ScreenShot
| Created | 2023.10.12 07:47 | Machine | s1_win7_x6403 |
| Filename | random.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 16 detected (AIDetectMalware, malicious, high confidence, Lazy, Kryptik, MalwareX, ai score=86, Wacatac, Sabsik, GenKryptik, GMLB) | ||
| md5 | c47b267a11aaf34abcf7ceec04e629c1 | ||
| sha256 | cdd242949c27e36165097665a7c381247579401853b06e88d2e430b55e115105 | ||
| ssdeep | 49152:rxjExlHWRF3fK9D+dXbk9BDkIG3uhgFt6kppmmSkHpf:rwloVT3zmil | ||
| imphash | 8b609662a1bb2ab7e471e49c70dcc22f | ||
| impfuzzy | 96:AZZ0HKymk9uiYlJcxNVXA/eQh5ja9VmH1PXK9X1droRqzvxrsXCtuWDyqdL8WWqi:AZZpymviBjVSt69Fdr0MsyPgWWqy1T | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 16 AntiVirus engines on VirusTotal as malicious |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x14022d000 EventActivityIdControl
0x14022d008 EnumerateTraceGuidsEx
0x14022d010 EventSetInformation
0x14022d018 EventUnregister
0x14022d020 RegCloseKey
0x14022d028 EventRegister
0x14022d030 EventWriteTransfer
0x14022d038 RegEnumKeyExW
0x14022d040 RegEnumValueW
0x14022d048 RegOpenKeyExW
0x14022d050 RegQueryValueExW
0x14022d058 OpenProcessToken
0x14022d060 GetTokenInformation
0x14022d068 DuplicateTokenEx
0x14022d070 OpenThreadToken
0x14022d078 RevertToSelf
0x14022d080 ImpersonateLoggedOnUser
0x14022d088 CheckTokenMembership
0x14022d090 LookupPrivilegeValueW
0x14022d098 AdjustTokenPrivileges
0x14022d0a0 RegCreateKeyExW
0x14022d0a8 RegDeleteValueW
0x14022d0b0 RegSetValueExW
0x14022d0b8 EventWrite
0x14022d0c0 EventEnabled
ncrypt.dll
0x14022d818 BCryptCloseAlgorithmProvider
0x14022d820 BCryptSetProperty
0x14022d828 BCryptOpenAlgorithmProvider
0x14022d830 BCryptDestroyKey
0x14022d838 BCryptDecrypt
0x14022d840 BCryptImportKey
0x14022d848 BCryptEncrypt
0x14022d850 BCryptGenRandom
KERNEL32.dll
0x14022d0d0 TlsFree
0x14022d0d8 TlsSetValue
0x14022d0e0 TlsGetValue
0x14022d0e8 TlsAlloc
0x14022d0f0 InitializeCriticalSectionAndSpinCount
0x14022d0f8 EncodePointer
0x14022d100 RaiseException
0x14022d108 RtlPcToFileHeader
0x14022d110 CloseThreadpoolIo
0x14022d118 ExitProcess
0x14022d120 GetCurrentProcessId
0x14022d128 MultiByteToWideChar
0x14022d130 GetStdHandle
0x14022d138 TzSpecificLocalTimeToSystemTime
0x14022d140 SystemTimeToFileTime
0x14022d148 FileTimeToSystemTime
0x14022d150 GetSystemTime
0x14022d158 GetCalendarInfoEx
0x14022d160 CompareStringOrdinal
0x14022d168 CompareStringEx
0x14022d170 FindNLSStringEx
0x14022d178 GetLocaleInfoEx
0x14022d180 ResolveLocaleName
0x14022d188 LCIDToLocaleName
0x14022d190 GetUserPreferredUILanguages
0x14022d198 FindStringOrdinal
0x14022d1a0 GetTickCount64
0x14022d1a8 GetCurrentProcessorNumber
0x14022d1b0 GetCurrentProcess
0x14022d1b8 GetCurrentThread
0x14022d1c0 WaitForSingleObject
0x14022d1c8 Sleep
0x14022d1d0 CreateThreadpoolWork
0x14022d1d8 CloseThreadpoolWork
