ScreenShot
| Created | 2023.07.10 07:52 | Machine | s1_win7_x6403 |
| Filename | 123.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | 791545e6e3c5eb61dd12ccfbae1b9982 | ||
| sha256 | b7edc54e6b42ca1cda290ce8cacfecaac6dbcc8c14631bc20fb184a6309c1824 | ||
| ssdeep | 6144:3s1TRhWEO9O0eZuZVw7zjaeGxGzU5Kg3HZZ4GtA9XIavGNm:3s1viA0+uZVwXjaeGEzU5fmLGN | ||
| imphash | d73e39dab3c8b57aa408073d01254964 | ||
| impfuzzy | 96:aB1KWMRPNVXby5NOhLTl1yFI48XR4UpEp3ClbDpzIkKNhCPGzAthdg8TKeq8RjAW:aBkWI/y8L5148h4+O3CV25X8B+IMs02p | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
api-ms-win-crt-string-l1-1-0.dll
0x1400373a0 wcscmp
0x1400373a8 wcsncmp
0x1400373b0 memset
0x1400373b8 wcsspn
api-ms-win-crt-time-l1-1-0.dll
0x1400373c8 _time32
api-ms-win-crt-runtime-l1-1-0.dll
0x140037378 _initterm
0x140037380 _initterm_e
0x140037388 _register_thread_local_exe_atexit_callback
0x140037390 _c_exit
api-ms-win-crt-private-l1-1-0.dll
0x1400370f0 _o__get_initial_narrow_environment
0x1400370f8 _o__get_osfhandle
0x140037100 _o__getch
0x140037108 _o__initialize_narrow_environment
0x140037110 _o__initialize_onexit_table
0x140037118 _o__invalid_parameter_noinfo
0x140037120 _o__open_osfhandle
0x140037128 _o__pclose
0x140037130 _o__pipe
0x140037138 _o__purecall
0x140037140 _o__register_onexit_function
0x140037148 _o__seh_filter_exe
0x140037150 _o__set_app_type
0x140037158 _o__set_fmode
0x140037160 _o__set_new_mode
0x140037168 _o__setmode
0x140037170 _o__tell
0x140037178 _o__ultoa
0x140037180 _o__ultoa_s
0x140037188 __intrinsic_setjmp
0x140037190 _o__wcsicmp
0x140037198 _o__wcslwr
0x1400371a0 _o__wcsnicmp
0x1400371a8 _o__wcsupr
0x1400371b0 _o__wpopen
0x1400371b8 _o__wtol
0x1400371c0 _o_calloc
0x1400371c8 _o_exit
0x1400371d0 _o_feof
0x1400371d8 _o_ferror
0x1400371e0 _o_fflush
0x1400371e8 _o_fgets
0x1400371f0 _o_free
0x1400371f8 _o_iswalpha
0x140037200 _o_iswdigit
0x140037208 _o_iswspace
0x140037210 _o_iswxdigit
0x140037218 _o_malloc
0x140037220 _o_qsort
0x140037228 _o_rand
0x140037230 _o_realloc
0x140037238 _o_setlocale
0x140037240 _o_srand
0x140037248 _o_terminate
0x140037250 _o_towlower
0x140037258 _o_towupper
0x140037260 _o_wcstol
0x140037268 _o_wcstoul
0x140037270 __CxxFrameHandler3
0x140037278 __current_exception
0x140037280 __current_exception_context
0x140037288 _CxxThrowException
0x140037290 _o__exit
0x140037298 _o__errno
0x1400372a0 _o__dup2
0x1400372a8 _o__dup
0x1400372b0 _o__crt_atexit
0x1400372b8 _o__configure_narrow_argv
0x1400372c0 _o__configthreadlocale
0x1400372c8 _o__close
0x1400372d0 _o__cexit
0x1400372d8 _o__callnewh
0x1400372e0 _o___stdio_common_vswscanf
0x1400372e8 _o___stdio_common_vswprintf
0x1400372f0 _o___stdio_common_vfprintf
0x1400372f8 _o___std_exception_destroy
0x140037300 _o___std_exception_copy
0x140037308 _o___p__commode
0x140037310 _o___p___argv
0x140037318 _o___p___argc
