ScreenShot
| Created | 2024.07.23 09:05 | Machine | s1_win7_x6402 |
| Filename | mscorsvc.dll | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 10 detected (AIDetectMalware, malicious, moderate confidence, score, Loader, Outbreak, Casdet, Static AI, Suspicious PE) | ||
| md5 | eb29329de4937b34f218665da57bcef4 | ||
| sha256 | 4ad9845e691dd415420e0c253ba452772495c0b971f48294b54631e79a22644a | ||
| ssdeep | 24576:gplQSK1oQplSdNkU4lH3cDyx+7LKSyUR5E:gpeZdpqEx3cWonnx | ||
| imphash | 283b01ff60880edcbace12069683dcf4 | ||
| impfuzzy | 96:EcODy4dtdS1qVKjcpVecWFWXTBg/Q+oQpCoh3cU8BtMz:hl4bXWF2deoQpTnSts | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 10 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | This executable has a PDB path |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | infoStealer_browser_b_Zero | browser info stealer | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x18010a0f0 FreeConsole
0x18010a0f8 WideCharToMultiByte
0x18010a100 WaitForSingleObject
0x18010a108 FindClose
0x18010a110 MultiByteToWideChar
0x18010a118 lstrcmpiW
0x18010a120 CloseHandle
0x18010a128 CreateProcessW
0x18010a130 FindNextFileW
0x18010a138 FindFirstFileW
0x18010a140 LoadLibraryA
0x18010a148 GetLastError
0x18010a150 SetCurrentDirectoryA
0x18010a158 GetProcAddress
0x18010a160 SetEndOfFile
0x18010a168 SetEnvironmentVariableW
0x18010a170 FreeEnvironmentStringsW
0x18010a178 GetEnvironmentStringsW
0x18010a180 GetOEMCP
0x18010a188 GetACP
0x18010a190 IsValidCodePage
0x18010a198 ReadConsoleW
0x18010a1a0 GetTimeZoneInformation
0x18010a1a8 GetExitCodeProcess
0x18010a1b0 GetProcessHeap
0x18010a1b8 HeapQueryInformation
0x18010a1c0 HeapReAlloc
0x18010a1c8 HeapFree
0x18010a1d0 DeleteFileW
0x18010a1d8 SetStdHandle
0x18010a1e0 GetConsoleMode
0x18010a1e8 GetConsoleOutputCP
0x18010a1f0 FlushFileBuffers
0x18010a1f8 EnumSystemLocalesW
0x18010a200 GetUserDefaultLCID
0x18010a208 IsValidLocale
0x18010a210 GetLocaleInfoW
0x18010a218 LCMapStringW
0x18010a220 CompareStringW
0x18010a228 GetTimeFormatW
0x18010a230 GetDateFormatW
0x18010a238 FlsFree
0x18010a240 FlsSetValue
0x18010a248 FlsGetValue
0x18010a250 FlsAlloc
0x18010a258 WriteConsoleW
0x18010a260 OutputDebugStringW
0x18010a268 SetFilePointerEx
0x18010a270 FreeLibraryAndExitThread
0x18010a278 ExitThread
0x18010a280 CreateThread
0x18010a288 FileTimeToSystemTime
0x18010a290 SystemTimeToTzSpecificLocalTime
0x18010a298 GetDriveTypeW
0x18010a2a0 GetCommandLineW
0x18010a2a8 GetCommandLineA
0x18010a2b0 WriteFile
0x18010a2b8 ExitProcess
0x18010a2c0 GetSystemInfo
0x18010a2c8 HeapValidate
0x18010a2d0 HeapSize
0x18010a2d8 HeapAlloc
0x18010a2e0 RtlCaptureContext
0x18010a2e8 RtlLookupFunctionEntry
0x18010a2f0 RtlVirtualUnwind
0x18010a2f8 UnhandledExceptionFilter
0x18010a300 SetUnhandledExceptionFilter
0x18010a308 GetCurrentProcess
0x18010a310 TerminateProcess
0x18010a318 IsProcessorFeaturePresent
