ScreenShot
| Created | 2024.10.16 14:28 | Machine | s1_win7_x6403 |
| Filename | Rage.dll | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 45 detected (AIDetectMalware, GameHack, Malicious, score, GenericRXGV, Unsafe, grayware, confidence, 100%, Windows, CobaltStrike, EXP potentially unsafe, MalwareX, CLOUD, Static AI, Malicious PE, frnkr, Detected, Wacatac, Eldorado, Graftor, GenAsa, crO9NMR2kHc, susgen) | ||
| md5 | 862fd491faeed9ed0196e544cc3483c5 | ||
| sha256 | 59aa365d7d31cc7c07dea891946004bc644eda2dd4b65a79aeb59b7b3d1020fc | ||
| ssdeep | 24576:0y7zZ64mRshhS+Dy2CLVuSbnYXSDFs91EuodXl+gP:0y/ZU+DQsYnYyBl+Q | ||
| imphash | bd06d04aee8d32c2da425af120dd6c7a | ||
| impfuzzy | 96:6PQ8vgLZp8fmuPNmULN8/g3cgBx398iOomxq7zU4tzUurvJeGkyOo8s84sENsUp9:6UwJeGsfGONyhWCBVkjsJ1 | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 45 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1006a000 CreateDirectoryA
0x1006a004 GetVolumeInformationA
0x1006a008 Sleep
0x1006a00c GetCurrentProcess
0x1006a010 CreateThread
0x1006a014 VirtualProtect
0x1006a018 DisableThreadLibraryCalls
0x1006a01c FreeLibraryAndExitThread
0x1006a020 GetModuleHandleA
0x1006a024 GetProcAddress
0x1006a028 GetTickCount64
0x1006a02c MultiByteToWideChar
0x1006a030 GetTickCount
0x1006a034 K32GetModuleInformation
0x1006a038 GetStdHandle
0x1006a03c IsBadCodePtr
0x1006a040 SetConsoleTextAttribute
0x1006a044 GetSystemTimeAsFileTime
0x1006a048 GetCurrentThreadId
0x1006a04c GetCurrentProcessId
0x1006a050 QueryPerformanceCounter
0x1006a054 IsDebuggerPresent
0x1006a058 IsProcessorFeaturePresent
0x1006a05c TerminateProcess
0x1006a060 SetUnhandledExceptionFilter
0x1006a064 UnhandledExceptionFilter
0x1006a068 GetModuleHandleW
0x1006a06c CreateEventW
0x1006a070 WaitForSingleObjectEx
0x1006a074 ResetEvent
0x1006a078 SetEvent
0x1006a07c DeleteCriticalSection
0x1006a080 InitializeCriticalSectionAndSpinCount
0x1006a084 LeaveCriticalSection
0x1006a088 EnterCriticalSection
0x1006a08c CloseHandle
0x1006a090 InitializeSListHead
USER32.dll
0x1006a1e4 FlashWindowEx
0x1006a1e8 MessageBoxA
0x1006a1ec GetCursorPos
0x1006a1f0 FindWindowA
0x1006a1f4 GetAsyncKeyState
MSVCP140.dll
0x1006a098 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a09c ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
0x1006a0a0 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0a4 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0a8 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0ac ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0b0 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
0x1006a0b4 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
0x1006a0b8 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0bc ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
0x1006a0c0 ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
0x1006a0c4 ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
0x1006a0c8 ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
0x1006a0cc ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
0x1006a0d0 ?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
0x1006a0d4 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
0x1006a0d8 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
0x1006a0dc ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
0x1006a0e0 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
0x1006a0e4 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a0e8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
0x1006a0ec ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
0x1006a0f0 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1006a0f4 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a0f8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1006a0fc ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a100 ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
0x1006a104 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
0x1006a108 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1006a10c ?_Xbad_alloc@std@@YAXXZ
0x1006a110 ?uncaught_exception@std@@YA_NXZ
0x1006a114 ?flags@ios_base@std@@QBEHXZ
0x1006a118 ?width@ios_base@std@@QBE_JXZ
0x1006a11c ?width@ios_base@std@@QAE_J_J@Z
0x1006a120 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
0x1006a124 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
0x1006a128 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
0x1006a12c ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