0x140037320 _o___acrt_iob_func
0x140037328 wcsstr
0x140037330 wcsrchr
0x140037338 wcschr
0x140037340 longjmp
0x140037348 __C_specific_handler
0x140037350 _local_unwind
0x140037358 memcmp
0x140037360 memcpy
0x140037368 memmove
ntdll.dll
0x1400373f8 RtlCreateUnicodeStringFromAsciiz
0x140037400 RtlDosPathNameToNtPathName_U
0x140037408 NtOpenProcessToken
0x140037410 NtQueryInformationToken
0x140037418 NtCancelSynchronousIoFile
0x140037420 NtOpenThreadToken
0x140037428 RtlNtStatusToDosError
0x140037430 NtQueryInformationProcess
0x140037438 NtFsControlFile
0x140037440 NtSetInformationProcess
0x140037448 RtlFreeHeap
0x140037450 NtQueryVolumeInformationFile
0x140037458 NtSetInformationFile
0x140037460 RtlDosPathNameToRelativeNtPathName_U_WithStatus
0x140037468 RtlCaptureContext
0x140037470 RtlLookupFunctionEntry
0x140037478 RtlVirtualUnwind
0x140037480 NtOpenFile
0x140037488 RtlReleaseRelativeName
0x140037490 RtlFreeUnicodeString
0x140037498 NtClose
0x1400374a0 RtlFindLeastSignificantBit
api-ms-win-core-libraryloader-l1-2-0.dll
0x140036da8 LoadLibraryExW
0x140036db0 GetModuleFileNameA
0x140036db8 GetModuleHandleW
0x140036dc0 GetModuleHandleExW
0x140036dc8 GetModuleFileNameW
0x140036dd0 GetProcAddress
api-ms-win-core-synch-l1-1-0.dll
0x140036fd0 ReleaseSRWLockShared
0x140036fd8 CreateSemaphoreExW
0x140036fe0 EnterCriticalSection
0x140036fe8 ReleaseSemaphore
0x140036ff0 LeaveCriticalSection
0x140036ff8 InitializeCriticalSectionEx
0x140037000 InitializeCriticalSection
0x140037008 TryAcquireSRWLockExclusive
0x140037010 WaitForSingleObject
0x140037018 ReleaseMutex
0x140037020 ReleaseSRWLockExclusive
0x140037028 AcquireSRWLockExclusive
0x140037030 DeleteCriticalSection
0x140037038 AcquireSRWLockShared
0x140037040 CreateMutexExW
0x140037048 WaitForSingleObjectEx
0x140037050 OpenSemaphoreW
api-ms-win-core-heap-l1-1-0.dll
0x140036d30 HeapSize
0x140036d38 HeapReAlloc
0x140036d40 HeapSetInformation
0x140036d48 HeapAlloc
0x140036d50 HeapFree
0x140036d58 GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0.dll
0x140036bc8 SetUnhandledExceptionFilter
0x140036bd0 UnhandledExceptionFilter
0x140036bd8 SetErrorMode
0x140036be0 SetLastError
0x140036be8 GetLastError
api-ms-win-core-threadpool-l1-2-0.dll
0x1400370b0 CreateThreadpoolTimer
0x1400370b8 CloseThreadpoolTimer
0x1400370c0 WaitForThreadpoolTimerCallbacks
0x1400370c8 SetThreadpoolTimer
api-ms-win-core-processthreads-l1-1-0.dll
0x140036ed0 DeleteProcThreadAttributeList
0x140036ed8 GetCurrentProcessId
0x140036ee0 GetStartupInfoW
0x140036ee8 CreateProcessAsUserW
0x140036ef0 CreateProcessW
0x140036ef8 UpdateProcThreadAttribute
0x140036f00 GetCurrentProcess
0x140036f08 ResumeThread
0x140036f10 GetCurrentThreadId
0x140036f18 GetExitCodeProcess
0x140036f20 TerminateProcess
0x140036f28 InitializeProcThreadAttributeList
0x140036f30 OpenThread
