ScreenShot
| Created | 2023.06.22 10:10 | Machine | s1_win7_x6401 |
| Filename | 3052c15a0e5926da6706d7bc1440d1ad.movpkg | ||
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 7 detected (Artemis, GenericKD, Casdet, CLOUD) | ||
| md5 | 67b3201085b9b59d58c4a71c8b539bb0 | ||
| sha256 | 78f6f94aaa72e41d64e4dc309a3553399db2b4cd0edae5653ca4b6e7839e1215 | ||
| ssdeep | 49152:WT2PQnvmVQM0eqJAC7YaVVVVVVVVbImRPKB9bjgEge7Co1wl+MhV4Jt8tBNZZd:EIB3slN | ||
| imphash | 689ff199fb7bbb786a1b91371ee279cc | ||
| impfuzzy | 96:3Ap3tClKsJBaT/S4y7w+7XPeXsA6yE6fcpA++Ffx+tFuX17fysX+k9pmQ:3Ap3tbs3LEFsA60F9F7fHOkfZ | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | File has been identified by 7 AntiVirus engines on VirusTotal as malicious |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
IPHLPAPI.DLL
0x1802af0b0 GetAdaptersAddresses
SHELL32.dll
0x1802af6c8 SHBrowseForFolderW
0x1802af6d0 None
0x1802af6d8 SHCreateItemFromParsingName
0x1802af6e0 ShellExecuteW
0x1802af6e8 SHGetFolderPathW
0x1802af6f0 None
0x1802af6f8 SHOpenFolderAndSelectItems
0x1802af700 SHGetPathFromIDListW
0x1802af708 CommandLineToArgvW
0x1802af710 ShellExecuteExW
PROPSYS.dll
0x1802af698 PSGetPropertyKeyFromName
WINHTTP.dll
0x1802af7d0 WinHttpGetProxyForUrl
0x1802af7d8 WinHttpGetIEProxyConfigForCurrentUser
0x1802af7e0 WinHttpCloseHandle
0x1802af7e8 WinHttpOpen
RPCRT4.dll
0x1802af6a8 UuidCreate
0x1802af6b0 RpcStringFreeA
0x1802af6b8 UuidToStringA
d3d9.dll
0x1802af7f8 Direct3DCreate9
ADVAPI32.dll
0x1802af000 RegEnumKeyExW
0x1802af008 RegOpenKeyExA
0x1802af010 RegQueryValueExA
0x1802af018 OpenProcessToken
0x1802af020 SetNamedSecurityInfoW
0x1802af028 GetNamedSecurityInfoW
0x1802af030 GetExplicitEntriesFromAclW
0x1802af038 SetEntriesInAclW
0x1802af040 RegSetValueExW
0x1802af048 RegQueryValueExW
0x1802af050 RegOpenKeyExW
0x1802af058 RegCloseKey
0x1802af060 RegDeleteValueW
0x1802af068 RegDeleteKeyW
0x1802af070 RegCreateKeyExW
0x1802af078 RegCreateKeyW
0x1802af080 GetTokenInformation
0x1802af088 EqualSid
0x1802af090 AllocateAndInitializeSid
USER32.dll
0x1802af720 GetLastInputInfo
0x1802af728 GetForegroundWindow
0x1802af730 GetWindowThreadProcessId
0x1802af738 SetClipboardData
0x1802af740 CloseClipboard
0x1802af748 OpenClipboard
0x1802af750 SendMessageW
0x1802af758 AllowSetForegroundWindow
0x1802af760 MessageBoxW
0x1802af768 GetMonitorInfoW
0x1802af770 EnumDisplayMonitors
0x1802af778 SetProcessDPIAware
0x1802af780 PostMessageW
0x1802af788 SetWindowPos
0x1802af790 GetWindowRect
0x1802af798 GetParent
0x1802af7a0 MonitorFromPoint
0x1802af7a8 GetWindowInfo
0x1802af7b0 GetSystemMetrics
0x1802af7b8 GetClipboardData
0x1802af7c0 EmptyClipboard
KERNEL32.dll
0x1802af0c0 GetStdHandle
