Report - eth.exe

Malicious Library Antivirus UPX Anti_VM PE File PE64 OS Processor Check
ScreenShot
Created 2024.08.11 15:18 Machine s1_win7_x6401
Filename eth.exe
Type PE32+ executable (GUI) x86-64, for MS Windows
AI Score
4
Behavior Score
1.6
ZERO API file : malware
VT API (file) 42 detected (AIDetectMalware, GameHack, malicious, high confidence, score, Artemis, Zusy, Vgsq, Attribute, HighConfidence, JJ potentially unsafe, AGEN, Generic Reputation PUA, Static AI, Suspicious PE, Detected, ai score=84, Wacapew, ABApplication, NBHD, R639555, R002H09GS24, j2KoxLbeuf4, susgen, confidence)
md5 841e052a11d2ea9148d356ae0f9c3577
sha256 1c6981858bb6bfdc80538a0b791238736cbe2f238d973b9b21c516af8c5315ae
ssdeep 49152:appzEXtbTwc3pV8O91Evi67eHXy3hoEnny+4RxkcN5:apKSPXrYxkS5
imphash a393b975f142a9f72ae07718531de3d1
impfuzzy 192:GpbWzuuizMMxcdvCRUI48aJrceEFysh+i77nggn1vjdW:GpbGuTqERnegysh+ivgCNhW
  Network IP location

Signature (2cnts)

Level Description
danger File has been identified by 42 AntiVirus engines on VirusTotal as malicious
notice The binary likely contains encrypted or compressed data indicative of a packer

Rules (7cnts)

Level Name Description Collection
watch Antivirus Contains references to security software binaries (upload)
watch Malicious_Library_Zero Malicious_Library binaries (upload)
watch UPX_Zero UPX packed file binaries (upload)
notice anti_vm_detect Possibly employs anti-virtualization techniques binaries (upload)
info IsPE64 (no description) binaries (upload)
info OS_Processor_Check_Zero OS Processor Check binaries (upload)
info PE_Header_Zero PE File Signature binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids

PE API

IAT(Import Address Table) Library

KERNEL32.dll
 0x1400d80e8 GetFirmwareType
 0x1400d80f0 InitializeCriticalSectionEx
 0x1400d80f8 DeleteCriticalSection
 0x1400d8100 FormatMessageA
 0x1400d8108 LocalFree
 0x1400d8110 GetCurrentThread
 0x1400d8118 Sleep
 0x1400d8120 VerifyVersionInfoW
 0x1400d8128 SetFileCompletionNotificationModes
 0x1400d8130 CloseThreadpoolIo
 0x1400d8138 CancelThreadpoolIo
 0x1400d8140 StartThreadpoolIo
 0x1400d8148 CreateThreadpoolIo
 0x1400d8150 GetOverlappedResult
 0x1400d8158 WriteFile
 0x1400d8160 ReadFile
 0x1400d8168 CreateFileW
 0x1400d8170 FormatMessageW
 0x1400d8178 OutputDebugStringW
 0x1400d8180 InitializeSListHead
 0x1400d8188 GetSystemTimeAsFileTime
 0x1400d8190 GetCurrentThreadId
 0x1400d8198 ExpandEnvironmentStringsA
 0x1400d81a0 GetModuleHandleW
 0x1400d81a8 IsProcessorFeaturePresent
 0x1400d81b0 GetStartupInfoW
 0x1400d81b8 SetUnhandledExceptionFilter
 0x1400d81c0 UnhandledExceptionFilter
 0x1400d81c8 IsDebuggerPresent
 0x1400d81d0 RtlVirtualUnwind
 0x1400d81d8 RtlLookupFunctionEntry
 0x1400d81e0 RtlCaptureContext
 0x1400d81e8 SleepConditionVariableSRW
 0x1400d81f0 WakeAllConditionVariable
 0x1400d81f8 AcquireSRWLockExclusive
 0x1400d8200 ReleaseSRWLockExclusive
 0x1400d8208 InitOnceComplete
 0x1400d8210 InitOnceBeginInitialize
 0x1400d8218 QueryPerformanceFrequency
 0x1400d8220 FindClose
 0x1400d8228 GetUserDefaultLocaleName
 0x1400d8230 LoadLibraryA
 0x1400d8238 GetProcAddress
 0x1400d8240 GetModuleHandleA
 0x1400d8248 QueryPerformanceCounter
 0x1400d8250 VerSetConditionMask
 0x1400d8258 WideCharToMultiByte
 0x1400d8260 MultiByteToWideChar
 0x1400d8268 GetModuleFileNameA
 0x1400d8270 FreeLibrary
 0x1400d8278 TerminateProcess
 0x1400d8280 ExitProcess
 0x1400d8288 GetCurrentProcess
 0x1400d8290 WaitForSingleObject
 0x1400d8298 GetLastError
 0x1400d82a0 CloseHandle
 0x1400d82a8 GlobalFree
 0x1400d82b0 GlobalLock
 0x1400d82b8 GetFirmwareEnvironmentVariableA
 0x1400d82c0 GlobalUnlock
 0x1400d82c8 GlobalAlloc
 0x1400d82d0 GetCurrentProcessId
 0x1400d82d8 GetTickCount64
 0x1400d82e0 FindNextFileA
 0x1400d82e8 FindFirstFileA
 0x1400d82f0 GetFileSizeEx
 0x1400d82f8 GetLocaleInfoEx
USER32.dll
 0x1400d8800 ReleaseCapture
 0x1400d8808 IsWindowUnicode
 0x1400d8810 GetCapture
 0x1400d8818 GetKeyState
 0x1400d8820 GetForegroundWindow
 0x1400d8828 GetClientRect
 0x1400d8830 SetCursorPos
 0x1400d8838 SetCursor
 0x1400d8840 UnregisterClassW
 0x1400d8848 ClientToScreen
 0x1400d8850 ScreenToClient
 0x1400d8858 LoadCursorA
 0x1400d8860 GetMessageExtraInfo
 0x1400d8868 TrackMouseEvent
 0x1400d8870 EmptyClipboard
 0x1400d8878 RegisterClassExW
 0x1400d8880 CloseClipboard
 0x1400d8888 SetClipboardData
 0x1400d8890 OpenClipboard
 0x1400d8898 GetCursorPos
 0x1400d88a0 UnregisterClassA
 0x1400d88a8 TranslateMessage
 0x1400d88b0 GetClipboardData
 0x1400d88b8 CreateWindowExW
 0x1400d88c0 DestroyWindow
 0x1400d88c8 ShowWindow
 0x1400d88d0 MoveWindow
 0x1400d88d8 GetSystemMetrics
 0x1400d88e0 CreateWindowExA
 0x1400d88e8 RegisterClassExA
 0x1400d88f0 LoadIconA
 0x1400d88f8 GetWindowRect
 0x1400d8900 DispatchMessageA
 0x1400d8908 PeekMessageA
 0x1400d8910 SetCapture
 0x1400d8918 DefWindowProcA
 0x1400d8920 PostQuitMessage
 0x1400d8928 UpdateWindow
ADVAPI32.dll
 0x1400d8000 RegCloseKey
 0x1400d8008 LookupPrivilegeValueA
 0x1400d8010 GetUserNameW
 0x1400d8018 OpenProcessToken
 0x1400d8020 RegOpenKeyExA
 0x1400d8028 RegGetValueA
 0x1400d8030 RegCreateKeyExA
 0x1400d8038 RegSetValueExA
 0x1400d8040 RegQueryValueExA
 0x1400d8048 AdjustTokenPrivileges
SHELL32.dll
 0x1400d87f0 ShellExecuteExA
MSVCP140.dll
 0x1400d8308 ?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
 0x1400d8310 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
 0x1400d8318 ?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
 0x1400d8320 ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
 0x1400d8328 ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
 0x1400d8330 ??Bios_base@std@@QEBA_NXZ
 0x1400d8338 ?setf@ios_base@std@@QEAAHHH@Z
 0x1400d8340 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
 0x1400d8348 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
 0x1400d8350 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
 0x1400d8358 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
 0x1400d8360 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
 0x1400d8368 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
