ScreenShot
| Created | 2024.09.27 13:36 | Machine | s1_win7_x6403 |
| Filename | 3.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 45 detected (AIDetectMalware, GameHack, Malicious, score, Lazy, Unsafe, Save, BlackMoon, confidence, Attribute, HighConfidence, high confidence, HackTool, Tiggre, Krypt, Undefined, QntIFX5CFiG, Tool, Static AI, Suspicious PE, Detected, Blamon, Malware@#2pccg8fw2bm2o, Eldorado, R663016, Artemis, R002H0DEN24, wM1VKnG, susgen) | ||
| md5 | bbea55c736e2eccfcbaf36bd4467c419 | ||
| sha256 | 7d7f580de5a46d90941ed4c7db9ac24e0117a957614324647d6c528b7d2f1833 | ||
| ssdeep | 49152:ftAectIwG0HVzQOhOXjJCEKEQIvufRoGp:fiG0VcOhOzJzLYoGp | ||
| imphash | 4e9653c358320c642fba6c227fa69d9f | ||
| impfuzzy | 96:aYDVELFjI/6eO3XN8flbmhBo2yl6fC7BFj8EICkyqu9p6ipkuhEz2K2WWJ3cZ/aP:7C3XgmhB4kuhvcNasjz8FM/xjiDSY | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 45 AntiVirus engines on VirusTotal as malicious |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
d3d11.dll
0x14005ea80 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x14005e030 D3DCompile
IMM32.dll
0x14005e040 ImmSetCompositionWindow
0x14005e048 ImmGetContext
0x14005e050 ImmReleaseContext
WINHTTP.dll
0x14005e708 WinHttpOpenRequest
0x14005e710 WinHttpOpen
0x14005e718 WinHttpSendRequest
0x14005e720 WinHttpConnect
0x14005e728 WinHttpQueryDataAvailable
0x14005e730 WinHttpReceiveResponse
0x14005e738 WinHttpCloseHandle
0x14005e740 WinHttpReadData
KERNEL32.dll
0x14005e060 UnhandledExceptionFilter
0x14005e068 GetModuleHandleW
0x14005e070 CreateEventW
0x14005e078 WaitForSingleObjectEx
0x14005e080 ResetEvent
0x14005e088 LoadLibraryA
0x14005e090 GetProcAddress
0x14005e098 GetTickCount
0x14005e0a0 GlobalAlloc
0x14005e0a8 GlobalFree
0x14005e0b0 GlobalLock
0x14005e0b8 GlobalUnlock
0x14005e0c0 QueryPerformanceFrequency
0x14005e0c8 QueryPerformanceCounter
0x14005e0d0 HeapFree
0x14005e0d8 VirtualFree
0x14005e0e0 DeviceIoControl
0x14005e0e8 VirtualAlloc
0x14005e0f0 InitializeCriticalSectionEx
0x14005e0f8 CreateFileW
0x14005e100 GetCurrentThreadId
0x14005e108 GetModuleHandleA
0x14005e110 HeapSize
0x14005e118 GetLastError
0x14005e120 HeapReAlloc
0x14005e128 CloseHandle
0x14005e130 RaiseException
0x14005e138 HeapAlloc
0x14005e140 HeapDestroy
0x14005e148 DeleteCriticalSection
0x14005e150 GetCurrentProcessId
0x14005e158 IsProcessorFeaturePresent
0x14005e160 ReadFile
0x14005e168 IsDebuggerPresent
0x14005e170 Process32First
0x14005e178 SetConsoleTitleA
0x14005e180 GetCurrentProcess
0x14005e188 WriteFile
0x14005e190 TerminateProcess
0x14005e198 CreatePipe
0x14005e1a0 GetTempPathW
0x14005e1a8 WaitForSingleObject
0x14005e1b0 OpenProcess
0x14005e1b8 CreateToolhelp32Snapshot
0x14005e1c0 MultiByteToWideChar
0x14005e1c8 Sleep
0x14005e1d0 GetTempPathA
0x14005e1d8 K32GetModuleFileNameExA
0x14005e1e0 LockResource
0x14005e1e8 Process32Next
0x14005e1f0 WritePrivateProfileStringA
0x14005e1f8 FindResourceExW
0x14005e200 LoadResource
0x14005e208 FindResourceW
0x14005e210 K32EnumProcesses
0x14005e218 GetStartupInfoA
0x14005e220 CreateProcessW
0x14005e228 WideCharToMultiByte
0x14005e230 GetConsoleWindow
0x14005e238 lstrcmpiA
0x14005e240 CreateProcessA
0x14005e248 GetPrivateProfileIntA
0x14005e250 GetPrivateProfileStringA
0x14005e258 SetConsoleTitleW
0x14005e260 SetEvent
0x14005e268 InitializeCriticalSectionAndSpinCount
0x14005e270 LeaveCriticalSection
0x14005e278 EnterCriticalSection
0x14005e280 InitOnceBeginInitialize
0x14005e288 InitOnceComplete
0x14005e290 OutputDebugStringW
0x14005e298 SetUnhandledExceptionFilter
0x14005e2a0 SizeofResource
0x14005e2a8 GetSystemTimeAsFileTime
0x14005e2b0 GetProcessHeap
0x14005e2b8 InitializeSListHead
USER32.dll