0x14022d1e0 SubmitThreadpoolWork
0x14022d1e8 CreateThreadpoolWait
0x14022d1f0 SetThreadpoolWait
0x14022d1f8 WaitForThreadpoolWaitCallbacks
0x14022d200 CloseThreadpoolWait
0x14022d208 InitializeCriticalSection
0x14022d210 InitializeConditionVariable
0x14022d218 DeleteCriticalSection
0x14022d220 LocalFree
0x14022d228 EnterCriticalSection
0x14022d230 SleepConditionVariableCS
0x14022d238 LeaveCriticalSection
0x14022d240 WakeConditionVariable
0x14022d248 WaitForMultipleObjectsEx
0x14022d250 GetLastError
0x14022d258 SetLastError
0x14022d260 GetFullPathNameW
0x14022d268 GetLongPathNameW
0x14022d270 WideCharToMultiByte
0x14022d278 LocalAlloc
0x14022d280 GetConsoleOutputCP
0x14022d288 GetProcAddress
0x14022d290 RaiseFailFastException
0x14022d298 CreateThreadpoolIo
0x14022d2a0 StartThreadpoolIo
0x14022d2a8 CancelThreadpoolIo
0x14022d2b0 LocaleNameToLCID
0x14022d2b8 LCMapStringEx
0x14022d2c0 EnumTimeFormatsEx
0x14022d2c8 EnumCalendarInfoExEx
0x14022d2d0 CopyFileExW
0x14022d2d8 CreateFileW
0x14022d2e0 DeleteFileW
0x14022d2e8 DeviceIoControl
0x14022d2f0 ExpandEnvironmentStringsW
0x14022d2f8 FindClose
0x14022d300 FindFirstFileExW
0x14022d308 FlushFileBuffers
0x14022d310 FreeLibrary
0x14022d318 GetCurrentDirectoryW
0x14022d320 GetFileAttributesExW
0x14022d328 GetFileInformationByHandleEx
0x14022d330 GetFileType
0x14022d338 GetModuleFileNameW
0x14022d340 GetOverlappedResult
0x14022d348 GetSystemDirectoryW
0x14022d350 GetTempFileNameW
0x14022d358 LoadLibraryExW
0x14022d360 OutputDebugStringW
0x14022d368 ReadFile
0x14022d370 SetFileInformationByHandle
0x14022d378 SetFilePointerEx
0x14022d380 SetThreadErrorMode
0x14022d388 CreateThread
0x14022d390 ResumeThread
0x14022d398 DuplicateHandle
0x14022d3a0 GetThreadPriority
0x14022d3a8 SetThreadPriority
0x14022d3b0 GetDynamicTimeZoneInformation
0x14022d3b8 GetTimeZoneInformation
0x14022d3c0 WriteFile
0x14022d3c8 CloseHandle
0x14022d3d0 SetEvent
0x14022d3d8 CreateEventExW
0x14022d3e0 GetEnvironmentVariableW
0x14022d3e8 FormatMessageW
0x14022d3f0 K32EnumProcessModulesEx
0x14022d3f8 IsWow64Process
0x14022d400 GetExitCodeProcess
0x14022d408 CreateProcessW
0x14022d410 TerminateProcess
0x14022d418 OpenProcess
0x14022d420 K32EnumProcesses
0x14022d428 K32GetModuleInformation
0x14022d430 K32GetModuleBaseNameW
0x14022d438 K32GetModuleFileNameExW
0x14022d440 GetProcessId
0x14022d448 CreatePipe
0x14022d450 GetCPInfoExW
0x14022d458 GetConsoleCP
0x14022d460 CreateFileA
0x14022d468 HeapFree
0x14022d470 GetProcessHeap
0x14022d478 HeapAlloc
0x14022d480 LoadLibraryA
0x14022d488 VirtualProtect
0x14022d490 VirtualAllocEx
0x14022d498 FlushProcessWriteBuffers
0x14022d4a0 GetCurrentThreadId
0x14022d4a8 QueryPerformanceCounter
0x14022d4b0 QueryPerformanceFrequency
0x14022d4b8 WaitForSingleObjectEx
0x14022d4c0 RtlCaptureContext
0x14022d4c8 RtlRestoreContext
