5dc2131b756479ca134a42f150f58e42[.]XZ

Sharing

Copy URL

Twitter E-mail

General

Target

5dc2131b756479ca134a42f150f58e42.XZ
Size

3.2MB
MD5

5dc2131b756479ca134a42f150f58e42
SHA1

e6b57272f10a373e49315d7f301d30b1c66e4951
SHA256

a4f19a9864c086af408e8d0dce4ae4489e0cf07b1ada8ea947bca5f5c24bc445
SHA512

080e03d70f5dd0ba104f06b18571303481d3a54b65f4bdec7e281f6a041d9c20950c8a666abd4a3987ca660b054147358764e9f75867a955f719159228e178b0
SSDEEP

98304:+7RiBKLjlh6sGqSycKrc/JDTfyQ3lcp4TXkBkjtztbH0:+ECjlIASyoF3lckX+kjtztbH0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/WINMM.dll

Files

5dc2131b756479ca134a42f150f58e42.XZ
.7z

Password: QAU741
DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/01 DEMANDA LABORAL POR ABUSO DE CONFIANZA.exe
.exe windows:6 windows x64 arch:x64

Password: QAU741

316783ff6558dc4e06512defba4ab2f0

Code Sign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28-07-2021 00:00

Not After

27-07-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:b5:ef:73:bf:b2:51:2b:a8:94:01:22:31:3d:38:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10-10-2024 00:00

Not After

13-01-2025 23:59

Subject

SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26-09-2024 00:00

Not After

25-11-2035 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13-01-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

28-07-2021 00:00

Not After

27-07-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:b5:ef:73:bf:b2:51:2b:a8:94:01:22:31:3d:38:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA256 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

10-10-2024 00:00

Not After

13-01-2025 23:59

Subject

SERIALNUMBER=4969967,CN=Zoom Video Communications\, Inc.,O=Zoom Video Communications\, Inc.,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

26-09-2024 00:00

Not After

25-11-2035 23:59

Subject

CN=DigiCert Timestamp 2024,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:c9:b4:d4:8e:6a:26:4b:00:e6:2a:b7:87:48:d1:b5:9f:6f:65:7e
Signer

Actual PE Digest

7b:c9:b4:d4:8e:6a:26:4b:00:e6:2a:b7:87:48:d1:b5:9f:6f:65:7e

Digest Algorithm

sha1

PE Digest Matches

true

53:df:42:a1:8d:83:4d:28:14:bc:18:84:5d:02:10:cb:50:0f:ac:2e:21:dc:8e:ba:fa:9e:9d:bf:fe:60:93:45
Signer

Actual PE Digest

53:df:42:a1:8d:83:4d:28:14:bc:18:84:5d:02:10:cb:50:0f:ac:2e:21:dc:8e:ba:fa:9e:9d:bf:fe:60:93:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\jenkins\workspace\Client.den\Client\Windows\release\Bin\x64\Release\ZoomOutlookMAPI64.pdb

Imports

kernel32

ReadFile
FindFirstFileW
HeapFree
SetLastError
GetFullPathNameW
FindNextFileW
GetCurrentProcess
WriteFile
RemoveDirectoryW
SetFilePointer
SetEndOfFile
GetTempPathW
FindClose
CreateFileW
GetFileAttributesW
MultiByteToWideChar
DeleteFileW
HeapAlloc
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileExW
GetFileSize
GetProcessHeap
WideCharToMultiByte
SystemTimeToTzSpecificLocalTime
GetTempFileNameW
MoveFileW
FlushFileBuffers
TryEnterCriticalSection
SuspendThread
ResumeThread
SetEvent
ResetEvent
SwitchToThread
GetDynamicTimeZoneInformation
GetTimeZoneInformation
LocalFileTimeToFileTime
OutputDebugStringW
QueryPerformanceFrequency
FileTimeToLocalFileTime
GetProcAddress
GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
GetModuleHandleA
CancelIo
CreateNamedPipeW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
ConnectNamedPipe
OutputDebugStringA
CreateProcessW
CreateDirectoryW
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GlobalMemoryStatusEx
FreeLibrary
LoadLibraryW
CreateMutexW
ReleaseMutex
OpenProcess
GetTickCount
GetFileTime
VirtualProtect
ReleaseSemaphore
TerminateProcess
WaitForMultipleObjects
FileTimeToSystemTime
CreateToolhelp32Snapshot
Process32NextW
CreateFileA
Process32FirstW
GetWindowsDirectoryW
VerSetConditionMask
CreateSemaphoreW
FlushInstructionCache
VerifyVersionInfoW
CreateDirectoryA
SetDllDirectoryW
VirtualQuery
LoadLibraryExW
SetErrorMode
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalAlloc
GlobalFree
GetCommandLineW
RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
GetLocaleInfoW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
CloseHandle
SetConsoleCtrlHandler
CreateThread
SystemTimeToFileTime
PulseEvent
TerminateThread
Sleep
CreateEventW
WaitForSingleObject
FormatMessageA
GetCurrentProcessId
DeleteCriticalSection
LocalFree
DecodePointer
RaiseException
GetLastError
CompareStringA
FormatMessageW
GetCurrentThreadId
InitializeCriticalSectionEx
GetModuleFileNameW
GetExitCodeProcess
IsBadReadPtr
K32GetModuleBaseNameW
GetEnvironmentVariableW
AddVectoredContinueHandler
MapViewOfFile
CreateFileMappingW
GetSystemInfo
UnmapViewOfFile
OpenThread
HeapDestroy
FindResourceW
LoadResource
FindResourceExW
LockResource
SizeofResource
GetCommandLineA
GetStdHandle
GetConsoleMode
GetConsoleCP
PeekNamedPipe
GetFileType
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
HeapSize
ReadConsoleW
SetStdHandle
HeapReAlloc
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
CompareStringW
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObjectEx
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetDriveTypeW
GetFileInformationByHandle