0x14005e548 GetMessageA
0x14005e550 DispatchMessageA
0x14005e558 GetWindowRect
0x14005e560 DestroyWindow
0x14005e568 SetWindowPos
0x14005e570 GetClassNameA
0x14005e578 ShowWindow
0x14005e580 GetAsyncKeyState
0x14005e588 GetWindowTextA
0x14005e590 MessageBoxA
0x14005e598 MoveWindow
0x14005e5a0 DefWindowProcA
0x14005e5a8 SetLayeredWindowAttributes
0x14005e5b0 TranslateMessage
0x14005e5b8 LoadIconA
0x14005e5c0 PeekMessageA
0x14005e5c8 GetSystemMetrics
0x14005e5d0 SetWindowLongPtrA
0x14005e5d8 RegisterClassExA
0x14005e5e0 GetKeyState
0x14005e5e8 LoadCursorA
0x14005e5f0 ScreenToClient
0x14005e5f8 GetCapture
0x14005e600 ClientToScreen
0x14005e608 GetForegroundWindow
0x14005e610 SetCapture
0x14005e618 SetCursor
0x14005e620 GetClientRect
0x14005e628 ReleaseCapture
0x14005e630 SetCursorPos
0x14005e638 GetCursorPos
0x14005e640 OpenClipboard
0x14005e648 PostQuitMessage
0x14005e650 GetWindowThreadProcessId
0x14005e658 SetClipboardData
0x14005e660 GetClipboardData
0x14005e668 CloseClipboard
0x14005e670 EmptyClipboard
0x14005e678 EnumWindows
ADVAPI32.dll
0x14005e000 RegCreateKeyW
0x14005e008 RegDeleteKeyW
0x14005e010 RegCloseKey
0x14005e018 RegSetKeyValueW
0x14005e020 RegOpenKeyW
MSVCP140.dll
0x14005e2c8 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14005e2d0 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14005e2d8 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14005e2e0 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14005e2e8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
0x14005e2f0 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14005e2f8 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14005e300 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14005e308 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x14005e310 _Xtime_get_ticks
0x14005e318 _Thrd_detach
0x14005e320 _Query_perf_counter
0x14005e328 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14005e330 _Cnd_do_broadcast_at_thread_exit
0x14005e338 ?id@?$ctype@D@std@@2V0locale@2@A
0x14005e340 ?_Throw_C_error@std@@YAXH@Z
0x14005e348 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x14005e350 ?_Xinvalid_argument@std@@YAXPEBD@Z
0x14005e358 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x14005e360 ?_Throw_Cpp_error@std@@YAXH@Z
0x14005e368 _Query_perf_frequency
0x14005e370 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
0x14005e378 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x14005e380 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
0x14005e388 _Thrd_sleep
0x14005e390 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14005e398 ?_Xlength_error@std@@YAXPEBD@Z
0x14005e3a0 ??1_Lockit@std@@QEAA@XZ
0x14005e3a8 ??0_Lockit@std@@QEAA@H@Z
0x14005e3b0 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14005e3b8 ?uncaught_exception@std@@YA_NXZ
0x14005e3c0 ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
0x14005e3c8 ?id@?$ctype@_W@std@@2V0locale@2@A
0x14005e3d0 ?_Xout_of_range@std@@YAXPEBD@Z
0x14005e3d8 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x14005e3e0 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x14005e3e8 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14005e3f0 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
0x14005e3f8 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
0x14005e400 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