0x18010a320 IsDebuggerPresent
0x18010a328 GetStartupInfoW
0x18010a330 GetModuleHandleW
0x18010a338 QueryPerformanceCounter
0x18010a340 GetCurrentProcessId
0x18010a348 GetCurrentThreadId
0x18010a350 GetSystemTimeAsFileTime
0x18010a358 InitializeSListHead
0x18010a360 LocalFree
0x18010a368 FormatMessageA
0x18010a370 GetLocaleInfoEx
0x18010a378 GetCurrentDirectoryW
0x18010a380 CreateFileW
0x18010a388 FindFirstFileExW
0x18010a390 GetFileAttributesExW
0x18010a398 GetFileInformationByHandle
0x18010a3a0 GetFullPathNameW
0x18010a3a8 AreFileApisANSI
0x18010a3b0 GetFileInformationByHandleEx
0x18010a3b8 GetStringTypeW
0x18010a3c0 EnterCriticalSection
0x18010a3c8 LeaveCriticalSection
0x18010a3d0 InitializeCriticalSectionEx
0x18010a3d8 DeleteCriticalSection
0x18010a3e0 EncodePointer
0x18010a3e8 DecodePointer
0x18010a3f0 LCMapStringEx
0x18010a3f8 GetCPInfo
0x18010a400 ReleaseSRWLockExclusive
0x18010a408 AcquireSRWLockExclusive
0x18010a410 SetLastError
0x18010a418 FormatMessageW
0x18010a420 GetTickCount
0x18010a428 QueryPerformanceFrequency
0x18010a430 GetSystemDirectoryA
0x18010a438 FreeLibrary
0x18010a440 GetModuleHandleA
0x18010a448 Sleep
0x18010a450 MoveFileExA
0x18010a458 WaitForSingleObjectEx
0x18010a460 GetEnvironmentVariableA
0x18010a468 GetStdHandle
0x18010a470 GetFileType
0x18010a478 ReadFile
0x18010a480 PeekNamedPipe
0x18010a488 WaitForMultipleObjects
0x18010a490 SleepEx
0x18010a498 VerSetConditionMask
0x18010a4a0 VerifyVersionInfoW
0x18010a4a8 CreateFileA
0x18010a4b0 GetFileSizeEx
0x18010a4b8 RtlUnwindEx
0x18010a4c0 RtlPcToFileHeader
0x18010a4c8 RaiseException
0x18010a4d0 InitializeCriticalSectionAndSpinCount
0x18010a4d8 TlsAlloc
0x18010a4e0 TlsGetValue
0x18010a4e8 TlsSetValue
0x18010a4f0 TlsFree
0x18010a4f8 LoadLibraryExW
0x18010a500 GetModuleFileNameW
0x18010a508 GetModuleHandleExW
0x18010a510 RtlUnwind
SHELL32.dll
0x18010a530 SHGetFolderPathA
0x18010a538 SHGetFolderPathW
winsqlite3.dll
0x18010a730 sqlite3_prepare_v2
0x18010a738 sqlite3_column_text
0x18010a740 sqlite3_open
0x18010a748 sqlite3_column_blob
0x18010a750 sqlite3_errmsg
0x18010a758 sqlite3_step
0x18010a760 sqlite3_column_bytes
0x18010a768 sqlite3_close
crypt.dll
0x18010a6f8 BCryptDecrypt
0x18010a700 BCryptOpenAlgorithmProvider
0x18010a708 BCryptGenRandom
0x18010a710 BCryptGenerateSymmetricKey
0x18010a718 BCryptSetProperty
0x18010a720 BCryptCloseAlgorithmProvider
CRYPT32.dll
0x18010a050 CryptUnprotectData
0x18010a058 CryptStringToBinaryA
0x18010a060 CertOpenStore
0x18010a068 CertCloseStore
0x18010a070 CertFreeCertificateChain
0x18010a078 CertGetCertificateChain
0x18010a080 CertFreeCertificateChainEngine
0x18010a088 CertCreateCertificateChainEngine
0x18010a090 CryptQueryObject
0x18010a098 CertGetNameStringA
0x18010a0a0 CertFindExtension
0x18010a0a8 CertAddCertificateContextToStore
0x18010a0b0 CryptDecodeObjectEx
0x18010a0b8 PFXImportCertStore
0x18010a0c0 CertFreeCertificateContext