user32

PostThreadMessageW
GetMessageW
LoadStringW
DispatchMessageW
SetTimer
LoadStringA
UnregisterClassW
TranslateMessage
CallWindowProcW
KillTimer
GetClassInfoExW
EnumThreadWindows
LoadCursorW
MsgWaitForMultipleObjectsEx
CharUpperW
IsWindow
RegisterClassExW
GetWindowLongPtrW
CreateWindowExW
SetWindowLongPtrW
IsWindowVisible
DestroyWindow
SendMessageTimeoutW
PeekMessageW
DefWindowProcW
GetUserObjectInformationA
GetProcessWindowStation
MessageBoxW
wsprintfW

advapi32

RevertToSelf
SetTokenInformation
AllocateAndInitializeSid
CreateWellKnownSid
ImpersonateLoggedOnUser
CreateRestrictedToken
FreeSid
DuplicateTokenEx
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegGetValueW
OpenProcessToken
GetTokenInformation

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHGetFolderPathW

ole32

CoCreateInstance
CLSIDFromString
CoTaskMemFree
CoCreateGuid
StringFromCLSID
CoInitializeEx

oleaut32

VariantChangeType
VariantClear

shlwapi

PathFileExistsW
PathIsRelativeW
PathAppendW

mapi32

ord23
ord140
ord19
ord21
ord11
ord17

psapi

GetModuleFileNameExW
GetModuleInformation
EnumProcessModules

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain

crypt32

CertGetNameStringW

rpcrt4

RpcStringFreeA
UuidToStringA

Exports

Exports

??0?$CStringT@D@Cmm@@QEAA@$$QEAV01@@Z
??0?$CStringT@D@Cmm@@QEAA@$$QEAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$CStringT@D@Cmm@@QEAA@AEBV01@@Z
??0?$CStringT@D@Cmm@@QEAA@AEBV01@_K@Z
??0?$CStringT@D@Cmm@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0?$CStringT@D@Cmm@@QEAA@PEBD@Z
??0?$CStringT@D@Cmm@@QEAA@PEBD_K@Z
??0?$CStringT@D@Cmm@@QEAA@V?$CRangeT@PEBD@1@@Z
??0?$CStringT@D@Cmm@@QEAA@XZ
??0?$CStringT@_W@Cmm@@QEAA@$$QEAV01@@Z
??0?$CStringT@_W@Cmm@@QEAA@$$QEAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0?$CStringT@_W@Cmm@@QEAA@AEBV01@@Z
??0?$CStringT@_W@Cmm@@QEAA@AEBV01@_K@Z
??0?$CStringT@_W@Cmm@@QEAA@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0?$CStringT@_W@Cmm@@QEAA@PEB_W@Z
??0?$CStringT@_W@Cmm@@QEAA@PEB_W_K@Z
??0?$CStringT@_W@Cmm@@QEAA@V?$CRangeT@PEB_W@1@@Z
??0?$CStringT@_W@Cmm@@QEAA@XZ
??0?$CmmMessageTemplate_10@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@V32@@Archive@Cmm@@QEAA@PEBDH0000000000@Z
??0?$CmmMessageTemplate_10@V?$CStringT@D@Cmm@@V12@V12@V12@V12@V12@V12@V12@HH@Archive@Cmm@@QEAA@PEBDH0000000000@Z
??0?$CmmMessageTemplate_10@V?$CStringT@_W@Cmm@@IHIHV12@H_KHH@Archive@Cmm@@QEAA@PEBDH0000000000@Z
??0?$CmmMessageTemplate_10@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J_JHHH@Archive@Cmm@@QEAA@PEBDH0000000000@Z
??0?$CmmMessageTemplate_10@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@HHV12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000000@Z
??0?$CmmMessageTemplate_10@_JV?$CStringT@D@Cmm@@V12@_JV12@V12@V12@V12@V12@V?$CStringT@_W@2@@Archive@Cmm@@QEAA@PEBDH0000000000@Z
??0?$CmmMessageTemplate_11@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@V32@V32@@Archive@Cmm@@QEAA@PEBDH00000000000@Z
??0?$CmmMessageTemplate_11@V?$CStringT@_W@Cmm@@IHIHV12@H_KHHI@Archive@Cmm@@QEAA@PEBDH00000000000@Z
??0?$CmmMessageTemplate_11@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J_JHHHH@Archive@Cmm@@QEAA@PEBDH00000000000@Z
??0?$CmmMessageTemplate_12@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@V32@V32@V12@@Archive@Cmm@@QEAA@PEBDH000000000000@Z
??0?$CmmMessageTemplate_12@V?$CStringT@_W@Cmm@@IHIHV12@H_KHHI_K@Archive@Cmm@@QEAA@PEBDH000000000000@Z
??0?$CmmMessageTemplate_12@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J_JHHHHH@Archive@Cmm@@QEAA@PEBDH000000000000@Z
??0?$CmmMessageTemplate_13@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@V32@V32@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000000000@Z
??0?$CmmMessageTemplate_13@V?$CStringT@_W@Cmm@@IHIHV12@H_KHHI_KH@Archive@Cmm@@QEAA@PEBDH0000000000000@Z
??0?$CmmMessageTemplate_14@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@V32@V32@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000000000000@Z
??0?$CmmMessageTemplate_14@V?$CStringT@_W@Cmm@@IHIHV12@H_KHHI_KHI@Archive@Cmm@@QEAA@PEBDH00000000000000@Z
??0?$CmmMessageTemplate_15@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@V32@V32@V12@V12@V12@V32@@Archive@Cmm@@QEAA@PEBDH000000000000000@Z
??0?$CmmMessageTemplate_15@V?$CStringT@_W@Cmm@@IHIHV12@H_KHHI_KHII@Archive@Cmm@@QEAA@PEBDH000000000000000@Z
??0?$CmmMessageTemplate_1@H@Archive@Cmm@@QEAA@PEBDH0@Z
??0?$CmmMessageTemplate_1@I@Archive@Cmm@@QEAA@PEBDH0@Z
??0?$CmmMessageTemplate_1@V?$CStringT@D@Cmm@@@Archive@Cmm@@QEAA@PEBDH0@Z
??0?$CmmMessageTemplate_1@V?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH0@Z
??0?$CmmMessageTemplate_1@_J@Archive@Cmm@@QEAA@PEBDH0@Z
??0?$CmmMessageTemplate_1@_K@Archive@Cmm@@QEAA@PEBDH0@Z
??0?$CmmMessageTemplate_2@HH@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@HI@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@HV?$CStringT@D@Cmm@@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@HV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@H_J@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@IH@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@II@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@IV?$CStringT@D@Cmm@@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@IV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@D@Cmm@@H@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@D@Cmm@@I@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@D@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@D@Cmm@@V?$CStringT@_W@2@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@D@Cmm@@_J@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@_W@Cmm@@H@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@_W@Cmm@@I@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@_W@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@_W@Cmm@@V?$CStringT@D@2@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@_W@Cmm@@_J@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@V?$CStringT@_W@Cmm@@_K@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@_JH@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@_JV?$CStringT@D@Cmm@@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@_JV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_2@_KI@Archive@Cmm@@QEAA@PEBDH00@Z