0x14005e408 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x14005e410 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x14005e418 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14005e420 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x14005e428 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x14005e430 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x14005e438 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x14005e440 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14005e448 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14005e450 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14005e458 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x14005e460 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14005e468 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x14005e470 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14005e478 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14005e480 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14005e488 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14005e490 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14005e498 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14005e4a0 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14005e4a8 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x14005e4b0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x14005e4b8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x14005e4c0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
0x14005e4c8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
0x14005e4d0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x14005e4d8 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14005e4e0 ?widen@?$ctype@_W@std@@QEBA_WD@Z
0x14005e4e8 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x14005e4f0 ??Bid@locale@std@@QEAA_KXZ
0x14005e4f8 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x14005e500 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x14005e508 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x14005e510 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x14005e518 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x14005e520 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x14005e528 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x14005e530 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14005e538 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
ntdll.dll
0x14005ea90 RtlVirtualUnwind
0x14005ea98 RtlInitUnicodeString
0x14005eaa0 RtlCaptureContext
0x14005eaa8 RtlLookupFunctionEntry
0x14005eab0 NtQuerySystemInformation
WS2_32.dll
0x14005e750 inet_addr
0x14005e758 gethostbyname
0x14005e760 recv
0x14005e768 connect
0x14005e770 socket
0x14005e778 send
0x14005e780 closesocket
0x14005e788 WSACleanup
0x14005e790 htons
0x14005e798 WSAStartup
VCRUNTIME140_1.dll
0x14005e6f8 __CxxFrameHandler4
VCRUNTIME140.dll
0x14005e688 memcmp
0x14005e690 memchr
0x14005e698 memcpy
0x14005e6a0 memmove
0x14005e6a8 memset
0x14005e6b0 _CxxThrowException
0x14005e6b8 __current_exception_context
0x14005e6c0 __current_exception
0x14005e6c8 __C_specific_handler
0x14005e6d0 strstr
0x14005e6d8 __std_exception_copy
0x14005e6e0 __std_exception_destroy
0x14005e6e8 __std_terminate
api-ms-win-crt-runtime-l1-1-0.dll
0x14005e898 _invalid_parameter_noinfo_noreturn
0x14005e8a0 _errno
0x14005e8a8 _register_thread_local_exe_atexit_callback
0x14005e8b0 exit
0x14005e8b8 terminate
0x14005e8c0 abort
0x14005e8c8 _c_exit
0x14005e8d0 _invalid_parameter_noinfo
0x14005e8d8 _beginthreadex
0x14005e8e0 _configure_narrow_argv
0x14005e8e8 _initialize_narrow_environment
0x14005e8f0 _initialize_onexit_table
0x14005e8f8 _register_onexit_function
0x14005e900 _crt_atexit
0x14005e908 _cexit
0x14005e910 _seh_filter_exe
0x14005e918 _set_app_type
0x14005e920 __p___argv
0x14005e928 _get_initial_narrow_environment
0x14005e930 _initterm
0x14005e938 _initterm_e
0x14005e940 _exit
0x14005e948 __p___argc
