ScreenShot
| Created | 2024.10.14 10:53 | Machine | s1_win7_x6403 |
| Filename | FULL_OPTION.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 50 detected (AIDetectMalware, CryptInject, Malicious, score, Lazy, Unsafe, Save, confidence, Attribute, HighConfidence, high confidence, GameHack, FileRepMalware, Misc, WJNQcxlHECC, iyaon, Tool, R002C0DH124, Static AI, Malicious PE, Detected, R657191, Artemis, Krypt, GdSda, bqHqymS2NRc, susgen, GenKryptik, GHEK) | ||
| md5 | 1dcdd77ba8afe481b4af754876f70ee8 | ||
| sha256 | e5f2c31e3b741665821670118a78692cd1f44a349ad20007c0628fa3fb307734 | ||
| ssdeep | 49152:akB2fm0tI2+vb67PeDV/jVuoMLBXVn/oPD2I0F1QSO23dwoQB1cBYATrxl0Amtfy:akB2l2vO7yqLu2nF1QSbtwPalNl0Da | ||
| imphash | 78bbdb4b113bfc6f56d7405a719a03a2 | ||
| impfuzzy | 96:21RIkWEK6b9fEHp796B/c0ThFqfTtUaz/rxU34C4+2ylJMAyMMjYoFsYAt7EuyLW:KWaq+Jc0NFqtZ6R74/+txklKWkfIcyGT | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 50 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | This executable has a PDB path |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
d3d11.dll
0x14014be40 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x14014b160 D3DCompile
KERNEL32.dll
0x14014b198 IsProcessorFeaturePresent
0x14014b1a0 GetStartupInfoW
0x14014b1a8 GetCurrentProcessId
0x14014b1b0 GetCurrentThreadId
0x14014b1b8 GetSystemTimeAsFileTime
0x14014b1c0 InitializeSListHead
0x14014b1c8 UnhandledExceptionFilter
0x14014b1d0 RtlVirtualUnwind
0x14014b1d8 RtlLookupFunctionEntry
0x14014b1e0 RtlCaptureContext
0x14014b1e8 AreFileApisANSI
0x14014b1f0 SleepConditionVariableSRW
0x14014b1f8 GetFileAttributesExW
0x14014b200 WakeAllConditionVariable
0x14014b208 AcquireSRWLockExclusive
0x14014b210 ReleaseSRWLockExclusive
0x14014b218 GetFileInformationByHandleEx
0x14014b220 GetLastError
0x14014b228 SetLastError
0x14014b230 VirtualQueryEx
0x14014b238 Module32NextW
0x14014b240 Module32FirstW
0x14014b248 ReadProcessMemory
0x14014b250 WriteProcessMemory
0x14014b258 GetTickCount
0x14014b260 CloseHandle
0x14014b268 Process32FirstW
0x14014b270 OutputDebugStringW
0x14014b278 Process32NextW
0x14014b280 CreateToolhelp32Snapshot
0x14014b288 SetUnhandledExceptionFilter
0x14014b290 CheckRemoteDebuggerPresent
0x14014b298 IsDebuggerPresent
0x14014b2a0 GetModuleHandleW
0x14014b2a8 GetThreadContext
0x14014b2b0 LoadLibraryW
0x14014b2b8 GetSystemInfo
0x14014b2c0 GetCurrentThread
0x14014b2c8 CreateFileA
0x14014b2d0 Sleep
0x14014b2d8 FindFirstFileW
0x14014b2e0 FindClose
0x14014b2e8 CreateDirectoryW
0x14014b2f0 GetLocaleInfoEx
0x14014b2f8 WaitForMultipleObjects
0x14014b300 PeekNamedPipe
0x14014b308 GetFileType
0x14014b310 GetStdHandle
0x14014b318 GetEnvironmentVariableA
0x14014b320 WaitForSingleObjectEx
0x14014b328 MoveFileExA
0x14014b330 VerifyVersionInfoA
0x14014b338 GetSystemDirectoryA
0x14014b340 SleepEx
0x14014b348 LeaveCriticalSection
0x14014b350 EnterCriticalSection
0x14014b358 LocalFree
0x14014b360 FormatMessageA
0x14014b368 QueryFullProcessImageNameW
0x14014b370 GetModuleFileNameA
0x14014b378 CreateFileMappingW
0x14014b380 CreateThread
0x14014b388 DeleteCriticalSection
0x14014b390 InitializeCriticalSectionEx
0x14014b398 HeapSize
0x14014b3a0 GetFileSizeEx
0x14014b3a8 ReadFile
0x14014b3b0 OpenProcess
0x14014b3b8 TerminateProcess
0x14014b3c0 VirtualAlloc
0x14014b3c8 GetCurrentProcess
0x14014b3d0 VirtualFree
0x14014b3d8 VirtualProtect
0x14014b3e0 QueryPerformanceCounter
0x14014b3e8 FreeLibrary
0x14014b3f0 VerSetConditionMask
0x14014b3f8 GetProcAddress
0x14014b400 QueryPerformanceFrequency
0x14014b408 LoadLibraryA