0x14022d4d0 AddVectoredExceptionHandler
0x14022d4d8 FlsAlloc
0x14022d4e0 FlsGetValue
0x14022d4e8 FlsSetValue
0x14022d4f0 CreateEventW
0x14022d4f8 SwitchToThread
0x14022d500 SuspendThread
0x14022d508 GetThreadContext
0x14022d510 SetThreadContext
0x14022d518 FlushInstructionCache
0x14022d520 VirtualAlloc
0x14022d528 VirtualFree
0x14022d530 QueryInformationJobObject
0x14022d538 GetModuleHandleW
0x14022d540 GetModuleHandleExW
0x14022d548 GetProcessAffinityMask
0x14022d550 InitializeContext
0x14022d558 GetEnabledXStateFeatures
0x14022d560 SetXStateFeaturesMask
0x14022d568 VirtualQuery
0x14022d570 InitializeCriticalSectionEx
0x14022d578 GetSystemTimeAsFileTime
0x14022d580 ResetEvent
0x14022d588 DebugBreak
0x14022d590 SleepEx
0x14022d598 GlobalMemoryStatusEx
0x14022d5a0 GetSystemInfo
0x14022d5a8 GetTickCount
0x14022d5b0 GetLogicalProcessorInformation
0x14022d5b8 GetLogicalProcessorInformationEx
0x14022d5c0 GetLargePageMinimum
0x14022d5c8 VirtualUnlock
0x14022d5d0 GetWriteWatch
0x14022d5d8 ResetWriteWatch
0x14022d5e0 VirtualAllocExNuma
0x14022d5e8 IsProcessInJob
0x14022d5f0 GetNumaHighestNodeNumber
0x14022d5f8 GetProcessGroupAffinity
0x14022d600 K32GetProcessMemoryInfo
0x14022d608 RtlUnwindEx
0x14022d610 IsProcessorFeaturePresent
0x14022d618 SetUnhandledExceptionFilter
0x14022d620 UnhandledExceptionFilter
0x14022d628 IsDebuggerPresent
0x14022d630 RtlVirtualUnwind
0x14022d638 RtlLookupFunctionEntry
0x14022d640 InitializeSListHead
0x14022d648 SleepConditionVariableSRW
0x14022d650 WakeAllConditionVariable
0x14022d658 AcquireSRWLockExclusive
0x14022d660 ReleaseSRWLockExclusive
ole32.dll
0x14022d860 CoTaskMemFree
0x14022d868 CoCreateGuid
0x14022d870 CoGetApartmentType
0x14022d878 CoUninitialize
0x14022d880 CoInitializeEx
0x14022d888 CoWaitForMultipleHandles
0x14022d890 CoTaskMemAlloc
USER32.dll
0x14022d670 LoadStringW
api-ms-win-crt-heap-l1-1-0.dll
0x14022d680 _callnewh
0x14022d688 calloc
0x14022d690 malloc
0x14022d698 free
0x14022d6a0 _set_new_mode
api-ms-win-crt-math-l1-1-0.dll
0x14022d6c0 floor
0x14022d6c8 pow
0x14022d6d0 sin
0x14022d6d8 tan
0x14022d6e0 __setusermatherr
0x14022d6e8 cos
0x14022d6f0 modf
0x14022d6f8 ceil
api-ms-win-crt-string-l1-1-0.dll
0x14022d7e0 strncpy_s
0x14022d7e8 _stricmp
0x14022d7f0 strcpy_s
0x14022d7f8 _wcsicmp
0x14022d800 strcmp
0x14022d808 wcsncmp
api-ms-win-crt-runtime-l1-1-0.dll
0x14022d708 _initterm_e
0x14022d710 exit
0x14022d718 _get_initial_wide_environment
0x14022d720 terminate
0x14022d728 _crt_atexit
0x14022d730 _register_onexit_function
0x14022d738 _initialize_onexit_table
0x14022d740 abort
0x14022d748 _initterm
0x14022d750 _initialize_wide_environment
0x14022d758 _configure_wide_argv
0x14022d760 _register_thread_local_exe_atexit_callback
0x14022d768 _c_exit
0x14022d770 _cexit
0x14022d778 __p___wargv
0x14022d780 _set_app_type
0x14022d788 __p___argc