0x1802af0c8 FlushFileBuffers
0x1802af0d0 GetACP
0x1802af0d8 HeapReAlloc
0x1802af0e0 SetStdHandle
0x1802af0e8 GetDateFormatW
0x1802af0f0 GetTimeFormatW
0x1802af0f8 IsValidLocale
0x1802af100 GetUserDefaultLCID
0x1802af108 EnumSystemLocalesW
0x1802af110 SetConsoleCtrlHandler
0x1802af118 WriteConsoleW
0x1802af120 FindFirstFileExA
0x1802af128 FindFirstFileExW
0x1802af130 FindNextFileA
0x1802af138 IsValidCodePage
0x1802af140 GetOEMCP
0x1802af148 GetCommandLineA
0x1802af150 GetEnvironmentStringsW
0x1802af158 FreeEnvironmentStringsW
0x1802af160 GetProcessHeap
0x1802af168 HeapSize
0x1802af170 HeapFree
0x1802af178 GetModuleFileNameA
0x1802af180 GetConsoleCP
0x1802af188 ReadConsoleW
0x1802af190 GetConsoleMode
0x1802af198 GetFileAttributesExW
0x1802af1a0 GetModuleHandleExW
0x1802af1a8 ResumeThread
0x1802af1b0 ExitThread
0x1802af1b8 SystemTimeToTzSpecificLocalTime
0x1802af1c0 GetFileType
0x1802af1c8 GetFileInformationByHandle
0x1802af1d0 GetCurrentDirectoryA
0x1802af1d8 SetCurrentDirectoryW
0x1802af1e0 SetCurrentDirectoryA
0x1802af1e8 SetEnvironmentVariableW
0x1802af1f0 SetEnvironmentVariableA
0x1802af1f8 GetFullPathNameA
0x1802af200 GetDriveTypeW
0x1802af208 RtlUnwindEx
0x1802af210 LoadLibraryW
0x1802af218 UnregisterWaitEx
0x1802af220 Sleep
0x1802af228 GetCommandLineW
0x1802af230 GetCurrentDirectoryW
0x1802af238 GetCurrentProcessId
0x1802af240 OpenProcess
0x1802af248 GetModuleFileNameW
0x1802af250 LocalFree
0x1802af258 CloseHandle
0x1802af260 GetLastError
0x1802af268 WaitForSingleObject
0x1802af270 TerminateProcess
0x1802af278 GetExitCodeProcess
0x1802af280 RtlCaptureStackBackTrace
0x1802af288 GetProcessId
0x1802af290 CreateToolhelp32Snapshot
0x1802af298 Process32FirstW
0x1802af2a0 Process32NextW
0x1802af2a8 CreateDirectoryW
0x1802af2b0 CreateFileW
0x1802af2b8 DeleteFileW
0x1802af2c0 FindClose
0x1802af2c8 FindFirstFileW
0x1802af2d0 FindNextFileW
0x1802af2d8 GetFileAttributesW
0x1802af2e0 GetFileSizeEx
0x1802af2e8 GetFileTime
0x1802af2f0 GetFullPathNameW
0x1802af2f8 GetTempFileNameW
0x1802af300 GetVolumePathNameW
0x1802af308 RemoveDirectoryW
0x1802af310 SetEndOfFile
0x1802af318 SetFileAttributesW
0x1802af320 SetFilePointerEx
0x1802af328 SetFileTime
0x1802af330 SetErrorMode
0x1802af338 CopyFileW
0x1802af340 MoveFileExW
0x1802af348 OutputDebugStringA
0x1802af350 GetEnvironmentVariableW
0x1802af358 GetDiskFreeSpaceExW
0x1802af360 GetVolumeNameForVolumeMountPointW
0x1802af368 GetCurrentProcess
0x1802af370 ExitProcess
0x1802af378 GetSystemInfo
0x1802af380 GetTickCount
0x1802af388 GetVersionExW
0x1802af390 GetNativeSystemInfo
0x1802af398 GetPhysicallyInstalledSystemMemory
0x1802af3a0 GetModuleHandleA
0x1802af3a8 GetModuleHandleW
