ScreenShot
| Created | 2024.07.07 19:03 | Machine | s1_win7_x6401 |
| Filename | 2EU.file.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 2 detected (Malicious, susgen) | ||
| md5 | f7ea17cd71f263659d0ee0b82a95fbaf | ||
| sha256 | 159a43318fc1e30622f9851a58e437114a925b4bf734340879dc59387a11debd | ||
| ssdeep | 24576:lq3ZxrxkruJX5ybziv1jv5rjpQYbHfPwQ2qlZBM:lq3ZxryqJWzih5rt9P | ||
| imphash | f7b8f74258a3f7be99d9aa2804ec0ca7 | ||
| impfuzzy | 192:hgwlmVSa9jSI1nKI2DqaKCRqVvtISTe2TVtysP18spf:hgX97nKjqT62TV4+aspf | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| notice | File has been identified by 2 AntiVirus engines on VirusTotal as malicious |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
WINMM.dll
0x1400738a0 timeGetTime
KERNEL32.dll
0x1400730d8 GetFileAttributesExW
0x1400730e0 GetFullPathNameW
0x1400730e8 AreFileApisANSI
0x1400730f0 CloseHandle
0x1400730f8 SetFileInformationByHandle
0x140073100 GetModuleHandleA
0x140073108 FindResourceA
0x140073110 SetEnvironmentVariableW
0x140073118 MoveFileExW
0x140073120 SizeofResource
0x140073128 GetModuleFileNameA
0x140073130 ReadFile
0x140073138 GetFileSizeEx
0x140073140 CreateFileA
0x140073148 GetTickCount
0x140073150 GetFileInformationByHandleEx
0x140073158 LocalFree
0x140073160 FormatMessageA
0x140073168 InitOnceComplete
0x140073170 InitOnceBeginInitialize
0x140073178 EnterCriticalSection
0x140073180 LeaveCriticalSection
0x140073188 CreateFileW
0x140073190 CreateDirectoryW
0x140073198 GetCurrentDirectoryW
0x1400731a0 SetLastError
0x1400731a8 QueryPerformanceCounter
0x1400731b0 QueryPerformanceFrequency
0x1400731b8 MultiByteToWideChar
0x1400731c0 WideCharToMultiByte
0x1400731c8 LoadResource
0x1400731d0 GlobalFree
0x1400731d8 GlobalAlloc
0x1400731e0 LockResource
0x1400731e8 GetLastError
0x1400731f0 InitializeCriticalSectionEx
0x1400731f8 SleepEx
0x140073200 VerSetConditionMask
0x140073208 GetSystemDirectoryA
0x140073210 FreeLibrary
0x140073218 LoadLibraryA
0x140073220 VerifyVersionInfoA
0x140073228 GetEnvironmentVariableA
0x140073230 MoveFileExA
0x140073238 Sleep
0x140073240 GetSystemTimeAsFileTime
0x140073248 GetCurrentThreadId
0x140073250 GetCurrentProcessId
0x140073258 GetStartupInfoW
0x140073260 IsDebuggerPresent
0x140073268 IsProcessorFeaturePresent
0x140073270 TerminateProcess
0x140073278 GetCurrentProcess
0x140073280 SetUnhandledExceptionFilter
0x140073288 UnhandledExceptionFilter
0x140073290 RtlVirtualUnwind
0x140073298 RtlLookupFunctionEntry
0x1400732a0 RtlCaptureContext
0x1400732a8 InitializeSListHead
0x1400732b0 GetProcAddress
0x1400732b8 GetModuleHandleW
0x1400732c0 CreateEventW
0x1400732c8 WaitForSingleObjectEx
0x1400732d0 ResetEvent
0x1400732d8 SetEvent
0x1400732e0 DeleteCriticalSection
0x1400732e8 InitializeCriticalSectionAndSpinCount
USER32.dll
0x140073748 GetClientRect
0x140073750 TranslateMessage
0x140073758 SetFocus
0x140073760 CreateWindowExA
0x140073768 DefWindowProcA
0x140073770 AdjustWindowRect
0x140073778 MessageBoxA
0x140073780 SetWindowLongPtrA
0x140073788 GetDesktopWindow
0x140073790 GetWindowLongPtrA
0x140073798 SetWindowLongA
0x1400737a0 ShowWindow
0x1400737a8 MessageBoxW
0x1400737b0 RegisterClassExA
0x1400737b8 UpdateWindow
0x1400737c0 SetWindowPos
0x1400737c8 SetWindowTextA
0x1400737d0 PostQuitMessage
0x1400737d8 GetMessageA
0x1400737e0 PostMessageW
0x1400737e8 DispatchMessageA
ADVAPI32.dll
0x140073000 CryptGenRandom
0x140073008 CryptDestroyHash
0x140073010 CryptGetHashParam
0x140073018 CryptCreateHash
0x140073020 CryptHashData
0x140073028 RegCreateKeyA
0x140073030 RegCloseKey
0x140073038 RegSetValueExA
0x140073040 CryptReleaseContext
0x140073048 CryptAcquireContextA
SHELL32.dll
0x140073738 ShellExecuteExW
ole32.dll
0x140073c78 OleInitialize
0x140073c80 OleSetContainedObject
0x140073c88 OleUninitialize
0x140073c90 CoGetClassObject
OLEAUT32.dll
0x1400736f8 SafeArrayCreate
0x140073700 SysAllocString
0x140073708 SysFreeString
0x140073710 VariantInit
0x140073718 SafeArrayDestroy
0x140073720 SafeArrayAccessData
0x140073728 VariantClear
MSVCP140.dll
0x1400732f8 ?__ExceptionPtrCurrentException@@YAXPEAX@Z
0x140073300 ?__ExceptionPtrRethrow@@YAXPEBX@Z
0x140073308 _Mtx_init_in_situ
0x140073310 _Cnd_register_at_thread_exit
0x140073318 _Cnd_do_broadcast_at_thread_exit
0x140073320 _Thrd_sleep