 0x1400d8370 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
 0x1400d8378 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
 0x1400d8380 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
 0x1400d8388 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
 0x1400d8390 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
 0x1400d8398 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
 0x1400d83a0 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
 0x1400d83a8 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
 0x1400d83b0 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
 0x1400d83b8 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
 0x1400d83c0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
 0x1400d83c8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
 0x1400d83d0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
 0x1400d83d8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
 0x1400d83e0 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
 0x1400d83e8 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
 0x1400d83f0 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
 0x1400d83f8 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
 0x1400d8400 ?_Random_device@std@@YAIXZ
 0x1400d8408 ?_Incref@facet@locale@std@@UEAAXXZ
 0x1400d8410 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
 0x1400d8418 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
 0x1400d8420 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
 0x1400d8428 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
 0x1400d8430 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
 0x1400d8438 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
 0x1400d8440 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
 0x1400d8448 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
 0x1400d8450 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
 0x1400d8458 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
 0x1400d8460 ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
 0x1400d8468 _Mtx_init_in_situ
 0x1400d8470 _Mtx_destroy_in_situ
 0x1400d8478 ??0_Lockit@std@@QEAA@H@Z
 0x1400d8480 ??1_Lockit@std@@QEAA@XZ
 0x1400d8488 ?uncaught_exceptions@std@@YAHXZ
 0x1400d8490 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
 0x1400d8498 ?always_noconv@codecvt_base@std@@QEBA_NXZ
 0x1400d84a0 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
 0x1400d84a8 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
 0x1400d84b0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
 0x1400d84b8 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
 0x1400d84c0 ?good@ios_base@std@@QEBA_NXZ
 0x1400d84c8 ?flags@ios_base@std@@QEBAHXZ
 0x1400d84d0 ?width@ios_base@std@@QEBA_JXZ
 0x1400d84d8 ?width@ios_base@std@@QEAA_J_J@Z
 0x1400d84e0 ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
 0x1400d84e8 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
 0x1400d84f0 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
 0x1400d84f8 ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
 0x1400d8500 ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
 0x1400d8508 ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
 0x1400d8510 ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
 0x1400d8518 ?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
 0x1400d8520 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
 0x1400d8528 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
 0x1400d8530 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
 0x1400d8538 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
 0x1400d8540 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
 0x1400d8548 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
 0x1400d8550 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
 0x1400d8558 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
 0x1400d8560 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
 0x1400d8568 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
 0x1400d8570 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
 0x1400d8578 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
 0x1400d8580 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
 0x1400d8588 _Thrd_detach
 0x1400d8590 _Cnd_do_broadcast_at_thread_exit
 0x1400d8598 ?_Throw_Cpp_error@std@@YAXH@Z
 0x1400d85a0 ?_Xinvalid_argument@std@@YAXPEBD@Z
 0x1400d85a8 ?fail@ios_base@std@@QEBA_NXZ
