ScreenShot
| Created | 2024.09.03 08:55 | Machine | s1_win7_x6401 |
| Filename | smartscreen.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 7e1fa0f93773dc8861a92279b7db03c6 | ||
| sha256 | 59f55834d9aec7059e957c376af57f71a8028d057b194a5567d1d95b4d7d4f6e | ||
| ssdeep | 49152:WM+vPLK5GDSaaec3RfBhmvPX4y3VLuxuMvAKrTZrNyAk2dEzkhT8pPDzVVod8ItK:O/NjVqxdAGTZ10t | ||
| imphash | a6946169c4cd1205bb1ce51a61841237 | ||
| impfuzzy | 192:nPTsX9WNrfo2LV5gsXcuhvjalmb8jIBecx4Yoy2wFH1pW:QX9or5gy78jIBeciw22VpW | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | This executable has a PDB path |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x140117000 GetTokenInformation
0x140117008 DuplicateTokenEx
0x140117010 SetThreadToken
0x140117018 OpenProcessToken
0x140117020 LookupPrivilegeValueA
0x140117028 SetTokenInformation
0x140117030 PrivilegeCheck
0x140117038 CreateProcessAsUserA
0x140117040 RevertToSelf
0x140117048 RegOpenKeyW
0x140117050 RegCreateKeyW
0x140117058 RegDeleteTreeW
0x140117060 RegCloseKey
0x140117068 RegSetKeyValueW
0x140117070 CryptAcquireContextA
0x140117078 ConvertSidToStringSidA
0x140117080 CopySid
0x140117088 SetSecurityInfo
0x140117090 IsValidSid
0x140117098 InitializeAcl
0x1401170a0 GetLengthSid
0x1401170a8 AddAccessAllowedAce
0x1401170b0 CryptEncrypt
0x1401170b8 CryptImportKey
0x1401170c0 CryptDestroyKey
0x1401170c8 CryptDestroyHash
0x1401170d0 CryptHashData
0x1401170d8 CryptCreateHash
0x1401170e0 CryptGenRandom
0x1401170e8 CryptGetHashParam
0x1401170f0 CryptReleaseContext
d3dx11_43.dll
0x140118048 D3DX11CreateShaderResourceViewFromMemory
KERNEL32.dll
0x1401171c0 WaitForSingleObjectEx
0x1401171c8 GetEnvironmentVariableA
0x1401171d0 GetStdHandle
0x1401171d8 GetFileType
0x1401171e0 ReadFile
0x1401171e8 PeekNamedPipe
0x1401171f0 WaitForMultipleObjects
0x1401171f8 SetLastError
0x140117200 FormatMessageA
0x140117208 CreateFileA
0x140117210 GetFileSizeEx
0x140117218 GlobalFree
0x140117220 GlobalAlloc
0x140117228 FindClose
0x140117230 FindNextFileA
0x140117238 FindFirstFileA
0x140117240 GetTempPathW
0x140117248 GetCurrentThreadId
0x140117250 CreateFileW
0x140117258 VirtualAlloc
0x140117260 DeviceIoControl
0x140117268 VirtualFree
0x140117270 GetProcAddress
0x140117278 LoadLibraryA
0x140117280 GetModuleHandleA
0x140117288 SleepEx
0x140117290 AllocConsole
0x140117298 GetConsoleWindow
0x1401172a0 GetCurrentProcessId
0x1401172a8 ExitProcess
0x1401172b0 GetStartupInfoA
0x1401172b8 Beep
0x1401172c0 FreeConsole
0x1401172c8 CloseHandle
0x1401172d0 Process32Next
0x1401172d8 GetLastError
0x1401172e0 Sleep
0x1401172e8 CreateToolhelp32Snapshot
0x1401172f0 GetCommandLineA
0x1401172f8 OpenProcess
0x140117300 GetCurrentProcess
0x140117308 SetConsoleTitleA
0x140117310 Process32First
0x140117318 HeapDestroy
0x140117320 HeapAlloc
0x140117328 HeapReAlloc
0x140117330 HeapFree
0x140117338 HeapSize
0x140117340 GetProcessHeap
0x140117348 CreateThread
0x140117350 VirtualProtect
0x140117358 CreateFileMappingW
0x140117360 MapViewOfFile
0x140117368 UnmapViewOfFile
0x140117370 GetModuleFileNameA
0x140117378 GetModuleFileNameW
0x140117380 GetTickCount
0x140117388 QueryFullProcessImageNameW
0x140117390 LocalFree
0x140117398 ReleaseSRWLockExclusive
0x1401173a0 LeaveCriticalSection
0x1401173a8 EnterCriticalSection
0x1401173b0 SetPriorityClass
0x1401173b8 GetTickCount64
0x1401173c0 AcquireSRWLockExclusive
0x1401173c8 SleepConditionVariableSRW
0x1401173d0 GetLocaleInfoEx
0x1401173d8 GetCurrentDirectoryW
0x1401173e0 CreateDirectoryW
0x1401173e8 FindFirstFileW
0x1401173f0 GetFileAttributesExW
0x1401173f8 AreFileApisANSI
0x140117400 GetFileInformationByHandleEx
0x140117408 RtlCaptureContext
0x140117410 RtlLookupFunctionEntry
0x140117418 RtlVirtualUnwind
0x140117420 UnhandledExceptionFilter
0x140117428 SetUnhandledExceptionFilter
0x140117430 TerminateProcess
0x140117438 IsProcessorFeaturePresent
0x140117440 VerifyVersionInfoA
0x140117448 GlobalLock
0x140117450 CreateDirectoryA
0x140117458 GlobalUnlock
0x140117460 MultiByteToWideChar
0x140117468 WideCharToMultiByte
0x140117470 GetLocaleInfoA
0x140117478 QueryPerformanceFrequency
0x140117480 VerSetConditionMask
0x140117488 WakeAllConditionVariable
0x140117490 IsDebuggerPresent
0x140117498 GetStartupInfoW
0x1401174a0 GetSystemTimeAsFileTime
0x1401174a8 InitializeSListHead
