ScreenShot
| Created | 2024.04.05 23:38 | Machine | s1_win7_x6401 |
| Filename | OGLP_installer_1000222569_market.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 31d3cd435981b2c203407a9c01683830 | ||
| sha256 | 831174c199baaf9fc39ef90d1e7866f05cd6f92b51eb83d7bc07c2b338081568 | ||
| ssdeep | 49152:kfivBThkVFOu1J8kGFeUIoBULFC38WlL51gzTFN7moLKb1PDITnVtOwvPhSlqqF2:kqvRGhMIaoLKbqqQ | ||
| imphash | 9d8819b649d690739d9be5a879d0084f | ||
| impfuzzy | 192:THg++Gutef7yiB9a9l9F0Kkwm5eOJxCuc2d9l/dlJChzlsN:TZEQTyvvfkDeDGJdlJgzlsN | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| notice | Foreign language identified in PE resource |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| warning | PhysicalDrive_20181001 | (no description) | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
PSAPI.DLL
0x5c947c GetModuleFileNameExA
WS2_32.dll
0x5c9698 htons
0x5c969c WSAStartup
0x5c96a0 WSAGetLastError
0x5c96a4 WSACleanup
0x5c96a8 closesocket
0x5c96ac setsockopt
0x5c96b0 ioctlsocket
0x5c96b4 socket
0x5c96b8 __WSAFDIsSet
0x5c96bc select
0x5c96c0 shutdown
0x5c96c4 connect
0x5c96c8 recv
0x5c96cc send
0x5c96d0 htonl
0x5c96d4 ntohl
0x5c96d8 gethostbyname
dbghelp.dll
0x5c96e8 MiniDumpWriteDump
KERNEL32.dll
0x5c9110 GetCurrentDirectoryW
0x5c9114 SetCurrentDirectoryW
0x5c9118 GetTempPathW
0x5c911c GetFileAttributesW
0x5c9120 GetFileSizeEx
0x5c9124 TerminateThread
0x5c9128 FreeResource
0x5c912c RaiseException
0x5c9130 DecodePointer
0x5c9134 CreateDirectoryW
0x5c9138 GetCurrentProcessId
0x5c913c SetUnhandledExceptionFilter
0x5c9140 ProcessIdToSessionId
0x5c9144 OpenMutexW
0x5c9148 CreateMutexW
0x5c914c GetLogicalDrives
0x5c9150 GetDriveTypeW
0x5c9154 DeviceIoControl
0x5c9158 FindFirstFileW
0x5c915c RemoveDirectoryW
0x5c9160 MoveFileExW
0x5c9164 FindNextFileW
0x5c9168 FindClose
0x5c916c GetExitCodeProcess
0x5c9170 IsDBCSLeadByte
0x5c9174 GetFullPathNameW
0x5c9178 SetEndOfFile
0x5c917c SetFilePointerEx
0x5c9180 CopyFileW
0x5c9184 CreateFileA
0x5c9188 SwitchToThread
0x5c918c CreateDirectoryA
0x5c9190 GetPrivateProfileIntA
0x5c9194 GetPrivateProfileStringA
0x5c9198 GetVersionExW
0x5c919c LoadLibraryA
0x5c91a0 InitializeCriticalSection
0x5c91a4 GetSystemDefaultLangID
0x5c91a8 OpenProcess
0x5c91ac SleepEx
0x5c91b0 AreFileApisANSI
0x5c91b4 TryEnterCriticalSection
0x5c91b8 HeapCreate
0x5c91bc GetDiskFreeSpaceW
0x5c91c0 OutputDebugStringA
0x5c91c4 LockFile
0x5c91c8 GetFullPathNameA
0x5c91cc UnlockFileEx
0x5c91d0 UnmapViewOfFile
0x5c91d4 HeapValidate
0x5c91d8 GetTempPathA
0x5c91dc FormatMessageW
0x5c91e0 GetDiskFreeSpaceA
0x5c91e4 GetFileAttributesA
0x5c91e8 FlushViewOfFile
0x5c91ec WaitForSingleObjectEx
0x5c91f0 GetVersionExA
0x5c91f4 DeleteFileA
0x5c91f8 HeapCompact
0x5c91fc UnlockFile
0x5c9200 CreateFileMappingA
0x5c9204 LocalFree
0x5c9208 LockFileEx
0x5c920c SystemTimeToFileTime
0x5c9210 GetSystemTimeAsFileTime
0x5c9214 GetSystemTime
0x5c9218 FormatMessageA
0x5c921c CreateFileMappingW
0x5c9220 MapViewOfFile
0x5c9224 QueryPerformanceCounter
0x5c9228 FlushFileBuffers
0x5c922c MulDiv
0x5c9230 GetACP
0x5c9234 lstrlenW
0x5c9238 GlobalLock
0x5c923c GlobalUnlock
0x5c9240 ExitProcess
0x5c9244 VerifyVersionInfoW
0x5c9248 VerSetConditionMask
0x5c924c EnterCriticalSection
0x5c9250 LocalFileTimeToFileTime
0x5c9254 GlobalAlloc
0x5c9258 lstrcpyW
0x5c925c lstrcmpiW
0x5c9260 SetStdHandle
0x5c9264 GetTimeZoneInformation