0x14014b410 GetModuleHandleA
0x14014b418 GlobalUnlock
0x14014b420 WideCharToMultiByte
0x14014b428 GlobalLock
0x14014b430 GlobalFree
0x14014b438 HeapAlloc
0x14014b440 HeapReAlloc
0x14014b448 HeapFree
0x14014b450 GetProcessHeap
0x14014b458 MapViewOfFile
0x14014b460 UnmapViewOfFile
0x14014b468 CreateFileMappingA
0x14014b470 CreateFileW
0x14014b478 GlobalAlloc
0x14014b480 MultiByteToWideChar
0x14014b488 HeapDestroy
USER32.dll
0x14014b700 GetClipboardData
0x14014b708 EmptyClipboard
0x14014b710 CloseClipboard
0x14014b718 OpenClipboard
0x14014b720 GetCursorPos
0x14014b728 SetCursorPos
0x14014b730 ReleaseCapture
0x14014b738 IsWindowUnicode
0x14014b740 GetClientRect
0x14014b748 SetCursor
0x14014b750 SetCapture
0x14014b758 LoadCursorW
0x14014b760 GetForegroundWindow
0x14014b768 TrackMouseEvent
0x14014b770 ClientToScreen
0x14014b778 GetCapture
0x14014b780 ScreenToClient
0x14014b788 GetKeyState
0x14014b790 FindWindowA
0x14014b798 GetWindowThreadProcessId
0x14014b7a0 FindWindowW
0x14014b7a8 UpdateWindow
0x14014b7b0 PostQuitMessage
0x14014b7b8 LoadIconW
0x14014b7c0 TranslateMessage
0x14014b7c8 MoveWindow
0x14014b7d0 MessageBoxA
0x14014b7d8 SetWindowDisplayAffinity
0x14014b7e0 PeekMessageW
0x14014b7e8 CreateWindowExW
0x14014b7f0 DispatchMessageW
0x14014b7f8 GetAsyncKeyState
0x14014b800 ShowWindow
0x14014b808 DefWindowProcW
0x14014b810 GetWindowRect
0x14014b818 DestroyWindow
0x14014b820 MessageBoxW
0x14014b828 RegisterClassExW
0x14014b830 GetSystemMetrics
0x14014b838 UnregisterClassW
0x14014b840 SetClipboardData
COMDLG32.dll
0x14014b0c8 GetOpenFileNameW
ADVAPI32.dll
0x14014b000 CryptGetHashParam
0x14014b008 AddAccessAllowedAce
0x14014b010 GetLengthSid
0x14014b018 GetTokenInformation
0x14014b020 InitializeAcl
0x14014b028 IsValidSid
0x14014b030 SetSecurityInfo
0x14014b038 CopySid
0x14014b040 ConvertSidToStringSidA
0x14014b048 CryptAcquireContextA
0x14014b050 CryptReleaseContext
0x14014b058 CryptGenRandom
0x14014b060 CryptCreateHash
0x14014b068 CryptHashData
0x14014b070 CryptDestroyHash
0x14014b078 CryptDestroyKey
0x14014b080 CryptImportKey
0x14014b088 CryptEncrypt
0x14014b090 RegOpenKeyExA
0x14014b098 RegQueryValueExA
0x14014b0a0 RegCloseKey
0x14014b0a8 RegDeleteValueA
0x14014b0b0 RegEnumValueA
0x14014b0b8 OpenProcessToken
SHELL32.dll
0x14014b6e8 ShellExecuteW
0x14014b6f0 ShellExecuteA
MSVCP140.dll
0x14014b498 ?good@ios_base@std@@QEBA_NXZ
0x14014b4a0 ??Bios_base@std@@QEBA_NXZ
0x14014b4a8 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x14014b4b0 ??Bid@locale@std@@QEAA_KXZ
0x14014b4b8 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x14014b4c0 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x14014b4c8 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b4d0 ?_Xbad_function_call@std@@YAXXZ
0x14014b4d8 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x14014b4e0 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14014b4e8 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14014b4f0 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14014b4f8 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14014b500 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14014b508 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14014b510 ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