0x1401174b0 FreeLibrary
0x1401174b8 QueryPerformanceCounter
0x1401174c0 MoveFileExA
0x1401174c8 GetSystemDirectoryA
0x1401174d0 InitializeCriticalSectionEx
0x1401174d8 DeleteCriticalSection
0x1401174e0 GetModuleHandleW
0x1401174e8 OutputDebugStringW
USER32.dll
0x140117888 GetWindowPlacement
0x140117890 SetCursorPos
0x140117898 ReleaseCapture
0x1401178a0 ShowWindow
0x1401178a8 IsWindow
0x1401178b0 IsWindowUnicode
0x1401178b8 GetClientRect
0x1401178c0 SetWindowLongA
0x1401178c8 GetWindowLongA
0x1401178d0 PeekMessageA
0x1401178d8 GetForegroundWindow
0x1401178e0 SetWindowDisplayAffinity
0x1401178e8 GetMonitorInfoA
0x1401178f0 SetForegroundWindow
0x1401178f8 UnregisterClassW
0x140117900 SetCapture
0x140117908 EmptyClipboard
0x140117910 CloseClipboard
0x140117918 MonitorFromWindow
0x140117920 GetCursorPos
0x140117928 SetWindowPos
0x140117930 GetWindowLongPtrA
0x140117938 MessageBoxA
0x140117940 GetKeyboardLayout
0x140117948 DispatchMessageA
0x140117950 DefWindowProcA
0x140117958 SetLayeredWindowAttributes
0x140117960 TranslateMessage
0x140117968 UpdateWindow
0x140117970 TrackMouseEvent
0x140117978 GetClipboardData
0x140117980 SetWindowLongPtrA
0x140117988 SetClipboardData
0x140117990 RegisterClassExW
0x140117998 GetAsyncKeyState
0x1401179a0 OpenClipboard
0x1401179a8 ClientToScreen
0x1401179b0 SendInput
0x1401179b8 SetCursor
0x1401179c0 SendMessageA
0x1401179c8 GetKeyState
0x1401179d0 GetMessageExtraInfo
0x1401179d8 LoadCursorA
0x1401179e0 PostQuitMessage
0x1401179e8 FindWindowA
0x1401179f0 ScreenToClient
0x1401179f8 GetCapture
SHELL32.dll
0x140117850 ShellExecuteA
0x140117858 SHParseDisplayName
0x140117860 SHGetFolderPathA
0x140117868 SHOpenFolderAndSelectItems
ole32.dll
0x140118098 CoInitializeEx
MSVCP140.dll
0x1401174f8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140117500 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140117508 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140117510 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x140117518 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117520 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140117528 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140117530 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140117538 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140117540 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140117548 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140117550 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140117558 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140117560 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140117568 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117570 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117578 ?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
0x140117580 ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140117588 ?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
0x140117590 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140117598 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401175a0 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1401175a8 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x1401175b0 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401175b8 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
0x1401175c0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1401175c8 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x1401175d0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1401175d8 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1401175e0 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1401175e8 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x1401175f0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x1401175f8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
0x140117600 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
0x140117608 ??7ios_base@std@@QEBA_NXZ
0x140117610 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x140117618 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
0x140117620 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