0x5c9268 EnumSystemLocalesW
0x5c926c GetUserDefaultLCID
0x5c9270 IsValidLocale
0x5c9274 GetTimeFormatW
0x5c9278 GetDateFormatW
0x5c927c GetConsoleCP
0x5c9280 ReadConsoleW
0x5c9284 GetConsoleMode
0x5c9288 GetStdHandle
0x5c928c SetEnvironmentVariableA
0x5c9290 GetModuleHandleExW
0x5c9294 ExitThread
0x5c9298 FileTimeToSystemTime
0x5c929c SystemTimeToTzSpecificLocalTime
0x5c92a0 PeekNamedPipe
0x5c92a4 GetFileType
0x5c92a8 RtlUnwind
0x5c92ac UnregisterWaitEx
0x5c92b0 QueryDepthSList
0x5c92b4 InterlockedFlushSList
0x5c92b8 InterlockedPushEntrySList
0x5c92bc InterlockedPopEntrySList
0x5c92c0 ReleaseSemaphore
0x5c92c4 VirtualProtect
0x5c92c8 VirtualFree
0x5c92cc VirtualAlloc
0x5c92d0 LoadLibraryExW
0x5c92d4 GetModuleHandleA
0x5c92d8 FreeLibraryAndExitThread
0x5c92dc GetThreadTimes
0x5c92e0 UnregisterWait
0x5c92e4 RegisterWaitForSingleObject
0x5c92e8 SetThreadAffinityMask
0x5c92ec GetProcessAffinityMask
0x5c92f0 GetNumaHighestNodeNumber
0x5c92f4 DeleteTimerQueueTimer
0x5c92f8 ChangeTimerQueueTimer
0x5c92fc CreateTimerQueueTimer
0x5c9300 GetLogicalProcessorInformation
0x5c9304 GetThreadPriority
0x5c9308 SetThreadPriority
0x5c930c CreateThread
0x5c9310 SignalObjectAndWait
0x5c9314 CreateTimerQueue
0x5c9318 InitializeSListHead
0x5c931c GetStartupInfoW
0x5c9320 IsProcessorFeaturePresent
0x5c9324 TerminateProcess
0x5c9328 UnhandledExceptionFilter
0x5c932c ResetEvent
0x5c9330 IsDebuggerPresent
0x5c9334 LCMapStringW
0x5c9338 CompareStringW
0x5c933c GetCPInfo
0x5c9340 TlsFree
0x5c9344 TlsSetValue
0x5c9348 TlsGetValue
0x5c934c TlsAlloc
0x5c9350 SetLastError
0x5c9354 FindFirstFileExW
0x5c9358 GetNativeSystemInfo
0x5c935c GetExitCodeThread
0x5c9360 GetCurrentThread
0x5c9364 DuplicateHandle
0x5c9368 GetStringTypeW
0x5c936c EncodePointer
0x5c9370 LeaveCriticalSection
0x5c9374 GetFileTime
0x5c9378 GetSystemDirectoryW
0x5c937c GetModuleFileNameA
0x5c9380 GetEnvironmentVariableW
0x5c9384 GetLocaleInfoW
0x5c9388 GetPrivateProfileSectionW
0x5c938c GetPrivateProfileIntW
0x5c9390 GetPrivateProfileStringW
0x5c9394 GetCommandLineW
0x5c9398 GetSystemInfo
0x5c939c GetDiskFreeSpaceExW
0x5c93a0 GlobalMemoryStatusEx
0x5c93a4 OutputDebugStringW
0x5c93a8 DeleteCriticalSection
0x5c93ac InitializeCriticalSectionAndSpinCount
0x5c93b0 LoadLibraryW
0x5c93b4 FreeLibrary
0x5c93b8 InterlockedExchangeAdd
0x5c93bc GetTickCount
0x5c93c0 GetFileAttributesExW
0x5c93c4 GetLocalTime
0x5c93c8 GetModuleFileNameW
0x5c93cc InterlockedDecrement
0x5c93d0 InterlockedIncrement
0x5c93d4 MoveFileW
0x5c93d8 DeleteFileW
0x5c93dc SetFilePointer
0x5c93e0 SetEvent
0x5c93e4 WaitForSingleObject
0x5c93e8 CreateEventW
0x5c93ec FindResourceExW
0x5c93f0 FindResourceW
0x5c93f4 LoadResource
0x5c93f8 LockResource
0x5c93fc SizeofResource
0x5c9400 WideCharToMultiByte
0x5c9404 Sleep
0x5c9408 InterlockedExchange
0x5c940c InterlockedCompareExchange
0x5c9410 GetProcessHeap
0x5c9414 HeapAlloc
0x5c9418 HeapFree
0x5c941c HeapReAlloc
0x5c9420 HeapSize
0x5c9424 HeapDestroy
0x5c9428 GlobalFree
0x5c942c MultiByteToWideChar
0x5c9430 GetCurrentThreadId
0x5c9434 GetCurrentProcess
0x5c9438 GetFileSize
0x5c943c WriteFile
0x5c9440 ReadFile
0x5c9444 GetLastError
0x5c9448 GetModuleHandleW
0x5c944c GetProcAddress
0x5c9450 CreateFileW
0x5c9454 CloseHandle
0x5c9458 IsValidCodePage
0x5c945c GetOEMCP
0x5c9460 GetCommandLineA
0x5c9464 GetEnvironmentStringsW
0x5c9468 FreeEnvironmentStringsW
