ScreenShot
| Created | 2023.06.07 10:27 | Machine | s1_win7_x6402 |
| Filename | batteryacid.dat | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 10 detected (malicious, high confidence, confidence, Qakbot, Qbot, YXDFGZ, Artemis, CLOUD) | ||
| md5 | 179d4849f8d096122d05de3c7bebb4bd | ||
| sha256 | 2f6ae770a5d56ed8a2cfe262e196363b5c80e58468c66ff36cdf9c75306c2c55 | ||
| ssdeep | 12288:W5XwIjvPgzGgQChM5u/7hIYArytfqYsgzelZ7CPZUeQ58:njhhArytfqYsgalZWPRQ58 | ||
| imphash | 8e0a1f2284a5f7dab96c697a66241e4a | ||
| impfuzzy | 24:/cf+ijVeElMO3POovBtKRv4kFDPJEWpjMBPvnmFQHOT4zl5yf6pCwur:/cf+fO3mKtqA13nKczC6pC5 | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 10 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x10043000 InitializeCriticalSection
0x10043004 LeaveCriticalSection
0x10043008 EnterCriticalSection
0x1004300c DeleteCriticalSection
0x10043010 CreateMutexW
0x10043014 WaitForSingleObject
0x10043018 InterlockedCompareExchange
0x1004301c ReleaseMutex
0x10043020 CloseHandle
0x10043024 GetLastError
0x10043028 HeapFree
0x1004302c HeapAlloc
0x10043030 HeapReAlloc
0x10043034 DeleteFileA
0x10043038 GetSystemTimeAsFileTime
0x1004303c GetCurrentThreadId
0x10043040 GetCommandLineA
0x10043044 TerminateProcess
0x10043048 GetCurrentProcess
0x1004304c UnhandledExceptionFilter
0x10043050 SetUnhandledExceptionFilter
0x10043054 IsDebuggerPresent
0x10043058 SetHandleCount
0x1004305c GetStdHandle
0x10043060 GetFileType
0x10043064 GetStartupInfoA
0x10043068 GetCPInfo
0x1004306c InterlockedIncrement
0x10043070 InterlockedDecrement
0x10043074 GetACP
0x10043078 GetOEMCP
0x1004307c IsValidCodePage
0x10043080 GetModuleHandleW
0x10043084 GetProcAddress
0x10043088 TlsGetValue
0x1004308c TlsAlloc
0x10043090 TlsSetValue
0x10043094 TlsFree
0x10043098 SetLastError
0x1004309c RtlUnwind
0x100430a0 MultiByteToWideChar
0x100430a4 ReadFile
0x100430a8 WriteFile
0x100430ac WideCharToMultiByte
0x100430b0 GetConsoleCP
0x100430b4 GetConsoleMode
0x100430b8 LCMapStringA
0x100430bc LCMapStringW
0x100430c0 HeapCreate
0x100430c4 HeapDestroy
0x100430c8 VirtualFree
0x100430cc VirtualAlloc
0x100430d0 Sleep
0x100430d4 ExitProcess
0x100430d8 GetModuleFileNameA
0x100430dc SetFilePointer
0x100430e0 RaiseException
0x100430e4 FreeEnvironmentStringsA
0x100430e8 GetEnvironmentStrings
0x100430ec FreeEnvironmentStringsW
0x100430f0 GetEnvironmentStringsW
0x100430f4 QueryPerformanceCounter
0x100430f8 GetTickCount
0x100430fc GetCurrentProcessId
0x10043100 InitializeCriticalSectionAndSpinCount
0x10043104 GetStringTypeA
0x10043108 GetStringTypeW
0x1004310c GetLocaleInfoA
0x10043110 CreateFileA
0x10043114 SetStdHandle
0x10043118 WriteConsoleA
0x1004311c GetConsoleOutputCP
0x10043120 WriteConsoleW
0x10043124 FlushFileBuffers
0x10043128 LoadLibraryA
0x1004312c GetModuleHandleA
0x10043130 GetTimeZoneInformation
0x10043134 SetEndOfFile
0x10043138 GetProcessHeap
0x1004313c HeapSize
0x10043140 CompareStringA
0x10043144 CompareStringW
0x10043148 SetEnvironmentVariableA
EAT(Export Address Table) Library
0x1000a580 l_cmsComputeInterpParams@24
0x1000a3c0 l_cmsFloat2Half@4
0x1000a5e0 l_cmsFreeInterpParams@4
0x1001b930 l_cmsGetFormatter@16
0x1000a380 l_cmsHalf2Float@4
0x10011440 l_cmsQuantizeVal@12
0x1000ff60 l_cmsReadDevicelinkLUT@8
0x1000f890 l_cmsReadInputLUT@8
0x1000fd80 l_cmsReadOutputLUT@8
0x100113c0 l_cmsStageAllocIdentityCLut@8
0x10010a80 l_cmsStageAllocIdentityCurves@8
0x10011ac0 l_cmsStageAllocLab2XYZ@4
0x10011bb0 l_cmsStageAllocLabV2ToV4@4
0x10011be0 l_cmsStageAllocLabV4ToV2@4