api-ms-win-crt-stdio-l1-1-0.dll
0x14005e958 fopen
0x14005e960 __acrt_iob_func
0x14005e968 fflush
0x14005e970 fclose
0x14005e978 _get_stream_buffer_pointers
0x14005e980 __p__commode
0x14005e988 _fseeki64
0x14005e990 _set_fmode
0x14005e998 fseek
0x14005e9a0 fsetpos
0x14005e9a8 ungetc
0x14005e9b0 __stdio_common_vfprintf
0x14005e9b8 setvbuf
0x14005e9c0 fgetpos
0x14005e9c8 fgetc
0x14005e9d0 fwrite
0x14005e9d8 fputc
0x14005e9e0 __stdio_common_vsscanf
0x14005e9e8 fread
0x14005e9f0 __stdio_common_vsprintf
0x14005e9f8 _wfopen
0x14005ea00 ftell
api-ms-win-crt-string-l1-1-0.dll
0x14005ea10 _stricmp
0x14005ea18 strncmp
0x14005ea20 isdigit
0x14005ea28 tolower
0x14005ea30 strcpy_s
0x14005ea38 isspace
0x14005ea40 strcmp
api-ms-win-crt-utility-l1-1-0.dll
0x14005ea60 rand
0x14005ea68 srand
0x14005ea70 qsort
api-ms-win-crt-heap-l1-1-0.dll
0x14005e7e8 realloc
0x14005e7f0 _callnewh
0x14005e7f8 free
0x14005e800 _set_new_mode
0x14005e808 malloc
api-ms-win-crt-convert-l1-1-0.dll
0x14005e7a8 strtod
0x14005e7b0 atoi
0x14005e7b8 strtol
api-ms-win-crt-filesystem-l1-1-0.dll
0x14005e7c8 _lock_file
0x14005e7d0 _unlock_file
0x14005e7d8 _wremove
api-ms-win-crt-time-l1-1-0.dll
0x14005ea50 _time64
api-ms-win-crt-math-l1-1-0.dll
0x14005e828 fmod
0x14005e830 sqrtf
0x14005e838 sinf
0x14005e840 sqrt
0x14005e848 pow
0x14005e850 _dclass
0x14005e858 floorf
0x14005e860 __setusermatherr
0x14005e868 ceilf
0x14005e870 cosf
0x14005e878 sin
0x14005e880 cos
0x14005e888 fmodf
api-ms-win-crt-locale-l1-1-0.dll
0x14005e818 _configthreadlocale
EAT(Export Address Table) Library
0x140055d20 cJSON_AddArrayToObject
0x140055910 cJSON_AddBoolToObject
0x140055830 cJSON_AddFalseToObject
0x1400555a0 cJSON_AddItemReferenceToArray
0x140055620 cJSON_AddItemReferenceToObject
0x140055400 cJSON_AddItemToArray
0x140055560 cJSON_AddItemToObject
0x140055580 cJSON_AddItemToObjectCS
0x140055670 cJSON_AddNullToObject
0x140055a00 cJSON_AddNumberToObject
0x140055c40 cJSON_AddObjectToObject
0x140055b80 cJSON_AddRawToObject
0x140055ac0 cJSON_AddStringToObject
0x140055750 cJSON_AddTrueToObject
0x1400572b0 cJSON_Compare
0x140056960 cJSON_CreateArray
0x140056810 cJSON_CreateArrayReference
0x140056590 cJSON_CreateBool
0x140056c60 cJSON_CreateDoubleArray
0x140056550 cJSON_CreateFalse
0x140056b20 cJSON_CreateFloatArray
0x1400569e0 cJSON_CreateIntArray
0x1400564d0 cJSON_CreateNull
0x1400565d0 cJSON_CreateNumber
0x1400569a0 cJSON_CreateObject
0x1400567c0 cJSON_CreateObjectReference
0x140056860 cJSON_CreateRaw
0x140056670 cJSON_CreateString
0x140056d90 cJSON_CreateStringArray
0x140056770 cJSON_CreateStringReference
0x140056510 cJSON_CreateTrue
0x140053310 cJSON_Delete
0x140055f10 cJSON_DeleteItemFromArray
0x1400560b0 cJSON_DeleteItemFromObject
0x140056140 cJSON_DeleteItemFromObjectCaseSensitive
0x140055e70 cJSON_DetachItemFromArray
0x140055fa0 cJSON_DetachItemFromObject
0x140056020 cJSON_DetachItemFromObjectCaseSensitive
0x140055e00 cJSON_DetachItemViaPointer
0x140056ec0 cJSON_Duplicate
0x140055200 cJSON_GetArrayItem
0x1400551e0 cJSON_GetArraySize
0x1400531d0 cJSON_GetErrorPtr
0x140053200 cJSON_GetNumberValue
0x140055350 cJSON_GetObjectItem
0x140055360 cJSON_GetObjectItemCaseSensitive
0x1400531e0 cJSON_GetStringValue
0x140055370 cJSON_HasObjectItem
0x140053270 cJSON_InitHooks
0x1400561d0 cJSON_InsertItemInArray
0x140057280 cJSON_IsArray
0x140057230 cJSON_IsBool
0x140057210 cJSON_IsFalse
0x140057200 cJSON_IsInvalid
0x140057250 cJSON_IsNull
0x140057260 cJSON_IsNumber
0x140057290 cJSON_IsObject
0x1400572a0 cJSON_IsRaw
0x140057270 cJSON_IsString
0x140057220 cJSON_IsTrue
0x1400570c0 cJSON_Minify
0x1400541b0 cJSON_Parse
0x1400541e0 cJSON_ParseWithLength
0x140053f50 cJSON_ParseWithLengthOpts
