ScreenShot
| Created | 2021.08.15 12:49 | Machine | s1_win7_x6401 |
| Filename | nc.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 32 detected (Disco, GenericKD, TrojanPSW, Discord, Malicious, R002C0WHD21, BadFile, Redcap, nafea, ai score=81, Sabsik, score, Artemis, n8NL0i+O9to) | ||
| md5 | 20e27f9073210db80a1fc8dea3138a09 | ||
| sha256 | 2252e8f882360e28d7480d4f83b89eaca1f7961e78f425b5b110746266bdd892 | ||
| ssdeep | 24576:I0zRNnuWzjeUnDpc9eR+FGKF1T5xRZMeCQ+BhZ7xe+8e3eE+mOeI:bzRZuWzjeUnDpc9eR+FJT5xRZMeCQ+Bi | ||
| imphash | 116c3e6d5e103041b9606a92a6f0b6d9 | ||
| impfuzzy | 96:pWJKHOaxqoscbGOE9OU5h3Z9UjMxU6ZD6F6wExEfOxQbsYHWpDDTYI2AylYqFh8k:mJH9yAylYqFm6A4Wl+zGrEv | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 32 AntiVirus engines on VirusTotal as malicious |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | This executable has a PDB path |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
MSVCP140D.dll
0x1400af270 ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400af278 ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
0x1400af280 ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x1400af288 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400af290 ?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
0x1400af298 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1400af2a0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
0x1400af2a8 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x1400af2b0 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x1400af2b8 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af2c0 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400af2c8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400af2d0 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
0x1400af2d8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x1400af2e0 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
0x1400af2e8 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x1400af2f0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400af2f8 ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400af300 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af308 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1400af310 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x1400af318 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1400af320 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af328 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x1400af330 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x1400af338 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x1400af340 ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
0x1400af348 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x1400af350 ?_Incref@facet@locale@std@@UEAAXXZ
0x1400af358 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x1400af360 ?id@?$ctype@D@std@@2V0locale@2@A
0x1400af368 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1400af370 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1400af378 ?id@?$collate@D@std@@2V0locale@2@A
0x1400af380 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af388 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x1400af390 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x1400af398 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3a0 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3a8 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3b0 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3b8 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x1400af3c0 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x1400af3c8 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400af3d0 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400af3d8 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400af3e0 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x1400af3e8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af3f0 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400af3f8 ?width@ios_base@std@@QEAA_J_J@Z