0x100141a0 l_cmsStageAllocNamedColor@8
0x10011d90 l_cmsStageAllocXYZ2Lab@4
0x1001da20 lcms15Fixed16toDouble
0x1001d9d0 lcms8Fixed8toDouble
0x1001d470 lcmsAdjustEndianess16
0x1001d490 lcmsAdjustEndianess32
0x1001d4c0 lcmsAdjustEndianess64
0x10007480 lcmsCalloc
0x100078b0 lcmsCreateMutex
0x1001daa0 lcmsDecodeDateTimeNumber
0x100065e0 lcmsDefaultICCintents
0x100078e0 lcmsDestroyMutex
0x1002a430 lcmsDoTransformLineStride@36
0x1001da70 lcmsDoubleTo15Fixed16
0x1001da00 lcmsDoubleTo8Fixed8
0x10007510 lcmsDupMem
0x1001db30 lcmsEncodeDateTimeNumber
0x100074e0 lcmsFree
0x1002b070 lcmsGetTransformFormatters16
0x1002b0a0 lcmsGetTransformFormattersFloat
0x1002b060 lcmsGetTransformUserData
0x1001ce80 lcmsICCcolorSpace
0x1001dd00 lcmsIOPrintf
0x1001cff0 lcmsLCMScolorSpace
0x10007910 lcmsLockMutex
0x100134c0 lcmsMAT3eval
0x10013140 lcmsMAT3identity
0x10013360 lcmsMAT3inverse
0x100131c0 lcmsMAT3isIdentity
0x10013240 lcmsMAT3per
0x10013460 lcmsMAT3solve
0x10007420 lcmsMalloc
0x10007450 lcmsMallocZero
0x1000e2b0 lcmsOpenProfileFromIOhandler2THR@12
0x100123c0 lcmsPipelineSetOptimizationParameters
0x1001d6e0 lcmsRead15Fixed16Number
0x1001dc50 lcmsReadAlignment
0x1001d620 lcmsReadFloat32Number
0x1001dba0 lcmsReadTypeBase
0x1001d580 lcmsReadUInt16Array
0x1001d540 lcmsReadUInt16Number
0x1001d5d0 lcmsReadUInt32Number
0x1001d690 lcmsReadUInt64Number
0x1001d500 lcmsReadUInt8Number
0x1001d730 lcmsReadXYZNumber
0x100074b0 lcmsRealloc
0x1002b040 lcmsSetTransformUserData
0x100104a0 lcmsStageAllocPlaceholder
0x10007940 lcmsUnlockMutex
0x10013070 lcmsVEC3cross
0x10013100 lcmsVEC3distance
0x100130b0 lcmsVEC3dot
0x10013020 lcmsVEC3init
0x100130d0 lcmsVEC3length
0x10013040 lcmsVEC3minus
0x1001d900 lcmsWrite15Fixed16Number
0x1001dca0 lcmsWriteAlignment
0x1001d880 lcmsWriteFloat32Number
0x1001dc00 lcmsWriteTypeBase
0x1001d810 lcmsWriteUInt16Array
0x1001d7d0 lcmsWriteUInt16Number
0x1001d850 lcmsWriteUInt32Number
0x1001d8c0 lcmsWriteUInt64Number
0x1001d7b0 lcmsWriteUInt8Number
0x1001d950 lcmsWriteXYZNumber
0x1002a180 lmsAdaptToIlluminant
0x10013c70 lmsAllocNamedColorList
0x10014210 lmsAllocProfileSequenceDescription
0x10013dd0 lmsAppendNamedColor
0x1001c3e0 lmsBFDdeltaE
0x10008840 lmsBuildGamma
0x10008790 lmsBuildParametricToneCurve
0x100085b0 lmsBuildSegmentedToneCurve
0x10008560 lmsBuildTabulatedToneCurve16
0x100086d0 lmsBuildTabulatedToneCurveFloat
0x1001c920 lmsCIE2000DeltaE
0x1001c280 lmsCIE94DeltaE
0x10002620 lmsCIECAM02Done
0x10002640 lmsCIECAM02Forward
0x10002420 lmsCIECAM02Init
0x10002750 lmsCIECAM02Reverse
0x1001c740 lmsCMCdeltaE
0x1002bb30 lmsChangeBuffersFormat
0x1001d270 lmsChannelsOf
0x1000d860 lmsCloseIOhandler
0x1000ea10 lmsCloseProfile
0x10029330 lmsCreateBCHSWabstractProfile
0x10029170 lmsCreateBCHSWabstractProfileTHR
0x1001e070 lmsCreateContext
0x1002b500 lmsCreateExtendedTransform
0x100288b0 lmsCreateGrayProfile
0x100287f0 lmsCreateGrayProfileTHR
0x10028ca0 lmsCreateInkLimitingDeviceLink
0x10028ac0 lmsCreateInkLimitingDeviceLinkTHR
0x10028da0 lmsCreateLab2Profile
0x10028cc0 lmsCreateLab2ProfileTHR
0x10028e90 lmsCreateLab4Profile
0x10028db0 lmsCreateLab4ProfileTHR
0x100289c0 lmsCreateLinearizationDeviceLink
0x100288d0 lmsCreateLinearizationDeviceLinkTHR
0x1002b8f0 lmsCreateMultiprofileTransform
0x1002b830 lmsCreateMultiprofileTransformTHR
0x100294f0 lmsCreateNULLProfile
0x10029370 lmsCreateNULLProfileTHR
0x1000d880 lmsCreateProfilePlaceholder
0x1002bab0 lmsCreateProofingTransform
0x1002b9d0 lmsCreateProofingTransformTHR