0x14022d790 _seh_filter_exe
0x14022d798 _exit
api-ms-win-crt-stdio-l1-1-0.dll
0x14022d7a8 __stdio_common_vfprintf
0x14022d7b0 __stdio_common_vsscanf
0x14022d7b8 _set_fmode
0x14022d7c0 __p__commode
0x14022d7c8 __acrt_iob_func
0x14022d7d0 __stdio_common_vsprintf_s
api-ms-win-crt-locale-l1-1-0.dll
0x14022d6b0 _configthreadlocale
EAT(Export Address Table) Library
0x140407980 DotNetRuntimeDebugHeader
ADVAPI32.dll
0x14022d000 EventActivityIdControl
0x14022d008 EnumerateTraceGuidsEx
0x14022d010 EventSetInformation
0x14022d018 EventUnregister
0x14022d020 RegCloseKey
0x14022d028 EventRegister
0x14022d030 EventWriteTransfer
0x14022d038 RegEnumKeyExW
0x14022d040 RegEnumValueW
0x14022d048 RegOpenKeyExW
0x14022d050 RegQueryValueExW
0x14022d058 OpenProcessToken
0x14022d060 GetTokenInformation
0x14022d068 DuplicateTokenEx
0x14022d070 OpenThreadToken
0x14022d078 RevertToSelf
0x14022d080 ImpersonateLoggedOnUser
0x14022d088 CheckTokenMembership
0x14022d090 LookupPrivilegeValueW
0x14022d098 AdjustTokenPrivileges
0x14022d0a0 RegCreateKeyExW
0x14022d0a8 RegDeleteValueW
0x14022d0b0 RegSetValueExW
0x14022d0b8 EventWrite
0x14022d0c0 EventEnabled
ncrypt.dll
0x14022d818 BCryptCloseAlgorithmProvider
0x14022d820 BCryptSetProperty
0x14022d828 BCryptOpenAlgorithmProvider
0x14022d830 BCryptDestroyKey
0x14022d838 BCryptDecrypt
0x14022d840 BCryptImportKey
0x14022d848 BCryptEncrypt
0x14022d850 BCryptGenRandom
KERNEL32.dll
0x14022d0d0 TlsFree
0x14022d0d8 TlsSetValue
0x14022d0e0 TlsGetValue
0x14022d0e8 TlsAlloc
0x14022d0f0 InitializeCriticalSectionAndSpinCount
0x14022d0f8 EncodePointer
0x14022d100 RaiseException
0x14022d108 RtlPcToFileHeader
0x14022d110 CloseThreadpoolIo
0x14022d118 ExitProcess
0x14022d120 GetCurrentProcessId
0x14022d128 MultiByteToWideChar
0x14022d130 GetStdHandle
0x14022d138 TzSpecificLocalTimeToSystemTime
0x14022d140 SystemTimeToFileTime
0x14022d148 FileTimeToSystemTime
0x14022d150 GetSystemTime
0x14022d158 GetCalendarInfoEx
0x14022d160 CompareStringOrdinal
0x14022d168 CompareStringEx
0x14022d170 FindNLSStringEx
0x14022d178 GetLocaleInfoEx
0x14022d180 ResolveLocaleName
0x14022d188 LCIDToLocaleName
0x14022d190 GetUserPreferredUILanguages
0x14022d198 FindStringOrdinal
0x14022d1a0 GetTickCount64
0x14022d1a8 GetCurrentProcessorNumber
0x14022d1b0 GetCurrentProcess
0x14022d1b8 GetCurrentThread
0x14022d1c0 WaitForSingleObject
0x14022d1c8 Sleep
0x14022d1d0 CreateThreadpoolWork
0x14022d1d8 CloseThreadpoolWork
0x14022d1e0 SubmitThreadpoolWork
0x14022d1e8 CreateThreadpoolWait
0x14022d1f0 SetThreadpoolWait
0x14022d1f8 WaitForThreadpoolWaitCallbacks
0x14022d200 CloseThreadpoolWait
0x14022d208 InitializeCriticalSection
0x14022d210 InitializeConditionVariable
0x14022d218 DeleteCriticalSection
0x14022d220 LocalFree
0x14022d228 EnterCriticalSection
0x14022d230 SleepConditionVariableCS
0x14022d238 LeaveCriticalSection