0x14014b518 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b520 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x14014b528 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x14014b530 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x14014b538 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b540 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b548 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14014b550 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14014b558 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14014b560 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b568 ?_Xlength_error@std@@YAXPEBD@Z
0x14014b570 ?_Throw_Cpp_error@std@@YAXH@Z
0x14014b578 _Cnd_do_broadcast_at_thread_exit
0x14014b580 _Thrd_detach
0x14014b588 _Query_perf_frequency
0x14014b590 ??1_Lockit@std@@QEAA@XZ
0x14014b598 ??0_Lockit@std@@QEAA@H@Z
0x14014b5a0 ?uncaught_exceptions@std@@YAHXZ
0x14014b5a8 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14014b5b0 ?_Xinvalid_argument@std@@YAXPEBD@Z
0x14014b5b8 ?_Xout_of_range@std@@YAXPEBD@Z
0x14014b5c0 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x14014b5c8 ?_Winerror_map@std@@YAHH@Z
0x14014b5d0 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x14014b5d8 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x14014b5e0 ?_Syserror_map@std@@YAPEBDH@Z
0x14014b5e8 _Mtx_lock
0x14014b5f0 _Thrd_id
0x14014b5f8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x14014b600 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14014b608 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x14014b610 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14014b618 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14014b620 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14014b628 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14014b630 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x14014b638 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14014b640 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14014b648 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x14014b650 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x14014b658 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x14014b660 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x14014b668 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14014b670 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x14014b678 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x14014b680 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14014b688 _Mtx_unlock
0x14014b690 _Thrd_join
0x14014b698 _Query_perf_counter
IMM32.dll
0x14014b170 ImmSetCandidateWindow
0x14014b178 ImmSetCompositionWindow
0x14014b180 ImmReleaseContext
0x14014b188 ImmGetContext
dwmapi.dll
0x14014be60 DwmExtendFrameIntoClientArea
d3dx11_43.dll
0x14014be50 D3DX11CreateShaderResourceViewFromMemory
Normaliz.dll
0x14014b6a8 IdnToAscii
WLDAP32.dll
0x14014b900 None
0x14014b908 None
0x14014b910 None
0x14014b918 None
0x14014b920 None
0x14014b928 None
0x14014b930 None
0x14014b938 None
0x14014b940 None
0x14014b948 None
0x14014b950 None
0x14014b958 None
0x14014b960 None
0x14014b968 None
0x14014b970 None
0x14014b978 None
0x14014b980 None
0x14014b988 None
CRYPT32.dll
0x14014b0d8 CertEnumCertificatesInStore
0x14014b0e0 CertFindCertificateInStore
0x14014b0e8 CertFreeCertificateContext
0x14014b0f0 CryptStringToBinaryA
0x14014b0f8 CertOpenStore
0x14014b100 CryptDecodeObjectEx
0x14014b108 CertAddCertificateContextToStore
0x14014b110 CertFreeCertificateChain
0x14014b118 CertGetCertificateChain
0x14014b120 CertFreeCertificateChainEngine
0x14014b128 CertCloseStore
0x14014b130 PFXImportCertStore
0x14014b138 CertFindExtension
0x14014b140 CertGetNameStringA
0x14014b148 CryptQueryObject
0x14014b150 CertCreateCertificateChainEngine
WS2_32.dll
0x14014b998 accept
0x14014b9a0 closesocket
