ScreenShot
| Created | 2021.09.20 10:16 | Machine | s1_win7_x6402 |
| Filename | PhoenixMiner.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 35 detected (Miner, malicious, high confidence, BitCoinMiner, Tool, CoinMiner, RiskTool, Convagent, Generic PUA LE, Static AI, Suspicious PE, ai score=71, ASMalwS, Tnega, score, PhoenixMiner, R263897, GenericRXAA) | ||
| md5 | 33b49643272dc9044096dc01c71213b6 | ||
| sha256 | 3394c9c3619c41f5b5b23c4a7cb61356d148bf528f1ed41d3dc2d40453ad364f | ||
| ssdeep | 98304:WhpOjgmb/arLyVlwQXiEEEsbME3rSCJ11MBqx5yN/OTfE:8pOjQLyIQXiEEEmME3WC7K+5yYw | ||
| imphash | a8eb81b09f2018eee064158a9f3242cb | ||
| impfuzzy | 192:VfKkAowwK2TtZjAmQjyVHeTmF6vemaElaf5:VfKkAowwK6Q2h+46v925 | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 35 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | Microsoft_Office_File_Zero | Microsoft Office File | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
PSAPI.DLL
0x14041d768 EnumProcessModules
0x14041d770 GetModuleFileNameExA
CFGMGR32.dll
0x14041d098 CM_Open_DevNode_Key
0x14041d0a0 CM_Locate_DevNodeW
0x14041d0a8 CM_Get_Child
0x14041d0b0 CM_Get_Sibling
0x14041d0b8 CM_Get_DevNode_Status
0x14041d0c0 CM_Get_DevNode_PropertyW
0x14041d0c8 CM_Get_Device_ID_List_SizeW
0x14041d0d0 CM_Get_Device_ID_ListW
0x14041d0d8 CM_Get_Device_IDW
ADVAPI32.dll
0x14041d000 RegisterEventSourceW
0x14041d008 ReportEventW
0x14041d010 CryptAcquireContextA
0x14041d018 CryptReleaseContext
0x14041d020 CryptGenRandom
0x14041d028 CryptGetHashParam
0x14041d030 CryptCreateHash
0x14041d038 CryptHashData
0x14041d040 CryptDestroyHash
0x14041d048 RegQueryValueExA
0x14041d050 RegOpenKeyExA
0x14041d058 RegCloseKey
0x14041d060 DeregisterEventSource
0x14041d068 RegOpenKeyExW
0x14041d070 RegQueryValueExW
0x14041d078 RegSetValueExW
0x14041d080 RegGetValueW
0x14041d088 RegEnumValueA
WS2_32.dll
0x14041d7e0 getpeername
0x14041d7e8 inet_pton
0x14041d7f0 shutdown
0x14041d7f8 send
0x14041d800 recv
0x14041d808 freeaddrinfo
0x14041d810 getaddrinfo
0x14041d818 ntohs
0x14041d820 select
0x14041d828 getsockopt
0x14041d830 getsockname
0x14041d838 connect
0x14041d840 accept
0x14041d848 __WSAFDIsSet
0x14041d850 WSAStringToAddressW
0x14041d858 WSAAddressToStringW
0x14041d860 WSASocketW
0x14041d868 WSASend
0x14041d870 WSARecv
0x14041d878 WSAGetLastError
0x14041d880 WSASetLastError
0x14041d888 setsockopt
0x14041d890 ntohl
0x14041d898 listen
0x14041d8a0 htons
0x14041d8a8 htonl
0x14041d8b0 ioctlsocket
0x14041d8b8 closesocket
0x14041d8c0 ind
0x14041d8c8 WSACleanup
0x14041d8d0 WSAStartup
0x14041d8d8 socket
0x14041d8e0 WSAIoctl
KERNEL32.dll
0x14041d110 GetACP
0x14041d118 ReadConsoleInputA
0x14041d120 PeekConsoleInputA
0x14041d128 GetNumberOfConsoleInputEvents
0x14041d130 SystemTimeToTzSpecificLocalTime
0x14041d138 PeekNamedPipe
0x14041d140 GetDriveTypeW
0x14041d148 ReadFile
0x14041d150 SetStdHandle
0x14041d158 ExitProcess
0x14041d160 GetModuleHandleExW