0x140117628 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140117630 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140117638 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140117640 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117648 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x140117650 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x140117658 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140117660 ?_Winerror_map@std@@YAHH@Z
0x140117668 ?_Syserror_map@std@@YAPEBDH@Z
0x140117670 ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
0x140117678 ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
0x140117680 ?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
0x140117688 ?_Throw_Cpp_error@std@@YAXH@Z
0x140117690 _Cnd_do_broadcast_at_thread_exit
0x140117698 _Thrd_detach
0x1401176a0 _Mtx_lock
0x1401176a8 _Mtx_unlock
0x1401176b0 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x1401176b8 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1401176c0 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401176c8 ?id@?$ctype@D@std@@2V0locale@2@A
0x1401176d0 _Query_perf_frequency
0x1401176d8 ??1_Lockit@std@@QEAA@XZ
0x1401176e0 ??0_Lockit@std@@QEAA@H@Z
0x1401176e8 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1401176f0 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x1401176f8 ?uncaught_exception@std@@YA_NXZ
0x140117700 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140117708 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
0x140117710 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x140117718 ?_Xbad_function_call@std@@YAXXZ
0x140117720 ?_Xout_of_range@std@@YAXPEBD@Z
0x140117728 ??Bid@locale@std@@QEAA_KXZ
0x140117730 ?widen@?$ctype@_W@std@@QEBA_WD@Z
0x140117738 ?_Xbad_alloc@std@@YAXXZ
0x140117740 ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
0x140117748 ?id@?$ctype@_W@std@@2V0locale@2@A
0x140117750 ?_Xlength_error@std@@YAXPEBD@Z
0x140117758 _Query_perf_counter
0x140117760 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140117768 ?good@ios_base@std@@QEBA_NXZ
0x140117770 ?width@ios_base@std@@QEBA_JXZ
0x140117778 ?width@ios_base@std@@QEAA_J_J@Z
0x140117780 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x140117788 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140117790 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140117798 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x1401177a0 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1401177a8 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x1401177b0 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x1401177b8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1401177c0 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x1401177c8 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x1401177d0 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x1401177d8 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
0x1401177e0 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x1401177e8 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x1401177f0 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
0x1401177f8 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x140117800 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
d3d11.dll
0x140118038 D3D11CreateDeviceAndSwapChain
d3dx9_43.dll
0x140118058 D3DXMatrixTranspose
0x140118060 D3DXVec3Transform
ntdll.dll
0x140118080 RtlInitUnicodeString
0x140118088 NtQuerySystemInformation
IMM32.dll
0x140117198 ImmGetContext
0x1401171a0 ImmSetCompositionWindow
0x1401171a8 ImmReleaseContext
0x1401171b0 ImmSetCandidateWindow
D3DCOMPILER_43.dll
0x140117188 D3DCompile
dwmapi.dll
0x140118070 DwmExtendFrameIntoClientArea
SHLWAPI.dll
0x140117878 PathFindFileNameW
RPCRT4.dll
0x140117830 UuidToStringA
0x140117838 UuidCreate
0x140117840 RpcStringFreeA
PSAPI.DLL
0x140117820 GetModuleInformation
USERENV.dll
0x140117a08 UnloadUserProfile
VCRUNTIME140_1.dll
0x140117aa8 __CxxFrameHandler4
VCRUNTIME140.dll
0x140117a18 __std_exception_copy
0x140117a20 __std_terminate
0x140117a28 _purecall
0x140117a30 wcsstr
0x140117a38 strstr
0x140117a40 memcpy
0x140117a48 memset
0x140117a50 strchr
0x140117a58 strrchr
0x140117a60 memmove
0x140117a68 memcmp
0x140117a70 memchr
0x140117a78 _CxxThrowException
0x140117a80 __current_exception
0x140117a88 __current_exception_context
0x140117a90 __C_specific_handler
0x140117a98 __std_exception_destroy
