ScreenShot
| Created | 2023.03.05 14:43 | Machine | s1_win7_x6403 |
| Filename | 2201.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 18 detected (malicious, moderate confidence, Minerva, Upatre, FileRepMalware, Misc, Oader, Yimw, owqit, Fabookie, Detected, vBcHNCv9zaH) | ||
| md5 | 0f1f4ce03d9bacf600abf05b4c1d6817 | ||
| sha256 | d82f2c9c923a145c7d4608be1f9ba982ea4ff937b145634fe4f8c338211cdb0e | ||
| ssdeep | 6144:C8aMyDtA083XIMxEZ/mRfhTp+e5t5kkUgRGerEhgVIXFML:C5GIuEZ/mce5ZaerLIX | ||
| imphash | 7bae02ef14998d8530ddf0278301170f | ||
| impfuzzy | 192:CTe8Z4xaFMFnx+EkPNNtdfmC7kBVqgYXmsMLlBf2bflXxPbNQO:Y4KMRkL2DBVfYXmsKlBf2bflXxTNQO | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 18 AntiVirus engines on VirusTotal as malicious |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x140048000 EventWrite
0x140048008 RegCloseKey
0x140048010 EventRegister
0x140048018 EventUnregister
0x140048020 RegQueryInfoKeyW
0x140048028 RegEnumKeyExW
0x140048030 RegOpenKeyExW
0x140048038 RegSetValueExW
0x140048040 RegCreateKeyExW
0x140048048 RegDeleteValueW
0x140048050 RegQueryValueExW
0x140048058 RegDeleteKeyW
0x140048060 OpenThreadToken
0x140048068 ConvertStringSecurityDescriptorToSecurityDescriptorW
0x140048070 CheckTokenMembership
0x140048078 ConvertSidToStringSidW
0x140048080 GetTokenInformation
0x140048088 OpenProcessToken
KERNEL32.dll
0x140048098 GetProcessHeap
0x1400480a0 HeapAlloc
0x1400480a8 WaitForSingleObject
0x1400480b0 ReleaseMutex
0x1400480b8 CloseHandle
0x1400480c0 lstrlenW
0x1400480c8 GetModuleHandleExW
0x1400480d0 SetLastError
0x1400480d8 RegEnumValueW
0x1400480e0 RegGetValueW
0x1400480e8 CreateFileW
0x1400480f0 FileTimeToSystemTime
0x1400480f8 GetFileAttributesW
0x140048100 CompareFileTime
0x140048108 ResolveDelayLoadedAPI
0x140048110 DelayLoadFailureHook
0x140048118 MulDiv
0x140048120 SizeofResource
0x140048128 LockResource
0x140048130 LoadResource
0x140048138 FindResourceExW
0x140048140 GetSystemTime
0x140048148 FreeLibrary
0x140048150 SystemTimeToFileTime
0x140048158 GetTempFileNameW
0x140048160 CreateThread
0x140048168 UnregisterApplicationRecoveryCallback
0x140048170 ApplicationRecoveryFinished
0x140048178 timeGetTime
0x140048180 LoadLibraryW
0x140048188 GetLastError
0x140048190 LocalAlloc
0x140048198 LocalFree
0x1400481a0 OutputDebugStringW
0x1400481a8 CreateDirectoryW
0x1400481b0 GetCurrentThread
0x1400481b8 SetThreadPriority
0x1400481c0 ApplicationRecoveryInProgress
0x1400481c8 GetCommandLineW
0x1400481d0 DeleteFileW
0x1400481d8 CreateMutexW
0x1400481e0 DeleteCriticalSection
0x1400481e8 InitializeCriticalSection
0x1400481f0 RegisterApplicationRecoveryCallback
0x1400481f8 UnregisterApplicationRestart
0x140048200 RegisterApplicationRestart
0x140048208 GetProcAddress
0x140048210 GetVersionExW
0x140048218 OpenMutexW