0x14041d168 GetCommandLineW
0x14041d170 GetCommandLineA
0x14041d178 RtlUnwindEx
0x14041d180 UnregisterWaitEx
0x14041d188 QueryDepthSList
0x14041d190 InterlockedFlushSList
0x14041d198 GetLastError
0x14041d1a0 PostQueuedCompletionStatus
0x14041d1a8 EnterCriticalSection
0x14041d1b0 LeaveCriticalSection
0x14041d1b8 InitializeCriticalSectionAndSpinCount
0x14041d1c0 DeleteCriticalSection
0x14041d1c8 GetCurrentThread
0x14041d1d0 TlsAlloc
0x14041d1d8 TlsFree
0x14041d1e0 GetModuleHandleA
0x14041d1e8 GetProcAddress
0x14041d1f0 VerSetConditionMask
0x14041d1f8 CloseHandle
0x14041d200 SetLastError
0x14041d208 CreateIoCompletionPort
0x14041d210 GetQueuedCompletionStatus
0x14041d218 WaitForSingleObject
0x14041d220 SetWaitableTimer
0x14041d228 QueueUserAPC
0x14041d230 TerminateThread
0x14041d238 TlsGetValue
0x14041d240 TlsSetValue
0x14041d248 WaitForMultipleObjects
0x14041d250 VerifyVersionInfoA
0x14041d258 WideCharToMultiByte
0x14041d260 WaitForSingleObjectEx
0x14041d268 ReleaseSemaphore
0x14041d270 GetSystemTimeAsFileTime
0x14041d278 CreateFileA
0x14041d280 OutputDebugStringA
0x14041d288 GetCurrentProcess
0x14041d290 GetLocalTime
0x14041d298 GetTickCount64
0x14041d2a0 MultiByteToWideChar
0x14041d2a8 FreeLibrary
0x14041d2b0 WaitForMultipleObjectsEx
0x14041d2b8 SetErrorMode
0x14041d2c0 LoadLibraryA
0x14041d2c8 DeviceIoControl
0x14041d2d0 GetExitCodeProcess
0x14041d2d8 CreateProcessA
0x14041d2e0 ExpandEnvironmentStringsA
0x14041d2e8 GetSystemDirectoryA
0x14041d2f0 LoadLibraryExA
0x14041d2f8 CreateSemaphoreA
0x14041d300 GetSystemTime
0x14041d308 SystemTimeToFileTime
0x14041d310 SetConsoleCtrlHandler
0x14041d318 GetStdHandle
0x14041d320 WriteFile
0x14041d328 SetConsoleTextAttribute
0x14041d330 GetConsoleMode
0x14041d338 SetConsoleMode
0x14041d340 CreateFileW
0x14041d348 Sleep
0x14041d350 GetCurrentProcessId
0x14041d358 ExitThread
0x14041d360 OpenProcess
0x14041d368 VirtualProtect
0x14041d370 EnumSystemLocalesW
0x14041d378 GetModuleHandleW
0x14041d380 QueryFullProcessImageNameA
0x14041d388 CreateToolhelp32Snapshot
0x14041d390 Process32First
0x14041d398 Process32Next
0x14041d3a0 LocalFileTimeToFileTime
0x14041d3a8 SetThreadExecutionState
0x14041d3b0 CreateWaitableTimerA
0x14041d3b8 ReadConsoleW
0x14041d3c0 GlobalMemoryStatusEx
0x14041d3c8 SetThreadPriority
0x14041d3d0 SetEvent
0x14041d3d8 ReleaseMutex
0x14041d3e0 SleepEx
0x14041d3e8 CreateMutexW
0x14041d3f0 CreateEventW
0x14041d3f8 IsBadReadPtr
0x14041d400 IsBadWritePtr
0x14041d408 InitOnceExecuteOnce
0x14041d410 SetCurrentDirectoryW
0x14041d418 GetCurrentDirectoryW
0x14041d420 DeleteFileW
0x14041d428 FindClose
0x14041d430 FindFirstFileW
0x14041d438 FindNextFileW
0x14041d440 GetFileAttributesW
0x14041d448 GetFileAttributesExW
0x14041d450 GetFileTime
0x14041d458 GetFullPathNameW
0x14041d460 RemoveDirectoryW
0x14041d468 SetEndOfFile
0x14041d470 SetFilePointerEx
0x14041d478 HeapSize
0x14041d480 MoveFileExW