0x5c946c WriteConsoleW
USER32.dll
0x5c94c8 EnumDisplayDevicesW
0x5c94cc GetDC
0x5c94d0 MonitorFromWindow
0x5c94d4 GetMonitorInfoW
0x5c94d8 ReleaseDC
0x5c94dc DestroyWindow
0x5c94e0 DefWindowProcW
0x5c94e4 GetSystemMetrics
0x5c94e8 TrackPopupMenu
0x5c94ec DestroyMenu
0x5c94f0 ClientToScreen
0x5c94f4 SetCaretPos
0x5c94f8 GetCaretPos
0x5c94fc MessageBoxW
0x5c9500 InvalidateRect
0x5c9504 IsWindow
0x5c9508 IsRectEmpty
0x5c950c IntersectRect
0x5c9510 PtInRect
0x5c9514 SetCursor
0x5c9518 LoadCursorW
0x5c951c CharNextW
0x5c9520 OffsetRect
0x5c9524 InflateRect
0x5c9528 UnionRect
0x5c952c wsprintfW
0x5c9530 GetWindowRect
0x5c9534 ScreenToClient
0x5c9538 GetKeyState
0x5c953c GetClientRect
0x5c9540 SetWindowPos
0x5c9544 GetWindowLongW
0x5c9548 SetWindowLongW
0x5c954c IsIconic
0x5c9550 GetActiveWindow
0x5c9554 GetWindow
0x5c9558 SetFocus
0x5c955c BeginPaint
0x5c9560 EndPaint
0x5c9564 GetUpdateRect
0x5c9568 IsWindowVisible
0x5c956c MapWindowPoints
0x5c9570 CreateWindowExW
0x5c9574 GetCursorPos
0x5c9578 ReleaseCapture
0x5c957c GetSysColor
0x5c9580 GetMessageW
0x5c9584 TranslateMessage
0x5c9588 DispatchMessageW
0x5c958c HideCaret
0x5c9590 ShowCaret
0x5c9594 CreateCaret
0x5c9598 GetWindowRgn
0x5c959c IsZoomed
0x5c95a0 PostMessageW
0x5c95a4 GetFocus
0x5c95a8 SetTimer
0x5c95ac KillTimer
0x5c95b0 SetCapture
0x5c95b4 GetParent
0x5c95b8 LoadImageW
0x5c95bc SetWindowRgn
0x5c95c0 ShowWindow
0x5c95c4 EnableWindow
0x5c95c8 PostQuitMessage
0x5c95cc RegisterClassW
0x5c95d0 GetClassInfoExW
0x5c95d4 RegisterClassExW
0x5c95d8 CallWindowProcW
0x5c95dc SetPropW
0x5c95e0 GetKeyNameTextW
0x5c95e4 GetCaretBlinkTime
0x5c95e8 CreatePopupMenu
0x5c95ec AppendMenuW
0x5c95f0 SendMessageW
0x5c95f4 EnableMenuItem
0x5c95f8 GetPropW
0x5c95fc IsWindowEnabled
0x5c9600 SetWindowTextW
0x5c9604 GetWindowTextLengthW
0x5c9608 GetWindowTextW
0x5c960c InvalidateRgn
0x5c9610 EqualRect
0x5c9614 CreateAcceleratorTableW
0x5c9618 GetGUIThreadInfo
0x5c961c SetForegroundWindow
0x5c9620 MapVirtualKeyExW
0x5c9624 FillRect
0x5c9628 DrawTextW
0x5c962c SetRect
0x5c9630 CharPrevW
0x5c9634 MoveWindow
0x5c9638 UpdateLayeredWindow
0x5c963c GetKeyboardLayout
GDI32.dll
0x5c9034 CreateDIBSection
0x5c9038 CombineRgn
0x5c903c ExtSelectClipRgn
0x5c9040 CreateRectRgnIndirect
0x5c9044 GetClipBox
0x5c9048 SelectClipRgn
0x5c904c CreateRoundRectRgn
0x5c9050 PlayEnhMetaFile
0x5c9054 CreateCompatibleBitmap
0x5c9058 GetEnhMetaFileHeader
0x5c905c CreateDIBitmap
0x5c9060 AddFontMemResourceEx
0x5c9064 GetTextMetricsW
0x5c9068 CloseEnhMetaFile
0x5c906c CreateEnhMetaFileW
0x5c9070 SetWindowOrgEx
0x5c9074 Rectangle
0x5c9078 RestoreDC
0x5c907c BitBlt
0x5c9080 StretchBlt
0x5c9084 SelectObject
0x5c9088 CreateCompatibleDC
0x5c908c DeleteDC
0x5c9090 RemoveFontMemResourceEx
0x5c9094 DeleteObject
0x5c9098 CreateFontIndirectW
0x5c909c GetStockObject
0x5c90a0 GetObjectW
0x5c90a4 GetDeviceCaps
0x5c90a8 TextOutW
0x5c90ac GdiFlush
0x5c90b0 CreateRectRgn
0x5c90b4 PtInRegion
0x5c90b8 CreatePatternBrush
0x5c90bc GetBitmapBits
0x5c90c0 SetBitmapBits
0x5c90c4 SetStretchBltMode
0x5c90c8 CreateSolidBrush
0x5c90cc CreatePenIndirect
0x5c90d0 MoveToEx
0x5c90d4 LineTo
0x5c90d8 RoundRect
0x5c90dc GetObjectA
0x5c90e0 SetBkMode
0x5c90e4 SetTextColor
0x5c90e8 SetBkColor
0x5c90ec GetCharABCWidthsW
0x5c90f0 SaveDC
0x5c90f4 CreatePen
0x5c90f8 GetTextExtentPoint32W
ADVAPI32.dll