0x18010a0c8 CertFindCertificateInStore
0x18010a0d0 CertEnumCertificatesInStore
IPHLPAPI.DLL
0x18010a0e0 GetAdaptersInfo
WS2_32.dll
0x18010a5e0 recvfrom
0x18010a5e8 freeaddrinfo
0x18010a5f0 getaddrinfo
0x18010a5f8 recv
0x18010a600 listen
0x18010a608 htonl
0x18010a610 getpeername
0x18010a618 connect
0x18010a620 ind
0x18010a628 accept
0x18010a630 select
0x18010a638 __WSAFDIsSet
0x18010a640 socket
0x18010a648 ioctlsocket
0x18010a650 WSAIoctl
0x18010a658 setsockopt
0x18010a660 WSACleanup
0x18010a668 WSAStartup
0x18010a670 WSASetLastError
0x18010a678 ntohs
0x18010a680 WSAGetLastError
0x18010a688 closesocket
0x18010a690 WSAWaitForMultipleEvents
0x18010a698 WSAResetEvent
0x18010a6a0 WSAEventSelect
0x18010a6a8 WSAEnumNetworkEvents
0x18010a6b0 WSACreateEvent
0x18010a6b8 WSACloseEvent
0x18010a6c0 send
0x18010a6c8 getsockopt
0x18010a6d0 gethostname
0x18010a6d8 sendto
0x18010a6e0 getsockname
0x18010a6e8 htons
WLDAP32.dll
0x18010a548 None
0x18010a550 None
0x18010a558 None
0x18010a560 None
0x18010a568 None
0x18010a570 None
0x18010a578 None
0x18010a580 None
0x18010a588 None
0x18010a590 None
0x18010a598 None
0x18010a5a0 None
0x18010a5a8 None
0x18010a5b0 None
0x18010a5b8 None
0x18010a5c0 None
0x18010a5c8 None
0x18010a5d0 None
Normaliz.dll
0x18010a520 IdnToAscii
ADVAPI32.dll
0x18010a000 CryptAcquireContextA
0x18010a008 CryptReleaseContext
0x18010a010 CryptGetHashParam
0x18010a018 CryptCreateHash
0x18010a020 CryptHashData
0x18010a028 CryptDestroyHash
0x18010a030 CryptDestroyKey
0x18010a038 CryptEncrypt
0x18010a040 CryptImportKey
EAT(Export Address Table) Library
0x180008780 cJSONUtils_AddPatchToArray
0x1800082d0 cJSONUtils_ApplyPatches
0x180008330 cJSONUtils_ApplyPatchesCaseSensitive
0x180006e00 cJSONUtils_FindPointerFromObjectTo
0x180009520 cJSONUtils_GenerateMergePatch
0x180009530 cJSONUtils_GenerateMergePatchCaseSensitive
0x180008c10 cJSONUtils_GeneratePatches
0x180008ca0 cJSONUtils_GeneratePatchesCaseSensitive
0x1800071a0 cJSONUtils_GetPointer
0x1800071b0 cJSONUtils_GetPointerCaseSensitive
0x180009090 cJSONUtils_MergePatch
0x1800090a0 cJSONUtils_MergePatchCaseSensitive
0x180008d30 cJSONUtils_SortObject
0x180008d60 cJSONUtils_SortObjectCaseSensitive
0x180005330 cJSON_AddArrayToObject
0x180004bc0 cJSON_AddBoolToObject
0x180004a30 cJSON_AddFalseToObject
0x1800044f0 cJSON_AddItemReferenceToArray
0x1800045c0 cJSON_AddItemReferenceToObject
0x1800042b0 cJSON_AddItemToArray
0x180004300 cJSON_AddItemToObject
0x180004410 cJSON_AddItemToObjectCS
0x180004710 cJSON_AddNullToObject
0x180004d50 cJSON_AddNumberToObject
0x1800051a0 cJSON_AddObjectToObject
0x180005030 cJSON_AddRawToObject
0x180004ec0 cJSON_AddStringToObject
0x1800048a0 cJSON_AddTrueToObject
0x180006ad0 cJSON_Compare
0x180006190 cJSON_CreateArray
0x180006030 cJSON_CreateArrayReference
0x180005da0 cJSON_CreateBool
0x180006470 cJSON_CreateDoubleArray
0x180005d60 cJSON_CreateFalse
