@QAE@XZ
??1CWaveFileRecompress@@UAE@XZ
??0CGridCtrlEx@@QAE@XZ
??0CWaveGraphCtrl@@QAE@XZ
??0CWaveGraphPositionCtrl@@QAE@XZ
??1CMemory@@QAE@XZ
??0CFlatButton@@QAE@XZ
iphlpapi
SendARP
ws2_32
__WSAFDIsSet
htonl
ntohl
htons
ntohs
select
setsockopt
bind
getsockname
closesocket
recvfrom
gethostbyname
socket
sendto
inet_ntoa
inet_addr
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
quartz
AMGetErrorTextA
winmm
waveOutGetVolume
waveOutSetVolume
mfc42
ord6640
ord2358
ord2362
ord2370
ord2302
ord4234
ord2514
ord551
ord4129
ord4278
ord2448
ord6334
ord2820
ord858
ord926
ord939
ord941
ord6199
ord2818
ord2642
ord1168
ord4710
ord5953
ord2614
ord1200
ord2645
ord665
ord5442
ord3789
ord5186
ord354
ord5683
ord3499
ord2515
ord355
ord412
ord711
ord413
ord710
ord4165
ord2071
ord2044
ord1979
ord6877
ord4277
ord6930
ord6928
ord6663
ord6385
ord6215
ord3803
ord5834
ord5450
ord6394
ord5440
ord6383
ord3874
ord324
ord2513
ord293
ord755
ord2754
ord6880
ord3092
ord470
ord1907
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord768
ord489
ord2294
ord2301
ord4258
ord4275
ord640
ord2450
ord5873
ord6172
ord3317
ord1640
ord323
ord2379
ord6197
ord6380
ord3398
ord3733
ord810
ord3287
ord1908
ord1690
ord5288
ord2054
ord4431
ord686
ord771
ord384
ord496
ord497
ord4259
ord4299
ord2864
ord2862
ord2096
ord4715
ord6008
ord567
ord1146
ord2528
ord1008
ord4439
ord2116
ord2637
ord2881
ord4125
ord5849
ord801
ord541
ord3610
ord656
ord6673
ord6467
ord5981
ord3626
ord2414
ord5787
ord283
ord3318
ord2764
ord925
ord2298
ord3790
ord539
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord4202
ord2621
ord1134
ord2919
ord6438
ord1247
ord6648
ord1158
ord3619
ord798
ord5465
ord5194
ord533
ord3698
ord3716
ord2582
ord4402
ord3370
ord3640
ord6744
ord6520
ord790
ord765
ord693
ord818
ord2841
ord5572
ord1140
ord2639
ord3996
ord6135
ord6111
ord2863
ord5655
ord6067
ord6000
ord2117
ord6146
ord4163
ord6625
ord6696
ord5884
ord5885
ord2822
ord6905
ord6007
ord6907
ord3286
ord3998
ord2915
ord2763
ord3301
ord6927
ord5710
ord3870
ord4123
ord4694
ord3903
ord861
ord2884
ord986
ord520
ord1842
ord1175
ord2537
ord482
ord4133
ord4297
ord5788
ord472
ord5875
ord1641
ord2405
ord4160
ord763
ord483
ord1199
ord1997
ord6407
ord5773
ord804
ord5583
ord2546
ord1176
ord291
ord4220
ord2584
ord3654
ord2438
ord6270
ord1644
ord6195
ord3337
ord6662
ord4774
ord2860
ord2859
ord6895
ord6718
ord2107
ord6154
ord2530
ord4365
ord4056
ord5471
ord4121
ord2389
ord5085
ord1709
ord1714
ord4404
ord5234
ord6369
ord5279
ord5258
ord2444
ord3722
ord4265
ord3706
ord5781
ord6069
ord6779
ord538
ord2299
ord2652
ord1669
ord6876
ord3914
ord6283
ord6282
ord3719
ord4644
ord4217
ord2576
ord4397
ord3352
ord3577
ord793
ord2937
ord5890
ord6743
ord6515
ord6646
ord2587
ord4406
ord3394
ord3729
ord6241
ord6785
ord6227
ord2527
ord5810
ord5481
ord2031
ord4335
ord4863
ord5796
ord5478
ord1971
ord966
ord4411
ord4447
ord1948
ord5303
ord4699
ord5715
ord817
ord565
ord2029
ord2077
ord2726
ord1138
ord4226
ord668
ord3181
ord2781
ord2770
ord356
ord4204
ord1106
ord2784
ord1945
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord5260
ord4432
ord560
ord813
ord4273
ord4614
ord2535
ord3495
ord4589
ord2827
ord1154
ord860
ord3811
ord641
ord6508
ord795
ord609
ord692
ord6741
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord3402
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3597
ord4425
ord5280
ord1775
ord6052
ord4998
ord4853
ord4376
ord5265
ord3721
ord3574
ord4396