0x140053f20 cJSON_ParseWithOpts
0x140054330 cJSON_Print
0x140054350 cJSON_PrintBuffered
0x140054410 cJSON_PrintPreallocated
0x140054340 cJSON_PrintUnformatted
0x140056390 cJSON_ReplaceItemInArray
0x1400564b0 cJSON_ReplaceItemInObject
0x1400564c0 cJSON_ReplaceItemInObjectCaseSensitive
0x140056280 cJSON_ReplaceItemViaPointer
0x140053390 cJSON_SetNumberHelper
0x1400533d0 cJSON_SetValuestring
0x140053220 cJSON_Version
0x1400575d0 cJSON_free
0x1400575c0 cJSON_malloc
d3d11.dll
0x14005ea80 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x14005e030 D3DCompile
IMM32.dll
0x14005e040 ImmSetCompositionWindow
0x14005e048 ImmGetContext
0x14005e050 ImmReleaseContext
WINHTTP.dll
0x14005e708 WinHttpOpenRequest
0x14005e710 WinHttpOpen
0x14005e718 WinHttpSendRequest
0x14005e720 WinHttpConnect
0x14005e728 WinHttpQueryDataAvailable
0x14005e730 WinHttpReceiveResponse
0x14005e738 WinHttpCloseHandle
0x14005e740 WinHttpReadData
KERNEL32.dll
0x14005e060 UnhandledExceptionFilter
0x14005e068 GetModuleHandleW
0x14005e070 CreateEventW
0x14005e078 WaitForSingleObjectEx
0x14005e080 ResetEvent
0x14005e088 LoadLibraryA
0x14005e090 GetProcAddress
0x14005e098 GetTickCount
0x14005e0a0 GlobalAlloc
0x14005e0a8 GlobalFree
0x14005e0b0 GlobalLock
0x14005e0b8 GlobalUnlock
0x14005e0c0 QueryPerformanceFrequency
0x14005e0c8 QueryPerformanceCounter
0x14005e0d0 HeapFree
0x14005e0d8 VirtualFree
0x14005e0e0 DeviceIoControl
0x14005e0e8 VirtualAlloc
0x14005e0f0 InitializeCriticalSectionEx
0x14005e0f8 CreateFileW
0x14005e100 GetCurrentThreadId
0x14005e108 GetModuleHandleA
0x14005e110 HeapSize
0x14005e118 GetLastError
0x14005e120 HeapReAlloc
0x14005e128 CloseHandle
0x14005e130 RaiseException
0x14005e138 HeapAlloc
0x14005e140 HeapDestroy
0x14005e148 DeleteCriticalSection
0x14005e150 GetCurrentProcessId
0x14005e158 IsProcessorFeaturePresent
0x14005e160 ReadFile
0x14005e168 IsDebuggerPresent
0x14005e170 Process32First
0x14005e178 SetConsoleTitleA
0x14005e180 GetCurrentProcess
0x14005e188 WriteFile
0x14005e190 TerminateProcess
0x14005e198 CreatePipe
0x14005e1a0 GetTempPathW
0x14005e1a8 WaitForSingleObject
0x14005e1b0 OpenProcess
0x14005e1b8 CreateToolhelp32Snapshot
0x14005e1c0 MultiByteToWideChar
0x14005e1c8 Sleep
0x14005e1d0 GetTempPathA
0x14005e1d8 K32GetModuleFileNameExA
0x14005e1e0 LockResource
0x14005e1e8 Process32Next
0x14005e1f0 WritePrivateProfileStringA
0x14005e1f8 FindResourceExW
0x14005e200 LoadResource
0x14005e208 FindResourceW
0x14005e210 K32EnumProcesses
0x14005e218 GetStartupInfoA
0x14005e220 CreateProcessW
0x14005e228 WideCharToMultiByte
0x14005e230 GetConsoleWindow
0x14005e238 lstrcmpiA
0x14005e240 CreateProcessA
0x14005e248 GetPrivateProfileIntA
0x14005e250 GetPrivateProfileStringA
0x14005e258 SetConsoleTitleW
0x14005e260 SetEvent
0x14005e268 InitializeCriticalSectionAndSpinCount
0x14005e270 LeaveCriticalSection
0x14005e278 EnterCriticalSection
0x14005e280 InitOnceBeginInitialize
0x14005e288 InitOnceComplete
0x14005e290 OutputDebugStringW
0x14005e298 SetUnhandledExceptionFilter
0x14005e2a0 SizeofResource
0x14005e2a8 GetSystemTimeAsFileTime
0x14005e2b0 GetProcessHeap
0x14005e2b8 InitializeSListHead
USER32.dll
0x14005e548 GetMessageA
0x14005e550 DispatchMessageA
0x14005e558 GetWindowRect
0x14005e560 DestroyWindow
0x14005e568 SetWindowPos
0x14005e570 GetClassNameA
0x14005e578 ShowWindow
0x14005e580 GetAsyncKeyState
0x14005e588 GetWindowTextA
0x14005e590 MessageBoxA
0x14005e598 MoveWindow
0x14005e5a0 DefWindowProcA
0x14005e5a8 SetLayeredWindowAttributes
0x14005e5b0 TranslateMessage
0x14005e5b8 LoadIconA
0x14005e5c0 PeekMessageA
0x14005e5c8 GetSystemMetrics
0x14005e5d0 SetWindowLongPtrA
0x14005e5d8 RegisterClassExA