api-ms-win-core-localization-l1-2-0.dll
0x140036de0 SetThreadLocale
0x140036de8 FormatMessageW
0x140036df0 GetCPInfo
0x140036df8 GetThreadLocale
0x140036e00 GetLocaleInfoW
0x140036e08 GetACP
0x140036e10 GetUserDefaultLCID
api-ms-win-core-debug-l1-1-0.dll
0x140036b88 DebugBreak
0x140036b90 OutputDebugStringW
0x140036b98 IsDebuggerPresent
api-ms-win-core-handle-l1-1-0.dll
0x140036d18 CloseHandle
0x140036d20 DuplicateHandle
api-ms-win-core-memory-l1-1-0.dll
0x140036e20 VirtualAlloc
0x140036e28 ReadProcessMemory
0x140036e30 VirtualQuery
0x140036e38 VirtualFree
api-ms-win-core-console-l1-1-0.dll
0x140036ad0 GetConsoleOutputCP
0x140036ad8 GetConsoleMode
0x140036ae0 SetConsoleCtrlHandler
0x140036ae8 ReadConsoleW
0x140036af0 WriteConsoleW
0x140036af8 SetConsoleMode
api-ms-win-core-file-l1-1-0.dll
0x140036bf8 FindNextFileW
0x140036c00 SetFileTime
0x140036c08 DeleteFileW
0x140036c10 CreateFileW
0x140036c18 SetFileAttributesW
0x140036c20 GetFileSize
0x140036c28 CreateDirectoryW
0x140036c30 FindClose
0x140036c38 FindFirstFileW
0x140036c40 GetFullPathNameW
0x140036c48 ReadFile
0x140036c50 FlushFileBuffers
0x140036c58 SetFilePointer
0x140036c60 RemoveDirectoryW
0x140036c68 CompareFileTime
0x140036c70 FindFirstFileExW
0x140036c78 GetVolumePathNameW
0x140036c80 SetEndOfFile
0x140036c88 GetFileAttributesW
0x140036c90 GetFileAttributesExW
0x140036c98 GetDriveTypeW
0x140036ca0 GetFileType
0x140036ca8 GetDiskFreeSpaceExW
0x140036cb0 FileTimeToLocalFileTime
0x140036cb8 GetVolumeInformationW
0x140036cc0 WriteFile
0x140036cc8 SetFilePointerEx
api-ms-win-core-string-l1-1-0.dll
0x140036fb8 WideCharToMultiByte
0x140036fc0 MultiByteToWideChar
api-ms-win-core-processenvironment-l1-1-0.dll
0x140036e60 SearchPathW
0x140036e68 GetEnvironmentVariableW
0x140036e70 SetCurrentDirectoryW
0x140036e78 GetEnvironmentStringsW
0x140036e80 ExpandEnvironmentStringsW
0x140036e88 FreeEnvironmentStringsW
0x140036e90 GetStdHandle
0x140036e98 SetEnvironmentVariableW
0x140036ea0 GetCommandLineW
0x140036ea8 SetEnvironmentStringsW
0x140036eb0 GetCurrentDirectoryW
api-ms-win-core-console-l2-1-0.dll
0x140036b08 FlushConsoleInputBuffer
0x140036b10 SetConsoleCursorPosition
0x140036b18 ScrollConsoleScreenBufferW
0x140036b20 FillConsoleOutputAttribute
0x140036b28 SetConsoleTextAttribute
0x140036b30 GetConsoleScreenBufferInfo
0x140036b38 FillConsoleOutputCharacterW
api-ms-win-security-base-l1-1-0.dll
0x1400373d8 RevertToSelf
0x1400373e0 GetFileSecurityW
0x1400373e8 GetSecurityDescriptorOwner
api-ms-win-core-sysinfo-l1-1-0.dll
0x140037060 GetSystemTimeAsFileTime
0x140037068 GetVersion
0x140037070 SetLocalTime
0x140037078 GetLocalTime
0x140037080 GetSystemTime
0x140037088 GetWindowsDirectoryW
api-ms-win-core-timezone-l1-1-0.dll
0x1400370d8 FileTimeToSystemTime
0x1400370e0 SystemTimeToFileTime
api-ms-win-core-datetime-l1-1-0.dll
