ScreenShot
| Created | 2024.05.07 08:22 | Machine | s1_win7_x6402 |
| Filename | dumb.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 18 detected (malicious, high confidence, unsafe, Vfde, Attribute, HighConfidence, RATX, Outbreak, Detected, Sabsik, AgentTesla, Static AI, Malicious PE, GenKryptik, GUVY) | ||
| md5 | 479736d5599db235e580d2ff12fe3594 | ||
| sha256 | 5dd5ba8ed48b93b53007a7abe8f253672fcd5b73af78abf0cdea3838ef807557 | ||
| ssdeep | 49152:wB4Jd6QzY94VGMtTL4U86O4WppG1nNqmF0ec+zZVz:FPx4D8OF8xg+zZN | ||
| imphash | 7b5efec814847469bc4fe2902a0a6aac | ||
| impfuzzy | 96:WdKdFQSoueJcxFXveQUhxl5ja9X8018QX9Y9X1nRW7PRXeQ4y0uGdLfByIH:WA8SoQ7XVuQNY9FRkRuZaGByIH | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 18 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x14022c000 RegCloseKey
0x14022c008 RegEnumKeyExW
0x14022c010 RegEnumValueW
0x14022c018 RegOpenKeyExW
0x14022c020 RegQueryValueExW
0x14022c028 RegSetValueExW
0x14022c030 RegSetValueExA
0x14022c038 OpenProcessToken
0x14022c040 LookupPrivilegeValueW
0x14022c048 AdjustTokenPrivileges
0x14022c050 GetTokenInformation
0x14022c058 DuplicateTokenEx
0x14022c060 OpenThreadToken
0x14022c068 RevertToSelf
0x14022c070 ImpersonateLoggedOnUser
0x14022c078 CheckTokenMembership
0x14022c080 EventWrite
0x14022c088 EventRegister
0x14022c090 EventEnabled
crypt.dll
0x14022c7e8 BCryptGenerateSymmetricKey
0x14022c7f0 BCryptGenRandom
0x14022c7f8 BCryptOpenAlgorithmProvider
0x14022c800 BCryptDestroyKey
0x14022c808 BCryptCloseAlgorithmProvider
KERNEL32.dll
0x14022c0a0 TlsFree
0x14022c0a8 TlsSetValue
0x14022c0b0 TlsGetValue
0x14022c0b8 TlsAlloc
0x14022c0c0 InitializeCriticalSectionAndSpinCount
0x14022c0c8 EncodePointer
0x14022c0d0 CloseThreadpoolIo
0x14022c0d8 MultiByteToWideChar
0x14022c0e0 GetStdHandle
0x14022c0e8 TzSpecificLocalTimeToSystemTime
0x14022c0f0 SystemTimeToFileTime
0x14022c0f8 FileTimeToSystemTime
0x14022c100 GetSystemTime
0x14022c108 GetCalendarInfoEx
0x14022c110 CompareStringOrdinal
0x14022c118 CompareStringEx
0x14022c120 FindNLSStringEx
0x14022c128 GetLocaleInfoEx
0x14022c130 ResolveLocaleName
0x14022c138 GetUserPreferredUILanguages
0x14022c140 FindStringOrdinal
0x14022c148 GetTickCount64
0x14022c150 GetCurrentProcess
0x14022c158 GetCurrentThread
0x14022c160 WaitForSingleObject
0x14022c168 Sleep
0x14022c170 CreateThreadpoolWork
0x14022c178 CloseThreadpoolWork
0x14022c180 SubmitThreadpoolWork
0x14022c188 CreateThreadpoolWait
0x14022c190 SetThreadpoolWait
0x14022c198 WaitForThreadpoolWaitCallbacks
0x14022c1a0 CloseThreadpoolWait
0x14022c1a8 DeleteCriticalSection
0x14022c1b0 LocalFree
0x14022c1b8 EnterCriticalSection
0x14022c1c0 SleepConditionVariableCS
0x14022c1c8 LeaveCriticalSection
0x14022c1d0 WakeConditionVariable
