ScreenShot
| Created | 2024.05.11 19:44 | Machine | s1_win7_x6401 |
| Filename | file300un.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 30 detected (PBLoader, malicious, high confidence, Artemis, unsafe, Kryptik, Vu47, Attribute, HighConfidence, GenKryptik, GXKH, PWSX, Androm, o0l3RIooCEG, Inject5, OPERALOADER, YXEEKZ, Outbreak, Detected, Nekark, lkpog, PrivateLoader, Taily, Ilgergop, KI9CFC, ABRisk, ATGK, GUVY) | ||
| md5 | d2f812118c89341715fbff0ba9530396 | ||
| sha256 | 716741d85859c7c4747395deb709dc0b4b2741a0d15850aa3a706cc05d61bf6d | ||
| ssdeep | 24576:tRoBHi3buy4toE1jC6Ayo2xhWLbSPlqRvc68XzRVGvQB5VA0UC1dUUKj/LZ8j3gy:boKmo4jC6Tov2RUC1doj/wgy | ||
| imphash | f6df573862725a7261d77e9eebaebd3a | ||
| impfuzzy | 96:WdKdFQSoueJcxFXveQUhxl5ja9X8018QX9Y9X1XRW7PsXeQ4y0uGdLfByIH:WA8SoQ7XVuQNY9FhksuZaGByIH | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 30 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x14022c000 RegCloseKey
0x14022c008 RegEnumKeyExW
0x14022c010 RegEnumValueW
0x14022c018 RegOpenKeyExW
0x14022c020 RegQueryValueExW
0x14022c028 RegSetValueExW
0x14022c030 RegSetValueExA
0x14022c038 OpenProcessToken
0x14022c040 LookupPrivilegeValueW
0x14022c048 AdjustTokenPrivileges
0x14022c050 GetTokenInformation
0x14022c058 DuplicateTokenEx
0x14022c060 OpenThreadToken
0x14022c068 RevertToSelf
0x14022c070 ImpersonateLoggedOnUser
0x14022c078 CheckTokenMembership
0x14022c080 EventWrite
0x14022c088 EventRegister
0x14022c090 EventEnabled
crypt.dll
0x14022c7e0 BCryptGenerateSymmetricKey
0x14022c7e8 BCryptGenRandom
0x14022c7f0 BCryptOpenAlgorithmProvider
0x14022c7f8 BCryptDestroyKey
0x14022c800 BCryptCloseAlgorithmProvider
KERNEL32.dll
0x14022c0a0 TlsFree
0x14022c0a8 TlsSetValue
0x14022c0b0 TlsGetValue
0x14022c0b8 TlsAlloc
0x14022c0c0 InitializeCriticalSectionAndSpinCount
0x14022c0c8 EncodePointer
0x14022c0d0 CloseThreadpoolIo
0x14022c0d8 MultiByteToWideChar
0x14022c0e0 GetStdHandle
0x14022c0e8 TzSpecificLocalTimeToSystemTime
0x14022c0f0 SystemTimeToFileTime
0x14022c0f8 FileTimeToSystemTime
0x14022c100 GetSystemTime
0x14022c108 GetCalendarInfoEx
0x14022c110 CompareStringOrdinal
0x14022c118 CompareStringEx
0x14022c120 FindNLSStringEx
0x14022c128 GetLocaleInfoEx
0x14022c130 ResolveLocaleName
0x14022c138 GetUserPreferredUILanguages
0x14022c140 FindStringOrdinal
0x14022c148 GetTickCount64
0x14022c150 GetCurrentProcess
0x14022c158 GetCurrentThread
0x14022c160 WaitForSingleObject
0x14022c168 Sleep
0x14022c170 CreateThreadpoolWork
0x14022c178 CloseThreadpoolWork
0x14022c180 SubmitThreadpoolWork
0x14022c188 CreateThreadpoolWait
0x14022c190 SetThreadpoolWait
0x14022c198 WaitForThreadpoolWaitCallbacks
0x14022c1a0 CloseThreadpoolWait
0x14022c1a8 DeleteCriticalSection
0x14022c1b0 LocalFree