0x5c9000 RegCreateKeyExW
0x5c9004 RegOpenKeyExW
0x5c9008 RegOpenKeyExA
0x5c900c RegQueryValueExA
0x5c9010 RegDeleteKeyW
0x5c9014 RegCloseKey
0x5c9018 RegEnumKeyExW
0x5c901c RegSetValueExW
0x5c9020 RegQueryValueExW
SHELL32.dll
0x5c9484 SHGetPathFromIDListW
0x5c9488 DragQueryFileW
0x5c948c SHGetFolderPathA
0x5c9490 SHGetSpecialFolderPathW
0x5c9494 SHCreateDirectoryExW
0x5c9498 CommandLineToArgvW
0x5c949c SHBrowseForFolderW
0x5c94a0 SHChangeNotify
0x5c94a4 ShellExecuteExW
0x5c94a8 None
ole32.dll
0x5c977c OleDuplicateData
0x5c9780 CoInitialize
0x5c9784 CoCreateInstance
0x5c9788 CoUninitialize
0x5c978c CoInitializeEx
0x5c9790 CoTaskMemFree
0x5c9794 RegisterDragDrop
0x5c9798 CreateStreamOnHGlobal
0x5c979c ReleaseStgMedium
0x5c97a0 OleLockRunning
0x5c97a4 CLSIDFromString
0x5c97a8 CLSIDFromProgID
0x5c97ac CoCreateGuid
0x5c97b0 DoDragDrop
COMCTL32.dll
0x5c9028 None
0x5c902c _TrackMouseEvent
gdiplus.dll
0x5c96f0 GdipSetStringFormatFlags
0x5c96f4 GdipSetStringFormatTrimming
0x5c96f8 GdipDeleteStringFormat
0x5c96fc GdipStringFormatGetGenericTypographic
0x5c9700 GdipTranslateWorldTransform
0x5c9704 GdipSetInterpolationMode
0x5c9708 GdipSetSmoothingMode
0x5c970c GdipSetTextRenderingHint
0x5c9710 GdipDeleteFont
0x5c9714 GdipCreateFontFromLogfontA
0x5c9718 GdipCreateFontFromDC
0x5c971c GdipDrawRectangleI
0x5c9720 GdipSetPenMode
0x5c9724 GdipDeletePen
0x5c9728 GdipCreatePen1
0x5c972c GdipSetStringFormatAlign
0x5c9730 GdipDeleteBrush
0x5c9734 GdipCreateSolidFill
0x5c9738 GdipDeleteGraphics
0x5c973c GdipCreateFromHDC
0x5c9740 GdipDisposeImage
0x5c9744 GdipCloneImage
0x5c9748 GdipAlloc
0x5c974c GdipFree
0x5c9750 GdipLoadImageFromStream
0x5c9754 GdiplusShutdown
0x5c9758 GdiplusStartup
0x5c975c GdipSetStringFormatLineAlign
0x5c9760 GdipMeasureString
0x5c9764 GdipDrawImageRectI
0x5c9768 GdipRotateWorldTransform
0x5c976c GdipFillRectangleI
0x5c9770 GdipDrawString
0x5c9774 GdipCloneStringFormat
IMM32.dll
0x5c9100 ImmGetContext
0x5c9104 ImmReleaseContext
0x5c9108 ImmSetCompositionWindow
WINHTTP.dll
0x5c9654 WinHttpReceiveResponse
0x5c9658 WinHttpWriteData
0x5c965c WinHttpSetOption
0x5c9660 WinHttpSendRequest
0x5c9664 WinHttpQueryHeaders
0x5c9668 WinHttpGetIEProxyConfigForCurrentUser
0x5c966c WinHttpAddRequestHeaders
0x5c9670 WinHttpOpenRequest
0x5c9674 WinHttpConnect
0x5c9678 WinHttpCrackUrl
0x5c967c WinHttpQueryDataAvailable
0x5c9680 WinHttpReadData
0x5c9684 WinHttpGetProxyForUrl
0x5c9688 WinHttpSetTimeouts
0x5c968c WinHttpCloseHandle
0x5c9690 WinHttpOpen
SHLWAPI.dll
0x5c94b0 PathAddBackslashW
0x5c94b4 PathRemoveFileSpecA
0x5c94b8 PathRemoveFileSpecW
0x5c94bc PathFileExistsW
0x5c94c0 PathIsDirectoryW
d3d9.dll
0x5c96e0 Direct3DCreate9
VERSION.dll
0x5c9644 VerQueryValueW
0x5c9648 GetFileVersionInfoW
0x5c964c GetFileVersionInfoSizeW
NETAPI32.dll
0x5c9474 Netbios
EAT(Export Address Table) Library
0x447f30 ??4BeaconClient@@QAEAAV0@$$QAV0@@Z
0x447f30 ??4BeaconClient@@QAEAAV0@ABV0@@Z
0x448aad ?GetCommParamGetter@BeaconClient@@SAABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@@std@@@2@@std@@XZ
0x448a4d ?GetCommcomParams@BeaconClient@@SAABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
0x44870d ?GetConfig@BeaconClient@@SAABUBeaconConfig@@XZ
0x4482cb ?InitSDK@BeaconClient@@SAXABUBeaconConfig@@@Z
0x448713 ?PrepareParams@BeaconClient@@SA?AV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@ABV23@_J@Z