0x1802af3b0 GetProcAddress
0x1802af3b8 GlobalAlloc
0x1802af3c0 GlobalLock
0x1802af3c8 GlobalUnlock
0x1802af3d0 GlobalFree
0x1802af3d8 GetComputerNameA
0x1802af3e0 FileTimeToSystemTime
0x1802af3e8 SystemTimeToFileTime
0x1802af3f0 GetTimeZoneInformation
0x1802af3f8 GetLocaleInfoW
0x1802af400 GetUserDefaultUILanguage
0x1802af408 SetEvent
0x1802af410 ResetEvent
0x1802af418 WaitForMultipleObjectsEx
0x1802af420 CreateEventW
0x1802af428 GetTempPathW
0x1802af430 CreateThread
0x1802af438 GetCurrentThreadId
0x1802af440 RaiseException
0x1802af448 SuspendThread
0x1802af450 ReadFile
0x1802af458 WriteFile
0x1802af460 PeekNamedPipe
0x1802af468 GetOverlappedResult
0x1802af470 GetSystemTimeAsFileTime
0x1802af478 InitializeCriticalSection
0x1802af480 EnterCriticalSection
0x1802af488 LeaveCriticalSection
0x1802af490 InitializeCriticalSectionAndSpinCount
0x1802af498 TryEnterCriticalSection
0x1802af4a0 DeleteCriticalSection
0x1802af4a8 MultiByteToWideChar
0x1802af4b0 WideCharToMultiByte
0x1802af4b8 SetLastError
0x1802af4c0 QueryDepthSList
0x1802af4c8 InterlockedFlushSList
0x1802af4d0 InterlockedPushEntrySList
0x1802af4d8 InterlockedPopEntrySList
0x1802af4e0 ReleaseSemaphore
0x1802af4e8 SetProcessAffinityMask
0x1802af4f0 HeapAlloc
0x1802af4f8 CreateProcessW
0x1802af500 FormatMessageW
0x1802af508 DuplicateHandle
0x1802af510 WaitForSingleObjectEx
0x1802af518 SwitchToThread
0x1802af520 GetCurrentThread
0x1802af528 GetExitCodeThread
0x1802af530 RtlPcToFileHeader
0x1802af538 EncodePointer
0x1802af540 DecodePointer
0x1802af548 GetStringTypeW
0x1802af550 TlsAlloc
0x1802af558 TlsGetValue
0x1802af560 TlsSetValue
0x1802af568 TlsFree
0x1802af570 GetCPInfo
0x1802af578 QueryPerformanceCounter
0x1802af580 QueryPerformanceFrequency
0x1802af588 CompareStringW
0x1802af590 LCMapStringW
0x1802af598 RtlCaptureContext
0x1802af5a0 RtlLookupFunctionEntry
0x1802af5a8 RtlVirtualUnwind
0x1802af5b0 IsDebuggerPresent
0x1802af5b8 UnhandledExceptionFilter
0x1802af5c0 SetUnhandledExceptionFilter
0x1802af5c8 GetStartupInfoW
0x1802af5d0 IsProcessorFeaturePresent
0x1802af5d8 InitializeSListHead
0x1802af5e0 CreateTimerQueue
0x1802af5e8 SignalObjectAndWait
0x1802af5f0 SetThreadPriority
0x1802af5f8 GetThreadPriority
0x1802af600 GetLogicalProcessorInformation
0x1802af608 CreateTimerQueueTimer
0x1802af610 ChangeTimerQueueTimer
0x1802af618 DeleteTimerQueueTimer
0x1802af620 GetNumaHighestNodeNumber
0x1802af628 GetProcessAffinityMask
0x1802af630 SetThreadAffinityMask
0x1802af638 RegisterWaitForSingleObject
0x1802af640 UnregisterWait
0x1802af648 OutputDebugStringW
0x1802af650 GetThreadTimes
0x1802af658 FreeLibrary
0x1802af660 FreeLibraryAndExitThread
0x1802af668 LoadLibraryExW
