21012025_0936_package1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

21012025_0936_package1.zip
Size

20.2MB
MD5

43087e14441cffd015528e3a13b24253
SHA1

10af61b80d7b872c14af11779179e7bbddacd30d
SHA256

e4b210caea4432928727e860786c36e5ef6ecacced4b00374a049342d4b62183
SHA512

b295b525ac1601917379877c16be65c678d20a458d29781e2975a1153192252c0d86736dedd9fc5a6fb71a21a98d53cbca4f99f8e0bd8717d72fe53acf44fa09
SSDEEP

393216:WVHM+zcsgIOX1+FSgGP+atjF+XSOIG6sf3idq1+W/1vBE2WRqiA6SLTuaJ1q14:g/DghXk2Wat2H6sfi4p/IqhLTu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MSIMG32.dll
unpack001/ToolkitPro1840vc140U.dll
unpack001/cpfe.dll

Files

21012025_0936_package1.zip
.zip

Password: infected
FNP_Act_Installer.dll
.dll windows:6 windows x86 arch:x86

Password: infected

6c578232d1f9f22ad6b0f5bf7c40b629

Code Sign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13-09-2018 00:00

Not After

20-11-2021 23:59

Subject

CN=Flexera Software LLC,O=Flexera Software LLC,L=Itasca,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

51:11:6d:8f:01:e1:93:5d:82:d0:9c:11:24:36:53:60:33:90:7a:40:45:85:a0:9f:bf:04:5e:5f:8d:e0:a9:e1
Signer

Actual PE Digest

51:11:6d:8f:01:e1:93:5d:82:d0:9c:11:24:36:53:60:33:90:7a:40:45:85:a0:9f:bf:04:5e:5f:8d:e0:a9:e1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\FNP-11.16.6\tier1\FNP\Installer\Build\_release-Windows-NT4-i686-main\FNP_Act_Installer.dll.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegCreateKeyExA
SetNamedSecurityInfoA
GetNamedSecurityInfoA
IsValidSid
GetAce
GetAclInformation
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
MakeAbsoluteSD
MakeSelfRelativeSD
SetSecurityDescriptorDacl
ChangeServiceConfigA
ControlService
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
QueryServiceObjectSecurity
QueryServiceStatus
SetServiceObjectSecurity
StartServiceA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
CloseServiceHandle
AddAce
CopySid
EqualSid
GetLengthSid
GetSidLengthRequired
GetSidSubAuthority
InitializeAcl
InitializeSid

msi

ord103
ord73
ord124
ord121
ord8
ord17

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

uxtheme

GetThemeColor
GetThemePartSize
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetCurrentThemeName
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

kernel32

GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetACP
GetCurrentDirectoryA
lstrcpyA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
RtlUnwind
GetDriveTypeW
GetCommandLineA
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
HeapQueryInformation
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
IsValidCodePage
GetFileAttributesExW
GetStringTypeW
GetStdHandle
GetStartupInfoW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
OutputDebugStringW
CreateFileW
SetEnvironmentVariableA
OpenEventA
ResetEvent
ReleaseMutex
CreateMutexA
OpenMutexA
GetLocalTime
GetLocaleInfoW
CompareStringW
GlobalFlags
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
FileTimeToLocalFileTime
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameA
lstrcmpA
CompareStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
WaitForSingleObject
SetEvent
MultiByteToWideChar
FormatMessageA
MulDiv
GlobalSize
WideCharToMultiByte
FindResourceW
GetModuleFileNameA
LocalReAlloc
LocalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetSystemDirectoryA
LocalFree
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
CallNamedPipeA
GetCurrentProcessId
FindResourceA
SizeofResource
MoveFileExW
LockResource
LoadResource
GetModuleHandleA
SetFilePointer
ReadFile
MoveFileExA
CopyFileA
GetTempFileNameA
GetWindowsDirectoryA
Sleep
SetFileAttributesA
RemoveDirectoryA
GetFileAttributesA
DeleteFileA
CreateDirectoryA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
CloseHandle
GetFileSize
CreateFileA
DeviceIoControl
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
GetCPInfo
GetOEMCP
SetEndOfFile
GetUserDefaultUILanguage
DeleteFileW
GetFileAttributesW
RemoveDirectoryW

user32

IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
SetRect
SetParent
LockWindowUpdate
SetClassLongA
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
FrameRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
FillRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
CharUpperA
DestroyIcon
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
GetKeyboardLayout
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
InflateRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
IsIconic
IntersectRect
PostQuitMessage
CopyImage
SystemParametersInfoA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
UnhookWindowsHookEx
SetLastErrorEx
GetMenuItemInfoA
GetClientRect
DestroyMenu
GetScrollPos

ole32

CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
OleDuplicateData
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA

oleaut32

SysAllocStringByteLen
LoadTypeLi
SysStringLen
SysAllocString
VariantInit
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

shlwapi

PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
PathFindFileNameA
StrFormatKBSizeA

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdi32

GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
GetTextFaceA
PtInRegion
FrameRgn
RoundRect
CreateRoundRectRgn
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
Rectangle
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsA
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32A
CreateFontIndirectA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
CopyMetaFileA
CreateDCA
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetObjectA
DeleteObject
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign

gdiplus

GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdiplusShutdown
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext

msimg32

AlphaBlend
TransparentBlt

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

CdaSysGetTrackedErrors
fnpActSvcForceUninstallForMSI
fnpActSvcForceUninstallWin
fnpActSvcFullUninstallWin
fnpActSvcGetLastErrorWin
fnpActSvcInstallForMSI
fnpActSvcInstallForMSIModal
fnpActSvcInstallWin
fnpActSvcStatusCodeToText
fnpActSvcUninstallForMSI
fnpActSvcUninstallForMSIModal
fnpActSvcUninstallWin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ISUIServices.dll
.dll regsvr32 windows:6 windows x86 arch:x86

Password: infected

0bd7ab3f713309a66e9b3611308aed96

Code Sign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13-09-2018 00:00

Not After

20-11-2021 23:59

Subject

CN=Flexera Software LLC,O=Flexera Software LLC,L=Itasca,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13-09-2018 00:00

Not After

20-11-2021 23:59

Subject

CN=Flexera Software LLC,O=Flexera Software LLC,L=Itasca,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:d2:d4:7b:50:1b:c9:6a:b4:bf:6f:96:a1:4b:f7:9d:6a:f9:e5:6b:77:37:36:46:f7:75:23:92:5a:05:1f:cd
Signer

Actual PE Digest

50:d2:d4:7b:50:1b:c9:6a:b4:bf:6f:96:a1:4b:f7:9d:6a:f9:e5:6b:77:37:36:46:f7:75:23:92:5a:05:1f:cd

Digest Algorithm

sha256

PE Digest Matches

true

9d:bf:ba:ae:7f:81:df:eb:22:4c:bc:b1:dc:fa:64:43:c4:da:f8:ec
Signer

Actual PE Digest

9d:bf:ba:ae:7f:81:df:eb:22:4c:bc:b1:dc:fa:64:43:c4:da:f8:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\CodeBases\isdev\system\ISUIServices.pdb

Imports

msi

ord125

kernel32

DisableThreadLibraryCalls
DecodePointer
EncodePointer
OutputDebugStringW
GetSystemTime
GetFileTime
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
GetVersionExW
GetTempPathW
DeleteFileW
FindClose
FindFirstFileW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CopyFileW
GetSystemInfo
LocalAlloc
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
CreateMutexW
FindFirstFileA
FindNextFileA
GetSystemWindowsDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetVersionExA
GetWindowsDirectoryA
LoadLibraryA
GetTickCount
SetHandleInformation
SetErrorMode
Sleep
GetCommandLineW
GetEnvironmentVariableA
GetEnvironmentVariableW
FormatMessageA
LoadLibraryExW
GetTimeZoneInformation
GetModuleHandleA
ReleaseMutex
CreateMutexA
FindNextFileW
GetProcessTimes
GetCurrentProcess
InitializeCriticalSection
GetCurrentProcessId
SetEvent
ResetEvent
CreateEventA
VirtualAlloc
VirtualFree
GetDriveTypeA
GetVolumeInformationA
CreateFileA
DeviceIoControl
SetNamedPipeHandleState
SleepEx
WaitNamedPipeA
LoadLibraryExA
GetSystemTimeAsFileTime
lstrcmpiW
GetModuleHandleW
lstrlenW
lstrcpyW
LoadLibraryW
InitializeCriticalSectionEx
OpenMutexW
GetFileInformationByHandleEx
SetFilePointerEx
MoveFileExW
WriteConsoleA
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetTickCount64
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
FreeLibrary
GetProcAddress
SizeofResource
ReadFile
WriteFile
SetFilePointer
GetModuleFileNameW
GlobalFree
GlobalHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
FindResourceW
MulDiv
FormatMessageW
LocalFree
lstrcmpW
GetVersion
CloseHandle
UnmapViewOfFile
MultiByteToWideChar
SetLastError
GetLastError
WideCharToMultiByte
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
lstrlenA
GetLocalTime

user32

EnableWindow
GetDlgItemTextW
GetDlgItemTextA
SetDlgItemTextA
SendMessageA
MessageBoxA
SendMessageW
SetWindowTextA
DestroyMenu
CharUpperW
SetCursor
GetCursor
IsDlgButtonChecked
wsprintfW
CheckDlgButton
MapDialogRect
CreateDialogIndirectParamW
LoadStringW
SetWindowContextHelpId
UpdateWindow
ShowWindow
MessageBeep
GetWindowLongA
GetSystemMetrics
CreateDialogIndirectParamA
DialogBoxIndirectParamA
wsprintfA
ReleaseDC
GetDC
PostMessageW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
MapWindowPoints
SetDlgItemTextW
MessageBoxW
RegisterWindowMessageW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
IsWindow
GetClassNameW
GetSysColor
CharNextW
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
ScreenToClient
MoveWindow
SetCapture
ReleaseCapture
FillRect
GetClientRect
InvalidateRgn
CallWindowProcW
InvalidateRect
GetDesktopWindow
DestroyAcceleratorTable
LoadCursorW
RegisterClassExW
DialogBoxIndirectParamW
UnregisterClassW
EndDialog
SetWindowPos
DefWindowProcW
SetWindowLongW
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetActiveWindow
GetParent
GetTopWindow
GetWindow
GetDlgItem

netapi32

Netbios

userenv

GetProfilesDirectoryA

gdi32

CreateSolidBrush
CreateFontW
BitBlt
GetDeviceCaps
GetObjectW
SelectObject
CreateCompatibleBitmap
DeleteObject
CreateCompatibleDC
DeleteDC
GetStockObject

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegSetValueExA
RegQueryValueExA
GetUserNameW
GetUserNameA
RegCreateKeyExA
RegEnumValueA
RegDeleteValueA
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW

shell32

ord680
SHGetFolderPathW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

OleUninitialize
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoCreateInstance
CoGetClassObject
CLSIDFromString
OleInitialize
StringFromCLSID
CoTaskMemRealloc
ProgIDFromCLSID
CoInitialize
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CreateStreamOnHGlobal

oleaut32

VarDateFromStr
DispCallFunc
VarBstrCat
VarBstrCmp
SystemTimeToVariantTime
VariantChangeType
VariantTimeToSystemTime
CreateErrorInfo
SetErrorInfo
VarUI4FromStr
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAllocDescriptor
LoadRegTypeLi
OleCreateFontIndirect
SafeArrayLock
SafeArrayUnlock
LoadTypeLi
SysStringByteLen
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantClear
SafeArrayGetDim
SafeArrayGetElemsize
SysFreeString
SysAllocStringLen
SysReAllocStringLen
SysStringLen
GetErrorInfo
VariantInit
SysAllocString
SysAllocStringByteLen
SafeArrayCopy
VariantCopy
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayAllocData

shlwapi

PathRemoveBackslashW
SHCreateStreamOnFileW
PathFindFileNameW
PathIsDirectoryW
PathRemoveExtensionW
PathFileExistsW
PathAppendW
PathIsRootW
PathRemoveFileSpecW

msvcp140

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

xmllite

CreateXmlWriter

vcruntime140

memmove
__std_exception_copy
__std_exception_destroy
_purecall
wcsstr
wcschr
memchr
strchr
strrchr
__std_terminate
memcmp
longjmp
_setjmp3
__CxxFrameHandler3
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
_CxxThrowException
__std_type_info_destroy_list
memcpy
strstr
memset

api-ms-win-crt-string-l1-1-0

wcspbrk
strtok
_stricmp
strspn
strpbrk
strncpy
strncmp
strcspn
_strdup
strcat
strcpy
isspace
_strnicmp
toupper
towupper
_wcsnicmp
_wcsicmp
iscntrl
isgraph
wcscat_s
isprint
isalnum
ispunct
wmemcpy_s
wcscpy_s
strcat_s
isxdigit
strncpy_s
isdigit
islower
isupper
isalpha
wcsncpy_s
tolower
strcpy_s
strlen

api-ms-win-crt-time-l1-1-0

_difftime64
_mktime64
_localtime64
strftime
_time64
_localtime64_s

api-ms-win-crt-utility-l1-1-0

bsearch
rand_s
srand
rand
qsort
_swab

api-ms-win-crt-multibyte-l1-1-0

_mbstrlen

api-ms-win-crt-runtime-l1-1-0

_getpid
_initterm_e
_initterm
_cexit
_crt_atexit
perror
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
exit
terminate
_seh_filter_dll
_invalid_parameter_noinfo
_errno
__sys_nerr
_invalid_parameter_noinfo_noreturn
__sys_errlist
_beginthreadex
_exit
_endthread
_beginthread
_crt_at_quick_exit

api-ms-win-crt-convert-l1-1-0

wcstol
_ltow_s
_strtoui64
atoi
strtoul
strtod
_itow_s
strtol
_strtoi64
atof

api-ms-win-crt-stdio-l1-1-0

fgets
fseek
ungetc
getchar
clearerr
fflush
__stdio_common_vfwscanf
fread
ftell
__stdio_common_vfscanf
__stdio_common_vfprintf_p
__stdio_common_vswprintf
__stdio_common_vswprintf_s
__stdio_common_vfprintf_s
__stdio_common_vfprintf
__stdio_common_vswscanf
__stdio_common_vsprintf
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s
__stdio_common_vsprintf_s
__stdio_common_vsnprintf_s
__stdio_common_vsprintf_p
__stdio_common_vsscanf
_close
__stdio_common_vfwprintf
fopen
_wopen
freopen
_wfopen
_getcwd
fclose
_wfreopen
_open
fgetc
__stdio_common_vswprintf_p
__stdio_common_vsnwprintf_s
__acrt_iob_func

api-ms-win-crt-heap-l1-1-0

_recalloc
free
realloc
malloc
calloc
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_findclose
rename
remove
_wunlink
_waccess
_wremove
_unlink
_findfirst64i32
_access
_wrename
_findnext64i32
_stat64i32
_wstat64i32

api-ms-win-crt-environment-l1-1-0

_putenv
getenv

comctl32

ord17

ws2_32

freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
inet_addr
getsockname
getpeername
htonl
WSAGetLastError
inet_ntoa
getnameinfo
socket
setsockopt
getsockopt
send
select
__WSAFDIsSet
recv
ioctlsocket
connect
closesocket

dhcpcsvc

DhcpRequestParams

fnp_act_installer

fnpActSvcGetLastErrorWin
fnpActSvcInstallWin
fnpActSvcUninstallWin

api-ms-win-crt-math-l1-1-0

ceil

Exports

Exports

CanBorrow
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetCmdBuildLicense
GetSerial
IsBeta
IsBorrowed
IsEval
IsProductLicenseValid
ShowShell

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textidx
Size: 686KB - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fnp_dir
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fnp_mar
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSIMG32.dll
.dll windows:4 windows x86 arch:x86

Password: infected

a15ac54dc3f11b7bedebe7d0d3421b78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualProtect
SetLastError

gdi32

GetObjectType
GetCurrentObject
GetObjectA
GdiAlphaBlend
GetDeviceCaps
GdiGradientFill
GdiTransparentBlt

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt

Sections

.text
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 397B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TSConfig.exe
.exe windows:6 windows x86 arch:x86

Password: infected

ff7c441ffb8fc5cdbf6fee367392dd43

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13-09-2018 00:00

Not After

20-11-2021 23:59

Subject

CN=Flexera Software LLC,O=Flexera Software LLC,L=Itasca,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:25:1c:5c:ac:a3:f2:ab:c6:7b:5d:d8:b8:02:5d:3b:c2:d2:d9:d1:12:ad:2f:6e:7e:8f:4b:32:05:df:bf:e2
Signer

Actual PE Digest

a9:25:1c:5c:ac:a3:f2:ab:c6:7b:5d:d8:b8:02:5d:3b:c2:d2:d9:d1:12:ad:2f:6e:7e:8f:4b:32:05:df:bf:e2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CodeBases\isdev\System\TSConfig.pdb

Imports

fnp_act_installer

fnpActSvcInstallWin
fnpActSvcGetLastErrorWin
fnpActSvcUninstallWin

kernel32

GetVersion
FindFirstFileA
FindNextFileA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetVersionExA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
SetErrorMode
CreateFileA
DeviceIoControl
GetEnvironmentVariableA
GetEnvironmentVariableW
FormatMessageA
GetLocalTime
GetTimeZoneInformation
GetModuleHandleA
FindNextFileW
GetProcessTimes
GetCurrentProcess
SetEvent
ResetEvent
CreateEventA
VirtualAlloc
VirtualFree
GetDriveTypeA
GetVolumeInformationA
GetSystemTimeAsFileTime
SetNamedPipeHandleState
SleepEx
WaitNamedPipeA
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
CreateEventW
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
CreateMutexA
ReleaseMutex
InitializeCriticalSection
GetTickCount
TerminateProcess
LocalAlloc
GetSystemDirectoryA
GetDateFormatW
GetTimeFormatW
SetFilePointer
OutputDebugStringW
OpenMutexW
GetTickCount64
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GetFileAttributesW
GetProcAddress
FreeLibrary
GetModuleFileNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
LoadLibraryW
lstrcpyW
lstrlenW
FormatMessageW
LocalFree
lstrcpynW
GetWindowsDirectoryW
CreateProcessW
SizeofResource
HeapFree
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
RaiseException
LoadResource
FindResourceW
HeapAlloc
DeleteCriticalSection
GetProcessHeap
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
GetCommandLineW
FindFirstFileW
SetFileAttributesW
DeleteFileW
GetTempPathW
GetTempFileNameW
CreateFileW
WriteFile
WaitForSingleObject
CloseHandle
FindClose
GetFileSize
ReadFile
MulDiv
Sleep

user32

EnableWindow
LoadStringW
RegisterWindowMessageW
CharNextW
SendMessageW
SetTimer
PostMessageW
KillTimer
FindWindowW
GetClientRect
PtInRect
SetCapture
GetCapture
ReleaseCapture
InvalidateRect
GetFocus
GetParent
GetWindowRect
GetDC
GetDlgItem
GetSysColor
GetActiveWindow
MessageBoxA
SendMessageA
ShowWindow
MoveWindow
EndDialog
SetDlgItemTextA
GetDlgItemTextA
GetDlgItemTextW
SetFocus
SetWindowTextA
MessageBeep
ScreenToClient
GetWindowLongA
GetSystemMetrics
CreateDialogIndirectParamA
DialogBoxIndirectParamA
wsprintfA

netapi32

Netbios

mfc140u

ord4664
ord12763
ord9377
ord5427
ord8817
ord14131
ord5176
ord2778
ord1446
ord6834
ord9135
ord3257
ord4236
ord13656
ord8067
ord8062
ord5813
ord13646
ord1180
ord6589
ord5984
ord9132
ord4225
ord2172
ord1405
ord6801
ord3237
ord3359
ord13293
ord5419
ord4827
ord6316
ord2547
ord6196
ord6226
ord4093
ord1143
ord4886
ord501
ord13473
ord2385
ord2389
ord1391
ord4882
ord13028
ord6559
ord2522
ord2383
ord4649
ord7125
ord12559
ord5117
ord3849
ord3797
ord1066
ord6490
ord10250
ord9126
ord3145
ord9209
ord6860
ord4589
ord5961
ord7997
ord4092
ord1472
ord995
ord7653
ord10379
ord1045
ord286
ord2178
ord14507
ord3816
ord12131
ord9040
ord5422
ord11015
ord11396
ord3404
ord3403
ord3164
ord6218
ord13752
ord3305
ord1525
ord2303
ord7820
ord4814
ord3302
ord8210
ord1523
ord2760
ord14785
ord10285
ord10287
ord10286
ord10284
ord3697
ord3882
ord10288
ord5652
ord1002
ord11725
ord6549
ord6129
ord12220
ord11726
ord2761
ord13756
ord6220
ord280
ord6566
ord6486
ord4218
ord9139
ord12089
ord3838
ord8965
ord6978
ord11002
ord9256
ord3266
ord13878
ord12262
ord12258
ord1722
ord1744
ord1770
ord1756
ord1777
ord4936
ord5003
ord4948
ord12251
ord6487
ord12219
ord12928
ord4966
ord4960
ord8464
ord4954
ord5013
ord4997
ord4942
ord5019
ord4974
ord4912
ord4927
ord4988
ord4502
ord9693
ord4494
ord3055
ord12784
ord5513
ord14590
ord7923
ord14596
ord6877
ord11717
ord13703
ord5935
ord2682
ord12124
ord494
ord3941
ord3372
ord3371
ord3265
ord12168
ord5249
ord7128
ord11936
ord5549
ord5760
ord9350
ord5525
ord7654
ord5790
ord5252
ord14588
ord12172
ord4485
ord13544
ord14234
ord4477
ord4499
ord296
ord4815
ord2304
ord2562
ord2246
ord14137
ord10472
ord7493
ord3833
ord1111
ord458
ord7107
ord8470
ord8386
ord12865
ord8324
ord5357
ord2486
ord12541
ord12542
ord1133
ord890
ord14589
ord7922
ord14595
ord9398
ord4152
ord4090
ord12947
ord7941
ord2034
ord11982
ord11983
ord14466
ord12531
ord8000
ord14667
ord6348
ord14669
ord6350
ord14668
ord6349
ord3852
ord5918
ord12239
ord12247
ord8217
ord10433
ord2409
ord5411
ord5228
ord7722
ord7723
ord7712
ord5409
ord8219
ord10255
ord9210
ord6531
ord4219
ord5763

gdi32

DeleteObject
SetBkColor
BitBlt
GetMapMode
SetMapMode
CreateCompatibleBitmap
DeleteDC
GetStockObject
CreateBitmap
DPtoLP
GetObjectW
SelectObject
CreateCompatibleDC
GetDeviceCaps
CreateFontW