0x14022c1d8 QueryPerformanceCounter
0x14022c1e0 InitializeCriticalSection
0x14022c1e8 InitializeConditionVariable
0x14022c1f0 WaitForMultipleObjectsEx
0x14022c1f8 GetLastError
0x14022c200 QueryPerformanceFrequency
0x14022c208 SetLastError
0x14022c210 GetFullPathNameW
0x14022c218 GetLongPathNameW
0x14022c220 WideCharToMultiByte
0x14022c228 LocalAlloc
0x14022c230 GetConsoleOutputCP
0x14022c238 GetProcAddress
0x14022c240 RaiseFailFastException
0x14022c248 CreateThreadpoolIo
0x14022c250 StartThreadpoolIo
0x14022c258 CancelThreadpoolIo
0x14022c260 LocaleNameToLCID
0x14022c268 LCMapStringEx
0x14022c270 EnumTimeFormatsEx
0x14022c278 EnumCalendarInfoExEx
0x14022c280 CopyFileExW
0x14022c288 CreateDirectoryW
0x14022c290 CreateFileW
0x14022c298 DeleteFileW
0x14022c2a0 DeleteVolumeMountPointW
0x14022c2a8 CreateSymbolicLinkW
0x14022c2b0 DeviceIoControl
0x14022c2b8 ExpandEnvironmentStringsW
0x14022c2c0 FindNextFileW
0x14022c2c8 FindClose
0x14022c2d0 FindFirstFileExW
0x14022c2d8 FlushFileBuffers
0x14022c2e0 FreeLibrary
0x14022c2e8 GetCurrentDirectoryW
0x14022c2f0 GetFileAttributesExW
0x14022c2f8 GetFileInformationByHandle
0x14022c300 GetFileInformationByHandleEx
0x14022c308 GetFileType
0x14022c310 GetFinalPathNameByHandleW
0x14022c318 GetLogicalDrives
0x14022c320 GetModuleFileNameW
0x14022c328 GetOverlappedResult
0x14022c330 GetSystemDirectoryW
0x14022c338 GetVolumeInformationW
0x14022c340 LoadLibraryExW
0x14022c348 MoveFileExW
0x14022c350 ReadFile
0x14022c358 RemoveDirectoryW
0x14022c360 ReplaceFileW
0x14022c368 SetFileAttributesW
0x14022c370 SetFileInformationByHandle
0x14022c378 SetFilePointerEx
0x14022c380 SetThreadErrorMode
0x14022c388 GetDynamicTimeZoneInformation
0x14022c390 GetTimeZoneInformation
0x14022c398 WriteFile
0x14022c3a0 GetCurrentProcessorNumberEx
0x14022c3a8 CloseHandle
0x14022c3b0 SetEvent
0x14022c3b8 CreateEventExW
0x14022c3c0 GetEnvironmentVariableW
0x14022c3c8 FormatMessageW
0x14022c3d0 CreateThread
0x14022c3d8 ResumeThread
0x14022c3e0 DuplicateHandle
0x14022c3e8 GetThreadPriority
0x14022c3f0 SetThreadPriority
0x14022c3f8 GetCPInfoExW
0x14022c400 GetConsoleMode
0x14022c408 WriteConsoleW
0x14022c410 GetConsoleWindow
0x14022c418 LoadLibraryA
0x14022c420 GetModuleHandleA
0x14022c428 FreeConsole
0x14022c430 AllocConsole
0x14022c438 VirtualAllocEx
0x14022c440 GetThreadContext
0x14022c448 WriteProcessMemory
0x14022c450 GetExitCodeProcess
0x14022c458 CreateProcessW
0x14022c460 TerminateProcess
0x14022c468 OpenProcess
0x14022c470 K32EnumProcesses
0x14022c478 GetProcessId
0x14022c480 QueryFullProcessImageNameW
0x14022c488 CreatePipe
0x14022c490 GetConsoleCP
0x14022c498 FlushProcessWriteBuffers
0x14022c4a0 GetCurrentThreadId
0x14022c4a8 WaitForSingleObjectEx
0x14022c4b0 VirtualQuery