0x1802af670 VirtualAlloc
0x1802af678 VirtualProtect
0x1802af680 VirtualFree
0x1802af688 RtlUnwind
ole32.dll
0x1802af808 CoInitializeEx
0x1802af810 CoCreateInstance
0x1802af818 CoInitialize
0x1802af820 CoUninitialize
COMDLG32.dll
0x1802af0a0 GetSaveFileNameW
EAT(Export Address Table) Library
0x18000d450 ??0OrbitSession@orbitdll@mg@@QEAA@XZ
0x18000d4a0 ??1OrbitSession@orbitdll@mg@@QEAA@XZ
0x18000d4e0 ?CheckUpdate@OrbitSession@orbitdll@mg@@QEAAHXZ
0x18000cc20 ?Close@SavegameReader@orbitdll@mg@@QEAAXXZ
0x18000cc60 ?Close@SavegameWriter@orbitdll@mg@@QEAAX_N@Z
0x18000d500 ?GetLocText@OrbitSession@orbitdll@mg@@QEAAPEBGPEBGPEBD@Z
0x18000d510 ?GetLoginDetails@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetLoginDetailsListener@23@@Z
0x18000cca0 ?GetName@SavegameInfo@orbitdll@mg@@QEAAPEBGXZ
0x18000d520 ?GetNetworkTraffic@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetNetworkTrafficListener@23@@Z
0x18000d530 ?GetOrbitServer@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetOrbitServerListener@23@II@Z
0x18000d550 ?GetRequestUniqueId@OrbitSession@orbitdll@mg@@QEAAIXZ
0x18000ce20 ?GetSavegameId@SavegameInfo@orbitdll@mg@@QEAAIXZ
0x18000d560 ?GetSavegameList@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetSavegameListListener@23@I@Z
0x18000d570 ?GetSavegameReader@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetSavegameReaderListener@23@II@Z
0x18000d590 ?GetSavegameWriter@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetSavegameWriterListener@23@II_N@Z
0x18000cfa0 ?GetSize@SavegameInfo@orbitdll@mg@@QEAAIXZ
0x18000d120 ?GetUplayId@SavegameInfo@orbitdll@mg@@QEAAIXZ
0x18000d2c0 ?Read@SavegameReader@orbitdll@mg@@QEAAXIPEAVISavegameReadListener@23@IPEAXI@Z
0x18000d5b0 ?RemoveSavegame@OrbitSession@orbitdll@mg@@QEAAXIPEAVIRemoveSavegameListener@23@II@Z
0x18000d2f0 ?SetName@SavegameWriter@orbitdll@mg@@QEAA_NPEAG@Z
0x18000d5d0 ?StartLauncher@OrbitSession@orbitdll@mg@@QEAA_NIIPEBD0@Z
0x18000d5e0 ?StartProcess@OrbitSession@orbitdll@mg@@QEAAXPEBG00@Z
0x18000d5f0 ?Update@OrbitSession@orbitdll@mg@@QEAAXXZ
0x18000d380 ?Write@SavegameWriter@orbitdll@mg@@QEAAXIPEAVISavegameWriteListener@23@PEAXI@Z
0x18000d600 MgOrbitdllCheckUpdate
0x18000d760 MgOrbitdllGetFakeSession
0x18000d8b0 MgOrbitdllGetLocText
0x18000da20 MgOrbitdllGetLoginDetails
0x18000db90 MgOrbitdllGetNetworkTraffic
0x18000dd00 MgOrbitdllGetOrbitServer
0x18000de90 MgOrbitdllGetRequestUniqueId
0x18000dff0 MgOrbitdllGetSavegameList
0x18000e180 MgOrbitdllGetSavegameReader
0x18000e310 MgOrbitdllGetSavegameWriter
0x18000e4b0 MgOrbitdllGetSession
0x18000e4e0 MgOrbitdllRemoveSavegame
0x18000e670 MgOrbitdllSaveGameInfoGetName
0x18000e7d0 MgOrbitdllSaveGameInfoGetProductId