comdlg32

GetOpenFileNameA

advapi32

QueryServiceStatusEx
RegQueryValueExA
GetUserNameW
GetUserNameA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
EnumDependentServicesW
ControlService
StartServiceW
StartServiceA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegQueryInfoKeyA
RegEnumKeyExA
CloseServiceHandle
OpenServiceW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
OpenSCManagerW
RegSetValueExA

shell32

SHGetFolderPathW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteExW
ord680
ShellExecuteW

comctl32

ord17
InitCommonControlsEx

shlwapi

PathIsRootW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
PathRemoveBackslashW

ole32

CoUninitialize
CoCreateInstance
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SysFreeString
SysAllocStringLen
SysReAllocStringLen
SysStringLen
GetErrorInfo
VarUI4FromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
VariantInit
VariantClear
VarUdateFromDate
VarDateFromStr
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

toolkitpro1840vc140u

?SetColumnStyle@CXTPReportPaintManager@@QAEXW4XTPReportColumnStyle@@@Z
?SetAlignment@CXTPReportColumn@@QAEHH@Z
?SetAllowDrag@CXTPReportColumn@@QAEXH@Z
??0CXTPReportColumn@@QAE@HPB_WHHHHH@Z
?AddColumn@CXTPReportControl@@QAEPAVCXTPReportColumn@@PAV2@@Z
??1CXTPReportControl@@UAE@XZ
??0CXTPReportControl@@QAE@XZ
?XTPResourceManager@@YAPAVCXTPResourceManager@@XZ
?SetResourceFile@CXTPResourceManager@@QAEXABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?OnDialogNotify@CXTPTaskDialog@@MAEJIIJ@Z
?OnNavigated@CXTPTaskDialog@@MAEXXZ
?OnTimer@CXTPTaskDialog@@MAEXKAAH@Z
?OnExpandoButtonClicked@CXTPTaskDialog@@MAEXH@Z
?OnInputBoxChanged@CXTPTaskDialog@@MAEXXZ
?OnHelp@CXTPTaskDialog@@MAEXXZ
?OnVerificationClicked@CXTPTaskDialog@@MAEXH@Z
?OnRadioButtonClicked@CXTPTaskDialog@@MAEXH@Z
?OnDialogDestroyed@CXTPTaskDialog@@MAEXXZ
?OnDialogConstructed@CXTPTaskDialog@@MAEXXZ
?GetFrameStyle@CXTPTaskDialogFrame@@MBEKXZ
?GetFrameTitle@CXTPTaskDialogFrame@@MBE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?DrawExpandedInfo@CXTPTaskDialogClient@@MAEXPAVCDC@@@Z
?DrawBackground@CXTPTaskDialogClient@@MAEXPAVCDC@@VCRect@@@Z
?DrawFootNote@CXTPTaskDialogClient@@MAEXPAVCDC@@@Z
?DrawContent@CXTPTaskDialogClient@@MAEXPAVCDC@@@Z
?DrawMainInstruction@CXTPTaskDialogClient@@MAEXPAVCDC@@@Z
?RefreshColors@CXTPTaskDialogClient@@MAEXXZ
?RefreshMetrics@CXTPTaskDialogClient@@MAEXXZ
?CreateInputBox@CXTPTaskDialogClient@@MAEHXZ
?CreateProgressBar@CXTPTaskDialogClient@@MAEHXZ
?CreateVerifyExpandButtons@CXTPTaskDialogClient@@MAEHXZ
?CreateRadioButtons@CXTPTaskDialogClient@@MAEHXZ
?CreateLinkButtons@CXTPTaskDialogClient@@MAEHXZ
?CreateCommandButtons@CXTPTaskDialogClient@@MAEHXZ
?CreateFonts@CXTPTaskDialogClient@@MAEXXZ
?LoadStrings@CXTPTaskDialogClient@@MAEXXZ
?CreateIcons@CXTPTaskDialogClient@@MAEXXZ
?CreateClient@CXTPTaskDialogClient@@UAEHH@Z
?OnInitDialog@CXTPTaskDialogFrame@@UAEHXZ
?DoModal@CXTPTaskDialog@@UAEHXZ
?OnWndMsg@CXTPTaskDialogClient@@MAEHIIJPAJ@Z
?WindowProc@CXTPTaskDialogClient@@MAEJIIJ@Z
?PreTranslateMessage@CXTPTaskDialogFrame@@UAEHPAUtagMSG@@@Z
?GetMessageMap@CXTPTaskDialogFrame@@MBEPBUAFX_MSGMAP@@XZ
??1CXTPTaskDialog@@UAE@XZ
?SetEditable@CXTPReportRecord@@QAEXH@Z
??1CXTPReportRecord@@UAE@XZ
??1CXTPReportRecordItem@@UAE@XZ
?SetChecked@CXTPReportRecordItem@@UAEXH@Z
?GetItemData@CXTPReportRecordItem@@UBEKXZ
?GetThisClass@CXTPReportRecordItem@@SGPAUCRuntimeClass@@XZ
??0CXTPReportRecordItem@@QAE@XZ
?HasCheckbox@CXTPReportRecordItem@@UAEXHH@Z
?GetRuntimeClass@CXTPReportColumn@@UBEPAUCRuntimeClass@@XZ
?GetInterfaceMap@CXTPCmdTarget@@MBEPBUAFX_INTERFACEMAP@@XZ
?DoPropExchange@CXTPReportColumn@@UAEXPAVCXTPPropExchange@@@Z
?EnsureVisible@CXTPReportColumn@@UAEXXZ
?ResetMarkupUIElement@CXTPReportColumn@@UAEXXZ
?GetRuntimeClass@CXTPReportRecord@@UBEPAUCRuntimeClass@@XZ
?GetItemMetrics@CXTPReportRecord@@UAEXPAUXTP_REPORTRECORDITEM_DRAWARGS@@PAUXTP_REPORTRECORDITEM_METRICS@@@Z
?UpdateRecordField@CXTPReportRecord@@UAEHHHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?SetExpanded@CXTPReportRecord@@UAEXH@Z
?DoPropExchange@CXTPReportRecord@@UAEXPAVCXTPPropExchange@@@Z
?GetRuntimeClass@CXTPReportRecordItemText@@UBEPAUCRuntimeClass@@XZ
?Draw@CXTPReportRecordItem@@UAEHPAUXTP_REPORTRECORDITEM_DRAWARGS@@@Z
?OnDrawCaption@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_DRAWARGS@@PAUXTP_REPORTRECORDITEM_METRICS@@@Z
?OnDrawControls@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_DRAWARGS@@AAVCRect@@@Z
?HitTestHyperlink@CXTPReportRecordItem@@UAEHVCPoint@@@Z
?OnLButtonDown@CXTPReportRecordItem@@UAEHPAUXTP_REPORTRECORDITEM_CLICKARGS@@@Z
?OnLButtonUp@CXTPReportRecordItem@@UAEHPAUXTP_REPORTRECORDITEM_CLICKARGS@@@Z
?OnClick@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_CLICKARGS@@@Z
?OnDblClick@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_CLICKARGS@@@Z
?OnMouseMove@CXTPReportRecordItem@@UAEXIVCPoint@@PAVCXTPReportControl@@@Z
?GetCaption@CXTPReportRecordItemText@@UAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCXTPReportColumn@@@Z
?GetCaption@CXTPReportRecordItem@@UAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetCaptionRect@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_ARGS@@AAVCRect@@@Z
?GetGroupCaption@CXTPReportRecordItem@@UAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCXTPReportColumn@@@Z
?GetGroupCaptionValue@CXTPReportRecordItem@@UAE?AVCOleVariant@@PAVCXTPReportColumn@@@Z
?GetGroupCaptionID@CXTPReportRecordItem@@UAEHPAVCXTPReportColumn@@@Z
?CompareGroupCaption@CXTPReportRecordItem@@UAEHPAVCXTPReportColumn@@PAVCXTPReportGroupRow@@@Z
?CompareGroupCaption@CXTPReportRecordItem@@UAEHPAVCXTPReportColumn@@PAV1@@Z
?Compare@CXTPReportRecordItem@@UAEHPAVCXTPReportColumn@@PAV1@@Z
?SetFont@CXTPReportRecordItem@@UAEXPAVCFont@@@Z
?GetFont@CXTPReportRecordItem@@UAEPAVCFont@@XZ
?GetTooltip@CXTPReportRecordItem@@UBE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetTextColor@CXTPReportRecordItem@@UAEKXZ
?SetBold@CXTPReportRecordItem@@UAEXH@Z
?IsBold@CXTPReportRecordItem@@UBEHXZ
?SetBackgroundColor@CXTPReportRecordItem@@UAEXK@Z
?GetBackgroundColor@CXTPReportRecordItem@@UAEKXZ
?GetFormula@CXTPReportRecordItem@@UBE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?SetFormula@CXTPReportRecordItem@@UAEXPB_W@Z
?GetFormatString@CXTPReportRecordItem@@UBE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?SetFormatString@CXTPReportRecordItem@@UAEXPB_W@Z
?IsEditable@CXTPReportRecordItem@@UBEHXZ
?AddHyperlink@CXTPReportRecordItem@@UAEHPAVCXTPReportHyperlink@@@Z
?GetHyperlinksCount@CXTPReportRecordItem@@UBEHXZ
?GetHyperlinkAt@CXTPReportRecordItem@@UBEPAVCXTPReportHyperlink@@H@Z
?GetScriptNamedItem@CXTPMarkupContext@@MAEJPB_WPAPAUIUnknown@@@Z
?GetScriptNamedItemNames@CXTPMarkupContext@@MAEXAAV?$CList@PB_WPB_W@@@Z
?OnInvalidateArrange@CXTPMarkupContext@@UAEXPAVCXTPMarkupUIElement@@@Z
?OnInvalidateVisual@CXTPMarkupContext@@UAEXPAVCXTPMarkupUIElement@@@Z
?OnWndMsg@CXTPMarkupContext@@UAEHPAVCXTPMarkupUIElement@@IIJPAJ@Z
?Render@CXTPMarkupVisual@@QAEXPAVCXTPMarkupDrawingContext@@@Z
?Arrange@CXTPMarkupUIElement@@QAEXVCRect@@@Z
?Measure@CXTPMarkupUIElement@@QAEXPAVCXTPMarkupDrawingContext@@VCSize@@@Z
??1CXTPMarkupDrawingContext@@UAE@XZ
??0CXTPMarkupDrawingContext@@QAE@PAUHDC__@@@Z
??0CXTPClientRect@@QAE@PBVCWnd@@@Z
??1CXTPBufferDC@@UAE@XZ
??0CXTPBufferDC@@QAE@AAVCPaintDC@@@Z
?Parse@CXTPMarkupContext@@QAEPAVCXTPMarkupUIElement@@PB_W@Z
?Release@CXTPMarkupObject@@QAEKXZ
??1CXTPMarkupContext@@MAE@XZ
??0CXTPMarkupContext@@QAE@XZ
?SetCommonButtons@CXTPTaskDialog@@QAEXHHHHHH@Z
?OnLoaded@CXTPMarkupObject@@MAEXPAVCXTPMarkupBuilder@@@Z
?OnSetAsProperty@CXTPMarkupObject@@MAEXPAVCXTPMarkupDependencyProperty@@PAV1@@Z
?OnPropertyChanged@CXTPMarkupObject@@MAEXPAVCXTPMarkupDependencyProperty@@PAV1@1@Z
?AllowWhiteSpaceContent@CXTPMarkupObject@@UBEHXZ
?HasContentObject@CXTPMarkupObject@@UBEHXZ
?ConvertFrom@CXTPMarkupObject@@UBEPAV1@PAVCXTPMarkupBuilder@@PAV1@@Z
?SetPropertyObject@CXTPMarkupObject@@UAEXPAVCXTPMarkupBuilder@@PAVCXTPMarkupDependencyProperty@@PAV1@@Z
?SetContentObject@CXTPMarkupObject@@UAEXPAVCXTPMarkupBuilder@@PAV1@@Z
?GetLogicalChild@CXTPMarkupObject@@UBEPAV1@H@Z
?GetLogicalChildrenCount@CXTPMarkupObject@@UBEHXZ
?IsEqual@CXTPMarkupObject@@UBEHPBV1@@Z
?GetHashKey@CXTPMarkupObject@@UBEIXZ
?GetValueCore@CXTPMarkupObject@@UBEPAV1@PAVCXTPMarkupDependencyProperty@@@Z
?GetType@CXTPMarkupObject@@UBEPAVCXTPMarkupType@@XZ
?GetDispatchMap@CXTPMarkupObject@@MBEPBUAFX_DISPMAP@@XZ
?OnFinalRelease@CXTPMarkupObject@@MAEXXZ
?GetRuntimeClass@CXTPMarkupObject@@UBEPAUCRuntimeClass@@XZ
??1CXTPMarkupDelegate@@UAE@XZ
??0CXTPMarkupDelegate@@QAE@XZ
?GotoURL@CXTPHyperLink@@UAE_NPB_WH00@Z
?typeCXTPMarkupHyperlink@CXTPMarkupHyperlink@@2PBVCXTPMarkupType@@B
?IsKindOf@CXTPMarkupObject@@QBEHPBVCXTPMarkupType@@@Z
?DoModal@CXTPTaskDialog@@QAEHH@Z
?SetFooter@CXTPTaskDialog@@QAEHPB_W@Z
?SetCommonButtons@CXTPTaskDialog@@QAEXH@Z
?AddButton@CXTPTaskDialog@@QAEXPB_WH@Z
?SetContent@CXTPTaskDialog@@QAEHPB_W@Z
?EnableCancellation@CXTPTaskDialog@@QAEXH@Z
?m_pClickEvent@CXTPMarkupHyperlink@@2PAVCXTPMarkupRoutedEvent@@A
?AddHandler@CXTPMarkupContext@@QAEXPAVCXTPMarkupRoutedEvent@@PAVCXTPMarkupDelegate@@@Z
?EnableCommandLinks@CXTPTaskDialog@@QAEXHH@Z
?SetMainIcon@CXTPTaskDialog@@QAEHPB_W@Z
?SetMainInstruction@CXTPTaskDialog@@QAEHPB_W@Z
?SetWindowTitle@CXTPTaskDialog@@QAEXPB_W@Z
?EnableHyperlinks@CXTPTaskDialog@@QAEXH@Z
??0CXTPTaskDialog@@QAE@PAVCWnd@@@Z
??1CXTPHyperLink@@UAE@XZ
??0CXTPHyperLink@@QAE@XZ
??1CXTPReportRecordItemText@@UAE@XZ
??3?$CXTPHeapObjectT@VCXTPCmdTarget@@VCXTPReportDataAllocator@@@@SGXPAX@Z
??2?$CXTPHeapObjectT@VCXTPCmdTarget@@VCXTPReportDataAllocator@@@@SGPAXI@Z
?OnEditChanged@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_ARGS@@PB_W@Z
?DoPropExchange@CXTPReportRecordItem@@UAEXPAVCXTPPropExchange@@@Z
?DoMouseButtonClick@CXTPReportRecordItem@@MAEXXZ
?GetColumn@CXTPReportRecordItem@@MAEPAVCXTPReportColumn@@XZ
?OnInplaceButtonDown@CXTPReportRecordItem@@UAEXPAVCXTPReportInplaceButton@@@Z
?GetSelectedConstraintData@CXTPReportRecordItem@@UAEKPAUXTP_REPORTRECORDITEM_ARGS@@@Z
?OnConstraintChanged@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_ARGS@@PAVCXTPReportRecordItemConstraint@@@Z
?OnEditCanceled@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_ARGS@@@Z
?OnEditChanging@CXTPReportRecordItem@@UAEHPAUXTP_REPORTRECORDITEM_ARGS@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?OnEditChanged@CXTPReportRecordItemText@@UAEXPAUXTP_REPORTRECORDITEM_ARGS@@PB_W@Z
?OnValidateEdit@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_ARGS@@@Z
?OnCancelEdit@CXTPReportRecordItem@@UAEXPAVCXTPReportControl@@H@Z
?OnChar@CXTPReportRecordItem@@MAEHPAUXTP_REPORTRECORDITEM_ARGS@@I@Z
?OnBeginEdit@CXTPReportRecordItem@@MAEXPAUXTP_REPORTRECORDITEM_ARGS@@@Z
?OnRequestEdit@CXTPReportRecordItem@@MAEHPAUXTP_REPORTRECORDITEM_ARGS@@@Z
?IsAllowEdit@CXTPReportRecordItem@@MAEHPAUXTP_REPORTRECORDITEM_ARGS@@@Z
?DrawCheckBox@CXTPReportRecordItem@@MAEXPAUXTP_REPORTRECORDITEM_DRAWARGS@@AAVCRect@@@Z
?ParseBBCode@CXTPReportRecordItem@@MAEXAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?OnToolHitTest@CXTPReportRecordItem@@UAEHVCPoint@@PAUtagTOOLINFOW@@@Z
?ResetMarkupUIElement@CXTPReportRecordItem@@UAEXXZ
?DoPropExchange@CXTPReportRecordItemText@@UAEXPAVCXTPPropExchange@@@Z
?SetFocusable@CXTPReportRecordItem@@UAEXH@Z
?IsFocusable@CXTPReportRecordItem@@UBEHXZ
?GetHasCheckbox@CXTPReportRecordItem@@UBEHXZ
?SetCaption@CXTPReportRecordItem@@UAEXPB_W@Z
?SetGroupCaption@CXTPReportRecordItem@@UAEXPB_W@Z
?SetGroupPriority@CXTPReportRecordItem@@UAEXH@Z
?GetGroupPriority@CXTPReportRecordItem@@UBEHXZ
?SetSortPriority@CXTPReportRecordItem@@UAEXH@Z
?GetSortPriority@CXTPReportRecordItem@@UBEHXZ
?SetGridStyle@CXTPReportControl@@QAEXHW4XTPReportLineStyle@@@Z
?AllowEdit@CXTPReportControl@@QAEXH@Z
??1CXTPReportColumn@@UAE@XZ
?GetCount@CXTPReportRecords@@QBEHXZ
?GetRecords@CXTPReportControl@@QBEPAVCXTPReportRecords@@XZ
?GetAt@CXTPReportRecords@@QBEPAVCXTPReportRecord@@H@Z
?GetItem@CXTPReportRecord@@QBEPAVCXTPReportRecordItem@@H@Z
?IsChecked@CXTPReportRecordItem@@UBEHXZ
?SetIconIndex@CXTPReportRecordItem@@UAEHH@Z
?GetIconIndex@CXTPReportRecordItem@@UBEHXZ
?IsPreviewItem@CXTPReportRecordItem@@UBEHXZ
??0CXTPReportRecord@@QAE@XZ
?AddItem@CXTPReportRecord@@QAEPAVCXTPReportRecordItem@@PAV2@@Z
??0CXTPReportRecordItemText@@QAE@PB_W@Z
?SetItemData@CXTPReportRecordItem@@UAEXK@Z
?SetTextColor@CXTPReportRecordItem@@UAEXK@Z
?SetEditable@CXTPReportRecordItem@@UAEHH@Z
?IsFiltered@CXTPReportRecord@@UBEHXZ
?GetItemMetrics@CXTPReportRecordItem@@UAEXPAUXTP_REPORTRECORDITEM_DRAWARGS@@PAUXTP_REPORTRECORDITEM_METRICS@@@Z
?RemoveHyperlinkAt@CXTPReportRecordItem@@UAEXH@Z
?SetTooltip@CXTPReportRecordItem@@UAEXPB_W@Z

vcruntime140

memset
__std_terminate
memmove
_purecall
__std_exception_destroy
_local_unwind4
wcsstr
__CxxFrameHandler3
strchr
memcpy
__std_exception_copy
strrchr
strstr
memcmp
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
_CxxThrowException

api-ms-win-crt-string-l1-1-0

isalpha
islower
isdigit
isxdigit
toupper
tolower
_strnicmp
strtok
strncpy
strcspn
_strdup
strncmp
wcstok_s
isspace
strcpy_s
strncpy_s
strcpy
strcat
_wcsicmp
_wcsdup
_stricmp
towupper
_wcsnicmp
wcsncpy_s
wcscpy_s
wmemcpy_s
isupper
strlen

api-ms-win-crt-time-l1-1-0

wcsftime
_localtime64
_mktime64
strftime
_time64
_localtime64_s

api-ms-win-crt-multibyte-l1-1-0

_mbstrlen

api-ms-win-crt-utility-l1-1-0

srand
rand_s
bsearch
_swab
rand
qsort

api-ms-win-crt-runtime-l1-1-0

__sys_nerr
__sys_errlist
_beginthread
_endthread
exit
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_seh_filter_exe
_errno
_invalid_parameter_noinfo
_initterm
_initterm_e
_getpid
_resetstkoflw
_invalid_parameter_noinfo_noreturn
terminate
_controlfp_s
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_exit
_register_thread_local_exe_atexit_callback
_c_exit
_cexit

api-ms-win-crt-stdio-l1-1-0

__p__commode
_getcwd
__acrt_iob_func
fclose
fopen
fputs
fread
ftell
fflush
__stdio_common_vswprintf
__stdio_common_vsscanf
__stdio_common_vsnprintf_s
__stdio_common_vsprintf
__stdio_common_vswprintf_s
__stdio_common_vfprintf
_wfopen
_set_fmode
ungetc
fseek
fgets
fgetc
clearerr

api-ms-win-crt-heap-l1-1-0

_recalloc
_set_new_mode
realloc
calloc
free
malloc
_callnewh

api-ms-win-crt-convert-l1-1-0

strtod
atof
strtoul
strtol
atoi
wcstoul
_itow_s
wcstol
_ltow_s
_wtoi
_wtol

api-ms-win-crt-environment-l1-1-0

getenv
_wgetenv

api-ms-win-crt-filesystem-l1-1-0

_wstat64i32
_findclose
_stat64i32
_findnext64i32
_findfirst64i32

api-ms-win-crt-math-l1-1-0

ceil
__setusermatherr
floor

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

ws2_32

htonl
WSACleanup
WSAStartup
WSAGetLastError
socket
setsockopt
send
select
recv
ioctlsocket
connect
closesocket
__WSAFDIsSet
getaddrinfo
freeaddrinfo
getsockopt
inet_addr
inet_ntoa
getnameinfo

dhcpcsvc

DhcpRequestParams

wintrust

WinVerifyTrust

crypt32

CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringA
CryptQueryObject
CryptMsgGetParam
CryptMsgClose

Sections

.text
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textidx
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.my_text
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fnp_dir
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fnp_mar
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ToolkitPro1840vc140U.dll
.dll windows:6 windows x86 arch:x86

Password: infected

4b8c91e7fd28dcf79d699c9f9f735f63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Program Files (x86)\Codejock Software\MFC\Xtreme ToolkitPro v18.4.0\bin\vc140\ToolkitPro1840vc140U.pdb