0x1400af400 ?width@ios_base@std@@QEBA_JXZ
0x1400af408 ?flags@ios_base@std@@QEBAHXZ
0x1400af410 ?good@ios_base@std@@QEBA_NXZ
0x1400af418 ??Bios_base@std@@QEBA_NXZ
0x1400af420 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400af428 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1400af430 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400af438 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400af440 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400af448 ?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
0x1400af450 ?tolower@?$ctype@D@std@@QEBADD@Z
0x1400af458 ??0_Lockit@std@@QEAA@H@Z
0x1400af460 ?is@?$ctype@D@std@@QEBA_NFD@Z
0x1400af468 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1400af470 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x1400af478 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x1400af480 ??1facet@locale@std@@MEAA@XZ
0x1400af488 ??0facet@locale@std@@IEAA@_K@Z
0x1400af490 ??Bid@locale@std@@QEAA_KXZ
0x1400af498 ??3_Crt_new_delete@std@@SAXPEAX@Z
0x1400af4a0 ??2_Crt_new_delete@std@@SAPEAX_K@Z
0x1400af4a8 ?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
0x1400af4b0 ?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
0x1400af4b8 ?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
0x1400af4c0 ?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
0x1400af4c8 ?_Getdays@_Locinfo@std@@QEBAPEBDXZ
0x1400af4d0 ?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
0x1400af4d8 ?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
0x1400af4e0 ??1_Locinfo@std@@QEAA@XZ
0x1400af4e8 ??0_Locinfo@std@@QEAA@PEBD@Z
0x1400af4f0 _Strxfrm
0x1400af4f8 _Strcoll
0x1400af500 _Mbrtowc
0x1400af508 ?_Winerror_map@std@@YAHH@Z
0x1400af510 ?_Syserror_map@std@@YAPEBDH@Z
0x1400af518 ?uncaught_exception@std@@YA_NXZ
0x1400af520 ?_Xout_of_range@std@@YAXPEBD@Z
0x1400af528 ?_Xlength_error@std@@YAXPEBD@Z
0x1400af530 ?_Xbad_alloc@std@@YAXXZ
0x1400af538 ??1_Lockit@std@@QEAA@XZ
0x1400af540 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
WININET.dll
0x1400af788 InternetOpenUrlA
0x1400af790 InternetCloseHandle
0x1400af798 InternetOpenA
0x1400af7a0 InternetReadFile
VCRUNTIME140D.dll
0x1400af630 __vcrt_GetModuleFileNameW
0x1400af638 __vcrt_LoadLibraryExW
0x1400af640 memchr
0x1400af648 memcmp
0x1400af650 memcpy
0x1400af658 memmove
0x1400af660 memset
0x1400af668 strchr
0x1400af670 __std_exception_copy
0x1400af678 __std_exception_destroy
0x1400af680 _CxxThrowException
0x1400af688 __std_type_info_destroy_list
0x1400af690 __C_specific_handler
0x1400af698 __current_exception
0x1400af6a0 __current_exception_context
0x1400af6a8 __C_specific_handler_noexcept
0x1400af6b0 __vcrt_GetModuleHandleW
VCRUNTIME140_1D.dll
0x1400af728 __CxxFrameHandler4
ucrtbased.dll
0x1400af800 __stdio_common_vsprintf_s
0x1400af808 _wmakepath_s
0x1400af810 _wsplitpath_s
0x1400af818 wcscpy_s
0x1400af820 strcpy_s
0x1400af828 _configure_narrow_argv
0x1400af830 _seh_filter_dll
0x1400af838 malloc
0x1400af840 _callnewh
0x1400af848 terminate
0x1400af850 ___lc_codepage_func
0x1400af858 _malloc_dbg
0x1400af860 _free_dbg
0x1400af868 strlen
0x1400af870 wcslen
0x1400af878 _unlock_file
0x1400af880 __p__commode
0x1400af888 ungetc
0x1400af890 setvbuf
0x1400af898 fwrite
0x1400af8a0 _fseeki64
0x1400af8a8 fsetpos
0x1400af8b0 fread
0x1400af8b8 fputc
0x1400af8c0 fgetpos
0x1400af8c8 fgetc
0x1400af8d0 fflush
0x1400af8d8 fclose
0x1400af8e0 _get_stream_buffer_pointers
0x1400af8e8 system
0x1400af8f0 _dupenv_s
0x1400af8f8 realloc
0x1400af900 free
0x1400af908 _CrtDbgReport
0x1400af910 _invalid_parameter
0x1400af918 _set_new_mode
0x1400af920 _configthreadlocale