0x14041d488 LCMapStringW
0x14041d490 AreFileApisANSI
0x14041d498 QueryPerformanceFrequency
0x14041d4a0 QueryPerformanceCounter
0x14041d4a8 SetEnvironmentVariableA
0x14041d4b0 VirtualAlloc
0x14041d4b8 VirtualFree
0x14041d4c0 GetSystemInfo
0x14041d4c8 GetNativeSystemInfo
0x14041d4d0 InitializeCriticalSection
0x14041d4d8 TryEnterCriticalSection
0x14041d4e0 GetCurrentThreadId
0x14041d4e8 SwitchToThread
0x14041d4f0 ResetEvent
0x14041d4f8 GetModuleFileNameA
0x14041d500 HeapDestroy
0x14041d508 HeapAlloc
0x14041d510 HeapFree
0x14041d518 HeapReAlloc
0x14041d520 FreeLibraryAndExitThread
0x14041d528 HeapCreate
0x14041d530 LocalAlloc
0x14041d538 GetSystemDirectoryW
0x14041d540 LocalFree
0x14041d548 LoadLibraryExW
0x14041d550 GetModuleFileNameW
0x14041d558 FormatMessageA
0x14041d560 GetFileType
0x14041d568 FlushConsoleInputBuffer
0x14041d570 GetTickCount
0x14041d578 GlobalMemoryStatus
0x14041d580 LoadLibraryW
0x14041d588 InterlockedPushEntrySList
0x14041d590 InterlockedPopEntrySList
0x14041d598 GetVersionExW
0x14041d5a0 GetThreadTimes
0x14041d5a8 UnregisterWait
0x14041d5b0 GetConsoleCP
0x14041d5b8 GetDateFormatW
0x14041d5c0 GetTimeFormatW
0x14041d5c8 IsValidLocale
0x14041d5d0 FileTimeToSystemTime
0x14041d5d8 GetUserDefaultLCID
0x14041d5e0 RegisterWaitForSingleObject
0x14041d5e8 SetThreadAffinityMask
0x14041d5f0 FlushFileBuffers
0x14041d5f8 GetTimeZoneInformation
0x14041d600 SetEnvironmentVariableW
0x14041d608 GetProcessHeap
0x14041d610 FindFirstFileExA
0x14041d618 FindNextFileA
0x14041d620 IsValidCodePage
0x14041d628 GetOEMCP
0x14041d630 GetProcessAffinityMask
0x14041d638 GetNumaHighestNodeNumber
0x14041d640 DeleteTimerQueueTimer
0x14041d648 ChangeTimerQueueTimer
0x14041d650 CreateTimerQueueTimer
0x14041d658 GetLogicalProcessorInformation
0x14041d660 GetThreadPriority
0x14041d668 CreateThread
0x14041d670 SignalObjectAndWait
0x14041d678 CreateTimerQueue
0x14041d680 GetStartupInfoW
0x14041d688 GetEnvironmentStringsW
0x14041d690 FreeEnvironmentStringsW
0x14041d698 WriteConsoleW
0x14041d6a0 VirtualQuery
0x14041d6a8 RaiseException
0x14041d6b0 DuplicateHandle
0x14041d6b8 GetExitCodeThread
0x14041d6c0 RtlPcToFileHeader
0x14041d6c8 EncodePointer
0x14041d6d0 DecodePointer
0x14041d6d8 QueueUserWorkItem
0x14041d6e0 IsProcessorFeaturePresent
0x14041d6e8 GetCPInfo
0x14041d6f0 CompareStringW
0x14041d6f8 GetLocaleInfoW
0x14041d700 GetStringTypeW
0x14041d708 InitializeSListHead
0x14041d710 RtlCaptureContext
0x14041d718 RtlLookupFunctionEntry
0x14041d720 RtlVirtualUnwind
0x14041d728 UnhandledExceptionFilter
0x14041d730 SetUnhandledExceptionFilter
0x14041d738 TerminateProcess
0x14041d740 IsDebuggerPresent
USER32.dll
0x14041d780 GetProcessWindowStation
0x14041d788 GetUserObjectInformationW
0x14041d790 MessageBoxW
ole32.dll
0x14041d8f0 StringFromGUID2
MSWSOCK.dll
0x14041d750 GetAcceptExSockaddrs
0x14041d758 AcceptEx
WINTRUST.dll
0x14041d7a0 CryptCATAdminCalcHashFromFileHandle