0x18000e930 MgOrbitdllSaveGameInfoGetSavegameId
0x18000ea90 MgOrbitdllSaveGameInfoGetSize
0x18000ebf0 MgOrbitdllSaveGameReaderClose
0x18000ed50 MgOrbitdllSaveGameReaderRead
0x18000eef0 MgOrbitdllSaveGameWriterClose
0x18000f070 MgOrbitdllSaveGameWriterSetName
0x18000f1f0 MgOrbitdllSaveGameWriterWrite
0x18000f380 MgOrbitdllStartLauncher
0x18000f510 MgOrbitdllStartProcess
0x18000f690 MgOrbitdllUpdate
IPHLPAPI.DLL
0x1802af0b0 GetAdaptersAddresses
SHELL32.dll
0x1802af6c8 SHBrowseForFolderW
0x1802af6d0 None
0x1802af6d8 SHCreateItemFromParsingName
0x1802af6e0 ShellExecuteW
0x1802af6e8 SHGetFolderPathW
0x1802af6f0 None
0x1802af6f8 SHOpenFolderAndSelectItems
0x1802af700 SHGetPathFromIDListW
0x1802af708 CommandLineToArgvW
0x1802af710 ShellExecuteExW
PROPSYS.dll
0x1802af698 PSGetPropertyKeyFromName
WINHTTP.dll
0x1802af7d0 WinHttpGetProxyForUrl
0x1802af7d8 WinHttpGetIEProxyConfigForCurrentUser
0x1802af7e0 WinHttpCloseHandle
0x1802af7e8 WinHttpOpen
RPCRT4.dll
0x1802af6a8 UuidCreate
0x1802af6b0 RpcStringFreeA
0x1802af6b8 UuidToStringA
d3d9.dll
0x1802af7f8 Direct3DCreate9
ADVAPI32.dll
0x1802af000 RegEnumKeyExW
0x1802af008 RegOpenKeyExA
0x1802af010 RegQueryValueExA
0x1802af018 OpenProcessToken
0x1802af020 SetNamedSecurityInfoW
0x1802af028 GetNamedSecurityInfoW
0x1802af030 GetExplicitEntriesFromAclW
0x1802af038 SetEntriesInAclW
0x1802af040 RegSetValueExW
0x1802af048 RegQueryValueExW
0x1802af050 RegOpenKeyExW
0x1802af058 RegCloseKey
0x1802af060 RegDeleteValueW
0x1802af068 RegDeleteKeyW
0x1802af070 RegCreateKeyExW
0x1802af078 RegCreateKeyW
0x1802af080 GetTokenInformation
0x1802af088 EqualSid
0x1802af090 AllocateAndInitializeSid
USER32.dll
0x1802af720 GetLastInputInfo
0x1802af728 GetForegroundWindow
0x1802af730 GetWindowThreadProcessId
0x1802af738 SetClipboardData
0x1802af740 CloseClipboard
0x1802af748 OpenClipboard
0x1802af750 SendMessageW
0x1802af758 AllowSetForegroundWindow
0x1802af760 MessageBoxW
0x1802af768 GetMonitorInfoW
0x1802af770 EnumDisplayMonitors
0x1802af778 SetProcessDPIAware
0x1802af780 PostMessageW
0x1802af788 SetWindowPos
0x1802af790 GetWindowRect
0x1802af798 GetParent
0x1802af7a0 MonitorFromPoint
0x1802af7a8 GetWindowInfo
0x1802af7b0 GetSystemMetrics
0x1802af7b8 GetClipboardData
0x1802af7c0 EmptyClipboard
KERNEL32.dll
0x1802af0c0 GetStdHandle
0x1802af0c8 FlushFileBuffers
0x1802af0d0 GetACP
0x1802af0d8 HeapReAlloc
0x1802af0e0 SetStdHandle
0x1802af0e8 GetDateFormatW
0x1802af0f0 GetTimeFormatW
0x1802af0f8 IsValidLocale
0x1802af100 GetUserDefaultLCID
0x1802af108 EnumSystemLocalesW
0x1802af110 SetConsoleCtrlHandler
0x1802af118 WriteConsoleW
0x1802af120 FindFirstFileExA
0x1802af128 FindFirstFileExW
0x1802af130 FindNextFileA