0x140048220 DuplicateHandle
0x140048228 GetPrivateProfileStringW
0x140048230 CreateEventW
0x140048238 SetEvent
0x140048240 OutputDebugStringA
0x140048248 GetTickCount
0x140048250 GetSystemTimeAsFileTime
0x140048258 GetCurrentThreadId
0x140048260 GetCurrentProcessId
0x140048268 QueryPerformanceCounter
0x140048270 TerminateProcess
0x140048278 GetCurrentProcess
0x140048280 SetUnhandledExceptionFilter
0x140048288 UnhandledExceptionFilter
0x140048290 GetStartupInfoW
0x140048298 Sleep
0x1400482a0 CompareStringW
0x1400482a8 HeapSize
0x1400482b0 HeapReAlloc
0x1400482b8 HeapDestroy
0x1400482c0 HeapFree
0x1400482c8 LoadLibraryExW
0x1400482d0 GetModuleHandleW
0x1400482d8 lstrcmpiW
0x1400482e0 LeaveCriticalSection
0x1400482e8 RaiseException
0x1400482f0 EnterCriticalSection
0x1400482f8 MultiByteToWideChar
0x140048300 GetModuleFileNameW
GDI32.dll
0x140048310 SetLayout
0x140048318 GdiAlphaBlend
0x140048320 CreateDIBSection
0x140048328 GetTextFaceW
0x140048330 CreateFontW
0x140048338 CreateRectRgn
0x140048340 GetObjectW
0x140048348 CreateSolidBrush
0x140048350 GetDeviceCaps
0x140048358 SelectObject
0x140048360 CreateCompatibleBitmap
0x140048368 CreateCompatibleDC
0x140048370 GetClipRgn
0x140048378 BitBlt
0x140048380 GetTextExtentPoint32W
0x140048388 DeleteDC
0x140048390 GdiGradientFill
0x140048398 DeleteObject
USER32.dll
0x1400483a8 CreateWindowExW
0x1400483b0 DestroyAcceleratorTable
0x1400483b8 GetUpdateRect
0x1400483c0 ShowWindow
0x1400483c8 GetScrollInfo
0x1400483d0 SetScrollInfo
0x1400483d8 SetScrollRange
0x1400483e0 ShowScrollBar
0x1400483e8 OffsetRect
0x1400483f0 CopyRect
0x1400483f8 SetMenuItemInfoW
0x140048400 GetMenuItemInfoW
0x140048408 GetMenuItemCount
0x140048410 ClientToScreen
0x140048418 DefWindowProcW
0x140048420 ReleaseDC
0x140048428 PtInRect
0x140048430 InflateRect
0x140048438 GetDesktopWindow
0x140048440 DestroyMenu
0x140048448 GetSubMenu
0x140048450 SetWindowPos
0x140048458 GetWindowRect
0x140048460 EndDeferWindowPos
0x140048468 BeginDeferWindowPos
0x140048470 PostMessageW
0x140048478 TrackPopupMenu
0x140048480 MapWindowPoints
0x140048488 ReleaseCapture
0x140048490 SystemParametersInfoW
0x140048498 LockWindowUpdate
0x1400484a0 UnregisterClassW
0x1400484a8 RegisterClassW
0x1400484b0 LoadIconW
0x1400484b8 IsClipboardFormatAvailable
0x1400484c0 SetGestureConfig
0x1400484c8 GetWindowLongPtrW
0x1400484d0 GetSystemMenu
0x1400484d8 EnableMenuItem
0x1400484e0 DestroyWindow
0x1400484e8 GetDC
0x1400484f0 SetCursor
0x1400484f8 SendMessageW
0x140048500 GetClientRect
0x140048508 GetAncestor
0x140048510 SetRect
0x140048518 GetCursorPos
0x140048520 ScreenToClient
0x140048528 GetScrollBarInfo
0x140048530 GetParent
0x140048538 SetWindowLongPtrW
0x140048540 GetWindowLongW
0x140048548 EnableWindow
0x140048550 FillRect