0x14041d7a8 CryptCATAdminEnumCatalogFromHash
0x14041d7b0 CryptCATAdminReleaseCatalogContext
0x14041d7b8 CryptCATAdminReleaseContext
0x14041d7c0 WinVerifyTrust
0x14041d7c8 CryptCATAdminAcquireContext
0x14041d7d0 CryptCATCatalogInfoFromContext
CRYPT32.dll
0x14041d0e8 CertEnumCertificatesInStore
0x14041d0f0 CertFreeCertificateContext
0x14041d0f8 CertCloseStore
0x14041d100 CertOpenSystemStoreA
EAT(Export Address Table) Library
0x14075ff38 NvOptimusEnablementCuda
PSAPI.DLL
0x14041d768 EnumProcessModules
0x14041d770 GetModuleFileNameExA
CFGMGR32.dll
0x14041d098 CM_Open_DevNode_Key
0x14041d0a0 CM_Locate_DevNodeW
0x14041d0a8 CM_Get_Child
0x14041d0b0 CM_Get_Sibling
0x14041d0b8 CM_Get_DevNode_Status
0x14041d0c0 CM_Get_DevNode_PropertyW
0x14041d0c8 CM_Get_Device_ID_List_SizeW
0x14041d0d0 CM_Get_Device_ID_ListW
0x14041d0d8 CM_Get_Device_IDW
ADVAPI32.dll
0x14041d000 RegisterEventSourceW
0x14041d008 ReportEventW
0x14041d010 CryptAcquireContextA
0x14041d018 CryptReleaseContext
0x14041d020 CryptGenRandom
0x14041d028 CryptGetHashParam
0x14041d030 CryptCreateHash
0x14041d038 CryptHashData
0x14041d040 CryptDestroyHash
0x14041d048 RegQueryValueExA
0x14041d050 RegOpenKeyExA
0x14041d058 RegCloseKey
0x14041d060 DeregisterEventSource
0x14041d068 RegOpenKeyExW
0x14041d070 RegQueryValueExW
0x14041d078 RegSetValueExW
0x14041d080 RegGetValueW
0x14041d088 RegEnumValueA
WS2_32.dll
0x14041d7e0 getpeername
0x14041d7e8 inet_pton
0x14041d7f0 shutdown
0x14041d7f8 send
0x14041d800 recv
0x14041d808 freeaddrinfo
0x14041d810 getaddrinfo
0x14041d818 ntohs
0x14041d820 select
0x14041d828 getsockopt
0x14041d830 getsockname
0x14041d838 connect
0x14041d840 accept
0x14041d848 __WSAFDIsSet
0x14041d850 WSAStringToAddressW
0x14041d858 WSAAddressToStringW
0x14041d860 WSASocketW
0x14041d868 WSASend
0x14041d870 WSARecv
0x14041d878 WSAGetLastError
0x14041d880 WSASetLastError
0x14041d888 setsockopt
0x14041d890 ntohl
0x14041d898 listen
0x14041d8a0 htons
0x14041d8a8 htonl
0x14041d8b0 ioctlsocket
0x14041d8b8 closesocket
0x14041d8c0 ind
0x14041d8c8 WSACleanup
0x14041d8d0 WSAStartup
0x14041d8d8 socket
0x14041d8e0 WSAIoctl
KERNEL32.dll
0x14041d110 GetACP
0x14041d118 ReadConsoleInputA
0x14041d120 PeekConsoleInputA
0x14041d128 GetNumberOfConsoleInputEvents
0x14041d130 SystemTimeToTzSpecificLocalTime
0x14041d138 PeekNamedPipe
0x14041d140 GetDriveTypeW
0x14041d148 ReadFile
0x14041d150 SetStdHandle
0x14041d158 ExitProcess
0x14041d160 GetModuleHandleExW
0x14041d168 GetCommandLineW
0x14041d170 GetCommandLineA
0x14041d178 RtlUnwindEx
0x14041d180 UnregisterWaitEx
0x14041d188 QueryDepthSList
0x14041d190 InterlockedFlushSList
0x14041d198 GetLastError
0x14041d1a0 PostQueuedCompletionStatus
0x14041d1a8 EnterCriticalSection
0x14041d1b0 LeaveCriticalSection
0x14041d1b8 InitializeCriticalSectionAndSpinCount
0x14041d1c0 DeleteCriticalSection
0x14041d1c8 GetCurrentThread
0x14041d1d0 TlsAlloc
0x14041d1d8 TlsFree
0x14041d1e0 GetModuleHandleA
0x14041d1e8 GetProcAddress
0x14041d1f0 VerSetConditionMask
0x14041d1f8 CloseHandle
0x14041d200 SetLastError
0x14041d208 CreateIoCompletionPort
0x14041d210 GetQueuedCompletionStatus
0x14041d218 WaitForSingleObject
0x14041d220 SetWaitableTimer
0x14041d228 QueueUserAPC
0x14041d230 TerminateThread
0x14041d238 TlsGetValue
0x14041d240 TlsSetValue
0x14041d248 WaitForMultipleObjects
0x14041d250 VerifyVersionInfoA
0x14041d258 WideCharToMultiByte
0x14041d260 WaitForSingleObjectEx
0x14041d268 ReleaseSemaphore
0x14041d270 GetSystemTimeAsFileTime
0x14041d278 CreateFileA
0x14041d280 OutputDebugStringA
0x14041d288 GetCurrentProcess
0x14041d290 GetLocalTime
0x14041d298 GetTickCount64
0x14041d2a0 MultiByteToWideChar
0x14041d2a8 FreeLibrary
0x14041d2b0 WaitForMultipleObjectsEx
0x14041d2b8 SetErrorMode
0x14041d2c0 LoadLibraryA
0x14041d2c8 DeviceIoControl
0x14041d2d0 GetExitCodeProcess
0x14041d2d8 CreateProcessA
0x14041d2e0 ExpandEnvironmentStringsA
0x14041d2e8 GetSystemDirectoryA
0x14041d2f0 LoadLibraryExA
0x14041d2f8 CreateSemaphoreA
0x14041d300 GetSystemTime
0x14041d308 SystemTimeToFileTime
0x14041d310 SetConsoleCtrlHandler
0x14041d318 GetStdHandle
0x14041d320 WriteFile
0x14041d328 SetConsoleTextAttribute
0x14041d330 GetConsoleMode
0x14041d338 SetConsoleMode
0x14041d340 CreateFileW
0x14041d348 Sleep
0x14041d350 GetCurrentProcessId
0x14041d358 ExitThread
0x14041d360 OpenProcess
0x14041d368 VirtualProtect
0x14041d370 EnumSystemLocalesW
0x14041d378 GetModuleHandleW
0x14041d380 QueryFullProcessImageNameA
0x14041d388 CreateToolhelp32Snapshot
0x14041d390 Process32First
0x14041d398 Process32Next
0x14041d3a0 LocalFileTimeToFileTime
0x14041d3a8 SetThreadExecutionState
0x14041d3b0 CreateWaitableTimerA
0x14041d3b8 ReadConsoleW
0x14041d3c0 GlobalMemoryStatusEx
0x14041d3c8 SetThreadPriority
0x14041d3d0 SetEvent
0x14041d3d8 ReleaseMutex
0x14041d3e0 SleepEx
0x14041d3e8 CreateMutexW
0x14041d3f0 CreateEventW
0x14041d3f8 IsBadReadPtr
0x14041d400 IsBadWritePtr
0x14041d408 InitOnceExecuteOnce
0x14041d410 SetCurrentDirectoryW
0x14041d418 GetCurrentDirectoryW
0x14041d420 DeleteFileW
0x14041d428 FindClose
0x14041d430 FindFirstFileW
0x14041d438 FindNextFileW
0x14041d440 GetFileAttributesW
0x14041d448 GetFileAttributesExW
0x14041d450 GetFileTime
0x14041d458 GetFullPathNameW
0x14041d460 RemoveDirectoryW
0x14041d468 SetEndOfFile
0x14041d470 SetFilePointerEx
0x14041d478 HeapSize
0x14041d480 MoveFileExW
0x14041d488 LCMapStringW
0x14041d490 AreFileApisANSI
0x14041d498 QueryPerformanceFrequency
0x14041d4a0 QueryPerformanceCounter
0x14041d4a8 SetEnvironmentVariableA
0x14041d4b0 VirtualAlloc
0x14041d4b8 VirtualFree
0x14041d4c0 GetSystemInfo
0x14041d4c8 GetNativeSystemInfo
0x14041d4d0 InitializeCriticalSection
0x14041d4d8 TryEnterCriticalSection
0x14041d4e0 GetCurrentThreadId
0x14041d4e8 SwitchToThread
0x14041d4f0 ResetEvent
0x14041d4f8 GetModuleFileNameA
