ScreenShot
| Created | 2021.09.05 16:53 | Machine | s1_win7_x6401 |
| Filename | redis-server.exe | ||
| Type | PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 36 detected (malicious, high confidence, Miner, CoinMiner, Eldorado, axutb, CoinminerX, XMRig Miner, Static AI, Malicious PE, AGEN, Wacapew, score, R226842, ai score=77, BitCoinMiner, HackTool, XMRMiner, CLASSIC, susgen, confidence) | ||
| md5 | 28fed6fd70691d410de60a57d590b549 | ||
| sha256 | 809e6103be38daf10dc04c9fbe476f0187a7558133361b83917982fbe24d3ade | ||
| ssdeep | 98304:9/3vTXGjTPr9H3GYEIrcMGmMEGdbI8C2LUDI5T1sIMftBzYthfW8aB2+dXjpviF/:9Pr4KFMzG/FSViXsdLKSDai | ||
| imphash | 63392501cfe7b6d20de24d04d9aa3a19 | ||
| impfuzzy | 192:5mShLrx+EScwA9Si9pdJ0cjSFz4QmVhdUrgLqR6:bz+Bch9SiHu+fdUrgLqQ | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 36 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Queries for the computername |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x140a27fb8 AdjustTokenPrivileges
0x140a27fc0 AllocateAndInitializeSid
0x140a27fc8 CloseServiceHandle
0x140a27fd0 ControlService
0x140a27fd8 CreateServiceW
0x140a27fe0 CryptAcquireContextW
0x140a27fe8 CryptCreateHash
0x140a27ff0 CryptDecrypt
0x140a27ff8 CryptDestroyHash
0x140a28000 CryptDestroyKey
0x140a28008 CryptEnumProvidersW
0x140a28010 CryptExportKey
0x140a28018 CryptGenRandom
0x140a28020 CryptGetProvParam
0x140a28028 CryptGetUserKey
0x140a28030 CryptReleaseContext
0x140a28038 CryptSetHashParam
0x140a28040 CryptSignHashW
0x140a28048 DeleteService
0x140a28050 DeregisterEventSource
0x140a28058 FreeSid
0x140a28060 GetSecurityInfo
0x140a28068 GetTokenInformation
0x140a28070 GetUserNameW
0x140a28078 LookupPrivilegeValueW
0x140a28080 LsaAddAccountRights
0x140a28088 LsaClose
0x140a28090 LsaOpenPolicy
0x140a28098 OpenProcessToken
0x140a280a0 OpenSCManagerW
0x140a280a8 OpenServiceW
0x140a280b0 QueryServiceConfigA
0x140a280b8 QueryServiceStatus
0x140a280c0 RegCloseKey
0x140a280c8 RegGetValueW
0x140a280d0 RegOpenKeyExW
0x140a280d8 RegQueryValueExW
0x140a280e0 RegisterEventSourceW
0x140a280e8 ReportEventW
0x140a280f0 SetEntriesInAclA
0x140a280f8 SetSecurityInfo
0x140a28100 StartServiceW
0x140a28108 SystemFunction036
CRYPT32.dll
0x140a28118 CertCloseStore
0x140a28120 CertDuplicateCertificateContext
0x140a28128 CertEnumCertificatesInStore
0x140a28130 CertFindCertificateInStore
0x140a28138 CertFreeCertificateContext
0x140a28140 CertGetCertificateContextProperty
0x140a28148 CertOpenStore
IPHLPAPI.DLL
0x140a28158 ConvertInterfaceIndexToLuid
0x140a28160 ConvertInterfaceLuidToNameW
0x140a28168 GetAdaptersAddresses
KERNEL32.dll
0x140a28178 AddVectoredExceptionHandler
0x140a28180 AssignProcessToJobObject
0x140a28188 CancelIo
0x140a28190 CancelIoEx
0x140a28198 CancelSynchronousIo
0x140a281a0 CloseHandle
0x140a281a8 ConnectNamedPipe
0x140a281b0 ConvertFiberToThread
0x140a281b8 ConvertThreadToFiber
0x140a281c0 CopyFileW
0x140a281c8 CreateDirectoryW
0x140a281d0 CreateEventA
0x140a281d8 CreateFiber
0x140a281e0 CreateFileA
0x140a281e8 CreateFileMappingA
0x140a281f0 CreateFileW
0x140a281f8 CreateHardLinkW
0x140a28200 CreateIoCompletionPort
0x140a28208 CreateJobObjectW
0x140a28210 CreateNamedPipeA
0x140a28218 CreateNamedPipeW
0x140a28220 CreateProcessW
