ScreenShot
| Created | 2024.11.13 14:06 | Machine | s1_win7_x6401 |
| Filename | sjkhjkh.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 51 detected (AIDetectMalware, AsyncRAT, Malicious, score, Lazy, Unsafe, confidence, Attribute, HighConfidence, high confidence, GameHack, FileRepMalware, Misc, CLOUD, AGEN, Tool, Static AI, Malicious PE, Detected, Eldorado, R674221, Artemis, GdSda, Gencirc, 0TrsHX5RUyk, susgen, GenKryptik, GHEK) | ||
| md5 | 6f8217a0df2ab1639bf575995f447b5b | ||
| sha256 | d111afd87e97a3931ae33a7c15fb0474aca2713570fc507901ed9c52382876e8 | ||
| ssdeep | 98304:L5OOz1L6mSttYOpDo4CyZwg562/K5a6e6c8hDkDe9ncT40Dfv9:L5lh0YooryEJg6cXs0Dfv9 | ||
| imphash | 5cd31aa4e8c92a60acefcecaf8e8a515 | ||
| impfuzzy | 192:T+raW2WTINxvFRlE6P32XUanJUNDYhdykw16:iaRPzV2RUliIkw4 | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 51 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
d3dx11_43.dll
0x140128e78 D3DX11CreateShaderResourceViewFromMemory
d3d11.dll
0x140128e68 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x140128170 D3DCompile
KERNEL32.dll
0x1401281a8 ReadFile
0x1401281b0 PeekNamedPipe
0x1401281b8 WaitForMultipleObjects
0x1401281c0 GetFileSizeEx
0x1401281c8 CreateFileMappingA
0x1401281d0 GetEnvironmentVariableA
0x1401281d8 WaitForSingleObjectEx
0x1401281e0 MoveFileExA
0x1401281e8 GetTickCount
0x1401281f0 CreateFileMappingW
0x1401281f8 MapViewOfFile
0x140128200 UnmapViewOfFile
0x140128208 GetModuleFileNameA
0x140128210 GetModuleHandleW
0x140128218 QueryFullProcessImageNameW
0x140128220 QueryPerformanceCounter
0x140128228 FreeLibrary
0x140128230 VerSetConditionMask
0x140128238 VerifyVersionInfoA
0x140128240 DeleteCriticalSection
0x140128248 OutputDebugStringW
0x140128250 ReleaseSRWLockExclusive
0x140128258 AcquireSRWLockExclusive
0x140128260 WakeAllConditionVariable
0x140128268 SleepConditionVariableSRW
0x140128270 RtlCaptureContext
0x140128278 RtlLookupFunctionEntry
0x140128280 RtlVirtualUnwind
0x140128288 UnhandledExceptionFilter
0x140128290 SetUnhandledExceptionFilter
0x140128298 IsProcessorFeaturePresent
0x1401282a0 GetCurrentProcessId
0x1401282a8 GetCurrentThreadId
0x1401282b0 GetSystemTimeAsFileTime
0x1401282b8 InitializeSListHead
0x1401282c0 GetProcAddress
0x1401282c8 QueryPerformanceFrequency
0x1401282d0 LoadLibraryA
0x1401282d8 GetModuleHandleA
0x1401282e0 GlobalUnlock
0x1401282e8 GlobalLock
0x1401282f0 GlobalFree
0x1401282f8 GlobalAlloc
0x140128300 GetFileAttributesW
0x140128308 lstrcmpiW
0x140128310 GetConsoleWindow
0x140128318 WideCharToMultiByte
0x140128320 CreateThread
0x140128328 CloseHandle
0x140128330 Process32FirstW
0x140128338 CreateFileA
0x140128340 Process32NextW
0x140128348 GetLastError
0x140128350 Sleep
0x140128358 GetSystemDirectoryA
0x140128360 SleepEx
0x140128368 LeaveCriticalSection
0x140128370 CreateFileW
0x140128378 HeapDestroy
0x140128380 HeapAlloc
0x140128388 HeapReAlloc
0x140128390 GetFileType
0x140128398 HeapFree
0x1401283a0 HeapSize
0x1401283a8 GetProcessHeap
0x1401283b0 GetCurrentProcess
0x1401283b8 MultiByteToWideChar
0x1401283c0 CreateToolhelp32Snapshot
0x1401283c8 SetConsoleWindowInfo
0x1401283d0 TerminateProcess
0x1401283d8 DeviceIoControl
0x1401283e0 GetStdHandle
0x1401283e8 SetConsoleScreenBufferSize
0x1401283f0 SetConsoleTitleA
0x1401283f8 SetConsoleTextAttribute
0x140128400 InitializeCriticalSectionEx
0x140128408 IsDebuggerPresent
0x140128410 SetLastError
0x140128418 EnterCriticalSection
0x140128420 FormatMessageA
0x140128428 LocalFree
0x140128430 VirtualProtect
USER32.dll
0x140128730 SetCursorPos
0x140128738 SetCursor
0x140128740 OpenClipboard
0x140128748 CloseClipboard
0x140128750 EmptyClipboard
0x140128758 SetClipboardData
0x140128760 GetKeyState
0x140128768 GetWindow
0x140128770 LoadCursorW
0x140128778 UpdateWindow
0x140128780 FindWindowA
0x140128788 GetClientRect
0x140128790 FindWindowW
0x140128798 TranslateMessage
0x1401287a0 SetLayeredWindowAttributes
0x1401287a8 GetForegroundWindow
0x1401287b0 SetWindowDisplayAffinity
0x1401287b8 PeekMessageW
0x1401287c0 GetClipboardData
0x1401287c8 ClientToScreen
0x1401287d0 DispatchMessageW
0x1401287d8 GetAsyncKeyState
0x1401287e0 ShowWindow
0x1401287e8 ScreenToClient
0x1401287f0 GetWindowLongPtrW
0x1401287f8 MessageBoxA
0x140128800 DestroyWindow
0x140128808 SetWindowPos
0x140128810 SetWindowLongPtrW
0x140128818 GetSystemMetrics
0x140128820 GetCursorPos
ADVAPI32.dll
0x140128000 OpenServiceW
0x140128008 ControlService
0x140128010 DeleteService
0x140128018 OpenSCManagerW
0x140128020 CloseServiceHandle
0x140128028 QueryServiceStatus
0x140128030 CreateServiceW
0x140128038 OpenProcessToken