0x140073328 _Cnd_wait
0x140073330 _Query_perf_counter
0x140073338 _Thrd_detach
0x140073340 _Xtime_get_ticks
0x140073348 _Mtx_unlock
0x140073350 _Cnd_broadcast
0x140073358 _Cnd_destroy_in_situ
0x140073360 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x140073368 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x140073370 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140073378 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
0x140073380 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x140073388 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140073390 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140073398 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x1400733a0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1400733a8 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400733b0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1400733b8 ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
0x1400733c0 ?__ExceptionPtrDestroy@@YAXPEAX@Z
0x1400733c8 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400733d0 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400733d8 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x1400733e0 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400733e8 ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
0x1400733f0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400733f8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140073400 ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
0x140073408 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140073410 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140073418 ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
0x140073420 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140073428 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140073430 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140073438 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140073440 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140073448 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140073450 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140073458 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140073460 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140073468 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140073470 ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
0x140073478 ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
0x140073480 ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
0x140073488 ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
0x140073490 ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
0x140073498 ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
0x1400734a0 ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
0x1400734a8 ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
0x1400734b0 ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
0x1400734b8 ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
0x1400734c0 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400734c8 ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
0x1400734d0 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400734d8 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x1400734e0 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
0x1400734e8 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
0x1400734f0 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x1400734f8 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140073500 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140073508 ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
0x140073510 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x140073518 ??Bid@locale@std@@QEAA_KXZ
0x140073520 ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
0x140073528 ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
0x140073530 ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
0x140073538 ?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