0x100287d0 lmsCreateRGBProfile
0x10028580 lmsCreateRGBProfileTHR
0x1002b9a0 lmsCreateTransform
0x1002b950 lmsCreateTransformTHR
0x10028f70 lmsCreateXYZProfile
0x10028ea0 lmsCreateXYZProfileTHR
0x100290c0 lmsCreate_sRGBProfile
0x10028fe0 lmsCreate_sRGBProfileTHR
0x10029b30 lmsD50_XYZ
0x10029b40 lmsD50_xyY
0x1001e370 lmsDeleteContext
0x1002a330 lmsDeleteTransform
0x1001c220 lmsDeltaE
0x1000a180 lmsDesaturateLab
0x1001ffb0 lmsDetectBlackPoint
0x10020470 lmsDetectDestinationBlackPoint
0x1000a0a0 lmsDetectTAC
0x100144d0 lmsDictAddEntry
0x10014420 lmsDictAlloc
0x10014540 lmsDictDup
0x10014440 lmsDictFree
0x100145a0 lmsDictGetEntryList
0x100145a0 lmsDictNextEntry
0x1002a3b0 lmsDoTransform
0x1002a3f0 lmsDoTransformStride
0x1001e250 lmsDupContext
0x10013d30 lmsDupNamedColorList
0x10014310 lmsDupProfileSequenceDescription
0x10008950 lmsDupToneCurve
0x10009800 lmsEstimateGamma
0x100097d0 lmsEvalToneCurve16
0x10009760 lmsEvalToneCurveFloat
0x1001bed0 lmsFloat2LabEncoded
0x1001bda0 lmsFloat2LabEncodedV2
0x1001c0e0 lmsFloat2XYZEncoded
0x1001b9b0 lmsFormatterForColorspaceOfProfile
0x1001b9f0 lmsFormatterForPCSOfProfile
0x10013d00 lmsFreeNamedColorList
0x100142a0 lmsFreeProfileSequenceDescription
0x10008860 lmsFreeToneCurve
0x10008900 lmsFreeToneCurveTriple
0x10020e20 lmsGBDAlloc
0x1000a5e0 lmsGBDFree
0x10020f20 lmsGDBAddPoint
0x10020fa0 lmsGDBCheckPoint
0x100214b0 lmsGDBCompute
0x1002a2f0 lmsGetAlarmCodes
0x1002a2b0 lmsGetAlarmCodesTHR
0x1000e110 lmsGetColorSpace
0x1001e430 lmsGetContextUserData
0x1000e130 lmsGetDeviceClass
0x10007130 lmsGetEncodedCMMversion
0x1000e150 lmsGetEncodedICCversion
0x1000e050 lmsGetHeaderAttributes
0x1000e0d0 lmsGetHeaderCreationDateTime
0x1000e020 lmsGetHeaderCreator
0x1000dfe0 lmsGetHeaderFlags
0x1000e000 lmsGetHeaderManufacturer
0x1000e030 lmsGetHeaderModel
0x1000e090 lmsGetHeaderProfileID
0x1000dfc0 lmsGetHeaderRenderingIntent
0x100141f0 lmsGetNamedColorList
0x1000e0f0 lmsGetPCS
0x10011e10 lmsGetPipelineContextID
0x1001fc30 lmsGetPostScriptCRD
0x1001fc90 lmsGetPostScriptCSA
0x1001fbe0 lmsGetPostScriptColorResource
0x1002bb10 lmsGetProfileContextID
0x100145a0 lmsGetProfileIOhandler
0x10010420 lmsGetProfileInfo
0x10010460 lmsGetProfileInfoASCII
0x1000e230 lmsGetProfileVersion
0x10007090 lmsGetSupportedIntents
0x10007000 lmsGetSupportedIntentsTHR
0x1000d900 lmsGetTagCount
0x1000d920 lmsGetTagSignature
0x10008550 lmsGetToneCurveEstimatedTable
0x10008540 lmsGetToneCurveEstimatedTableEntries
0x10009740 lmsGetToneCurveParametricType
0x1002baf0 lmsGetTransformContextID
0x100145a0 lmsGetTransformInputFormat
0x1002bb10 lmsGetTransformOutputFormat
0x10003ad0 lmsIT8Alloc
0x10005990 lmsIT8DefineDblFormat
0x10005340 lmsIT8EnumDataFormat
0x10005370 lmsIT8EnumProperties
0x100053d0 lmsIT8EnumPropertyMulti
0x10005570 lmsIT8FindDataFormat
0x10003720 lmsIT8Free
0x10005680 lmsIT8GetData
0x100056d0 lmsIT8GetDataDbl
0x10005590 lmsIT8GetDataRowCol
0x100055b0 lmsIT8GetDataRowColDbl
0x10005870 lmsIT8GetPatchByName
0x10005820 lmsIT8GetPatchName
0x10003e60 lmsIT8GetProperty
0x10003ea0 lmsIT8GetPropertyDbl
0x10003ec0 lmsIT8GetPropertyMulti
0x10003bf0 lmsIT8GetSheetType
0x10005270 lmsIT8LoadFromFile
0x100051a0 lmsIT8LoadFromMem
0x10004580 lmsIT8SaveToFile
0x10004610 lmsIT8SaveToMem
0x10003c30 lmsIT8SetComment
0x100056f0 lmsIT8SetData
0x100057b0 lmsIT8SetDataDbl
0x10004010 lmsIT8SetDataFormat
0x100055e0 lmsIT8SetDataRowCol
0x10005600 lmsIT8SetDataRowColDbl
0x10005950 lmsIT8SetIndexColumn
0x10003cc0 lmsIT8SetPropertyDbl