0x14014b9a8 recv
0x14014b9b0 send
0x14014b9b8 htonl
0x14014b9c0 listen
0x14014b9c8 ioctlsocket
0x14014b9d0 WSAStartup
0x14014b9d8 WSAGetLastError
0x14014b9e0 ind
0x14014b9e8 __WSAFDIsSet
0x14014b9f0 connect
0x14014b9f8 getpeername
0x14014ba00 select
0x14014ba08 getsockname
0x14014ba10 getsockopt
0x14014ba18 getaddrinfo
0x14014ba20 htons
0x14014ba28 ntohs
0x14014ba30 setsockopt
0x14014ba38 socket
0x14014ba40 WSASetLastError
0x14014ba48 WSAIoctl
0x14014ba50 freeaddrinfo
0x14014ba58 ntohl
0x14014ba60 gethostname
0x14014ba68 sendto
0x14014ba70 recvfrom
0x14014ba78 WSACleanup
RPCRT4.dll
0x14014b6c8 UuidCreate
0x14014b6d0 UuidToStringA
0x14014b6d8 RpcStringFreeA
PSAPI.DLL
0x14014b6b8 GetModuleInformation
USERENV.dll
0x14014b850 UnloadUserProfile
VCRUNTIME140_1.dll
0x14014b8f0 __CxxFrameHandler4
VCRUNTIME140.dll
0x14014b860 __std_exception_destroy
0x14014b868 __std_exception_copy
0x14014b870 __intrinsic_setjmp
0x14014b878 __current_exception_context
0x14014b880 __current_exception
0x14014b888 strchr
0x14014b890 _CxxThrowException
0x14014b898 memcmp
0x14014b8a0 memchr
0x14014b8a8 memset
0x14014b8b0 memmove
0x14014b8b8 memcpy
0x14014b8c0 longjmp
0x14014b8c8 strrchr
0x14014b8d0 __C_specific_handler
0x14014b8d8 strstr
0x14014b8e0 __std_terminate
api-ms-win-crt-stdio-l1-1-0.dll
0x14014bcb0 __stdio_common_vsprintf
0x14014bcb8 _set_fmode
0x14014bcc0 _lseeki64
0x14014bcc8 fread
0x14014bcd0 __stdio_common_vsscanf
0x14014bcd8 __p__commode
0x14014bce0 feof
0x14014bce8 fflush
0x14014bcf0 fputs
0x14014bcf8 fopen
0x14014bd00 _read
0x14014bd08 _write
0x14014bd10 _wfopen
0x14014bd18 _open
0x14014bd20 __stdio_common_vfprintf
0x14014bd28 ftell
0x14014bd30 _pclose
0x14014bd38 fgets
0x14014bd40 fseek
0x14014bd48 _get_stream_buffer_pointers
0x14014bd50 _fseeki64
0x14014bd58 fsetpos
0x14014bd60 ungetc
0x14014bd68 setvbuf
0x14014bd70 fgetpos
0x14014bd78 _close
0x14014bd80 fwrite
0x14014bd88 fgetc
0x14014bd90 __acrt_iob_func
0x14014bd98 fputc
0x14014bda0 _popen
0x14014bda8 fclose
api-ms-win-crt-utility-l1-1-0.dll
0x14014be28 rand
0x14014be30 qsort
api-ms-win-crt-string-l1-1-0.dll
0x14014bdb8 strcmp
0x14014bdc0 _strdup
0x14014bdc8 strncmp
0x14014bdd0 strncpy
0x14014bdd8 tolower
0x14014bde0 strpbrk
0x14014bde8 isupper
0x14014bdf0 strcspn
0x14014bdf8 strspn
0x14014be00 _wcsicmp
api-ms-win-crt-heap-l1-1-0.dll
0x14014bb08 calloc
0x14014bb10 _callnewh
0x14014bb18 malloc
0x14014bb20 free
0x14014bb28 realloc
0x14014bb30 _set_new_mode
api-ms-win-crt-runtime-l1-1-0.dll
0x14014bbd0 terminate
0x14014bbd8 _errno
0x14014bbe0 _beginthreadex
0x14014bbe8 abort
0x14014bbf0 strerror
0x14014bbf8 __sys_nerr
0x14014bc00 _invalid_parameter_noinfo
0x14014bc08 _resetstkoflw
0x14014bc10 exit
0x14014bc18 _invalid_parameter_noinfo_noreturn
0x14014bc20 _wassert
0x14014bc28 _register_thread_local_exe_atexit_callback
0x14014bc30 _c_exit
0x14014bc38 _getpid
0x14014bc40 _exit
0x14014bc48 _initterm_e
0x14014bc50 _initterm
0x14014bc58 _get_narrow_winmain_command_line
0x14014bc60 _set_app_type
0x14014bc68 _seh_filter_exe
0x14014bc70 _cexit
0x14014bc78 _crt_atexit
0x14014bc80 _register_onexit_function
0x14014bc88 _initialize_onexit_table
0x14014bc90 _initialize_narrow_environment
0x14014bc98 _configure_narrow_argv
0x14014bca0 system
api-ms-win-crt-convert-l1-1-0.dll
0x14014ba88 atoi
0x14014ba90 strtol
0x14014ba98 atof
0x14014baa0 strtoll
0x14014baa8 strtoull
0x14014bab0 strtoul
0x14014bab8 strtod
0x14014bac0 strtof
api-ms-win-crt-filesystem-l1-1-0.dll
0x14014bad0 _stat64
0x14014bad8 _lock_file
0x14014bae0 _unlock_file
0x14014bae8 _fstat64