0x14005e5e0 GetKeyState
0x14005e5e8 LoadCursorA
0x14005e5f0 ScreenToClient
0x14005e5f8 GetCapture
0x14005e600 ClientToScreen
0x14005e608 GetForegroundWindow
0x14005e610 SetCapture
0x14005e618 SetCursor
0x14005e620 GetClientRect
0x14005e628 ReleaseCapture
0x14005e630 SetCursorPos
0x14005e638 GetCursorPos
0x14005e640 OpenClipboard
0x14005e648 PostQuitMessage
0x14005e650 GetWindowThreadProcessId
0x14005e658 SetClipboardData
0x14005e660 GetClipboardData
0x14005e668 CloseClipboard
0x14005e670 EmptyClipboard
0x14005e678 EnumWindows
ADVAPI32.dll
0x14005e000 RegCreateKeyW
0x14005e008 RegDeleteKeyW
0x14005e010 RegCloseKey
0x14005e018 RegSetKeyValueW
0x14005e020 RegOpenKeyW
MSVCP140.dll
0x14005e2c8 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14005e2d0 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14005e2d8 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14005e2e0 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14005e2e8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
0x14005e2f0 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14005e2f8 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14005e300 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14005e308 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x14005e310 _Xtime_get_ticks
0x14005e318 _Thrd_detach
0x14005e320 _Query_perf_counter
0x14005e328 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14005e330 _Cnd_do_broadcast_at_thread_exit
0x14005e338 ?id@?$ctype@D@std@@2V0locale@2@A
0x14005e340 ?_Throw_C_error@std@@YAXH@Z
0x14005e348 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x14005e350 ?_Xinvalid_argument@std@@YAXPEBD@Z
0x14005e358 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x14005e360 ?_Throw_Cpp_error@std@@YAXH@Z
0x14005e368 _Query_perf_frequency
0x14005e370 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
0x14005e378 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x14005e380 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
0x14005e388 _Thrd_sleep
0x14005e390 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14005e398 ?_Xlength_error@std@@YAXPEBD@Z
0x14005e3a0 ??1_Lockit@std@@QEAA@XZ
0x14005e3a8 ??0_Lockit@std@@QEAA@H@Z
0x14005e3b0 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14005e3b8 ?uncaught_exception@std@@YA_NXZ
0x14005e3c0 ?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
0x14005e3c8 ?id@?$ctype@_W@std@@2V0locale@2@A
0x14005e3d0 ?_Xout_of_range@std@@YAXPEBD@Z
0x14005e3d8 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x14005e3e0 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x14005e3e8 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14005e3f0 ?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
0x14005e3f8 ?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
0x14005e400 ?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
0x14005e408 ?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
0x14005e410 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x14005e418 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14005e420 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x14005e428 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x14005e430 ?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
0x14005e438 ?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
0x14005e440 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14005e448 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14005e450 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14005e458 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x14005e460 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14005e468 ?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