0x1802af138 IsValidCodePage
0x1802af140 GetOEMCP
0x1802af148 GetCommandLineA
0x1802af150 GetEnvironmentStringsW
0x1802af158 FreeEnvironmentStringsW
0x1802af160 GetProcessHeap
0x1802af168 HeapSize
0x1802af170 HeapFree
0x1802af178 GetModuleFileNameA
0x1802af180 GetConsoleCP
0x1802af188 ReadConsoleW
0x1802af190 GetConsoleMode
0x1802af198 GetFileAttributesExW
0x1802af1a0 GetModuleHandleExW
0x1802af1a8 ResumeThread
0x1802af1b0 ExitThread
0x1802af1b8 SystemTimeToTzSpecificLocalTime
0x1802af1c0 GetFileType
0x1802af1c8 GetFileInformationByHandle
0x1802af1d0 GetCurrentDirectoryA
0x1802af1d8 SetCurrentDirectoryW
0x1802af1e0 SetCurrentDirectoryA
0x1802af1e8 SetEnvironmentVariableW
0x1802af1f0 SetEnvironmentVariableA
0x1802af1f8 GetFullPathNameA
0x1802af200 GetDriveTypeW
0x1802af208 RtlUnwindEx
0x1802af210 LoadLibraryW
0x1802af218 UnregisterWaitEx
0x1802af220 Sleep
0x1802af228 GetCommandLineW
0x1802af230 GetCurrentDirectoryW
0x1802af238 GetCurrentProcessId
0x1802af240 OpenProcess
0x1802af248 GetModuleFileNameW
0x1802af250 LocalFree
0x1802af258 CloseHandle
0x1802af260 GetLastError
0x1802af268 WaitForSingleObject
0x1802af270 TerminateProcess
0x1802af278 GetExitCodeProcess
0x1802af280 RtlCaptureStackBackTrace
0x1802af288 GetProcessId
0x1802af290 CreateToolhelp32Snapshot
0x1802af298 Process32FirstW
0x1802af2a0 Process32NextW
0x1802af2a8 CreateDirectoryW
0x1802af2b0 CreateFileW
0x1802af2b8 DeleteFileW
0x1802af2c0 FindClose
0x1802af2c8 FindFirstFileW
0x1802af2d0 FindNextFileW
0x1802af2d8 GetFileAttributesW
0x1802af2e0 GetFileSizeEx
0x1802af2e8 GetFileTime
0x1802af2f0 GetFullPathNameW
0x1802af2f8 GetTempFileNameW
0x1802af300 GetVolumePathNameW
0x1802af308 RemoveDirectoryW
0x1802af310 SetEndOfFile
0x1802af318 SetFileAttributesW
0x1802af320 SetFilePointerEx
0x1802af328 SetFileTime
0x1802af330 SetErrorMode
0x1802af338 CopyFileW
0x1802af340 MoveFileExW
0x1802af348 OutputDebugStringA
0x1802af350 GetEnvironmentVariableW
0x1802af358 GetDiskFreeSpaceExW
0x1802af360 GetVolumeNameForVolumeMountPointW
0x1802af368 GetCurrentProcess
0x1802af370 ExitProcess
0x1802af378 GetSystemInfo
0x1802af380 GetTickCount
0x1802af388 GetVersionExW
0x1802af390 GetNativeSystemInfo
0x1802af398 GetPhysicallyInstalledSystemMemory
0x1802af3a0 GetModuleHandleA
0x1802af3a8 GetModuleHandleW
0x1802af3b0 GetProcAddress
0x1802af3b8 GlobalAlloc
0x1802af3c0 GlobalLock
0x1802af3c8 GlobalUnlock
0x1802af3d0 GlobalFree
0x1802af3d8 GetComputerNameA
0x1802af3e0 FileTimeToSystemTime
0x1802af3e8 SystemTimeToFileTime
0x1802af3f0 GetTimeZoneInformation
0x1802af3f8 GetLocaleInfoW
0x1802af400 GetUserDefaultUILanguage
0x1802af408 SetEvent
0x1802af410 ResetEvent
0x1802af418 WaitForMultipleObjectsEx