0x10003d50 lmsIT8SetPropertyHex
0x10003e20 lmsIT8SetPropertyMulti
0x10003c80 lmsIT8SetPropertyStr
0x10003de0 lmsIT8SetPropertyUncooked
0x10003c00 lmsIT8SetSheetType
0x10003a90 lmsIT8SetTable
0x10005890 lmsIT8SetTableByLabel
0x10012370 lmsIT8TableCount
0x100101b0 lmsIsCLUT
0x10010260 lmsIsIntentSupported
0x10010110 lmsIsMatrixShaper
0x1000da80 lmsIsTag
0x10009700 lmsIsToneCurveDescending
0x10009600 lmsIsToneCurveLinear
0x10009670 lmsIsToneCurveMonotonic
0x10009720 lmsIsToneCurveMultisegment
0x10008980 lmsJoinToneCurve
0x1001c070 lmsLCh2Lab
0x1001c000 lmsLab2LCh
0x1001bb80 lmsLab2XYZ
0x1001bd10 lmsLabEncoded2Float
0x1001bce0 lmsLabEncoded2FloatV2
0x1000f300 lmsLinkTag
0x10012ef0 lmsMD5computeID
0x10013520 lmsMLUalloc
0x10013830 lmsMLUdup
0x100138e0 lmsMLUfree
0x100139e0 lmsMLUgetASCII
0x10013b30 lmsMLUgetTranslation
0x10013a90 lmsMLUgetWide
0x10013720 lmsMLUsetASCII
0x100137e0 lmsMLUsetWide
0x10013bc0 lmsMLUtranslationsCodes
0x10013ba0 lmsMLUtranslationsCount
0x100145a0 lmsNamedColorCount
0x10013fb0 lmsNamedColorIndex
0x10013ee0 lmsNamedColorInfo
0x1000d650 lmsOpenIOhandlerFromFile
0x1000d3d0 lmsOpenIOhandlerFromMem
0x1000d200 lmsOpenIOhandlerFromNULL
0x1000d7c0 lmsOpenIOhandlerFromStream
0x1000e380 lmsOpenProfileFromFile
0x1000e310 lmsOpenProfileFromFileTHR
0x1000e270 lmsOpenProfileFromIOhandlerTHR
0x1000e480 lmsOpenProfileFromMem
0x1000e420 lmsOpenProfileFromMemTHR
0x1000e400 lmsOpenProfileFromStream
0x1000e3a0 lmsOpenProfileFromStreamTHR
0x10012010 lmsPipelineAlloc
0x100122f0 lmsPipelineCat
0x100107b0 lmsPipelineCheckAndRetreiveStages
0x10012130 lmsPipelineDup
0x100120f0 lmsPipelineEval16
0x10012110 lmsPipelineEvalFloat
0x10012480 lmsPipelineEvalReverseFloat
0x100120a0 lmsPipelineFree
0x10012370 lmsPipelineGetPtrToFirstStage
0x10012380 lmsPipelineGetPtrToLastStage
0x10011e00 lmsPipelineInputChannels
0x10012210 lmsPipelineInsertStage
0x10012090 lmsPipelineOutputChannels
0x10012350 lmsPipelineSetSaveAs8bitsFlag
0x100123a0 lmsPipelineStageCount
0x10012270 lmsPipelineUnlinkStage
0x1001dde0 lmsPlugin
0x1001ddf0 lmsPluginTHR
0x1000efd0 lmsReadRawTag
0x1000eb20 lmsReadTag
0x10008d40 lmsReverseToneCurve
0x10008b40 lmsReverseToneCurveEx
0x1000e8f0 lmsSaveProfileToFile
0x1000e7a0 lmsSaveProfileToIOhandler
0x1000e990 lmsSaveProfileToMem
0x1000e950 lmsSaveProfileToStream
0x1002a260 lmsSetAdaptationState
0x1002a230 lmsSetAdaptationStateTHR
0x1002a2e0 lmsSetAlarmCodes
0x1002a280 lmsSetAlarmCodesTHR
0x1000e120 lmsSetColorSpace
0x1000e140 lmsSetDeviceClass
0x1000e160 lmsSetEncodedICCversion
0x1000e070 lmsSetHeaderAttributes
0x1000dff0 lmsSetHeaderFlags
0x1000e010 lmsSetHeaderManufacturer
0x1000e040 lmsSetHeaderModel
0x1000e0b0 lmsSetHeaderProfileID
0x1000dfd0 lmsSetHeaderRenderingIntent
0x10007700 lmsSetLogErrorHandler
0x100076d0 lmsSetLogErrorHandlerTHR
0x1000e100 lmsSetPCS
0x1000e1c0 lmsSetProfileVersion
0x10007710 lmsSignalError
0x10011870 lmsSliceSpace16
0x10011960 lmsSliceSpaceFloat
0x10009390 lmsSmoothToneCurve
0x10011130 lmsStageAllocCLut16bit
0x10011010 lmsStageAllocCLut16bitGranular
0x1001ba60 lmsStageAllocCLutFloat
0x100111d0 lmsStageAllocCLutFloatGranular
0x10010510 lmsStageAllocIdentity
0x10010c20 lmsStageAllocMatrix
0x100109a0 lmsStageAllocToneCurves
0x10011e10 lmsStageData
0x10011e30 lmsStageDup
0x10011dc0 lmsStageFree
0x10011de0 lmsStageInputChannels
0x10011e20 lmsStageNext
0x10011df0 lmsStageOutputChannels
0x10011480 lmsStageSampleCLut16bit
0x10011650 lmsStageSampleCLutFloat
0x10011e00 lmsStageType
0x1000f3a0 lmsTagLinkedTo