0x14005e470 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14005e478 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14005e480 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14005e488 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14005e490 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14005e498 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14005e4a0 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14005e4a8 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x14005e4b0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x14005e4b8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x14005e4c0 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
0x14005e4c8 ??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
0x14005e4d0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x14005e4d8 ?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14005e4e0 ?widen@?$ctype@_W@std@@QEBA_WD@Z
0x14005e4e8 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x14005e4f0 ??Bid@locale@std@@QEAA_KXZ
0x14005e4f8 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x14005e500 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x14005e508 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x14005e510 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x14005e518 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x14005e520 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x14005e528 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x14005e530 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14005e538 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
ntdll.dll
0x14005ea90 RtlVirtualUnwind
0x14005ea98 RtlInitUnicodeString
0x14005eaa0 RtlCaptureContext
0x14005eaa8 RtlLookupFunctionEntry
0x14005eab0 NtQuerySystemInformation
WS2_32.dll
0x14005e750 inet_addr
0x14005e758 gethostbyname
0x14005e760 recv
0x14005e768 connect
0x14005e770 socket
0x14005e778 send
0x14005e780 closesocket
0x14005e788 WSACleanup
0x14005e790 htons
0x14005e798 WSAStartup
VCRUNTIME140_1.dll
0x14005e6f8 __CxxFrameHandler4
VCRUNTIME140.dll
0x14005e688 memcmp
0x14005e690 memchr
0x14005e698 memcpy
0x14005e6a0 memmove
0x14005e6a8 memset
0x14005e6b0 _CxxThrowException
0x14005e6b8 __current_exception_context
0x14005e6c0 __current_exception
0x14005e6c8 __C_specific_handler
0x14005e6d0 strstr
0x14005e6d8 __std_exception_copy
0x14005e6e0 __std_exception_destroy
0x14005e6e8 __std_terminate
api-ms-win-crt-runtime-l1-1-0.dll
0x14005e898 _invalid_parameter_noinfo_noreturn
0x14005e8a0 _errno
0x14005e8a8 _register_thread_local_exe_atexit_callback
0x14005e8b0 exit
0x14005e8b8 terminate
0x14005e8c0 abort
0x14005e8c8 _c_exit
0x14005e8d0 _invalid_parameter_noinfo
0x14005e8d8 _beginthreadex
0x14005e8e0 _configure_narrow_argv
0x14005e8e8 _initialize_narrow_environment
0x14005e8f0 _initialize_onexit_table
0x14005e8f8 _register_onexit_function
0x14005e900 _crt_atexit
0x14005e908 _cexit
0x14005e910 _seh_filter_exe
0x14005e918 _set_app_type
0x14005e920 __p___argv
0x14005e928 _get_initial_narrow_environment
0x14005e930 _initterm
0x14005e938 _initterm_e
0x14005e940 _exit
0x14005e948 __p___argc
api-ms-win-crt-stdio-l1-1-0.dll
0x14005e958 fopen
0x14005e960 __acrt_iob_func
0x14005e968 fflush
0x14005e970 fclose
0x14005e978 _get_stream_buffer_pointers
0x14005e980 __p__commode
0x14005e988 _fseeki64
0x14005e990 _set_fmode
0x14005e998 fseek
0x14005e9a0 fsetpos
0x14005e9a8 ungetc
0x14005e9b0 __stdio_common_vfprintf
0x14005e9b8 setvbuf
0x14005e9c0 fgetpos
0x14005e9c8 fgetc
0x14005e9d0 fwrite
0x14005e9d8 fputc
0x14005e9e0 __stdio_common_vsscanf
0x14005e9e8 fread