0x1006a130 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
0x1006a134 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x1006a138 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
0x1006a13c ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
0x1006a140 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
0x1006a144 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
0x1006a148 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x1006a14c ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a150 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
0x1006a154 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
0x1006a158 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
0x1006a15c ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
0x1006a160 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
0x1006a164 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
0x1006a168 ?is@?$ctype@D@std@@QBE_NFD@Z
0x1006a16c ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
0x1006a170 ?eof@ios_base@std@@QBE_NXZ
0x1006a174 ?fail@ios_base@std@@QBE_NXZ
0x1006a178 ?getloc@ios_base@std@@QBE?AVlocale@2@XZ
0x1006a17c ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
0x1006a180 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
0x1006a184 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
0x1006a188 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
0x1006a18c ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
0x1006a190 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
0x1006a194 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
0x1006a198 ?id@?$ctype@D@std@@2V0locale@2@A
0x1006a19c _Query_perf_counter
0x1006a1a0 _Query_perf_frequency
0x1006a1a4 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
0x1006a1a8 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1006a1ac ?good@ios_base@std@@QBE_NXZ
0x1006a1b0 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
0x1006a1b4 ?_Xlength_error@std@@YAXPBD@Z
0x1006a1b8 ?_Xout_of_range@std@@YAXPBD@Z
0x1006a1bc ??0_Lockit@std@@QAE@H@Z
0x1006a1c0 ??1_Lockit@std@@QAE@XZ
0x1006a1c4 ??Bid@locale@std@@QAEIXZ
0x1006a1c8 ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
0x1006a1cc ?always_noconv@codecvt_base@std@@QBE_NXZ
0x1006a1d0 ?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
0x1006a1d4 ?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
0x1006a1d8 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
0x1006a1dc ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
WINMM.dll
0x1006a238 PlaySoundA
VCRUNTIME140.dll
0x1006a1fc _CxxThrowException
0x1006a200 strstr
0x1006a204 __std_exception_copy
0x1006a208 memmove
0x1006a20c memcpy
0x1006a210 __std_exception_destroy
0x1006a214 __CxxFrameHandler3
0x1006a218 memcmp
0x1006a21c memset
0x1006a220 __std_type_info_destroy_list
0x1006a224 _except_handler4_common
0x1006a228 strchr
0x1006a22c _purecall
0x1006a230 memchr
api-ms-win-crt-runtime-l1-1-0.dll
0x1006a2a8 _invalid_parameter_noinfo_noreturn
0x1006a2ac _initterm_e
0x1006a2b0 _initterm
0x1006a2b4 _cexit
0x1006a2b8 _crt_atexit
0x1006a2bc terminate
0x1006a2c0 _execute_onexit_table
0x1006a2c4 _register_onexit_function
0x1006a2c8 _seh_filter_dll
0x1006a2cc _configure_narrow_argv
0x1006a2d0 _initialize_narrow_environment
0x1006a2d4 _initialize_onexit_table
api-ms-win-crt-math-l1-1-0.dll
0x1006a274 _libm_sse2_pow_precise
0x1006a278 _libm_sse2_sqrt_precise
0x1006a27c _CIatan2
0x1006a280 _CIfmod
0x1006a284 ceil
0x1006a288 _libm_sse2_exp_precise
0x1006a28c _libm_sse2_atan_precise
0x1006a290 _libm_sse2_sin_precise
0x1006a294 _except1
0x1006a298 _libm_sse2_cos_precise
0x1006a29c fmaxf
0x1006a2a0 _libm_sse2_acos_precise
api-ms-win-crt-heap-l1-1-0.dll
0x1006a260 calloc
0x1006a264 malloc
0x1006a268 free
0x1006a26c _callnewh
api-ms-win-crt-stdio-l1-1-0.dll
0x1006a2dc __stdio_common_vsprintf_s
0x1006a2e0 ferror
0x1006a2e4 fopen_s
0x1006a2e8 _get_stream_buffer_pointers
0x1006a2ec __acrt_iob_func
0x1006a2f0 fseek
0x1006a2f4 ftell
0x1006a2f8 fclose
0x1006a2fc __stdio_common_vfprintf
0x1006a300 fflush
0x1006a304 fgetc
0x1006a308 fgetpos
0x1006a30c fputc
0x1006a310 fread
0x1006a314 fsetpos
0x1006a318 __stdio_common_vsnprintf_s
0x1006a31c __stdio_common_vsprintf
0x1006a320 _fseeki64
0x1006a324 ungetc
0x1006a328 setvbuf
0x1006a32c fwrite
api-ms-win-crt-filesystem-l1-1-0.dll
0x1006a250 _lock_file
0x1006a254 _unlock_file