??0?$CmmMessageTemplate_3@HHH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HHV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HIH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HII@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HV?$CStringT@D@Cmm@@H@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HV?$CStringT@D@Cmm@@I@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HV?$CStringT@D@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HV?$CStringT@_W@Cmm@@H@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HV?$CStringT@_W@Cmm@@I@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@HV?$CStringT@_W@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@H_JV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IHI@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IHV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IIH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@III@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IIV?$CStringT@D@Cmm@@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IV?$CStringT@D@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IV?$CStringT@_W@Cmm@@H@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IV?$CStringT@_W@Cmm@@I@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@IV?$CStringT@_W@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@HH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@HV12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@H_J@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@IH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@II@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@IV12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@V12@I@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@V?$CStringT@_W@2@V32@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@D@Cmm@@_JV12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@HH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@HI@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@HV12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@HV?$CStringT@D@2@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@IH@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@II@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@IV12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@V12@H@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@V12@_J@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@_JI@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@_J_J@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@V?$CStringT@_W@Cmm@@_K_J@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@_JV?$CStringT@D@Cmm@@I@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@_JV?$CStringT@D@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@_JV?$CStringT@_W@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@_KII@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_3@_KI_K@Archive@Cmm@@QEAA@PEBDH000@Z
??0?$CmmMessageTemplate_4@HHHH@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HHHV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HIHI@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HV?$CStringT@D@Cmm@@II@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HV?$CStringT@D@Cmm@@V12@H@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HV?$CStringT@D@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HV?$CStringT@_W@Cmm@@HV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HV?$CStringT@_W@Cmm@@V12@H@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@HV?$CStringT@_W@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@IHIH@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@IHII@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@IHV?$CStringT@_W@Cmm@@_J@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@IIV?$CStringT@D@Cmm@@I@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@IV?$CStringT@_W@Cmm@@IV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@IV?$CStringT@_W@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@HHH@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@HHV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@HV12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@IHV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@III@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@IV12@H@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@V12@IV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@V12@V12@H@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@V12@V12@I@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@V?$CStringT@_W@2@V32@V32@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@D@Cmm@@_JV12@H@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@HHH@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@HII@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@HIV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@IHI@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@IV12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@HH@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@HV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@V12@H@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@V12@I@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@V12@V?$CStringT@D@2@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@V12@V12@_J@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@_JII@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@_J_JV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@V?$CStringT@_W@Cmm@@_K_JI@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@_JV?$CStringT@D@Cmm@@IV12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@_JV?$CStringT@D@Cmm@@V12@_J@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@_JV?$CStringT@_W@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_4@_KI_K_K@Archive@Cmm@@QEAA@PEBDH0000@Z