0x1400af928 _register_thread_local_exe_atexit_callback
0x1400af930 _c_exit
0x1400af938 __p___argv
0x1400af940 __p___argc
0x1400af948 _set_fmode
0x1400af950 _exit
0x1400af958 exit
0x1400af960 _initterm_e
0x1400af968 _initterm
0x1400af970 _get_initial_narrow_environment
0x1400af978 __setusermatherr
0x1400af980 _set_app_type
0x1400af988 _seh_filter_exe
0x1400af990 _CrtDbgReportW
0x1400af998 _cexit
0x1400af9a0 _crt_at_quick_exit
0x1400af9a8 _crt_atexit
0x1400af9b0 _execute_onexit_table
0x1400af9b8 strcat_s
0x1400af9c0 _register_onexit_function
0x1400af9c8 _initialize_onexit_table
0x1400af9d0 _lock_file
0x1400af9d8 _initialize_narrow_environment
0x1400af9e0 _calloc_dbg
KERNEL32.dll
0x1400af000 LocalFree
0x1400af008 FormatMessageA
0x1400af010 SetCurrentDirectoryW
0x1400af018 GetCurrentDirectoryW
0x1400af020 CreateDirectoryW
0x1400af028 CreateFileW
0x1400af030 FindClose
0x1400af038 FindFirstFileExW
0x1400af040 FindNextFileW
0x1400af048 GetDiskFreeSpaceExW
0x1400af050 GetFileAttributesW
0x1400af058 GetFileAttributesExW
0x1400af060 GetFileInformationByHandle
0x1400af068 GetFinalPathNameByHandleW
0x1400af070 GetFullPathNameW
0x1400af078 SetEndOfFile
0x1400af080 SetFileAttributesW
0x1400af088 SetFileInformationByHandle
0x1400af090 SetFilePointerEx
0x1400af098 SetFileTime
0x1400af0a0 GetTempPathW
0x1400af0a8 AreFileApisANSI
0x1400af0b0 CloseHandle
0x1400af0b8 GetLastError
0x1400af0c0 DeviceIoControl
0x1400af0c8 CreateDirectoryExW
0x1400af0d0 CopyFileW
0x1400af0d8 MoveFileExW
0x1400af0e0 CreateHardLinkW
0x1400af0e8 GetFileInformationByHandleEx
0x1400af0f0 CreateSymbolicLinkW
0x1400af0f8 MultiByteToWideChar
0x1400af100 WideCharToMultiByte
0x1400af108 GetCurrentThreadId
0x1400af110 RtlCaptureContext
0x1400af118 RtlLookupFunctionEntry
0x1400af120 RtlVirtualUnwind
0x1400af128 IsDebuggerPresent
0x1400af130 UnhandledExceptionFilter
0x1400af138 SetUnhandledExceptionFilter
0x1400af140 GetStartupInfoW
0x1400af148 IsProcessorFeaturePresent
0x1400af150 GetModuleHandleW
0x1400af158 RaiseException
0x1400af160 GetCurrentProcess
0x1400af168 TerminateProcess
0x1400af170 QueryPerformanceCounter
0x1400af178 GetCurrentProcessId
0x1400af180 GetSystemTimeAsFileTime
0x1400af188 InitializeSListHead
0x1400af190 HeapAlloc
0x1400af198 HeapFree
0x1400af1a0 GetProcessHeap
0x1400af1a8 VirtualQuery
0x1400af1b0 FreeLibrary
0x1400af1b8 GetProcAddress
EAT(Export Address Table) is none
MSVCP140D.dll
0x1400af270 ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400af278 ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
0x1400af280 ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x1400af288 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400af290 ?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
0x1400af298 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1400af2a0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
0x1400af2a8 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x1400af2b0 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x1400af2b8 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af2c0 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400af2c8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400af2d0 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
0x1400af2d8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x1400af2e0 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
0x1400af2e8 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x1400af2f0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400af2f8 ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400af300 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af308 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1400af310 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x1400af318 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1400af320 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af328 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x1400af330 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x1400af338 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x1400af340 ?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