0x14022c4b8 RtlRestoreContext
0x14022c4c0 AddVectoredExceptionHandler
0x14022c4c8 FlsAlloc
0x14022c4d0 FlsGetValue
0x14022c4d8 FlsSetValue
0x14022c4e0 CreateEventW
0x14022c4e8 SwitchToThread
0x14022c4f0 SuspendThread
0x14022c4f8 SetThreadContext
0x14022c500 FlushInstructionCache
0x14022c508 VirtualAlloc
0x14022c510 VirtualProtect
0x14022c518 VirtualFree
0x14022c520 QueryInformationJobObject
0x14022c528 GetModuleHandleW
0x14022c530 GetModuleHandleExW
0x14022c538 GetProcessAffinityMask
0x14022c540 InitializeContext
0x14022c548 GetEnabledXStateFeatures
0x14022c550 SetXStateFeaturesMask
0x14022c558 InitializeCriticalSectionEx
0x14022c560 GetSystemTimeAsFileTime
0x14022c568 ResetEvent
0x14022c570 DebugBreak
0x14022c578 SleepEx
0x14022c580 GlobalMemoryStatusEx
0x14022c588 GetSystemInfo
0x14022c590 GetLogicalProcessorInformation
0x14022c598 GetLogicalProcessorInformationEx
0x14022c5a0 GetLargePageMinimum
0x14022c5a8 VirtualUnlock
0x14022c5b0 VirtualAllocExNuma
0x14022c5b8 IsProcessInJob
0x14022c5c0 GetNumaHighestNodeNumber
0x14022c5c8 GetProcessGroupAffinity
0x14022c5d0 K32GetProcessMemoryInfo
0x14022c5d8 RaiseException
0x14022c5e0 RtlPcToFileHeader
0x14022c5e8 RtlUnwindEx
0x14022c5f0 IsProcessorFeaturePresent
0x14022c5f8 SetUnhandledExceptionFilter
0x14022c600 UnhandledExceptionFilter
0x14022c608 IsDebuggerPresent
0x14022c610 RtlVirtualUnwind
0x14022c618 RtlLookupFunctionEntry
0x14022c620 RtlCaptureContext
0x14022c628 InitializeSListHead
0x14022c630 GetCurrentProcessId
ole32.dll
0x14022c818 CoGetApartmentType
0x14022c820 CoTaskMemAlloc
0x14022c828 CoUninitialize
0x14022c830 CoTaskMemFree
0x14022c838 CoCreateGuid
0x14022c840 CoWaitForMultipleHandles
0x14022c848 CoInitializeEx
USER32.dll
0x14022c640 LoadStringW
api-ms-win-crt-math-l1-1-0.dll
0x14022c690 __setusermatherr
0x14022c698 sin
0x14022c6a0 modf
0x14022c6a8 tan
0x14022c6b0 ceil
0x14022c6b8 cos
0x14022c6c0 floor
0x14022c6c8 pow
api-ms-win-crt-heap-l1-1-0.dll
0x14022c650 calloc
0x14022c658 malloc
0x14022c660 _callnewh
0x14022c668 _set_new_mode
0x14022c670 free
api-ms-win-crt-string-l1-1-0.dll
0x14022c7b0 strncpy_s
0x14022c7b8 _stricmp
0x14022c7c0 strcpy_s
0x14022c7c8 _wcsicmp
0x14022c7d0 strcmp
0x14022c7d8 wcsncmp
api-ms-win-crt-runtime-l1-1-0.dll
0x14022c6d8 _exit
0x14022c6e0 __p___argc
0x14022c6e8 _initterm_e
0x14022c6f0 terminate
0x14022c6f8 _crt_atexit
0x14022c700 _register_onexit_function
0x14022c708 _initialize_onexit_table
0x14022c710 exit
0x14022c718 _initterm
0x14022c720 _get_initial_wide_environment
0x14022c728 abort
0x14022c730 __p___wargv
0x14022c738 _register_thread_local_exe_atexit_callback
0x14022c740 _c_exit
0x14022c748 _cexit
0x14022c750 _seh_filter_exe
0x14022c758 _set_app_type
0x14022c760 _initialize_wide_environment