0x14014baf0 _access
0x14014baf8 _unlink
api-ms-win-crt-locale-l1-1-0.dll
0x14014bb40 _configthreadlocale
0x14014bb48 localeconv
0x14014bb50 ___lc_codepage_func
api-ms-win-crt-math-l1-1-0.dll
0x14014bb60 acosf
0x14014bb68 _hypotf
0x14014bb70 _dclass
0x14014bb78 __setusermatherr
0x14014bb80 ceilf
0x14014bb88 cos
0x14014bb90 cosf
0x14014bb98 fmodf
0x14014bba0 powf
0x14014bba8 roundf
0x14014bbb0 sin
0x14014bbb8 sinf
0x14014bbc0 sqrtf
api-ms-win-crt-time-l1-1-0.dll
0x14014be10 _time64
0x14014be18 _gmtime64
EAT(Export Address Table) is none
d3d11.dll
0x14014be40 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x14014b160 D3DCompile
KERNEL32.dll
0x14014b198 IsProcessorFeaturePresent
0x14014b1a0 GetStartupInfoW
0x14014b1a8 GetCurrentProcessId
0x14014b1b0 GetCurrentThreadId
0x14014b1b8 GetSystemTimeAsFileTime
0x14014b1c0 InitializeSListHead
0x14014b1c8 UnhandledExceptionFilter
0x14014b1d0 RtlVirtualUnwind
0x14014b1d8 RtlLookupFunctionEntry
0x14014b1e0 RtlCaptureContext
0x14014b1e8 AreFileApisANSI
0x14014b1f0 SleepConditionVariableSRW
0x14014b1f8 GetFileAttributesExW
0x14014b200 WakeAllConditionVariable
0x14014b208 AcquireSRWLockExclusive
0x14014b210 ReleaseSRWLockExclusive
0x14014b218 GetFileInformationByHandleEx
0x14014b220 GetLastError
0x14014b228 SetLastError
0x14014b230 VirtualQueryEx
0x14014b238 Module32NextW
0x14014b240 Module32FirstW
0x14014b248 ReadProcessMemory
0x14014b250 WriteProcessMemory
0x14014b258 GetTickCount
0x14014b260 CloseHandle
0x14014b268 Process32FirstW
0x14014b270 OutputDebugStringW
0x14014b278 Process32NextW
0x14014b280 CreateToolhelp32Snapshot
0x14014b288 SetUnhandledExceptionFilter
0x14014b290 CheckRemoteDebuggerPresent
0x14014b298 IsDebuggerPresent
0x14014b2a0 GetModuleHandleW
0x14014b2a8 GetThreadContext
0x14014b2b0 LoadLibraryW
0x14014b2b8 GetSystemInfo
0x14014b2c0 GetCurrentThread
0x14014b2c8 CreateFileA
0x14014b2d0 Sleep
0x14014b2d8 FindFirstFileW
0x14014b2e0 FindClose
0x14014b2e8 CreateDirectoryW
0x14014b2f0 GetLocaleInfoEx
0x14014b2f8 WaitForMultipleObjects
0x14014b300 PeekNamedPipe
0x14014b308 GetFileType
0x14014b310 GetStdHandle
0x14014b318 GetEnvironmentVariableA
0x14014b320 WaitForSingleObjectEx
0x14014b328 MoveFileExA
0x14014b330 VerifyVersionInfoA
0x14014b338 GetSystemDirectoryA
0x14014b340 SleepEx
0x14014b348 LeaveCriticalSection
0x14014b350 EnterCriticalSection
0x14014b358 LocalFree
0x14014b360 FormatMessageA
0x14014b368 QueryFullProcessImageNameW
0x14014b370 GetModuleFileNameA
0x14014b378 CreateFileMappingW
0x14014b380 CreateThread
0x14014b388 DeleteCriticalSection
0x14014b390 InitializeCriticalSectionEx
0x14014b398 HeapSize
0x14014b3a0 GetFileSizeEx
0x14014b3a8 ReadFile
0x14014b3b0 OpenProcess
0x14014b3b8 TerminateProcess
0x14014b3c0 VirtualAlloc
0x14014b3c8 GetCurrentProcess
0x14014b3d0 VirtualFree
0x14014b3d8 VirtualProtect
0x14014b3e0 QueryPerformanceCounter
0x14014b3e8 FreeLibrary
0x14014b3f0 VerSetConditionMask
0x14014b3f8 GetProcAddress
0x14014b400 QueryPerformanceFrequency
0x14014b408 LoadLibraryA
0x14014b410 GetModuleHandleA
0x14014b418 GlobalUnlock
0x14014b420 WideCharToMultiByte
0x14014b428 GlobalLock
0x14014b430 GlobalFree
0x14014b438 HeapAlloc
0x14014b440 HeapReAlloc
0x14014b448 HeapFree
0x14014b450 GetProcessHeap
0x14014b458 MapViewOfFile
0x14014b460 UnmapViewOfFile
0x14014b468 CreateFileMappingA
0x14014b470 CreateFileW
0x14014b478 GlobalAlloc
0x14014b480 MultiByteToWideChar
0x14014b488 HeapDestroy
USER32.dll
0x14014b700 GetClipboardData
0x14014b708 EmptyClipboard
0x14014b710 CloseClipboard
0x14014b718 OpenClipboard
0x14014b720 GetCursorPos
0x14014b728 SetCursorPos
0x14014b730 ReleaseCapture
0x14014b738 IsWindowUnicode
0x14014b740 GetClientRect
0x14014b748 SetCursor
0x14014b750 SetCapture
0x14014b758 LoadCursorW
0x14014b760 GetForegroundWindow
0x14014b768 TrackMouseEvent
0x14014b770 ClientToScreen
0x14014b778 GetCapture
0x14014b780 ScreenToClient
0x14014b788 GetKeyState
0x14014b790 FindWindowA
0x14014b798 GetWindowThreadProcessId
0x14014b7a0 FindWindowW
0x14014b7a8 UpdateWindow
0x14014b7b0 PostQuitMessage
0x14014b7b8 LoadIconW
0x14014b7c0 TranslateMessage
0x14014b7c8 MoveWindow
0x14014b7d0 MessageBoxA
0x14014b7d8 SetWindowDisplayAffinity
0x14014b7e0 PeekMessageW
0x14014b7e8 CreateWindowExW
0x14014b7f0 DispatchMessageW
0x14014b7f8 GetAsyncKeyState
0x14014b800 ShowWindow
0x14014b808 DefWindowProcW
0x14014b810 GetWindowRect
0x14014b818 DestroyWindow
0x14014b820 MessageBoxW
0x14014b828 RegisterClassExW
0x14014b830 GetSystemMetrics
0x14014b838 UnregisterClassW
0x14014b840 SetClipboardData
COMDLG32.dll
0x14014b0c8 GetOpenFileNameW
ADVAPI32.dll
0x14014b000 CryptGetHashParam
0x14014b008 AddAccessAllowedAce
0x14014b010 GetLengthSid
0x14014b018 GetTokenInformation
0x14014b020 InitializeAcl
0x14014b028 IsValidSid
0x14014b030 SetSecurityInfo
0x14014b038 CopySid
0x14014b040 ConvertSidToStringSidA
0x14014b048 CryptAcquireContextA
0x14014b050 CryptReleaseContext
0x14014b058 CryptGenRandom
0x14014b060 CryptCreateHash
0x14014b068 CryptHashData
0x14014b070 CryptDestroyHash
0x14014b078 CryptDestroyKey
0x14014b080 CryptImportKey
0x14014b088 CryptEncrypt
0x14014b090 RegOpenKeyExA
0x14014b098 RegQueryValueExA
0x14014b0a0 RegCloseKey
0x14014b0a8 RegDeleteValueA
0x14014b0b0 RegEnumValueA
0x14014b0b8 OpenProcessToken
SHELL32.dll
0x14014b6e8 ShellExecuteW
0x14014b6f0 ShellExecuteA
MSVCP140.dll
0x14014b498 ?good@ios_base@std@@QEBA_NXZ
0x14014b4a0 ??Bios_base@std@@QEBA_NXZ
0x14014b4a8 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x14014b4b0 ??Bid@locale@std@@QEAA_KXZ
0x14014b4b8 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x14014b4c0 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x14014b4c8 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b4d0 ?_Xbad_function_call@std@@YAXXZ
0x14014b4d8 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x14014b4e0 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14014b4e8 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14014b4f0 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14014b4f8 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14014b500 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14014b508 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14014b510 ?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
0x14014b518 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b520 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x14014b528 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x14014b530 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x14014b538 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b540 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b548 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14014b550 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14014b558 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14014b560 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14014b568 ?_Xlength_error@std@@YAXPEBD@Z
0x14014b570 ?_Throw_Cpp_error@std@@YAXH@Z
0x14014b578 _Cnd_do_broadcast_at_thread_exit
0x14014b580 _Thrd_detach
0x14014b588 _Query_perf_frequency
0x14014b590 ??1_Lockit@std@@QEAA@XZ
0x14014b598 ??0_Lockit@std@@QEAA@H@Z
0x14014b5a0 ?uncaught_exceptions@std@@YAHXZ
0x14014b5a8 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14014b5b0 ?_Xinvalid_argument@std@@YAXPEBD@Z
0x14014b5b8 ?_Xout_of_range@std@@YAXPEBD@Z
0x14014b5c0 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x14014b5c8 ?_Winerror_map@std@@YAHH@Z
0x14014b5d0 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x14014b5d8 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x14014b5e0 ?_Syserror_map@std@@YAPEBDH@Z
0x14014b5e8 _Mtx_lock
0x14014b5f0 _Thrd_id
0x14014b5f8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x14014b600 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14014b608 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x14014b610 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14014b618 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14014b620 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14014b628 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14014b630 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x14014b638 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14014b640 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14014b648 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x14014b650 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x14014b658 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x14014b660 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x14014b668 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14014b670 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x14014b678 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x14014b680 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14014b688 _Mtx_unlock
0x14014b690 _Thrd_join
0x14014b698 _Query_perf_counter
IMM32.dll
0x14014b170 ImmSetCandidateWindow
0x14014b178 ImmSetCompositionWindow
0x14014b180 ImmReleaseContext
0x14014b188 ImmGetContext
dwmapi.dll
0x14014be60 DwmExtendFrameIntoClientArea
d3dx11_43.dll
0x14014be50 D3DX11CreateShaderResourceViewFromMemory
Normaliz.dll
0x14014b6a8 IdnToAscii
WLDAP32.dll
0x14014b900 None
0x14014b908 None
0x14014b910 None
0x14014b918 None
0x14014b920 None
0x14014b928 None
0x14014b930 None
0x14014b938 None
0x14014b940 None
0x14014b948 None
0x14014b950 None
0x14014b958 None
0x14014b960 None
0x14014b968 None
0x14014b970 None
0x14014b978 None
0x14014b980 None
0x14014b988 None
CRYPT32.dll
0x14014b0d8 CertEnumCertificatesInStore
0x14014b0e0 CertFindCertificateInStore
0x14014b0e8 CertFreeCertificateContext
0x14014b0f0 CryptStringToBinaryA
0x14014b0f8 CertOpenStore
0x14014b100 CryptDecodeObjectEx
0x14014b108 CertAddCertificateContextToStore
0x14014b110 CertFreeCertificateChain
0x14014b118 CertGetCertificateChain
0x14014b120 CertFreeCertificateChainEngine
0x14014b128 CertCloseStore
0x14014b130 PFXImportCertStore
0x14014b138 CertFindExtension
0x14014b140 CertGetNameStringA
0x14014b148 CryptQueryObject
0x14014b150 CertCreateCertificateChainEngine
WS2_32.dll
0x14014b998 accept
0x14014b9a0 closesocket
0x14014b9a8 recv
0x14014b9b0 send
0x14014b9b8 htonl
0x14014b9c0 listen
0x14014b9c8 ioctlsocket
0x14014b9d0 WSAStartup
0x14014b9d8 WSAGetLastError
0x14014b9e0 ind
0x14014b9e8 __WSAFDIsSet
0x14014b9f0 connect
0x14014b9f8 getpeername
0x14014ba00 select
0x14014ba08 getsockname
0x14014ba10 getsockopt
0x14014ba18 getaddrinfo
0x14014ba20 htons
0x14014ba28 ntohs
0x14014ba30 setsockopt
0x14014ba38 socket
0x14014ba40 WSASetLastError
0x14014ba48 WSAIoctl
0x14014ba50 freeaddrinfo
0x14014ba58 ntohl
0x14014ba60 gethostname
0x14014ba68 sendto
