ScreenShot
| Created | 2024.08.30 11:16 | Machine | s1_win7_x6403 |
| Filename | mapp.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 53 detected (AIDetectMalware, Hacktool, GameHack, malicious, high confidence, Tedy, Unsafe, Save, Genus, CHJA, Attribute, HighConfidence, Artemis, HacktoolX, Tool, Zusy, DriverLoader, CLOUD, VSNTBO24, Kdmapper, Static AI, Malicious PE, Detected, ai score=100, Malware@#2lramrd9o0bua, Casdet, R623832, Krypt, Gencirc, R2xgHXtVjk0, susgen, confidence, 100%) | ||
| md5 | cb466c26bb103105b293f2c6c9eecac8 | ||
| sha256 | 606200a953202e91ac07723eb0083a98d8c9a6a20a8d21696127267bfabaad3d | ||
| ssdeep | 3072:InIIk+R5LhO6wM6IZ6HyLy9rdmJTQSaMm5/6aYS8ox:InbkC5LE6NLKqWlL8U | ||
| imphash | 2f7ae5cf50f80f4cf6e0d858b17bed85 | ||
| impfuzzy | 96:0rYYjbWAMRoognAU/Imwz8FcgkE7jLDpqqnbD0xUu8mxUO6ipwu6RJCZ/7uoRd7J:UJWcoz8Fuwu6e/R0gfjJAG | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 53 AntiVirus engines on VirusTotal as malicious |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x140012030 CloseHandle
0x140012038 GetProcAddress
0x140012040 GetModuleHandleA
0x140012048 SetUnhandledExceptionFilter
0x140012050 GetTempPathW
0x140012058 FormatMessageA
0x140012060 GetCurrentThreadId
0x140012068 CreateFileW
0x140012070 VirtualAlloc
0x140012078 DeviceIoControl
0x140012080 GetCurrentProcessId
0x140012088 VirtualFree
0x140012090 GetLocaleInfoEx
0x140012098 FindClose
0x1400120a0 FindFirstFileW
0x1400120a8 GetFileAttributesExW
0x1400120b0 AreFileApisANSI
0x1400120b8 GetLastError
0x1400120c0 GetModuleHandleW
0x1400120c8 GetFileInformationByHandleEx
0x1400120d0 WideCharToMultiByte
0x1400120d8 ReleaseSRWLockExclusive
0x1400120e0 AcquireSRWLockExclusive
0x1400120e8 WakeAllConditionVariable
0x1400120f0 SleepConditionVariableSRW
0x1400120f8 RtlCaptureContext
0x140012100 RtlLookupFunctionEntry
0x140012108 RtlVirtualUnwind
0x140012110 UnhandledExceptionFilter
0x140012118 GetCurrentProcess
0x140012120 TerminateProcess
0x140012128 IsProcessorFeaturePresent
0x140012130 QueryPerformanceCounter
0x140012138 GetSystemTimeAsFileTime
0x140012140 InitializeSListHead
0x140012148 IsDebuggerPresent
0x140012150 LocalFree
ADVAPI32.dll
0x140012000 RegCloseKey
0x140012008 RegDeleteTreeW
0x140012010 RegCreateKeyW
0x140012018 RegOpenKeyW
0x140012020 RegSetKeyValueW
MSVCP140.dll
0x140012160 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140012168 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140012170 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140012178 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140012180 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x140012188 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140012190 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140012198 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
0x1400121a0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
0x1400121a8 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1400121b0 ?good@ios_base@std@@QEBA_NXZ
0x1400121b8 ??7ios_base@std@@QEBA_NXZ
0x1400121c0 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400121c8 ?widen@?$ctype@_W@std@@QEBA_WD@Z
0x1400121d0 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1400121d8 ??Bid@locale@std@@QEAA_KXZ
0x1400121e0 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400121e8 ?_Winerror_map@std@@YAHH@Z
0x1400121f0 ?_Syserror_map@std@@YAPEBDH@Z
0x1400121f8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
0x140012200 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140012208 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x140012210 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140012218 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x140012220 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140012228 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140012230 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140012238 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140012240 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
0x140012248 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140012250 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140012258 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140012260 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140012268 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140012270 ??1_Lockit@std@@QEAA@XZ
0x140012278 ??0_Lockit@std@@QEAA@H@Z
0x140012280 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140012288 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140012290 ?uncaught_exception@std@@YA_NXZ
0x140012298 ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
0x1400122a0 ?id@?$ctype@_W@std@@2V0locale@2@A
0x1400122a8 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1400122b0 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x1400122b8 ?_Xlength_error@std@@YAXPEBD@Z
0x1400122c0 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400122c8 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x1400122d0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400122d8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400122e0 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400122e8 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400122f0 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x1400122f8 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x140012300 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x140012308 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140012310 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140012318 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x140012320 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x140012328 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
0x140012330 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
0x140012338 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
ntdll.dll
0x140012590 NtQuerySystemInformation
0x140012598 RtlInitUnicodeString
VCRUNTIME140_1.dll
0x1400123b0 __CxxFrameHandler4
VCRUNTIME140.dll
0x140012348 __current_exception_context
0x140012350 __current_exception
0x140012358 _CxxThrowException
0x140012360 __C_specific_handler
0x140012368 __std_terminate
0x140012370 wcsstr
0x140012378 __std_exception_destroy
0x140012380 memcmp
0x140012388 memcpy
0x140012390 memset
0x140012398 __std_exception_copy
0x1400123a0 memmove
api-ms-win-crt-stdio-l1-1-0.dll
0x1400124d8 _set_fmode
0x1400124e0 _fseeki64
0x1400124e8 fread
0x1400124f0 fsetpos
0x1400124f8 _get_stream_buffer_pointers
0x140012500 __p__commode
0x140012508 fputc
0x140012510 setvbuf
0x140012518 fgetpos
0x140012520 fwrite
0x140012528 ungetc
0x140012530 fflush
0x140012538 fgetc
0x140012540 fclose
api-ms-win-crt-utility-l1-1-0.dll
0x140012578 srand
0x140012580 rand
api-ms-win-crt-filesystem-l1-1-0.dll
0x1400123c0 _lock_file
0x1400123c8 _wremove
0x1400123d0 _unlock_file
api-ms-win-crt-string-l1-1-0.dll
0x140012550 _wcsicmp
0x140012558 _stricmp
api-ms-win-crt-time-l1-1-0.dll
0x140012568 _time64
api-ms-win-crt-runtime-l1-1-0.dll
0x140012430 _initialize_onexit_table
0x140012438 _register_onexit_function
0x140012440 _c_exit
0x140012448 _cexit
0x140012450 __p___wargv
0x140012458 __p___argc
0x140012460 _invalid_parameter_noinfo_noreturn
0x140012468 exit
0x140012470 _initterm_e
0x140012478 _initterm
0x140012480 _get_initial_wide_environment
0x140012488 _initialize_wide_environment
0x140012490 _configure_wide_argv
0x140012498 _crt_atexit
0x1400124a0 _set_app_type
0x1400124a8 _seh_filter_exe
0x1400124b0 abort
0x1400124b8 _exit
0x1400124c0 terminate
0x1400124c8 _register_thread_local_exe_atexit_callback
api-ms-win-crt-heap-l1-1-0.dll
0x1400123e0 malloc
0x1400123e8 _set_new_mode
0x1400123f0 _callnewh
0x1400123f8 free
api-ms-win-crt-locale-l1-1-0.dll
0x140012408 _configthreadlocale
0x140012410 ___lc_codepage_func
api-ms-win-crt-math-l1-1-0.dll
0x140012420 __setusermatherr
EAT(Export Address Table) is none
KERNEL32.dll
0x140012030 CloseHandle
0x140012038 GetProcAddress
0x140012040 GetModuleHandleA
0x140012048 SetUnhandledExceptionFilter
0x140012050 GetTempPathW
0x140012058 FormatMessageA
0x140012060 GetCurrentThreadId
0x140012068 CreateFileW
0x140012070 VirtualAlloc
0x140012078 DeviceIoControl
0x140012080 GetCurrentProcessId
0x140012088 VirtualFree
0x140012090 GetLocaleInfoEx
0x140012098 FindClose
0x1400120a0 FindFirstFileW
0x1400120a8 GetFileAttributesExW
0x1400120b0 AreFileApisANSI
0x1400120b8 GetLastError
0x1400120c0 GetModuleHandleW
0x1400120c8 GetFileInformationByHandleEx
0x1400120d0 WideCharToMultiByte
0x1400120d8 ReleaseSRWLockExclusive
0x1400120e0 AcquireSRWLockExclusive
0x1400120e8 WakeAllConditionVariable
0x1400120f0 SleepConditionVariableSRW
0x1400120f8 RtlCaptureContext
0x140012100 RtlLookupFunctionEntry
0x140012108 RtlVirtualUnwind
0x140012110 UnhandledExceptionFilter
0x140012118 GetCurrentProcess
0x140012120 TerminateProcess
0x140012128 IsProcessorFeaturePresent
0x140012130 QueryPerformanceCounter
0x140012138 GetSystemTimeAsFileTime
0x140012140 InitializeSListHead
0x140012148 IsDebuggerPresent
0x140012150 LocalFree
ADVAPI32.dll
0x140012000 RegCloseKey
0x140012008 RegDeleteTreeW
0x140012010 RegCreateKeyW
0x140012018 RegOpenKeyW
0x140012020 RegSetKeyValueW
MSVCP140.dll
0x140012160 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140012168 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140012170 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140012178 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140012180 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x140012188 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140012190 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140012198 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
0x1400121a0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
0x1400121a8 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1400121b0 ?good@ios_base@std@@QEBA_NXZ
0x1400121b8 ??7ios_base@std@@QEBA_NXZ
0x1400121c0 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400121c8 ?widen@?$ctype@_W@std@@QEBA_WD@Z
0x1400121d0 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1400121d8 ??Bid@locale@std@@QEAA_KXZ
0x1400121e0 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1400121e8 ?_Winerror_map@std@@YAHH@Z
0x1400121f0 ?_Syserror_map@std@@YAPEBDH@Z
0x1400121f8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
0x140012200 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140012208 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x140012210 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140012218 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x140012220 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140012228 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140012230 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140012238 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140012240 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
0x140012248 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140012250 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140012258 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140012260 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140012268 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140012270 ??1_Lockit@std@@QEAA@XZ
0x140012278 ??0_Lockit@std@@QEAA@H@Z
0x140012280 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140012288 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140012290 ?uncaught_exception@std@@YA_NXZ
0x140012298 ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
0x1400122a0 ?id@?$ctype@_W@std@@2V0locale@2@A
0x1400122a8 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1400122b0 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x1400122b8 ?_Xlength_error@std@@YAXPEBD@Z
0x1400122c0 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400122c8 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x1400122d0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1400122d8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1400122e0 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400122e8 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1400122f0 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x1400122f8 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x140012300 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x140012308 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140012310 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140012318 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x140012320 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x140012328 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
0x140012330 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
0x140012338 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
ntdll.dll
0x140012590 NtQuerySystemInformation
0x140012598 RtlInitUnicodeString
VCRUNTIME140_1.dll
0x1400123b0 __CxxFrameHandler4
VCRUNTIME140.dll
0x140012348 __current_exception_context
0x140012350 __current_exception
0x140012358 _CxxThrowException
0x140012360 __C_specific_handler
0x140012368 __std_terminate
0x140012370 wcsstr
0x140012378 __std_exception_destroy
0x140012380 memcmp
0x140012388 memcpy
0x140012390 memset
0x140012398 __std_exception_copy
0x1400123a0 memmove
api-ms-win-crt-stdio-l1-1-0.dll
0x1400124d8 _set_fmode
0x1400124e0 _fseeki64
0x1400124e8 fread
0x1400124f0 fsetpos
0x1400124f8 _get_stream_buffer_pointers
0x140012500 __p__commode
0x140012508 fputc
0x140012510 setvbuf
0x140012518 fgetpos
0x140012520 fwrite
0x140012528 ungetc
0x140012530 fflush
0x140012538 fgetc
0x140012540 fclose
api-ms-win-crt-utility-l1-1-0.dll
0x140012578 srand
0x140012580 rand
api-ms-win-crt-filesystem-l1-1-0.dll
0x1400123c0 _lock_file
0x1400123c8 _wremove
0x1400123d0 _unlock_file
api-ms-win-crt-string-l1-1-0.dll
0x140012550 _wcsicmp
0x140012558 _stricmp
api-ms-win-crt-time-l1-1-0.dll
0x140012568 _time64
api-ms-win-crt-runtime-l1-1-0.dll
0x140012430 _initialize_onexit_table
0x140012438 _register_onexit_function
0x140012440 _c_exit
0x140012448 _cexit
0x140012450 __p___wargv
0x140012458 __p___argc
0x140012460 _invalid_parameter_noinfo_noreturn
0x140012468 exit
0x140012470 _initterm_e
0x140012478 _initterm
0x140012480 _get_initial_wide_environment
0x140012488 _initialize_wide_environment
0x140012490 _configure_wide_argv
0x140012498 _crt_atexit
0x1400124a0 _set_app_type
0x1400124a8 _seh_filter_exe
0x1400124b0 abort
0x1400124b8 _exit
0x1400124c0 terminate
0x1400124c8 _register_thread_local_exe_atexit_callback
api-ms-win-crt-heap-l1-1-0.dll
0x1400123e0 malloc
0x1400123e8 _set_new_mode
0x1400123f0 _callnewh
0x1400123f8 free
api-ms-win-crt-locale-l1-1-0.dll
0x140012408 _configthreadlocale
0x140012410 ___lc_codepage_func
api-ms-win-crt-math-l1-1-0.dll
0x140012420 __setusermatherr
EAT(Export Address Table) is none