0x14005e9f0 __stdio_common_vsprintf
0x14005e9f8 _wfopen
0x14005ea00 ftell
api-ms-win-crt-string-l1-1-0.dll
0x14005ea10 _stricmp
0x14005ea18 strncmp
0x14005ea20 isdigit
0x14005ea28 tolower
0x14005ea30 strcpy_s
0x14005ea38 isspace
0x14005ea40 strcmp
api-ms-win-crt-utility-l1-1-0.dll
0x14005ea60 rand
0x14005ea68 srand
0x14005ea70 qsort
api-ms-win-crt-heap-l1-1-0.dll
0x14005e7e8 realloc
0x14005e7f0 _callnewh
0x14005e7f8 free
0x14005e800 _set_new_mode
0x14005e808 malloc
api-ms-win-crt-convert-l1-1-0.dll
0x14005e7a8 strtod
0x14005e7b0 atoi
0x14005e7b8 strtol
api-ms-win-crt-filesystem-l1-1-0.dll
0x14005e7c8 _lock_file
0x14005e7d0 _unlock_file
0x14005e7d8 _wremove
api-ms-win-crt-time-l1-1-0.dll
0x14005ea50 _time64
api-ms-win-crt-math-l1-1-0.dll
0x14005e828 fmod
0x14005e830 sqrtf
0x14005e838 sinf
0x14005e840 sqrt
0x14005e848 pow
0x14005e850 _dclass
0x14005e858 floorf
0x14005e860 __setusermatherr
0x14005e868 ceilf
0x14005e870 cosf
0x14005e878 sin
0x14005e880 cos
0x14005e888 fmodf
api-ms-win-crt-locale-l1-1-0.dll
0x14005e818 _configthreadlocale
EAT(Export Address Table) Library
0x140055d20 cJSON_AddArrayToObject
0x140055910 cJSON_AddBoolToObject
0x140055830 cJSON_AddFalseToObject
0x1400555a0 cJSON_AddItemReferenceToArray
0x140055620 cJSON_AddItemReferenceToObject
0x140055400 cJSON_AddItemToArray
0x140055560 cJSON_AddItemToObject
0x140055580 cJSON_AddItemToObjectCS
0x140055670 cJSON_AddNullToObject
0x140055a00 cJSON_AddNumberToObject
0x140055c40 cJSON_AddObjectToObject
0x140055b80 cJSON_AddRawToObject
0x140055ac0 cJSON_AddStringToObject
0x140055750 cJSON_AddTrueToObject
0x1400572b0 cJSON_Compare
0x140056960 cJSON_CreateArray
0x140056810 cJSON_CreateArrayReference
0x140056590 cJSON_CreateBool
0x140056c60 cJSON_CreateDoubleArray
0x140056550 cJSON_CreateFalse
0x140056b20 cJSON_CreateFloatArray
0x1400569e0 cJSON_CreateIntArray
0x1400564d0 cJSON_CreateNull
0x1400565d0 cJSON_CreateNumber
0x1400569a0 cJSON_CreateObject
0x1400567c0 cJSON_CreateObjectReference
0x140056860 cJSON_CreateRaw
0x140056670 cJSON_CreateString
0x140056d90 cJSON_CreateStringArray
0x140056770 cJSON_CreateStringReference
0x140056510 cJSON_CreateTrue
0x140053310 cJSON_Delete
0x140055f10 cJSON_DeleteItemFromArray
0x1400560b0 cJSON_DeleteItemFromObject
0x140056140 cJSON_DeleteItemFromObjectCaseSensitive
0x140055e70 cJSON_DetachItemFromArray
0x140055fa0 cJSON_DetachItemFromObject
0x140056020 cJSON_DetachItemFromObjectCaseSensitive
0x140055e00 cJSON_DetachItemViaPointer
0x140056ec0 cJSON_Duplicate
0x140055200 cJSON_GetArrayItem
0x1400551e0 cJSON_GetArraySize
0x1400531d0 cJSON_GetErrorPtr
0x140053200 cJSON_GetNumberValue
0x140055350 cJSON_GetObjectItem
0x140055360 cJSON_GetObjectItemCaseSensitive
0x1400531e0 cJSON_GetStringValue
0x140055370 cJSON_HasObjectItem
0x140053270 cJSON_InitHooks
0x1400561d0 cJSON_InsertItemInArray
0x140057280 cJSON_IsArray
0x140057230 cJSON_IsBool
0x140057210 cJSON_IsFalse
0x140057200 cJSON_IsInvalid
0x140057250 cJSON_IsNull
0x140057260 cJSON_IsNumber
0x140057290 cJSON_IsObject
0x1400572a0 cJSON_IsRaw
0x140057270 cJSON_IsString
0x140057220 cJSON_IsTrue
0x1400570c0 cJSON_Minify
0x1400541b0 cJSON_Parse
0x1400541e0 cJSON_ParseWithLength
0x140053f50 cJSON_ParseWithLengthOpts
0x140053f20 cJSON_ParseWithOpts
0x140054330 cJSON_Print
0x140054350 cJSON_PrintBuffered
0x140054410 cJSON_PrintPreallocated
0x140054340 cJSON_PrintUnformatted
0x140056390 cJSON_ReplaceItemInArray
0x1400564b0 cJSON_ReplaceItemInObject
0x1400564c0 cJSON_ReplaceItemInObjectCaseSensitive
0x140056280 cJSON_ReplaceItemViaPointer
0x140053390 cJSON_SetNumberHelper
0x1400533d0 cJSON_SetValuestring
0x140053220 cJSON_Version
0x1400575d0 cJSON_free
0x1400575c0 cJSON_malloc