0x140a28228 CreateSemaphoreA
0x140a28230 CreateSemaphoreW
0x140a28238 CreateSymbolicLinkW
0x140a28240 CreateToolhelp32Snapshot
0x140a28248 DebugBreak
0x140a28250 DeleteCriticalSection
0x140a28258 DeleteFiber
0x140a28260 DeviceIoControl
0x140a28268 DuplicateHandle
0x140a28270 EnterCriticalSection
0x140a28278 ExpandEnvironmentStringsA
0x140a28280 FileTimeToSystemTime
0x140a28288 FillConsoleOutputAttribute
0x140a28290 FillConsoleOutputCharacterW
0x140a28298 FindClose
0x140a282a0 FindFirstFileW
0x140a282a8 FindNextFileW
0x140a282b0 FindResourceW
0x140a282b8 FlushFileBuffers
0x140a282c0 FlushInstructionCache
0x140a282c8 FlushViewOfFile
0x140a282d0 FormatMessageA
0x140a282d8 FormatMessageW
0x140a282e0 FreeConsole
0x140a282e8 FreeEnvironmentStringsW
0x140a282f0 FreeLibrary
0x140a282f8 GetComputerNameA
0x140a28300 GetConsoleCursorInfo
0x140a28308 GetConsoleMode
0x140a28310 GetConsoleScreenBufferInfo
0x140a28318 GetConsoleTitleW
0x140a28320 GetConsoleWindow
0x140a28328 GetCurrentDirectoryW
0x140a28330 GetCurrentProcess
0x140a28338 GetCurrentProcessId
0x140a28340 GetCurrentThread
0x140a28348 GetCurrentThreadId
0x140a28350 GetDiskFreeSpaceW
0x140a28358 GetEnvironmentStringsW
0x140a28360 GetEnvironmentVariableW
0x140a28368 GetExitCodeProcess
0x140a28370 GetFileAttributesA
0x140a28378 GetFileAttributesW
0x140a28380 GetFileInformationByHandle
0x140a28388 GetFileInformationByHandleEx
0x140a28390 GetFileSizeEx
0x140a28398 GetFileType
0x140a283a0 GetFinalPathNameByHandleW
0x140a283a8 GetFullPathNameW
0x140a283b0 GetHandleInformation
0x140a283b8 GetLargePageMinimum
0x140a283c0 GetLastError
0x140a283c8 GetLongPathNameW
0x140a283d0 GetModuleFileNameA
0x140a283d8 GetModuleFileNameW
0x140a283e0 GetModuleHandleA
0x140a283e8 GetModuleHandleExW
0x140a283f0 GetModuleHandleW
0x140a283f8 GetNamedPipeHandleStateA
0x140a28400 GetNativeSystemInfo
0x140a28408 GetNumberOfConsoleInputEvents
0x140a28410 GetPriorityClass
0x140a28418 GetProcAddress
0x140a28420 GetProcessAffinityMask
0x140a28428 GetProcessHeap
0x140a28430 GetProcessIoCounters
0x140a28438 GetProcessTimes
0x140a28440 GetQueuedCompletionStatus
0x140a28448 GetShortPathNameW
0x140a28450 GetStartupInfoA
0x140a28458 GetStartupInfoW
0x140a28460 GetStdHandle
0x140a28468 GetSystemFirmwareTable
0x140a28470 GetSystemInfo
0x140a28478 GetSystemPowerStatus
0x140a28480 GetSystemTime
0x140a28488 GetSystemTimeAdjustment
0x140a28490 GetSystemTimeAsFileTime
0x140a28498 GetTempPathW
0x140a284a0 GetThreadContext
0x140a284a8 GetThreadPriority
0x140a284b0 GetThreadTimes
0x140a284b8 GetTickCount
0x140a284c0 GetTickCount64
0x140a284c8 GetVersion
0x140a284d0 GetVersionExA
0x140a284d8 GetVersionExW
0x140a284e0 GlobalMemoryStatusEx
0x140a284e8 HeapAlloc
0x140a284f0 HeapFree
0x140a284f8 InitializeConditionVariable
0x140a28500 InitializeCriticalSection
0x140a28508 InitializeCriticalSectionAndSpinCount
0x140a28510 IsDBCSLeadByteEx
0x140a28518 IsDebuggerPresent
0x140a28520 K32GetProcessMemoryInfo
0x140a28528 LCMapStringW
0x140a28530 LeaveCriticalSection
0x140a28538 LoadLibraryA
0x140a28540 LoadLibraryExW
0x140a28548 LoadLibraryW
0x140a28550 LoadResource
0x140a28558 LocalAlloc
0x140a28560 LocalFree
0x140a28568 LockResource
0x140a28570 MapViewOfFile
0x140a28578 MoveFileExW