 0x1400d85b0 ?__ExceptionPtrCreate@@YAXPEAX@Z
 0x1400d85b8 ?__ExceptionPtrDestroy@@YAXPEAX@Z
 0x1400d85c0 ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
 0x1400d85c8 ?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
 0x1400d85d0 ?__ExceptionPtrToBool@@YA_NPEBX@Z
 0x1400d85d8 ?__ExceptionPtrCurrentException@@YAXPEAX@Z
 0x1400d85e0 ?__ExceptionPtrRethrow@@YAXPEBX@Z
 0x1400d85e8 ?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
 0x1400d85f0 _Mtx_lock
 0x1400d85f8 _Mtx_unlock
 0x1400d8600 _Cnd_init_in_situ
 0x1400d8608 _Cnd_destroy_in_situ
 0x1400d8610 _Cnd_wait
 0x1400d8618 _Cnd_broadcast
 0x1400d8620 ?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
 0x1400d8628 ?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
 0x1400d8630 ?_ReportUnobservedException@details@Concurrency@@YAXXZ
 0x1400d8638 ?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
 0x1400d8640 ?_Xbad_function_call@std@@YAXXZ
 0x1400d8648 ?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
 0x1400d8650 ?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
 0x1400d8658 ?_Assign@_ContextCallback@details@Concurrency@@AEAAXPEAX@Z
 0x1400d8660 ?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
 0x1400d8668 ?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
 0x1400d8670 ?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
 0x1400d8678 ??0task_continuation_context@Concurrency@@AEAA@XZ
 0x1400d8680 ?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
 0x1400d8688 ?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
 0x1400d8690 ?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
 0x1400d8698 ?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
 0x1400d86a0 ?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
 0x1400d86a8 ?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
 0x1400d86b0 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
 0x1400d86b8 ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
 0x1400d86c0 ?_Xout_of_range@std@@YAXPEBD@Z
 0x1400d86c8 ?_Xlength_error@std@@YAXPEBD@Z
 0x1400d86d0 ?_Xbad_alloc@std@@YAXXZ
 0x1400d86d8 ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEA_K@Z
 0x1400d86e0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
 0x1400d86e8 ??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
 0x1400d86f0 ??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
 0x1400d86f8 ?_Throw_C_error@std@@YAXH@Z
 0x1400d8700 ?__ExceptionPtrCompare@@YA_NPEBX0@Z
 0x1400d8708 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
 0x1400d8710 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
 0x1400d8718 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
 0x1400d8720 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
 0x1400d8728 ?uncaught_exception@std@@YA_NXZ
 0x1400d8730 ?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
 0x1400d8738 ?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
 0x1400d8740 ?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
 0x1400d8748 ?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
 0x1400d8750 ?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
 0x1400d8758 ?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
 0x1400d8760 ?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
 0x1400d8768 ?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
 0x1400d8770 ?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
 0x1400d8778 ??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
 0x1400d8780 ??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
 0x1400d8788 ??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
 0x1400d8790 ??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
 0x1400d8798 ?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
 0x1400d87a0 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
 0x1400d87a8 ??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
 0x1400d87b0 ?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
 0x1400d87b8 ??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
 0x1400d87c0 ??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
 0x1400d87c8 ?classic@locale@std@@SAAEBV12@XZ
 0x1400d87d0 ?_Winerror_map@std@@YAHH@Z
 0x1400d87d8 ?_Syserror_map@std@@YAPEBDH@Z
 0x1400d87e0 ??Bid@locale@std@@QEAA_KXZ
CONCRT140.dll
 0x1400d8058 ?_Release@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
 0x1400d8060 ??0_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