Imports

mfc140u

ord5891
ord12358
ord7394
ord6818
ord1426
ord7066
ord12141
ord5423
ord9377
ord7073
ord2925
ord6880
ord4076
ord1368
ord8874
ord8873
ord8875
ord5579
ord4884
ord11080
ord11118
ord376
ord9527
ord1078
ord6590
ord4226
ord9133
ord12105
ord5985
ord7450
ord8124
ord5027
ord5026
ord5029
ord5025
ord5024
ord11117
ord7137
ord512
ord1149
ord10504
ord12176
ord8920
ord8912
ord13754
ord6219
ord7504
ord885
ord883
ord886
ord2360
ord872
ord3599
ord6229
ord1727
ord14429
ord7104
ord898
ord3954
ord2300
ord2399
ord551
ord8505
ord6175
ord1182
ord1890
ord12594
ord458
ord7379
ord926
ord3031
ord3238
ord6248
ord13224
ord4108
ord1928
ord10498
ord1411
ord12217
ord2594
ord9253
ord3054
ord9225
ord7627
ord3684
ord6802
ord914
ord1408
ord7626
ord4487
ord6830
ord3254
ord3363
ord1442
ord13100
ord13042
ord3323
ord7378
ord917
ord916
ord9375
ord1464
ord467
ord3956
ord1114
ord6851
ord5816
ord13648
ord8072
ord6122
ord7810
ord14128
ord2220
ord1405
ord11463
ord14597
ord6801
ord3237
ord3359
ord503
ord1144
ord4715
ord9701
ord6225
ord7815
ord2307
ord7406
ord7165
ord7146
ord6570
ord3175
ord3342
ord4223
ord1162
ord9130
ord7166
ord13838
ord5837
ord5850
ord13656
ord7891
ord9467
ord7509
ord7510
ord5813
ord5878
ord2029
ord14127
ord3076
ord12645
ord6869
ord7377
ord459
ord511
ord9528
ord3173
ord922
ord924
ord5037
ord6842
ord3260
ord3366
ord4239
ord1454
ord9138
ord6117
ord7486
ord12929
ord975
ord2010
ord1451
ord2173
ord14490
ord5852
ord5830
ord5845
ord8352
ord7074
ord8066
ord7427
ord7647
ord7428
ord6852
ord12122
ord7648
ord6123
ord13235
ord7408
ord6832
ord966
ord3256
ord3627
ord3644
ord6469
ord13924
ord5221
ord13379
ord6263
ord7926
ord12482
ord9919
ord10527
ord9581
ord3903
ord14265
ord14263
ord3888
ord3856
ord5038
ord13226
ord2692
ord2625
ord4089
ord4140
ord4141
ord1444
ord7907
ord5756
ord5688
ord14379
ord14372
ord4173
ord13973
ord6932
ord14276
ord14289
ord9254
ord11001
ord10821
ord11075
ord7638
ord6113
ord14547
ord8777
ord5397
ord7032
ord3905
ord7418
ord9463
ord7642
ord8161
ord8031
ord2053
ord7315
ord10765
ord7078
ord6502
ord12100
ord7490
ord5965
ord4814
ord5842
ord7909
ord6805
ord929
ord2008
ord12611
ord12642
ord4671
ord1413
ord4216
ord5390
ord3222
ord9175
ord814
ord3353
ord1345
ord7604
ord12115
ord552
ord8506
ord1656
ord1183
ord10437
ord11374
ord10868
ord10923
ord10342
ord11540
ord12062
ord484
ord13254
ord12638
ord1131
ord2381
ord2752
ord6848
ord984
ord3261
ord3367
ord5841
ord1460
ord2650
ord2626
ord11716
ord8992
ord4973
ord7644
ord13063
ord852
ord12302
ord7827
ord9008
ord5780
ord3613
ord908
ord1403
ord13263
ord902
ord1400
ord13695
ord14114
ord14124
ord7372
ord12224
ord8099
ord5394
ord6325
ord1546
ord1558
ord293
ord2235
ord7684
ord12169
ord461
ord909
ord13851
ord13125
ord2365
ord2223
ord2285
ord973
ord12595
ord7829
ord359
ord6868
ord13043
ord12880
ord7121
ord481
ord14065
ord13832
ord2858
ord5609
ord6199
ord9081
ord3857
ord10976
ord11024
ord11267
ord9197
ord12786
ord5577
ord12575
ord11252
ord8395
ord7655
ord2843
ord13352
ord2558
ord12418
ord12660
ord4703
ord9484
ord2718
ord12964
ord12093
ord1128
ord4138
ord4088
ord14511
ord5377
ord5368
ord10431
ord10251
ord10721
ord11138
ord11139
ord9363
ord11743
ord9979
ord9212
ord7501
ord5765
ord8049
ord12643
ord6555
ord5514
ord12754
ord12429
ord1449
ord2172
ord2470
ord555
ord8509
ord1659
ord12599
ord6179
ord1186
ord492
ord3075
ord822
ord1353
ord1141
ord13719
ord3694
ord3677
ord12744
ord1888
ord1892
ord2011
ord12612
ord6310
ord13941
ord7128
ord13741
ord845
ord12569
ord8123
ord485
ord2268
ord2374
ord2648
ord11715
ord11774
ord1815
ord3239
ord930
ord7382
ord13981
ord12078
ord12098
ord12171
ord8990
ord3939
ord8172
ord12457
ord8339
ord3842
ord1076
ord4255
ord4285
ord4251
ord4209
ord4179
ord4113
ord2651
ord14239
ord7622
ord1005
ord11836
ord11820
ord11140
ord11141
ord10991
ord9579
ord9341
ord11137
ord11115
ord1401
ord9477
ord2668
ord4745
ord13420
ord903
ord7373
ord5434
ord11903
ord11581
ord11278
ord11275
ord7787
ord2680
ord7696
ord2749
ord13940
ord10047
ord11146
ord9011
ord11122
ord13937
ord13694
ord7686
ord7342
ord1458
ord2296
ord5337
ord6190
ord2555
ord4091
ord365
ord5580
ord6316
ord4093
ord1143
ord501
ord7410
ord13106
ord5989
ord9239

kernel32

MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
RaiseException
TerminateThread
MoveFileW
GetWindowsDirectoryW
GetTickCount
DecodePointer
GetThreadPriority
GetFullPathNameW
GetFileInformationByHandle
LocalSize
OpenProcess
lstrcpynA
GetModuleFileNameA
VirtualQuery
VirtualProtect
GetSystemInfo
FlushInstructionCache
TlsFree
GetCurrentProcess
SetLastError
GetUserDefaultLangID
WriteFile
SetFileTime
LocalFileTimeToFileTime
ExitProcess
GetPrivateProfileIntW
LocalFree
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
OutputDebugStringA
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
lstrcmpW
GetDriveTypeW
lstrcpyW
SuspendThread
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
IsBadStringPtrW
GlobalSize
CopyFileW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetTempPathW
GetTempFileNameW
GetCurrentProcessId
GlobalFree
LoadLibraryExW
GetVersionExW
ResumeThread
SetThreadPriority
CreateThread
GetFileSize
TlsSetValue
TlsGetValue
TlsAlloc
GetProcessHeap
MultiByteToWideChar
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
lstrcmpA
SetFilePointer
ReadFile
CreateFileW
GlobalUnlock
GlobalLock
SizeofResource
GetModuleHandleA
OutputDebugStringW
CompareStringW
LoadLibraryA
LockResource
LoadResource
FreeResource
Sleep
GetCurrentThreadId
WideCharToMultiByte
GlobalAlloc
GetModuleFileNameW
GetFileAttributesW
CreateDirectoryW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetCurrentDirectoryW
lstrcpynW
GetLastError
GetCurrencyFormatW
GetNumberFormatW
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GlobalReAlloc
GetUserDefaultLCID
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
SetFileAttributesW
DeleteFileW
FindResourceW
MulDiv
FormatMessageW
LocalAlloc
LoadLibraryW
GetProcAddress
FreeLibrary
SystemTimeToFileTime
FileTimeToSystemTime
GetTimeZoneInformation
GetLocalTime
GetPrivateProfileSectionW

user32

GetActiveWindow
IsDialogMessageW
GetClassNameW
SetClassLongW
UnionRect
BringWindowToTop
DeferWindowPos
MoveWindow
ShowWindow
CopyAcceleratorTableW
LoadAcceleratorsW
IsWindowEnabled
MapVirtualKeyExW
VkKeyScanExW
GetKeyNameTextW
GetKeyboardState
IsCharLowerW
CharUpperW
IsIconic
GetKeyboardLayout
GetKeyboardLayoutList
ToUnicodeEx
ShowScrollBar
GetLastActivePopup
GetForegroundWindow
WindowFromPoint
SetCursorPos
GetClassLongW
GetSystemMenu
GetMenuState
SetMenu
GetMenu
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
LoadImageW
DestroyIcon
DrawStateW
GetClipboardFormatNameW
SetClipboardData
EndDeferWindowPos
BeginDeferWindowPos
GetMenuDefaultItem
GetIconInfo
CreateIconIndirect
CreatePopupMenu
GetDlgItem
SetParent
LockWindowUpdate
GetDCEx
SystemParametersInfoW
GetWindow
GetTopWindow
GetSubMenu
LoadMenuW
WaitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetUserObjectInformationW
CloseDesktop
OpenInputDesktop
wsprintfW
ShowCaret
HideCaret
GetWindowRgn
GetMenuItemInfoW
SetActiveWindow
GetMenuItemID
MapVirtualKeyW
GetDlgCtrlID
GetNextDlgTabItem
IsChild
IsMenu
IntersectRect
InvertRect
GetMessagePos
SetWindowLongW
SetFocus
GetClassInfoW
DefWindowProcW
DrawFrameControl
ReleaseDC
GetDC
MapWindowPoints
MessageBeep
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatW
CloseClipboard
OpenClipboard
GetWindowLongW
GetDesktopWindow
EqualRect
ClientToScreen
SetWindowRgn
FillRect
LoadIconW
FindWindowW
InflateRect
DrawFocusRect
GetSysColorBrush
GetWindowRect
GetKeyState
SetRectEmpty
FrameRect
GetSysColor
GetFocus
SendMessageW
LoadCursorW
GetParent
PtInRect
IsRectEmpty
OffsetRect
CopyRect
SetRect
ScreenToClient
GetCursorPos
SetCursor
GetClientRect
EnableScrollBar
RedrawWindow
InvalidateRect
UpdateWindow
GetSystemMetrics
EnableWindow
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetCapture
IsWindowVisible
SetWindowPos
IsWindow
PostMessageW
RegisterWindowMessageW
SetForegroundWindow
MessageBoxW
AdjustWindowRectEx
SendMessageTimeoutW
DrawIconEx
IsZoomed
PostQuitMessage
GetDialogBaseUnits
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
ValidateRect
CallWindowProcW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
CreateIconFromResourceEx
LoadBitmapW
CopyIcon
CopyImage
LoadMenuIndirectW
GetMenuStringW
LookupIconIdFromDirectoryEx
PostThreadMessageW
GetCursor
CreateWindowExW
DestroyWindow
GetWindowThreadProcessId
GetScrollInfo
GetDoubleClickTime
DrawEdge
GetClipboardData
CheckMenuItem
AppendMenuW
GetAsyncKeyState
MapDialogRect
SetWindowTextW
LoadStringW
GetWindowPlacement
EnableMenuItem
DragDetect
SetScrollPos
GetScrollPos
CreateCaret
DestroyCaret
SetCaretPos
GetTabbedTextExtentW
UnregisterClassW
DestroyMenu
TrackPopupMenu
DrawAnimatedRects
SetMenuDefaultItem
EnumChildWindows
wsprintfA
DeleteMenu
mouse_event
EnumWindows
BeginPaint
EndPaint
GetWindowDC
GetCaretPos
GetMenuItemCount
GetTabbedTextExtentA
InsertMenuW

gdi32

ExtCreatePen
DPtoLP
CombineRgn
GetDIBits
SetStretchBltMode
GetBitmapBits
GetTextMetricsW
SetPixelV
SetBkMode
SetBrushOrgEx
GetCharWidthW
SetBoundsRect
GetTextAlign
GetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
SetMapMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetClipBox
GetTextExtentPointW
GetObjectType
MoveToEx
OffsetRgn
GetBoundsRect
CreateDCW
GetObjectA
CreateDIBitmap
CreatePalette
SelectPalette
GetClipRgn
IntersectClipRect
ExtSelectClipRgn
GetTextCharsetInfo
GetTextExtentExPointW
GetRgnBox
GetCurrentPositionEx
GetTextExtentPoint32A
CloseFigure
FillPath
StrokeAndFillPath
PolyBezierTo
OffsetViewportOrgEx
CreatePenIndirect
ExtTextOutW
TextOutW
StrokePath
EndPath
BeginPath
SetBkColor
Rectangle
RectVisible
PtVisible
GetBkMode
GetBkColor
Escape
CreateHatchBrush
CreateBrushIndirect
StretchDIBits
Polyline
ExtCreateRegion
SetTextColor
GetCurrentObject
GetPixel
ExtFloodFill
EnumFontFamiliesW
EnumFontFamiliesExW
CreateRectRgnIndirect
PtInRegion
PatBlt
CreateRectRgn
GdiFlush
SetPixelFormat
ChoosePixelFormat
RoundRect
GetViewportOrgEx
GetMapMode
CreateSolidBrush
CreateRoundRectRgn
CreateDIBSection
LineTo
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Polygon
GetBitmapDimensionEx
GetDeviceCaps
GetTextExtentPoint32W
SelectObject
StretchBlt
GetStockObject
CreateBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
Ellipse
FillRgn
FrameRgn
GetTextColor
SetPixel
GetObjectW
DeleteDC
CreatePolygonRgn
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
IsTextUnicode
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW

shell32

DragAcceptFiles
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
ExtractIconExW
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage

comctl32

ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_Create
ImageList_GetBkColor
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_Replace
ImageList_Remove
ImageList_Copy
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
ord17
FlatSB_GetScrollProp
ImageList_Draw
InitCommonControlsEx

shlwapi

PathCombineW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameA

ole32

OleUninitialize
OleInitialize
PropVariantClear
DoDragDrop
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID
OleRun
CoCreateInstance

oleaut32

GetErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VariantClear
VariantChangeType
VariantChangeTypeEx
VariantInit
VariantCopy
SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen
DosDateTimeToVariantTime
VarBstrFromDate
VarDateFromStr
OleLoadPicturePath
SysStringLen
SafeArrayCreateVector
VarCmp
SetErrorInfo
CreateErrorInfo

gdiplus

GdipSetPathGradientBlend
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateFontFromLogfontA
GdipSetCompositingQuality
GdipSetCompositingMode
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHICONFromBitmap
GdipCreateBitmapFromHICON
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipSetStringFormatMeasurableCharacterRanges
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipMeasureCharacterRanges
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipCreateFont
GdipGetGenericFontFamilyMonospace
GdipDeleteFontFamily
GdipGetWorldTransform
GdipSetWorldTransform
GdipReleaseDC
GdipGetDC
GdipGetRegionBounds
GdipRotateMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCloneMatrix
GdipCreateMatrix
GdipAddPathString
GdipGetPathData
GdipCreatePath2
GdipFlattenPath
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathBeziers
GdipReversePath
GdipGetPathPoints
GdipClonePath
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipCreateFontFromDC
GdipDrawImageRectI
GdipFillEllipseI
GdipFillPolygonI
GdipGraphicsClear
GdipDrawEllipseI
GdipResetWorldTransform
GdipSetPixelOffsetMode
GdipCreateFromHDC2
GdipCreateLineBrushFromRectI
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPointCount
GdipIsOutlineVisiblePathPoint
GdipGetPathWorldBoundsI
GdipFillPieI
GdipFillRectangleI
GdipDeleteBrush
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPointI
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLineBlend
GdipCreateLineBrushI
GdipCloneBrush
GdipAddPathEllipseI
GdipFree
GdipAlloc
GdipRestoreGraphics
GdipSaveGraphics
GdipGetClipBoundsI
GdipGetClip
GdipSetClipRegion
GdipSetClipRectI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDeleteRegion
GdipCreateRegionPath
GdipCreateRegion
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipFillRectangle
GdipDrawRectangle
GdipFillPolygon
GdipDrawPolygon
GdipGetSmoothingMode
GdipAddPathPolygon
GdipClosePathFigures
GdipStartPathFigure
GdipFillPath
GdipDrawPath
GdipCreateLineBrush
GdipIsVisiblePathPointI
GdipAddPathPie
GdipAddPathEllipse
GdipAddPathArc
GdipAddPathLine
GdipDrawCurve
GdipDrawLines
GdipDrawLine
GdipSetPenDashArray
GdipSetPenDashStyle
GdipIsOutlineVisiblePathPointI
GdipAddPathCurve
GdipDeletePath
GdipCreatePath
GdipMeasureString
GdipDeleteFont
GdipCreateFontFromLogfontW
GdipGetDpiY
GdipGetDpiX
GdipSetPageUnit
GdipScaleWorldTransform
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipFillEllipse
GdipDrawEllipse
GdipDeletePen
GdipCreatePen1
GdipSetLinePresetBlend
GdipCreateLineBrushFromRect
GdipCreateSolidFill
GdipCreateHatchBrush

glu32

gluProject
gluPerspective
gluLookAt
gluUnProject

opengl32

glEndList
glCallList
glMultMatrixd
glVertex3d
glPushAttrib
glPopAttrib
glLineWidth
glEnd
glDisable
glColor3f
glBegin
glViewport
glTranslated
glShadeModel
glReadPixels
glPushMatrix
glPopMatrix
glMatrixMode
glMaterialfv
glLoadIdentity
glLightfv
glLightModelfv
glIsEnabled
glHint
glGetIntegerv
glGetDoublev
glFlush
glFinish
glEnable
glColorMaterial
glClearDepth
glClearAccum
glBlendFunc
glAccum
wglMakeCurrent
wglDeleteContext
wglCreateContext
glClearColor
glClear
glGetError
glNewList
glNormal3d
glRotated
glDeleteLists

winmm

PlaySoundW

imagehlp

ImageDirectoryEntryToData

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
__vcrt_InitializeCriticalSectionEx
strstr
memchr
_setjmp3
_purecall
__std_terminate
memmove
__CxxFrameHandler3
memcpy
memset
_CxxThrowException
wcschr
wcsstr
strchr
wcsrchr
longjmp

api-ms-win-crt-runtime-l1-1-0

abort
terminate
_invalid_parameter_noinfo
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
_errno
strerror

api-ms-win-crt-heap-l1-1-0

realloc
free
_recalloc
malloc
calloc

api-ms-win-crt-utility-l1-1-0

ldiv
rand
qsort
_lfind

api-ms-win-crt-time-l1-1-0

_gmtime64
_mktime64
_localtime64_s
_time64
wcsftime

api-ms-win-crt-math-l1-1-0

_libm_sse2_acos_precise
_libm_sse2_atan_precise
_libm_sse2_tan_precise
_libm_sse2_sin_precise
_libm_sse2_cos_precise
_isnan
_except1
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
_libm_sse2_asin_precise
frexp
modf
_CIatan2
ceil
_libm_sse2_log10_precise
_libm_sse2_log_precise
floor

api-ms-win-crt-convert-l1-1-0

wcstoul
wcstombs
_wtol
wcstol
wcstod
wcstombs_s
_wtoi
_itow_s
atof

api-ms-win-crt-stdio-l1-1-0

_write
_close
_open
_lseeki64
_wopen
__stdio_common_vsprintf
__stdio_common_vswprintf
ftell
fseek
_fileno
fclose
_wfopen_s
fgetws
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_read

api-ms-win-crt-string-l1-1-0

isdigit
_wcsdup
_wcsicoll
_wcsupr_s
iswupper
iswlower
strpbrk
strncmp
wcspbrk
isleadbyte
isalnum
strcpy_s
_stricmp
wcsspn
wcsncpy
wcstok_s
isprint
isxdigit
iswxdigit
iswspace
iswprint
iswdigit
iswalpha
iswalnum
wcsncmp
towupper
_wcslwr_s
_wcsnicmp
_wcsicmp
wcsncpy_s
wcscpy_s
isspace