0x140a28580 MultiByteToWideChar
0x140a28588 OpenProcess
0x140a28590 OutputDebugStringA
0x140a28598 PeekNamedPipe
0x140a285a0 PostQueuedCompletionStatus
0x140a285a8 Process32First
0x140a285b0 Process32Next
0x140a285b8 QueryPerformanceCounter
0x140a285c0 QueryPerformanceFrequency
0x140a285c8 QueueUserWorkItem
0x140a285d0 RaiseException
0x140a285d8 ReOpenFile
0x140a285e0 ReadConsoleA
0x140a285e8 ReadConsoleInputW
0x140a285f0 ReadConsoleW
0x140a285f8 ReadDirectoryChangesW
0x140a28600 ReadFile
0x140a28608 RegisterWaitForSingleObject
0x140a28610 ReleaseSemaphore
0x140a28618 RemoveDirectoryW
0x140a28620 RemoveVectoredExceptionHandler
0x140a28628 ResetEvent
0x140a28630 ResumeThread
0x140a28638 RtlCaptureContext
0x140a28640 RtlLookupFunctionEntry
0x140a28648 RtlUnwindEx
0x140a28650 RtlVirtualUnwind
0x140a28658 SetConsoleCtrlHandler
0x140a28660 SetConsoleCursorInfo
0x140a28668 SetConsoleCursorPosition
0x140a28670 SetConsoleMode
0x140a28678 SetConsoleTextAttribute
0x140a28680 SetConsoleTitleA
0x140a28688 SetConsoleTitleW
0x140a28690 SetCurrentDirectoryW
0x140a28698 SetEnvironmentVariableW
0x140a286a0 SetErrorMode
0x140a286a8 SetEvent
0x140a286b0 SetFileCompletionNotificationModes
0x140a286b8 SetFilePointerEx
0x140a286c0 SetFileTime
0x140a286c8 SetHandleInformation
0x140a286d0 SetInformationJobObject
0x140a286d8 SetLastError
0x140a286e0 SetNamedPipeHandleState
0x140a286e8 SetPriorityClass
0x140a286f0 SetProcessAffinityMask
0x140a286f8 SetSystemTime
0x140a28700 SetThreadAffinityMask
0x140a28708 SetThreadContext
0x140a28710 SetThreadPriority
0x140a28718 SetUnhandledExceptionFilter
0x140a28720 SizeofResource
0x140a28728 Sleep
0x140a28730 SleepConditionVariableCS
0x140a28738 SuspendThread
0x140a28740 SwitchToFiber
0x140a28748 SwitchToThread
0x140a28750 SystemTimeToFileTime
0x140a28758 TerminateProcess
0x140a28760 TlsAlloc
0x140a28768 TlsFree
0x140a28770 TlsGetValue
0x140a28778 TlsSetValue
0x140a28780 TryEnterCriticalSection
0x140a28788 UnmapViewOfFile
0x140a28790 UnregisterWait
0x140a28798 UnregisterWaitEx
0x140a287a0 VerSetConditionMask
0x140a287a8 VerifyVersionInfoA
0x140a287b0 VirtualAlloc
0x140a287b8 VirtualFree
0x140a287c0 VirtualProtect
0x140a287c8 VirtualQuery
0x140a287d0 WaitForMultipleObjects
0x140a287d8 WaitForSingleObject
0x140a287e0 WaitNamedPipeW
0x140a287e8 WakeAllConditionVariable
0x140a287f0 WakeConditionVariable
0x140a287f8 WideCharToMultiByte
0x140a28800 WriteConsoleInputW
0x140a28808 WriteConsoleW
0x140a28810 WriteFile
0x140a28818 __C_specific_handler
msvcrt.dll
0x140a28828 ___lc_codepage_func
0x140a28830 ___mb_cur_max_func
0x140a28838 __argv
0x140a28840 __doserrno
0x140a28848 __getmainargs
0x140a28850 __initenv
0x140a28858 __iob_func
0x140a28860 __lconv_init
0x140a28868 __set_app_type
0x140a28870 __setusermatherr
0x140a28878 _acmdln
0x140a28880 _amsg_exit
0x140a28888 _assert
0x140a28890 _beginthreadex
0x140a28898 _cexit
0x140a288a0 _close
0x140a288a8 _close
0x140a288b0 _commode
0x140a288b8 _endthreadex
0x140a288c0 _errno
0x140a288c8 _exit
0x140a288d0 _fdopen
0x140a288d8 _filelengthi64
0x140a288e0 _fileno
0x140a288e8 _findclose
0x140a288f0 _fileno
0x140a288f8 _findfirst64
0x140a28900 _findnext64
0x140a28908 _fmode
0x140a28910 _fstat64
0x140a28918 _fullpath