0x140048558 GetSysColorBrush
0x140048560 IsWindowVisible
0x140048568 GetKeyState
0x140048570 GetAsyncKeyState
0x140048578 SetScrollPos
0x140048580 GetWindowTextLengthW
0x140048588 GetWindowTextW
0x140048590 GetFocus
0x140048598 UpdateWindow
0x1400485a0 GetSysColor
0x1400485a8 EnableScrollBar
0x1400485b0 SetFocus
0x1400485b8 CreateCaret
0x1400485c0 SetCaretPos
0x1400485c8 SetTimer
0x1400485d0 KillTimer
0x1400485d8 ScrollWindowEx
0x1400485e0 SetCapture
0x1400485e8 MessageBoxW
0x1400485f0 ChangeWindowMessageFilter
0x1400485f8 RemoveMenu
0x140048600 GetWindowPlacement
0x140048608 SetWindowPlacement
0x140048610 PostQuitMessage
0x140048618 SetActiveWindow
0x140048620 IntersectRect
0x140048628 EqualRect
0x140048630 GetSystemMetrics
0x140048638 LoadAcceleratorsW
0x140048640 GetKeyboardLayout
0x140048648 LoadImageW
0x140048650 UnregisterClassA
0x140048658 BeginPaint
0x140048660 HideCaret
0x140048668 ShowCaret
0x140048670 EndPaint
0x140048678 GetMessageExtraInfo
0x140048680 TranslateAcceleratorW
0x140048688 InvalidateRect
0x140048690 UpdateLayeredWindow
0x140048698 DeferWindowPos
0x1400486a0 RegisterClassExW
0x1400486a8 SetProcessDPIAware
0x1400486b0 SetForegroundWindow
0x1400486b8 FindWindowW
0x1400486c0 LoadCursorW
0x1400486c8 CharNextW
0x1400486d0 DispatchMessageW
0x1400486d8 TranslateMessage
0x1400486e0 GetMessageW
0x1400486e8 LoadMenuW
0x1400486f0 MonitorFromWindow
0x1400486f8 GetMonitorInfoW
0x140048700 MonitorFromRect
0x140048708 CopyAcceleratorTableW
msvcrt.dll
0x140048718 vswprintf_s
0x140048720 _vscwprintf
0x140048728 _wcsicmp
0x140048730 malloc
0x140048738 cos
0x140048740 sin
0x140048748 realloc
0x140048750 _errno
0x140048758 _onexit
0x140048760 __dllonexit
0x140048768 _unlock
0x140048770 _lock
0x140048778 ??1type_info@@UEAA@XZ
0x140048780 ?terminate@@YAXXZ
0x140048788 wcsncpy_s
0x140048790 _fmode
0x140048798 _acmdln
0x1400487a0 _initterm
0x1400487a8 __setusermatherr
0x1400487b0 _ismbblead
0x1400487b8 _cexit
0x1400487c0 _exit
0x1400487c8 exit
0x1400487d0 __set_app_type
0x1400487d8 __getmainargs
0x1400487e0 _amsg_exit
0x1400487e8 _XcptFilter
0x1400487f0 __CxxFrameHandler3
0x1400487f8 ??0exception@@QEAA@XZ
0x140048800 _CxxThrowException
0x140048808 _callnewh
0x140048810 ??0exception@@QEAA@AEBQEBDH@Z
0x140048818 ??0exception@@QEAA@AEBV0@@Z
0x140048820 ??1exception@@UEAA@XZ
0x140048828 ??0exception@@QEAA@AEBQEBD@Z
0x140048830 wcscpy_s
0x140048838 calloc
0x140048840 _purecall
0x140048848 free
0x140048850 _vsnwprintf
0x140048858 memmove
0x140048860 wcstoul
0x140048868 strchr
0x140048870 memcpy
0x140048878 memmove_s
0x140048880 memcpy_s
0x140048888 ?what@exception@@UEBAPEBDXZ
0x140048890 __C_specific_handler
0x140048898 memset
0x1400488a0 _commode
0x1400488a8 wcscmp
ntdll.dll
0x1400488b8 WinSqmIsOptedIn
0x1400488c0 WinSqmStartSession