0x140036b70 GetTimeFormatW
0x140036b78 GetDateFormatW
api-ms-win-core-systemtopology-l1-1-0.dll
0x140037098 GetNumaNodeProcessorMaskEx
0x1400370a0 GetNumaHighestNodeNumber
api-ms-win-core-console-l2-2-0.dll
0x140036b48 SetConsoleTitleW
0x140036b50 GetConsoleTitleW
api-ms-win-core-processenvironment-l1-2-0.dll
0x140036ec0 NeedCurrentDirectoryForExePathW
api-ms-win-core-registry-l1-1-0.dll
0x140036f70 RegCloseKey
0x140036f78 RegQueryValueExW
0x140036f80 RegDeleteValueW
0x140036f88 RegCreateKeyExW
0x140036f90 RegDeleteKeyExW
0x140036f98 RegOpenKeyExW
0x140036fa0 RegSetValueExW
0x140036fa8 RegEnumKeyExW
api-ms-win-core-file-l2-1-0.dll
0x140036cd8 CreateHardLinkW
0x140036ce0 GetFileInformationByHandleEx
0x140036ce8 CreateSymbolicLinkW
0x140036cf0 MoveFileExW
0x140036cf8 MoveFileWithProgressW
api-ms-win-core-heap-l2-1-0.dll
0x140036d68 GlobalFree
0x140036d70 GlobalAlloc
0x140036d78 LocalFree
api-ms-win-core-file-l2-1-2.dll
0x140036d08 CopyFileW
api-ms-win-core-io-l1-1-0.dll
0x140036d98 DeviceIoControl
api-ms-win-core-console-l3-2-0.dll
0x140036b60 GetConsoleWindow
api-ms-win-core-processtopology-l1-1-0.dll
0x140036f50 GetThreadGroupAffinity
api-ms-win-core-processthreads-l1-1-1.dll
0x140036f40 IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0.dll
0x140036f60 QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0.dll
0x140036d88 InitializeSListHead
api-ms-win-core-misc-l1-1-0.dll
0x140036e48 lstrcmpW
0x140036e50 lstrcmpiW
api-ms-win-core-apiquery-l1-1-0.dll
0x140036ac0 ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1.dll
0x140036bb8 ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0.dll
0x140036ba8 DelayLoadFailureHook
EAT(Export Address Table) is none
api-ms-win-crt-string-l1-1-0.dll
0x1400373a0 wcscmp
0x1400373a8 wcsncmp
0x1400373b0 memset
0x1400373b8 wcsspn
api-ms-win-crt-time-l1-1-0.dll
0x1400373c8 _time32
api-ms-win-crt-runtime-l1-1-0.dll
0x140037378 _initterm
0x140037380 _initterm_e
0x140037388 _register_thread_local_exe_atexit_callback
0x140037390 _c_exit
api-ms-win-crt-private-l1-1-0.dll
0x1400370f0 _o__get_initial_narrow_environment
0x1400370f8 _o__get_osfhandle
0x140037100 _o__getch
0x140037108 _o__initialize_narrow_environment
0x140037110 _o__initialize_onexit_table
0x140037118 _o__invalid_parameter_noinfo
0x140037120 _o__open_osfhandle
0x140037128 _o__pclose
0x140037130 _o__pipe
0x140037138 _o__purecall
0x140037140 _o__register_onexit_function
0x140037148 _o__seh_filter_exe
0x140037150 _o__set_app_type
0x140037158 _o__set_fmode
0x140037160 _o__set_new_mode
0x140037168 _o__setmode
0x140037170 _o__tell
0x140037178 _o__ultoa
0x140037180 _o__ultoa_s
0x140037188 __intrinsic_setjmp
0x140037190 _o__wcsicmp
0x140037198 _o__wcslwr
0x1400371a0 _o__wcsnicmp
0x1400371a8 _o__wcsupr
0x1400371b0 _o__wpopen
0x1400371b8 _o__wtol
0x1400371c0 _o_calloc