api-ms-win-crt-runtime-l1-1-0.dll
0x140117d98 exit
0x140117da0 _beginthreadex
0x140117da8 _invalid_parameter_noinfo_noreturn
0x140117db0 _errno
0x140117db8 _getpid
0x140117dc0 system
0x140117dc8 terminate
0x140117dd0 strerror
0x140117dd8 __sys_nerr
0x140117de0 _invalid_parameter_noinfo
0x140117de8 _register_thread_local_exe_atexit_callback
0x140117df0 _c_exit
0x140117df8 _resetstkoflw
0x140117e00 _exit
0x140117e08 _initterm_e
0x140117e10 _initterm
0x140117e18 _get_narrow_winmain_command_line
0x140117e20 _set_app_type
0x140117e28 _seh_filter_exe
0x140117e30 _cexit
0x140117e38 _crt_atexit
0x140117e40 _register_onexit_function
0x140117e48 _initialize_onexit_table
0x140117e50 _initialize_narrow_environment
0x140117e58 _configure_narrow_argv
0x140117e60 abort
api-ms-win-crt-heap-l1-1-0.dll
0x140117cd8 realloc
0x140117ce0 _callnewh
0x140117ce8 _set_new_mode
0x140117cf0 malloc
0x140117cf8 free
0x140117d00 calloc
api-ms-win-crt-stdio-l1-1-0.dll
0x140117e70 __acrt_iob_func
0x140117e78 _popen
0x140117e80 freopen_s
0x140117e88 __p__commode
0x140117e90 _set_fmode
0x140117e98 _pclose
0x140117ea0 __stdio_common_vsprintf
0x140117ea8 fputc
0x140117eb0 fflush
0x140117eb8 fclose
0x140117ec0 _lseeki64
0x140117ec8 fgetc
0x140117ed0 fwrite
0x140117ed8 fgets
0x140117ee0 fgetpos
0x140117ee8 _read
0x140117ef0 feof
0x140117ef8 fputs
0x140117f00 fopen
0x140117f08 setvbuf
0x140117f10 _write
0x140117f18 _close
0x140117f20 _open
0x140117f28 ungetc
0x140117f30 fsetpos
0x140117f38 fread
0x140117f40 _fseeki64
0x140117f48 __stdio_common_vsscanf
0x140117f50 _wfopen
0x140117f58 _get_stream_buffer_pointers
0x140117f60 ftell
0x140117f68 __stdio_common_vfprintf
0x140117f70 fseek
api-ms-win-crt-string-l1-1-0.dll
0x140117f80 strncpy
0x140117f88 strncmp
0x140117f90 _wcsicmp
0x140117f98 toupper
0x140117fa0 tolower
0x140117fa8 _stricmp
0x140117fb0 isupper
0x140117fb8 strpbrk
0x140117fc0 _strdup
0x140117fc8 strcmp
0x140117fd0 strcspn
0x140117fd8 strspn
api-ms-win-crt-multibyte-l1-1-0.dll
0x140117d88 _mbsicmp
api-ms-win-crt-math-l1-1-0.dll
0x140117d30 logf
0x140117d38 __setusermatherr
0x140117d40 pow
0x140117d48 _dsign
0x140117d50 powf
0x140117d58 _dclass
0x140117d60 acosf
0x140117d68 fmodf
0x140117d70 log
0x140117d78 lround
api-ms-win-crt-convert-l1-1-0.dll
0x140117c40 strtod
0x140117c48 strtol
0x140117c50 atoi
0x140117c58 strtoul
0x140117c60 atof
0x140117c68 strtoll
0x140117c70 strtoull
api-ms-win-crt-utility-l1-1-0.dll
0x140118018 rand
0x140118020 srand
0x140118028 qsort
api-ms-win-crt-locale-l1-1-0.dll
0x140117d10 ___lc_codepage_func
0x140117d18 _configthreadlocale
0x140117d20 localeconv
api-ms-win-crt-time-l1-1-0.dll
0x140117fe8 _localtime64
0x140117ff0 _time64
0x140117ff8 _difftime64
0x140118000 _gmtime64
0x140118008 strftime
api-ms-win-crt-filesystem-l1-1-0.dll
0x140117c90 _stat64
0x140117c98 remove
0x140117ca0 _unlock_file
0x140117ca8 _fstat64
0x140117cb0 _wremove
0x140117cb8 _lock_file
0x140117cc0 _access
0x140117cc8 _unlink
api-ms-win-crt-environment-l1-1-0.dll
0x140117c80 getenv
Normaliz.dll
0x140117810 IdnToAscii
WS2_32.dll
0x140117b50 ntohl
0x140117b58 gethostname
0x140117b60 sendto
0x140117b68 recvfrom
0x140117b70 freeaddrinfo
0x140117b78 getaddrinfo
0x140117b80 select
0x140117b88 __WSAFDIsSet
0x140117b90 ioctlsocket
0x140117b98 listen
0x140117ba0 htonl
0x140117ba8 accept
0x140117bb0 WSACleanup
0x140117bb8 WSAStartup
0x140117bc0 WSAIoctl
0x140117bc8 ntohs
0x140117bd0 WSASetLastError
0x140117bd8 socket
0x140117be0 setsockopt
0x140117be8 htons
0x140117bf0 getsockopt
0x140117bf8 getsockname
0x140117c00 getpeername
0x140117c08 connect
0x140117c10 ind
0x140117c18 closesocket
0x140117c20 recv
0x140117c28 send
0x140117c30 WSAGetLastError
WLDAP32.dll
0x140117ab8 None
0x140117ac0 None
0x140117ac8 None
0x140117ad0 None
0x140117ad8 None
0x140117ae0 None
0x140117ae8 None
0x140117af0 None
0x140117af8 None
0x140117b00 None
0x140117b08 None
0x140117b10 None
0x140117b18 None
0x140117b20 None
0x140117b28 None
0x140117b30 None
0x140117b38 None
0x140117b40 None
CRYPT32.dll
0x140117100 CertOpenStore
0x140117108 CertFreeCertificateChain
0x140117110 CertGetCertificateChain
0x140117118 CertFreeCertificateChainEngine
0x140117120 CertCreateCertificateChainEngine
0x140117128 CryptQueryObject
0x140117130 CertGetNameStringA
0x140117138 CertFindExtension