ord2575
ord3639
ord4401
ord2581
ord4219
ord2024
ord2413
ord6366
ord1771
ord3663
ord540
ord940
ord922
ord924
ord521
ord6307
ord803
ord543
ord3584
ord825
ord823
ord537
ord535
ord800
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1116
ord4000
ord2086
ord1576
msvcrt
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_endthreadex
_beginthreadex
_msize
localtime
getc
ungetc
fclose
fopen
strncmp
tolower
toupper
strcmp
_iob
setlocale
strcoll
realloc
__mb_cur_max
_isctype
_pctype
sprintf
difftime
wcslen
floor
free
atof
ceil
_stricoll
time
srand
isalpha
isdigit
_ftol
_wcsncoll
_setmbcp
__CxxFrameHandler
strncpy
_purecall
malloc
atoi
_mbscmp
memmove
_mbsicmp
_strnicoll
_wcsnicoll
_strncoll
_controlfp
kernel32
GetExitCodeThread
Sleep
ResumeThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FormatMessageA
LocalFree
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFileSize
LockFileEx
UnlockFile
LockFile
GetFullPathNameA
GetSystemTimeAsFileTime
FlushViewOfFile
InterlockedCompareExchange
Beep
OutputDebugStringW
OutputDebugStringA
WaitForSingleObjectEx
WaitForSingleObject
UnmapViewOfFile
UnlockFileEx
CreateDirectoryA
MapViewOfFile
LoadLibraryW
HeapCompact
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExW
GetTickCount
GetTempPathW
GetSystemInfo
GetFullPathNameW
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetCurrentProcessId
FormatMessageW
DeleteFileW
CreateMutexW
CreateFileMappingW
CreateFileMappingA
CreateFileW
AreFileApisANSI
GetCurrentThreadId
LocalAlloc
GetStartupInfoA
DeleteFileA
SetFileAttributesA
CopyFileA
GetLocaleInfoA
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
SetThreadPriority
GetTempPathA
GetSystemDefaultLCID
ReadFile
GetModuleFileNameA
GetModuleHandleA
MoveFileA
GetVersionExA
GetFileAttributesA
SystemTimeToFileTime
RemoveDirectoryA
GetACP
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
CreateFileA
CloseHandle
GetProcessHeap
user32
GetSystemMenu
PostMessageA
LoadAcceleratorsA
ModifyMenuA
DrawIcon
GetSystemMetrics
IsIconic
InflateRect
GetFocus
DeleteMenu
CheckMenuItem
CopyRect
SetRect
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
ClientToScreen
EnableMenuItem
LoadMenuA
GetActiveWindow
PtInRect
SetCursor
InsertMenuA
SetCapture
ReleaseCapture
GetKeyState
OffsetRect
DrawEdge
ScreenToClient
GetCursorPos
UpdateWindow
GetKeyboardLayout
PostThreadMessageA
GetClientRect
LoadIconA
GetDC
ReleaseDC
GetWindowRect
InvalidateRect
GetSysColor
PeekMessageA
DispatchMessageA
IsWindowVisible
SendMessageA
EnableWindow
GetDlgCtrlID
SetActiveWindow
SetForegroundWindow
LoadImageA
RegisterWindowMessageA
KillTimer
LoadCursorA
SetTimer
TranslateAcceleratorA
gdi32
SelectObject
CreateRectRgn
GetObjectA
GetTextExtentPoint32A
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
CreateFontIndirectA
DeleteObject
Rectangle
GetColorAdjustment
GetDeviceCaps
GetTextColor
GetBkColor
GetStockObject
advapi32
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
shell32
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
comctl32
ImageList_ReplaceIcon
ole32
CoInitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
oleaut32
SysFreeString
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 132KB - Virtual size: 130KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 180KB - Virtual size: 186KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 368KB - Virtual size: 365KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