??0?$CmmMessageTemplate_5@HHHHV?$CStringT@_W@Cmm@@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HHHV?$CStringT@_W@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HV?$CStringT@D@Cmm@@III@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HV?$CStringT@D@Cmm@@V12@V12@H@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HV?$CStringT@_W@Cmm@@V12@HH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HV?$CStringT@_W@Cmm@@V12@V12@H@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HV?$CStringT@_W@Cmm@@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@HV?$CStringT@_W@Cmm@@V12@V12@_K@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@IHIHI@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@IV?$CStringT@_W@Cmm@@IV12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@IV?$CStringT@_W@Cmm@@V12@V12@I@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@IV?$CStringT@_W@Cmm@@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@HHV12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@HV12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@HV12@V12@_J@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@IHV12@I@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@IIIH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@V12@IV12@_J@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@V12@V12@HH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@V?$CStringT@_W@2@V32@V32@V32@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@D@Cmm@@_JV12@HV12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@HHHH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@HIIV12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@IHIH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@IV12@V12@I@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@IV12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@HHH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@HV12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@V12@HV12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@V12@IH@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@V12@II@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@V12@V12@V?$CStringT@D@2@H@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@V?$CStringT@_W@Cmm@@_J_JV12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@_JV?$CStringT@D@Cmm@@IV12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@_JV?$CStringT@D@Cmm@@V12@_JV12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@_JV?$CStringT@_W@Cmm@@V12@V12@I@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_5@_JV?$CStringT@_W@Cmm@@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000@Z
??0?$CmmMessageTemplate_6@HHHHV?$CStringT@_W@Cmm@@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@HHHV?$CStringT@_W@Cmm@@V12@H@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@HHHV?$CStringT@_W@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@HV?$CStringT@D@Cmm@@IIII@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@HV?$CStringT@D@Cmm@@V12@V12@HV12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@HV?$CStringT@_W@Cmm@@V12@V12@HH@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@HV?$CStringT@_W@Cmm@@V12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@IV?$CStringT@_W@Cmm@@IV12@V12@H@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@IV?$CStringT@_W@Cmm@@V12@V12@II@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@IV?$CStringT@_W@Cmm@@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@IV?$CStringT@_W@Cmm@@V12@V12@V12@_J@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@D@Cmm@@HV12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@D@Cmm@@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@D@Cmm@@V?$CStringT@_W@2@V32@V32@V32@V32@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@HHHHH@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@HIIV12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@IHIHV12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@IV12@V12@II@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@V12@HHHH@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@V12@V12@V12@HH@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@V?$CStringT@_W@Cmm@@_J_JV12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@_JV?$CStringT@D@Cmm@@IV12@V12@H@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@_JV?$CStringT@D@Cmm@@V12@_JV12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_6@_JV?$CStringT@_W@Cmm@@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000@Z
??0?$CmmMessageTemplate_7@HHHHV?$CStringT@_W@Cmm@@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@HHHV?$CStringT@_W@Cmm@@V12@HV12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@HHHV?$CStringT@_W@Cmm@@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@HV?$CStringT@D@Cmm@@V12@V12@HV12@H@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@IV?$CStringT@_W@Cmm@@V12@V12@III@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@IV?$CStringT@_W@Cmm@@V12@V12@V12@V12@I@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@IV?$CStringT@_W@Cmm@@V12@V12@V12@_JV12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@D@Cmm@@V12@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@D@Cmm@@V?$CStringT@_W@2@V32@V32@V32@V32@V32@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@HHHHHH@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@HIIV12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@IHIHV12@H@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@IV12@V12@II_J@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J_J@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@V12@HHHHV12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@HH@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@V?$CStringT@_W@Cmm@@_J_JV12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@_JV?$CStringT@D@Cmm@@IV12@V12@HH@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@_JV?$CStringT@D@Cmm@@V12@_JV12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_7@_JV?$CStringT@_W@Cmm@@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH0000000@Z