0x448416 ?Quit@BeaconClient@@SAXXZ
0x4485d9 ?Report@BeaconClient@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@3@W4RequestPriority@Beacon@@@Z
0x448a53 ?SetCommParamGetter@BeaconClient@@SAXABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@@std@@@2@@std@@@Z
0x448422 ?SetCommonParams@BeaconClient@@SAXABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@@Z
PSAPI.DLL
0x5c947c GetModuleFileNameExA
WS2_32.dll
0x5c9698 htons
0x5c969c WSAStartup
0x5c96a0 WSAGetLastError
0x5c96a4 WSACleanup
0x5c96a8 closesocket
0x5c96ac setsockopt
0x5c96b0 ioctlsocket
0x5c96b4 socket
0x5c96b8 __WSAFDIsSet
0x5c96bc select
0x5c96c0 shutdown
0x5c96c4 connect
0x5c96c8 recv
0x5c96cc send
0x5c96d0 htonl
0x5c96d4 ntohl
0x5c96d8 gethostbyname
dbghelp.dll
0x5c96e8 MiniDumpWriteDump
KERNEL32.dll
0x5c9110 GetCurrentDirectoryW
0x5c9114 SetCurrentDirectoryW
0x5c9118 GetTempPathW
0x5c911c GetFileAttributesW
0x5c9120 GetFileSizeEx
0x5c9124 TerminateThread
0x5c9128 FreeResource
0x5c912c RaiseException
0x5c9130 DecodePointer
0x5c9134 CreateDirectoryW
0x5c9138 GetCurrentProcessId
0x5c913c SetUnhandledExceptionFilter
0x5c9140 ProcessIdToSessionId
0x5c9144 OpenMutexW
0x5c9148 CreateMutexW
0x5c914c GetLogicalDrives
0x5c9150 GetDriveTypeW
0x5c9154 DeviceIoControl
0x5c9158 FindFirstFileW
0x5c915c RemoveDirectoryW
0x5c9160 MoveFileExW
0x5c9164 FindNextFileW
0x5c9168 FindClose
0x5c916c GetExitCodeProcess
0x5c9170 IsDBCSLeadByte
0x5c9174 GetFullPathNameW
0x5c9178 SetEndOfFile
0x5c917c SetFilePointerEx
0x5c9180 CopyFileW
0x5c9184 CreateFileA
0x5c9188 SwitchToThread
0x5c918c CreateDirectoryA
0x5c9190 GetPrivateProfileIntA
0x5c9194 GetPrivateProfileStringA
0x5c9198 GetVersionExW
0x5c919c LoadLibraryA
0x5c91a0 InitializeCriticalSection
0x5c91a4 GetSystemDefaultLangID
0x5c91a8 OpenProcess
0x5c91ac SleepEx
0x5c91b0 AreFileApisANSI
0x5c91b4 TryEnterCriticalSection
0x5c91b8 HeapCreate
0x5c91bc GetDiskFreeSpaceW
0x5c91c0 OutputDebugStringA
0x5c91c4 LockFile
0x5c91c8 GetFullPathNameA
0x5c91cc UnlockFileEx
0x5c91d0 UnmapViewOfFile
0x5c91d4 HeapValidate
0x5c91d8 GetTempPathA
0x5c91dc FormatMessageW
0x5c91e0 GetDiskFreeSpaceA
0x5c91e4 GetFileAttributesA
0x5c91e8 FlushViewOfFile
0x5c91ec WaitForSingleObjectEx
0x5c91f0 GetVersionExA
0x5c91f4 DeleteFileA
0x5c91f8 HeapCompact
0x5c91fc UnlockFile
0x5c9200 CreateFileMappingA
0x5c9204 LocalFree
0x5c9208 LockFileEx
0x5c920c SystemTimeToFileTime
0x5c9210 GetSystemTimeAsFileTime
0x5c9214 GetSystemTime
0x5c9218 FormatMessageA
0x5c921c CreateFileMappingW
0x5c9220 MapViewOfFile
0x5c9224 QueryPerformanceCounter
0x5c9228 FlushFileBuffers
0x5c922c MulDiv
0x5c9230 GetACP
0x5c9234 lstrlenW
0x5c9238 GlobalLock
0x5c923c GlobalUnlock
0x5c9240 ExitProcess
0x5c9244 VerifyVersionInfoW
0x5c9248 VerSetConditionMask
0x5c924c EnterCriticalSection
0x5c9250 LocalFileTimeToFileTime
0x5c9254 GlobalAlloc
0x5c9258 lstrcpyW
0x5c925c lstrcmpiW
0x5c9260 SetStdHandle
0x5c9264 GetTimeZoneInformation
0x5c9268 EnumSystemLocalesW
0x5c926c GetUserDefaultLCID
0x5c9270 IsValidLocale
0x5c9274 GetTimeFormatW
0x5c9278 GetDateFormatW
0x5c927c GetConsoleCP
0x5c9280 ReadConsoleW
0x5c9284 GetConsoleMode
0x5c9288 GetStdHandle
0x5c928c SetEnvironmentVariableA
0x5c9290 GetModuleHandleExW
0x5c9294 ExitThread
0x5c9298 FileTimeToSystemTime
0x5c929c SystemTimeToTzSpecificLocalTime
0x5c92a0 PeekNamedPipe
0x5c92a4 GetFileType
0x5c92a8 RtlUnwind
0x5c92ac UnregisterWaitEx
0x5c92b0 QueryDepthSList
0x5c92b4 InterlockedFlushSList
0x5c92b8 InterlockedPushEntrySList
0x5c92bc InterlockedPopEntrySList
0x5c92c0 ReleaseSemaphore
0x5c92c4 VirtualProtect
0x5c92c8 VirtualFree
0x5c92cc VirtualAlloc
0x5c92d0 LoadLibraryExW
0x5c92d4 GetModuleHandleA
0x5c92d8 FreeLibraryAndExitThread
0x5c92dc GetThreadTimes
0x5c92e0 UnregisterWait
0x5c92e4 RegisterWaitForSingleObject
0x5c92e8 SetThreadAffinityMask
0x5c92ec GetProcessAffinityMask
0x5c92f0 GetNumaHighestNodeNumber
0x5c92f4 DeleteTimerQueueTimer
0x5c92f8 ChangeTimerQueueTimer
0x5c92fc CreateTimerQueueTimer
0x5c9300 GetLogicalProcessorInformation
0x5c9304 GetThreadPriority
0x5c9308 SetThreadPriority
0x5c930c CreateThread
0x5c9310 SignalObjectAndWait
0x5c9314 CreateTimerQueue
0x5c9318 InitializeSListHead
0x5c931c GetStartupInfoW
0x5c9320 IsProcessorFeaturePresent
0x5c9324 TerminateProcess
0x5c9328 UnhandledExceptionFilter
0x5c932c ResetEvent
0x5c9330 IsDebuggerPresent
0x5c9334 LCMapStringW
0x5c9338 CompareStringW
0x5c933c GetCPInfo
0x5c9340 TlsFree
0x5c9344 TlsSetValue
0x5c9348 TlsGetValue
0x5c934c TlsAlloc
0x5c9350 SetLastError
0x5c9354 FindFirstFileExW
0x5c9358 GetNativeSystemInfo
0x5c935c GetExitCodeThread
0x5c9360 GetCurrentThread
0x5c9364 DuplicateHandle
0x5c9368 GetStringTypeW
0x5c936c EncodePointer
0x5c9370 LeaveCriticalSection
0x5c9374 GetFileTime
0x5c9378 GetSystemDirectoryW
0x5c937c GetModuleFileNameA
0x5c9380 GetEnvironmentVariableW
0x5c9384 GetLocaleInfoW
0x5c9388 GetPrivateProfileSectionW
0x5c938c GetPrivateProfileIntW
0x5c9390 GetPrivateProfileStringW
0x5c9394 GetCommandLineW
0x5c9398 GetSystemInfo
0x5c939c GetDiskFreeSpaceExW
0x5c93a0 GlobalMemoryStatusEx
0x5c93a4 OutputDebugStringW
0x5c93a8 DeleteCriticalSection
0x5c93ac InitializeCriticalSectionAndSpinCount
0x5c93b0 LoadLibraryW
0x5c93b4 FreeLibrary
0x5c93b8 InterlockedExchangeAdd
0x5c93bc GetTickCount
0x5c93c0 GetFileAttributesExW
0x5c93c4 GetLocalTime
0x5c93c8 GetModuleFileNameW
0x5c93cc InterlockedDecrement
0x5c93d0 InterlockedIncrement
0x5c93d4 MoveFileW
0x5c93d8 DeleteFileW
0x5c93dc SetFilePointer
0x5c93e0 SetEvent
0x5c93e4 WaitForSingleObject
0x5c93e8 CreateEventW
0x5c93ec FindResourceExW
0x5c93f0 FindResourceW
0x5c93f4 LoadResource
0x5c93f8 LockResource
0x5c93fc SizeofResource
0x5c9400 WideCharToMultiByte
0x5c9404 Sleep
0x5c9408 InterlockedExchange
0x5c940c InterlockedCompareExchange
0x5c9410 GetProcessHeap
0x5c9414 HeapAlloc
0x5c9418 HeapFree
0x5c941c HeapReAlloc
0x5c9420 HeapSize
0x5c9424 HeapDestroy
0x5c9428 GlobalFree
0x5c942c MultiByteToWideChar
0x5c9430 GetCurrentThreadId
0x5c9434 GetCurrentProcess
0x5c9438 GetFileSize
0x5c943c WriteFile
0x5c9440 ReadFile
0x5c9444 GetLastError
0x5c9448 GetModuleHandleW
0x5c944c GetProcAddress
0x5c9450 CreateFileW
0x5c9454 CloseHandle
0x5c9458 IsValidCodePage
0x5c945c GetOEMCP
0x5c9460 GetCommandLineA
0x5c9464 GetEnvironmentStringsW
0x5c9468 FreeEnvironmentStringsW
0x5c946c WriteConsoleW
USER32.dll
0x5c94c8 EnumDisplayDevicesW
0x5c94cc GetDC
0x5c94d0 MonitorFromWindow
0x5c94d4 GetMonitorInfoW
0x5c94d8 ReleaseDC
0x5c94dc DestroyWindow
0x5c94e0 DefWindowProcW
0x5c94e4 GetSystemMetrics
0x5c94e8 TrackPopupMenu
0x5c94ec DestroyMenu
0x5c94f0 ClientToScreen
0x5c94f4 SetCaretPos
0x5c94f8 GetCaretPos
0x5c94fc MessageBoxW
0x5c9500 InvalidateRect
0x5c9504 IsWindow
0x5c9508 IsRectEmpty
0x5c950c IntersectRect
0x5c9510 PtInRect
0x5c9514 SetCursor
0x5c9518 LoadCursorW
0x5c951c CharNextW
0x5c9520 OffsetRect
0x5c9524 InflateRect
0x5c9528 UnionRect
0x5c952c wsprintfW
0x5c9530 GetWindowRect
0x5c9534 ScreenToClient
0x5c9538 GetKeyState
0x5c953c GetClientRect
0x5c9540 SetWindowPos
0x5c9544 GetWindowLongW
0x5c9548 SetWindowLongW
0x5c954c IsIconic
0x5c9550 GetActiveWindow
0x5c9554 GetWindow
0x5c9558 SetFocus
0x5c955c BeginPaint
0x5c9560 EndPaint
0x5c9564 GetUpdateRect
0x5c9568 IsWindowVisible
0x5c956c MapWindowPoints
0x5c9570 CreateWindowExW
0x5c9574 GetCursorPos
0x5c9578 ReleaseCapture
0x5c957c GetSysColor
0x5c9580 GetMessageW
0x5c9584 TranslateMessage
0x5c9588 DispatchMessageW
0x5c958c HideCaret
0x5c9590 ShowCaret
0x5c9594 CreateCaret
0x5c9598 GetWindowRgn
0x5c959c IsZoomed
0x5c95a0 PostMessageW
0x5c95a4 GetFocus
0x5c95a8 SetTimer
0x5c95ac KillTimer
0x5c95b0 SetCapture
0x5c95b4 GetParent
0x5c95b8 LoadImageW
0x5c95bc SetWindowRgn
0x5c95c0 ShowWindow
0x5c95c4 EnableWindow
0x5c95c8 PostQuitMessage
0x5c95cc RegisterClassW
0x5c95d0 GetClassInfoExW
0x5c95d4 RegisterClassExW
0x5c95d8 CallWindowProcW
0x5c95dc SetPropW
0x5c95e0 GetKeyNameTextW
0x5c95e4 GetCaretBlinkTime
0x5c95e8 CreatePopupMenu
0x5c95ec AppendMenuW
0x5c95f0 SendMessageW
0x5c95f4 EnableMenuItem
0x5c95f8 GetPropW
0x5c95fc IsWindowEnabled
0x5c9600 SetWindowTextW
0x5c9604 GetWindowTextLengthW
0x5c9608 GetWindowTextW
0x5c960c InvalidateRgn
0x5c9610 EqualRect
0x5c9614 CreateAcceleratorTableW
0x5c9618 GetGUIThreadInfo
0x5c961c SetForegroundWindow
0x5c9620 MapVirtualKeyExW
0x5c9624 FillRect
0x5c9628 DrawTextW
0x5c962c SetRect
0x5c9630 CharPrevW
0x5c9634 MoveWindow
0x5c9638 UpdateLayeredWindow
0x5c963c GetKeyboardLayout
GDI32.dll
0x5c9034 CreateDIBSection
0x5c9038 CombineRgn
0x5c903c ExtSelectClipRgn
0x5c9040 CreateRectRgnIndirect
0x5c9044 GetClipBox
0x5c9048 SelectClipRgn
0x5c904c CreateRoundRectRgn
0x5c9050 PlayEnhMetaFile
0x5c9054 CreateCompatibleBitmap
0x5c9058 GetEnhMetaFileHeader
0x5c905c CreateDIBitmap
0x5c9060 AddFontMemResourceEx
0x5c9064 GetTextMetricsW
0x5c9068 CloseEnhMetaFile
0x5c906c CreateEnhMetaFileW
0x5c9070 SetWindowOrgEx
0x5c9074 Rectangle
0x5c9078 RestoreDC
0x5c907c BitBlt
0x5c9080 StretchBlt
0x5c9084 SelectObject
0x5c9088 CreateCompatibleDC
0x5c908c DeleteDC
0x5c9090 RemoveFontMemResourceEx
0x5c9094 DeleteObject
0x5c9098 CreateFontIndirectW
0x5c909c GetStockObject
0x5c90a0 GetObjectW
0x5c90a4 GetDeviceCaps
0x5c90a8 TextOutW
0x5c90ac GdiFlush
0x5c90b0 CreateRectRgn
0x5c90b4 PtInRegion
0x5c90b8 CreatePatternBrush
0x5c90bc GetBitmapBits
0x5c90c0 SetBitmapBits
0x5c90c4 SetStretchBltMode
0x5c90c8 CreateSolidBrush
0x5c90cc CreatePenIndirect
0x5c90d0 MoveToEx
0x5c90d4 LineTo
0x5c90d8 RoundRect
0x5c90dc GetObjectA
0x5c90e0 SetBkMode
0x5c90e4 SetTextColor
0x5c90e8 SetBkColor
0x5c90ec GetCharABCWidthsW
0x5c90f0 SaveDC
0x5c90f4 CreatePen
0x5c90f8 GetTextExtentPoint32W
ADVAPI32.dll
0x5c9000 RegCreateKeyExW
0x5c9004 RegOpenKeyExW
0x5c9008 RegOpenKeyExA
0x5c900c RegQueryValueExA
0x5c9010 RegDeleteKeyW
0x5c9014 RegCloseKey
0x5c9018 RegEnumKeyExW
0x5c901c RegSetValueExW
0x5c9020 RegQueryValueExW
SHELL32.dll
0x5c9484 SHGetPathFromIDListW
0x5c9488 DragQueryFileW
0x5c948c SHGetFolderPathA
0x5c9490 SHGetSpecialFolderPathW
0x5c9494 SHCreateDirectoryExW
0x5c9498 CommandLineToArgvW
0x5c949c SHBrowseForFolderW
0x5c94a0 SHChangeNotify