0x140a28920 _get_osfhandle
0x140a28928 _gmtime64
0x140a28930 _initterm
0x140a28938 _isatty
0x140a28940 _localtime64
0x140a28948 _lock
0x140a28950 _lseeki64
0x140a28958 _mkdir
0x140a28960 _onexit
0x140a28968 _open
0x140a28970 _open_osfhandle
0x140a28978 _read
0x140a28980 _read
0x140a28988 _setjmp
0x140a28990 _setmode
0x140a28998 _snwprintf
0x140a289a0 _stat64
0x140a289a8 _stricmp
0x140a289b0 _strdup
0x140a289b8 _strdup
0x140a289c0 _strnicmp
0x140a289c8 _time64
0x140a289d0 _ultoa
0x140a289d8 _unlock
0x140a289e0 _umask
0x140a289e8 _vscprintf
0x140a289f0 _vsnprintf
0x140a289f8 _vsnwprintf
0x140a28a00 _wchmod
0x140a28a08 _wcsdup
0x140a28a10 _wcsnicmp
0x140a28a18 _wcsrev
0x140a28a20 _wfopen
0x140a28a28 _wopen
0x140a28a30 _write
0x140a28a38 _wrmdir
0x140a28a40 abort
0x140a28a48 atof
0x140a28a50 atoi
0x140a28a58 calloc
0x140a28a60 exit
0x140a28a68 fclose
0x140a28a70 feof
0x140a28a78 ferror
0x140a28a80 fflush
0x140a28a88 fgetpos
0x140a28a90 fgets
0x140a28a98 fopen
0x140a28aa0 fprintf
0x140a28aa8 fputc
0x140a28ab0 fputs
0x140a28ab8 fread
0x140a28ac0 free
0x140a28ac8 fseek
0x140a28ad0 fsetpos
0x140a28ad8 ftell
0x140a28ae0 fwrite
0x140a28ae8 getc
0x140a28af0 getenv
0x140a28af8 getwc
0x140a28b00 islower
0x140a28b08 isspace
0x140a28b10 isupper
0x140a28b18 iswctype
0x140a28b20 _write
0x140a28b28 localeconv
0x140a28b30 longjmp
0x140a28b38 malloc
0x140a28b40 memchr
0x140a28b48 memcmp
0x140a28b50 memcpy
0x140a28b58 memmove
0x140a28b60 memset
0x140a28b68 printf
0x140a28b70 putc
0x140a28b78 putwc
0x140a28b80 qsort
0x140a28b88 raise
0x140a28b90 realloc
0x140a28b98 rand
0x140a28ba0 setlocale
0x140a28ba8 setvbuf
0x140a28bb0 signal
0x140a28bb8 sprintf
0x140a28bc0 srand
0x140a28bc8 sscanf
0x140a28bd0 strcat
0x140a28bd8 strchr
0x140a28be0 strcmp
0x140a28be8 strcoll
0x140a28bf0 strcpy
0x140a28bf8 strcspn
0x140a28c00 strerror
0x140a28c08 strftime
0x140a28c10 strlen
0x140a28c18 strncmp
0x140a28c20 strncpy
0x140a28c28 strrchr
0x140a28c30 strspn
0x140a28c38 strstr
0x140a28c40 strtol
0x140a28c48 strtoul
0x140a28c50 strxfrm
0x140a28c58 tolower
0x140a28c60 toupper
0x140a28c68 towlower
0x140a28c70 towupper
0x140a28c78 ungetc
0x140a28c80 vfprintf
0x140a28c88 ungetwc
0x140a28c90 wcschr
0x140a28c98 wcscmp
0x140a28ca0 wcscoll
0x140a28ca8 wcscpy
0x140a28cb0 wcsftime
0x140a28cb8 wcslen
0x140a28cc0 wcsncmp
0x140a28cc8 wcsncpy
0x140a28cd0 wcspbrk
0x140a28cd8 wcsrchr
0x140a28ce0 wcsstr
0x140a28ce8 wcstombs
0x140a28cf0 wcsxfrm
SHELL32.dll
0x140a28d00 SHGetSpecialFolderPathA
USER32.dll
0x140a28d10 DispatchMessageA
0x140a28d18 GetLastInputInfo
0x140a28d20 GetMessageA
0x140a28d28 GetProcessWindowStation
0x140a28d30 GetSystemMetrics
0x140a28d38 GetUserObjectInformationW
0x140a28d40 MapVirtualKeyW
0x140a28d48 MessageBoxW
0x140a28d50 ShowWindow
0x140a28d58 TranslateMessage
USERENV.dll
0x140a28d68 GetUserProfileDirectoryW
WS2_32.dll
0x140a28d78 FreeAddrInfoW
0x140a28d80 GetAddrInfoW
0x140a28d88 WSACleanup
0x140a28d90 WSADuplicateSocketW
0x140a28d98 WSAGetLastError
0x140a28da0 WSAGetOverlappedResult
0x140a28da8 WSAIoctl
0x140a28db0 WSARecv
0x140a28db8 WSARecvFrom
0x140a28dc0 WSASend
0x140a28dc8 WSASendTo
0x140a28dd0 WSASetLastError
0x140a28dd8 WSASocketW
0x140a28de0 WSAStartup
0x140a28de8 accept
0x140a28df0 ind