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_wsplitpath_s

api-ms-win-crt-locale-l1-1-0

_wsetlocale

Exports

Exports

?$TSS0@?1??InstancePointer@?$CXTPSingleton@VCXTPChartObjectFactory@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@KAAAVCXTPSingletonPointer@@XZ@4HA
?$TSS0@?1??InstancePointer@?$CXTPSingleton@VCXTPOpenGLListPool@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@KAAAVCXTPSingletonPointer@@XZ@4HA
??0?$CArray@PAUXTP_TAGCLOUDTAG@@PAU1@@@QAE@XZ
??0?$CArray@PAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAV12@@@QAE@XZ
??0?$CArray@PAVCXTPCommandBar@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPDatePickerButton@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPDockingPaneCaptionButton@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPReportInplaceButton@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPReportRow@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPSyntaxEditColorInfo@@PAV1@@@QAE@XZ
??0?$CArray@UXTP_EDIT_LEXCLASSINFO@XTPSyntaxEditLexAnalyser@@AAU12@@@QAE@XZ
??0?$CArray@UXTP_EDIT_LEXPROPINFO@XTPSyntaxEditLexAnalyser@@AAU12@@@QAE@XZ
??0?$CArray@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@ABV12@@@QAE@XZ
??0?$CArray@VCXTPCalendarReminderForOccurrence@@ABV1@@@QAE@XZ
??0?$CList@UXTP_EDIT_SCHEMAFILEINFO@@AAU1@@@QAE@H@Z
??0?$CMap@PAVCXTPReportRecordItem@@PAV1@VCXTPReportRecordMergeItem@@AAV2@@@QAE@H@Z
??0?$CXTPArrayT@IIJ@@QAE@XZ
??0?$CXTPArrayT@PAVCXTPReportHyperlink@@PAV1@PAUIDispatch@@@@QAE@XZ
??0?$CXTPArrayT@PAVCXTPReportRecordItemControl@@PAV1@PAUIDispatch@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarEventCategory@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarEventLabel@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarReminder@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarResource@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarSchedule@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarTimeLineViewGroup@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarViewEvent@@@@QAE@XZ
??0?$CXTPCalendarThemeCustomizableXValueT@HH@@QAE@ABV0@@Z
??0?$CXTPCalendarThemeCustomizableXValueT@HH@@QAE@XZ
??0?$CXTPCalendarThemeCustomizableXValueT@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@@QAE@ABV0@@Z
??0?$CXTPCalendarThemeCustomizableXValueT@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@@QAE@XZ
??0?$CXTPCalendarThemeCustomizableXValueT@VCRect@@V1@@@QAE@ABV0@@Z
??0?$CXTPCalendarThemeCustomizableXValueT@VCRect@@V1@@@QAE@XZ
??0?$CXTPCalendarViewDayT@VCXTPCalendarDayView@@VCXTPCalendarDayViewGroup@@UXTP_CALENDAR_HITTESTINFO@@VCXTPCalendarDayViewDay@@@@QAE@PBVCXTPCalendarDayView@@@Z
??0?$CXTPCalendarViewDayT@VCXTPCalendarMonthView@@VCXTPCalendarMonthViewGroup@@UXTP_CALENDAR_HITTESTINFO@@VCXTPCalendarMonthViewDay@@@@QAE@PBVCXTPCalendarMonthView@@@Z
??0?$CXTPCalendarViewDayT@VCXTPCalendarWeekView@@VCXTPCalendarWeekViewGroup@@UXTP_CALENDAR_HITTESTINFO@@VCXTPCalendarWeekViewDay@@@@QAE@PBVCXTPCalendarWeekView@@@Z
??0?$CXTPCalendarViewEventT@VCXTPCalendarDayViewGroup@@@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarDayViewGroup@@@Z
??0?$CXTPCalendarViewEventT@VCXTPCalendarMonthViewGroup@@@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarMonthViewGroup@@@Z
??0?$CXTPCalendarViewEventT@VCXTPCalendarWeekViewGroup@@@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarWeekViewGroup@@@Z
??0?$CXTPCalendarViewGroupT@VCXTPCalendarDayViewDay@@VCXTPCalendarDayViewEvent@@VCXTPCalendarDayViewGroup@@@@QAE@PAVCXTPCalendarDayViewDay@@@Z
??0?$CXTPCalendarViewGroupT@VCXTPCalendarMonthViewDay@@VCXTPCalendarMonthViewEvent@@VCXTPCalendarMonthViewGroup@@@@QAE@PAVCXTPCalendarMonthViewDay@@@Z
??0?$CXTPCalendarViewGroupT@VCXTPCalendarWeekViewDay@@VCXTPCalendarWeekViewEvent@@VCXTPCalendarWeekViewGroup@@@@QAE@PAVCXTPCalendarWeekViewDay@@@Z
??0?$CXTPCalendarViewPartCustomizableValueT@VCBrush@@@@QAE@ABV0@@Z
??0?$CXTPCalendarViewPartCustomizableValueT@VCBrush@@@@QAE@XZ
??0?$CXTPCalendarViewPartCustomizableValueT@VCFont@@@@QAE@ABV0@@Z
??0?$CXTPCalendarViewPartCustomizableValueT@VCFont@@@@QAE@XZ
??0?$CXTPCalendarViewT@VCXTPCalendarDayViewDay@@@@QAE@PAVCXTPCalendarControl@@W4XTPCalendarViewType@@@Z
??0?$CXTPCalendarViewT@VCXTPCalendarMonthViewDay@@@@QAE@PAVCXTPCalendarControl@@W4XTPCalendarViewType@@@Z
??0?$CXTPCalendarViewT@VCXTPCalendarWeekViewDay@@@@QAE@PAVCXTPCalendarControl@@W4XTPCalendarViewType@@@Z
??0?$CXTPChartPieDiagramBase@VCXTPChart2dDiagram@@@@IAE@XZ
??0?$CXTPChartPieDiagramBase@VCXTPChart3dDiagram@@@@IAE@XZ
??0?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@QAE@XZ
??0?$CXTPCommandBarsSiteBase@VCMDIFrameWnd@@@@QAE@XZ
??0?$CXTPFrameWndBase@VCFrameWnd@@@@QAE@XZ
??0?$CXTPFrameWndBase@VCMDIFrameWnd@@@@QAE@XZ
??0?$CXTPHeapAllocatorT@UCXTPReportAllocatorDefaultData@@@@QAE@ABV0@@Z
??0?$CXTPHeapAllocatorT@UCXTPReportAllocatorDefaultData@@@@QAE@XZ
??0?$CXTPHeapAllocatorT@UCXTPReportDataAllocatorData@@@@QAE@ABV0@@Z
??0?$CXTPHeapAllocatorT@UCXTPReportDataAllocatorData@@@@QAE@XZ
??0?$CXTPHeapAllocatorT@UCXTPReportRowAllocatorData@@@@QAE@ABV0@@Z
??0?$CXTPHeapAllocatorT@UCXTPReportRowAllocatorData@@@@QAE@XZ
??0?$CXTPHeapObjectT@V?$CXTPArrayT@PAVCXTPReportHyperlink@@PAV1@PAUIDispatch@@@@VCXTPReportDataAllocator@@@@QAE@XZ
??0?$CXTPHeapObjectT@VCXTPCmdTarget@@VCXTPReportDataAllocator@@@@QAE@XZ
??0?$CXTPHeapObjectT@VCXTPReportRowBase@@VCXTPReportRowAllocator@@@@QAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupRotateTransform@@@@IAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupScaleTransform@@@@IAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupSkewTransform@@@@IAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupTranslateTransform@@@@IAE@XZ
??0?$CXTPMaskEditT@VCEdit@@@@QAE@XZ
??0?$CXTPObservable@VCXTPApplication@@UIXTPApplicationEvents@@@@IAE@XZ
??0?$CXTPObservable@VCXTPChartDeviceCommand@@VCXTPChartDeviceCommandEvents@@@@IAE@XZ
??0?$CXTPObservable@VCXTPFrameShadowManager@@UIXTPFrameShadowManagerEvents@@@@IAE@XZ
??0?$CXTPObservable@VCXTPPaintManager@@UIXTPPaintManagerEvents@@@@IAE@XZ
??0?$CXTPScrollBarContainer@VCSplitterWnd@@@@IAE@XZ
??0?$CXTPScrollBarContainer@VCWnd@@@@IAE@XZ
??0?$CXTPSingleton@VCXTPChartObjectFactory@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@IAE@XZ
??0?$CXTPSingleton@VCXTPOpenGLListPool@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@IAE@XZ
??0?$CXTPSyntaxEditLexObj_SpecCollT@VCXTPSyntaxEditLexObj_Previous@XTPSyntaxEditLexAnalyser@@VCXTPSyntaxEditLexObj_Start@2@VCXTPSyntaxEditLexObj_End@2@VCXTPSyntaxEditLexObj_Token@2@VCXTPSyntaxEditLexObj_Skip@2@VCXTPSyntaxEditLexObj_ActiveTags@2@VCXTPSyntaxEditLexNULL@2@V82@V82@V82@@XTPSyntaxEditLexAnalyser@@QAE@ABV01@@Z
??0?$CXTPSyntaxEditLexObj_SpecCollT@VCXTPSyntaxEditLexObj_Previous@XTPSyntaxEditLexAnalyser@@VCXTPSyntaxEditLexObj_Start@2@VCXTPSyntaxEditLexObj_End@2@VCXTPSyntaxEditLexObj_Token@2@VCXTPSyntaxEditLexObj_Skip@2@VCXTPSyntaxEditLexObj_ActiveTags@2@VCXTPSyntaxEditLexNULL@2@V82@V82@V82@@XTPSyntaxEditLexAnalyser@@QAE@XZ
??0?$CXTPTypeIdProvider@VCXTPChart3dPieDeviceCommandEvents@@VCXTPChartDeviceCommandEvents@@@@IAE@XZ
??0?$CXTPTypeIdProvider@VCXTPChart3dPieDeviceCommandEvents@@VCXTPChartDeviceCommandEvents@@@@QAE@ABV0@@Z
??0?$CXTPTypeIdProvider@VCXTPChartDeviceCommandEvents@@V1@@@IAE@XZ
??0?$CXTPTypeIdProvider@VCXTPChartDeviceCommandEvents@@V1@@@QAE@ABV0@@Z
??0CAppearanceSetFlat@CXTPTabPaintManager@@QAE@$$QAV01@@Z
??0CAppearanceSetFlat@CXTPTabPaintManager@@QAE@ABV01@@Z
??0CAppearanceSetFlat@CXTPTabPaintManager@@QAE@XZ
??0CAppearanceSetPropertyPage2003@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPage2003@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPage2003@@QAE@XZ
??0CAppearanceSetPropertyPage2007@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPage2007@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPage2007@@QAE@XZ
??0CAppearanceSetPropertyPage@CXTPTabPaintManager@@QAE@$$QAV01@@Z
??0CAppearanceSetPropertyPage@CXTPTabPaintManager@@QAE@ABV01@@Z
??0CAppearanceSetPropertyPage@CXTPTabPaintManager@@QAE@XZ
??0CAppearanceSetPropertyPageAccess2007@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPageAccess2007@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPageAccess2007@@QAE@XZ
??0CAppearanceSetPropertyPageFlat@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPageFlat@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPageFlat@@QAE@XZ
??0CAppearanceSetPropertyPageSelected@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPageSelected@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPageSelected@@QAE@XZ
??0CAppearanceSetStateButtons@@QAE@$$QAV0@@Z
??0CAppearanceSetStateButtons@@QAE@ABV0@@Z
??0CAppearanceSetStateButtons@@QAE@XZ
??0CAppearanceSetVisio@@QAE@$$QAV0@@Z
??0CAppearanceSetVisio@@QAE@ABV0@@Z
??0CAppearanceSetVisio@@QAE@XZ
??0CAppearanceSetVisualStudio2005@@QAE@$$QAV0@@Z
??0CAppearanceSetVisualStudio2005@@QAE@ABV0@@Z
??0CAppearanceSetVisualStudio2005@@QAE@XZ
??0CCaptionButton@CXTPSkinObjectFrame@@QAE@ABV01@@Z
??0CCaptionButton@CXTPSkinObjectFrame@@QAE@HPAV1@IH@Z
??0CCheckListState@CXTPCheckListBox@@QAE@ABV01@@Z
??0CCheckListState@CXTPCheckListBox@@QAE@H@Z
??0CColorSetAccess2007@@QAE@$$QAV0@@Z
??0CColorSetAccess2007@@QAE@ABV0@@Z
??0CColorSetAccess2007@@QAE@XZ
??0CColorSetDefault@CXTPTabPaintManager@@QAE@$$QAV01@@Z
??0CColorSetDefault@CXTPTabPaintManager@@QAE@ABV01@@Z
??0CColorSetDefault@CXTPTabPaintManager@@QAE@XZ
??0CColorSetVisualStudio2003@@QAE@$$QAV0@@Z
??0CColorSetVisualStudio2003@@QAE@ABV0@@Z
??0CColorSetVisualStudio2003@@QAE@XZ
??0CColorSetVisualStudio2005@@QAE@$$QAV0@@Z
??0CColorSetVisualStudio2005@@QAE@ABV0@@Z
??0CColorSetVisualStudio2005@@QAE@XZ
??0CColorSetVisualStudio@@QAE@$$QAV0@@Z
??0CColorSetVisualStudio@@QAE@ABV0@@Z
??0CColorSetVisualStudio@@QAE@XZ
??0CColorSetWinNative@@QAE@ABV0@@Z
??0CColorSetWinNative@@QAE@XZ
??0CColorSetWinXP@@QAE@$$QAV0@@Z
??0CColorSetWinXP@@QAE@ABV0@@Z
??0CColorSetWinXP@@QAE@XZ
??0CFMFileInfo@CXTPSyntaxEditFileChangesMonitor@@QAE@ABV01@@Z
??0CFMFileInfo@CXTPSyntaxEditFileChangesMonitor@@QAE@XZ
??0CFontDesc@CXTPControlFontComboBoxList@@QAE@$$QAV01@@Z
??0CFontDesc@CXTPControlFontComboBoxList@@QAE@ABV01@@Z
??0CFontDesc@CXTPControlFontComboBoxList@@QAE@PB_W0EEK@Z
??0CFontDescHolder@CXTPControlFontComboBoxList@@QAE@XZ
??0CHeaderBackground@CTOHeader@CXTPCalendarTheme@@QAE@ABU012@@Z
??0CHeaderBackground@CTOHeader@CXTPCalendarTheme@@QAE@XZ
??0CHeaderText@CTOHeader@CXTPCalendarTheme@@QAE@ABU012@@Z
??0CHeaderText@CTOHeader@CXTPCalendarTheme@@QAE@XZ
??0CKeyAssign@CXTPShortcutManager@@QAE@PAV1@@Z
??0CKeyHelper@CXTPShortcutManager@@QAE@ABV01@@Z
??0CKeyHelper@CXTPShortcutManager@@QAE@PBVCXTPShortcutManagerAccel@@PAV1@@Z
??0CKeyNameText@CXTPShortcutManager@@QAE@XZ
??0CLogFont@CXTPPaintManager@@QAE@XZ
??0CManageState@CXTPResourceManager@@QAE@XZ
??0CMonthViewGrid@CXTPCalendarMonthView@@QAE@PAV1@@Z
??0CNavigateButtonActiveFiles@CXTPTabClientWnd@@QAE@$$QAV01@@Z
??0CNavigateButtonActiveFiles@CXTPTabClientWnd@@QAE@ABV01@@Z
??0CNavigateButtonActiveFiles@CXTPTabClientWnd@@QAE@PAVCXTPTabManager@@PAV1@@Z
??0CNonClientMetrics@CXTPPaintManager@@QAE@XZ
??0COLOR_CELL@CXTPColorSelectorCtrl@@QAE@XZ
??0CRepositionContext@CXTPTaskPanel@@QAE@PAV1@@Z
??0CRichEditContext@CXTPCommandBarEditCtrl@@QAE@ABV01@@Z
??0CRichEditContext@CXTPCommandBarEditCtrl@@QAE@XZ
??0CRstEvent@@QAE@PAVCXTPReportDataManager@@@Z
??0CShellMalloc@CXTPShellPidl@@QAE@ABV01@@Z
??0CShellMalloc@CXTPShellPidl@@QAE@XZ
??0CShellSpecialFolder@CXTPShellPidl@@QAE@ABV01@@Z
??0CShellSpecialFolder@CXTPShellPidl@@QAE@H@Z
??0CSingleWorkspace@CXTPTabClientWnd@@QAE@XZ
??0CStringPtrArray@CXTPSyntaxEditStringsManager@CXTPSyntaxEditBufferManager@@QAE@XZ
??0CTOCellDynBackground@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOColorsSet@CXTPCalendarTheme@@QAE@XZ
??0CTODay@CXTPCalendarTheme@@QAE@XZ
??0CTODay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayView@CXTPCalendarTheme@@QAE@XZ
??0CTODayView@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDay@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroup@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroup@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroupAllDayEvents@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroupAllDayEvents@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroupCell@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroupCell@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroupHeader@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroupHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewEvent@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewEvent_MultiDay@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewEvent_MultiDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewEvent_SingleDay@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewEvent_SingleDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewTimeScale@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewTimeScale@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOEvent@CXTPCalendarTheme@@QAE@XZ
??0CTOEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOEventIconsToDraw@CXTPCalendarTheme@@QAE@XZ
??0CTOFormula_MulDivC@CXTPCalendarTheme@@QAE@XZ
??0CTOHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthView@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthView@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewDay@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewEvent@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewEvent_MultiDay@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewEvent_MultiDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewEvent_SingleDay@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewEvent_SingleDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewWeekDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewWeekDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewWeekHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOPrevNextEventButton@@QAE@XZ
??0CTOPrevNextEventButtons@@QAE@XZ
??0CTOWeekView@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekView@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewDay@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewEvent@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewEvent_MultiDay@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewEvent_MultiDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewEvent_SingleDay@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewEvent_SingleDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTabClientDropTarget@CXTPTabClientWnd@@QAE@XZ
??0CThemeFontColorSet@CXTPCalendarTheme@@QAE@ABV01@@Z
??0CThemeFontColorSet@CXTPCalendarTheme@@QAE@XZ
??0CThemeFontColorSetValue@CXTPCalendarTheme@@QAE@$$QAV01@@Z
??0CThemeFontColorSetValue@CXTPCalendarTheme@@QAE@ABV01@@Z
??0CThemeFontColorSetValue@CXTPCalendarTheme@@QAE@XZ
??0CTrackArray@CXTPMouseManager@@QAE@XZ
??0CUpdateContext@CXTPCalendarControl@@QAE@PAV1@H@Z
??0CUpdateContext@CXTPReportControl@@QAE@PAV1@@Z
??0CWorkspace@CXTPTabClientWnd@@QAE@XZ
??0CXTButton@@QAE@PAUCRuntimeClass@@@Z
??0CXTButtonTheme@@QAE@XZ
??0CXTButtonThemeFactory@@QAE@XZ
??0CXTButtonThemeOffice2003@@QAE@H@Z
??0CXTButtonThemeOfficeXP@@QAE@H@Z
??0CXTColorRef@@QAE@HHH@Z
??0CXTColorRef@@QAE@K@Z
??0CXTColorRef@@QAE@XZ
??0CXTComboBoxEx@@QAE@XZ
??0CXTDateTimeCtrl@@QAE@XZ
??0CXTDisabledButtonTheme@@QAE@XZ
??0CXTFlatComboBox@@QAE@XZ
??0CXTFlatComboBoxTheme@@QAE@XZ
??0CXTFlatComboBoxThemeFactory@@QAE@XZ
??0CXTFlatComboBoxThemeOffice2003@@QAE@XZ
??0CXTFlatComboBoxThemeOfficeXP@@QAE@XZ
??0CXTFlatEdit@@QAE@XZ
??0CXTFlatEditTheme@@QAE@XZ
??0CXTFlatEditThemeFactory@@QAE@XZ
??0CXTFlatEditThemeOffice2003@@QAE@XZ
??0CXTFlatEditThemeOfficeXP@@QAE@XZ
??0CXTHtmlView@@IAE@XZ
??0CXTListViewHelper@@QAE@XZ
??0CXTMemDC@@QAE@PAVCDC@@ABVCRect@@VCXTPPaintManagerColorGradient@@H@Z
??0CXTMonthCalCtrl@@QAE@XZ
??0CXTOutBarCtrl@@QAE@XZ
??0CXTOutBarCtrlTheme@@QAE@XZ
??0CXTOutBarCtrlThemeFactory@@QAE@XZ
??0CXTOutBarCtrlThemeOffice2003@@QAE@XZ
??0CXTOutBarCtrlThemeOfficeXP@@QAE@XZ
??0CXTOutBarEditItem@@QAE@XZ
??0CXTOutBarFolder@@QAE@PB_WKPAVCXTOutBarCtrl@@@Z
??0CXTOutBarItem@@QAE@ABV0@@Z
??0CXTOutBarItem@@QAE@PB_WHK@Z
??0CXTPA2W@CXTPResourceManager@@QAE@PBD@Z
??0CXTPAccessible@@QAE@ABV0@@Z
??0CXTPAccessible@@QAE@XZ
??0CXTPActiveScriptEngine@@QAE@XZ
??0CXTPActiveScriptObjectContext@@AAE@PAVCXTPActiveScriptEngine@@PAUIDispatch@@@Z
??0CXTPActiveScriptStdRuntime@@QAE@XZ
??0CXTPAnimationDC@@QAE@PAUHDC__@@ABVCRect@@@Z
??0CXTPAnimationDC@@QAE@PAUHDC__@@ABVCRect@@ABVCXTPPaintManagerColorGradient@@H@Z
??0CXTPApplication@@AAE@XZ
??0CXTPArcBall@@QAE@$$QAV0@@Z
??0CXTPArcBall@@QAE@ABV0@@Z
??0CXTPArcBall@@QAE@XZ
??0CXTPArrowDrawer@@QAE@MMH@Z
??0CXTPAuxData@@AAE@XZ
??0CXTPBitmapDC@@QAE@PAVCDC@@PAUHBITMAP__@@@Z
??0CXTPBitmapDC@@QAE@PAVCDC@@PAVCBitmap@@@Z
??0CXTPBitmapDC@@QAE@XZ
??0CXTPBrowseButton@@QAE@XZ
??0CXTPBrowseDialog@@QAE@PAVCWnd@@@Z
??0CXTPBrowseEdit@@QAE@XZ
??0CXTPBrush@@QAE@HK@Z
??0CXTPBrush@@QAE@K@Z
??0CXTPBrush@@QAE@PAVCBitmap@@@Z
??0CXTPBrush@@QAE@XZ
??0CXTPBrushDC@@QAE@PAUHDC__@@K@Z
??0CXTPBufferDC@@QAE@AAVCPaintDC@@@Z
??0CXTPBufferDC@@QAE@PAUHDC__@@ABVCRect@@@Z
??0CXTPBufferDC@@QAE@PAUHDC__@@ABVCRect@@ABVCXTPPaintManagerColorGradient@@H@Z
??0CXTPBufferDCEx@@QAE@PAUHDC__@@VCRect@@@Z
??0CXTPButton@@QAE@XZ
??0CXTPButtonTheme@@QAE@XZ
??0CXTPButtonThemeFlat@@QAE@XZ
??0CXTPButtonThemeOffice2000@@QAE@XZ
??0CXTPButtonThemeOffice2003@@QAE@XZ
??0CXTPButtonThemeOffice2013@@QAE@XZ
??0CXTPButtonThemeOfficeXP@@QAE@XZ
??0CXTPButtonThemeResource@@QAE@XZ
??0CXTPButtonThemeUltraFlat@@QAE@XZ
??0CXTPButtonThemeVisualStudio2012@@QAE@H@Z
??0CXTPButtonThemeVisualStudio2015@@QAE@XZ
??0CXTPCalendarBusyStatusComboBox@@QAE@XZ
??0CXTPCalendarCaptionBarControl@@QAE@XZ
??0CXTPCalendarCaptionBarOffice2000Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarOffice2003Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarOffice2013Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarOfficeXPTheme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarPaintManager@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarResourceTheme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarTheme@@QAE@XZ
??0CXTPCalendarCaptionBarThemePart@@QAE@PAVCXTPCalendarCaptionBarTheme@@H@Z
??0CXTPCalendarCaptionBarVisualStudio2015Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarComboBoxBase@@QAE@XZ
??0CXTPCalendarControl@@QAE@XZ
??0CXTPCalendarControlView@@IAE@XZ
??0CXTPCalendarControlViewPrintOptions@@QAE@XZ
??0CXTPCalendarController@@QAE@XZ
??0CXTPCalendarCustomDataProvider@@QAE@XZ
??0CXTPCalendarCustomProperties@@QAE@H@Z
??0CXTPCalendarData@@QAE@XZ
??0CXTPCalendarDatabaseDataProvider@@QAE@XZ
??0CXTPCalendarDayView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarDayViewDay@@QAE@PAVCXTPCalendarDayView@@VCOleDateTime@ATL@@@Z
??0CXTPCalendarDayViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarDayViewGroup@@@Z
??0CXTPCalendarDayViewGroup@@QAE@PAVCXTPCalendarDayViewDay@@@Z
??0CXTPCalendarDayViewTimeScale@@QAE@PAVCXTPCalendarDayView@@HH@Z
??0CXTPCalendarEvent@@QAE@PAVCXTPCalendarData@@@Z
??0CXTPCalendarEventCategories@@QAE@XZ
??0CXTPCalendarEventCategory@@QAE@IPB_WKK@Z
??0CXTPCalendarEventCategory@@QAE@PAV0@@Z
??0CXTPCalendarEventCategoryComboBox@@QAE@XZ
??0CXTPCalendarEventCategoryIDs@@QAE@XZ
??0CXTPCalendarEventColorDlg@@QAE@HPAVCXTPCalendarControl@@PAVCWnd@@@Z
??0CXTPCalendarEventColorEdit@@QAE@H@Z
??0CXTPCalendarEventColorListBox@@QAE@XZ
??0CXTPCalendarEventColorNewDlg@@QAE@HPAVCWnd@@@Z
??0CXTPCalendarEventLabel@@QAE@HKPB_W@Z
??0CXTPCalendarEventLabel@@QAE@PAV0@@Z
??0CXTPCalendarEventLabelComboBox@@QAE@XZ
??0CXTPCalendarEventLabels@@QAE@XZ
??0CXTPCalendarEventPropertiesDlg@@QAE@PAVCXTPCalendarControl@@HPAVCWnd@@PAVCXTPCalendarEvent@@IVCOleDateTime@ATL@@@Z
??0CXTPCalendarEventRecurrenceDlg@@QAE@PAVCXTPCalendarEvent@@PAVCWnd@@I@Z
??0CXTPCalendarEvents@@QAE@XZ
??0CXTPCalendarIconIDs@@QAE@XZ
??0CXTPCalendarMAPIDataProvider@@QAE@XZ
??0CXTPCalendarMAPIWrapper@@QAE@ABV0@@Z
??0CXTPCalendarMAPIWrapper@@QAE@XZ
??0CXTPCalendarMemoryDataProvider@@QAE@XZ
??0CXTPCalendarMonthView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarMonthViewDay@@QAE@PBVCXTPCalendarMonthView@@HH@Z
??0CXTPCalendarMonthViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarMonthViewGroup@@@Z
??0CXTPCalendarMonthViewGroup@@QAE@PAVCXTPCalendarMonthViewDay@@@Z
??0CXTPCalendarMsgNotifier@@QAE@XZ
??0CXTPCalendarOccurSeriesChooseDlg@@QAE@PAVCWnd@@IPB_WI@Z
??0CXTPCalendarOffice2000Theme@@QAE@XZ
??0CXTPCalendarOffice2003Theme@@QAE@XZ
??0CXTPCalendarOffice2013Theme@@QAE@XZ
??0CXTPCalendarOfficeXPTheme@@QAE@XZ
??0CXTPCalendarOptions@@QAE@XZ
??0CXTPCalendarPageSetupDialog@@QAE@PAVCXTPCalendarControlViewPrintOptions@@KPAVCWnd@@@Z
??0CXTPCalendarPaintManager@@QAE@XZ
??0CXTPCalendarRecurrencePattern@@IAE@PAVCXTPCalendarData@@@Z
??0CXTPCalendarReminder@@QAE@PAVCXTPCalendarRemindersManager@@@Z
??0CXTPCalendarReminderForOccurrence@@QAE@ABV0@@Z
??0CXTPCalendarReminderForOccurrence@@QAE@XZ
??0CXTPCalendarReminderForOccurrenceArray@@QAE@XZ
??0CXTPCalendarReminders@@QAE@XZ
??0CXTPCalendarRemindersDialog@@QAE@PAVCWnd@@I@Z
??0CXTPCalendarRemindersManager@@QAE@XZ
??0CXTPCalendarResource@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarResourceDescription@@QAE@XZ
??0CXTPCalendarResourceTheme@@QAE@XZ
??0CXTPCalendarResources@@QAE@XZ
??0CXTPCalendarResourcesManager@@QAE@XZ
??0CXTPCalendarResourcesNf@@QAE@XZ
??0CXTPCalendarSchedule@@QAE@IPB_W@Z
??0CXTPCalendarSchedules@@QAE@XZ
??0CXTPCalendarShadowDrawer@@QAE@ABV0@@Z
??0CXTPCalendarShadowDrawer@@QAE@PAVCDC@@N@Z
??0CXTPCalendarTLV_TimeScaleParams@@QAE@HPAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTLV_TimeScaleParams_Day@@QAE@PAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTLV_TimeScaleParams_Month@@QAE@PAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTLV_TimeScaleParams_Week@@QAE@PAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTheme@@QAE@XZ
??0CXTPCalendarThemeBOOLValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeBOOLValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeBOOLValue@@QAE@XZ
??0CXTPCalendarThemeFontValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeFontValue@@QAE@XZ
??0CXTPCalendarThemeIntValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeIntValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeIntValue@@QAE@XZ
??0CXTPCalendarThemeOffice2007@@QAE@XZ
??0CXTPCalendarThemePart@@QAE@XZ
??0CXTPCalendarThemeRectValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeRectValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeRectValue@@QAE@XZ
??0CXTPCalendarThemeStringValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeStringValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeStringValue@@QAE@XZ
??0CXTPCalendarTimeLineView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarTimeLineViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarTimeLineViewGroup@@@Z
??0CXTPCalendarTimeLineViewGroup@@QAE@PAVCXTPCalendarTimeLineView@@PAV0@@Z
??0CXTPCalendarTimeLineViewGroups@@QAE@XZ
??0CXTPCalendarTimeLineViewPart@@QAE@PAVCXTPCalendarViewPart@@@Z
??0CXTPCalendarTimeLineViewTimeScale@@QAE@PAVCXTPCalendarTimeLineView@@@Z
??0CXTPCalendarTimeLineViewTimeScalePart@@QAE@PAVCXTPCalendarViewPart@@@Z
??0CXTPCalendarTimeScalePropertiesDlg@@QAE@PAVCWnd@@I@Z
??0CXTPCalendarTimeZone@@QAE@PBU_TIME_ZONE_INFORMATION@@@Z
??0CXTPCalendarTimeZone@@QAE@PBV0@@Z
??0CXTPCalendarTimeZones@@QAE@XZ
??0CXTPCalendarTip@@QAE@XZ
??0CXTPCalendarUIntArray@@QAE@XZ
??0CXTPCalendarUtils@@AAE@XZ
??0CXTPCalendarView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarViewDay@@QAE@PBVCXTPCalendarView@@@Z
??0CXTPCalendarViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarViewGroup@@@Z
??0CXTPCalendarViewEventSubjectEditor@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarViewEventSubjectEditorColored@@QAE@PAVCXTPCalendarControl@@PAVCXTPCalendarViewEvent@@K@Z
??0CXTPCalendarViewEvents@@QAE@XZ
??0CXTPCalendarViewGroup@@QAE@PAVCXTPCalendarViewDay@@@Z
??0CXTPCalendarViewPart@@QAE@PAV0@@Z
??0CXTPCalendarViewPartBrushValue@@QAE@ABV0@@Z
??0CXTPCalendarViewPartBrushValue@@QAE@XZ
??0CXTPCalendarViewPartFontValue@@QAE@XZ
??0CXTPCalendarVisualStudio2015Theme@@QAE@XZ
??0CXTPCalendarWMHandler@@QAE@XZ
??0CXTPCalendarWeekView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarWeekViewDay@@QAE@PAVCXTPCalendarWeekView@@@Z
??0CXTPCalendarWeekViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarWeekViewGroup@@@Z
??0CXTPCalendarWeekViewGroup@@QAE@PAVCXTPCalendarWeekViewDay@@@Z
??0CXTPCaption@@QAE@XZ
??0CXTPCaptionButton@@QAE@XZ
??0CXTPCaptionButtonTheme@@QAE@XZ
??0CXTPCaptionButtonThemeOffice2003@@QAE@XZ
??0CXTPCaptionButtonThemeOfficeXP@@QAE@XZ
??0CXTPCaptionPopupWnd@@QAE@XZ
??0CXTPCaptionTheme@@QAE@XZ
??0CXTPCaptionThemeOffice2003@@QAE@XZ
??0CXTPCaptionThemeOfficeXP@@QAE@XZ
??0CXTPChart2dDiagram@@IAE@XZ
??0CXTPChart3dBox@@QAE@ABV0@@Z
??0CXTPChart3dBox@@QAE@XZ
??0CXTPChart3dDeviceCommand@@IAE@W4XTPChart3dAntialiasingPolicy@@@Z
??0CXTPChart3dDeviceContext@@IAE@PAVCXTPChartContainer@@PAUHDC__@@VCRect@@PAVCXTPChartDrawingObjectFactory@@@Z
??0CXTPChart3dDiagram@@IAE@XZ
??0CXTPChart3dDiagramView@@QAE@PAVCXTPChartDiagram@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dLineDeviceCommand@@IAE@ABV?$CXTPPoint3T@N@@0ABVCXTPChartColor@@H@Z
??0CXTPChart3dPie@@QAE@NNABVCXTPChartEllipse@@HH@Z
??0CXTPChart3dPieDeviceCommand@@IAE@W4XTPChart3dAntialiasingPolicy@@ABV?$CXTPPoint3T@N@@NNNNNN@Z
??0CXTPChart3dPieDeviceCommandEvents@@IAE@XZ
??0CXTPChart3dPieDeviceCommandEvents@@QAE@$$QAV0@@Z
??0CXTPChart3dPieDeviceCommandEvents@@QAE@ABV0@@Z
??0CXTPChart3dPieDiagram@@QAE@XZ
??0CXTPChart3dPieDiagramView@@QAE@PAVCXTPChartDiagram@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesLabel@@QAE@XZ
??0CXTPChart3dPieSeriesLabelDeviceCommand@@QAE@PAVCXTPChart3dPieSeriesLabelView@@@Z
??0CXTPChart3dPieSeriesLabelView@@QAE@PAVCXTPChartSeriesLabel@@PAVCXTPChartSeriesPointView@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesLabelsView@@QAE@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesLabelsViewDeviceCommand@@QAE@PAVCXTPChart3dPieSeriesLabelsView@@@Z
??0CXTPChart3dPieSeriesPointView@@QAE@PAVCXTPChartSeriesPoint@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesStyle@@QAE@XZ
??0CXTPChart3dPieSeriesView@@QAE@PAVCXTPChartSeries@@PAVCXTPChartDiagramView@@@Z
??0CXTPChart3dRotateDeviceCommand@@QAE@ABVCXTPChart3dRotation@@@Z
??0CXTPChart3dRotation@@QAE@ABV0@@Z
??0CXTPChart3dRotation@@QAE@NNN@Z
??0CXTPChart3dRotation@@QAE@XZ
??0CXTPChart3dTranslateDeviceCommand@@QAE@NNN@Z
??0CXTPChartAppearance@@QAE@PAVCXTPChartElement@@@Z
??0CXTPChartAreaSeriesStyle@@QAE@XZ
??0CXTPChartAreaSeriesView@@QAE@PAVCXTPChartSeries@@PAVCXTPChartDiagramView@@@Z
??0CXTPChartAxis@@QAE@PAVCXTPChartDiagram@@@Z
??0CXTPChartAxisAppearance@@QAE@PAVCXTPChartElement@@@Z
??0CXTPChartAxisConstantLine@@QAE@XZ
??0CXTPChartAxisConstantLines@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisCustomLabel@@QAE@XZ
??0CXTPChartAxisCustomLabels@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisGridLines@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisLabel@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisRange@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisStrip@@QAE@XZ
??0CXTPChartAxisStrips@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisTickMarks@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisTitle@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisView@@IAE@PAVCXTPChartAxis@@PAVCXTPChartElementView@@@Z
??0CXTPChartAxisViewTick@@QAE@$$QAV0@@Z
??0CXTPChartAxisViewTick@@QAE@ABV0@@Z