0x10029c80 lmsTempFromWhitePoint
0x10029750 lmsTransform2DeviceLink
0x1001df70 lmsUnregisterPlugins
0x1001dfd0 lmsUnregisterPluginsTHR
0x10029b60 lmsWhitePointFromTemp
0x1000f230 lmsWriteRawTag
0x1000ed90 lmsWriteTag
0x1001baf0 lmsXYZ2Lab
0x1001ba30 lmsXYZ2xyY
0x1001c1e0 lmsXYZEncoded2Float
0x100071c0 lmsfilelength
0x10007140 lmsstrcasecmp
0x10011180 next
KERNEL32.dll
0x10043000 InitializeCriticalSection
0x10043004 LeaveCriticalSection
0x10043008 EnterCriticalSection
0x1004300c DeleteCriticalSection
0x10043010 CreateMutexW
0x10043014 WaitForSingleObject
0x10043018 InterlockedCompareExchange
0x1004301c ReleaseMutex
0x10043020 CloseHandle
0x10043024 GetLastError
0x10043028 HeapFree
0x1004302c HeapAlloc
0x10043030 HeapReAlloc
0x10043034 DeleteFileA
0x10043038 GetSystemTimeAsFileTime
0x1004303c GetCurrentThreadId
0x10043040 GetCommandLineA
0x10043044 TerminateProcess
0x10043048 GetCurrentProcess
0x1004304c UnhandledExceptionFilter
0x10043050 SetUnhandledExceptionFilter
0x10043054 IsDebuggerPresent
0x10043058 SetHandleCount
0x1004305c GetStdHandle
0x10043060 GetFileType
0x10043064 GetStartupInfoA
0x10043068 GetCPInfo
0x1004306c InterlockedIncrement
0x10043070 InterlockedDecrement
0x10043074 GetACP
0x10043078 GetOEMCP
0x1004307c IsValidCodePage
0x10043080 GetModuleHandleW
0x10043084 GetProcAddress
0x10043088 TlsGetValue
0x1004308c TlsAlloc
0x10043090 TlsSetValue
0x10043094 TlsFree
0x10043098 SetLastError
0x1004309c RtlUnwind
0x100430a0 MultiByteToWideChar
0x100430a4 ReadFile
0x100430a8 WriteFile
0x100430ac WideCharToMultiByte
0x100430b0 GetConsoleCP
0x100430b4 GetConsoleMode
0x100430b8 LCMapStringA
0x100430bc LCMapStringW
0x100430c0 HeapCreate
0x100430c4 HeapDestroy
0x100430c8 VirtualFree
0x100430cc VirtualAlloc
0x100430d0 Sleep
0x100430d4 ExitProcess
0x100430d8 GetModuleFileNameA
0x100430dc SetFilePointer
0x100430e0 RaiseException
0x100430e4 FreeEnvironmentStringsA
0x100430e8 GetEnvironmentStrings
0x100430ec FreeEnvironmentStringsW
0x100430f0 GetEnvironmentStringsW
0x100430f4 QueryPerformanceCounter
0x100430f8 GetTickCount
0x100430fc GetCurrentProcessId
0x10043100 InitializeCriticalSectionAndSpinCount
0x10043104 GetStringTypeA
0x10043108 GetStringTypeW
0x1004310c GetLocaleInfoA
0x10043110 CreateFileA
0x10043114 SetStdHandle
0x10043118 WriteConsoleA
0x1004311c GetConsoleOutputCP
0x10043120 WriteConsoleW
0x10043124 FlushFileBuffers
0x10043128 LoadLibraryA
0x1004312c GetModuleHandleA
0x10043130 GetTimeZoneInformation
0x10043134 SetEndOfFile
0x10043138 GetProcessHeap
0x1004313c HeapSize
0x10043140 CompareStringA
0x10043144 CompareStringW
0x10043148 SetEnvironmentVariableA
EAT(Export Address Table) Library
0x1000a580 l_cmsComputeInterpParams@24
0x1000a3c0 l_cmsFloat2Half@4
0x1000a5e0 l_cmsFreeInterpParams@4
0x1001b930 l_cmsGetFormatter@16
0x1000a380 l_cmsHalf2Float@4
0x10011440 l_cmsQuantizeVal@12
0x1000ff60 l_cmsReadDevicelinkLUT@8
0x1000f890 l_cmsReadInputLUT@8
0x1000fd80 l_cmsReadOutputLUT@8
0x100113c0 l_cmsStageAllocIdentityCLut@8
0x10010a80 l_cmsStageAllocIdentityCurves@8
0x10011ac0 l_cmsStageAllocLab2XYZ@4
0x10011bb0 l_cmsStageAllocLabV2ToV4@4
0x10011be0 l_cmsStageAllocLabV4ToV2@4
0x100141a0 l_cmsStageAllocNamedColor@8
0x10011d90 l_cmsStageAllocXYZ2Lab@4
0x1001da20 lcms15Fixed16toDouble
0x1001d9d0 lcms8Fixed8toDouble
0x1001d470 lcmsAdjustEndianess16
0x1001d490 lcmsAdjustEndianess32
0x1001d4c0 lcmsAdjustEndianess64
0x10007480 lcmsCalloc
0x100078b0 lcmsCreateMutex
0x1001daa0 lcmsDecodeDateTimeNumber
0x100065e0 lcmsDefaultICCintents