0x5c94a4 ShellExecuteExW
0x5c94a8 None
ole32.dll
0x5c977c OleDuplicateData
0x5c9780 CoInitialize
0x5c9784 CoCreateInstance
0x5c9788 CoUninitialize
0x5c978c CoInitializeEx
0x5c9790 CoTaskMemFree
0x5c9794 RegisterDragDrop
0x5c9798 CreateStreamOnHGlobal
0x5c979c ReleaseStgMedium
0x5c97a0 OleLockRunning
0x5c97a4 CLSIDFromString
0x5c97a8 CLSIDFromProgID
0x5c97ac CoCreateGuid
0x5c97b0 DoDragDrop
COMCTL32.dll
0x5c9028 None
0x5c902c _TrackMouseEvent
gdiplus.dll
0x5c96f0 GdipSetStringFormatFlags
0x5c96f4 GdipSetStringFormatTrimming
0x5c96f8 GdipDeleteStringFormat
0x5c96fc GdipStringFormatGetGenericTypographic
0x5c9700 GdipTranslateWorldTransform
0x5c9704 GdipSetInterpolationMode
0x5c9708 GdipSetSmoothingMode
0x5c970c GdipSetTextRenderingHint
0x5c9710 GdipDeleteFont
0x5c9714 GdipCreateFontFromLogfontA
0x5c9718 GdipCreateFontFromDC
0x5c971c GdipDrawRectangleI
0x5c9720 GdipSetPenMode
0x5c9724 GdipDeletePen
0x5c9728 GdipCreatePen1
0x5c972c GdipSetStringFormatAlign
0x5c9730 GdipDeleteBrush
0x5c9734 GdipCreateSolidFill
0x5c9738 GdipDeleteGraphics
0x5c973c GdipCreateFromHDC
0x5c9740 GdipDisposeImage
0x5c9744 GdipCloneImage
0x5c9748 GdipAlloc
0x5c974c GdipFree
0x5c9750 GdipLoadImageFromStream
0x5c9754 GdiplusShutdown
0x5c9758 GdiplusStartup
0x5c975c GdipSetStringFormatLineAlign
0x5c9760 GdipMeasureString
0x5c9764 GdipDrawImageRectI
0x5c9768 GdipRotateWorldTransform
0x5c976c GdipFillRectangleI
0x5c9770 GdipDrawString
0x5c9774 GdipCloneStringFormat
IMM32.dll
0x5c9100 ImmGetContext
0x5c9104 ImmReleaseContext
0x5c9108 ImmSetCompositionWindow
WINHTTP.dll
0x5c9654 WinHttpReceiveResponse
0x5c9658 WinHttpWriteData
0x5c965c WinHttpSetOption
0x5c9660 WinHttpSendRequest
0x5c9664 WinHttpQueryHeaders
0x5c9668 WinHttpGetIEProxyConfigForCurrentUser
0x5c966c WinHttpAddRequestHeaders
0x5c9670 WinHttpOpenRequest
0x5c9674 WinHttpConnect
0x5c9678 WinHttpCrackUrl
0x5c967c WinHttpQueryDataAvailable
0x5c9680 WinHttpReadData
0x5c9684 WinHttpGetProxyForUrl
0x5c9688 WinHttpSetTimeouts
0x5c968c WinHttpCloseHandle
0x5c9690 WinHttpOpen
SHLWAPI.dll
0x5c94b0 PathAddBackslashW
0x5c94b4 PathRemoveFileSpecA
0x5c94b8 PathRemoveFileSpecW
0x5c94bc PathFileExistsW
0x5c94c0 PathIsDirectoryW
d3d9.dll
0x5c96e0 Direct3DCreate9
VERSION.dll
0x5c9644 VerQueryValueW
0x5c9648 GetFileVersionInfoW
0x5c964c GetFileVersionInfoSizeW
NETAPI32.dll
0x5c9474 Netbios
EAT(Export Address Table) Library
0x447f30 ??4BeaconClient@@QAEAAV0@$$QAV0@@Z
0x447f30 ??4BeaconClient@@QAEAAV0@ABV0@@Z
0x448aad ?GetCommParamGetter@BeaconClient@@SAABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@@std@@@2@@std@@XZ
0x448a4d ?GetCommcomParams@BeaconClient@@SAABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
0x44870d ?GetConfig@BeaconClient@@SAABUBeaconConfig@@XZ
0x4482cb ?InitSDK@BeaconClient@@SAXABUBeaconConfig@@@Z
0x448713 ?PrepareParams@BeaconClient@@SA?AV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@ABV23@_J@Z
0x448416 ?Quit@BeaconClient@@SAXXZ
0x4485d9 ?Report@BeaconClient@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@3@W4RequestPriority@Beacon@@@Z
0x448a53 ?SetCommParamGetter@BeaconClient@@SAXABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$function@$$A6A?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ@2@@std@@@2@@std@@@Z
0x448422 ?SetCommonParams@BeaconClient@@SAXABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@@Z