0x1006a258 remove
api-ms-win-crt-convert-l1-1-0.dll
0x1006a240 atoi
0x1006a244 mbstowcs_s
0x1006a248 atof
api-ms-win-crt-utility-l1-1-0.dll
0x1006a358 rand
api-ms-win-crt-time-l1-1-0.dll
0x1006a348 _time64
0x1006a34c strftime
0x1006a350 _localtime64
api-ms-win-crt-string-l1-1-0.dll
0x1006a334 isdigit
0x1006a338 strncmp
0x1006a33c isalpha
0x1006a340 isspace
EAT(Export Address Table) Library
0x10032ca0 ?ReflectiveLoader@@YGKXZ
KERNEL32.dll
0x1006a000 CreateDirectoryA
0x1006a004 GetVolumeInformationA
0x1006a008 Sleep
0x1006a00c GetCurrentProcess
0x1006a010 CreateThread
0x1006a014 VirtualProtect
0x1006a018 DisableThreadLibraryCalls
0x1006a01c FreeLibraryAndExitThread
0x1006a020 GetModuleHandleA
0x1006a024 GetProcAddress
0x1006a028 GetTickCount64
0x1006a02c MultiByteToWideChar
0x1006a030 GetTickCount
0x1006a034 K32GetModuleInformation
0x1006a038 GetStdHandle
0x1006a03c IsBadCodePtr
0x1006a040 SetConsoleTextAttribute
0x1006a044 GetSystemTimeAsFileTime
0x1006a048 GetCurrentThreadId
0x1006a04c GetCurrentProcessId
0x1006a050 QueryPerformanceCounter
0x1006a054 IsDebuggerPresent
0x1006a058 IsProcessorFeaturePresent
0x1006a05c TerminateProcess
0x1006a060 SetUnhandledExceptionFilter
0x1006a064 UnhandledExceptionFilter
0x1006a068 GetModuleHandleW
0x1006a06c CreateEventW
0x1006a070 WaitForSingleObjectEx
0x1006a074 ResetEvent
0x1006a078 SetEvent
0x1006a07c DeleteCriticalSection
0x1006a080 InitializeCriticalSectionAndSpinCount
0x1006a084 LeaveCriticalSection
0x1006a088 EnterCriticalSection
0x1006a08c CloseHandle
0x1006a090 InitializeSListHead
USER32.dll
0x1006a1e4 FlashWindowEx
0x1006a1e8 MessageBoxA
0x1006a1ec GetCursorPos
0x1006a1f0 FindWindowA
0x1006a1f4 GetAsyncKeyState
MSVCP140.dll
0x1006a098 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a09c ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
0x1006a0a0 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0a4 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0a8 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0ac ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0b0 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
0x1006a0b4 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
0x1006a0b8 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
0x1006a0bc ?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
0x1006a0c0 ?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
0x1006a0c4 ?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
0x1006a0c8 ?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
0x1006a0cc ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
0x1006a0d0 ?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
0x1006a0d4 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
0x1006a0d8 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
0x1006a0dc ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
0x1006a0e0 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
0x1006a0e4 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a0e8 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
0x1006a0ec ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
0x1006a0f0 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1006a0f4 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a0f8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1006a0fc ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a100 ?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
0x1006a104 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
0x1006a108 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x1006a10c ?_Xbad_alloc@std@@YAXXZ
0x1006a110 ?uncaught_exception@std@@YA_NXZ
0x1006a114 ?flags@ios_base@std@@QBEHXZ
0x1006a118 ?width@ios_base@std@@QBE_JXZ
0x1006a11c ?width@ios_base@std@@QAE_J_J@Z
0x1006a120 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
0x1006a124 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
0x1006a128 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
0x1006a12c ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
0x1006a130 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
0x1006a134 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x1006a138 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
0x1006a13c ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
0x1006a140 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
0x1006a144 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