0x140117140 CertAddCertificateContextToStore
0x140117148 CryptDecodeObjectEx
0x140117150 PFXImportCertStore
0x140117158 CryptStringToBinaryA
0x140117160 CertFreeCertificateContext
0x140117168 CertFindCertificateInStore
0x140117170 CertEnumCertificatesInStore
0x140117178 CertCloseStore
EAT(Export Address Table) is none
ADVAPI32.dll
0x140117000 GetTokenInformation
0x140117008 DuplicateTokenEx
0x140117010 SetThreadToken
0x140117018 OpenProcessToken
0x140117020 LookupPrivilegeValueA
0x140117028 SetTokenInformation
0x140117030 PrivilegeCheck
0x140117038 CreateProcessAsUserA
0x140117040 RevertToSelf
0x140117048 RegOpenKeyW
0x140117050 RegCreateKeyW
0x140117058 RegDeleteTreeW
0x140117060 RegCloseKey
0x140117068 RegSetKeyValueW
0x140117070 CryptAcquireContextA
0x140117078 ConvertSidToStringSidA
0x140117080 CopySid
0x140117088 SetSecurityInfo
0x140117090 IsValidSid
0x140117098 InitializeAcl
0x1401170a0 GetLengthSid
0x1401170a8 AddAccessAllowedAce
0x1401170b0 CryptEncrypt
0x1401170b8 CryptImportKey
0x1401170c0 CryptDestroyKey
0x1401170c8 CryptDestroyHash
0x1401170d0 CryptHashData
0x1401170d8 CryptCreateHash
0x1401170e0 CryptGenRandom
0x1401170e8 CryptGetHashParam
0x1401170f0 CryptReleaseContext
d3dx11_43.dll
0x140118048 D3DX11CreateShaderResourceViewFromMemory
KERNEL32.dll
0x1401171c0 WaitForSingleObjectEx
0x1401171c8 GetEnvironmentVariableA
0x1401171d0 GetStdHandle
0x1401171d8 GetFileType
0x1401171e0 ReadFile
0x1401171e8 PeekNamedPipe
0x1401171f0 WaitForMultipleObjects
0x1401171f8 SetLastError
0x140117200 FormatMessageA
0x140117208 CreateFileA
0x140117210 GetFileSizeEx
0x140117218 GlobalFree
0x140117220 GlobalAlloc
0x140117228 FindClose
0x140117230 FindNextFileA
0x140117238 FindFirstFileA
0x140117240 GetTempPathW
0x140117248 GetCurrentThreadId
0x140117250 CreateFileW
0x140117258 VirtualAlloc
0x140117260 DeviceIoControl
0x140117268 VirtualFree
0x140117270 GetProcAddress
0x140117278 LoadLibraryA
0x140117280 GetModuleHandleA
0x140117288 SleepEx
0x140117290 AllocConsole
0x140117298 GetConsoleWindow
0x1401172a0 GetCurrentProcessId
0x1401172a8 ExitProcess
0x1401172b0 GetStartupInfoA
0x1401172b8 Beep
0x1401172c0 FreeConsole
0x1401172c8 CloseHandle
0x1401172d0 Process32Next
0x1401172d8 GetLastError
0x1401172e0 Sleep
0x1401172e8 CreateToolhelp32Snapshot
0x1401172f0 GetCommandLineA
0x1401172f8 OpenProcess
0x140117300 GetCurrentProcess
0x140117308 SetConsoleTitleA
0x140117310 Process32First
0x140117318 HeapDestroy
0x140117320 HeapAlloc
0x140117328 HeapReAlloc
0x140117330 HeapFree
0x140117338 HeapSize
0x140117340 GetProcessHeap
0x140117348 CreateThread
0x140117350 VirtualProtect
0x140117358 CreateFileMappingW
0x140117360 MapViewOfFile
0x140117368 UnmapViewOfFile
0x140117370 GetModuleFileNameA
0x140117378 GetModuleFileNameW
0x140117380 GetTickCount
0x140117388 QueryFullProcessImageNameW
0x140117390 LocalFree
0x140117398 ReleaseSRWLockExclusive
0x1401173a0 LeaveCriticalSection
0x1401173a8 EnterCriticalSection
0x1401173b0 SetPriorityClass
0x1401173b8 GetTickCount64
0x1401173c0 AcquireSRWLockExclusive
0x1401173c8 SleepConditionVariableSRW
0x1401173d0 GetLocaleInfoEx
0x1401173d8 GetCurrentDirectoryW
0x1401173e0 CreateDirectoryW
0x1401173e8 FindFirstFileW
0x1401173f0 GetFileAttributesExW
0x1401173f8 AreFileApisANSI
0x140117400 GetFileInformationByHandleEx
0x140117408 RtlCaptureContext
0x140117410 RtlLookupFunctionEntry
0x140117418 RtlVirtualUnwind
0x140117420 UnhandledExceptionFilter
0x140117428 SetUnhandledExceptionFilter
0x140117430 TerminateProcess
0x140117438 IsProcessorFeaturePresent
0x140117440 VerifyVersionInfoA
0x140117448 GlobalLock
0x140117450 CreateDirectoryA
0x140117458 GlobalUnlock
0x140117460 MultiByteToWideChar
0x140117468 WideCharToMultiByte
0x140117470 GetLocaleInfoA
0x140117478 QueryPerformanceFrequency
0x140117480 VerSetConditionMask
0x140117488 WakeAllConditionVariable
0x140117490 IsDebuggerPresent
0x140117498 GetStartupInfoW
0x1401174a0 GetSystemTimeAsFileTime
0x1401174a8 InitializeSListHead
0x1401174b0 FreeLibrary
0x1401174b8 QueryPerformanceCounter
0x1401174c0 MoveFileExA
0x1401174c8 GetSystemDirectoryA
0x1401174d0 InitializeCriticalSectionEx
0x1401174d8 DeleteCriticalSection
0x1401174e0 GetModuleHandleW
0x1401174e8 OutputDebugStringW
USER32.dll
0x140117888 GetWindowPlacement
0x140117890 SetCursorPos