0x180006340 cJSON_CreateFloatArray
0x180006210 cJSON_CreateIntArray
0x180005ce0 cJSON_CreateNull
0x180005de0 cJSON_CreateNumber
0x1800061d0 cJSON_CreateObject
0x180005fe0 cJSON_CreateObjectReference
0x180006080 cJSON_CreateRaw
0x180005e80 cJSON_CreateString
0x1800065a0 cJSON_CreateStringArray
0x180005f90 cJSON_CreateStringReference
0x180005d20 cJSON_CreateTrue
0x1800020b0 cJSON_Delete
0x1800055d0 cJSON_DeleteItemFromArray
0x180005770 cJSON_DeleteItemFromObject
0x180005850 cJSON_DeleteItemFromObjectCaseSensitive
0x180005530 cJSON_DetachItemFromArray
0x180005660 cJSON_DetachItemFromObject
0x1800056e0 cJSON_DetachItemFromObjectCaseSensitive
0x1800054c0 cJSON_DetachItemViaPointer
0x1800066d0 cJSON_Duplicate
0x180004120 cJSON_GetArrayItem
0x180004100 cJSON_GetArraySize
0x180001f60 cJSON_GetErrorPtr
0x180001f90 cJSON_GetNumberValue
0x180004270 cJSON_GetObjectItem
0x180004280 cJSON_GetObjectItemCaseSensitive
0x180001f70 cJSON_GetStringValue
0x180004290 cJSON_HasObjectItem
0x180002020 cJSON_InitHooks
0x180005940 cJSON_InsertItemInArray
0x180006aa0 cJSON_IsArray
0x180006a50 cJSON_IsBool
0x180006a30 cJSON_IsFalse
0x180006a20 cJSON_IsInvalid
0x180006a70 cJSON_IsNull
0x180006a80 cJSON_IsNumber
0x180006ab0 cJSON_IsObject
0x180006ac0 cJSON_IsRaw
0x180006a90 cJSON_IsString
0x180006a40 cJSON_IsTrue
0x1800068d0 cJSON_Minify
0x180002f60 cJSON_Parse
0x180002f90 cJSON_ParseWithLength
0x180002d00 cJSON_ParseWithLengthOpts
0x180002cd0 cJSON_ParseWithOpts
0x1800030f0 cJSON_Print
0x180003110 cJSON_PrintBuffered
0x1800031d0 cJSON_PrintPreallocated
0x180003100 cJSON_PrintUnformatted
0x180005b00 cJSON_ReplaceItemInArray
0x180005b40 cJSON_ReplaceItemInObject
0x180005c10 cJSON_ReplaceItemInObjectCaseSensitive
0x1800059f0 cJSON_ReplaceItemViaPointer
0x180002130 cJSON_SetNumberHelper
0x180002170 cJSON_SetValuestring
0x180001fb0 cJSON_Version
0x180006df0 cJSON_free
0x180006de0 cJSON_malloc
KERNEL32.dll
0x18010a0f0 FreeConsole
0x18010a0f8 WideCharToMultiByte
0x18010a100 WaitForSingleObject
0x18010a108 FindClose
0x18010a110 MultiByteToWideChar
0x18010a118 lstrcmpiW
0x18010a120 CloseHandle
0x18010a128 CreateProcessW
0x18010a130 FindNextFileW
0x18010a138 FindFirstFileW
0x18010a140 LoadLibraryA
0x18010a148 GetLastError
0x18010a150 SetCurrentDirectoryA
0x18010a158 GetProcAddress
0x18010a160 SetEndOfFile
0x18010a168 SetEnvironmentVariableW
0x18010a170 FreeEnvironmentStringsW
0x18010a178 GetEnvironmentStringsW
0x18010a180 GetOEMCP
0x18010a188 GetACP
0x18010a190 IsValidCodePage
0x18010a198 ReadConsoleW
0x18010a1a0 GetTimeZoneInformation
0x18010a1a8 GetExitCodeProcess
0x18010a1b0 GetProcessHeap
0x18010a1b8 HeapQueryInformation
0x18010a1c0 HeapReAlloc
0x18010a1c8 HeapFree
0x18010a1d0 DeleteFileW
0x18010a1d8 SetStdHandle
0x18010a1e0 GetConsoleMode
0x18010a1e8 GetConsoleOutputCP
0x18010a1f0 FlushFileBuffers
0x18010a1f8 EnumSystemLocalesW
0x18010a200 GetUserDefaultLCID