??0?$CmmMessageTemplate_8@HHHV?$CStringT@_W@Cmm@@V12@HV12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@HHHV?$CStringT@_W@Cmm@@V12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@IV?$CStringT@_W@Cmm@@V12@V12@IIII@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@IV?$CStringT@_W@Cmm@@V12@V12@V12@_JV12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@D@Cmm@@V12@V12@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@HIIV12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@IHIHV12@H_K@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@IV12@V12@II_JI@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J_JH@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@V12@HHHHV12@H@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@HHV12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@V?$CStringT@_W@Cmm@@_J_JV12@V12@V12@HH@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@_JV?$CStringT@D@Cmm@@IV12@V12@HH_J@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_8@_JV?$CStringT@D@Cmm@@V12@_JV12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH00000000@Z
??0?$CmmMessageTemplate_9@IHV?$CStringT@_W@Cmm@@_JV?$CStringT@D@2@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@V?$CStringT@D@Cmm@@V12@V12@V12@V12@V12@V12@V12@H@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@V?$CStringT@D@Cmm@@V12@V12@V12@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@V?$CStringT@_W@Cmm@@IHIHV12@H_KH@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@V?$CStringT@_W@Cmm@@IV12@V12@V12@_J_JHH@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@HHV12@V12@@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@V?$CStringT@_W@Cmm@@V12@V12@V12@V12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0?$CmmMessageTemplate_9@_JV?$CStringT@D@Cmm@@V12@_JV12@V12@V12@V12@V12@@Archive@Cmm@@QEAA@PEBDH000000000@Z
??0CAtomicInt@Cmm@@QEAA@J@Z
??0CClock@Cmm@@QEAA@XZ
??0CCmmArchiveObjHelper@Cmm@@QEAA@PEBD@Z
??0CCmmArchiveObjHelper@Cmm@@QEAA@PEBEI@Z
??0CCmmArchivePackageTree@Archive@Cmm@@QEAA@XZ
??0CCmmArchivePath@Cmm@@QEAA@AEBV?$CStringT@_W@1@@Z
??0CCmmArchiveServiceImp@Archive@Cmm@@QEAA@XZ
??0CCmmArchiveTreeNode@Archive@Cmm@@QEAA@XZ
??0CCmmArchiveVarivant@Cmm@@QEAA@AEBV01@@Z
??0CCmmArchiveVarivant@Cmm@@QEAA@XZ
??0CCmmPerfTelemetry@@QEAA@XZ
??0CCmmPerfTelemetryEventWOStack@@QEAA@AEBV0@@Z
??0CCmmPerfTelemetryEventWOStack@@QEAA@UPerfMetricsEvents_s@ZoomPTPAAP@@AEBV?$map@W4e_chat_perfmetrics_Perfmetrics_event_tag_str@@V?$CStringT@D@Cmm@@U?$less@W4e_chat_perfmetrics_Perfmetrics_event_tag_str@@@std@@V?$allocator@U?$pair@$$CBW4e_chat_perfmetrics_Perfmetrics_event_tag_str@@V?$CStringT@D@Cmm@@@std@@@5@@std@@AEBV?$map@W4e_chat_perfmetrics_Perfmetrics_event_tag_int@@_JU?$less@W4e_chat_perfmetrics_Perfmetrics_event_tag_int@@@std@@V?$allocator@U?$pair@$$CBW4e_chat_perfmetrics_Perfmetrics_event_tag_int@@_J@std@@@3@@4@@Z
??0CCmmPerfTelemetryEventWStack@@QEAA@AEBV0@@Z
??0CCmmPerfTelemetryEventWStack@@QEAA@UPerfMetricsEvents_s@ZoomPTPAAP@@AEBV?$map@W4e_chat_perfmetrics_Perfmetrics_event_tag_str@@V?$CStringT@D@Cmm@@U?$less@W4e_chat_perfmetrics_Perfmetrics_event_tag_str@@@std@@V?$allocator@U?$pair@$$CBW4e_chat_perfmetrics_Perfmetrics_event_tag_str@@V?$CStringT@D@Cmm@@@std@@@5@@std@@AEBV?$map@W4e_chat_perfmetrics_Perfmetrics_event_tag_int@@_JU?$less@W4e_chat_perfmetrics_Perfmetrics_event_tag_int@@@std@@V?$allocator@U?$pair@$$CBW4e_chat_perfmetrics_Perfmetrics_event_tag_int@@_J@std@@@3@@4@AEBV?$CStringT@_W@Cmm@@H@Z
??0CCmmPerfTelemetryLog@@QEAA@AEBV0@@Z
??0CCmmPerfTelemetryLog@@QEAA@AEBV?$CStringT@D@Cmm@@0H0@Z
??0CCmmPerfTelemetryStacks@@QEAA@AEBV0@@Z
??0CCmmPerfTelemetryStacks@@QEAA@AEBV?$CStringT@D@Cmm@@0H@Z
??0CCritical@Cmm@@QEAA@XZ
??0CEvent@Cmm@@QEAA@XZ
??0CFile@Cmm@@QEAA@PEAX@Z
??0CFileName@Cmm@@QEAA@$$QEAV01@@Z
??0CFileName@Cmm@@QEAA@AEBV01@@Z
??0CFileName@Cmm@@QEAA@XZ
??0CIPCChannelThread@ssb_ipc@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4ChannelMode@1@PEAVListener@Channel@1@H@Z
??0CIPCChannelThread@ssb_ipc@@QEAA@W4ChannelMode@1@PEAVListener@Channel@1@HPEAX@Z
??0CMutex@Cmm@@QEAA@XZ
??0CPU@Cmm@@QEAA@$$QEAV01@@Z
??0CPU@Cmm@@QEAA@AEBV01@@Z
??0CPU@Cmm@@QEAA@XZ
??0CRefThread@Cmm@@QEAA@XZ
??0CSBMBMessage_AddClientLog@@QEAA@XZ
??0CSBMBMessage_AddToCameraControlGroup@@QEAA@XZ
??0CSBMBMessage_AppSupportNewWhiteBoardSetting@@QEAA@XZ
??0CSBMBMessage_Assisant_Keybase@@QEAA@XZ
??0CSBMBMessage_Assistant_Audio_Configure_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Audio_Configure_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Bind_Audio_To_Txchannel_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Bind_Audio_To_Txchannel_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Clear_All_Audio_From_Txchannel_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Network_Audio_Config_Proxy_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Network_Audio_Config_Proxy_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Network_Audio_Stop_Proxy_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Unbind_Audio_From_Txchannel_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Unbind_Audio_From_Txchannel_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Unbind_Channel_Audio_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Broadcast_Unbind_Channel_Audio_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_CEC_LoadResponse@@QEAA@XZ