0x140117898 ReleaseCapture
0x1401178a0 ShowWindow
0x1401178a8 IsWindow
0x1401178b0 IsWindowUnicode
0x1401178b8 GetClientRect
0x1401178c0 SetWindowLongA
0x1401178c8 GetWindowLongA
0x1401178d0 PeekMessageA
0x1401178d8 GetForegroundWindow
0x1401178e0 SetWindowDisplayAffinity
0x1401178e8 GetMonitorInfoA
0x1401178f0 SetForegroundWindow
0x1401178f8 UnregisterClassW
0x140117900 SetCapture
0x140117908 EmptyClipboard
0x140117910 CloseClipboard
0x140117918 MonitorFromWindow
0x140117920 GetCursorPos
0x140117928 SetWindowPos
0x140117930 GetWindowLongPtrA
0x140117938 MessageBoxA
0x140117940 GetKeyboardLayout
0x140117948 DispatchMessageA
0x140117950 DefWindowProcA
0x140117958 SetLayeredWindowAttributes
0x140117960 TranslateMessage
0x140117968 UpdateWindow
0x140117970 TrackMouseEvent
0x140117978 GetClipboardData
0x140117980 SetWindowLongPtrA
0x140117988 SetClipboardData
0x140117990 RegisterClassExW
0x140117998 GetAsyncKeyState
0x1401179a0 OpenClipboard
0x1401179a8 ClientToScreen
0x1401179b0 SendInput
0x1401179b8 SetCursor
0x1401179c0 SendMessageA
0x1401179c8 GetKeyState
0x1401179d0 GetMessageExtraInfo
0x1401179d8 LoadCursorA
0x1401179e0 PostQuitMessage
0x1401179e8 FindWindowA
0x1401179f0 ScreenToClient
0x1401179f8 GetCapture
SHELL32.dll
0x140117850 ShellExecuteA
0x140117858 SHParseDisplayName
0x140117860 SHGetFolderPathA
0x140117868 SHOpenFolderAndSelectItems
ole32.dll
0x140118098 CoInitializeEx
MSVCP140.dll
0x1401174f8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140117500 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140117508 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140117510 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x140117518 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117520 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140117528 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140117530 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140117538 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140117540 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140117548 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140117550 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140117558 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140117560 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140117568 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117570 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117578 ?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
0x140117580 ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140117588 ?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
0x140117590 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140117598 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401175a0 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1401175a8 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x1401175b0 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401175b8 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
0x1401175c0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1401175c8 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x1401175d0 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1401175d8 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1401175e0 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1401175e8 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x1401175f0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x1401175f8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
0x140117600 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
0x140117608 ??7ios_base@std@@QEBA_NXZ
0x140117610 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x140117618 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
0x140117620 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
0x140117628 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140117630 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140117638 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x140117640 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140117648 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x140117650 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x140117658 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140117660 ?_Winerror_map@std@@YAHH@Z