0x18010a208 IsValidLocale
0x18010a210 GetLocaleInfoW
0x18010a218 LCMapStringW
0x18010a220 CompareStringW
0x18010a228 GetTimeFormatW
0x18010a230 GetDateFormatW
0x18010a238 FlsFree
0x18010a240 FlsSetValue
0x18010a248 FlsGetValue
0x18010a250 FlsAlloc
0x18010a258 WriteConsoleW
0x18010a260 OutputDebugStringW
0x18010a268 SetFilePointerEx
0x18010a270 FreeLibraryAndExitThread
0x18010a278 ExitThread
0x18010a280 CreateThread
0x18010a288 FileTimeToSystemTime
0x18010a290 SystemTimeToTzSpecificLocalTime
0x18010a298 GetDriveTypeW
0x18010a2a0 GetCommandLineW
0x18010a2a8 GetCommandLineA
0x18010a2b0 WriteFile
0x18010a2b8 ExitProcess
0x18010a2c0 GetSystemInfo
0x18010a2c8 HeapValidate
0x18010a2d0 HeapSize
0x18010a2d8 HeapAlloc
0x18010a2e0 RtlCaptureContext
0x18010a2e8 RtlLookupFunctionEntry
0x18010a2f0 RtlVirtualUnwind
0x18010a2f8 UnhandledExceptionFilter
0x18010a300 SetUnhandledExceptionFilter
0x18010a308 GetCurrentProcess
0x18010a310 TerminateProcess
0x18010a318 IsProcessorFeaturePresent
0x18010a320 IsDebuggerPresent
0x18010a328 GetStartupInfoW
0x18010a330 GetModuleHandleW
0x18010a338 QueryPerformanceCounter
0x18010a340 GetCurrentProcessId
0x18010a348 GetCurrentThreadId
0x18010a350 GetSystemTimeAsFileTime
0x18010a358 InitializeSListHead
0x18010a360 LocalFree
0x18010a368 FormatMessageA
0x18010a370 GetLocaleInfoEx
0x18010a378 GetCurrentDirectoryW
0x18010a380 CreateFileW
0x18010a388 FindFirstFileExW
0x18010a390 GetFileAttributesExW
0x18010a398 GetFileInformationByHandle
0x18010a3a0 GetFullPathNameW
0x18010a3a8 AreFileApisANSI
0x18010a3b0 GetFileInformationByHandleEx
0x18010a3b8 GetStringTypeW
0x18010a3c0 EnterCriticalSection
0x18010a3c8 LeaveCriticalSection
0x18010a3d0 InitializeCriticalSectionEx
0x18010a3d8 DeleteCriticalSection
0x18010a3e0 EncodePointer
0x18010a3e8 DecodePointer
0x18010a3f0 LCMapStringEx
0x18010a3f8 GetCPInfo
0x18010a400 ReleaseSRWLockExclusive
0x18010a408 AcquireSRWLockExclusive
0x18010a410 SetLastError
0x18010a418 FormatMessageW
0x18010a420 GetTickCount
0x18010a428 QueryPerformanceFrequency
0x18010a430 GetSystemDirectoryA
0x18010a438 FreeLibrary
0x18010a440 GetModuleHandleA
0x18010a448 Sleep
0x18010a450 MoveFileExA
0x18010a458 WaitForSingleObjectEx
0x18010a460 GetEnvironmentVariableA
0x18010a468 GetStdHandle
0x18010a470 GetFileType
0x18010a478 ReadFile
0x18010a480 PeekNamedPipe
0x18010a488 WaitForMultipleObjects
0x18010a490 SleepEx
0x18010a498 VerSetConditionMask
0x18010a4a0 VerifyVersionInfoW
0x18010a4a8 CreateFileA
0x18010a4b0 GetFileSizeEx
0x18010a4b8 RtlUnwindEx
0x18010a4c0 RtlPcToFileHeader
0x18010a4c8 RaiseException
0x18010a4d0 InitializeCriticalSectionAndSpinCount
0x18010a4d8 TlsAlloc
0x18010a4e0 TlsGetValue
0x18010a4e8 TlsSetValue
0x18010a4f0 TlsFree
0x18010a4f8 LoadLibraryExW
0x18010a500 GetModuleFileNameW
0x18010a508 GetModuleHandleExW
0x18010a510 RtlUnwind
SHELL32.dll
0x18010a530 SHGetFolderPathA
0x18010a538 SHGetFolderPathW