0x14014ba70 recvfrom
0x14014ba78 WSACleanup
RPCRT4.dll
0x14014b6c8 UuidCreate
0x14014b6d0 UuidToStringA
0x14014b6d8 RpcStringFreeA
PSAPI.DLL
0x14014b6b8 GetModuleInformation
USERENV.dll
0x14014b850 UnloadUserProfile
VCRUNTIME140_1.dll
0x14014b8f0 __CxxFrameHandler4
VCRUNTIME140.dll
0x14014b860 __std_exception_destroy
0x14014b868 __std_exception_copy
0x14014b870 __intrinsic_setjmp
0x14014b878 __current_exception_context
0x14014b880 __current_exception
0x14014b888 strchr
0x14014b890 _CxxThrowException
0x14014b898 memcmp
0x14014b8a0 memchr
0x14014b8a8 memset
0x14014b8b0 memmove
0x14014b8b8 memcpy
0x14014b8c0 longjmp
0x14014b8c8 strrchr
0x14014b8d0 __C_specific_handler
0x14014b8d8 strstr
0x14014b8e0 __std_terminate
api-ms-win-crt-stdio-l1-1-0.dll
0x14014bcb0 __stdio_common_vsprintf
0x14014bcb8 _set_fmode
0x14014bcc0 _lseeki64
0x14014bcc8 fread
0x14014bcd0 __stdio_common_vsscanf
0x14014bcd8 __p__commode
0x14014bce0 feof
0x14014bce8 fflush
0x14014bcf0 fputs
0x14014bcf8 fopen
0x14014bd00 _read
0x14014bd08 _write
0x14014bd10 _wfopen
0x14014bd18 _open
0x14014bd20 __stdio_common_vfprintf
0x14014bd28 ftell
0x14014bd30 _pclose
0x14014bd38 fgets
0x14014bd40 fseek
0x14014bd48 _get_stream_buffer_pointers
0x14014bd50 _fseeki64
0x14014bd58 fsetpos
0x14014bd60 ungetc
0x14014bd68 setvbuf
0x14014bd70 fgetpos
0x14014bd78 _close
0x14014bd80 fwrite
0x14014bd88 fgetc
0x14014bd90 __acrt_iob_func
0x14014bd98 fputc
0x14014bda0 _popen
0x14014bda8 fclose
api-ms-win-crt-utility-l1-1-0.dll
0x14014be28 rand
0x14014be30 qsort
api-ms-win-crt-string-l1-1-0.dll
0x14014bdb8 strcmp
0x14014bdc0 _strdup
0x14014bdc8 strncmp
0x14014bdd0 strncpy
0x14014bdd8 tolower
0x14014bde0 strpbrk
0x14014bde8 isupper
0x14014bdf0 strcspn
0x14014bdf8 strspn
0x14014be00 _wcsicmp
api-ms-win-crt-heap-l1-1-0.dll
0x14014bb08 calloc
0x14014bb10 _callnewh
0x14014bb18 malloc
0x14014bb20 free
0x14014bb28 realloc
0x14014bb30 _set_new_mode
api-ms-win-crt-runtime-l1-1-0.dll
0x14014bbd0 terminate
0x14014bbd8 _errno
0x14014bbe0 _beginthreadex
0x14014bbe8 abort
0x14014bbf0 strerror
0x14014bbf8 __sys_nerr
0x14014bc00 _invalid_parameter_noinfo
0x14014bc08 _resetstkoflw
0x14014bc10 exit
0x14014bc18 _invalid_parameter_noinfo_noreturn
0x14014bc20 _wassert
0x14014bc28 _register_thread_local_exe_atexit_callback
0x14014bc30 _c_exit
0x14014bc38 _getpid
0x14014bc40 _exit
0x14014bc48 _initterm_e
0x14014bc50 _initterm
0x14014bc58 _get_narrow_winmain_command_line
0x14014bc60 _set_app_type
0x14014bc68 _seh_filter_exe
0x14014bc70 _cexit
0x14014bc78 _crt_atexit
0x14014bc80 _register_onexit_function
0x14014bc88 _initialize_onexit_table
0x14014bc90 _initialize_narrow_environment
0x14014bc98 _configure_narrow_argv
0x14014bca0 system
api-ms-win-crt-convert-l1-1-0.dll
0x14014ba88 atoi
0x14014ba90 strtol
0x14014ba98 atof
0x14014baa0 strtoll
0x14014baa8 strtoull
0x14014bab0 strtoul
0x14014bab8 strtod
0x14014bac0 strtof
api-ms-win-crt-filesystem-l1-1-0.dll
0x14014bad0 _stat64
0x14014bad8 _lock_file
0x14014bae0 _unlock_file
0x14014bae8 _fstat64
0x14014baf0 _access
0x14014baf8 _unlink
api-ms-win-crt-locale-l1-1-0.dll
0x14014bb40 _configthreadlocale
0x14014bb48 localeconv
0x14014bb50 ___lc_codepage_func
api-ms-win-crt-math-l1-1-0.dll
0x14014bb60 acosf
0x14014bb68 _hypotf
0x14014bb70 _dclass
0x14014bb78 __setusermatherr
0x14014bb80 ceilf
0x14014bb88 cos
0x14014bb90 cosf
0x14014bb98 fmodf
0x14014bba0 powf
0x14014bba8 roundf
0x14014bbb0 sin
0x14014bbb8 sinf
0x14014bbc0 sqrtf
api-ms-win-crt-time-l1-1-0.dll
0x14014be10 _time64
0x14014be18 _gmtime64
EAT(Export Address Table) is none