0x140117668 ?_Syserror_map@std@@YAPEBDH@Z
0x140117670 ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
0x140117678 ?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
0x140117680 ?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
0x140117688 ?_Throw_Cpp_error@std@@YAXH@Z
0x140117690 _Cnd_do_broadcast_at_thread_exit
0x140117698 _Thrd_detach
0x1401176a0 _Mtx_lock
0x1401176a8 _Mtx_unlock
0x1401176b0 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x1401176b8 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1401176c0 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401176c8 ?id@?$ctype@D@std@@2V0locale@2@A
0x1401176d0 _Query_perf_frequency
0x1401176d8 ??1_Lockit@std@@QEAA@XZ
0x1401176e0 ??0_Lockit@std@@QEAA@H@Z
0x1401176e8 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1401176f0 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x1401176f8 ?uncaught_exception@std@@YA_NXZ
0x140117700 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140117708 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
0x140117710 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x140117718 ?_Xbad_function_call@std@@YAXXZ
0x140117720 ?_Xout_of_range@std@@YAXPEBD@Z
0x140117728 ??Bid@locale@std@@QEAA_KXZ
0x140117730 ?widen@?$ctype@_W@std@@QEBA_WD@Z
0x140117738 ?_Xbad_alloc@std@@YAXXZ
0x140117740 ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
0x140117748 ?id@?$ctype@_W@std@@2V0locale@2@A
0x140117750 ?_Xlength_error@std@@YAXPEBD@Z
0x140117758 _Query_perf_counter
0x140117760 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140117768 ?good@ios_base@std@@QEBA_NXZ
0x140117770 ?width@ios_base@std@@QEBA_JXZ
0x140117778 ?width@ios_base@std@@QEAA_J_J@Z
0x140117780 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x140117788 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140117790 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140117798 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x1401177a0 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1401177a8 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x1401177b0 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x1401177b8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1401177c0 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x1401177c8 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x1401177d0 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x1401177d8 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
0x1401177e0 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x1401177e8 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x1401177f0 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
0x1401177f8 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x140117800 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
d3d11.dll
0x140118038 D3D11CreateDeviceAndSwapChain
d3dx9_43.dll
0x140118058 D3DXMatrixTranspose
0x140118060 D3DXVec3Transform
ntdll.dll
0x140118080 RtlInitUnicodeString
0x140118088 NtQuerySystemInformation
IMM32.dll
0x140117198 ImmGetContext
0x1401171a0 ImmSetCompositionWindow
0x1401171a8 ImmReleaseContext
0x1401171b0 ImmSetCandidateWindow
D3DCOMPILER_43.dll
0x140117188 D3DCompile
dwmapi.dll
0x140118070 DwmExtendFrameIntoClientArea
SHLWAPI.dll
0x140117878 PathFindFileNameW
RPCRT4.dll
0x140117830 UuidToStringA
0x140117838 UuidCreate
0x140117840 RpcStringFreeA
PSAPI.DLL
0x140117820 GetModuleInformation
USERENV.dll
0x140117a08 UnloadUserProfile
VCRUNTIME140_1.dll
0x140117aa8 __CxxFrameHandler4
VCRUNTIME140.dll
0x140117a18 __std_exception_copy
0x140117a20 __std_terminate
0x140117a28 _purecall
0x140117a30 wcsstr
0x140117a38 strstr
0x140117a40 memcpy
0x140117a48 memset
0x140117a50 strchr
0x140117a58 strrchr
0x140117a60 memmove
0x140117a68 memcmp
0x140117a70 memchr
0x140117a78 _CxxThrowException
0x140117a80 __current_exception
0x140117a88 __current_exception_context
0x140117a90 __C_specific_handler
0x140117a98 __std_exception_destroy
api-ms-win-crt-runtime-l1-1-0.dll
0x140117d98 exit
0x140117da0 _beginthreadex
0x140117da8 _invalid_parameter_noinfo_noreturn
0x140117db0 _errno
0x140117db8 _getpid
0x140117dc0 system
0x140117dc8 terminate
0x140117dd0 strerror
0x140117dd8 __sys_nerr
0x140117de0 _invalid_parameter_noinfo
0x140117de8 _register_thread_local_exe_atexit_callback