0x14022c768 _configure_wide_argv
api-ms-win-crt-stdio-l1-1-0.dll
0x14022c778 __stdio_common_vsprintf_s
0x14022c780 __p__commode
0x14022c788 __stdio_common_vfprintf
0x14022c790 __stdio_common_vsscanf
0x14022c798 _set_fmode
0x14022c7a0 __acrt_iob_func
api-ms-win-crt-locale-l1-1-0.dll
0x14022c680 _configthreadlocale
EAT(Export Address Table) Library
0x140315e30 DotNetRuntimeDebugHeader
ADVAPI32.dll
0x14022c000 RegCloseKey
0x14022c008 RegEnumKeyExW
0x14022c010 RegEnumValueW
0x14022c018 RegOpenKeyExW
0x14022c020 RegQueryValueExW
0x14022c028 RegSetValueExW
0x14022c030 RegSetValueExA
0x14022c038 OpenProcessToken
0x14022c040 LookupPrivilegeValueW
0x14022c048 AdjustTokenPrivileges
0x14022c050 GetTokenInformation
0x14022c058 DuplicateTokenEx
0x14022c060 OpenThreadToken
0x14022c068 RevertToSelf
0x14022c070 ImpersonateLoggedOnUser
0x14022c078 CheckTokenMembership
0x14022c080 EventWrite
0x14022c088 EventRegister
0x14022c090 EventEnabled
crypt.dll
0x14022c7e8 BCryptGenerateSymmetricKey
0x14022c7f0 BCryptGenRandom
0x14022c7f8 BCryptOpenAlgorithmProvider
0x14022c800 BCryptDestroyKey
0x14022c808 BCryptCloseAlgorithmProvider
KERNEL32.dll
0x14022c0a0 TlsFree
0x14022c0a8 TlsSetValue
0x14022c0b0 TlsGetValue
0x14022c0b8 TlsAlloc
0x14022c0c0 InitializeCriticalSectionAndSpinCount
0x14022c0c8 EncodePointer
0x14022c0d0 CloseThreadpoolIo
0x14022c0d8 MultiByteToWideChar
0x14022c0e0 GetStdHandle
0x14022c0e8 TzSpecificLocalTimeToSystemTime
0x14022c0f0 SystemTimeToFileTime
0x14022c0f8 FileTimeToSystemTime
0x14022c100 GetSystemTime
0x14022c108 GetCalendarInfoEx
0x14022c110 CompareStringOrdinal
0x14022c118 CompareStringEx
0x14022c120 FindNLSStringEx
0x14022c128 GetLocaleInfoEx
0x14022c130 ResolveLocaleName
0x14022c138 GetUserPreferredUILanguages
0x14022c140 FindStringOrdinal
0x14022c148 GetTickCount64
0x14022c150 GetCurrentProcess
0x14022c158 GetCurrentThread
0x14022c160 WaitForSingleObject
0x14022c168 Sleep
0x14022c170 CreateThreadpoolWork
0x14022c178 CloseThreadpoolWork
0x14022c180 SubmitThreadpoolWork
0x14022c188 CreateThreadpoolWait
0x14022c190 SetThreadpoolWait
0x14022c198 WaitForThreadpoolWaitCallbacks
0x14022c1a0 CloseThreadpoolWait
0x14022c1a8 DeleteCriticalSection
0x14022c1b0 LocalFree
0x14022c1b8 EnterCriticalSection
0x14022c1c0 SleepConditionVariableCS
0x14022c1c8 LeaveCriticalSection
0x14022c1d0 WakeConditionVariable
0x14022c1d8 QueryPerformanceCounter
0x14022c1e0 InitializeCriticalSection
0x14022c1e8 InitializeConditionVariable
0x14022c1f0 WaitForMultipleObjectsEx
0x14022c1f8 GetLastError
0x14022c200 QueryPerformanceFrequency
0x14022c208 SetLastError
0x14022c210 GetFullPathNameW
0x14022c218 GetLongPathNameW
0x14022c220 WideCharToMultiByte
0x14022c228 LocalAlloc
0x14022c230 GetConsoleOutputCP
0x14022c238 GetProcAddress
0x14022c240 RaiseFailFastException
0x14022c248 CreateThreadpoolIo
0x14022c250 StartThreadpoolIo
0x14022c258 CancelThreadpoolIo
0x14022c260 LocaleNameToLCID
0x14022c268 LCMapStringEx
0x14022c270 EnumTimeFormatsEx
0x14022c278 EnumCalendarInfoExEx
0x14022c280 CopyFileExW
0x14022c288 CreateDirectoryW
0x14022c290 CreateFileW
0x14022c298 DeleteFileW
0x14022c2a0 DeleteVolumeMountPointW
0x14022c2a8 CreateSymbolicLinkW
0x14022c2b0 DeviceIoControl
0x14022c2b8 ExpandEnvironmentStringsW
0x14022c2c0 FindNextFileW
0x14022c2c8 FindClose
0x14022c2d0 FindFirstFileExW
0x14022c2d8 FlushFileBuffers
0x14022c2e0 FreeLibrary
0x14022c2e8 GetCurrentDirectoryW
0x14022c2f0 GetFileAttributesExW
0x14022c2f8 GetFileInformationByHandle
0x14022c300 GetFileInformationByHandleEx
0x14022c308 GetFileType
0x14022c310 GetFinalPathNameByHandleW
0x14022c318 GetLogicalDrives
0x14022c320 GetModuleFileNameW
0x14022c328 GetOverlappedResult
0x14022c330 GetSystemDirectoryW
0x14022c338 GetVolumeInformationW
0x14022c340 LoadLibraryExW
0x14022c348 MoveFileExW
0x14022c350 ReadFile
0x14022c358 RemoveDirectoryW
0x14022c360 ReplaceFileW
0x14022c368 SetFileAttributesW
0x14022c370 SetFileInformationByHandle
0x14022c378 SetFilePointerEx
0x14022c380 SetThreadErrorMode
0x14022c388 GetDynamicTimeZoneInformation
0x14022c390 GetTimeZoneInformation
0x14022c398 WriteFile
0x14022c3a0 GetCurrentProcessorNumberEx
0x14022c3a8 CloseHandle
0x14022c3b0 SetEvent
0x14022c3b8 CreateEventExW
0x14022c3c0 GetEnvironmentVariableW
0x14022c3c8 FormatMessageW
0x14022c3d0 CreateThread
0x14022c3d8 ResumeThread
0x14022c3e0 DuplicateHandle
0x14022c3e8 GetThreadPriority
0x14022c3f0 SetThreadPriority
0x14022c3f8 GetCPInfoExW
0x14022c400 GetConsoleMode
0x14022c408 WriteConsoleW
0x14022c410 GetConsoleWindow
0x14022c418 LoadLibraryA
0x14022c420 GetModuleHandleA
0x14022c428 FreeConsole
0x14022c430 AllocConsole
0x14022c438 VirtualAllocEx
0x14022c440 GetThreadContext
0x14022c448 WriteProcessMemory
0x14022c450 GetExitCodeProcess
0x14022c458 CreateProcessW
0x14022c460 TerminateProcess
0x14022c468 OpenProcess
0x14022c470 K32EnumProcesses
0x14022c478 GetProcessId
0x14022c480 QueryFullProcessImageNameW
0x14022c488 CreatePipe
0x14022c490 GetConsoleCP
0x14022c498 FlushProcessWriteBuffers
0x14022c4a0 GetCurrentThreadId
0x14022c4a8 WaitForSingleObjectEx
0x14022c4b0 VirtualQuery
0x14022c4b8 RtlRestoreContext
0x14022c4c0 AddVectoredExceptionHandler
0x14022c4c8 FlsAlloc
0x14022c4d0 FlsGetValue
0x14022c4d8 FlsSetValue
0x14022c4e0 CreateEventW
0x14022c4e8 SwitchToThread
0x14022c4f0 SuspendThread
0x14022c4f8 SetThreadContext
0x14022c500 FlushInstructionCache
0x14022c508 VirtualAlloc
0x14022c510 VirtualProtect
0x14022c518 VirtualFree
0x14022c520 QueryInformationJobObject
