d:\IM\imclient\Release\GarenaMessenger.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
JaffaCakes118_e2999167e22d243bf0f7bc4446c7dd06.exe
Resource
win7-20241010-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
JaffaCakes118_e2999167e22d243bf0f7bc4446c7dd06.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
JaffaCakes118_e2999167e22d243bf0f7bc4446c7dd06
-
Size
2.0MB
-
MD5
e2999167e22d243bf0f7bc4446c7dd06
-
SHA1
6f98a7cd54b33a58fbe94d3479533cc73a6384a8
-
SHA256
9dadeca190813e3163e8ffc42a730fb808b8d9516915d353a27099fee378a5f4
-
SHA512
4d34e30491c969f2f514dc6084b05b3d5be67af3bc6a260bf2e18cfa4ac59443cd8071129d5042638dc30fd00eea6498c7ee1980ec504dd90c055e3935e39283
-
SSDEEP
24576:1XSainWrwCiZe+P2a2yOsY1FaompBurUCSf64F3yBPUaDmo2DPZ:1QEwLg+2a2yOsaNmKHSf6ZUaDmowPZ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource JaffaCakes118_e2999167e22d243bf0f7bc4446c7dd06
Files
-
JaffaCakes118_e2999167e22d243bf0f7bc4446c7dd06.exe windows:5 windows x86 arch:x86
df069bab6566b421d8a7053152f6e8e9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
ResumeThread
GetCurrentProcess
FlushInstructionCache
SetLastError
lstrcpyW
lstrcpynW
WideCharToMultiByte
CloseHandle
CreateMutexW
OpenMutexW
InitializeCriticalSection
lstrcmpiW
LoadLibraryExW
LCMapStringW
LCMapStringA
GetStringTypeExW
GetStringTypeExA
SetThreadPriority
QueryPerformanceCounter
IsDebuggerPresent
Sleep
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
DeleteFileW
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
InterlockedCompareExchange
GetUserDefaultLCID
CreateThread
GetCurrentProcessId
GlobalFree
GlobalAlloc
HeapFree
FindNextFileW
FindClose
lstrcpyA
GetVersionExW
FindResourceExW
LockResource
CreateEventA
OutputDebugStringW
WriteFile
SetUnhandledExceptionFilter
FindFirstFileW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
lstrlenW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
RaiseException
ReadFile
CreateEventW
SetEvent
GetTickCount
CreateSemaphoreA
GetSystemTimeAsFileTime
WaitForMultipleObjects
ReleaseSemaphore
WaitForSingleObject
CreateFileW
GetFileSize
InterlockedExchange
DeleteCriticalSection
GetCurrentThreadId
LoadLibraryW
GetProcessHeap
ExitProcess
user32
AttachThreadInput
GetForegroundWindow
GetWindowThreadProcessId
MoveWindow
SetForegroundWindow
IsWindowVisible
BringWindowToTop
SetClassLongW
OffsetRect
FlashWindow
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
DestroyWindow
CharNextW
SendMessageW
GetCursorPos
DestroyIcon
LoadIconW
RegisterWindowMessageW
SetTimer
KillTimer
CreateWindowExW
CallWindowProcW
SetWindowLongW
GetWindowLongW
IsWindow
GetClassInfoExW
LoadStringW
LoadStringA
UnregisterClassA
LoadCursorW
RegisterClassExW
MessageBoxW
GetDC
ReleaseDC
wsprintfW
SetWindowPos
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
GetWindow
GetParent
ShowWindow
GetActiveWindow
ClientToScreen
IsIconic
SystemParametersInfoW
PtInRect
PostQuitMessage
GetSystemMetrics
GetWindowPlacement
gdi32
GetObjectW
GetStockObject
DeleteObject
CreateDIBitmap
EnumFontFamiliesW
comdlg32
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
advapi32
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
shell32
ShellExecuteExW
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteW
SHGetSpecialFolderLocation
ole32
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
oleaut32
SysFreeString
VarUI4FromStr
msvcp90
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?overflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGG@Z
?pbackfail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGG@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?underflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?_Xsgetn_s@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHPA_WIH@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHPB_WH@Z
?seekoff@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE?AV?$fpos@H@2@JHH@Z
?seekpos@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_WH@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?length@?$char_traits@_W@std@@SAIPB_W@Z
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?eof@?$char_traits@_W@std@@SAGXZ
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??Bios_base@std@@QBEPAXXZ
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
?unsetf@ios_base@std@@QAEXH@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?precision@ios_base@std@@QAEHH@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?max_size@?$allocator@D@std@@QBEIXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
??0?$allocator@D@std@@QAE@ABV01@@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??1locale@std@@QAE@XZ
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
?assign@?$char_traits@_W@std@@SAXAA_WAB_W@Z
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?thousands_sep@?$numpunct@_W@std@@QBE_WXZ