0x14022c1b8 EnterCriticalSection
0x14022c1c0 SleepConditionVariableCS
0x14022c1c8 LeaveCriticalSection
0x14022c1d0 WakeConditionVariable
0x14022c1d8 QueryPerformanceCounter
0x14022c1e0 InitializeCriticalSection
0x14022c1e8 InitializeConditionVariable
0x14022c1f0 WaitForMultipleObjectsEx
0x14022c1f8 GetLastError
0x14022c200 QueryPerformanceFrequency
0x14022c208 SetLastError
0x14022c210 GetFullPathNameW
0x14022c218 GetLongPathNameW
0x14022c220 WideCharToMultiByte
0x14022c228 LocalAlloc
0x14022c230 GetConsoleOutputCP
0x14022c238 GetProcAddress
0x14022c240 RaiseFailFastException
0x14022c248 CreateThreadpoolIo
0x14022c250 StartThreadpoolIo
0x14022c258 CancelThreadpoolIo
0x14022c260 LocaleNameToLCID
0x14022c268 LCMapStringEx
0x14022c270 EnumTimeFormatsEx
0x14022c278 EnumCalendarInfoExEx
0x14022c280 CopyFileExW
0x14022c288 CreateDirectoryW
0x14022c290 CreateFileW
0x14022c298 DeleteFileW
0x14022c2a0 DeleteVolumeMountPointW
0x14022c2a8 CreateSymbolicLinkW
0x14022c2b0 DeviceIoControl
0x14022c2b8 ExpandEnvironmentStringsW
0x14022c2c0 FindNextFileW
0x14022c2c8 FindClose
0x14022c2d0 FindFirstFileExW
0x14022c2d8 FlushFileBuffers
0x14022c2e0 FreeLibrary
0x14022c2e8 GetCurrentDirectoryW
0x14022c2f0 GetFileAttributesExW
0x14022c2f8 GetFileInformationByHandle
0x14022c300 GetFileInformationByHandleEx
0x14022c308 GetFileType
0x14022c310 GetFinalPathNameByHandleW
0x14022c318 GetLogicalDrives
0x14022c320 GetModuleFileNameW
0x14022c328 GetOverlappedResult
0x14022c330 GetSystemDirectoryW
0x14022c338 GetVolumeInformationW
0x14022c340 LoadLibraryExW
0x14022c348 MoveFileExW
0x14022c350 ReadFile
0x14022c358 RemoveDirectoryW
0x14022c360 ReplaceFileW
0x14022c368 SetFileAttributesW
0x14022c370 SetFileInformationByHandle
0x14022c378 SetFilePointerEx
0x14022c380 SetThreadErrorMode
0x14022c388 GetDynamicTimeZoneInformation
0x14022c390 GetTimeZoneInformation
0x14022c398 WriteFile
0x14022c3a0 GetCurrentProcessorNumberEx
0x14022c3a8 CloseHandle
0x14022c3b0 SetEvent
0x14022c3b8 CreateEventExW
0x14022c3c0 GetEnvironmentVariableW
0x14022c3c8 FormatMessageW
0x14022c3d0 CreateThread
0x14022c3d8 ResumeThread
0x14022c3e0 DuplicateHandle
0x14022c3e8 GetThreadPriority
0x14022c3f0 SetThreadPriority
0x14022c3f8 GetCPInfoExW
0x14022c400 GetConsoleMode
0x14022c408 WriteConsoleW
0x14022c410 GetConsoleWindow
0x14022c418 LoadLibraryA
0x14022c420 GetModuleHandleA
0x14022c428 FreeConsole
0x14022c430 AllocConsole
0x14022c438 VirtualAllocEx
0x14022c440 GetExitCodeProcess
0x14022c448 CreateProcessW
0x14022c450 TerminateProcess
0x14022c458 OpenProcess
0x14022c460 K32EnumProcesses
0x14022c468 GetProcessId
0x14022c470 QueryFullProcessImageNameW
0x14022c478 CreatePipe
0x14022c480 GetConsoleCP
0x14022c488 FlushProcessWriteBuffers
0x14022c490 GetCurrentThreadId
0x14022c498 WaitForSingleObjectEx
0x14022c4a0 VirtualQuery
0x14022c4a8 RtlRestoreContext
0x14022c4b0 AddVectoredExceptionHandler
0x14022c4b8 FlsAlloc
0x14022c4c0 FlsGetValue
0x14022c4c8 FlsSetValue
0x14022c4d0 CreateEventW
0x14022c4d8 SwitchToThread
0x14022c4e0 SuspendThread
0x14022c4e8 GetThreadContext
0x14022c4f0 SetThreadContext
0x14022c4f8 FlushInstructionCache
0x14022c500 VirtualAlloc
0x14022c508 VirtualProtect
0x14022c510 VirtualFree
0x14022c518 QueryInformationJobObject
0x14022c520 GetModuleHandleW
0x14022c528 GetModuleHandleExW
0x14022c530 GetProcessAffinityMask
0x14022c538 InitializeContext
0x14022c540 GetEnabledXStateFeatures
0x14022c548 SetXStateFeaturesMask
0x14022c550 InitializeCriticalSectionEx
0x14022c558 GetSystemTimeAsFileTime
0x14022c560 ResetEvent
0x14022c568 DebugBreak
0x14022c570 SleepEx
0x14022c578 GlobalMemoryStatusEx
0x14022c580 GetSystemInfo
0x14022c588 GetLogicalProcessorInformation
0x14022c590 GetLogicalProcessorInformationEx
0x14022c598 GetLargePageMinimum
0x14022c5a0 VirtualUnlock
0x14022c5a8 VirtualAllocExNuma
0x14022c5b0 IsProcessInJob
0x14022c5b8 GetNumaHighestNodeNumber
0x14022c5c0 GetProcessGroupAffinity
0x14022c5c8 K32GetProcessMemoryInfo
0x14022c5d0 RaiseException
0x14022c5d8 RtlPcToFileHeader
0x14022c5e0 RtlUnwindEx
0x14022c5e8 IsProcessorFeaturePresent
0x14022c5f0 SetUnhandledExceptionFilter
0x14022c5f8 UnhandledExceptionFilter
0x14022c600 IsDebuggerPresent
0x14022c608 RtlVirtualUnwind
0x14022c610 RtlLookupFunctionEntry
0x14022c618 RtlCaptureContext
0x14022c620 InitializeSListHead
0x14022c628 GetCurrentProcessId
ole32.dll
0x14022c810 CoGetApartmentType
0x14022c818 CoTaskMemAlloc
0x14022c820 CoUninitialize
0x14022c828 CoTaskMemFree
0x14022c830 CoCreateGuid
0x14022c838 CoWaitForMultipleHandles
0x14022c840 CoInitializeEx
USER32.dll
0x14022c638 LoadStringW
api-ms-win-crt-math-l1-1-0.dll
0x14022c688 __setusermatherr
0x14022c690 sin
0x14022c698 modf
0x14022c6a0 tan
0x14022c6a8 ceil
0x14022c6b0 cos
0x14022c6b8 floor
0x14022c6c0 pow
api-ms-win-crt-heap-l1-1-0.dll
0x14022c648 calloc
0x14022c650 malloc
0x14022c658 _callnewh
0x14022c660 _set_new_mode
0x14022c668 free
api-ms-win-crt-string-l1-1-0.dll
0x14022c7a8 strncpy_s
0x14022c7b0 _stricmp
0x14022c7b8 strcpy_s
0x14022c7c0 _wcsicmp
0x14022c7c8 strcmp
0x14022c7d0 wcsncmp
api-ms-win-crt-runtime-l1-1-0.dll
0x14022c6d0 _exit
0x14022c6d8 __p___argc
0x14022c6e0 _initterm_e
0x14022c6e8 terminate
0x14022c6f0 _crt_atexit
0x14022c6f8 _register_onexit_function
0x14022c700 _initialize_onexit_table
0x14022c708 exit
0x14022c710 _initterm
0x14022c718 _get_initial_wide_environment
0x14022c720 abort
0x14022c728 __p___wargv
0x14022c730 _register_thread_local_exe_atexit_callback
0x14022c738 _c_exit
0x14022c740 _cexit
0x14022c748 _seh_filter_exe
0x14022c750 _set_app_type
0x14022c758 _initialize_wide_environment
0x14022c760 _configure_wide_argv
api-ms-win-crt-stdio-l1-1-0.dll
0x14022c770 __stdio_common_vsprintf_s
0x14022c778 __p__commode
0x14022c780 __stdio_common_vfprintf
0x14022c788 __stdio_common_vsscanf
0x14022c790 _set_fmode
0x14022c798 __acrt_iob_func
api-ms-win-crt-locale-l1-1-0.dll
0x14022c678 _configthreadlocale
EAT(Export Address Table) Library
0x140315e00 DotNetRuntimeDebugHeader
ADVAPI32.dll
0x14022c000 RegCloseKey
0x14022c008 RegEnumKeyExW
0x14022c010 RegEnumValueW
0x14022c018 RegOpenKeyExW
0x14022c020 RegQueryValueExW
0x14022c028 RegSetValueExW
0x14022c030 RegSetValueExA
0x14022c038 OpenProcessToken
0x14022c040 LookupPrivilegeValueW
0x14022c048 AdjustTokenPrivileges
0x14022c050 GetTokenInformation
0x14022c058 DuplicateTokenEx
0x14022c060 OpenThreadToken
0x14022c068 RevertToSelf
0x14022c070 ImpersonateLoggedOnUser
0x14022c078 CheckTokenMembership
0x14022c080 EventWrite
0x14022c088 EventRegister
0x14022c090 EventEnabled
crypt.dll
0x14022c7e0 BCryptGenerateSymmetricKey
0x14022c7e8 BCryptGenRandom
0x14022c7f0 BCryptOpenAlgorithmProvider
0x14022c7f8 BCryptDestroyKey
0x14022c800 BCryptCloseAlgorithmProvider
KERNEL32.dll
0x14022c0a0 TlsFree
0x14022c0a8 TlsSetValue
0x14022c0b0 TlsGetValue
0x14022c0b8 TlsAlloc
0x14022c0c0 InitializeCriticalSectionAndSpinCount
0x14022c0c8 EncodePointer
0x14022c0d0 CloseThreadpoolIo
0x14022c0d8 MultiByteToWideChar
0x14022c0e0 GetStdHandle
0x14022c0e8 TzSpecificLocalTimeToSystemTime
0x14022c0f0 SystemTimeToFileTime
0x14022c0f8 FileTimeToSystemTime
0x14022c100 GetSystemTime
0x14022c108 GetCalendarInfoEx
0x14022c110 CompareStringOrdinal
0x14022c118 CompareStringEx
0x14022c120 FindNLSStringEx
0x14022c128 GetLocaleInfoEx
0x14022c130 ResolveLocaleName
0x14022c138 GetUserPreferredUILanguages
0x14022c140 FindStringOrdinal
0x14022c148 GetTickCount64
0x14022c150 GetCurrentProcess
0x14022c158 GetCurrentThread
0x14022c160 WaitForSingleObject
0x14022c168 Sleep
0x14022c170 CreateThreadpoolWork
0x14022c178 CloseThreadpoolWork
0x14022c180 SubmitThreadpoolWork
0x14022c188 CreateThreadpoolWait
0x14022c190 SetThreadpoolWait
0x14022c198 WaitForThreadpoolWaitCallbacks
0x14022c1a0 CloseThreadpoolWait
0x14022c1a8 DeleteCriticalSection
0x14022c1b0 LocalFree
0x14022c1b8 EnterCriticalSection
0x14022c1c0 SleepConditionVariableCS
0x14022c1c8 LeaveCriticalSection
0x14022c1d0 WakeConditionVariable
0x14022c1d8 QueryPerformanceCounter
0x14022c1e0 InitializeCriticalSection
0x14022c1e8 InitializeConditionVariable
0x14022c1f0 WaitForMultipleObjectsEx
0x14022c1f8 GetLastError
0x14022c200 QueryPerformanceFrequency
0x14022c208 SetLastError
0x14022c210 GetFullPathNameW
0x14022c218 GetLongPathNameW
0x14022c220 WideCharToMultiByte
0x14022c228 LocalAlloc
0x14022c230 GetConsoleOutputCP
0x14022c238 GetProcAddress
0x14022c240 RaiseFailFastException
0x14022c248 CreateThreadpoolIo
0x14022c250 StartThreadpoolIo
0x14022c258 CancelThreadpoolIo
0x14022c260 LocaleNameToLCID
0x14022c268 LCMapStringEx
0x14022c270 EnumTimeFormatsEx
0x14022c278 EnumCalendarInfoExEx
0x14022c280 CopyFileExW
0x14022c288 CreateDirectoryW
0x14022c290 CreateFileW
0x14022c298 DeleteFileW
0x14022c2a0 DeleteVolumeMountPointW
0x14022c2a8 CreateSymbolicLinkW
0x14022c2b0 DeviceIoControl
0x14022c2b8 ExpandEnvironmentStringsW
0x14022c2c0 FindNextFileW
0x14022c2c8 FindClose
0x14022c2d0 FindFirstFileExW
0x14022c2d8 FlushFileBuffers
0x14022c2e0 FreeLibrary
0x14022c2e8 GetCurrentDirectoryW
0x14022c2f0 GetFileAttributesExW
0x14022c2f8 GetFileInformationByHandle
0x14022c300 GetFileInformationByHandleEx
0x14022c308 GetFileType
0x14022c310 GetFinalPathNameByHandleW
0x14022c318 GetLogicalDrives
0x14022c320 GetModuleFileNameW
0x14022c328 GetOverlappedResult
0x14022c330 GetSystemDirectoryW
0x14022c338 GetVolumeInformationW
0x14022c340 LoadLibraryExW
0x14022c348 MoveFileExW
0x14022c350 ReadFile
0x14022c358 RemoveDirectoryW
0x14022c360 ReplaceFileW
0x14022c368 SetFileAttributesW
0x14022c370 SetFileInformationByHandle
0x14022c378 SetFilePointerEx
0x14022c380 SetThreadErrorMode
0x14022c388 GetDynamicTimeZoneInformation
0x14022c390 GetTimeZoneInformation
0x14022c398 WriteFile
0x14022c3a0 GetCurrentProcessorNumberEx
0x14022c3a8 CloseHandle
0x14022c3b0 SetEvent
0x14022c3b8 CreateEventExW
0x14022c3c0 GetEnvironmentVariableW
0x14022c3c8 FormatMessageW
0x14022c3d0 CreateThread
0x14022c3d8 ResumeThread
0x14022c3e0 DuplicateHandle
0x14022c3e8 GetThreadPriority
0x14022c3f0 SetThreadPriority
0x14022c3f8 GetCPInfoExW
0x14022c400 GetConsoleMode
0x14022c408 WriteConsoleW
0x14022c410 GetConsoleWindow
0x14022c418 LoadLibraryA
0x14022c420 GetModuleHandleA
0x14022c428 FreeConsole
0x14022c430 AllocConsole
0x14022c438 VirtualAllocEx
0x14022c440 GetExitCodeProcess
0x14022c448 CreateProcessW
0x14022c450 TerminateProcess
0x14022c458 OpenProcess
0x14022c460 K32EnumProcesses
0x14022c468 GetProcessId
0x14022c470 QueryFullProcessImageNameW
0x14022c478 CreatePipe
0x14022c480 GetConsoleCP
0x14022c488 FlushProcessWriteBuffers
0x14022c490 GetCurrentThreadId
0x14022c498 WaitForSingleObjectEx
0x14022c4a0 VirtualQuery
0x14022c4a8 RtlRestoreContext
0x14022c4b0 AddVectoredExceptionHandler
0x14022c4b8 FlsAlloc
0x14022c4c0 FlsGetValue
0x14022c4c8 FlsSetValue
0x14022c4d0 CreateEventW
0x14022c4d8 SwitchToThread
0x14022c4e0 SuspendThread
0x14022c4e8 GetThreadContext
0x14022c4f0 SetThreadContext
0x14022c4f8 FlushInstructionCache
0x14022c500 VirtualAlloc
0x14022c508 VirtualProtect
0x14022c510 VirtualFree
0x14022c518 QueryInformationJobObject
0x14022c520 GetModuleHandleW
0x14022c528 GetModuleHandleExW
0x14022c530 GetProcessAffinityMask
0x14022c538 InitializeContext
0x14022c540 GetEnabledXStateFeatures
0x14022c548 SetXStateFeaturesMask
0x14022c550 InitializeCriticalSectionEx
0x14022c558 GetSystemTimeAsFileTime
0x14022c560 ResetEvent
0x14022c568 DebugBreak
0x14022c570 SleepEx
0x14022c578 GlobalMemoryStatusEx
0x14022c580 GetSystemInfo
0x14022c588 GetLogicalProcessorInformation
0x14022c590 GetLogicalProcessorInformationEx
0x14022c598 GetLargePageMinimum
0x14022c5a0 VirtualUnlock
0x14022c5a8 VirtualAllocExNuma
0x14022c5b0 IsProcessInJob
0x14022c5b8 GetNumaHighestNodeNumber
0x14022c5c0 GetProcessGroupAffinity
0x14022c5c8 K32GetProcessMemoryInfo
0x14022c5d0 RaiseException
0x14022c5d8 RtlPcToFileHeader
0x14022c5e0 RtlUnwindEx
0x14022c5e8 IsProcessorFeaturePresent
0x14022c5f0 SetUnhandledExceptionFilter
0x14022c5f8 UnhandledExceptionFilter
0x14022c600 IsDebuggerPresent
0x14022c608 RtlVirtualUnwind
0x14022c610 RtlLookupFunctionEntry
0x14022c618 RtlCaptureContext
0x14022c620 InitializeSListHead
0x14022c628 GetCurrentProcessId
ole32.dll
0x14022c810 CoGetApartmentType
0x14022c818 CoTaskMemAlloc
0x14022c820 CoUninitialize
0x14022c828 CoTaskMemFree
0x14022c830 CoCreateGuid
0x14022c838 CoWaitForMultipleHandles
0x14022c840 CoInitializeEx
USER32.dll
0x14022c638 LoadStringW
api-ms-win-crt-math-l1-1-0.dll
0x14022c688 __setusermatherr
0x14022c690 sin
0x14022c698 modf
0x14022c6a0 tan
0x14022c6a8 ceil
0x14022c6b0 cos
0x14022c6b8 floor
0x14022c6c0 pow
api-ms-win-crt-heap-l1-1-0.dll
0x14022c648 calloc
0x14022c650 malloc
0x14022c658 _callnewh
0x14022c660 _set_new_mode
0x14022c668 free
api-ms-win-crt-string-l1-1-0.dll
0x14022c7a8 strncpy_s
0x14022c7b0 _stricmp
0x14022c7b8 strcpy_s
0x14022c7c0 _wcsicmp
0x14022c7c8 strcmp
0x14022c7d0 wcsncmp
api-ms-win-crt-runtime-l1-1-0.dll
0x14022c6d0 _exit
0x14022c6d8 __p___argc
0x14022c6e0 _initterm_e
0x14022c6e8 terminate
0x14022c6f0 _crt_atexit
0x14022c6f8 _register_onexit_function
0x14022c700 _initialize_onexit_table
0x14022c708 exit
0x14022c710 _initterm
0x14022c718 _get_initial_wide_environment
0x14022c720 abort
0x14022c728 __p___wargv
0x14022c730 _register_thread_local_exe_atexit_callback
0x14022c738 _c_exit
0x14022c740 _cexit
0x14022c748 _seh_filter_exe
0x14022c750 _set_app_type
0x14022c758 _initialize_wide_environment
0x14022c760 _configure_wide_argv
api-ms-win-crt-stdio-l1-1-0.dll
0x14022c770 __stdio_common_vsprintf_s
0x14022c778 __p__commode
0x14022c780 __stdio_common_vfprintf
0x14022c788 __stdio_common_vsscanf
0x14022c790 _set_fmode
0x14022c798 __acrt_iob_func
api-ms-win-crt-locale-l1-1-0.dll
0x14022c678 _configthreadlocale
EAT(Export Address Table) Library
0x140315e00 DotNetRuntimeDebugHeader