winsqlite3.dll
0x18010a730 sqlite3_prepare_v2
0x18010a738 sqlite3_column_text
0x18010a740 sqlite3_open
0x18010a748 sqlite3_column_blob
0x18010a750 sqlite3_errmsg
0x18010a758 sqlite3_step
0x18010a760 sqlite3_column_bytes
0x18010a768 sqlite3_close
crypt.dll
0x18010a6f8 BCryptDecrypt
0x18010a700 BCryptOpenAlgorithmProvider
0x18010a708 BCryptGenRandom
0x18010a710 BCryptGenerateSymmetricKey
0x18010a718 BCryptSetProperty
0x18010a720 BCryptCloseAlgorithmProvider
CRYPT32.dll
0x18010a050 CryptUnprotectData
0x18010a058 CryptStringToBinaryA
0x18010a060 CertOpenStore
0x18010a068 CertCloseStore
0x18010a070 CertFreeCertificateChain
0x18010a078 CertGetCertificateChain
0x18010a080 CertFreeCertificateChainEngine
0x18010a088 CertCreateCertificateChainEngine
0x18010a090 CryptQueryObject
0x18010a098 CertGetNameStringA
0x18010a0a0 CertFindExtension
0x18010a0a8 CertAddCertificateContextToStore
0x18010a0b0 CryptDecodeObjectEx
0x18010a0b8 PFXImportCertStore
0x18010a0c0 CertFreeCertificateContext
0x18010a0c8 CertFindCertificateInStore
0x18010a0d0 CertEnumCertificatesInStore
IPHLPAPI.DLL
0x18010a0e0 GetAdaptersInfo
WS2_32.dll
0x18010a5e0 recvfrom
0x18010a5e8 freeaddrinfo
0x18010a5f0 getaddrinfo
0x18010a5f8 recv
0x18010a600 listen
0x18010a608 htonl
0x18010a610 getpeername
0x18010a618 connect
0x18010a620 ind
0x18010a628 accept
0x18010a630 select
0x18010a638 __WSAFDIsSet
0x18010a640 socket
0x18010a648 ioctlsocket
0x18010a650 WSAIoctl
0x18010a658 setsockopt
0x18010a660 WSACleanup
0x18010a668 WSAStartup
0x18010a670 WSASetLastError
0x18010a678 ntohs
0x18010a680 WSAGetLastError
0x18010a688 closesocket
0x18010a690 WSAWaitForMultipleEvents
0x18010a698 WSAResetEvent
0x18010a6a0 WSAEventSelect
0x18010a6a8 WSAEnumNetworkEvents
0x18010a6b0 WSACreateEvent
0x18010a6b8 WSACloseEvent
0x18010a6c0 send
0x18010a6c8 getsockopt
0x18010a6d0 gethostname
0x18010a6d8 sendto
0x18010a6e0 getsockname
0x18010a6e8 htons
WLDAP32.dll
0x18010a548 None
0x18010a550 None
0x18010a558 None
0x18010a560 None
0x18010a568 None
0x18010a570 None
0x18010a578 None
0x18010a580 None
0x18010a588 None
0x18010a590 None
0x18010a598 None
0x18010a5a0 None
0x18010a5a8 None
0x18010a5b0 None
0x18010a5b8 None
0x18010a5c0 None
0x18010a5c8 None
0x18010a5d0 None
Normaliz.dll
0x18010a520 IdnToAscii
ADVAPI32.dll
0x18010a000 CryptAcquireContextA
0x18010a008 CryptReleaseContext
0x18010a010 CryptGetHashParam
0x18010a018 CryptCreateHash
0x18010a020 CryptHashData
0x18010a028 CryptDestroyHash
0x18010a030 CryptDestroyKey
0x18010a038 CryptEncrypt
0x18010a040 CryptImportKey
EAT(Export Address Table) Library
0x180008780 cJSONUtils_AddPatchToArray
0x1800082d0 cJSONUtils_ApplyPatches
0x180008330 cJSONUtils_ApplyPatchesCaseSensitive
0x180006e00 cJSONUtils_FindPointerFromObjectTo
0x180009520 cJSONUtils_GenerateMergePatch
0x180009530 cJSONUtils_GenerateMergePatchCaseSensitive
0x180008c10 cJSONUtils_GeneratePatches