?grouping@?$numpunct@_W@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0locale@std@@QAE@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0ABV12@@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$allocator@_W@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??1_Lockit@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$numpunct@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$numpunct@_W@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?assign@?$char_traits@D@std@@SAXAADABD@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?thousands_sep@?$numpunct@D@std@@QBEDXZ
?grouping@?$numpunct@D@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@0ABV12@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?max@?$numeric_limits@K@std@@SAKXZ
?min@?$numeric_limits@K@std@@SAKXZ
?max@?$numeric_limits@_J@std@@SA_JXZ
?min@?$numeric_limits@_J@std@@SA_JXZ
?_Getcat@?$numpunct@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$numpunct@D@std@@2V0locale@2@A
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@D@std@@2V0locale@2@A
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?fail@ios_base@std@@QBE_NXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@D@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHPA_WH@Z
shlwapi
StrCmpW
comctl32
InitCommonControlsEx
commonlib
ord2
?GetCount@CMyVector@Buffer@Common@@QBEHXZ
?GetAt@CMyVector@Buffer@Common@@QBE_NHPAVCMyBuffer@23@@Z
ord1
??1CMyVector@Buffer@Common@@QAE@XZ
??1CMyStringW@Buffer@Common@@QAE@XZ
?c_str@CMyStringW@Buffer@Common@@QBEPB_WXZ
?GetAppFolder@Path@Common@@YA?BHPAVCMyStringW@Buffer@2@@Z
??0CMyStringW@Buffer@Common@@QAE@XZ
?MakeSureDirectoryPathExists@Path@Common@@YAHPB_W@Z
??1CLocationInfo@Exception@Common@@QAE@XZ
??0CRunTimeException@Exception@Common@@QAE@PBVCLocationInfo@12@PBDK@Z
??0CLocationInfo@Exception@Common@@QAE@PBD0H@Z
??1CRunTimeException@Exception@Common@@QAE@XZ
??0CRunTimeException@Exception@Common@@QAE@ABV012@@Z
?GetDataLength@CMyBuffer@Buffer@Common@@QBEHXZ
?ToArray@CMyBuffer@Buffer@Common@@QBEPBDXZ
??1CMyBuffer@Buffer@Common@@QAE@XZ
??0CMyBuffer@Buffer@Common@@QAE@XZ
ord3
ord4
??0CMyVector@Buffer@Common@@QAE@XZ
dibmodule
??0CDibBitmap@DibNS@@QAE@XZ
?LoadAs32@CDibLoader@DibNS@@SA_NPB_WPAVCDibBitmap@2@@Z
?LoadAs32FromMemory@CDibLoader@DibNS@@SA_NPBDHPAVCDibBitmap@2@@Z
?IsFailed@CDibBitmap@DibNS@@QBE_NXZ
?GrayTo@CDibDrawAction@DibNS@@SA_NPAVCDibBitmap@2@PBV32@@Z
?StretchDrawTo@CDibDrawAction@DibNS@@SA_NPAVCDibBitmap@2@PBV32@ABUtagRECT@@2@Z
?Create@CDibBitmap@DibNS@@QAE_NHH@Z
?GetBitmapSize@CDibBitmap@DibNS@@QBE_NAAUtagSIZE@@@Z
?Free@CDibBitmap@DibNS@@QAEXXZ
?GetDibByteSize@CDibBitmap@DibNS@@QBEHXZ
?GetDibData@CDibBitmap@DibNS@@QBEPBXXZ
?CloneFrom@CDibBitmap@DibNS@@QAEXPAUHBITMAP__@@@Z
?Detach@CDibBitmap@DibNS@@QAEXXZ
?GetHandle@CDibBitmap@DibNS@@QBEPAUHBITMAP__@@XZ
?GetWriteDibData@CDibBitmap@DibNS@@QAEPAXXZ
?TransparentDrawTo@CDibDrawAction@DibNS@@SA_NPAVCDibBitmap@2@PBV32@HHPBUtagRECT@@K@Z
??1CDibBitmap@DibNS@@QAE@XZ
msvcr90
towupper
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
towlower
toupper
memmove
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?terminate@@YAXXZ
??3@YAXPAX@Z
__CxxFrameHandler3
free
??2@YAPAXI@Z
_recalloc
memmove_s
_CxxThrowException
memcpy_s
??_V@YAXPAX@Z
wcsstr
wcsncpy_s
memset
malloc
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0bad_cast@std@@QAE@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
_purecall
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
swprintf_s
strcpy
printf
memcpy
sprintf
strncpy
_time64
_gmtime64
strlen
labs
strcmp
atoi
atof
abs
_mktime64
_localtime64_s
wcsftime
wcslen
memcmp
_stricmp
strcpy_s
tolower
_vsnprintf
_vsnwprintf
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_controlfp_s
pluginkernel
ord3
ord1
ord6
fileloader
?FSListFileInFolder@@YA?AV?$vector@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?FSLoadFile@@YA_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PAV?$CMyVectorT@D@@_N@Z
?FSInit@@YAX_N@Z
iphlpapi
NotifyAddrChange
ws2_32
ntohl
getsockname
WSASocketW
inet_addr
htonl
ntohs
bind
socket
gethostname
WSAGetLastError
setsockopt
WSAStartup
WSACleanup
closesocket
recvfrom
sendto
select
htons
gethostbyname
sqlite3
sqlite3_column_double
sqlite3_column_int
sqlite3_column_text
sqlite3_column_count
sqlite3_vmprintf
sqlite3_mprintf
sqlite3_free
sqlite3_column_blob
sqlite3_column_name
sqlite3_column_decltype
sqlite3_column_type
sqlite3_errmsg
sqlite3_finalize
sqlite3_step
sqlite3_free_table
sqlite3_reset
sqlite3_changes
sqlite3_bind_text
sqlite3_bind_int
sqlite3_bind_double
sqlite3_bind_blob
sqlite3_bind_null
sqlite3_open
sqlite3_close
sqlite3_exec
sqlite3_get_table
sqlite3_prepare
sqlite3_busy_timeout
sqlite3_column_bytes
sqlite3_last_insert_rowid
versionmodule
?NeedUpdate@@YA_NPB_W@Z
?GetInfo@@YA_NPAI00@Z
winmm
PlaySoundW
pluginmodule
DeleteHost
InsertHost
RemoveNamedData
AddNamedData
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 227KB - Virtual size: 226KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Garena_I Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 75KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