0x100078e0 lcmsDestroyMutex
0x1002a430 lcmsDoTransformLineStride@36
0x1001da70 lcmsDoubleTo15Fixed16
0x1001da00 lcmsDoubleTo8Fixed8
0x10007510 lcmsDupMem
0x1001db30 lcmsEncodeDateTimeNumber
0x100074e0 lcmsFree
0x1002b070 lcmsGetTransformFormatters16
0x1002b0a0 lcmsGetTransformFormattersFloat
0x1002b060 lcmsGetTransformUserData
0x1001ce80 lcmsICCcolorSpace
0x1001dd00 lcmsIOPrintf
0x1001cff0 lcmsLCMScolorSpace
0x10007910 lcmsLockMutex
0x100134c0 lcmsMAT3eval
0x10013140 lcmsMAT3identity
0x10013360 lcmsMAT3inverse
0x100131c0 lcmsMAT3isIdentity
0x10013240 lcmsMAT3per
0x10013460 lcmsMAT3solve
0x10007420 lcmsMalloc
0x10007450 lcmsMallocZero
0x1000e2b0 lcmsOpenProfileFromIOhandler2THR@12
0x100123c0 lcmsPipelineSetOptimizationParameters
0x1001d6e0 lcmsRead15Fixed16Number
0x1001dc50 lcmsReadAlignment
0x1001d620 lcmsReadFloat32Number
0x1001dba0 lcmsReadTypeBase
0x1001d580 lcmsReadUInt16Array
0x1001d540 lcmsReadUInt16Number
0x1001d5d0 lcmsReadUInt32Number
0x1001d690 lcmsReadUInt64Number
0x1001d500 lcmsReadUInt8Number
0x1001d730 lcmsReadXYZNumber
0x100074b0 lcmsRealloc
0x1002b040 lcmsSetTransformUserData
0x100104a0 lcmsStageAllocPlaceholder
0x10007940 lcmsUnlockMutex
0x10013070 lcmsVEC3cross
0x10013100 lcmsVEC3distance
0x100130b0 lcmsVEC3dot
0x10013020 lcmsVEC3init
0x100130d0 lcmsVEC3length
0x10013040 lcmsVEC3minus
0x1001d900 lcmsWrite15Fixed16Number
0x1001dca0 lcmsWriteAlignment
0x1001d880 lcmsWriteFloat32Number
0x1001dc00 lcmsWriteTypeBase
0x1001d810 lcmsWriteUInt16Array
0x1001d7d0 lcmsWriteUInt16Number
0x1001d850 lcmsWriteUInt32Number
0x1001d8c0 lcmsWriteUInt64Number
0x1001d7b0 lcmsWriteUInt8Number
0x1001d950 lcmsWriteXYZNumber
0x1002a180 lmsAdaptToIlluminant
0x10013c70 lmsAllocNamedColorList
0x10014210 lmsAllocProfileSequenceDescription
0x10013dd0 lmsAppendNamedColor
0x1001c3e0 lmsBFDdeltaE
0x10008840 lmsBuildGamma
0x10008790 lmsBuildParametricToneCurve
0x100085b0 lmsBuildSegmentedToneCurve
0x10008560 lmsBuildTabulatedToneCurve16
0x100086d0 lmsBuildTabulatedToneCurveFloat
0x1001c920 lmsCIE2000DeltaE
0x1001c280 lmsCIE94DeltaE
0x10002620 lmsCIECAM02Done
0x10002640 lmsCIECAM02Forward
0x10002420 lmsCIECAM02Init
0x10002750 lmsCIECAM02Reverse
0x1001c740 lmsCMCdeltaE
0x1002bb30 lmsChangeBuffersFormat
0x1001d270 lmsChannelsOf
0x1000d860 lmsCloseIOhandler
0x1000ea10 lmsCloseProfile
0x10029330 lmsCreateBCHSWabstractProfile
0x10029170 lmsCreateBCHSWabstractProfileTHR
0x1001e070 lmsCreateContext
0x1002b500 lmsCreateExtendedTransform
0x100288b0 lmsCreateGrayProfile
0x100287f0 lmsCreateGrayProfileTHR
0x10028ca0 lmsCreateInkLimitingDeviceLink
0x10028ac0 lmsCreateInkLimitingDeviceLinkTHR
0x10028da0 lmsCreateLab2Profile
0x10028cc0 lmsCreateLab2ProfileTHR
0x10028e90 lmsCreateLab4Profile
0x10028db0 lmsCreateLab4ProfileTHR
0x100289c0 lmsCreateLinearizationDeviceLink
0x100288d0 lmsCreateLinearizationDeviceLinkTHR
0x1002b8f0 lmsCreateMultiprofileTransform
0x1002b830 lmsCreateMultiprofileTransformTHR
0x100294f0 lmsCreateNULLProfile
0x10029370 lmsCreateNULLProfileTHR
0x1000d880 lmsCreateProfilePlaceholder
0x1002bab0 lmsCreateProofingTransform
0x1002b9d0 lmsCreateProofingTransformTHR
0x100287d0 lmsCreateRGBProfile
0x10028580 lmsCreateRGBProfileTHR
0x1002b9a0 lmsCreateTransform
0x1002b950 lmsCreateTransformTHR
0x10028f70 lmsCreateXYZProfile
0x10028ea0 lmsCreateXYZProfileTHR
0x100290c0 lmsCreate_sRGBProfile
0x10028fe0 lmsCreate_sRGBProfileTHR
0x10029b30 lmsD50_XYZ
0x10029b40 lmsD50_xyY
0x1001e370 lmsDeleteContext
0x1002a330 lmsDeleteTransform