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ambrosia.ini
bandstand.psd
chibouk.7z
concrt140.dll
.dll windows:6 windows x86 arch:x86

Password: infected

f7e155027608db4293a50332363a537b

Code Sign

33:00:00:00:e7:1a:a6:e3:0b:5e:b4:0a:54:00:00:00:00:00:e7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-02-2023 22:33

Not After

31-01-2024 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-05-2013 20:44

Not After

01-05-2028 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:10

Not After

31-01-2024 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:15:95:de:35:99:2e:dd:f1:be:e5:df:6b:48:bd:89:40:ae:c8:24:e5:10:da:37:26:60:85:84:6c:74:99:2a
Signer

Actual PE Digest

b8:15:95:de:35:99:2e:dd:f1:be:e5:df:6b:48:bd:89:40:ae:c8:24:e5:10:da:37:26:60:85:84:6c:74:99:2a

Digest Algorithm

sha256

PE Digest Matches

true

b8:15:95:de:35:99:2e:dd:f1:be:e5:df:6b:48:bd:89:40:ae:c8:24:e5:10:da:37:26:60:85:84:6c:74:99:2a
Signer

Actual PE Digest

b8:15:95:de:35:99:2e:dd:f1:be:e5:df:6b:48:bd:89:40:ae:c8:24:e5:10:da:37:26:60:85:84:6c:74:99:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\concrt140.i386.pdb

Imports

msvcp140

?_Xbad_function_call@std@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast
?_Throw_C_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z

vcruntime140

__CxxFrameHandler3
_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__uncaught_exception
memcpy
__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
__current_exception
__RTDynamicCast

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
terminate
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-math-l1-1-0

_CIsqrt
_CIexp

api-ms-win-crt-string-l1-1-0

wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vswprintf_s
__acrt_iob_func
fflush

kernel32

WaitForSingleObjectEx
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetThreadTimes
EncodePointer
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
SetLastError
SetThreadpoolTimer
UnregisterWaitEx
CreateSemaphoreExW
ReleaseSemaphore
InitializeSListHead
SetProcessAffinityMask
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
GetCurrentProcessorNumber
FlushProcessWriteBuffers
DeleteCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
GetProcAddress
GetModuleHandleW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetTickCount64
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
CreateTimerQueue
GetCurrentThread
CloseHandle
DuplicateHandle
GetLastError
SetEvent
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSectionEx
CreateEventExW
Sleep
SignalObjectAndWait
SwitchToThread
CreateThread
GetThreadPriority

Exports

Exports

??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1agent@Concurrency@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@$$QAV012@@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@$$QAV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
?AgentEventGuid@Concurrency@@3U_GUID@@B
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?ChoreEventGuid@Concurrency@@3U_GUID@@B
?ConcRTEventGuid@Concurrency@@3U_GUID@@B
?ConcRT_ProviderGuid@Concurrency@@3U_GUID@@B
?ContextEventGuid@Concurrency@@3U_GUID@@B
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?LockEventGuid@Concurrency@@3U_GUID@@B
?Log2@details@Concurrency@@YAKI@Z
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?PPLParallelForEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelForeachEventGuid@Concurrency@@3U_GUID@@B
?PPLParallelInvokeEventGuid@Concurrency@@3U_GUID@@B
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ResourceManagerEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupEventGuid@Concurrency@@3U_GUID@@B
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SchedulerEventGuid@Concurrency@@3U_GUID@@B
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorEventGuid@Concurrency@@3U_GUID@@B
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_Internal_assign@_Concurrent_vector_base_v4@details@Concurrency@@IAEXABV123@IP6AXPAXI@ZP6AX1PBXI@Z4@Z
?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IBEIXZ
?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IAEIP6AXPAXI@Z@Z
?_Internal_compact@_Concurrent_vector_base_v4@details@Concurrency@@IAEPAXIPAXP6AX0I@ZP6AX0PBXI@Z@Z
?_Internal_copy@_Concurrent_vector_base_v4@details@Concurrency@@IAEXABV123@IP6AXPAXPBXI@Z@Z
?_Internal_empty@_Concurrent_queue_base_v4@details@Concurrency@@IBE_NXZ
?_Internal_finish_clear@_Concurrent_queue_base_v4@details@Concurrency@@IAEXXZ
?_Internal_grow_by@_Concurrent_vector_base_v4@details@Concurrency@@IAEIIIP6AXPAXPBXI@Z1@Z
?_Internal_grow_to_at_least_with_result@_Concurrent_vector_base_v4@details@Concurrency@@IAEIIIP6AXPAXPBXI@Z1@Z
?_Internal_move_push@_Concurrent_queue_base_v4@details@Concurrency@@IAEXPAX@Z
?_Internal_pop_if_present@_Concurrent_queue_base_v4@details@Concurrency@@IAE_NPAX@Z
?_Internal_push@_Concurrent_queue_base_v4@details@Concurrency@@IAEXPBX@Z
?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IAEPAXIAAI@Z
?_Internal_reserve@_Concurrent_vector_base_v4@details@Concurrency@@IAEXIII@Z
?_Internal_resize@_Concurrent_vector_base_v4@details@Concurrency@@IAEXIIIP6AXPAXI@ZP6AX0PBXI@Z2@Z
?_Internal_size@_Concurrent_queue_base_v4@details@Concurrency@@IBEIXZ
?_Internal_swap@_Concurrent_queue_base_v4@details@Concurrency@@IAEXAAV123@@Z
?_Internal_swap@_Concurrent_vector_base_v4@details@Concurrency@@IAEXAAV123@@Z
?_Internal_throw_exception@_Concurrent_queue_base_v4@details@Concurrency@@IBEXXZ
?_Internal_throw_exception@_Concurrent_vector_base_v4@details@Concurrency@@IBEXI@Z
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KAII@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?cancel@agent@Concurrency@@QAE_NXZ
?current@location@Concurrency@@SA?AV12@XZ
?done@agent@Concurrency@@IAE_NXZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?is_current_task_group_canceling@Concurrency@@YA_NXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?start@agent@Concurrency@@QAE_NXZ
?status@agent@Concurrency@@QAE?AW4agent_status@2@XZ
?status_port@agent@Concurrency@@QAEPAV?$ISource@W4agent_status@Concurrency@@@2@XZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@agent@Concurrency@@SA?AW4agent_status@2@PAV12@I@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_all@agent@Concurrency@@SAXIPAPAV12@PAW4agent_status@2@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?wait_for_one@agent@Concurrency@@SAXIPAPAV12@AAW4agent_status@2@AAII@Z

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cpfe.dll
.dll windows:6 windows x86 arch:x86

Password: infected

4e4b0d2bf4bf5220417826ef4b4d596a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dbs\sh\ddvsm\1002_165500_0\cmd\e\out\binaries\x86ret\bin\i386\cpfe.pdb

Imports

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CLSIDFromString

oleaut32

QueryPathOfRegTypeLi
GetErrorInfo
SysFreeString

shell32

SHGetFolderPathW
SHCreateDirectoryExW

user32

CharUpperBuffW
CharLowerBuffW

msvcp140

?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Cnd_broadcast
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
?_Syserror_map@std@@YAPBDH@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Cnd_signal
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Locinfo@std@@QAE@XZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??0_Locinfo@std@@QAE@PBD@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
_Strxfrm
_Strcoll
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?bad@ios_base@std@@QBE_NXZ
?sgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPAD_J@Z
?set_rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@@Z
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?put@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG0@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEGG@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE_JPBG_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEPAV12@PAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPBG_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?widen@?$ctype@G@std@@QBEGD@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Xout_of_range@std@@YAXPBD@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?flags@ios_base@std@@QBEHXZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
?_Xlength_error@std@@YAXPBD@Z
_Query_perf_counter
_Query_perf_frequency
?fail@ios_base@std@@QBE_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?width@ios_base@std@@QBE_JXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEHXZ
?good@ios_base@std@@QBE_NXZ
?uncaught_exception@std@@YA_NXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??Bid@locale@std@@QAEIXZ
?id@?$ctype@G@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$ctype@G@std@@QBEPBDPBD0PAG@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?setf@ios_base@std@@QAEHHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?_Xbad_alloc@std@@YAXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?width@ios_base@std@@QAE_J_J@Z

concrt140

?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?Free@Concurrency@@YAXPAX@Z

mscoree

CLRCreateInstance

kernel32

SetHandleInformation
CompareStringEx
FindFirstFileExW
FindNextFileW
GetLocaleInfoA
IsValidCodePage
MultiByteToWideChar
LoadLibraryExW
GetThreadPreferredUILanguages
SizeofResource
LockResource
FindResourceExW
FindResourceW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetFullPathNameW
GetCurrentDirectoryW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
FindResourceA
LoadResource
AllocConsole
GetCurrentProcess
VirtualQueryEx
GetSystemInfo
GetModuleHandleExW
DeleteCriticalSection
RaiseException
FreeLibrary
GetModuleFileNameW
LoadLibraryW
InitializeCriticalSectionEx
GetProcAddress
GetModuleHandleW
UnmapViewOfFile
VirtualFree
MapViewOfFileEx
WriteFile
SetFilePointerEx
VirtualAlloc
CreateFileMappingA
GetTempFileNameW
GetTempPathW
GetLastError
FormatMessageA
CreateFileA
SetConsoleMode
GetConsoleMode
GetStdHandle
GetFileAttributesA
GetFileAttributesW
SetFileTime
CloseHandle
SystemTimeToFileTime
GetSystemTime
CreateFileW
FindClose
GetEnvironmentVariableW

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

vcruntime140

__std_exception_destroy
strstr
wcschr
wcsstr
memmove
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
strchr
_purecall
__std_type_info_destroy_list
memcpy
__CxxFrameHandler3
memset
memcmp
memchr
wcsrchr
__RTDynamicCast
__std_exception_copy
__std_terminate

api-ms-win-crt-stdio-l1-1-0

fputc
_get_stream_buffer_pointers
fgetpos
fsetpos
setvbuf
__stdio_common_vfprintf_s
fgetc
__stdio_common_vfprintf
_wsopen_s
_get_osfhandle
_wfopen_s
putc
__stdio_common_vswprintf
_fread_nolock
__acrt_iob_func
ftell
fwrite
fputs
fread
fseek
fflush
__stdio_common_vsprintf
_fseeki64
_ftelli64
__stdio_common_vsscanf
_getcwd
_fileno
_isatty
getc
_wfsopen
freopen_s
__stdio_common_vswprintf_s
ungetc
ferror
fclose
fopen
_fsopen
_wfopen

api-ms-win-crt-string-l1-1-0

isalnum
strcpy_s
isspace
islower
isxdigit
strncmp
strncpy
isprint
wcscpy_s
wcsnlen
iswspace
tolower
isalpha
iscntrl
wcscat_s
_wcsicmp
wcsncmp
_strnicmp
_stricmp
isdigit
isupper
wmemcpy_s

api-ms-win-crt-convert-l1-1-0

strtol
strtoul
mbstowcs_s
_wtoi
wcstoul

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

exit
_beginthreadex
signal
strerror
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_getpid
_invalid_parameter_noinfo
terminate

api-ms-win-crt-environment-l1-1-0

getenv_s
getenv

api-ms-win-crt-utility-l1-1-0

qsort
bsearch

api-ms-win-crt-time-l1-1-0

_time64
_ctime64
clock
_difftime64
asctime
_localtime64

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s
_lock_file
_waccess_s
_wstat64
_unlock_file
_stat64i32
_wremove
remove
_wchdir
_chdir
_fstat64i32
_findfirst64i32
_wstat64i32
_findnext64i32
_findclose