0x1400af348 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x1400af350 ?_Incref@facet@locale@std@@UEAAXXZ
0x1400af358 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x1400af360 ?id@?$ctype@D@std@@2V0locale@2@A
0x1400af368 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1400af370 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1400af378 ?id@?$collate@D@std@@2V0locale@2@A
0x1400af380 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af388 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x1400af390 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x1400af398 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3a0 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3a8 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3b0 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x1400af3b8 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x1400af3c0 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x1400af3c8 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400af3d0 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400af3d8 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400af3e0 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x1400af3e8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400af3f0 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400af3f8 ?width@ios_base@std@@QEAA_J_J@Z
0x1400af400 ?width@ios_base@std@@QEBA_JXZ
0x1400af408 ?flags@ios_base@std@@QEBAHXZ
0x1400af410 ?good@ios_base@std@@QEBA_NXZ
0x1400af418 ??Bios_base@std@@QEBA_NXZ
0x1400af420 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400af428 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1400af430 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400af438 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400af440 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400af448 ?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
0x1400af450 ?tolower@?$ctype@D@std@@QEBADD@Z
0x1400af458 ??0_Lockit@std@@QEAA@H@Z
0x1400af460 ?is@?$ctype@D@std@@QEBA_NFD@Z
0x1400af468 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1400af470 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x1400af478 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x1400af480 ??1facet@locale@std@@MEAA@XZ
0x1400af488 ??0facet@locale@std@@IEAA@_K@Z
0x1400af490 ??Bid@locale@std@@QEAA_KXZ
0x1400af498 ??3_Crt_new_delete@std@@SAXPEAX@Z
0x1400af4a0 ??2_Crt_new_delete@std@@SAPEAX_K@Z
0x1400af4a8 ?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
0x1400af4b0 ?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
0x1400af4b8 ?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
0x1400af4c0 ?_Getmonths@_Locinfo@std@@QEBAPEBDXZ
0x1400af4c8 ?_Getdays@_Locinfo@std@@QEBAPEBDXZ
0x1400af4d0 ?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
0x1400af4d8 ?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
0x1400af4e0 ??1_Locinfo@std@@QEAA@XZ
0x1400af4e8 ??0_Locinfo@std@@QEAA@PEBD@Z
0x1400af4f0 _Strxfrm
0x1400af4f8 _Strcoll
0x1400af500 _Mbrtowc
0x1400af508 ?_Winerror_map@std@@YAHH@Z
0x1400af510 ?_Syserror_map@std@@YAPEBDH@Z
0x1400af518 ?uncaught_exception@std@@YA_NXZ
0x1400af520 ?_Xout_of_range@std@@YAXPEBD@Z
0x1400af528 ?_Xlength_error@std@@YAXPEBD@Z
0x1400af530 ?_Xbad_alloc@std@@YAXXZ
0x1400af538 ??1_Lockit@std@@QEAA@XZ
0x1400af540 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
WININET.dll
0x1400af788 InternetOpenUrlA
0x1400af790 InternetCloseHandle
0x1400af798 InternetOpenA
0x1400af7a0 InternetReadFile
VCRUNTIME140D.dll
0x1400af630 __vcrt_GetModuleFileNameW
0x1400af638 __vcrt_LoadLibraryExW
0x1400af640 memchr
0x1400af648 memcmp
0x1400af650 memcpy
0x1400af658 memmove
0x1400af660 memset
0x1400af668 strchr
0x1400af670 __std_exception_copy
0x1400af678 __std_exception_destroy
0x1400af680 _CxxThrowException
0x1400af688 __std_type_info_destroy_list
0x1400af690 __C_specific_handler
0x1400af698 __current_exception
0x1400af6a0 __current_exception_context
0x1400af6a8 __C_specific_handler_noexcept
0x1400af6b0 __vcrt_GetModuleHandleW
VCRUNTIME140_1D.dll
0x1400af728 __CxxFrameHandler4
ucrtbased.dll
0x1400af800 __stdio_common_vsprintf_s
0x1400af808 _wmakepath_s
0x1400af810 _wsplitpath_s
0x1400af818 wcscpy_s
0x1400af820 strcpy_s
0x1400af828 _configure_narrow_argv
0x1400af830 _seh_filter_dll
0x1400af838 malloc
0x1400af840 _callnewh
0x1400af848 terminate
0x1400af850 ___lc_codepage_func
0x1400af858 _malloc_dbg
0x1400af860 _free_dbg
0x1400af868 strlen
0x1400af870 wcslen
0x1400af878 _unlock_file
0x1400af880 __p__commode
0x1400af888 ungetc
0x1400af890 setvbuf
0x1400af898 fwrite
0x1400af8a0 _fseeki64
0x1400af8a8 fsetpos
0x1400af8b0 fread
0x1400af8b8 fputc
0x1400af8c0 fgetpos
0x1400af8c8 fgetc
0x1400af8d0 fflush
0x1400af8d8 fclose
0x1400af8e0 _get_stream_buffer_pointers
0x1400af8e8 system
0x1400af8f0 _dupenv_s
0x1400af8f8 realloc
0x1400af900 free
0x1400af908 _CrtDbgReport
0x1400af910 _invalid_parameter
0x1400af918 _set_new_mode
0x1400af920 _configthreadlocale
0x1400af928 _register_thread_local_exe_atexit_callback
0x1400af930 _c_exit
0x1400af938 __p___argv
0x1400af940 __p___argc
0x1400af948 _set_fmode
0x1400af950 _exit
0x1400af958 exit
0x1400af960 _initterm_e
0x1400af968 _initterm
0x1400af970 _get_initial_narrow_environment
0x1400af978 __setusermatherr
0x1400af980 _set_app_type
0x1400af988 _seh_filter_exe
0x1400af990 _CrtDbgReportW
0x1400af998 _cexit
0x1400af9a0 _crt_at_quick_exit
0x1400af9a8 _crt_atexit
0x1400af9b0 _execute_onexit_table
0x1400af9b8 strcat_s
0x1400af9c0 _register_onexit_function
0x1400af9c8 _initialize_onexit_table
0x1400af9d0 _lock_file
0x1400af9d8 _initialize_narrow_environment
0x1400af9e0 _calloc_dbg
KERNEL32.dll
0x1400af000 LocalFree
0x1400af008 FormatMessageA
0x1400af010 SetCurrentDirectoryW
0x1400af018 GetCurrentDirectoryW
0x1400af020 CreateDirectoryW
0x1400af028 CreateFileW
0x1400af030 FindClose
0x1400af038 FindFirstFileExW
0x1400af040 FindNextFileW
0x1400af048 GetDiskFreeSpaceExW
0x1400af050 GetFileAttributesW
0x1400af058 GetFileAttributesExW
0x1400af060 GetFileInformationByHandle
0x1400af068 GetFinalPathNameByHandleW
0x1400af070 GetFullPathNameW
0x1400af078 SetEndOfFile
0x1400af080 SetFileAttributesW
0x1400af088 SetFileInformationByHandle
0x1400af090 SetFilePointerEx
0x1400af098 SetFileTime
0x1400af0a0 GetTempPathW
0x1400af0a8 AreFileApisANSI
0x1400af0b0 CloseHandle
0x1400af0b8 GetLastError
0x1400af0c0 DeviceIoControl
0x1400af0c8 CreateDirectoryExW
0x1400af0d0 CopyFileW
0x1400af0d8 MoveFileExW
0x1400af0e0 CreateHardLinkW
0x1400af0e8 GetFileInformationByHandleEx
0x1400af0f0 CreateSymbolicLinkW
0x1400af0f8 MultiByteToWideChar
0x1400af100 WideCharToMultiByte
0x1400af108 GetCurrentThreadId
0x1400af110 RtlCaptureContext
0x1400af118 RtlLookupFunctionEntry
0x1400af120 RtlVirtualUnwind
0x1400af128 IsDebuggerPresent
0x1400af130 UnhandledExceptionFilter
0x1400af138 SetUnhandledExceptionFilter
0x1400af140 GetStartupInfoW
0x1400af148 IsProcessorFeaturePresent
0x1400af150 GetModuleHandleW
0x1400af158 RaiseException
0x1400af160 GetCurrentProcess
0x1400af168 TerminateProcess
0x1400af170 QueryPerformanceCounter
0x1400af178 GetCurrentProcessId
0x1400af180 GetSystemTimeAsFileTime
0x1400af188 InitializeSListHead
0x1400af190 HeapAlloc
0x1400af198 HeapFree
0x1400af1a0 GetProcessHeap
0x1400af1a8 VirtualQuery
0x1400af1b0 FreeLibrary
0x1400af1b8 GetProcAddress
EAT(Export Address Table) is none