0x1001c220 lmsDeltaE
0x1000a180 lmsDesaturateLab
0x1001ffb0 lmsDetectBlackPoint
0x10020470 lmsDetectDestinationBlackPoint
0x1000a0a0 lmsDetectTAC
0x100144d0 lmsDictAddEntry
0x10014420 lmsDictAlloc
0x10014540 lmsDictDup
0x10014440 lmsDictFree
0x100145a0 lmsDictGetEntryList
0x100145a0 lmsDictNextEntry
0x1002a3b0 lmsDoTransform
0x1002a3f0 lmsDoTransformStride
0x1001e250 lmsDupContext
0x10013d30 lmsDupNamedColorList
0x10014310 lmsDupProfileSequenceDescription
0x10008950 lmsDupToneCurve
0x10009800 lmsEstimateGamma
0x100097d0 lmsEvalToneCurve16
0x10009760 lmsEvalToneCurveFloat
0x1001bed0 lmsFloat2LabEncoded
0x1001bda0 lmsFloat2LabEncodedV2
0x1001c0e0 lmsFloat2XYZEncoded
0x1001b9b0 lmsFormatterForColorspaceOfProfile
0x1001b9f0 lmsFormatterForPCSOfProfile
0x10013d00 lmsFreeNamedColorList
0x100142a0 lmsFreeProfileSequenceDescription
0x10008860 lmsFreeToneCurve
0x10008900 lmsFreeToneCurveTriple
0x10020e20 lmsGBDAlloc
0x1000a5e0 lmsGBDFree
0x10020f20 lmsGDBAddPoint
0x10020fa0 lmsGDBCheckPoint
0x100214b0 lmsGDBCompute
0x1002a2f0 lmsGetAlarmCodes
0x1002a2b0 lmsGetAlarmCodesTHR
0x1000e110 lmsGetColorSpace
0x1001e430 lmsGetContextUserData
0x1000e130 lmsGetDeviceClass
0x10007130 lmsGetEncodedCMMversion
0x1000e150 lmsGetEncodedICCversion
0x1000e050 lmsGetHeaderAttributes
0x1000e0d0 lmsGetHeaderCreationDateTime
0x1000e020 lmsGetHeaderCreator
0x1000dfe0 lmsGetHeaderFlags
0x1000e000 lmsGetHeaderManufacturer
0x1000e030 lmsGetHeaderModel
0x1000e090 lmsGetHeaderProfileID
0x1000dfc0 lmsGetHeaderRenderingIntent
0x100141f0 lmsGetNamedColorList
0x1000e0f0 lmsGetPCS
0x10011e10 lmsGetPipelineContextID
0x1001fc30 lmsGetPostScriptCRD
0x1001fc90 lmsGetPostScriptCSA
0x1001fbe0 lmsGetPostScriptColorResource
0x1002bb10 lmsGetProfileContextID
0x100145a0 lmsGetProfileIOhandler
0x10010420 lmsGetProfileInfo
0x10010460 lmsGetProfileInfoASCII
0x1000e230 lmsGetProfileVersion
0x10007090 lmsGetSupportedIntents
0x10007000 lmsGetSupportedIntentsTHR
0x1000d900 lmsGetTagCount
0x1000d920 lmsGetTagSignature
0x10008550 lmsGetToneCurveEstimatedTable
0x10008540 lmsGetToneCurveEstimatedTableEntries
0x10009740 lmsGetToneCurveParametricType
0x1002baf0 lmsGetTransformContextID
0x100145a0 lmsGetTransformInputFormat
0x1002bb10 lmsGetTransformOutputFormat
0x10003ad0 lmsIT8Alloc
0x10005990 lmsIT8DefineDblFormat
0x10005340 lmsIT8EnumDataFormat
0x10005370 lmsIT8EnumProperties
0x100053d0 lmsIT8EnumPropertyMulti
0x10005570 lmsIT8FindDataFormat
0x10003720 lmsIT8Free
0x10005680 lmsIT8GetData
0x100056d0 lmsIT8GetDataDbl
0x10005590 lmsIT8GetDataRowCol
0x100055b0 lmsIT8GetDataRowColDbl
0x10005870 lmsIT8GetPatchByName
0x10005820 lmsIT8GetPatchName
0x10003e60 lmsIT8GetProperty
0x10003ea0 lmsIT8GetPropertyDbl
0x10003ec0 lmsIT8GetPropertyMulti
0x10003bf0 lmsIT8GetSheetType
0x10005270 lmsIT8LoadFromFile
0x100051a0 lmsIT8LoadFromMem
0x10004580 lmsIT8SaveToFile
0x10004610 lmsIT8SaveToMem
0x10003c30 lmsIT8SetComment
0x100056f0 lmsIT8SetData
0x100057b0 lmsIT8SetDataDbl
0x10004010 lmsIT8SetDataFormat
0x100055e0 lmsIT8SetDataRowCol
0x10005600 lmsIT8SetDataRowColDbl
0x10005950 lmsIT8SetIndexColumn
0x10003cc0 lmsIT8SetPropertyDbl
0x10003d50 lmsIT8SetPropertyHex
0x10003e20 lmsIT8SetPropertyMulti
0x10003c80 lmsIT8SetPropertyStr
0x10003de0 lmsIT8SetPropertyUncooked
0x10003c00 lmsIT8SetSheetType
0x10003a90 lmsIT8SetTable
0x10005890 lmsIT8SetTableByLabel
0x10012370 lmsIT8TableCount
0x100101b0 lmsIsCLUT
0x10010260 lmsIsIntentSupported
0x10010110 lmsIsMatrixShaper
0x1000da80 lmsIsTag