0x14041d500 HeapDestroy
0x14041d508 HeapAlloc
0x14041d510 HeapFree
0x14041d518 HeapReAlloc
0x14041d520 FreeLibraryAndExitThread
0x14041d528 HeapCreate
0x14041d530 LocalAlloc
0x14041d538 GetSystemDirectoryW
0x14041d540 LocalFree
0x14041d548 LoadLibraryExW
0x14041d550 GetModuleFileNameW
0x14041d558 FormatMessageA
0x14041d560 GetFileType
0x14041d568 FlushConsoleInputBuffer
0x14041d570 GetTickCount
0x14041d578 GlobalMemoryStatus
0x14041d580 LoadLibraryW
0x14041d588 InterlockedPushEntrySList
0x14041d590 InterlockedPopEntrySList
0x14041d598 GetVersionExW
0x14041d5a0 GetThreadTimes
0x14041d5a8 UnregisterWait
0x14041d5b0 GetConsoleCP
0x14041d5b8 GetDateFormatW
0x14041d5c0 GetTimeFormatW
0x14041d5c8 IsValidLocale
0x14041d5d0 FileTimeToSystemTime
0x14041d5d8 GetUserDefaultLCID
0x14041d5e0 RegisterWaitForSingleObject
0x14041d5e8 SetThreadAffinityMask
0x14041d5f0 FlushFileBuffers
0x14041d5f8 GetTimeZoneInformation
0x14041d600 SetEnvironmentVariableW
0x14041d608 GetProcessHeap
0x14041d610 FindFirstFileExA
0x14041d618 FindNextFileA
0x14041d620 IsValidCodePage
0x14041d628 GetOEMCP
0x14041d630 GetProcessAffinityMask
0x14041d638 GetNumaHighestNodeNumber
0x14041d640 DeleteTimerQueueTimer
0x14041d648 ChangeTimerQueueTimer
0x14041d650 CreateTimerQueueTimer
0x14041d658 GetLogicalProcessorInformation
0x14041d660 GetThreadPriority
0x14041d668 CreateThread
0x14041d670 SignalObjectAndWait
0x14041d678 CreateTimerQueue
0x14041d680 GetStartupInfoW
0x14041d688 GetEnvironmentStringsW
0x14041d690 FreeEnvironmentStringsW
0x14041d698 WriteConsoleW
0x14041d6a0 VirtualQuery
0x14041d6a8 RaiseException
0x14041d6b0 DuplicateHandle
0x14041d6b8 GetExitCodeThread
0x14041d6c0 RtlPcToFileHeader
0x14041d6c8 EncodePointer
0x14041d6d0 DecodePointer
0x14041d6d8 QueueUserWorkItem
0x14041d6e0 IsProcessorFeaturePresent
0x14041d6e8 GetCPInfo
0x14041d6f0 CompareStringW
0x14041d6f8 GetLocaleInfoW
0x14041d700 GetStringTypeW
0x14041d708 InitializeSListHead
0x14041d710 RtlCaptureContext
0x14041d718 RtlLookupFunctionEntry
0x14041d720 RtlVirtualUnwind
0x14041d728 UnhandledExceptionFilter
0x14041d730 SetUnhandledExceptionFilter
0x14041d738 TerminateProcess
0x14041d740 IsDebuggerPresent
USER32.dll
0x14041d780 GetProcessWindowStation
0x14041d788 GetUserObjectInformationW
0x14041d790 MessageBoxW
ole32.dll
0x14041d8f0 StringFromGUID2
MSWSOCK.dll
0x14041d750 GetAcceptExSockaddrs
0x14041d758 AcceptEx
WINTRUST.dll
0x14041d7a0 CryptCATAdminCalcHashFromFileHandle
0x14041d7a8 CryptCATAdminEnumCatalogFromHash
0x14041d7b0 CryptCATAdminReleaseCatalogContext
0x14041d7b8 CryptCATAdminReleaseContext
0x14041d7c0 WinVerifyTrust
0x14041d7c8 CryptCATAdminAcquireContext
0x14041d7d0 CryptCATCatalogInfoFromContext
CRYPT32.dll
0x14041d0e8 CertEnumCertificatesInStore
0x14041d0f0 CertFreeCertificateContext
0x14041d0f8 CertCloseStore
0x14041d100 CertOpenSystemStoreA
EAT(Export Address Table) Library
0x14075ff38 NvOptimusEnablementCuda