0x180008ca0 cJSONUtils_GeneratePatchesCaseSensitive
0x1800071a0 cJSONUtils_GetPointer
0x1800071b0 cJSONUtils_GetPointerCaseSensitive
0x180009090 cJSONUtils_MergePatch
0x1800090a0 cJSONUtils_MergePatchCaseSensitive
0x180008d30 cJSONUtils_SortObject
0x180008d60 cJSONUtils_SortObjectCaseSensitive
0x180005330 cJSON_AddArrayToObject
0x180004bc0 cJSON_AddBoolToObject
0x180004a30 cJSON_AddFalseToObject
0x1800044f0 cJSON_AddItemReferenceToArray
0x1800045c0 cJSON_AddItemReferenceToObject
0x1800042b0 cJSON_AddItemToArray
0x180004300 cJSON_AddItemToObject
0x180004410 cJSON_AddItemToObjectCS
0x180004710 cJSON_AddNullToObject
0x180004d50 cJSON_AddNumberToObject
0x1800051a0 cJSON_AddObjectToObject
0x180005030 cJSON_AddRawToObject
0x180004ec0 cJSON_AddStringToObject
0x1800048a0 cJSON_AddTrueToObject
0x180006ad0 cJSON_Compare
0x180006190 cJSON_CreateArray
0x180006030 cJSON_CreateArrayReference
0x180005da0 cJSON_CreateBool
0x180006470 cJSON_CreateDoubleArray
0x180005d60 cJSON_CreateFalse
0x180006340 cJSON_CreateFloatArray
0x180006210 cJSON_CreateIntArray
0x180005ce0 cJSON_CreateNull
0x180005de0 cJSON_CreateNumber
0x1800061d0 cJSON_CreateObject
0x180005fe0 cJSON_CreateObjectReference
0x180006080 cJSON_CreateRaw
0x180005e80 cJSON_CreateString
0x1800065a0 cJSON_CreateStringArray
0x180005f90 cJSON_CreateStringReference
0x180005d20 cJSON_CreateTrue
0x1800020b0 cJSON_Delete
0x1800055d0 cJSON_DeleteItemFromArray
0x180005770 cJSON_DeleteItemFromObject
0x180005850 cJSON_DeleteItemFromObjectCaseSensitive
0x180005530 cJSON_DetachItemFromArray
0x180005660 cJSON_DetachItemFromObject
0x1800056e0 cJSON_DetachItemFromObjectCaseSensitive
0x1800054c0 cJSON_DetachItemViaPointer
0x1800066d0 cJSON_Duplicate
0x180004120 cJSON_GetArrayItem
0x180004100 cJSON_GetArraySize
0x180001f60 cJSON_GetErrorPtr
0x180001f90 cJSON_GetNumberValue
0x180004270 cJSON_GetObjectItem
0x180004280 cJSON_GetObjectItemCaseSensitive
0x180001f70 cJSON_GetStringValue
0x180004290 cJSON_HasObjectItem
0x180002020 cJSON_InitHooks
0x180005940 cJSON_InsertItemInArray
0x180006aa0 cJSON_IsArray
0x180006a50 cJSON_IsBool
0x180006a30 cJSON_IsFalse
0x180006a20 cJSON_IsInvalid
0x180006a70 cJSON_IsNull
0x180006a80 cJSON_IsNumber
0x180006ab0 cJSON_IsObject
0x180006ac0 cJSON_IsRaw
0x180006a90 cJSON_IsString
0x180006a40 cJSON_IsTrue
0x1800068d0 cJSON_Minify
0x180002f60 cJSON_Parse
0x180002f90 cJSON_ParseWithLength
0x180002d00 cJSON_ParseWithLengthOpts
0x180002cd0 cJSON_ParseWithOpts
0x1800030f0 cJSON_Print
0x180003110 cJSON_PrintBuffered
0x1800031d0 cJSON_PrintPreallocated
0x180003100 cJSON_PrintUnformatted
0x180005b00 cJSON_ReplaceItemInArray
0x180005b40 cJSON_ReplaceItemInObject
0x180005c10 cJSON_ReplaceItemInObjectCaseSensitive
0x1800059f0 cJSON_ReplaceItemViaPointer
0x180002130 cJSON_SetNumberHelper
0x180002170 cJSON_SetValuestring
0x180001fb0 cJSON_Version
0x180006df0 cJSON_free
0x180006de0 cJSON_malloc