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-math-l1-1-0

_fdopen
ceil

Exports

Exports

??0a_canonicalized_file_name@@QAE@$$T@Z
??0a_canonicalized_file_name@@QAE@ABU0@@Z
??0a_canonicalized_file_name@@QAE@PBD@Z
??0a_find_all_refs_operation@edge@@QAE@$$QAV01@@Z
??0a_find_all_refs_operation@edge@@QAE@PAUallocator@1@PBUintermediate_symbol@1@PAVtranslation_unit@1@W4find_all_refs_filter_mode_e@1@@Z
??0a_find_def_operation@edge@@QAE@PAUallocator@1@@Z
??0a_get_symbol_operation@edge@@QAE@PAUallocator@1@ABUfile_line_column@1@@Z
??0array_type@edge@@QAE@$$QAV01@@Z
??0array_type@edge@@QAE@ABV01@@Z
??0array_type@edge@@QAE@PAUa_type@@@Z
??0base_class@edge@@QAE@PAUa_base_class@@@Z
??0block_statement_entry@edge@@QAE@$$QAV01@@Z
??0block_statement_entry@edge@@QAE@ABV01@@Z
??0block_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0braced_init_list_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0braced_init_list_expr_node_entry@edge@@QAE@ABV01@@Z
??0braced_init_list_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0branch_statement_entry@edge@@QAE@$$QAV01@@Z
??0branch_statement_entry@edge@@QAE@ABV01@@Z
??0branch_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0builtin_operation_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0builtin_operation_expr_node_entry@edge@@QAE@ABV01@@Z
??0builtin_operation_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0call_operation_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0capt_var_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0capt_var_expr_node_entry@edge@@QAE@ABV01@@Z
??0capt_var_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0case_statement_entry@edge@@QAE@$$QAV01@@Z
??0case_statement_entry@edge@@QAE@ABV01@@Z
??0case_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0class_struct_type@edge@@QAE@$$QAV01@@Z
??0class_struct_type@edge@@QAE@ABV01@@Z
??0class_struct_type@edge@@QAE@PAUa_type@@@Z
??0compound_req_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0compound_req_expr_node_entry@edge@@QAE@ABV01@@Z
??0compound_req_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0concept_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0concept_expr_node_entry@edge@@QAE@ABV01@@Z
??0concept_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0condition_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0condition_expr_node_entry@edge@@QAE@ABV01@@Z
??0condition_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0constant@edge@@QAE@PAUa_constant@@@Z
??0constant_entry@edge@@QAE@$$QAV01@@Z
??0constant_entry@edge@@QAE@ABV01@@Z
??0constant_entry@edge@@QAE@PAUa_constant@@@Z
??0constant_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0constant_expr_node_entry@edge@@QAE@ABV01@@Z
??0constant_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0decl_init_statement_entry@edge@@QAE@$$QAV01@@Z
??0decl_init_statement_entry@edge@@QAE@ABV01@@Z
??0decl_init_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0decl_statement_entry@edge@@QAE@$$QAV01@@Z
??0decl_statement_entry@edge@@QAE@ABV01@@Z
??0decl_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0derivation@edge@@QAE@PAUa_base_class_derivation@@@Z
??0enum_type@edge@@QAE@$$QAV01@@Z
??0enum_type@edge@@QAE@ABV01@@Z
??0enum_type@edge@@QAE@PAUa_type@@@Z
??0event_descr@edge@@QAE@PAUa_property_or_event_descr@@@Z
??0exception_specification@edge@@QAE@PAUan_exception_specification@@@Z
??0expr_node_entry@edge@@QAE@$$QAV01@@Z
??0expr_node_entry@edge@@QAE@ABV01@@Z
??0expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0expr_statement_entry@edge@@QAE@$$QAV01@@Z
??0expr_statement_entry@edge@@QAE@ABV01@@Z
??0expr_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0field_entry@edge@@QAE@$$QAV01@@Z
??0field_entry@edge@@QAE@ABV01@@Z
??0field_entry@edge@@QAE@PAUa_field@@@Z
??0field_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0field_expr_node_entry@edge@@QAE@ABV01@@Z
??0field_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0file_buffer@edge@@IAE@$$QAV01@@Z
??0file_buffer@edge@@IAE@XZ
??0file_line_column@edge@@QAE@Ua_canonicalized_file_name@@U?$strong_typedef_t@Uline1_traits@msvc@@@msvc@@U?$strong_typedef_t@Ucolumn1_traits@msvc@@@4@@Z
??0file_line_column@edge@@QAE@XZ
??0file_position@edge@@QAE@Ua_canonicalized_file_name@@U?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@@Z
??0file_position@edge@@QAE@XZ
??0file_range@edge@@QAE@Ufile_position@1@0@Z
??0file_range@edge@@QAE@Ufile_position@1@H@Z
??0file_range@edge@@QAE@XZ
??0float_type@edge@@QAE@$$QAV01@@Z
??0float_type@edge@@QAE@ABV01@@Z
??0float_type@edge@@QAE@PAUa_type@@@Z
??0fold_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0fold_expr_node_entry@edge@@QAE@ABV01@@Z
??0fold_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0for_each_loop_statement_entry@edge@@QAE@$$QAV01@@Z
??0for_each_loop_statement_entry@edge@@QAE@ABV01@@Z
??0for_each_loop_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0for_loop_statement_entry@edge@@QAE@$$QAV01@@Z
??0for_loop_statement_entry@edge@@QAE@ABV01@@Z
??0for_loop_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0function_entry@edge@@QAE@$$QAV01@@Z
??0function_entry@edge@@QAE@ABV01@@Z
??0function_entry@edge@@QAE@PAUa_routine@@@Z
??0function_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0function_expr_node_entry@edge@@QAE@ABV01@@Z
??0function_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0function_type@edge@@QAE@$$QAV01@@Z
??0function_type@edge@@QAE@ABV01@@Z
??0function_type@edge@@QAE@PAUa_type@@@Z
??0handler_entry@edge@@QAE@$$QAV01@@Z
??0handler_entry@edge@@QAE@ABV01@@Z
??0handler_entry@edge@@QAE@PAUa_handler@@@Z
??0if_statement_entry@edge@@QAE@$$QAV01@@Z
??0if_statement_entry@edge@@QAE@ABV01@@Z
??0if_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0il_entry@edge@@IAE@$$TW4il_entry_kind@1@@Z
??0il_entry@edge@@IAE@PAXW4il_entry_kind@1@@Z
??0il_entry@edge@@QAE@$$QAV01@@Z
??0il_entry@edge@@QAE@ABV01@@Z
??0integer_type@edge@@QAE@$$QAV01@@Z
??0integer_type@edge@@QAE@ABV01@@Z
??0integer_type@edge@@QAE@PAUa_type@@@Z
??0intellisense_operation@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@ABUfile_position@1@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@U?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@_N@Z
??0intellisense_operation@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@ABUfile_position@1@_N@Z
??0label_entry@edge@@QAE@$$QAV01@@Z
??0label_entry@edge@@QAE@ABV01@@Z
??0label_entry@edge@@QAE@PAUa_label@@@Z
??0label_statement_entry@edge@@QAE@$$QAV01@@Z
??0label_statement_entry@edge@@QAE@ABV01@@Z
??0label_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0microsoft_try_statement_entry@edge@@QAE@$$QAV01@@Z
??0microsoft_try_statement_entry@edge@@QAE@ABV01@@Z
??0microsoft_try_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0nested_req_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0nested_req_expr_node_entry@edge@@QAE@ABV01@@Z
??0nested_req_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0new_delete_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0new_delete_expr_node_entry@edge@@QAE@ABV01@@Z
??0new_delete_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0operation_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0operation_expr_node_entry@edge@@QAE@ABV01@@Z
??0operation_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0param_ref_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0param_ref_expr_node_entry@edge@@QAE@ABV01@@Z
??0param_ref_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0param_type_entry@edge@@QAE@$$QAV01@@Z
??0param_type_entry@edge@@QAE@ABV01@@Z
??0param_type_entry@edge@@QAE@PAUa_param_type@@@Z
??0pointer_to_member_type@edge@@QAE@$$QAV01@@Z
??0pointer_to_member_type@edge@@QAE@ABV01@@Z
??0pointer_to_member_type@edge@@QAE@PAUa_type@@@Z
??0pointer_type@edge@@QAE@$$QAV01@@Z
??0pointer_type@edge@@QAE@ABV01@@Z
??0pointer_type@edge@@QAE@PAUa_type@@@Z
??0property_descr@edge@@QAE@PAUa_property_or_event_descr@@@Z
??0property_or_event_descr@edge@@QAE@PAUa_property_or_event_descr@@@Z
??0query_action_data@edge@@QAE@$$QAV01@@Z
??0query_action_data@edge@@QAE@XZ
??0range_based_for_loop_statement_entry@edge@@QAE@$$QAV01@@Z
??0range_based_for_loop_statement_entry@edge@@QAE@ABV01@@Z
??0range_based_for_loop_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0requires_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0requires_expr_node_entry@edge@@QAE@ABV01@@Z
??0requires_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0return_statement_entry@edge@@QAE@$$QAV01@@Z
??0return_statement_entry@edge@@QAE@ABV01@@Z
??0return_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0scoped_query_manager@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@ABUfile_position@1@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@_N@Z
??0scoped_query_manager@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@_N@Z
??0sizeof_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0sizeof_expr_node_entry@edge@@QAE@ABV01@@Z
??0sizeof_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0source_file@edge@@QAE@PAUa_source_file@@@Z
??0source_file_entry@edge@@QAE@$$QAV01@@Z
??0source_file_entry@edge@@QAE@ABV01@@Z
??0source_file_entry@edge@@QAE@PAUa_source_file@@@Z
??0source_position@edge@@QAE@ABUa_source_position@@@Z
??0statement_entry@edge@@QAE@$$QAV01@@Z
??0statement_entry@edge@@QAE@ABV01@@Z
??0statement_entry@edge@@QAE@PAUa_statement@@@Z
??0switch_statement_entry@edge@@QAE@$$QAV01@@Z
??0switch_statement_entry@edge@@QAE@ABV01@@Z
??0switch_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0temp_init_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0temp_init_expr_node_entry@edge@@QAE@ABV01@@Z
??0temp_init_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0template_parameter@edge@@QAE@PAUa_template_param@@PAUa_template_parameter@@@Z
??0template_parameter_type@edge@@QAE@$$QAV01@@Z
??0template_parameter_type@edge@@QAE@ABV01@@Z
??0template_parameter_type@edge@@QAE@PAUa_type@@@Z
??0throw_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0throw_expr_node_entry@edge@@QAE@ABV01@@Z
??0throw_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0translation_unit@edge@@QAE@XZ
??0tree_query_result_builder@edge@@QAE@$$QAV01@@Z
??0tree_query_result_builder@edge@@QAE@ABV01@@Z
??0tree_query_result_builder@edge@@QAE@XZ
??0try_statement_entry@edge@@QAE@$$QAV01@@Z
??0try_statement_entry@edge@@QAE@ABV01@@Z
??0try_statement_entry@edge@@QAE@PAUa_statement@@@Z
??0type@edge@@QAE@$$QAV01@@Z
??0type@edge@@QAE@ABV01@@Z
??0type@edge@@QAE@PAUa_type@@@Z
??0type_entry@edge@@QAE@$$QAV01@@Z
??0type_entry@edge@@QAE@ABV01@@Z
??0type_entry@edge@@QAE@PAUa_type@@@Z
??0type_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0type_expr_node_entry@edge@@QAE@ABV01@@Z
??0type_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0typeid_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0typeid_expr_node_entry@edge@@QAE@ABV01@@Z
??0typeid_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0typeref_type@edge@@QAE@$$QAV01@@Z
??0typeref_type@edge@@QAE@ABV01@@Z
??0typeref_type@edge@@QAE@PAUa_type@@@Z
??0union_type@edge@@QAE@$$QAV01@@Z
??0union_type@edge@@QAE@ABV01@@Z
??0union_type@edge@@QAE@PAUa_type@@@Z
??0unknown_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0unknown_expr_node_entry@edge@@QAE@ABV01@@Z
??0unknown_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0variable_entry@edge@@QAE@$$QAV01@@Z
??0variable_entry@edge@@QAE@ABV01@@Z
??0variable_entry@edge@@QAE@PAUa_variable@@@Z
??0variable_expr_node_entry@edge@@IAE@Uderived_tag@01@PAUan_expr_node@@@Z
??0variable_expr_node_entry@edge@@QAE@$$QAV01@@Z
??0variable_expr_node_entry@edge@@QAE@ABV01@@Z
??0variable_expr_node_entry@edge@@QAE@PAUan_expr_node@@@Z
??0vector_type@edge@@QAE@$$QAV01@@Z
??0vector_type@edge@@QAE@ABV01@@Z
??0vector_type@edge@@QAE@PAUa_type@@@Z
??0while_statement_entry@edge@@QAE@$$QAV01@@Z
??0while_statement_entry@edge@@QAE@ABV01@@Z
??0while_statement_entry@edge@@QAE@PAUa_statement@@@Z
??1a_find_all_refs_operation@edge@@QAE@XZ
??1a_find_def_operation@edge@@QAE@XZ
??1a_get_symbol_operation@edge@@QAE@XZ
??1file_buffer@edge@@MAE@XZ
??1intellisense_operation@edge@@QAE@XZ
??1query_action_data@edge@@QAE@XZ
??1scoped_query_manager@edge@@QAE@XZ
??1translation_unit@edge@@QAE@XZ
??4a_canonicalized_file_name@@QAEAAU0@ABU0@@Z
??4a_find_def_operation@edge@@QAEAAV01@ABV01@@Z
??4array_type@edge@@QAEAAV01@$$QAV01@@Z
??4array_type@edge@@QAEAAV01@ABV01@@Z
??4base_class@edge@@QAEAAV01@$$QAV01@@Z
??4base_class@edge@@QAEAAV01@ABV01@@Z
??4block_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4block_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4braced_init_list_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4braced_init_list_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4branch_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4branch_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4builtin_operation_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4builtin_operation_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4capt_var_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4capt_var_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4case_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4case_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4class_struct_type@edge@@QAEAAV01@$$QAV01@@Z
??4class_struct_type@edge@@QAEAAV01@ABV01@@Z
??4compound_req_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4compound_req_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4concept_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4concept_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4condition_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4condition_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4constant@edge@@QAEAAV01@$$QAV01@@Z
??4constant@edge@@QAEAAV01@ABV01@@Z
??4constant_entry@edge@@QAEAAV01@$$QAV01@@Z
??4constant_entry@edge@@QAEAAV01@ABV01@@Z
??4constant_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4constant_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4decl_init_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4decl_init_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4decl_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4decl_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4derivation@edge@@QAEAAV01@$$QAV01@@Z
??4derivation@edge@@QAEAAV01@ABV01@@Z
??4enum_type@edge@@QAEAAV01@$$QAV01@@Z
??4enum_type@edge@@QAEAAV01@ABV01@@Z
??4event_descr@edge@@QAEAAV01@$$QAV01@@Z
??4event_descr@edge@@QAEAAV01@ABV01@@Z
??4exception_specification@edge@@QAEAAV01@$$QAV01@@Z
??4exception_specification@edge@@QAEAAV01@ABV01@@Z
??4expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4expr_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4expr_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4field_entry@edge@@QAEAAV01@$$QAV01@@Z
??4field_entry@edge@@QAEAAV01@ABV01@@Z
??4field_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4field_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4file_buffer@edge@@IAEAAV01@$$QAV01@@Z
??4file_line_column@edge@@QAEAAU01@$$QAU01@@Z
??4file_line_column@edge@@QAEAAU01@ABU01@@Z
??4file_position@edge@@QAEAAU01@$$QAU01@@Z
??4file_position@edge@@QAEAAU01@ABU01@@Z
??4file_range@edge@@QAEAAU01@$$QAU01@@Z
??4file_range@edge@@QAEAAU01@ABU01@@Z
??4float_type@edge@@QAEAAV01@$$QAV01@@Z
??4float_type@edge@@QAEAAV01@ABV01@@Z
??4fold_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4fold_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4for_each_loop_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4for_each_loop_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4for_loop_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4for_loop_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4function_entry@edge@@QAEAAV01@$$QAV01@@Z
??4function_entry@edge@@QAEAAV01@ABV01@@Z
??4function_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4function_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4function_type@edge@@QAEAAV01@$$QAV01@@Z
??4function_type@edge@@QAEAAV01@ABV01@@Z
??4handler_entry@edge@@QAEAAV01@$$QAV01@@Z
??4handler_entry@edge@@QAEAAV01@ABV01@@Z
??4if_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4if_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4il_entry@edge@@QAEAAV01@$$QAV01@@Z
??4il_entry@edge@@QAEAAV01@ABV01@@Z
??4integer_type@edge@@QAEAAV01@$$QAV01@@Z
??4integer_type@edge@@QAEAAV01@ABV01@@Z
??4label_entry@edge@@QAEAAV01@$$QAV01@@Z
??4label_entry@edge@@QAEAAV01@ABV01@@Z
??4label_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4label_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4microsoft_try_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4microsoft_try_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4nested_req_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4nested_req_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4new_delete_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4new_delete_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4operation_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4operation_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4param_ref_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4param_ref_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4param_type_entry@edge@@QAEAAV01@$$QAV01@@Z
??4param_type_entry@edge@@QAEAAV01@ABV01@@Z
??4pointer_to_member_type@edge@@QAEAAV01@$$QAV01@@Z
??4pointer_to_member_type@edge@@QAEAAV01@ABV01@@Z
??4pointer_type@edge@@QAEAAV01@$$QAV01@@Z
??4pointer_type@edge@@QAEAAV01@ABV01@@Z
??4property_descr@edge@@QAEAAV01@$$QAV01@@Z
??4property_descr@edge@@QAEAAV01@ABV01@@Z
??4property_or_event_descr@edge@@QAEAAV01@$$QAV01@@Z
??4property_or_event_descr@edge@@QAEAAV01@ABV01@@Z
??4range_based_for_loop_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4range_based_for_loop_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4requires_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4requires_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4return_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4return_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4sizeof_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4sizeof_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4source_file@edge@@QAEAAU01@$$QAU01@@Z
??4source_file@edge@@QAEAAU01@ABU01@@Z
??4source_file_entry@edge@@QAEAAV01@$$QAV01@@Z
??4source_file_entry@edge@@QAEAAV01@ABV01@@Z
??4source_position@edge@@QAEAAV01@$$QAV01@@Z
??4source_position@edge@@QAEAAV01@ABV01@@Z
??4statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4statement_entry@edge@@QAEAAV01@ABV01@@Z
??4switch_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4switch_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4temp_init_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4temp_init_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4template_parameter@edge@@QAEAAV01@$$QAV01@@Z
??4template_parameter@edge@@QAEAAV01@ABV01@@Z
??4template_parameter_type@edge@@QAEAAV01@$$QAV01@@Z
??4template_parameter_type@edge@@QAEAAV01@ABV01@@Z
??4test@translation_unit@edge@@QAEAAU012@$$QAU012@@Z
??4test@translation_unit@edge@@QAEAAU012@ABU012@@Z
??4throw_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4throw_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4tree_query_result_builder@edge@@QAEAAV01@$$QAV01@@Z
??4tree_query_result_builder@edge@@QAEAAV01@ABV01@@Z
??4try_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4try_statement_entry@edge@@QAEAAV01@ABV01@@Z
??4type@edge@@QAEAAV01@$$QAV01@@Z
??4type@edge@@QAEAAV01@ABV01@@Z
??4type_entry@edge@@QAEAAV01@$$QAV01@@Z
??4type_entry@edge@@QAEAAV01@ABV01@@Z
??4type_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4type_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4typeid_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4typeid_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4typeref_type@edge@@QAEAAV01@$$QAV01@@Z
??4typeref_type@edge@@QAEAAV01@ABV01@@Z
??4union_type@edge@@QAEAAV01@$$QAV01@@Z
??4union_type@edge@@QAEAAV01@ABV01@@Z
??4unknown_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4unknown_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4variable_entry@edge@@QAEAAV01@$$QAV01@@Z
??4variable_entry@edge@@QAEAAV01@ABV01@@Z
??4variable_expr_node_entry@edge@@QAEAAV01@$$QAV01@@Z
??4variable_expr_node_entry@edge@@QAEAAV01@ABV01@@Z
??4vector_type@edge@@QAEAAV01@$$QAV01@@Z
??4vector_type@edge@@QAEAAV01@ABV01@@Z
??4while_statement_entry@edge@@QAEAAV01@$$QAV01@@Z
??4while_statement_entry@edge@@QAEAAV01@ABV01@@Z
??8edge@@YA_NABUfile_position@0@0@Z
??9edge@@YA_NABUfile_position@0@0@Z
??Ba_canonicalized_file_name@@QAEPBDXZ
??_7array_type@edge@@6B@
??_7block_statement_entry@edge@@6B@
??_7braced_init_list_expr_node_entry@edge@@6B@
??_7branch_statement_entry@edge@@6B@
??_7builtin_operation_expr_node_entry@edge@@6B@
??_7capt_var_expr_node_entry@edge@@6B@
??_7case_statement_entry@edge@@6B@
??_7class_struct_type@edge@@6B@
??_7compound_req_expr_node_entry@edge@@6B@
??_7concept_expr_node_entry@edge@@6B@
??_7condition_expr_node_entry@edge@@6B@
??_7constant_entry@edge@@6B@
??_7constant_expr_node_entry@edge@@6B@
??_7decl_init_statement_entry@edge@@6B@
??_7decl_statement_entry@edge@@6B@
??_7enum_type@edge@@6B@
??_7expr_node_entry@edge@@6B@
??_7expr_statement_entry@edge@@6B@
??_7field_entry@edge@@6B@
??_7field_expr_node_entry@edge@@6B@
??_7file_buffer@edge@@6B@
??_7float_type@edge@@6B@
??_7fold_expr_node_entry@edge@@6B@
??_7for_each_loop_statement_entry@edge@@6B@
??_7for_loop_statement_entry@edge@@6B@
??_7function_entry@edge@@6B@
??_7function_expr_node_entry@edge@@6B@
??_7function_type@edge@@6B@
??_7handler_entry@edge@@6B@
??_7if_statement_entry@edge@@6B@
??_7il_entry@edge@@6B@
??_7integer_type@edge@@6B@
??_7label_entry@edge@@6B@
??_7label_statement_entry@edge@@6B@
??_7microsoft_try_statement_entry@edge@@6B@
??_7nested_req_expr_node_entry@edge@@6B@
??_7new_delete_expr_node_entry@edge@@6B@
??_7operation_expr_node_entry@edge@@6B@
??_7param_ref_expr_node_entry@edge@@6B@
??_7param_type_entry@edge@@6B@
??_7pointer_to_member_type@edge@@6B@
??_7pointer_type@edge@@6B@
??_7range_based_for_loop_statement_entry@edge@@6B@
??_7requires_expr_node_entry@edge@@6B@
??_7return_statement_entry@edge@@6B@
??_7sizeof_expr_node_entry@edge@@6B@
??_7source_file_entry@edge@@6B@
??_7statement_entry@edge@@6B@
??_7switch_statement_entry@edge@@6B@
??_7temp_init_expr_node_entry@edge@@6B@
??_7template_parameter_type@edge@@6B@
??_7throw_expr_node_entry@edge@@6B@
??_7tree_query_result_builder@edge@@6B@
??_7try_statement_entry@edge@@6B@
??_7type@edge@@6B@
??_7type_entry@edge@@6B@
??_7type_expr_node_entry@edge@@6B@
??_7typeid_expr_node_entry@edge@@6B@
??_7typeref_type@edge@@6B@
??_7union_type@edge@@6B@
??_7unknown_expr_node_entry@edge@@6B@
??_7variable_entry@edge@@6B@
??_7variable_expr_node_entry@edge@@6B@
??_7vector_type@edge@@6B@
??_7while_statement_entry@edge@@6B@
?access@derivation@edge@@QBE?AW4access_specifier_e@2@XZ
?activate@file_buffer@edge@@QAEXXZ
?antlr_parse@@YA_NHPAPBDPBDW4parse_lang_e@edge@@AAVa_scout_parser_interface@@@Z
?append_primary@tree_query_result_builder@edge@@UAEXPAVil_entry@2@@Z
?append_primary@tree_query_result_builder@edge@@UAEXPAVil_entry@2@ABUfile_position@2@1@Z
?arg_list_for_call_site@intellisense_operation@edge@@QAE_NPAU?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@0@Z
?arg_list_kind@argument_list_entry@edge@@QBE?AW4arg_list_entry_kind@2@XZ
?arity@operation_expr_node_entry@edge@@QBE?AW4operator_arity@2@XZ
?as_file_position@file_line_column@edge@@QBE?AUfile_position@2@XZ
?base_class@base_class_entry@edge@@QBEPAV02@XZ
?batch_preprocess_file@@YAXV?$span_t@V?$basic_string_view@DU?$char_traits@D@std@@@std@@@msvc@@0V?$basic_string_view@DU?$char_traits@D@std@@@std@@AAUbatch_preprocess_events@@Usnapshot_session_t@snapshot@@@Z
?batch_restore_macro@@YAXV?$basic_string_view@DU?$char_traits@D@std@@@std@@0@Z
?batch_restore_pragma_once@@YAXPBD@Z
?body@for_each_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@for_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@function_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@function_scope_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@handler_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@microsoft_try_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@range_based_for_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@switch_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@try_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@while_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?call_sites_in_enclosing_function_scope@intellisense_operation@edge@@QAEXPAU?$list@Ucall_site@edge@@@2@@Z
?calling_convention@function_type@edge@@QBE?AW4calling_convention_kind@2@XZ
?canonicalize@edge@@YA?AUa_canonicalized_file_name@@PBD@Z
?canonicalize@edge@@YA?AUa_canonicalized_file_name@@PBG@Z
?check_and_compile@scoped_query_manager@edge@@AAEXABUfile_position@2@00_N11@Z
?check_and_compile@scoped_query_manager@edge@@AAEXABUfile_position@2@_N11@Z
?check_and_compile_for_file_scope@scoped_query_manager@edge@@AAEXABUfile_position@2@@Z
?class_type@pointer_to_member_type@edge@@QBEPAVclass_struct_type@2@XZ
?cleanup@microsoft_try_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?clear_canonicalizer_cache@edge@@YAXXZ
?close@file_buffer@edge@@QAEXXZ
?collection@for_each_loop_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?compare_name@type@edge@@QBEHV?$basic_string_view@DU?$char_traits@D@std@@@std@@@Z
?concept_@concept_expr_node_entry@edge@@QBEPAVtemplate_entry@2@XZ