0x1400488c8 WinSqmSetIfMaxDWORD
0x1400488d0 WinSqmAddToStream
0x1400488d8 WinSqmEndSession
0x1400488e0 RtlCaptureContext
0x1400488e8 RtlLookupFunctionEntry
0x1400488f0 RtlVirtualUnwind
SHELL32.dll
0x140048900 SHGetFolderPathW
0x140048908 CommandLineToArgvW
0x140048910 SetCurrentProcessExplicitAppUserModelID
0x140048918 ShellExecuteW
0x140048920 SHCreateDirectoryExW
0x140048928 SHGetKnownFolderPath
0x140048930 None
0x140048938 SHGetSpecialFolderPathW
SHLWAPI.dll
0x140048948 None
0x140048950 SHStrDupW
0x140048958 PathFileExistsW
0x140048960 None
0x140048968 None
0x140048970 None
0x140048978 None
0x140048980 None
0x140048988 SHCreateStreamOnFileW
ole32.dll
0x140048998 PropVariantClear
0x1400489a0 CoCreateInstance
0x1400489a8 CoUninitialize
0x1400489b0 OleInitialize
0x1400489b8 CoInitializeEx
0x1400489c0 CoTaskMemFree
0x1400489c8 CoTaskMemRealloc
0x1400489d0 CoTaskMemAlloc
0x1400489d8 CoGetMalloc
0x1400489e0 StgCreateStorageEx
0x1400489e8 StgOpenStorageEx
0x1400489f0 OleSaveToStream
0x1400489f8 WriteClassStm
0x140048a00 OleLoadFromStream
0x140048a08 CoSetProxyBlanket
0x140048a10 OleUninitialize
OLEAUT32.dll
0x140048a20 SysAllocString
0x140048a28 VarUI4FromStr
0x140048a30 SystemTimeToVariantTime
0x140048a38 SysFreeString
0x140048a40 VariantInit
0x140048a48 VariantClear
0x140048a50 VariantChangeType
0x140048a58 SysAllocStringByteLen
0x140048a60 SysStringByteLen
0x140048a68 SafeArrayCreateVector
0x140048a70 SafeArrayAccessData
0x140048a78 SafeArrayUnaccessData
0x140048a80 SafeArrayDestroy
COMCTL32.dll
0x140048a90 None
UxTheme.dll
0x140048ac8 OpenThemeData
0x140048ad0 CloseThemeData
0x140048ad8 GetThemeFont
RPCRT4.dll
0x140049058 RpcStringFreeW
0x140049060 UuidCreate
0x140049068 UuidToStringW
0x140049070 UuidCreateSequential
EAT(Export Address Table) is none
ADVAPI32.dll
0x140048000 EventWrite
0x140048008 RegCloseKey
0x140048010 EventRegister
0x140048018 EventUnregister
0x140048020 RegQueryInfoKeyW
0x140048028 RegEnumKeyExW
0x140048030 RegOpenKeyExW
0x140048038 RegSetValueExW
0x140048040 RegCreateKeyExW
0x140048048 RegDeleteValueW
0x140048050 RegQueryValueExW
0x140048058 RegDeleteKeyW
0x140048060 OpenThreadToken
0x140048068 ConvertStringSecurityDescriptorToSecurityDescriptorW
0x140048070 CheckTokenMembership
0x140048078 ConvertSidToStringSidW
0x140048080 GetTokenInformation
0x140048088 OpenProcessToken
KERNEL32.dll
0x140048098 GetProcessHeap
0x1400480a0 HeapAlloc
0x1400480a8 WaitForSingleObject
0x1400480b0 ReleaseMutex
0x1400480b8 CloseHandle
0x1400480c0 lstrlenW
0x1400480c8 GetModuleHandleExW
0x1400480d0 SetLastError
0x1400480d8 RegEnumValueW
0x1400480e0 RegGetValueW
0x1400480e8 CreateFileW
0x1400480f0 FileTimeToSystemTime
0x1400480f8 GetFileAttributesW
0x140048100 CompareFileTime
0x140048108 ResolveDelayLoadedAPI
0x140048110 DelayLoadFailureHook
0x140048118 MulDiv
0x140048120 SizeofResource
0x140048128 LockResource
0x140048130 LoadResource
0x140048138 FindResourceExW
0x140048140 GetSystemTime
0x140048148 FreeLibrary
0x140048150 SystemTimeToFileTime
0x140048158 GetTempFileNameW
0x140048160 CreateThread
0x140048168 UnregisterApplicationRecoveryCallback
0x140048170 ApplicationRecoveryFinished
0x140048178 timeGetTime
0x140048180 LoadLibraryW
0x140048188 GetLastError
0x140048190 LocalAlloc
0x140048198 LocalFree
0x1400481a0 OutputDebugStringW
0x1400481a8 CreateDirectoryW
0x1400481b0 GetCurrentThread
0x1400481b8 SetThreadPriority
0x1400481c0 ApplicationRecoveryInProgress
0x1400481c8 GetCommandLineW
0x1400481d0 DeleteFileW
0x1400481d8 CreateMutexW
0x1400481e0 DeleteCriticalSection
0x1400481e8 InitializeCriticalSection
0x1400481f0 RegisterApplicationRecoveryCallback
0x1400481f8 UnregisterApplicationRestart
0x140048200 RegisterApplicationRestart
0x140048208 GetProcAddress
0x140048210 GetVersionExW
0x140048218 OpenMutexW
0x140048220 DuplicateHandle
0x140048228 GetPrivateProfileStringW
0x140048230 CreateEventW
0x140048238 SetEvent
0x140048240 OutputDebugStringA
0x140048248 GetTickCount
0x140048250 GetSystemTimeAsFileTime
0x140048258 GetCurrentThreadId
0x140048260 GetCurrentProcessId
0x140048268 QueryPerformanceCounter
0x140048270 TerminateProcess
0x140048278 GetCurrentProcess
0x140048280 SetUnhandledExceptionFilter
0x140048288 UnhandledExceptionFilter
0x140048290 GetStartupInfoW
0x140048298 Sleep
0x1400482a0 CompareStringW
0x1400482a8 HeapSize
0x1400482b0 HeapReAlloc
0x1400482b8 HeapDestroy
0x1400482c0 HeapFree
0x1400482c8 LoadLibraryExW
0x1400482d0 GetModuleHandleW
0x1400482d8 lstrcmpiW
0x1400482e0 LeaveCriticalSection
0x1400482e8 RaiseException
0x1400482f0 EnterCriticalSection
0x1400482f8 MultiByteToWideChar
0x140048300 GetModuleFileNameW
GDI32.dll
0x140048310 SetLayout
0x140048318 GdiAlphaBlend
0x140048320 CreateDIBSection
0x140048328 GetTextFaceW
0x140048330 CreateFontW
0x140048338 CreateRectRgn
0x140048340 GetObjectW
0x140048348 CreateSolidBrush
0x140048350 GetDeviceCaps
0x140048358 SelectObject
0x140048360 CreateCompatibleBitmap
0x140048368 CreateCompatibleDC
0x140048370 GetClipRgn
0x140048378 BitBlt
0x140048380 GetTextExtentPoint32W
0x140048388 DeleteDC
0x140048390 GdiGradientFill
0x140048398 DeleteObject
USER32.dll
0x1400483a8 CreateWindowExW
0x1400483b0 DestroyAcceleratorTable
0x1400483b8 GetUpdateRect
0x1400483c0 ShowWindow
0x1400483c8 GetScrollInfo
0x1400483d0 SetScrollInfo
0x1400483d8 SetScrollRange
0x1400483e0 ShowScrollBar
0x1400483e8 OffsetRect
0x1400483f0 CopyRect
0x1400483f8 SetMenuItemInfoW
0x140048400 GetMenuItemInfoW
0x140048408 GetMenuItemCount
0x140048410 ClientToScreen
0x140048418 DefWindowProcW
0x140048420 ReleaseDC
0x140048428 PtInRect
0x140048430 InflateRect
0x140048438 GetDesktopWindow
0x140048440 DestroyMenu
0x140048448 GetSubMenu
0x140048450 SetWindowPos
0x140048458 GetWindowRect
0x140048460 EndDeferWindowPos
0x140048468 BeginDeferWindowPos
0x140048470 PostMessageW
0x140048478 TrackPopupMenu
0x140048480 MapWindowPoints
0x140048488 ReleaseCapture
0x140048490 SystemParametersInfoW
0x140048498 LockWindowUpdate
0x1400484a0 UnregisterClassW
0x1400484a8 RegisterClassW
0x1400484b0 LoadIconW
0x1400484b8 IsClipboardFormatAvailable
0x1400484c0 SetGestureConfig
0x1400484c8 GetWindowLongPtrW
0x1400484d0 GetSystemMenu
0x1400484d8 EnableMenuItem
0x1400484e0 DestroyWindow
0x1400484e8 GetDC
0x1400484f0 SetCursor
0x1400484f8 SendMessageW
0x140048500 GetClientRect
0x140048508 GetAncestor
0x140048510 SetRect
0x140048518 GetCursorPos
0x140048520 ScreenToClient
0x140048528 GetScrollBarInfo
0x140048530 GetParent
0x140048538 SetWindowLongPtrW
0x140048540 GetWindowLongW
0x140048548 EnableWindow
0x140048550 FillRect
0x140048558 GetSysColorBrush
0x140048560 IsWindowVisible
0x140048568 GetKeyState
0x140048570 GetAsyncKeyState
0x140048578 SetScrollPos
0x140048580 GetWindowTextLengthW
0x140048588 GetWindowTextW
0x140048590 GetFocus
0x140048598 UpdateWindow
0x1400485a0 GetSysColor
0x1400485a8 EnableScrollBar
0x1400485b0 SetFocus
0x1400485b8 CreateCaret
0x1400485c0 SetCaretPos
0x1400485c8 SetTimer
0x1400485d0 KillTimer
0x1400485d8 ScrollWindowEx
0x1400485e0 SetCapture
0x1400485e8 MessageBoxW
0x1400485f0 ChangeWindowMessageFilter
0x1400485f8 RemoveMenu
0x140048600 GetWindowPlacement
0x140048608 SetWindowPlacement
0x140048610 PostQuitMessage
0x140048618 SetActiveWindow
0x140048620 IntersectRect
0x140048628 EqualRect
0x140048630 GetSystemMetrics
0x140048638 LoadAcceleratorsW
0x140048640 GetKeyboardLayout
0x140048648 LoadImageW
0x140048650 UnregisterClassA
0x140048658 BeginPaint
0x140048660 HideCaret
0x140048668 ShowCaret
0x140048670 EndPaint
0x140048678 GetMessageExtraInfo
0x140048680 TranslateAcceleratorW
0x140048688 InvalidateRect
0x140048690 UpdateLayeredWindow
0x140048698 DeferWindowPos
0x1400486a0 RegisterClassExW
0x1400486a8 SetProcessDPIAware
0x1400486b0 SetForegroundWindow
0x1400486b8 FindWindowW
0x1400486c0 LoadCursorW
0x1400486c8 CharNextW
0x1400486d0 DispatchMessageW
0x1400486d8 TranslateMessage
0x1400486e0 GetMessageW
0x1400486e8 LoadMenuW
0x1400486f0 MonitorFromWindow
0x1400486f8 GetMonitorInfoW
0x140048700 MonitorFromRect
0x140048708 CopyAcceleratorTableW
msvcrt.dll
0x140048718 vswprintf_s
0x140048720 _vscwprintf
0x140048728 _wcsicmp
0x140048730 malloc
0x140048738 cos
0x140048740 sin
0x140048748 realloc
0x140048750 _errno
0x140048758 _onexit
0x140048760 __dllonexit
0x140048768 _unlock
0x140048770 _lock
0x140048778 ??1type_info@@UEAA@XZ
0x140048780 ?terminate@@YAXXZ