0x1802af420 CreateEventW
0x1802af428 GetTempPathW
0x1802af430 CreateThread
0x1802af438 GetCurrentThreadId
0x1802af440 RaiseException
0x1802af448 SuspendThread
0x1802af450 ReadFile
0x1802af458 WriteFile
0x1802af460 PeekNamedPipe
0x1802af468 GetOverlappedResult
0x1802af470 GetSystemTimeAsFileTime
0x1802af478 InitializeCriticalSection
0x1802af480 EnterCriticalSection
0x1802af488 LeaveCriticalSection
0x1802af490 InitializeCriticalSectionAndSpinCount
0x1802af498 TryEnterCriticalSection
0x1802af4a0 DeleteCriticalSection
0x1802af4a8 MultiByteToWideChar
0x1802af4b0 WideCharToMultiByte
0x1802af4b8 SetLastError
0x1802af4c0 QueryDepthSList
0x1802af4c8 InterlockedFlushSList
0x1802af4d0 InterlockedPushEntrySList
0x1802af4d8 InterlockedPopEntrySList
0x1802af4e0 ReleaseSemaphore
0x1802af4e8 SetProcessAffinityMask
0x1802af4f0 HeapAlloc
0x1802af4f8 CreateProcessW
0x1802af500 FormatMessageW
0x1802af508 DuplicateHandle
0x1802af510 WaitForSingleObjectEx
0x1802af518 SwitchToThread
0x1802af520 GetCurrentThread
0x1802af528 GetExitCodeThread
0x1802af530 RtlPcToFileHeader
0x1802af538 EncodePointer
0x1802af540 DecodePointer
0x1802af548 GetStringTypeW
0x1802af550 TlsAlloc
0x1802af558 TlsGetValue
0x1802af560 TlsSetValue
0x1802af568 TlsFree
0x1802af570 GetCPInfo
0x1802af578 QueryPerformanceCounter
0x1802af580 QueryPerformanceFrequency
0x1802af588 CompareStringW
0x1802af590 LCMapStringW
0x1802af598 RtlCaptureContext
0x1802af5a0 RtlLookupFunctionEntry
0x1802af5a8 RtlVirtualUnwind
0x1802af5b0 IsDebuggerPresent
0x1802af5b8 UnhandledExceptionFilter
0x1802af5c0 SetUnhandledExceptionFilter
0x1802af5c8 GetStartupInfoW
0x1802af5d0 IsProcessorFeaturePresent
0x1802af5d8 InitializeSListHead
0x1802af5e0 CreateTimerQueue
0x1802af5e8 SignalObjectAndWait
0x1802af5f0 SetThreadPriority
0x1802af5f8 GetThreadPriority
0x1802af600 GetLogicalProcessorInformation
0x1802af608 CreateTimerQueueTimer
0x1802af610 ChangeTimerQueueTimer
0x1802af618 DeleteTimerQueueTimer
0x1802af620 GetNumaHighestNodeNumber
0x1802af628 GetProcessAffinityMask
0x1802af630 SetThreadAffinityMask
0x1802af638 RegisterWaitForSingleObject
0x1802af640 UnregisterWait
0x1802af648 OutputDebugStringW
0x1802af650 GetThreadTimes
0x1802af658 FreeLibrary
0x1802af660 FreeLibraryAndExitThread
0x1802af668 LoadLibraryExW
0x1802af670 VirtualAlloc
0x1802af678 VirtualProtect
0x1802af680 VirtualFree
0x1802af688 RtlUnwind
ole32.dll
0x1802af808 CoInitializeEx
0x1802af810 CoCreateInstance
0x1802af818 CoInitialize
0x1802af820 CoUninitialize
COMDLG32.dll
0x1802af0a0 GetSaveFileNameW
EAT(Export Address Table) Library
0x18000d450 ??0OrbitSession@orbitdll@mg@@QEAA@XZ
0x18000d4a0 ??1OrbitSession@orbitdll@mg@@QEAA@XZ