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 215KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hitch.psd
mfc140u.dll
.dll windows:6 windows x86 arch:x86

Password: infected

97f1ff3f756feed89f7611714ac1b113

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-02-2023 22:33

Not After

31-01-2024 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-05-2013 20:44

Not After

01-05-2028 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:10

Not After

31-01-2024 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7
Signer

Actual PE Digest

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7

Digest Algorithm

sha256

PE Digest Matches

true

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7
Signer

Actual PE Digest

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\mfc140u.i386.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExpandEnvironmentStringsA
LoadLibraryExA
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
TerminateProcess
LockResource
LoadResource
FindResourceW
GetLastError
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteFileW
MulDiv
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
CloseHandle
GetTempPathW
CreateFileW
SetFilePointer
Sleep
GetCurrentDirectoryW
lstrcmpW
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
GlobalFree
GetTickCount
GetWindowsDirectoryW
lstrcmpiW
SetThreadPriority
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesW
GlobalSize
SearchPathW
GetLocaleInfoW
GetUserDefaultUILanguage
RaiseException
GetSystemInfo
VirtualQuery
GetSystemDefaultUILanguage
FormatMessageA
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
GetTickCount64
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
GetTempFileNameW
VirtualProtect
lstrcpyA
CompareStringW
IsDBCSLeadByte
GetCurrentThread
GetVersionExW
WideCharToMultiByte
lstrcmpA
CompareStringA
GlobalDeleteAtom
SetErrorMode
GetUserDefaultLCID
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindResourceExW
SizeofResource

vcruntime140

__current_exception
__current_exception_context
_except_handler4_common
memcmp
wcsrchr
wcsstr
wcschr
_purecall
memmove
memset
memcpy
__std_terminate
__CxxFrameHandler3
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_recalloc
_expand
_msize
calloc

api-ms-win-crt-runtime-l1-1-0

__p___argc
_endthread
__p___wargv
_resetstkoflw
_errno
_beginthreadex
_initterm_e
_initterm
terminate
_cexit
_endthreadex
_beginthread
_invalid_parameter_noinfo
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
__doserrno

api-ms-win-crt-string-l1-1-0

wcscspn
wcsspn
_strnicmp
_wcsupr_s
iswspace
wcscmp
wmemcpy_s
wcsnlen
toupper
wcscoll
_wcsicoll
wcsncmp
wcscpy_s
iswdigit
wcspbrk
iswalnum
iswprint
towupper
towlower
wcsncpy_s
strnlen
_wcslwr_s
wcscat_s
_wcsrev
wcslen
strcpy_s
_wcsdup
strlen
_wcsnicmp
iswalpha
_wcsicmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fgetws
fflush
fclose
fseek
__stdio_common_vsprintf_s
__stdio_common_vswscanf
_get_osfhandle
_fileno
_open_osfhandle
ftell
__stdio_common_vswprintf_s
__stdio_common_vswprintf
fread
fputws
feof
fwrite
clearerr_s
ferror
__stdio_common_vsnwprintf_s

api-ms-win-crt-utility-l1-1-0

labs
abs
rand_s
ldiv

api-ms-win-crt-convert-l1-1-0

_itow_s
wcstod
wcstoul
_wtol
wcstol
_ltow_s
_ultow_s
_wtoi

api-ms-win-crt-math-l1-1-0

ceil
exp
sqrt
atan2
cos
sin
floor
_fdopen
fabs

api-ms-win-crt-time-l1-1-0

_localtime64_s
_mktime64
clock
_time64

api-ms-win-crt-filesystem-l1-1-0

_wfullpath
_wsplitpath_s
_wmakepath_s

api-ms-win-crt-multibyte-l1-1-0

_mbscspn
_mbsicmp
_mbsstr
_ismbcspace
_mbsrchr
_mbscmp
_mbscoll
_mbschr
_mbspbrk
_mbsspn
_mbsinc
_mbsrev
_mbsicoll
_mbslwr_s
_mbsupr_s

user32

LoadAcceleratorsW
TranslateAcceleratorW
GetSystemMetrics
DestroyMenu
LoadMenuW
GetSubMenu
PostThreadMessageW
GetClassInfoW
DefWindowProcW
GetWindow
GetMenuItemCount
IsWindowVisible
IsIconic
GetForegroundWindow
DrawIcon
GetMonitorInfoW
MonitorFromPoint
SystemParametersInfoW
ValidateRect
SetLayeredWindowAttributes
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetUpdateRect
UnionRect
SetWindowPos
LockWindowUpdate
GetKeyState
BeginDeferWindowPos
EndDeferWindowPos
AppendMenuW
CreatePopupMenu
IntersectRect
SetScrollPos
EnableMenuItem
GetNextDlgTabItem
GetSystemMenu
IsMenu
IsZoomed
ModifyMenuW
DeleteMenu
SetWindowRgn
DestroyAcceleratorTable
GetTopWindow
DestroyWindow
MonitorFromRect
EnumDisplayMonitors
GetSysColor
GetClassLongW
IsClipboardFormatAvailable
DestroyCursor
CreateAcceleratorTableW
CopyAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyW
CharUpperW
SetWindowTextW
GetMenuState
CheckMenuItem
SetFocus
GetMenuItemInfoW
DrawFrameControl
SubtractRect
GetLastActivePopup
GetMessageW
UpdateLayeredWindow
EnableScrollBar
GetScrollPos
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
InvertRect
EnumChildWindows
GetWindowTextW
GetDoubleClickTime
GetDC
ReleaseDC
GetWindowRgn
FrameRect
ShowScrollBar
IsWindowEnabled
InsertMenuW
GetActiveWindow
RegisterClipboardFormatW
GetComboBoxInfo
CharUpperBuffW
DrawEdge
PostQuitMessage
UnregisterClassW
GetCapture
GetWindowThreadProcessId
MessageBoxW
SetWindowLongW
SetMenuItemBitmaps
SetMenuItemInfoW
GetMenuCheckMarkDimensions
CallWindowProcW
SetActiveWindow
CreateMenu
MoveWindow
InvalidateRgn
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowTextLengthW
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
BeginPaint
EndPaint
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
GetWindowDC
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
CharToOemBuffA
OemToCharBuffA
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageW
InvalidateRect
IsWindow
SetRect
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
DrawStateW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
LoadImageW
CopyImage
GetIconInfo
FillRect
NotifyWinEvent
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
TrackMouseEvent
ScreenToClient
ShowOwnedPopups
GetCursorPos
GetMenuItemID
RedrawWindow

gdi32

GetViewportOrgEx
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
RoundRect
CreateEllipticRgn
CreateHatchBrush
ExtTextOutW
Polyline
SetDIBColorTable
GetDIBits
SelectPalette
StretchBlt
SetBkColor
CreateBitmap
EnumFontFamiliesExW
CreateRoundRectRgn
SetRectRgn
FillRgn
GetBoundsRect
CombineRgn
CreateRectRgn
PatBlt
DeleteDC
GetCurrentObject
EndDoc
EndPage
StartPage
ExtFloodFill
SetPaletteEntries
CreateDIBitmap
CreatePatternBrush
CreatePen
EnumFontFamiliesW
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectW
GetBkColor
SetPixel
Ellipse
CreateDIBSection
OffsetRgn
CreateRectRgnIndirect
GetRgnBox
BitBlt
SetPixelV
CreateCompatibleBitmap
FrameRgn
PtInRegion
CreatePolygonRgn
GetPixel
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
CreatePalette
GetPaletteEntries
GetStockObject
Rectangle
RectVisible
GetTextColor
GetObjectType
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW
Escape
TextOutW
GetClipBox
GetTextAlign
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
PtVisible
Polygon

ole32

OleRegGetMiscStatus
CoCreateInstance
OleRegEnumVerbs
CoDisconnectObject
CoRegisterMessageFilter
CoTreatAsClass
SetConvertStg
WriteFmtUserTypeStg
OleDuplicateData
WriteClassStg
GetRunningObjectTable
OleTranslateAccelerator
IsAccelerator
OleUninitialize
CoInitialize
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
OleDraw
DoDragDrop
CoGetMalloc
StgOpenStorage
StgIsStorageFile
StgCreateDocfile
OleIsCurrentClipboard
CoCreateGuid
CoUninitialize
OleSetClipboard
OleGetClipboard
OleRegGetUserType
GetClassFile
CreateBindCtx
CreateFileMoniker
OleRun
OleIsRunning
OleQueryLinkFromData
PropVariantClear
RevokeDragDrop
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
ReadClassStg
OleLoad
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
CoGetClassObject
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReleaseStgMedium
CoTaskMemAlloc
CreateDataAdviseHolder
CreateDataCache
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarParseNumFromStr
SafeArrayCreateVector
VarBstrFromDec
VarDecFromStr
VarDateFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysStringByteLen
SafeArrayDestroy
VariantCopy
VarBstrCmp
DispCallFunc
VariantInit
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
OleTranslateColor
OleCreatePropertyFrame
VarBstrFromDate

shlwapi

StrFormatKBSizeW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

uxtheme

DrawThemeParentBackground
GetWindowTheme
DrawThemeBackground
GetThemeColor
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140.dll
.dll windows:6 windows x86 arch:x86

24216706a255de110587649ff38455df

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-02-2023 22:33

Not After

31-01-2024 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-05-2013 20:44

Not After

01-05-2028 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:10

Not After

31-01-2024 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33
Signer

Actual PE Digest

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33

Digest Algorithm

sha256

PE Digest Matches

true

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33
Signer

Actual PE Digest

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\msvcp140.i386.pdb

Imports

vcruntime140

_except_handler4_common
__current_exception_context
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free
_callnewh
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_cexit
_errno
_endthreadex
_beginthreadex
terminate
_set_new_handler
abort
_crt_atexit
_execute_onexit_table
_register_onexit_function

api-ms-win-crt-string-l1-1-0

isxdigit
isalnum
tolower
__strncnt
wcsnlen
isupper
iswxdigit
iswspace
wcscpy_s
isspace
isdigit
iswalnum
_wcsdup
iswdigit
islower
strcspn

api-ms-win-crt-locale-l1-1-0

_lock_locales
___lc_locale_name_func
___lc_codepage_func
localeconv
__pctype_func
setlocale
_unlock_locales
___mb_cur_max_func
___lc_collate_cp_func

api-ms-win-crt-stdio-l1-1-0

fputs
fgetwc
fputwc
ungetwc
fseek
_fsopen
_wfsopen
__stdio_common_vsprintf_s
__acrt_iob_func
_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
fputc
fread
fsetpos
_fseeki64
fwrite
setvbuf
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_unlock_file
_wrmdir
_wremove
_wchdir
_lock_file

api-ms-win-crt-time-l1-1-0

_W_Getmonths
_W_Getdays
_W_Gettnames
_Wcsftime
_Gettnames
_Getmonths
_Getdays
_Strftime

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

copysign
copysignf
_CIlog
ldexp
frexp
_CIpow

api-ms-win-crt-convert-l1-1-0

btowc
strtof
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

LeaveCriticalSection
CompareStringEx
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
LCMapStringEx
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
SetFileAttributesW
InitializeSListHead
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSectionEx
RaiseException
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
InitializeSRWLock
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
Sleep
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@G@std@@QAE@ABV01@@Z
??0?$_Yarn@G@std@@QAE@PBG@Z
??0?$_Yarn@G@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@ABV01@@Z
??0?$_Yarn@_W@std@@QAE@PB_W@Z
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0task_continuation_context@Concurrency@@AAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@G@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@G@std@@QAEAAV01@PBG@Z
??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z
??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@G@std@@QBEPBGXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@G@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcpkgsrv.exe
.exe windows:6 windows x86 arch:x86

fff1c8e0502974754be376b6f0be2392

Code Sign

33:00:00:03:4d:4e:91:a6:1a:28:b0:78:8f:00:00:00:00:03:4d
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-03-2023 18:43

Not After

14-03-2024 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:fb:f8:b9:5c:c0:ef:b7:38:fc:78:e4:5d:30:6c:e1:49:e7:3c:46:77:ff:99:0b:42:19:99:04:ab:e6:d7:cc
Signer

Actual PE Digest

ff:fb:f8:b9:5c:c0:ef:b7:38:fc:78:e4:5d:30:6c:e1:49:e7:3c:46:77:ff:99:0b:42:19:99:04:ab:e6:d7:cc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dbs\sh\ddvsm\1002_165500_0\cmd\c\out\binaries\x86ret\bin\i386\VC7\VCPackages\VCPkgSrv.pdb

Imports

ole32

CoTaskMemFree
CoCreateGuid

user32

IsCharUpperW
TranslateMessage
DispatchMessageA
GetMessageA
GetSystemMetrics
CharUpperBuffW
IsCharLowerW
CharLowerBuffW
MessageBoxW
LoadStringW
MapVirtualKeyW

oleaut32

SysStringLen
SysFreeString

concrt140

?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
_Cnd_signal
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
_Xtime_get_ticks
_Cnd_timedwait
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??Bid@locale@std@@QAEIXZ
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?is@?$ctype@D@std@@QBE_NFD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
_Strcoll
_Cnd_register_at_thread_exit
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?__ExceptionPtrCopy@@YAXPAXPBX@Z
_Strxfrm
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
_Cnd_unregister_at_thread_exit
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
_Query_perf_counter
_Query_perf_frequency
_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
_Cnd_wait
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
?_Syserror_map@std@@YAPBDH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Throw_C_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
_Cnd_init_in_situ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

kernel32

FindNextFileW
GetModuleFileNameW
GetLocaleInfoA
WaitForSingleObject
DuplicateHandle
CreateNamedPipeW
CreateFileW
ResumeThread
WriteFile
ReadFile
CancelIoEx
CreateEventA
GetExitCodeProcess
GetErrorMode
SetErrorMode
WriteConsoleW
WideCharToMultiByte
LoadLibraryExW
GetThreadPreferredUILanguages
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
HeapValidate
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
FlushViewOfFile
FindFirstFileExW
LoadLibraryA
DeleteFileA
DeleteFileW
HeapCompact
UnlockFile
GetCurrentProcessId
SetUnhandledExceptionFilter
HeapFree
InitializeCriticalSectionEx
HeapSize
MultiByteToWideChar
GetLastError
HeapReAlloc
HeapAlloc
HeapDestroy
MapViewOfFile
DeleteCriticalSection
UnmapViewOfFile
FreeLibrary
SetConsoleTitleW
GetCurrentProcess
TerminateProcess
GetProcessId
OpenProcess
CloseHandle
LoadLibraryW
AllocConsole
CheckRemoteDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TryAcquireSRWLockExclusive
OutputDebugStringW
CreateFileMappingA
CompareStringEx
SetHandleInformation
GetFileAttributesExW
FindClose
LocalFree
LockFileEx
GetFileSize
SystemTimeToFileTime
GetSystemTime
FormatMessageA
GetTickCount
CreateFileA
CreateFileMappingW
FlushFileBuffers
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
SetNamedPipeHandleState
RegisterWaitForSingleObject
GetCPInfo
GetACP
UnregisterWait
PeekNamedPipe
QueueUserWorkItem
CancelSynchronousIo
GetNamedPipeHandleStateA
GetCurrentThread
SwitchToThread
WaitNamedPipeW
ConnectNamedPipe
SetConsoleCtrlHandler
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetConsoleCursorInfo
SetConsoleCursorInfo
FillConsoleOutputCharacterW
ReadConsoleInputW
ReadConsoleW
GetProcessHeap
GetFileAttributesW
GetFullPathNameW
GetCurrentDirectoryW
GetEnvironmentVariableW
WriteConsoleInputW
GetSystemInfo
FillConsoleOutputAttribute
GetProcAddress
TlsSetValue
GetNumberOfConsoleInputEvents
GetModuleHandleA
LoadLibraryExA
DebugBreak
CancelIo
UnregisterWaitEx
ReadDirectoryChangesW
GetLongPathNameW
QueryPerformanceFrequency
CreateSemaphoreA
GetNativeSystemInfo
TlsAlloc
InitializeConditionVariable
WakeConditionVariable
ReleaseSemaphore
SetConsoleCursorPosition
SleepConditionVariableCS

advapi32

EventWrite
EventRegister
EventUnregister

vcruntime140

__current_exception
strchr
_purecall
__std_terminate
__current_exception_context
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
strrchr
wcsrchr
memchr
__RTDynamicCast
memcmp
memmove
_CxxThrowException
_except_handler4_common
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_endthreadex
_seh_filter_exe
_set_app_type
_beginthreadex
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
exit
_exit
__p___argc
_set_invalid_parameter_handler
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_controlfp_s
_invalid_parameter_noinfo
_errno
__p___wargv
abort

api-ms-win-crt-heap-l1-1-0

calloc
realloc
free
_callnewh
malloc
_set_new_mode

api-ms-win-crt-string-l1-1-0

isalnum
strncmp
wmemcpy_s
_wcsnicmp
wcsncpy
strcspn
iswspace
wcsnlen
strncpy_s
wcsncmp

api-ms-win-crt-stdio-l1-1-0

ftell
feof
fseek
__stdio_common_vsnprintf_s
__acrt_iob_func
__stdio_common_vfprintf
freopen_s
__stdio_common_vswprintf_s
__stdio_common_vsprintf
_close
_set_fmode
_wsopen_s
_wfsopen
__stdio_common_vswprintf
fread
fclose
__p__commode
_ungetc_nolock
_getc_nolock