0x140073540 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x140073548 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073550 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073558 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073560 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140073568 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140073570 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140073578 ?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073580 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x140073588 ?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
0x140073590 _Mtx_destroy_in_situ
0x140073598 ?__ExceptionPtrToBool@@YA_NPEBX@Z
0x1400735a0 _Cnd_timedwait
0x1400735a8 ?_Syserror_map@std@@YAPEBDH@Z
0x1400735b0 ?_Xlength_error@std@@YAXPEBD@Z
0x1400735b8 ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
0x1400735c0 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x1400735c8 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1400735d0 ?_Throw_C_error@std@@YAXH@Z
0x1400735d8 ?_Xbad_function_call@std@@YAXXZ
0x1400735e0 ?_Winerror_map@std@@YAHH@Z
0x1400735e8 ?_Xout_of_range@std@@YAXPEBD@Z
0x1400735f0 ?uncaught_exception@std@@YA_NXZ
0x1400735f8 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140073600 ?uncaught_exceptions@std@@YAHXZ
0x140073608 ?_Throw_Cpp_error@std@@YAXH@Z
0x140073610 ??0_Lockit@std@@QEAA@H@Z
0x140073618 ??1_Lockit@std@@QEAA@XZ
0x140073620 ?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
0x140073628 _Query_perf_frequency
0x140073630 ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
0x140073638 _Cnd_init_in_situ
0x140073640 ?__ExceptionPtrCreate@@YAXPEAX@Z
0x140073648 _Cnd_unregister_at_thread_exit
0x140073650 _Mtx_current_owns
0x140073658 ??0task_continuation_context@Concurrency@@AEAA@XZ
0x140073660 ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
0x140073668 ?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
0x140073670 ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
0x140073678 ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
0x140073680 ?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
0x140073688 ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
0x140073690 ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x140073698 ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736a0 ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736a8 ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736b0 ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736b8 ?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
0x1400736c0 ?_ReportUnobservedException@details@Concurrency@@YAXXZ
0x1400736c8 ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
0x1400736d0 ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
0x1400736d8 ?_Xbad_alloc@std@@YAXXZ
0x1400736e0 _Mtx_lock
0x1400736e8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
VCRUNTIME140_1.dll
0x140073890 __CxxFrameHandler4
VCRUNTIME140.dll
0x1400737f8 strrchr
0x140073800 __C_specific_handler
0x140073808 __current_exception_context
0x140073810 __current_exception
0x140073818 __std_exception_destroy
0x140073820 __std_exception_copy
0x140073828 _purecall
0x140073830 __std_type_info_name
0x140073838 __std_terminate
0x140073840 strchr
0x140073848 strstr
0x140073850 _CxxThrowException
0x140073858 memchr
0x140073860 memcpy
0x140073868 memmove
0x140073870 memcmp
0x140073878 memset
0x140073880 __std_type_info_compare
api-ms-win-crt-heap-l1-1-0.dll
0x1400739e0 malloc
0x1400739e8 _aligned_malloc
0x1400739f0 _aligned_free
0x1400739f8 free
0x140073a00 calloc
0x140073a08 _set_new_mode
0x140073a10 realloc
0x140073a18 _callnewh
api-ms-win-crt-runtime-l1-1-0.dll
0x140073a80 _seh_filter_exe
0x140073a88 _configure_wide_argv
0x140073a90 strerror
0x140073a98 _cexit
0x140073aa0 _initialize_wide_environment
0x140073aa8 _get_wide_winmain_command_line
0x140073ab0 _initterm
0x140073ab8 _crt_atexit
0x140073ac0 _register_onexit_function
0x140073ac8 _initialize_onexit_table
0x140073ad0 __sys_nerr
0x140073ad8 _set_app_type
0x140073ae0 _beginthreadex
0x140073ae8 _invalid_parameter_noinfo
0x140073af0 exit
0x140073af8 _exit
0x140073b00 abort
0x140073b08 _errno
0x140073b10 _invalid_parameter_noinfo_noreturn
0x140073b18 terminate
0x140073b20 _initterm_e
0x140073b28 _c_exit
0x140073b30 _register_thread_local_exe_atexit_callback
api-ms-win-crt-stdio-l1-1-0.dll
0x140073b40 __p__commode
0x140073b48 setvbuf
0x140073b50 fgetpos
0x140073b58 __stdio_common_vsprintf
0x140073b60 fseek
0x140073b68 fwrite
0x140073b70 fsetpos
0x140073b78 fread
0x140073b80 _set_fmode
0x140073b88 _fseeki64
0x140073b90 ungetc
0x140073b98 _ftelli64
0x140073ba0 fgetc
0x140073ba8 fclose
0x140073bb0 fflush
0x140073bb8 fgets
0x140073bc0 fopen
0x140073bc8 fputs
0x140073bd0 ftell
0x140073bd8 feof
0x140073be0 _get_stream_buffer_pointers
0x140073be8 __acrt_iob_func
0x140073bf0 __stdio_common_vsscanf
0x140073bf8 fputc
api-ms-win-crt-string-l1-1-0.dll
0x140073c08 strncmp
0x140073c10 strcmp
0x140073c18 tolower
0x140073c20 strcspn
0x140073c28 strspn
0x140073c30 strncpy
0x140073c38 _strdup
0x140073c40 isupper
api-ms-win-crt-filesystem-l1-1-0.dll
0x1400739b0 _unlink
0x1400739b8 _stat64
0x1400739c0 _access
0x1400739c8 _lock_file
0x1400739d0 _unlock_file
api-ms-win-crt-math-l1-1-0.dll
0x140073a40 __setusermatherr
0x140073a48 ceilf
api-ms-win-crt-convert-l1-1-0.dll
0x140073988 wcstombs_s
0x140073990 strtoll
0x140073998 strtoul
0x1400739a0 strtol
api-ms-win-crt-time-l1-1-0.dll
0x140073c50 _time64
0x140073c58 _gmtime64
api-ms-win-crt-locale-l1-1-0.dll
0x140073a28 _configthreadlocale
0x140073a30 ___lc_codepage_func
api-ms-win-crt-utility-l1-1-0.dll
0x140073c68 qsort
api-ms-win-crt-multibyte-l1-1-0.dll
0x140073a58 _mbschr
0x140073a60 _mbsnbcpy
0x140073a68 _mbsncmp
0x140073a70 _mbspbrk
CRYPT32.dll
0x140073058 CertGetCertificateChain
0x140073060 CertFreeCertificateChainEngine
0x140073068 CertCreateCertificateChainEngine
0x140073070 CryptQueryObject
0x140073078 CertGetNameStringA
0x140073080 CertFindExtension
0x140073088 CertFreeCertificateChain
0x140073090 CryptDecodeObjectEx
0x140073098 CryptStringToBinaryA
0x1400730a0 CertFreeCertificateContext
0x1400730a8 CertFindCertificateInStore
0x1400730b0 CertEnumCertificatesInStore
0x1400730b8 CertCloseStore
0x1400730c0 CertOpenStore
0x1400730c8 CertAddCertificateContextToStore
WS2_32.dll
0x1400738b0 ind
0x1400738b8 inet_pton
0x1400738c0 closesocket
0x1400738c8 recv
0x1400738d0 send
0x1400738d8 freeaddrinfo
0x1400738e0 getaddrinfo
0x1400738e8 WSAGetLastError
0x1400738f0 ioctlsocket
0x1400738f8 connect
0x140073900 getpeername
0x140073908 listen
0x140073910 htonl
0x140073918 accept
0x140073920 select
0x140073928 __WSAFDIsSet
0x140073930 WSACleanup
0x140073938 WSAStartup
0x140073940 WSAIoctl
0x140073948 WSASetLastError
0x140073950 socket
0x140073958 getsockname
0x140073960 setsockopt
0x140073968 ntohs
0x140073970 htons
0x140073978 getsockopt
EAT(Export Address Table) is none
WINMM.dll
0x1400738a0 timeGetTime
KERNEL32.dll
0x1400730d8 GetFileAttributesExW
0x1400730e0 GetFullPathNameW
0x1400730e8 AreFileApisANSI
0x1400730f0 CloseHandle
0x1400730f8 SetFileInformationByHandle
0x140073100 GetModuleHandleA
0x140073108 FindResourceA
0x140073110 SetEnvironmentVariableW
0x140073118 MoveFileExW
0x140073120 SizeofResource
0x140073128 GetModuleFileNameA
0x140073130 ReadFile
0x140073138 GetFileSizeEx
0x140073140 CreateFileA
0x140073148 GetTickCount
0x140073150 GetFileInformationByHandleEx
0x140073158 LocalFree
0x140073160 FormatMessageA
0x140073168 InitOnceComplete
0x140073170 InitOnceBeginInitialize
0x140073178 EnterCriticalSection
0x140073180 LeaveCriticalSection
0x140073188 CreateFileW
0x140073190 CreateDirectoryW
0x140073198 GetCurrentDirectoryW
0x1400731a0 SetLastError
0x1400731a8 QueryPerformanceCounter
0x1400731b0 QueryPerformanceFrequency
0x1400731b8 MultiByteToWideChar
0x1400731c0 WideCharToMultiByte
0x1400731c8 LoadResource
0x1400731d0 GlobalFree
0x1400731d8 GlobalAlloc
0x1400731e0 LockResource
0x1400731e8 GetLastError
0x1400731f0 InitializeCriticalSectionEx
0x1400731f8 SleepEx
0x140073200 VerSetConditionMask
0x140073208 GetSystemDirectoryA
0x140073210 FreeLibrary
0x140073218 LoadLibraryA
0x140073220 VerifyVersionInfoA
0x140073228 GetEnvironmentVariableA
0x140073230 MoveFileExA
0x140073238 Sleep
0x140073240 GetSystemTimeAsFileTime
0x140073248 GetCurrentThreadId
0x140073250 GetCurrentProcessId
0x140073258 GetStartupInfoW
0x140073260 IsDebuggerPresent
0x140073268 IsProcessorFeaturePresent
0x140073270 TerminateProcess
0x140073278 GetCurrentProcess
0x140073280 SetUnhandledExceptionFilter
0x140073288 UnhandledExceptionFilter
0x140073290 RtlVirtualUnwind
0x140073298 RtlLookupFunctionEntry
0x1400732a0 RtlCaptureContext