0x1400371c8 _o_exit
0x1400371d0 _o_feof
0x1400371d8 _o_ferror
0x1400371e0 _o_fflush
0x1400371e8 _o_fgets
0x1400371f0 _o_free
0x1400371f8 _o_iswalpha
0x140037200 _o_iswdigit
0x140037208 _o_iswspace
0x140037210 _o_iswxdigit
0x140037218 _o_malloc
0x140037220 _o_qsort
0x140037228 _o_rand
0x140037230 _o_realloc
0x140037238 _o_setlocale
0x140037240 _o_srand
0x140037248 _o_terminate
0x140037250 _o_towlower
0x140037258 _o_towupper
0x140037260 _o_wcstol
0x140037268 _o_wcstoul
0x140037270 __CxxFrameHandler3
0x140037278 __current_exception
0x140037280 __current_exception_context
0x140037288 _CxxThrowException
0x140037290 _o__exit
0x140037298 _o__errno
0x1400372a0 _o__dup2
0x1400372a8 _o__dup
0x1400372b0 _o__crt_atexit
0x1400372b8 _o__configure_narrow_argv
0x1400372c0 _o__configthreadlocale
0x1400372c8 _o__close
0x1400372d0 _o__cexit
0x1400372d8 _o__callnewh
0x1400372e0 _o___stdio_common_vswscanf
0x1400372e8 _o___stdio_common_vswprintf
0x1400372f0 _o___stdio_common_vfprintf
0x1400372f8 _o___std_exception_destroy
0x140037300 _o___std_exception_copy
0x140037308 _o___p__commode
0x140037310 _o___p___argv
0x140037318 _o___p___argc
0x140037320 _o___acrt_iob_func
0x140037328 wcsstr
0x140037330 wcsrchr
0x140037338 wcschr
0x140037340 longjmp
0x140037348 __C_specific_handler
0x140037350 _local_unwind
0x140037358 memcmp
0x140037360 memcpy
0x140037368 memmove
ntdll.dll
0x1400373f8 RtlCreateUnicodeStringFromAsciiz
0x140037400 RtlDosPathNameToNtPathName_U
0x140037408 NtOpenProcessToken
0x140037410 NtQueryInformationToken
0x140037418 NtCancelSynchronousIoFile
0x140037420 NtOpenThreadToken
0x140037428 RtlNtStatusToDosError
0x140037430 NtQueryInformationProcess
0x140037438 NtFsControlFile
0x140037440 NtSetInformationProcess
0x140037448 RtlFreeHeap
0x140037450 NtQueryVolumeInformationFile
0x140037458 NtSetInformationFile
0x140037460 RtlDosPathNameToRelativeNtPathName_U_WithStatus
0x140037468 RtlCaptureContext
0x140037470 RtlLookupFunctionEntry
0x140037478 RtlVirtualUnwind
0x140037480 NtOpenFile
0x140037488 RtlReleaseRelativeName
0x140037490 RtlFreeUnicodeString
0x140037498 NtClose
0x1400374a0 RtlFindLeastSignificantBit
api-ms-win-core-libraryloader-l1-2-0.dll
0x140036da8 LoadLibraryExW
0x140036db0 GetModuleFileNameA
0x140036db8 GetModuleHandleW
0x140036dc0 GetModuleHandleExW
0x140036dc8 GetModuleFileNameW
0x140036dd0 GetProcAddress
api-ms-win-core-synch-l1-1-0.dll
0x140036fd0 ReleaseSRWLockShared
0x140036fd8 CreateSemaphoreExW
0x140036fe0 EnterCriticalSection
0x140036fe8 ReleaseSemaphore
0x140036ff0 LeaveCriticalSection
0x140036ff8 InitializeCriticalSectionEx
0x140037000 InitializeCriticalSection
0x140037008 TryAcquireSRWLockExclusive
0x140037010 WaitForSingleObject
0x140037018 ReleaseMutex
0x140037020 ReleaseSRWLockExclusive
0x140037028 AcquireSRWLockExclusive
0x140037030 DeleteCriticalSection