??0CSBMBMessage_Assistant_CEC_PowerOnResponse@@QEAA@XZ
??0CSBMBMessage_Assistant_CEC_StandByResponse@@QEAA@XZ
??0CSBMBMessage_Assistant_CEC_UnloadResponse@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_CallDeviceSucceedNotify@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_DevicesPreparedNotify@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_DevicesUpdatedNotify@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_DoOperationRequest@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_ExecuteRuleRequest@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_ExecuteSceneRequest@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_LoadRequest@@QEAA@XZ
??0CSBMBMessage_Assistant_ControlSystem_ScenesPreparedNotify@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Conf_Render_Change@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Get_Service_Status_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Identify_Device_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Identify_Device_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Load_Service_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Load_Service_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Network_Device_Added_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Network_Device_List_Refresh_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Network_Device_Removed_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Network_Device_Update_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Service_Components_Change_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Service_Ready_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Service_Refresh_Device_List_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Set_Selected_Device_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Set_Selected_Device_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Sip_Audio_Render_Change_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Sip_Render_Change@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Unload_Service_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Unload_Service_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Unset_Selected_Device_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Unset_Selected_Device_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_DAL_Service_Use_Dante_Controller@@QEAA@XZ
??0CSBMBMessage_Assistant_Exit_Process@@QEAA@XZ
??0CSBMBMessage_Assistant_LineCallMergedNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_AudioDeviceFailNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_AutoRecordingEvent@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_CallOperationFailNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_CallUpdateKeyValueNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_CallUpdateKeyValueNotificationWithCallID@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_CheckNomadic911Request@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_JoinMeetingRequest@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_LineCallTerminatedNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_MergeCallHostChanged@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_MergeCallResponse@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_MessageCountChanged@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_MessageUploadMemLog@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnCallIncomingNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnCallMediaStatusUpdateNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnCallRecordingResultNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnCallRecordingStatusUpdateNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnCallStatusUpdateNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnCallTransferResultNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnRegistrarNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_OnSIPServiceStatusChangedNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_ReceiveRealtimePolicesNotification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_RemoteMergerEvent@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_SuspendToResume@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_SwitchCallToCarrierResponse@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_UpgradeToMeetingRequest@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_Virtual_Microphone_Create_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_Virtual_Microphone_Created_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_Virtual_Microphone_Destroy_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_Virtual_Microphone_Error_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_Virtual_Speaker_Create_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_Virtual_Speaker_Destroy_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_SIP_WMIActive@@QEAA@XZ
??0CSBMBMessage_Assistant_Virtual_Audio_Register_Capturer_Proxy_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Virtual_Audio_Start_Capture_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Virtual_Audio_Stop_Capture_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Voice_Command_Action_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Voice_Command_Data_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Voice_Command_Data_Response@@QEAA@XZ
??0CSBMBMessage_Assistant_Voice_Command_Start_Request@@QEAA@XZ
??0CSBMBMessage_Assistant_Voice_Command_Status_Notification@@QEAA@XZ
??0CSBMBMessage_Assistant_Voice_Command_UI_Update_Request@@QEAA@XZ
??0CSBMBMessage_Audio3rdSDK_AudioCmdNotify@@QEAA@XZ
??0CSBMBMessage_Audio3rdSDK_AudioCmdRequest@@QEAA@XZ
??0CSBMBMessage_AudioFacilityStatus@@QEAA@XZ
??0CSBMBMessage_AvatarDataRequest@@QEAA@XZ
??0CSBMBMessage_AvatarDataResponse@@QEAA@XZ
??0CSBMBMessage_CCIScreenRecordingNotify@@QEAA@XZ
??0CSBMBMessage_CCIScreenRecordingRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoAssignAndNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoAudioChangeNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoAvatarConfigRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoCancelInviteByPhoneRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoChangeBtnStatusRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoChangeHostRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoChangeRecordStatusRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoCreateEmbedWindowNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoCreateEmbedWindowRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoDestroyEmbedWindowNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoDestroyEmbedWindowRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoEmbedWindowSendMsgRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoEmbedWndResourceLoadErrorNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoEndDropDownClickBtnNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoEndDropdownButtonClickConfirmRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoEndVideoNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoEndVideoRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoEventReportNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoGetCurrentUserRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoGetCurrentUserResponse@@QEAA@XZ
??0CSBMBMessage_CCIVideoGetSupportCountryInfoRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoGetSupportCountryInfoResponse@@QEAA@XZ
??0CSBMBMessage_CCIVideoGetUserListRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoGetUserListResponse@@QEAA@XZ
??0CSBMBMessage_CCIVideoHoldStatusChangeNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoHostChangeNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoInviteByPhoneRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoInviteByPhoneStatusNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoJoinMeetingRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoJoinMeetingResponse@@QEAA@XZ
??0CSBMBMessage_CCIVideoMuteAudioRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnClosedCaptionChanged@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnEmbedWindowSendMsgRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnLiveCaptionChange@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnLiveTranscriptionMsgError@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnLiveTranscriptionMsgReceived@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnLiveTranscriptionStatusNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnUserJoinNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnUserLeaveNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoOnUserUpdatedNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoOpenURLWithDefaultBrowser@@QEAA@XZ
??0CSBMBMessage_CCIVideoPTQuitNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoPopUpWndShowStatusChangeNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoReceiveCommandNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoRecordingStateChangeNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoRemoveUserRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSendCommandRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSetDomainRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSetEndButtonDropdowRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSetEndButtonTextRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSetFullScreenRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSetVBRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSettingsSyncFromPTRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoSettingsSyncToPTRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoShowEmbedWindowNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoShowEmbedWindowRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoShowVideoAvatarRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoUseAudioRequest@@QEAA@XZ
??0CSBMBMessage_CCIVideoUserDataUpdateNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoWarmTransferNotify@@QEAA@XZ
??0CSBMBMessage_CCIVideoWarmTransferRequest@@QEAA@XZ
??0CSBMBMessage_CDNEventIndication@@QEAA@XZ
??0CSBMBMessage_CameraControlGroupAdded@@QEAA@XZ
??0CSBMBMessage_CameraControlGroupFetched@@QEAA@XZ
??0CSBMBMessage_CameraControlGroupRemoved@@QEAA@XZ
??0CSBMBMessage_CancelDownloadComponent@@QEAA@XZ
??0CSBMBMessage_ChatWithBuddy@@QEAA@XZ
??0CSBMBMessage_CheckInSessionReq@@QEAA@XZ
??0CSBMBMessage_CheckInSessionRsp@@QEAA@XZ
??0CSBMBMessage_CheckNomadic911_Notification@@QEAA@XZ
??0CSBMBMessage_Client3rdSDK_SDKCmdNotify@@QEAA@XZ
??0CSBMBMessage_Client3rdSDK_SDKCmdRequest@@QEAA@XZ
??0CSBMBMessage_CompanionTokenRequest@@QEAA@XZ
??0CSBMBMessage_CompanionTokenResponse@@QEAA@XZ
??0CSBMBMessage_ComponentDownloadResult@@QEAA@XZ
??0CSBMBMessage_ConfGetZRMeetingInfoReq@@QEAA@XZ
??0CSBMBMessage_ConfInterProcessAudioSharingServiceRegisterRequest@@QEAA@XZ
??0CSBMBMessage_ConfInterProcessAudioSharingServiceRegisterResponse@@QEAA@XZ
??0CSBMBMessage_ConfInterProcessAudioSharingServiceUnregisterResponse@@QEAA@XZ
??0CSBMBMessage_ConfirmConfLeave@@QEAA@XZ
??0CSBMBMessage_ConfirmRecaptcha@@QEAA@XZ
??0CSBMBMessage_Doc2ImgCancelConvertRequest@@QEAA@XZ
??0CSBMBMessage_Doc2ImgCancelConvertResponse@@QEAA@XZ
??0CSBMBMessage_Doc2ImgConvertFinish@@QEAA@XZ
??0CSBMBMessage_Doc2ImgConvertProgress@@QEAA@XZ
??0CSBMBMessage_Doc2ImgStartConvertRequest@@QEAA@XZ
??0CSBMBMessage_Doc2ImgStartConvertResponse@@QEAA@XZ
??0CSBMBMessage_DocsShareStartMeetingCollaboratorsInviteInfo@@QEAA@XZ
??0CSBMBMessage_ECDNInfo@@QEAA@XZ
??0CSBMBMessage_ECDNSetBackupSuperNodeInfo@@QEAA@XZ
??0CSBMBMessage_ECDNUpdateSuperNodeMaxLoad@@QEAA@XZ
??0CSBMBMessage_EnableQualtricsFeedback@@QEAA@XZ
??0CSBMBMessage_EnableSubscribePresence@@QEAA@XZ