0x140a28df8 closesocket
0x140a28e00 connect
0x140a28e08 freeaddrinfo
0x140a28e10 getaddrinfo
0x140a28e18 gethostbyname
0x140a28e20 gethostname
0x140a28e28 getnameinfo
0x140a28e30 getpeername
0x140a28e38 getsockname
0x140a28e40 getsockopt
0x140a28e48 htonl
0x140a28e50 htons
0x140a28e58 ioctlsocket
0x140a28e60 listen
0x140a28e68 ntohs
0x140a28e70 recv
0x140a28e78 select
0x140a28e80 send
0x140a28e88 setsockopt
0x140a28e90 shutdown
0x140a28e98 socket
EAT(Export Address Table) is none
ADVAPI32.dll
0x140a27fb8 AdjustTokenPrivileges
0x140a27fc0 AllocateAndInitializeSid
0x140a27fc8 CloseServiceHandle
0x140a27fd0 ControlService
0x140a27fd8 CreateServiceW
0x140a27fe0 CryptAcquireContextW
0x140a27fe8 CryptCreateHash
0x140a27ff0 CryptDecrypt
0x140a27ff8 CryptDestroyHash
0x140a28000 CryptDestroyKey
0x140a28008 CryptEnumProvidersW
0x140a28010 CryptExportKey
0x140a28018 CryptGenRandom
0x140a28020 CryptGetProvParam
0x140a28028 CryptGetUserKey
0x140a28030 CryptReleaseContext
0x140a28038 CryptSetHashParam
0x140a28040 CryptSignHashW
0x140a28048 DeleteService
0x140a28050 DeregisterEventSource
0x140a28058 FreeSid
0x140a28060 GetSecurityInfo
0x140a28068 GetTokenInformation
0x140a28070 GetUserNameW
0x140a28078 LookupPrivilegeValueW
0x140a28080 LsaAddAccountRights
0x140a28088 LsaClose
0x140a28090 LsaOpenPolicy
0x140a28098 OpenProcessToken
0x140a280a0 OpenSCManagerW
0x140a280a8 OpenServiceW
0x140a280b0 QueryServiceConfigA
0x140a280b8 QueryServiceStatus
0x140a280c0 RegCloseKey
0x140a280c8 RegGetValueW
0x140a280d0 RegOpenKeyExW
0x140a280d8 RegQueryValueExW
0x140a280e0 RegisterEventSourceW
0x140a280e8 ReportEventW
0x140a280f0 SetEntriesInAclA
0x140a280f8 SetSecurityInfo
0x140a28100 StartServiceW
0x140a28108 SystemFunction036
CRYPT32.dll
0x140a28118 CertCloseStore
0x140a28120 CertDuplicateCertificateContext
0x140a28128 CertEnumCertificatesInStore
0x140a28130 CertFindCertificateInStore
0x140a28138 CertFreeCertificateContext
0x140a28140 CertGetCertificateContextProperty
0x140a28148 CertOpenStore
IPHLPAPI.DLL
0x140a28158 ConvertInterfaceIndexToLuid
0x140a28160 ConvertInterfaceLuidToNameW
0x140a28168 GetAdaptersAddresses
KERNEL32.dll
0x140a28178 AddVectoredExceptionHandler
0x140a28180 AssignProcessToJobObject
0x140a28188 CancelIo
0x140a28190 CancelIoEx
0x140a28198 CancelSynchronousIo
0x140a281a0 CloseHandle
0x140a281a8 ConnectNamedPipe
0x140a281b0 ConvertFiberToThread
0x140a281b8 ConvertThreadToFiber
0x140a281c0 CopyFileW
0x140a281c8 CreateDirectoryW
0x140a281d0 CreateEventA
0x140a281d8 CreateFiber
0x140a281e0 CreateFileA
0x140a281e8 CreateFileMappingA
0x140a281f0 CreateFileW
0x140a281f8 CreateHardLinkW
0x140a28200 CreateIoCompletionPort
0x140a28208 CreateJobObjectW
0x140a28210 CreateNamedPipeA
0x140a28218 CreateNamedPipeW
0x140a28220 CreateProcessW
0x140a28228 CreateSemaphoreA
0x140a28230 CreateSemaphoreW
0x140a28238 CreateSymbolicLinkW
0x140a28240 CreateToolhelp32Snapshot
0x140a28248 DebugBreak
0x140a28250 DeleteCriticalSection
0x140a28258 DeleteFiber
0x140a28260 DeviceIoControl
0x140a28268 DuplicateHandle
0x140a28270 EnterCriticalSection
0x140a28278 ExpandEnvironmentStringsA
0x140a28280 FileTimeToSystemTime
0x140a28288 FillConsoleOutputAttribute
0x140a28290 FillConsoleOutputCharacterW
0x140a28298 FindClose
0x140a282a0 FindFirstFileW
0x140a282a8 FindNextFileW
0x140a282b0 FindResourceW
0x140a282b8 FlushFileBuffers
0x140a282c0 FlushInstructionCache
0x140a282c8 FlushViewOfFile
0x140a282d0 FormatMessageA
0x140a282d8 FormatMessageW
0x140a282e0 FreeConsole
0x140a282e8 FreeEnvironmentStringsW
0x140a282f0 FreeLibrary
0x140a282f8 GetComputerNameA
0x140a28300 GetConsoleCursorInfo
0x140a28308 GetConsoleMode
0x140a28310 GetConsoleScreenBufferInfo
0x140a28318 GetConsoleTitleW
0x140a28320 GetConsoleWindow
0x140a28328 GetCurrentDirectoryW
0x140a28330 GetCurrentProcess
0x140a28338 GetCurrentProcessId
0x140a28340 GetCurrentThread
0x140a28348 GetCurrentThreadId
0x140a28350 GetDiskFreeSpaceW
0x140a28358 GetEnvironmentStringsW
0x140a28360 GetEnvironmentVariableW
0x140a28368 GetExitCodeProcess
0x140a28370 GetFileAttributesA
0x140a28378 GetFileAttributesW
0x140a28380 GetFileInformationByHandle
0x140a28388 GetFileInformationByHandleEx
0x140a28390 GetFileSizeEx
0x140a28398 GetFileType
0x140a283a0 GetFinalPathNameByHandleW
0x140a283a8 GetFullPathNameW
0x140a283b0 GetHandleInformation
0x140a283b8 GetLargePageMinimum
0x140a283c0 GetLastError
0x140a283c8 GetLongPathNameW
0x140a283d0 GetModuleFileNameA
0x140a283d8 GetModuleFileNameW
0x140a283e0 GetModuleHandleA
0x140a283e8 GetModuleHandleExW
0x140a283f0 GetModuleHandleW
0x140a283f8 GetNamedPipeHandleStateA
0x140a28400 GetNativeSystemInfo
0x140a28408 GetNumberOfConsoleInputEvents
0x140a28410 GetPriorityClass
0x140a28418 GetProcAddress
0x140a28420 GetProcessAffinityMask
0x140a28428 GetProcessHeap
0x140a28430 GetProcessIoCounters
0x140a28438 GetProcessTimes
0x140a28440 GetQueuedCompletionStatus
0x140a28448 GetShortPathNameW
0x140a28450 GetStartupInfoA
0x140a28458 GetStartupInfoW
0x140a28460 GetStdHandle
0x140a28468 GetSystemFirmwareTable
0x140a28470 GetSystemInfo
0x140a28478 GetSystemPowerStatus
0x140a28480 GetSystemTime
0x140a28488 GetSystemTimeAdjustment
0x140a28490 GetSystemTimeAsFileTime
0x140a28498 GetTempPathW
0x140a284a0 GetThreadContext
0x140a284a8 GetThreadPriority
0x140a284b0 GetThreadTimes
0x140a284b8 GetTickCount
0x140a284c0 GetTickCount64
0x140a284c8 GetVersion
0x140a284d0 GetVersionExA
0x140a284d8 GetVersionExW
0x140a284e0 GlobalMemoryStatusEx
0x140a284e8 HeapAlloc
0x140a284f0 HeapFree
0x140a284f8 InitializeConditionVariable
0x140a28500 InitializeCriticalSection
0x140a28508 InitializeCriticalSectionAndSpinCount
0x140a28510 IsDBCSLeadByteEx
0x140a28518 IsDebuggerPresent
0x140a28520 K32GetProcessMemoryInfo
0x140a28528 LCMapStringW
0x140a28530 LeaveCriticalSection
0x140a28538 LoadLibraryA
0x140a28540 LoadLibraryExW
0x140a28548 LoadLibraryW
0x140a28550 LoadResource
0x140a28558 LocalAlloc
0x140a28560 LocalFree
0x140a28568 LockResource
0x140a28570 MapViewOfFile
0x140a28578 MoveFileExW
0x140a28580 MultiByteToWideChar
0x140a28588 OpenProcess
0x140a28590 OutputDebugStringA
0x140a28598 PeekNamedPipe
0x140a285a0 PostQueuedCompletionStatus
0x140a285a8 Process32First
0x140a285b0 Process32Next
0x140a285b8 QueryPerformanceCounter
0x140a285c0 QueryPerformanceFrequency
0x140a285c8 QueueUserWorkItem
0x140a285d0 RaiseException
0x140a285d8 ReOpenFile
0x140a285e0 ReadConsoleA
0x140a285e8 ReadConsoleInputW
0x140a285f0 ReadConsoleW
0x140a285f8 ReadDirectoryChangesW
0x140a28600 ReadFile
0x140a28608 RegisterWaitForSingleObject
0x140a28610 ReleaseSemaphore
0x140a28618 RemoveDirectoryW
0x140a28620 RemoveVectoredExceptionHandler
0x140a28628 ResetEvent
0x140a28630 ResumeThread
0x140a28638 RtlCaptureContext
0x140a28640 RtlLookupFunctionEntry
0x140a28648 RtlUnwindEx
0x140a28650 RtlVirtualUnwind
0x140a28658 SetConsoleCtrlHandler
0x140a28660 SetConsoleCursorInfo
0x140a28668 SetConsoleCursorPosition
0x140a28670 SetConsoleMode
0x140a28678 SetConsoleTextAttribute
0x140a28680 SetConsoleTitleA
0x140a28688 SetConsoleTitleW
0x140a28690 SetCurrentDirectoryW
0x140a28698 SetEnvironmentVariableW
0x140a286a0 SetErrorMode
0x140a286a8 SetEvent
0x140a286b0 SetFileCompletionNotificationModes
0x140a286b8 SetFilePointerEx
0x140a286c0 SetFileTime
0x140a286c8 SetHandleInformation
0x140a286d0 SetInformationJobObject
0x140a286d8 SetLastError
0x140a286e0 SetNamedPipeHandleState
0x140a286e8 SetPriorityClass
0x140a286f0 SetProcessAffinityMask
0x140a286f8 SetSystemTime
0x140a28700 SetThreadAffinityMask
0x140a28708 SetThreadContext
0x140a28710 SetThreadPriority
0x140a28718 SetUnhandledExceptionFilter
0x140a28720 SizeofResource
0x140a28728 Sleep
0x140a28730 SleepConditionVariableCS
0x140a28738 SuspendThread
0x140a28740 SwitchToFiber
0x140a28748 SwitchToThread
0x140a28750 SystemTimeToFileTime
0x140a28758 TerminateProcess
0x140a28760 TlsAlloc
0x140a28768 TlsFree
0x140a28770 TlsGetValue
0x140a28778 TlsSetValue
0x140a28780 TryEnterCriticalSection
0x140a28788 UnmapViewOfFile
0x140a28790 UnregisterWait
0x140a28798 UnregisterWaitEx
0x140a287a0 VerSetConditionMask
0x140a287a8 VerifyVersionInfoA
0x140a287b0 VirtualAlloc
0x140a287b8 VirtualFree
0x140a287c0 VirtualProtect
0x140a287c8 VirtualQuery
0x140a287d0 WaitForMultipleObjects
0x140a287d8 WaitForSingleObject
0x140a287e0 WaitNamedPipeW
0x140a287e8 WakeAllConditionVariable
0x140a287f0 WakeConditionVariable
0x140a287f8 WideCharToMultiByte
0x140a28800 WriteConsoleInputW
0x140a28808 WriteConsoleW
0x140a28810 WriteFile
0x140a28818 __C_specific_handler
msvcrt.dll
0x140a28828 ___lc_codepage_func
0x140a28830 ___mb_cur_max_func
0x140a28838 __argv
0x140a28840 __doserrno
0x140a28848 __getmainargs
0x140a28850 __initenv
0x140a28858 __iob_func
0x140a28860 __lconv_init
0x140a28868 __set_app_type
0x140a28870 __setusermatherr
0x140a28878 _acmdln
0x140a28880 _amsg_exit
0x140a28888 _assert
0x140a28890 _beginthreadex
0x140a28898 _cexit
0x140a288a0 _close
0x140a288a8 _close
0x140a288b0 _commode
0x140a288b8 _endthreadex
0x140a288c0 _errno
0x140a288c8 _exit
0x140a288d0 _fdopen
0x140a288d8 _filelengthi64
0x140a288e0 _fileno
0x140a288e8 _findclose
0x140a288f0 _fileno
0x140a288f8 _findfirst64
0x140a28900 _findnext64
0x140a28908 _fmode
0x140a28910 _fstat64
0x140a28918 _fullpath
0x140a28920 _get_osfhandle
0x140a28928 _gmtime64
0x140a28930 _initterm
0x140a28938 _isatty
0x140a28940 _localtime64
0x140a28948 _lock
0x140a28950 _lseeki64
0x140a28958 _mkdir
0x140a28960 _onexit
0x140a28968 _open
0x140a28970 _open_osfhandle
0x140a28978 _read
0x140a28980 _read
0x140a28988 _setjmp
0x140a28990 _setmode
0x140a28998 _snwprintf
0x140a289a0 _stat64
0x140a289a8 _stricmp
0x140a289b0 _strdup
0x140a289b8 _strdup
0x140a289c0 _strnicmp
0x140a289c8 _time64
0x140a289d0 _ultoa