0x14022d240 WakeConditionVariable
0x14022d248 WaitForMultipleObjectsEx
0x14022d250 GetLastError
0x14022d258 SetLastError
0x14022d260 GetFullPathNameW
0x14022d268 GetLongPathNameW
0x14022d270 WideCharToMultiByte
0x14022d278 LocalAlloc
0x14022d280 GetConsoleOutputCP
0x14022d288 GetProcAddress
0x14022d290 RaiseFailFastException
0x14022d298 CreateThreadpoolIo
0x14022d2a0 StartThreadpoolIo
0x14022d2a8 CancelThreadpoolIo
0x14022d2b0 LocaleNameToLCID
0x14022d2b8 LCMapStringEx
0x14022d2c0 EnumTimeFormatsEx
0x14022d2c8 EnumCalendarInfoExEx
0x14022d2d0 CopyFileExW
0x14022d2d8 CreateFileW
0x14022d2e0 DeleteFileW
0x14022d2e8 DeviceIoControl
0x14022d2f0 ExpandEnvironmentStringsW
0x14022d2f8 FindClose
0x14022d300 FindFirstFileExW
0x14022d308 FlushFileBuffers
0x14022d310 FreeLibrary
0x14022d318 GetCurrentDirectoryW
0x14022d320 GetFileAttributesExW
0x14022d328 GetFileInformationByHandleEx
0x14022d330 GetFileType
0x14022d338 GetModuleFileNameW
0x14022d340 GetOverlappedResult
0x14022d348 GetSystemDirectoryW
0x14022d350 GetTempFileNameW
0x14022d358 LoadLibraryExW
0x14022d360 OutputDebugStringW
0x14022d368 ReadFile
0x14022d370 SetFileInformationByHandle
0x14022d378 SetFilePointerEx
0x14022d380 SetThreadErrorMode
0x14022d388 CreateThread
0x14022d390 ResumeThread
0x14022d398 DuplicateHandle
0x14022d3a0 GetThreadPriority
0x14022d3a8 SetThreadPriority
0x14022d3b0 GetDynamicTimeZoneInformation
0x14022d3b8 GetTimeZoneInformation
0x14022d3c0 WriteFile
0x14022d3c8 CloseHandle
0x14022d3d0 SetEvent
0x14022d3d8 CreateEventExW
0x14022d3e0 GetEnvironmentVariableW
0x14022d3e8 FormatMessageW
0x14022d3f0 K32EnumProcessModulesEx
0x14022d3f8 IsWow64Process
0x14022d400 GetExitCodeProcess
0x14022d408 CreateProcessW
0x14022d410 TerminateProcess
0x14022d418 OpenProcess
0x14022d420 K32EnumProcesses
0x14022d428 K32GetModuleInformation
0x14022d430 K32GetModuleBaseNameW
0x14022d438 K32GetModuleFileNameExW
0x14022d440 GetProcessId
0x14022d448 CreatePipe
0x14022d450 GetCPInfoExW
0x14022d458 GetConsoleCP
0x14022d460 CreateFileA
0x14022d468 HeapFree
0x14022d470 GetProcessHeap
0x14022d478 HeapAlloc
0x14022d480 LoadLibraryA
0x14022d488 VirtualProtect
0x14022d490 VirtualAllocEx
0x14022d498 FlushProcessWriteBuffers
0x14022d4a0 GetCurrentThreadId
0x14022d4a8 QueryPerformanceCounter
0x14022d4b0 QueryPerformanceFrequency
0x14022d4b8 WaitForSingleObjectEx
0x14022d4c0 RtlCaptureContext
0x14022d4c8 RtlRestoreContext
0x14022d4d0 AddVectoredExceptionHandler
0x14022d4d8 FlsAlloc
0x14022d4e0 FlsGetValue
0x14022d4e8 FlsSetValue
0x14022d4f0 CreateEventW
0x14022d4f8 SwitchToThread
0x14022d500 SuspendThread
0x14022d508 GetThreadContext
0x14022d510 SetThreadContext
0x14022d518 FlushInstructionCache
0x14022d520 VirtualAlloc
0x14022d528 VirtualFree
0x14022d530 QueryInformationJobObject
0x14022d538 GetModuleHandleW
0x14022d540 GetModuleHandleExW
0x14022d548 GetProcessAffinityMask
0x14022d550 InitializeContext
0x14022d558 GetEnabledXStateFeatures
0x14022d560 SetXStateFeaturesMask
0x14022d568 VirtualQuery
0x14022d570 InitializeCriticalSectionEx
0x14022d578 GetSystemTimeAsFileTime
0x14022d580 ResetEvent
0x14022d588 DebugBreak
0x14022d590 SleepEx
0x14022d598 GlobalMemoryStatusEx
0x14022d5a0 GetSystemInfo
0x14022d5a8 GetTickCount
0x14022d5b0 GetLogicalProcessorInformation
0x14022d5b8 GetLogicalProcessorInformationEx
0x14022d5c0 GetLargePageMinimum
0x14022d5c8 VirtualUnlock
0x14022d5d0 GetWriteWatch
0x14022d5d8 ResetWriteWatch
0x14022d5e0 VirtualAllocExNuma
0x14022d5e8 IsProcessInJob
0x14022d5f0 GetNumaHighestNodeNumber
0x14022d5f8 GetProcessGroupAffinity
0x14022d600 K32GetProcessMemoryInfo
0x14022d608 RtlUnwindEx
0x14022d610 IsProcessorFeaturePresent
0x14022d618 SetUnhandledExceptionFilter
0x14022d620 UnhandledExceptionFilter
0x14022d628 IsDebuggerPresent
0x14022d630 RtlVirtualUnwind
0x14022d638 RtlLookupFunctionEntry
0x14022d640 InitializeSListHead
0x14022d648 SleepConditionVariableSRW
0x14022d650 WakeAllConditionVariable
0x14022d658 AcquireSRWLockExclusive
0x14022d660 ReleaseSRWLockExclusive
ole32.dll
0x14022d860 CoTaskMemFree
0x14022d868 CoCreateGuid
0x14022d870 CoGetApartmentType
0x14022d878 CoUninitialize
0x14022d880 CoInitializeEx
0x14022d888 CoWaitForMultipleHandles
0x14022d890 CoTaskMemAlloc
USER32.dll
0x14022d670 LoadStringW
api-ms-win-crt-heap-l1-1-0.dll
0x14022d680 _callnewh
0x14022d688 calloc
0x14022d690 malloc
0x14022d698 free
0x14022d6a0 _set_new_mode
api-ms-win-crt-math-l1-1-0.dll
0x14022d6c0 floor
0x14022d6c8 pow
0x14022d6d0 sin
0x14022d6d8 tan
0x14022d6e0 __setusermatherr
0x14022d6e8 cos
0x14022d6f0 modf
0x14022d6f8 ceil
api-ms-win-crt-string-l1-1-0.dll
0x14022d7e0 strncpy_s
0x14022d7e8 _stricmp
0x14022d7f0 strcpy_s
0x14022d7f8 _wcsicmp
0x14022d800 strcmp
0x14022d808 wcsncmp
api-ms-win-crt-runtime-l1-1-0.dll
0x14022d708 _initterm_e
0x14022d710 exit
0x14022d718 _get_initial_wide_environment
0x14022d720 terminate
0x14022d728 _crt_atexit
0x14022d730 _register_onexit_function
0x14022d738 _initialize_onexit_table
0x14022d740 abort
0x14022d748 _initterm
0x14022d750 _initialize_wide_environment
0x14022d758 _configure_wide_argv
0x14022d760 _register_thread_local_exe_atexit_callback
0x14022d768 _c_exit
0x14022d770 _cexit
0x14022d778 __p___wargv
0x14022d780 _set_app_type
0x14022d788 __p___argc
0x14022d790 _seh_filter_exe
0x14022d798 _exit
api-ms-win-crt-stdio-l1-1-0.dll
0x14022d7a8 __stdio_common_vfprintf
0x14022d7b0 __stdio_common_vsscanf
0x14022d7b8 _set_fmode
0x14022d7c0 __p__commode
0x14022d7c8 __acrt_iob_func
0x14022d7d0 __stdio_common_vsprintf_s
api-ms-win-crt-locale-l1-1-0.dll
0x14022d6b0 _configthreadlocale
EAT(Export Address Table) Library
0x140407980 DotNetRuntimeDebugHeader