Sections

.text
Size: 1001KB - Virtual size: 1001KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 967KB - Virtual size: 966KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PROPSEC
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/WINMM.dll
.dll windows:4 windows x64 arch:x64

Password: QAU741

c2c37be9ebcc1244b1ca533df5a6590f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
abort
calloc
fputc
free
fwrite
localeconv
malloc
memcpy
memset
puts
realloc
strerror
strlen
strncmp
vfprintf
wcslen

Exports

Exports

timeBeginPeriod
timeEndPeriod
timeGetTime

Sections

.text
Size: 790KB - Virtual size: 789KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: QAU741

Password: QAU741

316783ff6558dc4e06512defba4ab2f0

Code Sign

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8fCertificate

Extended Key Usages

Key Usages

04:b5:ef:73:bf:b2:51:2b:a8:94:01:22:31:3d:38:20Certificate

Extended Key Usages

Key Usages

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31Certificate

Extended Key Usages

Key Usages

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8fCertificate

Extended Key Usages

Key Usages

04:b5:ef:73:bf:b2:51:2b:a8:94:01:22:31:3d:38:20Certificate

Extended Key Usages

Key Usages

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

7b:c9:b4:d4:8e:6a:26:4b:00:e6:2a:b7:87:48:d1:b5:9f:6f:65:7eSigner

53:df:42:a1:8d:83:4d:28:14:bc:18:84:5d:02:10:cb:50:0f:ac:2e:21:dc:8e:ba:fa:9e:9d:bf:fe:60:93:45Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

mapi32

psapi

winmm

wintrust

crypt32

rpcrt4

Exports

Exports

Sections

.text Size: 1001KB - Virtual size: 1001KB

.rdata Size: 967KB - Virtual size: 966KB

.data Size: 82KB - Virtual size: 91KB

.pdata Size: 56KB - Virtual size: 55KB

_RDATA Size: 512B - Virtual size: 244B

.PROPSEC Size: 4KB - Virtual size: 3KB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 17KB - Virtual size: 16KB

Password: QAU741

c2c37be9ebcc1244b1ca533df5a6590f

Headers

File Characteristics

Imports

kernel32

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

04:b5:ef:73:bf:b2:51:2b:a8:94:01:22:31:3d:38:20
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

0f:d1:bb:ca:79:6b:d7:f8:dd:4c:82:e1:0a:9a:96:31
Certificate

0e:4d:67:f6:43:16:c9:2a:3b:7a:17:cc:46:97:6a:8f
Certificate

04:b5:ef:73:bf:b2:51:2b:a8:94:01:22:31:3d:38:20
Certificate

0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

7b:c9:b4:d4:8e:6a:26:4b:00:e6:2a:b7:87:48:d1:b5:9f:6f:65:7e
Signer

53:df:42:a1:8d:83:4d:28:14:bc:18:84:5d:02:10:cb:50:0f:ac:2e:21:dc:8e:ba:fa:9e:9d:bf:fe:60:93:45
Signer

.text
Size: 1001KB - Virtual size: 1001KB

.rdata
Size: 967KB - Virtual size: 966KB

.data
Size: 82KB - Virtual size: 91KB

.pdata
Size: 56KB - Virtual size: 55KB

_RDATA
Size: 512B - Virtual size: 244B

.PROPSEC
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 790KB - Virtual size: 789KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 4.2MB - Virtual size: 4.2MB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 122B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 80B