 0x1400d8068 ?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QEAAXXZ
 0x1400d8070 ??1_ReentrantBlockingLock@details@Concurrency@@QEAA@XZ
IMM32.dll
 0x1400d80c0 ImmSetCompositionWindow
 0x1400d80c8 ImmGetContext
 0x1400d80d0 ImmSetCandidateWindow
 0x1400d80d8 ImmReleaseContext
D3DCOMPILER_47.dll
 0x1400d80b0 D3DCompile
CRYPT32.dll
 0x1400d8080 CertGetCertificateChain
 0x1400d8088 CertFreeCertificateChain
 0x1400d8090 CertVerifyCertificateChainPolicy
 0x1400d8098 CertFreeCertificateContext
 0x1400d80a0 CryptUnprotectMemory
crypt.dll
 0x1400d8d40 BCryptHashData
 0x1400d8d48 BCryptFinishHash
 0x1400d8d50 BCryptCreateHash
 0x1400d8d58 BCryptCloseAlgorithmProvider
 0x1400d8d60 BCryptGetProperty
 0x1400d8d68 BCryptOpenAlgorithmProvider
 0x1400d8d70 BCryptDestroyHash
WINHTTP.dll
 0x1400d89c0 WinHttpWriteData
 0x1400d89c8 WinHttpGetDefaultProxyConfiguration
 0x1400d89d0 WinHttpQueryHeaders
 0x1400d89d8 WinHttpReceiveResponse
 0x1400d89e0 WinHttpQueryAuthSchemes
 0x1400d89e8 WinHttpSetCredentials
 0x1400d89f0 WinHttpSetStatusCallback
 0x1400d89f8 WinHttpAddRequestHeaders
 0x1400d8a00 WinHttpOpenRequest
 0x1400d8a08 WinHttpCloseHandle
 0x1400d8a10 WinHttpSetTimeouts
 0x1400d8a18 WinHttpSetOption
 0x1400d8a20 WinHttpQueryOption
 0x1400d8a28 WinHttpGetIEProxyConfigForCurrentUser
 0x1400d8a30 WinHttpSendRequest
 0x1400d8a38 WinHttpQueryDataAvailable
 0x1400d8a40 WinHttpConnect
 0x1400d8a48 WinHttpReadData
 0x1400d8a50 WinHttpGetProxyForUrl
 0x1400d8a58 WinHttpOpen
d3d11.dll
 0x1400d8d80 D3D11CreateDeviceAndSwapChain
VCRUNTIME140.dll
 0x1400d8938 __std_exception_copy
 0x1400d8940 __std_exception_destroy
 0x1400d8948 _CxxThrowException
 0x1400d8950 memchr
 0x1400d8958 memcmp
 0x1400d8960 memcpy
 0x1400d8968 memmove
 0x1400d8970 memset
 0x1400d8978 strstr
 0x1400d8980 _purecall
 0x1400d8988 __C_specific_handler
 0x1400d8990 __current_exception
 0x1400d8998 __current_exception_context
 0x1400d89a0 __std_terminate
VCRUNTIME140_1.dll
 0x1400d89b0 __CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0.dll
 0x1400d8b50 _initterm
 0x1400d8b58 _set_app_type
 0x1400d8b60 _initterm_e
 0x1400d8b68 exit
 0x1400d8b70 _seh_filter_exe
 0x1400d8b78 _exit
 0x1400d8b80 _cexit
 0x1400d8b88 _crt_atexit
 0x1400d8b90 _register_onexit_function
 0x1400d8b98 _c_exit
 0x1400d8ba0 _get_narrow_winmain_command_line
 0x1400d8ba8 _initialize_onexit_table
 0x1400d8bb0 _register_thread_local_exe_atexit_callback
 0x1400d8bb8 _initialize_narrow_environment
 0x1400d8bc0 _configure_narrow_argv
 0x1400d8bc8 abort
 0x1400d8bd0 terminate
 0x1400d8bd8 _invalid_parameter_noinfo_noreturn
 0x1400d8be0 _beginthreadex
 0x1400d8be8 _errno
api-ms-win-crt-string-l1-1-0.dll
 0x1400d8cc0 isxdigit
 0x1400d8cc8 strncpy
 0x1400d8cd0 strcmp
 0x1400d8cd8 strcat_s
 0x1400d8ce0 strncmp
 0x1400d8ce8 strcpy_s
 0x1400d8cf0 isalpha
 0x1400d8cf8 isdigit
api-ms-win-crt-stdio-l1-1-0.dll
 0x1400d8bf8 _get_stream_buffer_pointers
 0x1400d8c00 fclose
 0x1400d8c08 fflush
 0x1400d8c10 fwrite
 0x1400d8c18 __acrt_iob_func
 0x1400d8c20 fgetpos
 0x1400d8c28 fputc
 0x1400d8c30 fread
 0x1400d8c38 __p__commode
 0x1400d8c40 _set_fmode
 0x1400d8c48 fsetpos
 0x1400d8c50 _fseeki64
 0x1400d8c58 setvbuf
 0x1400d8c60 ferror
 0x1400d8c68 feof
 0x1400d8c70 ungetc
 0x1400d8c78 __stdio_common_vsprintf_s
 0x1400d8c80 _wfopen
 0x1400d8c88 fseek
 0x1400d8c90 __stdio_common_vsscanf
 0x1400d8c98 __stdio_common_vsprintf
 0x1400d8ca0 __stdio_common_vfprintf
 0x1400d8ca8 ftell
 0x1400d8cb0 fgetc
api-ms-win-crt-heap-l1-1-0.dll
 0x1400d8ac0 free
 0x1400d8ac8 _set_new_mode
 0x1400d8ad0 _callnewh
 0x1400d8ad8 realloc
 0x1400d8ae0 malloc
api-ms-win-crt-convert-l1-1-0.dll
 0x1400d8a68 atoi
 0x1400d8a70 wcstol
 0x1400d8a78 wcstombs_s
 0x1400d8a80 strtol
api-ms-win-crt-filesystem-l1-1-0.dll
 0x1400d8a90 _mkdir
 0x1400d8a98 _lock_file
 0x1400d8aa0 _access_s
 0x1400d8aa8 remove
 0x1400d8ab0 _unlock_file
api-ms-win-crt-time-l1-1-0.dll
 0x1400d8d08 strftime
 0x1400d8d10 _time64
 0x1400d8d18 _localtime64_s
 0x1400d8d20 _localtime64
api-ms-win-crt-math-l1-1-0.dll
 0x1400d8b00 cosf
 0x1400d8b08 ceilf
 0x1400d8b10 powf
 0x1400d8b18 fmodf
 0x1400d8b20 sqrtf
 0x1400d8b28 ldexp
 0x1400d8b30 __setusermatherr
 0x1400d8b38 acosf
 0x1400d8b40 sinf
api-ms-win-crt-utility-l1-1-0.dll
 0x1400d8d30 qsort
api-ms-win-crt-locale-l1-1-0.dll
 0x1400d8af0 _configthreadlocale

EAT(Export Address Table) is none



Similarity measure (PE file only) - Checking for service failure