0x10009700 lmsIsToneCurveDescending
0x10009600 lmsIsToneCurveLinear
0x10009670 lmsIsToneCurveMonotonic
0x10009720 lmsIsToneCurveMultisegment
0x10008980 lmsJoinToneCurve
0x1001c070 lmsLCh2Lab
0x1001c000 lmsLab2LCh
0x1001bb80 lmsLab2XYZ
0x1001bd10 lmsLabEncoded2Float
0x1001bce0 lmsLabEncoded2FloatV2
0x1000f300 lmsLinkTag
0x10012ef0 lmsMD5computeID
0x10013520 lmsMLUalloc
0x10013830 lmsMLUdup
0x100138e0 lmsMLUfree
0x100139e0 lmsMLUgetASCII
0x10013b30 lmsMLUgetTranslation
0x10013a90 lmsMLUgetWide
0x10013720 lmsMLUsetASCII
0x100137e0 lmsMLUsetWide
0x10013bc0 lmsMLUtranslationsCodes
0x10013ba0 lmsMLUtranslationsCount
0x100145a0 lmsNamedColorCount
0x10013fb0 lmsNamedColorIndex
0x10013ee0 lmsNamedColorInfo
0x1000d650 lmsOpenIOhandlerFromFile
0x1000d3d0 lmsOpenIOhandlerFromMem
0x1000d200 lmsOpenIOhandlerFromNULL
0x1000d7c0 lmsOpenIOhandlerFromStream
0x1000e380 lmsOpenProfileFromFile
0x1000e310 lmsOpenProfileFromFileTHR
0x1000e270 lmsOpenProfileFromIOhandlerTHR
0x1000e480 lmsOpenProfileFromMem
0x1000e420 lmsOpenProfileFromMemTHR
0x1000e400 lmsOpenProfileFromStream
0x1000e3a0 lmsOpenProfileFromStreamTHR
0x10012010 lmsPipelineAlloc
0x100122f0 lmsPipelineCat
0x100107b0 lmsPipelineCheckAndRetreiveStages
0x10012130 lmsPipelineDup
0x100120f0 lmsPipelineEval16
0x10012110 lmsPipelineEvalFloat
0x10012480 lmsPipelineEvalReverseFloat
0x100120a0 lmsPipelineFree
0x10012370 lmsPipelineGetPtrToFirstStage
0x10012380 lmsPipelineGetPtrToLastStage
0x10011e00 lmsPipelineInputChannels
0x10012210 lmsPipelineInsertStage
0x10012090 lmsPipelineOutputChannels
0x10012350 lmsPipelineSetSaveAs8bitsFlag
0x100123a0 lmsPipelineStageCount
0x10012270 lmsPipelineUnlinkStage
0x1001dde0 lmsPlugin
0x1001ddf0 lmsPluginTHR
0x1000efd0 lmsReadRawTag
0x1000eb20 lmsReadTag
0x10008d40 lmsReverseToneCurve
0x10008b40 lmsReverseToneCurveEx
0x1000e8f0 lmsSaveProfileToFile
0x1000e7a0 lmsSaveProfileToIOhandler
0x1000e990 lmsSaveProfileToMem
0x1000e950 lmsSaveProfileToStream
0x1002a260 lmsSetAdaptationState
0x1002a230 lmsSetAdaptationStateTHR
0x1002a2e0 lmsSetAlarmCodes
0x1002a280 lmsSetAlarmCodesTHR
0x1000e120 lmsSetColorSpace
0x1000e140 lmsSetDeviceClass
0x1000e160 lmsSetEncodedICCversion
0x1000e070 lmsSetHeaderAttributes
0x1000dff0 lmsSetHeaderFlags
0x1000e010 lmsSetHeaderManufacturer
0x1000e040 lmsSetHeaderModel
0x1000e0b0 lmsSetHeaderProfileID
0x1000dfd0 lmsSetHeaderRenderingIntent
0x10007700 lmsSetLogErrorHandler
0x100076d0 lmsSetLogErrorHandlerTHR
0x1000e100 lmsSetPCS
0x1000e1c0 lmsSetProfileVersion
0x10007710 lmsSignalError
0x10011870 lmsSliceSpace16
0x10011960 lmsSliceSpaceFloat
0x10009390 lmsSmoothToneCurve
0x10011130 lmsStageAllocCLut16bit
0x10011010 lmsStageAllocCLut16bitGranular
0x1001ba60 lmsStageAllocCLutFloat
0x100111d0 lmsStageAllocCLutFloatGranular
0x10010510 lmsStageAllocIdentity
0x10010c20 lmsStageAllocMatrix
0x100109a0 lmsStageAllocToneCurves
0x10011e10 lmsStageData
0x10011e30 lmsStageDup
0x10011dc0 lmsStageFree
0x10011de0 lmsStageInputChannels
0x10011e20 lmsStageNext
0x10011df0 lmsStageOutputChannels
0x10011480 lmsStageSampleCLut16bit
0x10011650 lmsStageSampleCLutFloat
0x10011e00 lmsStageType
0x1000f3a0 lmsTagLinkedTo
0x10029c80 lmsTempFromWhitePoint
0x10029750 lmsTransform2DeviceLink
0x1001df70 lmsUnregisterPlugins
0x1001dfd0 lmsUnregisterPluginsTHR
0x10029b60 lmsWhitePointFromTemp
0x1000f230 lmsWriteRawTag
0x1000ed90 lmsWriteTag
0x1001baf0 lmsXYZ2Lab
0x1001ba30 lmsXYZ2xyY
0x1001c1e0 lmsXYZEncoded2Float
0x100071c0 lmsfilelength
0x10007140 lmsstrcasecmp
0x10011180 next