api-ms-win-crt-convert-l1-1-0

atoi
wcstoul
strtoul

api-ms-win-crt-math-l1-1-0

_fdopen
__setusermatherr
ceil
floor

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

cpfe

?mark_telemetry_consumed@query_action_data@edge@@QAEXXZ
?symbol_at_cursor@intellisense_operation@edge@@QAEPAUsymbol@2@XZ
??1a_find_all_refs_operation@edge@@QAE@XZ
??0translation_unit@edge@@QAE@XZ
??0a_find_all_refs_operation@edge@@QAE@PAUallocator@1@PBUintermediate_symbol@1@PAVtranslation_unit@1@W4find_all_refs_filter_mode_e@1@@Z
?resolve_candidate@a_find_all_refs_operation@edge@@QAE?AUa_far_resolution@2@Usnapshot_session_t@snapshot@@ABUfile_position@2@PAU?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@222PAV?$basic_buffer@D@8@@Z
?release_query_action_data@a_find_all_refs_operation@edge@@QAE?AVquery_action_data@2@XZ
??1translation_unit@edge@@QAE@XZ
?initialize@translation_unit@edge@@QAE_NABV?$shared_ptr@Umodule_loader@edge@@@std@@HQAPBDPBD2_N2Usnapshot_session_t@snapshot@@AAVquery_action_data@2@@Z
?set_instantiation_args@translation_unit@edge@@QAEXABUfile_position@2@PBD@Z
?preparse_successful@translation_unit@edge@@QBE_NXZ
?get_preparse_snapshot_session@translation_unit@edge@@QBE?AUsnapshot_session_t@snapshot@@XZ
?depends_on_file@translation_unit@edge@@QBE_NUa_canonicalized_file_name@@@Z
?contains_source_file@translation_unit@edge@@QBE_NUa_canonicalized_file_name@@@Z
?uses_pch_file@translation_unit@edge@@QBE_NUa_canonicalized_file_name@@@Z
?get_errors_for_tu@translation_unit@edge@@QBEXPAUallocator@2@Usnapshot_session_t@snapshot@@PAUisense_error_array@2@@Z
?get_errors_for_file@translation_unit@edge@@QBEXPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUisense_error_array@2@@Z
?get_instantiation_errors_for_file@translation_unit@edge@@QBEXPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUinstantiation_error_array@2@@Z
?update_range@translation_unit@edge@@QAEXPAUallocator@2@Usnapshot_session_t@snapshot@@Ufile_position@2@2ABUupdate_range_options@2@2PAU?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@4ABV?$an_array_list@PAUupdate_range_action@edge@@V?$allocator@PAUupdate_range_action@edge@@@std@@@@AAVquery_action_data@2@@Z
?get_semantic_tokens_for_fragments_in_view@translation_unit@edge@@QBE_NPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUsemantic_token_array@2@@Z
?get_file_include_data@translation_unit@edge@@QBE_NPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUfile_include_data@2@@Z
?get_macro_tokens_for_fragments_in_view@translation_unit@edge@@QBE_NPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUmacro_token_array@2@@Z
?get_reference_highlights@translation_unit@edge@@QBE_NPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUreference_highlight_array@2@@Z
?get_inline_hints@translation_unit@edge@@QBE_NPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUinline_hint_result@2@@Z
?get_spell_check_decls@translation_unit@edge@@QBE_NPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@PAUspell_check_result@2@@Z
?get_inactive_regions_for_file@translation_unit@edge@@QBEXPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@_NPAUinactive_region_array@2@@Z
?get_instantiation_args_pos_for_file@translation_unit@edge@@QBEXPAUallocator@2@Usnapshot_session_t@snapshot@@Ua_canonicalized_file_name@@_NPAUinstantiation_args_pos_array@2@@Z
?type_pointed_to@pointer_type@edge@@QBEPAVtype@2@XZ
?extract_overloads@symbol@edge@@QAE_NPAU?$list@PAUsymbol@edge@@@2@@Z
?to_string@type@edge@@UBEXPAU?$buffer@D@msvc@@I@Z
?to_string@type@edge@@QBEXPAU?$buffer@D@msvc@@@Z
?symbol@type@edge@@QBEPAU02@XZ
?get_parameters@function_type@edge@@QBEXPAU?$list@PAVparam_type_entry@edge@@@2@@Z
?has_ellipsis@function_type@edge@@QBE_NXZ
?this_class@function_type@edge@@QBEPAVtype@2@XZ
?form_restrict_specifier@function_type@edge@@QBEXPAU?$buffer@D@msvc@@AAPBD@Z
??0a_get_symbol_operation@edge@@QAE@PAUallocator@1@ABUfile_line_column@1@@Z
??1a_get_symbol_operation@edge@@QAE@XZ
?get_intermediate_symbols@a_get_symbol_operation@edge@@QBE?AW4an_error_code@12@PAVtranslation_unit@2@Usnapshot_session_t@snapshot@@W4symbol_filter_e@2@W4simplify_symbol_options_e@2@W4intermediate_symbol_options_e@2@_NPAW4error_code@intellisense_operation@2@PAU?$list@PAUsymbol@edge@@@2@@Z
?release_query_action_data@a_get_symbol_operation@edge@@QAE?AVquery_action_data@2@XZ
?name@source_file@edge@@QBEPBDXZ
?full_name@source_file@edge@@QBEPBDXZ
?type@param_type_entry@edge@@QBEPAV02@XZ
?name@param_type_entry@edge@@QBEPBDPAU?$buffer@D@msvc@@_N@Z
?is_parameter_pack@param_type_entry@edge@@QBE_NXZ
?form_declaration@param_type_entry@edge@@QBEXPAU?$buffer@D@msvc@@I@Z
?physical_position@source_position@edge@@QBE?AUfile_position@2@XZ
?is_null_position@source_position@edge@@QBE_NXZ
?source_file@source_position@edge@@QBEPAU02@_N@Z
?is_position_in_assembly@source_position@edge@@QBE_NXZ
?fill_in_intermediate@edge@@YAXPAUintermediate_symbol@1@PBUsymbol@1@W4intermediate_symbol_options_e@1@@Z
?is_class_scope@scope_entry@edge@@QBE_NXZ
?is_namespace_scope@scope_entry@edge@@QBE_NXZ
?get_cli_class_type_kind@class_struct_type@edge@@QBE?AW4cli_class_type_kind@2@XZ
?is_delegate_type@class_struct_type@edge@@QBE_NXZ
??0intellisense_operation@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@ABUfile_position@1@V?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@U?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@_N@Z
??0intellisense_operation@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@ABUfile_position@1@_N@Z
??1intellisense_operation@edge@@QAE@XZ
?symbol_at_cursor@intellisense_operation@edge@@QAEPAUsymbol@2@_NPAUmacro_invocation_info@2@@Z
?get_derived_and_base_at_cursor@intellisense_operation@edge@@QAEXPAPAUsymbol@2@0@Z
?scope_at_cursor@intellisense_operation@edge@@QAEPAVscope_entry@2@PAPAVmember_selection_entry@2@_N1@Z
?function_scope_enclosing_cursor@intellisense_operation@edge@@QAEPAUfunction_symbol@2@XZ
?condition@condition_expr_node_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?get_auto_complete_members@intellisense_operation@edge@@QAEXAAPAVmember_selection_entry@2@AAPAVscope_entry@2@PAU?$list@PAUsymbol@edge@@@2@222PAV?$map@PAUsymbol@edge@@IU?$less@PAUsymbol@edge@@@std@@V?$allocator@U?$pair@QAUsymbol@edge@@I@std@@@4@@std@@W4member_list_kind@12@@Z
?get_auto_complete_members@intellisense_operation@edge@@QAEXAAPAVmember_selection_entry@2@AAPAVscope_entry@2@PAU?$list@PAUsymbol@edge@@@2@222W4member_list_kind@12@_NAA_N55PAV?$map@PAUsymbol@edge@@IU?$less@PAUsymbol@edge@@@std@@V?$allocator@U?$pair@QAUsymbol@edge@@I@std@@@4@@std@@@Z
?get_param_help_overloads@intellisense_operation@edge@@QAEPAUsymbol@2@PAU?$list@PAUsymbol@edge@@@2@PAW4arg_list_entry_kind@2@PA_N2PAUfile_position@2@333@Z
?release_query_action_data@intellisense_operation@edge@@QAE?AVquery_action_data@2@XZ
?is_scope_context_active@intellisense_operation@edge@@QAE_NXZ
?get_type_expected_at_position@intellisense_operation@edge@@QAEPAVtype@2@D_N0@Z
?set_compilation_and_indexing_hints@intellisense_operation@edge@@QAEX_NH@Z
??0a_find_def_operation@edge@@QAE@PAUallocator@1@@Z
??1a_find_def_operation@edge@@QAE@XZ
?find_definition@a_find_def_operation@edge@@QAE?AW4an_error_code@12@PBUintermediate_symbol@2@PAU42@PAVtranslation_unit@2@Usnapshot_session_t@snapshot@@@Z
?pgo_sweep@edge@@YAXPBD@Z
?canonicalize@edge@@YA?AUa_canonicalized_file_name@@PBD@Z
?get_delegate_symbol@event_descr@edge@@QBEPAUclass_struct_symbol@2@XZ
?delegate_invocation_type@event_descr@edge@@QBEPAVfunction_type@2@XZ
?to_string@template_arg_entry@edge@@QBEXPAU?$buffer@D@msvc@@I@Z
?length@file_range@edge@@QBEHXZ
?is_enum@integer_type@edge@@QBE_NXZ
?class_type@pointer_to_member_type@edge@@QBEPAVclass_struct_type@2@XZ
?member_type@pointer_to_member_type@edge@@QBEPAVtype@2@XZ
?is_stub_host@edge@@YA_NXZ
??0scoped_query_manager@edge@@QAE@PAUallocator@1@PAVtranslation_unit@1@Usnapshot_session_t@snapshot@@_N@Z
??1scoped_query_manager@edge@@QAE@XZ
?symbol@template_parameter@edge@@QBEPAU02@XZ
?to_string@template_parameter@edge@@QBEXPAU?$buffer@D@msvc@@I@Z
?is_colon_colon@member_selection_entry@edge@@QBE_NXZ
?selector_expr@member_selection_entry@edge@@QBEPAVexpr_node_entry@2@XZ
install_host
?tag_parse@@YA_NIPAPBDPBD1W4parse_lang_e@edge@@Usnapshot_session_t@snapshot@@PAVa_scout_parser_interface@@@Z
?tag_parse_invalidate_cache@@YAXXZ
?tag_parse_metadata@@YA_NPBDPAVa_scout_parser_interface@@@Z
?get_pch_size_in_bytes@query_action_data@edge@@QBE_KXZ
??0file_position@edge@@QAE@XZ
?is_null_position@file_position@edge@@QBE_NXZ
?symbol@scope_entry@edge@@QBEPAU02@XZ
?get_query_manager@intellisense_operation@edge@@QAEABVscoped_query_manager@2@XZ
?type@expr_node_entry@edge@@QBEPAV02@XZ
?is_lvalue@expr_node_entry@edge@@QBE_NXZ
?is_parenthesized@expr_node_entry@edge@@QBE_NXZ
?get_translation_unit_language@translation_unit@edge@@QBE?AW4translation_unit_language_e@2@XZ
?is_inside_inactive_region@translation_unit@edge@@QBE_NABUfile_position@2@@Z
?type@constant@edge@@QBEPAV02@XZ
?symbol@constant@edge@@QBEPAU02@XZ
?to_string_with_refs@type@edge@@QBEIPAU?$buffer@D@msvc@@IPBD@Z
?is_const@type@edge@@QBE_NXZ
?position@source_position@edge@@QBE?AUfile_position@2@XZ
?last_error_code@intellisense_operation@edge@@QBE?AW4error_code@12@XZ
?get_trees_in_enclosing_function_scope@intellisense_operation@edge@@QAE_NPAU?$list@PAVil_entry@edge@@@2@PAU?$list@Ufile_position@edge@@@2@1@Z
?get_symbol_from_il_entry@intellisense_operation@edge@@QAEPAUsymbol@2@PAVil_entry@2@_N@Z
?constant@constant_entry@edge@@QBEPAV02@XZ
?target_of_branch@branch_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?is_end_reachable@statement_entry@edge@@QBE_NXZ
?source_range@statement_entry@edge@@QBEXPAUfile_position@2@0@Z
?switch_of_case@case_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?is_toplevel_case@case_statement_entry@edge@@QBE_NXZ
?kind@il_entry@edge@@QBE?AW4il_entry_kind@2@XZ
?has_syntax_errors_in_range@scoped_query_manager@edge@@QBE_NABUfile_position@2@0@Z
?symbol@macro_invocation_entry@edge@@QBEPAUmacro_symbol@2@XZ
?type_referenced@pointer_type@edge@@QBEPAVtype@2@XZ
?is_reference@pointer_type@edge@@QBE_NXZ
?kind@type@edge@@QBE?AW4type_kind@2@XZ
?is_equal_to@type@edge@@QBE_NPBV12@H@Z
?skip_all_typerefs@typeref_type@edge@@QBEPAVtype@2@XZ
?return_type@function_type@edge@@QBEPAVtype@2@XZ
?expr_operand@typeid_expr_node_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?get_last_preparse_pch_action@query_action_data@edge@@QBE?AW4pch_action_tag_e@2@XZ
?get_num_preparses_done@query_action_data@edge@@QBEHXZ
?get_function_scopes_overlapping_span@scoped_query_manager@edge@@QAEXABUfile_position@2@0PAU?$list@PAVfunction_scope_entry@edge@@@2@@Z
?expr_operand@sizeof_expr_node_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?get_elements@braced_init_list_expr_node_entry@edge@@QBEXPAU?$list@PAVexpr_node_entry@edge@@@2@@Z
?get_operands@fold_expr_node_entry@edge@@QBEXPAU?$list@PAVexpr_node_entry@edge@@@2@@Z
?get_requirements@requires_expr_node_entry@edge@@QBEXPAU?$list@PAVexpr_node_entry@edge@@@2@@Z
?expression@compound_req_expr_node_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?constraint@compound_req_expr_node_entry@edge@@QBEPAVconcept_expr_node_entry@2@XZ
?constant@constant_dynamic_init_entry@edge@@QBEPAV02@XZ
?expression@expression_dynamic_init_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?append_primary@tree_query_result_builder@edge@@UAEXPAVil_entry@2@ABUfile_position@2@1@Z
??0tree_query_result_builder@edge@@QAE@XZ
?symbol@base_class@edge@@QBEPAUclass_struct_symbol@2@XZ
?type@type_entry@edge@@QBEPAV02@XZ
?body@function_scope_entry@edge@@QBEPAVstatement_entry@2@XZ
?get_declarations_overlapping_span@scoped_query_manager@edge@@QAEXABUfile_position@2@0PAVtree_query_result_builder@2@@Z
?expression@expr_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?condition@if_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
??1query_action_data@edge@@QAE@XZ
??0query_action_data@edge@@QAE@$$QAV01@@Z
?then_statement@if_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?else_statement@if_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?is_do_while@while_statement_entry@edge@@QBE_NXZ
?body@while_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?condition@while_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?expression@return_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?get_children@block_statement_entry@edge@@QBEXPAU?$list@PAVstatement_entry@edge@@@2@@Z
?initialization@for_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?symbol@function_entry@edge@@QBEPAUfunction_symbol@2@XZ
?symbol@namespace_entry@edge@@QBEPAUnamespace_symbol@2@XZ
?condition@for_loop_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?increment@for_loop_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?symbol@variable_entry@edge@@QBEPAUvariable_symbol@2@XZ
?body@for_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?range_expr@range_based_for_loop_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?body@range_based_for_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?collection@for_each_loop_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?body@for_each_loop_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?symbol@field_entry@edge@@QBEPAUfield_symbol@2@XZ
?symbol@template_entry@edge@@QBEPAUtemplate_symbol@2@XZ
?body@switch_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?is_bool@integer_type@edge@@QBE_NXZ
?initialization@decl_init_statement_entry@edge@@QBEPAVdynamic_init_entry@2@XZ
?entities@decl_statement_entry@edge@@QBEXPAU?$list@PAVil_entry@edge@@@2@@Z
?is_call@operation_expr_node_entry@edge@@QBE_NXZ
?operator_name@operation_expr_node_entry@edge@@QBE?AW4expr_operator_kind@2@XZ
??0file_range@edge@@QAE@XZ
?is_empty_class@type@edge@@QBE_NXZ
?symbol@dynamic_init_entry@edge@@QBEPAUvariable_symbol@2@XZ
??0query_action_data@edge@@QAE@XZ
?is_copy_for_initialization@constructor_dynamic_init_entry@edge@@QBE_NXZ
?scope@member_selection_entry@edge@@QBEPAVscope_entry@2@XZ
?body@try_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?is_in_function@scope_entry@edge@@QBE_NXZ
?is_in_class_member_function@scope_entry@edge@@QBE_NXZ
?iterator@range_based_for_loop_statement_entry@edge@@QBEPAUvariable_symbol@2@XZ
??0file_line_column@edge@@QAE@Ua_canonicalized_file_name@@U?$strong_typedef_t@Uline1_traits@msvc@@@msvc@@U?$strong_typedef_t@Ucolumn1_traits@msvc@@@4@@Z
??0file_position@edge@@QAE@Ua_canonicalized_file_name@@U?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@@Z
?get_handlers@try_statement_entry@edge@@QBEXPAU?$list@PAVhandler_entry@edge@@@2@@Z
?operation_flags@operation_expr_node_entry@edge@@QBE?AUflags@12@XZ
?original_expression@constant@edge@@QBEPAVexpr_node_entry@2@XZ
?raw@a_canonicalized_file_name@@QBEPBDXZ
?get_host@edge@@YAPAUhost@1@XZ
??0file_buffer@edge@@IAE@XZ
?body@handler_entry@edge@@QBEPAVstatement_entry@2@XZ
?body@microsoft_try_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
?filter@microsoft_try_statement_entry@edge@@QBEPAVexpr_node_entry@2@XZ
?source_position@expr_node_entry@edge@@QBE_NPAUfile_position@2@@Z
?cleanup@microsoft_try_statement_entry@edge@@QBEPAVstatement_entry@2@XZ
??1file_buffer@edge@@MAE@XZ
?init_kind@dynamic_init_entry@edge@@QBE?AW4dynamic_init_kind@2@XZ
?get_operands@operation_expr_node_entry@edge@@QBEXPAU?$list@PAVexpr_node_entry@edge@@@2@@Z
?constant@constant_expr_node_entry@edge@@QBEPAV02@XZ
?update@file_buffer@edge@@IAEXU?$strong_typedef_t@Uoffset_traits@msvc@@@msvc@@0H@Z
?opened_in_editor@file_buffer@edge@@IAEXXZ
?source_range@expr_node_entry@edge@@QBE_NPAUfile_position@2@0@Z
?dynamic_init@temp_init_expr_node_entry@edge@@QBEPAVdynamic_init_entry@2@XZ
??0file_range@edge@@QAE@Ufile_position@1@0@Z
??0file_range@edge@@QAE@Ufile_position@1@H@Z
?is_valid@file_range@edge@@QBE_NXZ
?is_part_of_macro_expansion@edge@@YA_NABUfile_position@1@@Z
?tag_parse_shutdown@@YAXXZ
?file@file_range@edge@@QBE?AUa_canonicalized_file_name@@XZ
?size@type@edge@@QBEIXZ
?compare_name@type@edge@@QBEHV?$basic_string_view@DU?$char_traits@D@std@@@std@@@Z
?dynamic_init@new_delete_expr_node_entry@edge@@QBEPAVdynamic_init_entry@2@XZ
?dynamic_init@throw_expr_node_entry@edge@@QBEPAVdynamic_init_entry@2@XZ
?dynamic_init@condition_expr_node_entry@edge@@QBEPAVdynamic_init_entry@2@XZ
?expression_range@statement_entry@edge@@QBE_NPAUfile_position@2@0@Z
?initialization@condition_expr_node_entry@edge@@QBEPAVstatement_entry@2@XZ
?corresponding_fundamental_type@type@edge@@QBEPAV12@XZ
?call_sites_in_enclosing_function_scope@intellisense_operation@edge@@QAEXPAU?$list@Ucall_site@edge@@@2@@Z
?constraint@nested_req_expr_node_entry@edge@@QBEPAVexpr_node_entry@2@XZ

shlwapi

PathAppendW
PathRemoveFileSpecW

ws2_32

WSASetLastError
WSAStartup
WSARecvFrom
select
WSAIoctl
WSASend
shutdown
socket
WSAGetLastError
setsockopt
getsockopt
closesocket
htons
WSASocketW
WSARecv

psapi

GetProcessMemoryInfo

api-ms-win-crt-time-l1-1-0

_time64
_localtime64_s

api-ms-win-crt-filesystem-l1-1-0

_wstat64
_wunlink
_waccess_s

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-multibyte-l1-1-0

_ismbblead

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vcruntime140.dll
.dll windows:6 windows x86 arch:x86

2262054530b5f8bbeb0c4e3a111a37eb

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-02-2023 22:33

Not After

31-01-2024 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-05-2013 20:44

Not After

01-05-2028 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-02-2023 20:10

Not After

31-01-2024 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4
Signer

Actual PE Digest

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4

Digest Algorithm

sha256

PE Digest Matches

true

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4
Signer

Actual PE Digest

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\x86ret\bin\i386\\vcruntime140.i386.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

LeaveCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
TlsGetValue
DeleteCriticalSection
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

6c578232d1f9f22ad6b0f5bf7c40b629

Code Sign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

51:11:6d:8f:01:e1:93:5d:82:d0:9c:11:24:36:53:60:33:90:7a:40:45:85:a0:9f:bf:04:5e:5f:8d:e0:a9:e1Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

advapi32

msi

winspool.drv

uxtheme

kernel32

user32

ole32

shell32

oleaut32

shlwapi

oleacc

gdi32

gdiplus

msimg32

imm32

winmm

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 349KB - Virtual size: 349KB

.data Size: 36KB - Virtual size: 67KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 130KB - Virtual size: 129KB

Password: infected

0bd7ab3f713309a66e9b3611308aed96

Code Sign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

51:11:6d:8f:01:e1:93:5d:82:d0:9c:11:24:36:53:60:33:90:7a:40:45:85:a0:9f:bf:04:5e:5f:8d:e0:a9:e1
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 349KB - Virtual size: 349KB

.data
Size: 36KB - Virtual size: 67KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 130KB - Virtual size: 129KB

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

50:d2:d4:7b:50:1b:c9:6a:b4:bf:6f:96:a1:4b:f7:9d:6a:f9:e5:6b:77:37:36:46:f7:75:23:92:5a:05:1f:cd
Signer

9d:bf:ba:ae:7f:81:df:eb:22:4c:bc:b1:dc:fa:64:43:c4:da:f8:ec
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.textidx
Size: 686KB - Virtual size: 685KB

.rdata
Size: 265KB - Virtual size: 265KB

.data
Size: 60KB - Virtual size: 83KB

.gfids
Size: 1024B - Virtual size: 808B

.tls
Size: 512B - Virtual size: 9B

.fnp_dir
Size: 512B - Virtual size: 100B

.fnp_mar
Size: 512B - Virtual size: 1B

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

.reloc
Size: 80KB - Virtual size: 80KB

.text
Size: 512B - Virtual size: 334B

.rdata
Size: 512B - Virtual size: 121B

.data
Size: 512B - Virtual size: 397B

.reloc
Size: 512B - Virtual size: 32B

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate