ScreenShot
| Created | 2024.08.30 11:21 | Machine | s1_win7_x6403 |
| Filename | 54.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 46 detected (AIDetectMalware, malicious, high confidence, score, Tedy, Save, Attribute, HighConfidence, DropperX, NK4kB3NEEfD, AGEN, R002C0DFA24, Static AI, Malicious PE, Detected, ai score=84, GPBX, Eldorado, R642790, Krypt, Chgt, susgen, confidence, 100%) | ||
| md5 | 0b1d213e54d820dd3fefa386aa3e1f43 | ||
| sha256 | 0e7ff3739925d9952c557cd8c3454c181549953975cc6241e95a638c52c33dcd | ||
| ssdeep | 12288:vwEh/b02vun/UtniLxUD9HpxZamJNcXo/0:Yw/Q4u/euUDlPZamAXo/ | ||
| imphash | 40029d5e9ef0ec678817a8a6a4ca4414 | ||
| impfuzzy | 96:wW9kt6kB01v75jnCE8t7CAEGXAwJNIeX4J8lOUFIToq3+plDf9N2i9lJNhAjo0kn:wWCAktqes+pfNhAjtLW9 | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 46 AntiVirus engines on VirusTotal as malicious |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Network_Downloader | File Downloader | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x140066110 MultiByteToWideChar
0x140066118 GetEnvironmentVariableA
0x140066120 GetFileType
0x140066128 ReadFile
0x140066130 PeekNamedPipe
0x140066138 WaitForMultipleObjects
0x140066140 CreateFileA
0x140066148 GetFileSizeEx
0x140066150 WideCharToMultiByte
0x140066158 AcquireSRWLockExclusive
0x140066160 WakeAllConditionVariable
0x140066168 QueryPerformanceFrequency
0x140066170 RtlCaptureContext
0x140066178 RtlLookupFunctionEntry
0x140066180 RtlVirtualUnwind
0x140066188 UnhandledExceptionFilter
0x140066190 SetUnhandledExceptionFilter
0x140066198 VerSetConditionMask
0x1400661a0 SleepEx
0x1400661a8 LeaveCriticalSection
0x1400661b0 MoveFileExA
0x1400661b8 FormatMessageA
0x1400661c0 SetLastError
0x1400661c8 LocalFree
0x1400661d0 CloseHandle
0x1400661d8 GetCurrentProcess
0x1400661e0 GetProcessHeap
0x1400661e8 DeleteCriticalSection
0x1400661f0 HeapDestroy
0x1400661f8 HeapAlloc
0x140066200 HeapReAlloc
0x140066208 GetLastError
0x140066210 HeapSize
0x140066218 TerminateProcess
0x140066220 IsProcessorFeaturePresent
0x140066228 GetModuleHandleW
0x140066230 GetCurrentProcessId
0x140066238 GetCurrentThreadId
0x140066240 WaitForSingleObjectEx
0x140066248 GetTickCount
0x140066250 QueryPerformanceCounter
0x140066258 VerifyVersionInfoA
0x140066260 LoadLibraryA
0x140066268 GetProcAddress
0x140066270 GetModuleHandleA
0x140066278 FreeLibrary
0x140066280 EnterCriticalSection
0x140066288 GetSystemTimeAsFileTime
0x140066290 GetSystemDirectoryA
0x140066298 InitializeCriticalSectionEx
0x1400662a0 HeapFree
0x1400662a8 GetConsoleWindow
0x1400662b0 SetConsoleTitleA
0x1400662b8 SetConsoleTextAttribute
0x1400662c0 SetConsoleScreenBufferInfoEx
0x1400662c8 GetConsoleScreenBufferInfoEx
0x1400662d0 SetConsoleMode
0x1400662d8 GetConsoleMode
0x1400662e0 Sleep
0x1400662e8 Beep
0x1400662f0 IsDebuggerPresent
0x1400662f8 SleepConditionVariableSRW
0x140066300 GetStdHandle
0x140066308 InitializeSListHead
0x140066310 OutputDebugStringW
0x140066318 ReleaseSRWLockExclusive
USER32.dll
0x140066448 GetWindowLongA
0x140066450 MoveWindow
0x140066458 GetWindowRect
0x140066460 MessageBoxA
0x140066468 SetWindowLongA
ADVAPI32.dll
0x140066000 CryptEncrypt
0x140066008 GetTokenInformation
0x140066010 GetLengthSid
0x140066018 OpenProcessToken
0x140066020 IsValidSid
0x140066028 CopySid
0x140066030 ConvertSidToStringSidA
0x140066038 CryptAcquireContextA
0x140066040 CryptReleaseContext
0x140066048 CryptGetHashParam
0x140066050 CryptGenRandom
0x140066058 CryptCreateHash
0x140066060 CryptHashData
0x140066068 CryptDestroyHash
0x140066070 CryptDestroyKey
0x140066078 CryptImportKey
SHELL32.dll
0x140066438 ShellExecuteA
MSVCP140.dll
0x140066328 ?_Random_device@std@@YAIXZ
0x140066330 ?id@?$ctype@D@std@@2V0locale@2@A
0x140066338 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x140066340 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140066348 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140066350 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
0x140066358 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140066360 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140066368 ??0_Lockit@std@@QEAA@H@Z
0x140066370 ??1_Lockit@std@@QEAA@XZ
0x140066378 ?_Xlength_error@std@@YAXPEBD@Z
0x140066380 ?_Xout_of_range@std@@YAXPEBD@Z
0x140066388 ?uncaught_exception@std@@YA_NXZ
0x140066390 _Cnd_do_broadcast_at_thread_exit
0x140066398 ?_Throw_Cpp_error@std@@YAXH@Z
0x1400663a0 ??Bid@locale@std@@QEAA_KXZ
0x1400663a8 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x1400663b0 ?_Xbad_function_call@std@@YAXXZ
0x1400663b8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400663c0 ?width@ios_base@std@@QEBA_JXZ
0x1400663c8 ?width@ios_base@std@@QEAA_J_J@Z
0x1400663d0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1400663d8 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400663e0 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x1400663e8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1400663f0 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x1400663f8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x140066400 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x140066408 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140066410 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140066418 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
urlmon.dll
0x140066980 URLDownloadToFileA
Normaliz.dll
0x140066428 IdnToAscii
WLDAP32.dll
0x140066518 None
0x140066520 None
0x140066528 None
0x140066530 None
0x140066538 None
0x140066540 None
0x140066548 None
0x140066550 None
0x140066558 None
0x140066560 None
0x140066568 None
0x140066570 None
0x140066578 None
0x140066580 None
0x140066588 None
0x140066590 None
0x140066598 None
0x1400665a0 None
CRYPT32.dll
0x140066088 CertFreeCertificateChain
0x140066090 CertGetCertificateChain
0x140066098 CertFreeCertificateChainEngine
0x1400660a0 CertCreateCertificateChainEngine
0x1400660a8 CryptQueryObject
0x1400660b0 CertGetNameStringA
0x1400660b8 CertFindExtension
0x1400660c0 CertAddCertificateContextToStore
0x1400660c8 CryptDecodeObjectEx
0x1400660d0 PFXImportCertStore
0x1400660d8 CryptStringToBinaryA
0x1400660e0 CertFreeCertificateContext
0x1400660e8 CertFindCertificateInStore
0x1400660f0 CertEnumCertificatesInStore
0x1400660f8 CertOpenStore
0x140066100 CertCloseStore
WS2_32.dll
0x1400665b0 ntohl
0x1400665b8 gethostname
0x1400665c0 sendto
0x1400665c8 recvfrom
0x1400665d0 freeaddrinfo
0x1400665d8 getaddrinfo
0x1400665e0 select
0x1400665e8 __WSAFDIsSet
0x1400665f0 ioctlsocket
0x1400665f8 listen
0x140066600 htonl
0x140066608 accept
0x140066610 WSACleanup
0x140066618 WSAStartup
0x140066620 WSAIoctl
0x140066628 WSASetLastError
0x140066630 setsockopt
0x140066638 ntohs
0x140066640 htons
0x140066648 getsockopt
0x140066650 getsockname
0x140066658 getpeername
0x140066660 connect
0x140066668 ind
0x140066670 WSAGetLastError
0x140066678 send
0x140066680 recv
0x140066688 closesocket
0x140066690 socket
USERENV.dll
0x140066478 UnloadUserProfile
VCRUNTIME140.dll
0x140066488 __std_exception_copy
0x140066490 __current_exception
0x140066498 __std_exception_destroy
0x1400664a0 _CxxThrowException
0x1400664a8 memcmp
0x1400664b0 __std_terminate
0x1400664b8 memcpy
0x1400664c0 memmove
0x1400664c8 __C_specific_handler
0x1400664d0 __current_exception_context
0x1400664d8 strchr
0x1400664e0 memchr
0x1400664e8 strstr
0x1400664f0 strrchr
0x1400664f8 memset
VCRUNTIME140_1.dll
0x140066508 __CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0.dll
0x140066768 _resetstkoflw
0x140066770 __sys_nerr
0x140066778 _errno
0x140066780 strerror
0x140066788 _invalid_parameter_noinfo_noreturn
0x140066790 exit
0x140066798 _invalid_parameter_noinfo
0x1400667a0 _beginthreadex
0x1400667a8 _getpid
0x1400667b0 system
0x1400667b8 _register_thread_local_exe_atexit_callback
0x1400667c0 _c_exit
0x1400667c8 __p___argv
0x1400667d0 _configure_narrow_argv
0x1400667d8 _initialize_narrow_environment
0x1400667e0 _initialize_onexit_table
0x1400667e8 _register_onexit_function
0x1400667f0 _crt_atexit
0x1400667f8 _cexit
0x140066800 _seh_filter_exe
0x140066808 __p___argc
0x140066810 terminate
0x140066818 _get_initial_narrow_environment
0x140066820 _initterm
0x140066828 _initterm_e
0x140066830 _exit
0x140066838 _set_app_type
api-ms-win-crt-heap-l1-1-0.dll
0x140066700 _callnewh
0x140066708 realloc
0x140066710 calloc
0x140066718 _set_new_mode
0x140066720 malloc
0x140066728 free
api-ms-win-crt-utility-l1-1-0.dll
0x140066968 rand
0x140066970 qsort
api-ms-win-crt-stdio-l1-1-0.dll
0x140066848 fseek
0x140066850 __stdio_common_vfprintf
0x140066858 __acrt_iob_func
0x140066860 ftell
0x140066868 __stdio_common_vsscanf
0x140066870 __p__commode
0x140066878 feof
0x140066880 fputs
0x140066888 fopen
0x140066890 _read
0x140066898 _write
0x1400668a0 _close
0x1400668a8 _open
0x1400668b0 _lseeki64
0x1400668b8 fclose
0x1400668c0 fgets
0x1400668c8 fflush
0x1400668d0 __stdio_common_vsprintf
0x1400668d8 fwrite
0x1400668e0 fputc
0x1400668e8 _set_fmode
0x1400668f0 fread
api-ms-win-crt-convert-l1-1-0.dll
0x1400666a0 atoi
0x1400666a8 strtol
0x1400666b0 strtoul
0x1400666b8 strtoull
0x1400666c0 strtod
0x1400666c8 strtoll
api-ms-win-crt-locale-l1-1-0.dll
0x140066738 localeconv
0x140066740 _configthreadlocale
api-ms-win-crt-time-l1-1-0.dll
0x140066950 _time64
0x140066958 _gmtime64
api-ms-win-crt-string-l1-1-0.dll
0x140066900 strncmp
0x140066908 strpbrk
0x140066910 strspn
0x140066918 strncpy
0x140066920 strcmp
0x140066928 _strdup
0x140066930 strcspn
0x140066938 tolower
0x140066940 isupper
api-ms-win-crt-filesystem-l1-1-0.dll
0x1400666d8 _fstat64
0x1400666e0 _stat64
0x1400666e8 _unlink
0x1400666f0 _access
api-ms-win-crt-math-l1-1-0.dll
0x140066750 __setusermatherr
0x140066758 _dclass
EAT(Export Address Table) is none
KERNEL32.dll
0x140066110 MultiByteToWideChar
0x140066118 GetEnvironmentVariableA
0x140066120 GetFileType
0x140066128 ReadFile
0x140066130 PeekNamedPipe
0x140066138 WaitForMultipleObjects
0x140066140 CreateFileA
0x140066148 GetFileSizeEx
0x140066150 WideCharToMultiByte
0x140066158 AcquireSRWLockExclusive
0x140066160 WakeAllConditionVariable
0x140066168 QueryPerformanceFrequency
0x140066170 RtlCaptureContext
0x140066178 RtlLookupFunctionEntry
0x140066180 RtlVirtualUnwind
0x140066188 UnhandledExceptionFilter
0x140066190 SetUnhandledExceptionFilter
0x140066198 VerSetConditionMask
0x1400661a0 SleepEx
0x1400661a8 LeaveCriticalSection
0x1400661b0 MoveFileExA
0x1400661b8 FormatMessageA
0x1400661c0 SetLastError
0x1400661c8 LocalFree
0x1400661d0 CloseHandle
0x1400661d8 GetCurrentProcess
0x1400661e0 GetProcessHeap
0x1400661e8 DeleteCriticalSection
0x1400661f0 HeapDestroy
0x1400661f8 HeapAlloc
0x140066200 HeapReAlloc
0x140066208 GetLastError
0x140066210 HeapSize
0x140066218 TerminateProcess
0x140066220 IsProcessorFeaturePresent
0x140066228 GetModuleHandleW
0x140066230 GetCurrentProcessId
0x140066238 GetCurrentThreadId
0x140066240 WaitForSingleObjectEx
0x140066248 GetTickCount
0x140066250 QueryPerformanceCounter
0x140066258 VerifyVersionInfoA
0x140066260 LoadLibraryA
0x140066268 GetProcAddress
0x140066270 GetModuleHandleA
0x140066278 FreeLibrary
0x140066280 EnterCriticalSection
0x140066288 GetSystemTimeAsFileTime
0x140066290 GetSystemDirectoryA
0x140066298 InitializeCriticalSectionEx
0x1400662a0 HeapFree
0x1400662a8 GetConsoleWindow
0x1400662b0 SetConsoleTitleA
0x1400662b8 SetConsoleTextAttribute
0x1400662c0 SetConsoleScreenBufferInfoEx
0x1400662c8 GetConsoleScreenBufferInfoEx
0x1400662d0 SetConsoleMode
0x1400662d8 GetConsoleMode
0x1400662e0 Sleep
0x1400662e8 Beep
0x1400662f0 IsDebuggerPresent
0x1400662f8 SleepConditionVariableSRW
0x140066300 GetStdHandle
0x140066308 InitializeSListHead
0x140066310 OutputDebugStringW
0x140066318 ReleaseSRWLockExclusive
USER32.dll
0x140066448 GetWindowLongA
0x140066450 MoveWindow
0x140066458 GetWindowRect
0x140066460 MessageBoxA
0x140066468 SetWindowLongA
ADVAPI32.dll
0x140066000 CryptEncrypt
0x140066008 GetTokenInformation
0x140066010 GetLengthSid
0x140066018 OpenProcessToken
0x140066020 IsValidSid
0x140066028 CopySid
0x140066030 ConvertSidToStringSidA
0x140066038 CryptAcquireContextA
0x140066040 CryptReleaseContext
0x140066048 CryptGetHashParam
0x140066050 CryptGenRandom
0x140066058 CryptCreateHash
0x140066060 CryptHashData
0x140066068 CryptDestroyHash
0x140066070 CryptDestroyKey
0x140066078 CryptImportKey
SHELL32.dll
0x140066438 ShellExecuteA
MSVCP140.dll
0x140066328 ?_Random_device@std@@YAIXZ
0x140066330 ?id@?$ctype@D@std@@2V0locale@2@A
0x140066338 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x140066340 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140066348 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140066350 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
0x140066358 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140066360 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140066368 ??0_Lockit@std@@QEAA@H@Z
0x140066370 ??1_Lockit@std@@QEAA@XZ
0x140066378 ?_Xlength_error@std@@YAXPEBD@Z
0x140066380 ?_Xout_of_range@std@@YAXPEBD@Z
0x140066388 ?uncaught_exception@std@@YA_NXZ
0x140066390 _Cnd_do_broadcast_at_thread_exit
0x140066398 ?_Throw_Cpp_error@std@@YAXH@Z
0x1400663a0 ??Bid@locale@std@@QEAA_KXZ
0x1400663a8 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x1400663b0 ?_Xbad_function_call@std@@YAXXZ
0x1400663b8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1400663c0 ?width@ios_base@std@@QEBA_JXZ
0x1400663c8 ?width@ios_base@std@@QEAA_J_J@Z
0x1400663d0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1400663d8 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1400663e0 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x1400663e8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1400663f0 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x1400663f8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x140066400 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x140066408 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140066410 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140066418 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
urlmon.dll
0x140066980 URLDownloadToFileA
Normaliz.dll
0x140066428 IdnToAscii
WLDAP32.dll
0x140066518 None
0x140066520 None
0x140066528 None
0x140066530 None
0x140066538 None
0x140066540 None
0x140066548 None
0x140066550 None
0x140066558 None
0x140066560 None
0x140066568 None
0x140066570 None
0x140066578 None
0x140066580 None
0x140066588 None
0x140066590 None
0x140066598 None
0x1400665a0 None
CRYPT32.dll
0x140066088 CertFreeCertificateChain
0x140066090 CertGetCertificateChain
0x140066098 CertFreeCertificateChainEngine
0x1400660a0 CertCreateCertificateChainEngine
0x1400660a8 CryptQueryObject
0x1400660b0 CertGetNameStringA
0x1400660b8 CertFindExtension
0x1400660c0 CertAddCertificateContextToStore
0x1400660c8 CryptDecodeObjectEx
0x1400660d0 PFXImportCertStore
0x1400660d8 CryptStringToBinaryA
0x1400660e0 CertFreeCertificateContext
0x1400660e8 CertFindCertificateInStore
0x1400660f0 CertEnumCertificatesInStore
0x1400660f8 CertOpenStore
0x140066100 CertCloseStore
WS2_32.dll
0x1400665b0 ntohl
0x1400665b8 gethostname
0x1400665c0 sendto
0x1400665c8 recvfrom
0x1400665d0 freeaddrinfo
0x1400665d8 getaddrinfo
0x1400665e0 select
0x1400665e8 __WSAFDIsSet
0x1400665f0 ioctlsocket
0x1400665f8 listen
0x140066600 htonl
0x140066608 accept
0x140066610 WSACleanup
0x140066618 WSAStartup
0x140066620 WSAIoctl
0x140066628 WSASetLastError
0x140066630 setsockopt
0x140066638 ntohs
0x140066640 htons
0x140066648 getsockopt
0x140066650 getsockname
0x140066658 getpeername
0x140066660 connect
0x140066668 ind
0x140066670 WSAGetLastError
0x140066678 send
0x140066680 recv
0x140066688 closesocket
0x140066690 socket
USERENV.dll
0x140066478 UnloadUserProfile
VCRUNTIME140.dll
0x140066488 __std_exception_copy
0x140066490 __current_exception
0x140066498 __std_exception_destroy
0x1400664a0 _CxxThrowException
0x1400664a8 memcmp
0x1400664b0 __std_terminate
0x1400664b8 memcpy
0x1400664c0 memmove
0x1400664c8 __C_specific_handler
0x1400664d0 __current_exception_context
0x1400664d8 strchr
0x1400664e0 memchr
0x1400664e8 strstr
0x1400664f0 strrchr
0x1400664f8 memset
VCRUNTIME140_1.dll
0x140066508 __CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0.dll
0x140066768 _resetstkoflw
0x140066770 __sys_nerr
0x140066778 _errno
0x140066780 strerror
0x140066788 _invalid_parameter_noinfo_noreturn
0x140066790 exit
0x140066798 _invalid_parameter_noinfo
0x1400667a0 _beginthreadex
0x1400667a8 _getpid
0x1400667b0 system
0x1400667b8 _register_thread_local_exe_atexit_callback
0x1400667c0 _c_exit
0x1400667c8 __p___argv
0x1400667d0 _configure_narrow_argv
0x1400667d8 _initialize_narrow_environment
0x1400667e0 _initialize_onexit_table
0x1400667e8 _register_onexit_function
0x1400667f0 _crt_atexit
0x1400667f8 _cexit
0x140066800 _seh_filter_exe
0x140066808 __p___argc
0x140066810 terminate
0x140066818 _get_initial_narrow_environment
0x140066820 _initterm
0x140066828 _initterm_e
0x140066830 _exit
0x140066838 _set_app_type
api-ms-win-crt-heap-l1-1-0.dll
0x140066700 _callnewh
0x140066708 realloc
0x140066710 calloc
0x140066718 _set_new_mode
0x140066720 malloc
0x140066728 free
api-ms-win-crt-utility-l1-1-0.dll
0x140066968 rand
0x140066970 qsort
api-ms-win-crt-stdio-l1-1-0.dll
0x140066848 fseek
0x140066850 __stdio_common_vfprintf
0x140066858 __acrt_iob_func
0x140066860 ftell
0x140066868 __stdio_common_vsscanf
0x140066870 __p__commode
0x140066878 feof
0x140066880 fputs
0x140066888 fopen
0x140066890 _read
0x140066898 _write
0x1400668a0 _close
0x1400668a8 _open
0x1400668b0 _lseeki64
0x1400668b8 fclose
0x1400668c0 fgets
0x1400668c8 fflush
0x1400668d0 __stdio_common_vsprintf
0x1400668d8 fwrite
0x1400668e0 fputc
0x1400668e8 _set_fmode
0x1400668f0 fread
api-ms-win-crt-convert-l1-1-0.dll
0x1400666a0 atoi
0x1400666a8 strtol
0x1400666b0 strtoul
0x1400666b8 strtoull
0x1400666c0 strtod
0x1400666c8 strtoll
api-ms-win-crt-locale-l1-1-0.dll
0x140066738 localeconv
0x140066740 _configthreadlocale
api-ms-win-crt-time-l1-1-0.dll
0x140066950 _time64
0x140066958 _gmtime64
api-ms-win-crt-string-l1-1-0.dll
0x140066900 strncmp
0x140066908 strpbrk
0x140066910 strspn
0x140066918 strncpy
0x140066920 strcmp
0x140066928 _strdup
0x140066930 strcspn
0x140066938 tolower
0x140066940 isupper
api-ms-win-crt-filesystem-l1-1-0.dll
0x1400666d8 _fstat64
0x1400666e0 _stat64
0x1400666e8 _unlink
0x1400666f0 _access
api-ms-win-crt-math-l1-1-0.dll
0x140066750 __setusermatherr
0x140066758 _dclass
EAT(Export Address Table) is none