0x140117df0 _c_exit
0x140117df8 _resetstkoflw
0x140117e00 _exit
0x140117e08 _initterm_e
0x140117e10 _initterm
0x140117e18 _get_narrow_winmain_command_line
0x140117e20 _set_app_type
0x140117e28 _seh_filter_exe
0x140117e30 _cexit
0x140117e38 _crt_atexit
0x140117e40 _register_onexit_function
0x140117e48 _initialize_onexit_table
0x140117e50 _initialize_narrow_environment
0x140117e58 _configure_narrow_argv
0x140117e60 abort
api-ms-win-crt-heap-l1-1-0.dll
0x140117cd8 realloc
0x140117ce0 _callnewh
0x140117ce8 _set_new_mode
0x140117cf0 malloc
0x140117cf8 free
0x140117d00 calloc
api-ms-win-crt-stdio-l1-1-0.dll
0x140117e70 __acrt_iob_func
0x140117e78 _popen
0x140117e80 freopen_s
0x140117e88 __p__commode
0x140117e90 _set_fmode
0x140117e98 _pclose
0x140117ea0 __stdio_common_vsprintf
0x140117ea8 fputc
0x140117eb0 fflush
0x140117eb8 fclose
0x140117ec0 _lseeki64
0x140117ec8 fgetc
0x140117ed0 fwrite
0x140117ed8 fgets
0x140117ee0 fgetpos
0x140117ee8 _read
0x140117ef0 feof
0x140117ef8 fputs
0x140117f00 fopen
0x140117f08 setvbuf
0x140117f10 _write
0x140117f18 _close
0x140117f20 _open
0x140117f28 ungetc
0x140117f30 fsetpos
0x140117f38 fread
0x140117f40 _fseeki64
0x140117f48 __stdio_common_vsscanf
0x140117f50 _wfopen
0x140117f58 _get_stream_buffer_pointers
0x140117f60 ftell
0x140117f68 __stdio_common_vfprintf
0x140117f70 fseek
api-ms-win-crt-string-l1-1-0.dll
0x140117f80 strncpy
0x140117f88 strncmp
0x140117f90 _wcsicmp
0x140117f98 toupper
0x140117fa0 tolower
0x140117fa8 _stricmp
0x140117fb0 isupper
0x140117fb8 strpbrk
0x140117fc0 _strdup
0x140117fc8 strcmp
0x140117fd0 strcspn
0x140117fd8 strspn
api-ms-win-crt-multibyte-l1-1-0.dll
0x140117d88 _mbsicmp
api-ms-win-crt-math-l1-1-0.dll
0x140117d30 logf
0x140117d38 __setusermatherr
0x140117d40 pow
0x140117d48 _dsign
0x140117d50 powf
0x140117d58 _dclass
0x140117d60 acosf
0x140117d68 fmodf
0x140117d70 log
0x140117d78 lround
api-ms-win-crt-convert-l1-1-0.dll
0x140117c40 strtod
0x140117c48 strtol
0x140117c50 atoi
0x140117c58 strtoul
0x140117c60 atof
0x140117c68 strtoll
0x140117c70 strtoull
api-ms-win-crt-utility-l1-1-0.dll
0x140118018 rand
0x140118020 srand
0x140118028 qsort
api-ms-win-crt-locale-l1-1-0.dll
0x140117d10 ___lc_codepage_func
0x140117d18 _configthreadlocale
0x140117d20 localeconv
api-ms-win-crt-time-l1-1-0.dll
0x140117fe8 _localtime64
0x140117ff0 _time64
0x140117ff8 _difftime64
0x140118000 _gmtime64
0x140118008 strftime
api-ms-win-crt-filesystem-l1-1-0.dll
0x140117c90 _stat64
0x140117c98 remove
0x140117ca0 _unlock_file
0x140117ca8 _fstat64
0x140117cb0 _wremove
0x140117cb8 _lock_file
0x140117cc0 _access
0x140117cc8 _unlink
api-ms-win-crt-environment-l1-1-0.dll
0x140117c80 getenv
Normaliz.dll
0x140117810 IdnToAscii
WS2_32.dll
0x140117b50 ntohl
0x140117b58 gethostname
0x140117b60 sendto
0x140117b68 recvfrom
0x140117b70 freeaddrinfo
0x140117b78 getaddrinfo
0x140117b80 select
0x140117b88 __WSAFDIsSet
0x140117b90 ioctlsocket
0x140117b98 listen
0x140117ba0 htonl
0x140117ba8 accept
0x140117bb0 WSACleanup
0x140117bb8 WSAStartup
0x140117bc0 WSAIoctl
0x140117bc8 ntohs
0x140117bd0 WSASetLastError
0x140117bd8 socket
0x140117be0 setsockopt
0x140117be8 htons
0x140117bf0 getsockopt
0x140117bf8 getsockname
0x140117c00 getpeername
0x140117c08 connect
0x140117c10 ind
0x140117c18 closesocket
0x140117c20 recv
0x140117c28 send
0x140117c30 WSAGetLastError
WLDAP32.dll
0x140117ab8 None
0x140117ac0 None
0x140117ac8 None
0x140117ad0 None
0x140117ad8 None
0x140117ae0 None
0x140117ae8 None
0x140117af0 None
0x140117af8 None
0x140117b00 None
0x140117b08 None
0x140117b10 None
0x140117b18 None
0x140117b20 None
0x140117b28 None
0x140117b30 None
0x140117b38 None
0x140117b40 None
CRYPT32.dll
0x140117100 CertOpenStore
0x140117108 CertFreeCertificateChain
0x140117110 CertGetCertificateChain
0x140117118 CertFreeCertificateChainEngine
0x140117120 CertCreateCertificateChainEngine
0x140117128 CryptQueryObject
0x140117130 CertGetNameStringA
0x140117138 CertFindExtension
0x140117140 CertAddCertificateContextToStore
0x140117148 CryptDecodeObjectEx
0x140117150 PFXImportCertStore
0x140117158 CryptStringToBinaryA
0x140117160 CertFreeCertificateContext
0x140117168 CertFindCertificateInStore
0x140117170 CertEnumCertificatesInStore
0x140117178 CertCloseStore
EAT(Export Address Table) is none