0x140048788 wcsncpy_s
0x140048790 _fmode
0x140048798 _acmdln
0x1400487a0 _initterm
0x1400487a8 __setusermatherr
0x1400487b0 _ismbblead
0x1400487b8 _cexit
0x1400487c0 _exit
0x1400487c8 exit
0x1400487d0 __set_app_type
0x1400487d8 __getmainargs
0x1400487e0 _amsg_exit
0x1400487e8 _XcptFilter
0x1400487f0 __CxxFrameHandler3
0x1400487f8 ??0exception@@QEAA@XZ
0x140048800 _CxxThrowException
0x140048808 _callnewh
0x140048810 ??0exception@@QEAA@AEBQEBDH@Z
0x140048818 ??0exception@@QEAA@AEBV0@@Z
0x140048820 ??1exception@@UEAA@XZ
0x140048828 ??0exception@@QEAA@AEBQEBD@Z
0x140048830 wcscpy_s
0x140048838 calloc
0x140048840 _purecall
0x140048848 free
0x140048850 _vsnwprintf
0x140048858 memmove
0x140048860 wcstoul
0x140048868 strchr
0x140048870 memcpy
0x140048878 memmove_s
0x140048880 memcpy_s
0x140048888 ?what@exception@@UEBAPEBDXZ
0x140048890 __C_specific_handler
0x140048898 memset
0x1400488a0 _commode
0x1400488a8 wcscmp
ntdll.dll
0x1400488b8 WinSqmIsOptedIn
0x1400488c0 WinSqmStartSession
0x1400488c8 WinSqmSetIfMaxDWORD
0x1400488d0 WinSqmAddToStream
0x1400488d8 WinSqmEndSession
0x1400488e0 RtlCaptureContext
0x1400488e8 RtlLookupFunctionEntry
0x1400488f0 RtlVirtualUnwind
SHELL32.dll
0x140048900 SHGetFolderPathW
0x140048908 CommandLineToArgvW
0x140048910 SetCurrentProcessExplicitAppUserModelID
0x140048918 ShellExecuteW
0x140048920 SHCreateDirectoryExW
0x140048928 SHGetKnownFolderPath
0x140048930 None
0x140048938 SHGetSpecialFolderPathW
SHLWAPI.dll
0x140048948 None
0x140048950 SHStrDupW
0x140048958 PathFileExistsW
0x140048960 None
0x140048968 None
0x140048970 None
0x140048978 None
0x140048980 None
0x140048988 SHCreateStreamOnFileW
ole32.dll
0x140048998 PropVariantClear
0x1400489a0 CoCreateInstance
0x1400489a8 CoUninitialize
0x1400489b0 OleInitialize
0x1400489b8 CoInitializeEx
0x1400489c0 CoTaskMemFree
0x1400489c8 CoTaskMemRealloc
0x1400489d0 CoTaskMemAlloc
0x1400489d8 CoGetMalloc
0x1400489e0 StgCreateStorageEx
0x1400489e8 StgOpenStorageEx
0x1400489f0 OleSaveToStream
0x1400489f8 WriteClassStm
0x140048a00 OleLoadFromStream
0x140048a08 CoSetProxyBlanket
0x140048a10 OleUninitialize
OLEAUT32.dll
0x140048a20 SysAllocString
0x140048a28 VarUI4FromStr
0x140048a30 SystemTimeToVariantTime
0x140048a38 SysFreeString
0x140048a40 VariantInit
0x140048a48 VariantClear
0x140048a50 VariantChangeType
0x140048a58 SysAllocStringByteLen
0x140048a60 SysStringByteLen
0x140048a68 SafeArrayCreateVector
0x140048a70 SafeArrayAccessData
0x140048a78 SafeArrayUnaccessData
0x140048a80 SafeArrayDestroy
COMCTL32.dll
0x140048a90 None
UxTheme.dll
0x140048ac8 OpenThemeData
0x140048ad0 CloseThemeData
0x140048ad8 GetThemeFont
RPCRT4.dll
0x140049058 RpcStringFreeW
0x140049060 UuidCreate
0x140049068 UuidToStringW
0x140049070 UuidCreateSequential
EAT(Export Address Table) is none