0x1400732a8 InitializeSListHead
0x1400732b0 GetProcAddress
0x1400732b8 GetModuleHandleW
0x1400732c0 CreateEventW
0x1400732c8 WaitForSingleObjectEx
0x1400732d0 ResetEvent
0x1400732d8 SetEvent
0x1400732e0 DeleteCriticalSection
0x1400732e8 InitializeCriticalSectionAndSpinCount
USER32.dll
0x140073748 GetClientRect
0x140073750 TranslateMessage
0x140073758 SetFocus
0x140073760 CreateWindowExA
0x140073768 DefWindowProcA
0x140073770 AdjustWindowRect
0x140073778 MessageBoxA
0x140073780 SetWindowLongPtrA
0x140073788 GetDesktopWindow
0x140073790 GetWindowLongPtrA
0x140073798 SetWindowLongA
0x1400737a0 ShowWindow
0x1400737a8 MessageBoxW
0x1400737b0 RegisterClassExA
0x1400737b8 UpdateWindow
0x1400737c0 SetWindowPos
0x1400737c8 SetWindowTextA
0x1400737d0 PostQuitMessage
0x1400737d8 GetMessageA
0x1400737e0 PostMessageW
0x1400737e8 DispatchMessageA
ADVAPI32.dll
0x140073000 CryptGenRandom
0x140073008 CryptDestroyHash
0x140073010 CryptGetHashParam
0x140073018 CryptCreateHash
0x140073020 CryptHashData
0x140073028 RegCreateKeyA
0x140073030 RegCloseKey
0x140073038 RegSetValueExA
0x140073040 CryptReleaseContext
0x140073048 CryptAcquireContextA
SHELL32.dll
0x140073738 ShellExecuteExW
ole32.dll
0x140073c78 OleInitialize
0x140073c80 OleSetContainedObject
0x140073c88 OleUninitialize
0x140073c90 CoGetClassObject
OLEAUT32.dll
0x1400736f8 SafeArrayCreate
0x140073700 SysAllocString
0x140073708 SysFreeString
0x140073710 VariantInit
0x140073718 SafeArrayDestroy
0x140073720 SafeArrayAccessData
0x140073728 VariantClear
MSVCP140.dll
0x1400732f8 ?__ExceptionPtrCurrentException@@YAXPEAX@Z
0x140073300 ?__ExceptionPtrRethrow@@YAXPEBX@Z
0x140073308 _Mtx_init_in_situ
0x140073310 _Cnd_register_at_thread_exit
0x140073318 _Cnd_do_broadcast_at_thread_exit
0x140073320 _Thrd_sleep
0x140073328 _Cnd_wait
0x140073330 _Query_perf_counter
0x140073338 _Thrd_detach
0x140073340 _Xtime_get_ticks
0x140073348 _Mtx_unlock
0x140073350 _Cnd_broadcast
0x140073358 _Cnd_destroy_in_situ
0x140073360 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x140073368 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x140073370 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140073378 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
0x140073380 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x140073388 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140073390 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140073398 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x1400733a0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1400733a8 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400733b0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1400733b8 ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
0x1400733c0 ?__ExceptionPtrDestroy@@YAXPEAX@Z
0x1400733c8 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400733d0 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400733d8 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x1400733e0 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x1400733e8 ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
0x1400733f0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400733f8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140073400 ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
0x140073408 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140073410 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140073418 ??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
0x140073420 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140073428 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140073430 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140073438 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140073440 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140073448 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140073450 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140073458 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140073460 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140073468 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140073470 ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
0x140073478 ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
0x140073480 ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
0x140073488 ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
0x140073490 ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
0x140073498 ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
0x1400734a0 ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
0x1400734a8 ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
0x1400734b0 ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
0x1400734b8 ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
0x1400734c0 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400734c8 ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
0x1400734d0 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400734d8 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x1400734e0 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
0x1400734e8 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
0x1400734f0 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x1400734f8 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140073500 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140073508 ??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
0x140073510 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x140073518 ??Bid@locale@std@@QEAA_KXZ
0x140073520 ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
0x140073528 ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
0x140073530 ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
0x140073538 ?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
0x140073540 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x140073548 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073550 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073558 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073560 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140073568 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140073570 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140073578 ?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140073580 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x140073588 ?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
0x140073590 _Mtx_destroy_in_situ
0x140073598 ?__ExceptionPtrToBool@@YA_NPEBX@Z
0x1400735a0 _Cnd_timedwait
0x1400735a8 ?_Syserror_map@std@@YAPEBDH@Z
0x1400735b0 ?_Xlength_error@std@@YAXPEBD@Z
0x1400735b8 ?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
0x1400735c0 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x1400735c8 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1400735d0 ?_Throw_C_error@std@@YAXH@Z
0x1400735d8 ?_Xbad_function_call@std@@YAXXZ
0x1400735e0 ?_Winerror_map@std@@YAHH@Z
0x1400735e8 ?_Xout_of_range@std@@YAXPEBD@Z
0x1400735f0 ?uncaught_exception@std@@YA_NXZ
0x1400735f8 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140073600 ?uncaught_exceptions@std@@YAHXZ
0x140073608 ?_Throw_Cpp_error@std@@YAXH@Z
0x140073610 ??0_Lockit@std@@QEAA@H@Z
0x140073618 ??1_Lockit@std@@QEAA@XZ
0x140073620 ?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
0x140073628 _Query_perf_frequency
0x140073630 ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
0x140073638 _Cnd_init_in_situ
0x140073640 ?__ExceptionPtrCreate@@YAXPEAX@Z
0x140073648 _Cnd_unregister_at_thread_exit
0x140073650 _Mtx_current_owns
0x140073658 ??0task_continuation_context@Concurrency@@AEAA@XZ
0x140073660 ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
0x140073668 ?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
0x140073670 ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
0x140073678 ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
0x140073680 ?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
0x140073688 ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
0x140073690 ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x140073698 ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736a0 ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736a8 ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736b0 ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
0x1400736b8 ?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
0x1400736c0 ?_ReportUnobservedException@details@Concurrency@@YAXXZ
0x1400736c8 ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
0x1400736d0 ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
0x1400736d8 ?_Xbad_alloc@std@@YAXXZ
0x1400736e0 _Mtx_lock
0x1400736e8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
VCRUNTIME140_1.dll
0x140073890 __CxxFrameHandler4
VCRUNTIME140.dll
0x1400737f8 strrchr
0x140073800 __C_specific_handler
0x140073808 __current_exception_context
0x140073810 __current_exception
0x140073818 __std_exception_destroy
0x140073820 __std_exception_copy
0x140073828 _purecall
0x140073830 __std_type_info_name
0x140073838 __std_terminate
0x140073840 strchr
0x140073848 strstr
0x140073850 _CxxThrowException
0x140073858 memchr
0x140073860 memcpy
0x140073868 memmove
0x140073870 memcmp
0x140073878 memset
0x140073880 __std_type_info_compare
api-ms-win-crt-heap-l1-1-0.dll
0x1400739e0 malloc
0x1400739e8 _aligned_malloc
0x1400739f0 _aligned_free
0x1400739f8 free
0x140073a00 calloc
0x140073a08 _set_new_mode
0x140073a10 realloc
0x140073a18 _callnewh
api-ms-win-crt-runtime-l1-1-0.dll
0x140073a80 _seh_filter_exe
0x140073a88 _configure_wide_argv
0x140073a90 strerror
0x140073a98 _cexit
0x140073aa0 _initialize_wide_environment
0x140073aa8 _get_wide_winmain_command_line
0x140073ab0 _initterm
0x140073ab8 _crt_atexit
0x140073ac0 _register_onexit_function
0x140073ac8 _initialize_onexit_table
0x140073ad0 __sys_nerr
0x140073ad8 _set_app_type
0x140073ae0 _beginthreadex
0x140073ae8 _invalid_parameter_noinfo
0x140073af0 exit
0x140073af8 _exit
0x140073b00 abort
0x140073b08 _errno
0x140073b10 _invalid_parameter_noinfo_noreturn
0x140073b18 terminate
0x140073b20 _initterm_e
0x140073b28 _c_exit
0x140073b30 _register_thread_local_exe_atexit_callback
api-ms-win-crt-stdio-l1-1-0.dll
0x140073b40 __p__commode
0x140073b48 setvbuf
0x140073b50 fgetpos
0x140073b58 __stdio_common_vsprintf
0x140073b60 fseek
0x140073b68 fwrite
0x140073b70 fsetpos
0x140073b78 fread
0x140073b80 _set_fmode
0x140073b88 _fseeki64
0x140073b90 ungetc
0x140073b98 _ftelli64
0x140073ba0 fgetc
0x140073ba8 fclose
0x140073bb0 fflush
0x140073bb8 fgets
0x140073bc0 fopen
0x140073bc8 fputs
0x140073bd0 ftell
0x140073bd8 feof
0x140073be0 _get_stream_buffer_pointers
0x140073be8 __acrt_iob_func
0x140073bf0 __stdio_common_vsscanf
0x140073bf8 fputc
api-ms-win-crt-string-l1-1-0.dll
0x140073c08 strncmp
0x140073c10 strcmp
0x140073c18 tolower
0x140073c20 strcspn
0x140073c28 strspn
0x140073c30 strncpy
0x140073c38 _strdup
0x140073c40 isupper
api-ms-win-crt-filesystem-l1-1-0.dll
0x1400739b0 _unlink
0x1400739b8 _stat64
0x1400739c0 _access
0x1400739c8 _lock_file
0x1400739d0 _unlock_file
api-ms-win-crt-math-l1-1-0.dll
0x140073a40 __setusermatherr
0x140073a48 ceilf
api-ms-win-crt-convert-l1-1-0.dll
0x140073988 wcstombs_s
0x140073990 strtoll
0x140073998 strtoul
0x1400739a0 strtol
api-ms-win-crt-time-l1-1-0.dll
0x140073c50 _time64
0x140073c58 _gmtime64
api-ms-win-crt-locale-l1-1-0.dll
0x140073a28 _configthreadlocale
0x140073a30 ___lc_codepage_func
api-ms-win-crt-utility-l1-1-0.dll
0x140073c68 qsort
api-ms-win-crt-multibyte-l1-1-0.dll
0x140073a58 _mbschr
0x140073a60 _mbsnbcpy
0x140073a68 _mbsncmp
0x140073a70 _mbspbrk
CRYPT32.dll
0x140073058 CertGetCertificateChain
0x140073060 CertFreeCertificateChainEngine
0x140073068 CertCreateCertificateChainEngine
0x140073070 CryptQueryObject
0x140073078 CertGetNameStringA
0x140073080 CertFindExtension
0x140073088 CertFreeCertificateChain
0x140073090 CryptDecodeObjectEx
0x140073098 CryptStringToBinaryA
0x1400730a0 CertFreeCertificateContext
0x1400730a8 CertFindCertificateInStore
0x1400730b0 CertEnumCertificatesInStore
0x1400730b8 CertCloseStore
0x1400730c0 CertOpenStore
0x1400730c8 CertAddCertificateContextToStore
WS2_32.dll
0x1400738b0 ind
0x1400738b8 inet_pton
0x1400738c0 closesocket
0x1400738c8 recv
0x1400738d0 send
0x1400738d8 freeaddrinfo
0x1400738e0 getaddrinfo
0x1400738e8 WSAGetLastError
0x1400738f0 ioctlsocket
0x1400738f8 connect
0x140073900 getpeername
0x140073908 listen
0x140073910 htonl
0x140073918 accept
0x140073920 select
0x140073928 __WSAFDIsSet
0x140073930 WSACleanup
0x140073938 WSAStartup
0x140073940 WSAIoctl
0x140073948 WSASetLastError
0x140073950 socket
0x140073958 getsockname
0x140073960 setsockopt
0x140073968 ntohs
0x140073970 htons
0x140073978 getsockopt
EAT(Export Address Table) is none