0x14022c528 GetModuleHandleW
0x14022c530 GetModuleHandleExW
0x14022c538 GetProcessAffinityMask
0x14022c540 InitializeContext
0x14022c548 GetEnabledXStateFeatures
0x14022c550 SetXStateFeaturesMask
0x14022c558 InitializeCriticalSectionEx
0x14022c560 GetSystemTimeAsFileTime
0x14022c568 ResetEvent
0x14022c570 DebugBreak
0x14022c578 SleepEx
0x14022c580 GlobalMemoryStatusEx
0x14022c588 GetSystemInfo
0x14022c590 GetLogicalProcessorInformation
0x14022c598 GetLogicalProcessorInformationEx
0x14022c5a0 GetLargePageMinimum
0x14022c5a8 VirtualUnlock
0x14022c5b0 VirtualAllocExNuma
0x14022c5b8 IsProcessInJob
0x14022c5c0 GetNumaHighestNodeNumber
0x14022c5c8 GetProcessGroupAffinity
0x14022c5d0 K32GetProcessMemoryInfo
0x14022c5d8 RaiseException
0x14022c5e0 RtlPcToFileHeader
0x14022c5e8 RtlUnwindEx
0x14022c5f0 IsProcessorFeaturePresent
0x14022c5f8 SetUnhandledExceptionFilter
0x14022c600 UnhandledExceptionFilter
0x14022c608 IsDebuggerPresent
0x14022c610 RtlVirtualUnwind
0x14022c618 RtlLookupFunctionEntry
0x14022c620 RtlCaptureContext
0x14022c628 InitializeSListHead
0x14022c630 GetCurrentProcessId
ole32.dll
0x14022c818 CoGetApartmentType
0x14022c820 CoTaskMemAlloc
0x14022c828 CoUninitialize
0x14022c830 CoTaskMemFree
0x14022c838 CoCreateGuid
0x14022c840 CoWaitForMultipleHandles
0x14022c848 CoInitializeEx
USER32.dll
0x14022c640 LoadStringW
api-ms-win-crt-math-l1-1-0.dll
0x14022c690 __setusermatherr
0x14022c698 sin
0x14022c6a0 modf
0x14022c6a8 tan
0x14022c6b0 ceil
0x14022c6b8 cos
0x14022c6c0 floor
0x14022c6c8 pow
api-ms-win-crt-heap-l1-1-0.dll
0x14022c650 calloc
0x14022c658 malloc
0x14022c660 _callnewh
0x14022c668 _set_new_mode
0x14022c670 free
api-ms-win-crt-string-l1-1-0.dll
0x14022c7b0 strncpy_s
0x14022c7b8 _stricmp
0x14022c7c0 strcpy_s
0x14022c7c8 _wcsicmp
0x14022c7d0 strcmp
0x14022c7d8 wcsncmp
api-ms-win-crt-runtime-l1-1-0.dll
0x14022c6d8 _exit
0x14022c6e0 __p___argc
0x14022c6e8 _initterm_e
0x14022c6f0 terminate
0x14022c6f8 _crt_atexit
0x14022c700 _register_onexit_function
0x14022c708 _initialize_onexit_table
0x14022c710 exit
0x14022c718 _initterm
0x14022c720 _get_initial_wide_environment
0x14022c728 abort
0x14022c730 __p___wargv
0x14022c738 _register_thread_local_exe_atexit_callback
0x14022c740 _c_exit
0x14022c748 _cexit
0x14022c750 _seh_filter_exe
0x14022c758 _set_app_type
0x14022c760 _initialize_wide_environment
0x14022c768 _configure_wide_argv
api-ms-win-crt-stdio-l1-1-0.dll
0x14022c778 __stdio_common_vsprintf_s
0x14022c780 __p__commode
0x14022c788 __stdio_common_vfprintf
0x14022c790 __stdio_common_vsscanf
0x14022c798 _set_fmode
0x14022c7a0 __acrt_iob_func
api-ms-win-crt-locale-l1-1-0.dll
0x14022c680 _configthreadlocale
EAT(Export Address Table) Library
0x140315e30 DotNetRuntimeDebugHeader