0x140037038 AcquireSRWLockShared
0x140037040 CreateMutexExW
0x140037048 WaitForSingleObjectEx
0x140037050 OpenSemaphoreW
api-ms-win-core-heap-l1-1-0.dll
0x140036d30 HeapSize
0x140036d38 HeapReAlloc
0x140036d40 HeapSetInformation
0x140036d48 HeapAlloc
0x140036d50 HeapFree
0x140036d58 GetProcessHeap
api-ms-win-core-errorhandling-l1-1-0.dll
0x140036bc8 SetUnhandledExceptionFilter
0x140036bd0 UnhandledExceptionFilter
0x140036bd8 SetErrorMode
0x140036be0 SetLastError
0x140036be8 GetLastError
api-ms-win-core-threadpool-l1-2-0.dll
0x1400370b0 CreateThreadpoolTimer
0x1400370b8 CloseThreadpoolTimer
0x1400370c0 WaitForThreadpoolTimerCallbacks
0x1400370c8 SetThreadpoolTimer
api-ms-win-core-processthreads-l1-1-0.dll
0x140036ed0 DeleteProcThreadAttributeList
0x140036ed8 GetCurrentProcessId
0x140036ee0 GetStartupInfoW
0x140036ee8 CreateProcessAsUserW
0x140036ef0 CreateProcessW
0x140036ef8 UpdateProcThreadAttribute
0x140036f00 GetCurrentProcess
0x140036f08 ResumeThread
0x140036f10 GetCurrentThreadId
0x140036f18 GetExitCodeProcess
0x140036f20 TerminateProcess
0x140036f28 InitializeProcThreadAttributeList
0x140036f30 OpenThread
api-ms-win-core-localization-l1-2-0.dll
0x140036de0 SetThreadLocale
0x140036de8 FormatMessageW
0x140036df0 GetCPInfo
0x140036df8 GetThreadLocale
0x140036e00 GetLocaleInfoW
0x140036e08 GetACP
0x140036e10 GetUserDefaultLCID
api-ms-win-core-debug-l1-1-0.dll
0x140036b88 DebugBreak
0x140036b90 OutputDebugStringW
0x140036b98 IsDebuggerPresent
api-ms-win-core-handle-l1-1-0.dll
0x140036d18 CloseHandle
0x140036d20 DuplicateHandle
api-ms-win-core-memory-l1-1-0.dll
0x140036e20 VirtualAlloc
0x140036e28 ReadProcessMemory
0x140036e30 VirtualQuery
0x140036e38 VirtualFree
api-ms-win-core-console-l1-1-0.dll
0x140036ad0 GetConsoleOutputCP
0x140036ad8 GetConsoleMode
0x140036ae0 SetConsoleCtrlHandler
0x140036ae8 ReadConsoleW
0x140036af0 WriteConsoleW
0x140036af8 SetConsoleMode
api-ms-win-core-file-l1-1-0.dll
0x140036bf8 FindNextFileW
0x140036c00 SetFileTime
0x140036c08 DeleteFileW
0x140036c10 CreateFileW
0x140036c18 SetFileAttributesW
0x140036c20 GetFileSize
0x140036c28 CreateDirectoryW
0x140036c30 FindClose
0x140036c38 FindFirstFileW
0x140036c40 GetFullPathNameW
0x140036c48 ReadFile
0x140036c50 FlushFileBuffers
0x140036c58 SetFilePointer
0x140036c60 RemoveDirectoryW
0x140036c68 CompareFileTime
0x140036c70 FindFirstFileExW
0x140036c78 GetVolumePathNameW
0x140036c80 SetEndOfFile
0x140036c88 GetFileAttributesW
0x140036c90 GetFileAttributesExW
0x140036c98 GetDriveTypeW
0x140036ca0 GetFileType
0x140036ca8 GetDiskFreeSpaceExW
0x140036cb0 FileTimeToLocalFileTime
0x140036cb8 GetVolumeInformationW
0x140036cc0 WriteFile
0x140036cc8 SetFilePointerEx
api-ms-win-core-string-l1-1-0.dll
0x140036fb8 WideCharToMultiByte
0x140036fc0 MultiByteToWideChar
api-ms-win-core-processenvironment-l1-1-0.dll