0x18000d4e0 ?CheckUpdate@OrbitSession@orbitdll@mg@@QEAAHXZ
0x18000cc20 ?Close@SavegameReader@orbitdll@mg@@QEAAXXZ
0x18000cc60 ?Close@SavegameWriter@orbitdll@mg@@QEAAX_N@Z
0x18000d500 ?GetLocText@OrbitSession@orbitdll@mg@@QEAAPEBGPEBGPEBD@Z
0x18000d510 ?GetLoginDetails@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetLoginDetailsListener@23@@Z
0x18000cca0 ?GetName@SavegameInfo@orbitdll@mg@@QEAAPEBGXZ
0x18000d520 ?GetNetworkTraffic@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetNetworkTrafficListener@23@@Z
0x18000d530 ?GetOrbitServer@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetOrbitServerListener@23@II@Z
0x18000d550 ?GetRequestUniqueId@OrbitSession@orbitdll@mg@@QEAAIXZ
0x18000ce20 ?GetSavegameId@SavegameInfo@orbitdll@mg@@QEAAIXZ
0x18000d560 ?GetSavegameList@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetSavegameListListener@23@I@Z
0x18000d570 ?GetSavegameReader@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetSavegameReaderListener@23@II@Z
0x18000d590 ?GetSavegameWriter@OrbitSession@orbitdll@mg@@QEAAXIPEAVIGetSavegameWriterListener@23@II_N@Z
0x18000cfa0 ?GetSize@SavegameInfo@orbitdll@mg@@QEAAIXZ
0x18000d120 ?GetUplayId@SavegameInfo@orbitdll@mg@@QEAAIXZ
0x18000d2c0 ?Read@SavegameReader@orbitdll@mg@@QEAAXIPEAVISavegameReadListener@23@IPEAXI@Z
0x18000d5b0 ?RemoveSavegame@OrbitSession@orbitdll@mg@@QEAAXIPEAVIRemoveSavegameListener@23@II@Z
0x18000d2f0 ?SetName@SavegameWriter@orbitdll@mg@@QEAA_NPEAG@Z
0x18000d5d0 ?StartLauncher@OrbitSession@orbitdll@mg@@QEAA_NIIPEBD0@Z
0x18000d5e0 ?StartProcess@OrbitSession@orbitdll@mg@@QEAAXPEBG00@Z
0x18000d5f0 ?Update@OrbitSession@orbitdll@mg@@QEAAXXZ
0x18000d380 ?Write@SavegameWriter@orbitdll@mg@@QEAAXIPEAVISavegameWriteListener@23@PEAXI@Z
0x18000d600 MgOrbitdllCheckUpdate
0x18000d760 MgOrbitdllGetFakeSession
0x18000d8b0 MgOrbitdllGetLocText
0x18000da20 MgOrbitdllGetLoginDetails
0x18000db90 MgOrbitdllGetNetworkTraffic
0x18000dd00 MgOrbitdllGetOrbitServer
0x18000de90 MgOrbitdllGetRequestUniqueId
0x18000dff0 MgOrbitdllGetSavegameList
0x18000e180 MgOrbitdllGetSavegameReader
0x18000e310 MgOrbitdllGetSavegameWriter
0x18000e4b0 MgOrbitdllGetSession
0x18000e4e0 MgOrbitdllRemoveSavegame
0x18000e670 MgOrbitdllSaveGameInfoGetName
0x18000e7d0 MgOrbitdllSaveGameInfoGetProductId
0x18000e930 MgOrbitdllSaveGameInfoGetSavegameId
0x18000ea90 MgOrbitdllSaveGameInfoGetSize
0x18000ebf0 MgOrbitdllSaveGameReaderClose
0x18000ed50 MgOrbitdllSaveGameReaderRead
0x18000eef0 MgOrbitdllSaveGameWriterClose
0x18000f070 MgOrbitdllSaveGameWriterSetName
0x18000f1f0 MgOrbitdllSaveGameWriterWrite
0x18000f380 MgOrbitdllStartLauncher
0x18000f510 MgOrbitdllStartProcess
0x18000f690 MgOrbitdllUpdate