0x140a289d8 _unlock
0x140a289e0 _umask
0x140a289e8 _vscprintf
0x140a289f0 _vsnprintf
0x140a289f8 _vsnwprintf
0x140a28a00 _wchmod
0x140a28a08 _wcsdup
0x140a28a10 _wcsnicmp
0x140a28a18 _wcsrev
0x140a28a20 _wfopen
0x140a28a28 _wopen
0x140a28a30 _write
0x140a28a38 _wrmdir
0x140a28a40 abort
0x140a28a48 atof
0x140a28a50 atoi
0x140a28a58 calloc
0x140a28a60 exit
0x140a28a68 fclose
0x140a28a70 feof
0x140a28a78 ferror
0x140a28a80 fflush
0x140a28a88 fgetpos
0x140a28a90 fgets
0x140a28a98 fopen
0x140a28aa0 fprintf
0x140a28aa8 fputc
0x140a28ab0 fputs
0x140a28ab8 fread
0x140a28ac0 free
0x140a28ac8 fseek
0x140a28ad0 fsetpos
0x140a28ad8 ftell
0x140a28ae0 fwrite
0x140a28ae8 getc
0x140a28af0 getenv
0x140a28af8 getwc
0x140a28b00 islower
0x140a28b08 isspace
0x140a28b10 isupper
0x140a28b18 iswctype
0x140a28b20 _write
0x140a28b28 localeconv
0x140a28b30 longjmp
0x140a28b38 malloc
0x140a28b40 memchr
0x140a28b48 memcmp
0x140a28b50 memcpy
0x140a28b58 memmove
0x140a28b60 memset
0x140a28b68 printf
0x140a28b70 putc
0x140a28b78 putwc
0x140a28b80 qsort
0x140a28b88 raise
0x140a28b90 realloc
0x140a28b98 rand
0x140a28ba0 setlocale
0x140a28ba8 setvbuf
0x140a28bb0 signal
0x140a28bb8 sprintf
0x140a28bc0 srand
0x140a28bc8 sscanf
0x140a28bd0 strcat
0x140a28bd8 strchr
0x140a28be0 strcmp
0x140a28be8 strcoll
0x140a28bf0 strcpy
0x140a28bf8 strcspn
0x140a28c00 strerror
0x140a28c08 strftime
0x140a28c10 strlen
0x140a28c18 strncmp
0x140a28c20 strncpy
0x140a28c28 strrchr
0x140a28c30 strspn
0x140a28c38 strstr
0x140a28c40 strtol
0x140a28c48 strtoul
0x140a28c50 strxfrm
0x140a28c58 tolower
0x140a28c60 toupper
0x140a28c68 towlower
0x140a28c70 towupper
0x140a28c78 ungetc
0x140a28c80 vfprintf
0x140a28c88 ungetwc
0x140a28c90 wcschr
0x140a28c98 wcscmp
0x140a28ca0 wcscoll
0x140a28ca8 wcscpy
0x140a28cb0 wcsftime
0x140a28cb8 wcslen
0x140a28cc0 wcsncmp
0x140a28cc8 wcsncpy
0x140a28cd0 wcspbrk
0x140a28cd8 wcsrchr
0x140a28ce0 wcsstr
0x140a28ce8 wcstombs
0x140a28cf0 wcsxfrm
SHELL32.dll
0x140a28d00 SHGetSpecialFolderPathA
USER32.dll
0x140a28d10 DispatchMessageA
0x140a28d18 GetLastInputInfo
0x140a28d20 GetMessageA
0x140a28d28 GetProcessWindowStation
0x140a28d30 GetSystemMetrics
0x140a28d38 GetUserObjectInformationW
0x140a28d40 MapVirtualKeyW
0x140a28d48 MessageBoxW
0x140a28d50 ShowWindow
0x140a28d58 TranslateMessage
USERENV.dll
0x140a28d68 GetUserProfileDirectoryW
WS2_32.dll
0x140a28d78 FreeAddrInfoW
0x140a28d80 GetAddrInfoW
0x140a28d88 WSACleanup
0x140a28d90 WSADuplicateSocketW
0x140a28d98 WSAGetLastError
0x140a28da0 WSAGetOverlappedResult
0x140a28da8 WSAIoctl
0x140a28db0 WSARecv
0x140a28db8 WSARecvFrom
0x140a28dc0 WSASend
0x140a28dc8 WSASendTo
0x140a28dd0 WSASetLastError
0x140a28dd8 WSASocketW
0x140a28de0 WSAStartup
0x140a28de8 accept
0x140a28df0 ind
0x140a28df8 closesocket
0x140a28e00 connect
0x140a28e08 freeaddrinfo
0x140a28e10 getaddrinfo
0x140a28e18 gethostbyname
0x140a28e20 gethostname
0x140a28e28 getnameinfo
0x140a28e30 getpeername
0x140a28e38 getsockname
0x140a28e40 getsockopt
0x140a28e48 htonl
0x140a28e50 htons
0x140a28e58 ioctlsocket
0x140a28e60 listen
0x140a28e68 ntohs
0x140a28e70 recv
0x140a28e78 select
0x140a28e80 send
0x140a28e88 setsockopt
0x140a28e90 shutdown
0x140a28e98 socket
EAT(Export Address Table) is none