0x140036e60 SearchPathW
0x140036e68 GetEnvironmentVariableW
0x140036e70 SetCurrentDirectoryW
0x140036e78 GetEnvironmentStringsW
0x140036e80 ExpandEnvironmentStringsW
0x140036e88 FreeEnvironmentStringsW
0x140036e90 GetStdHandle
0x140036e98 SetEnvironmentVariableW
0x140036ea0 GetCommandLineW
0x140036ea8 SetEnvironmentStringsW
0x140036eb0 GetCurrentDirectoryW
api-ms-win-core-console-l2-1-0.dll
0x140036b08 FlushConsoleInputBuffer
0x140036b10 SetConsoleCursorPosition
0x140036b18 ScrollConsoleScreenBufferW
0x140036b20 FillConsoleOutputAttribute
0x140036b28 SetConsoleTextAttribute
0x140036b30 GetConsoleScreenBufferInfo
0x140036b38 FillConsoleOutputCharacterW
api-ms-win-security-base-l1-1-0.dll
0x1400373d8 RevertToSelf
0x1400373e0 GetFileSecurityW
0x1400373e8 GetSecurityDescriptorOwner
api-ms-win-core-sysinfo-l1-1-0.dll
0x140037060 GetSystemTimeAsFileTime
0x140037068 GetVersion
0x140037070 SetLocalTime
0x140037078 GetLocalTime
0x140037080 GetSystemTime
0x140037088 GetWindowsDirectoryW
api-ms-win-core-timezone-l1-1-0.dll
0x1400370d8 FileTimeToSystemTime
0x1400370e0 SystemTimeToFileTime
api-ms-win-core-datetime-l1-1-0.dll
0x140036b70 GetTimeFormatW
0x140036b78 GetDateFormatW
api-ms-win-core-systemtopology-l1-1-0.dll
0x140037098 GetNumaNodeProcessorMaskEx
0x1400370a0 GetNumaHighestNodeNumber
api-ms-win-core-console-l2-2-0.dll
0x140036b48 SetConsoleTitleW
0x140036b50 GetConsoleTitleW
api-ms-win-core-processenvironment-l1-2-0.dll
0x140036ec0 NeedCurrentDirectoryForExePathW
api-ms-win-core-registry-l1-1-0.dll
0x140036f70 RegCloseKey
0x140036f78 RegQueryValueExW
0x140036f80 RegDeleteValueW
0x140036f88 RegCreateKeyExW
0x140036f90 RegDeleteKeyExW
0x140036f98 RegOpenKeyExW
0x140036fa0 RegSetValueExW
0x140036fa8 RegEnumKeyExW
api-ms-win-core-file-l2-1-0.dll
0x140036cd8 CreateHardLinkW
0x140036ce0 GetFileInformationByHandleEx
0x140036ce8 CreateSymbolicLinkW
0x140036cf0 MoveFileExW
0x140036cf8 MoveFileWithProgressW
api-ms-win-core-heap-l2-1-0.dll
0x140036d68 GlobalFree
0x140036d70 GlobalAlloc
0x140036d78 LocalFree
api-ms-win-core-file-l2-1-2.dll
0x140036d08 CopyFileW
api-ms-win-core-io-l1-1-0.dll
0x140036d98 DeviceIoControl
api-ms-win-core-console-l3-2-0.dll
0x140036b60 GetConsoleWindow
api-ms-win-core-processtopology-l1-1-0.dll
0x140036f50 GetThreadGroupAffinity
api-ms-win-core-processthreads-l1-1-1.dll
0x140036f40 IsProcessorFeaturePresent
api-ms-win-core-profile-l1-1-0.dll
0x140036f60 QueryPerformanceCounter
api-ms-win-core-interlocked-l1-1-0.dll
0x140036d88 InitializeSListHead
api-ms-win-core-misc-l1-1-0.dll
0x140036e48 lstrcmpW
0x140036e50 lstrcmpiW
api-ms-win-core-apiquery-l1-1-0.dll
0x140036ac0 ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1.dll
0x140036bb8 ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0.dll
0x140036ba8 DelayLoadFailureHook
EAT(Export Address Table) is none