0x1006a148 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x1006a14c ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
0x1006a150 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
0x1006a154 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
0x1006a158 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
0x1006a15c ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
0x1006a160 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
0x1006a164 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
0x1006a168 ?is@?$ctype@D@std@@QBE_NFD@Z
0x1006a16c ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
0x1006a170 ?eof@ios_base@std@@QBE_NXZ
0x1006a174 ?fail@ios_base@std@@QBE_NXZ
0x1006a178 ?getloc@ios_base@std@@QBE?AVlocale@2@XZ
0x1006a17c ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
0x1006a180 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
0x1006a184 ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
0x1006a188 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
0x1006a18c ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
0x1006a190 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
0x1006a194 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
0x1006a198 ?id@?$ctype@D@std@@2V0locale@2@A
0x1006a19c _Query_perf_counter
0x1006a1a0 _Query_perf_frequency
0x1006a1a4 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
0x1006a1a8 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1006a1ac ?good@ios_base@std@@QBE_NXZ
0x1006a1b0 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
0x1006a1b4 ?_Xlength_error@std@@YAXPBD@Z
0x1006a1b8 ?_Xout_of_range@std@@YAXPBD@Z
0x1006a1bc ??0_Lockit@std@@QAE@H@Z
0x1006a1c0 ??1_Lockit@std@@QAE@XZ
0x1006a1c4 ??Bid@locale@std@@QAEIXZ
0x1006a1c8 ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
0x1006a1cc ?always_noconv@codecvt_base@std@@QBE_NXZ
0x1006a1d0 ?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
0x1006a1d4 ?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
0x1006a1d8 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
0x1006a1dc ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
WINMM.dll
0x1006a238 PlaySoundA
VCRUNTIME140.dll
0x1006a1fc _CxxThrowException
0x1006a200 strstr
0x1006a204 __std_exception_copy
0x1006a208 memmove
0x1006a20c memcpy
0x1006a210 __std_exception_destroy
0x1006a214 __CxxFrameHandler3
0x1006a218 memcmp
0x1006a21c memset
0x1006a220 __std_type_info_destroy_list
0x1006a224 _except_handler4_common
0x1006a228 strchr
0x1006a22c _purecall
0x1006a230 memchr
api-ms-win-crt-runtime-l1-1-0.dll
0x1006a2a8 _invalid_parameter_noinfo_noreturn
0x1006a2ac _initterm_e
0x1006a2b0 _initterm
0x1006a2b4 _cexit
0x1006a2b8 _crt_atexit
0x1006a2bc terminate
0x1006a2c0 _execute_onexit_table
0x1006a2c4 _register_onexit_function
0x1006a2c8 _seh_filter_dll
0x1006a2cc _configure_narrow_argv
0x1006a2d0 _initialize_narrow_environment
0x1006a2d4 _initialize_onexit_table
api-ms-win-crt-math-l1-1-0.dll
0x1006a274 _libm_sse2_pow_precise
0x1006a278 _libm_sse2_sqrt_precise
0x1006a27c _CIatan2
0x1006a280 _CIfmod
0x1006a284 ceil
0x1006a288 _libm_sse2_exp_precise
0x1006a28c _libm_sse2_atan_precise
0x1006a290 _libm_sse2_sin_precise
0x1006a294 _except1
0x1006a298 _libm_sse2_cos_precise
0x1006a29c fmaxf
0x1006a2a0 _libm_sse2_acos_precise
api-ms-win-crt-heap-l1-1-0.dll
0x1006a260 calloc
0x1006a264 malloc
0x1006a268 free
0x1006a26c _callnewh
api-ms-win-crt-stdio-l1-1-0.dll
0x1006a2dc __stdio_common_vsprintf_s
0x1006a2e0 ferror
0x1006a2e4 fopen_s
0x1006a2e8 _get_stream_buffer_pointers
0x1006a2ec __acrt_iob_func
0x1006a2f0 fseek
0x1006a2f4 ftell
0x1006a2f8 fclose
0x1006a2fc __stdio_common_vfprintf
0x1006a300 fflush
0x1006a304 fgetc
0x1006a308 fgetpos
0x1006a30c fputc
0x1006a310 fread
0x1006a314 fsetpos
0x1006a318 __stdio_common_vsnprintf_s
0x1006a31c __stdio_common_vsprintf
0x1006a320 _fseeki64
0x1006a324 ungetc
0x1006a328 setvbuf
0x1006a32c fwrite
api-ms-win-crt-filesystem-l1-1-0.dll
0x1006a250 _lock_file
0x1006a254 _unlock_file
0x1006a258 remove
api-ms-win-crt-convert-l1-1-0.dll
0x1006a240 atoi
0x1006a244 mbstowcs_s
0x1006a248 atof
api-ms-win-crt-utility-l1-1-0.dll
0x1006a358 rand
api-ms-win-crt-time-l1-1-0.dll
0x1006a348 _time64
0x1006a34c strftime
0x1006a350 _localtime64
api-ms-win-crt-string-l1-1-0.dll
0x1006a334 isdigit
0x1006a338 strncmp
0x1006a33c isalpha
0x1006a340 isspace
EAT(Export Address Table) Library
0x10032ca0 ?ReflectiveLoader@@YGKXZ