0x140128040 AddAccessAllowedAce
0x140128048 GetLengthSid
0x140128050 GetTokenInformation
0x140128058 InitializeAcl
0x140128060 IsValidSid
0x140128068 SetSecurityInfo
0x140128070 CopySid
0x140128078 CryptEncrypt
0x140128080 CryptImportKey
0x140128088 CryptDestroyKey
0x140128090 CryptDestroyHash
0x140128098 CryptHashData
0x1401280a0 CryptCreateHash
0x1401280a8 CryptGenRandom
0x1401280b0 CryptGetHashParam
0x1401280b8 CryptReleaseContext
0x1401280c0 CryptAcquireContextA
0x1401280c8 ConvertSidToStringSidA
0x1401280d0 StartServiceW
SHELL32.dll
0x140128720 ShellExecuteA
MSVCP140.dll
0x140128440 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140128448 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128450 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140128458 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140128460 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140128468 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128470 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140128478 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128480 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128488 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140128490 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140128498 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
0x1401284a0 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x1401284a8 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401284b0 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
0x1401284b8 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
0x1401284c0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1401284c8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401284d0 ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
0x1401284d8 ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
0x1401284e0 ?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
0x1401284e8 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1401284f0 ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
0x1401284f8 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x140128500 ?_Incref@facet@locale@std@@UEAAXXZ
0x140128508 ??Bid@locale@std@@QEAA_KXZ
0x140128510 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140128518 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128520 _Mtx_unlock
0x140128528 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140128530 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140128538 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128540 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140128548 _Thrd_join
0x140128550 _Xtime_get_ticks
0x140128558 _Query_perf_counter
0x140128560 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128568 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140128570 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x140128578 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140128580 _Thrd_id
0x140128588 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x140128590 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x140128598 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1401285a0 _Thrd_sleep
0x1401285a8 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1401285b0 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1401285b8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401285c0 ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
0x1401285c8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d0 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1401285e0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1401285e8 _Cnd_do_broadcast_at_thread_exit
0x1401285f0 _Mtx_init_in_situ
0x1401285f8 _Mtx_lock
0x140128600 _Mtx_destroy_in_situ
0x140128608 ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
0x140128610 ?id@?$ctype@D@std@@2V0locale@2@A
0x140128618 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x140128620 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140128628 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x140128630 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140128638 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x140128640 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140128648 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128650 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128658 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x140128660 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x140128668 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140128670 ?_Xout_of_range@std@@YAXPEBD@Z
0x140128678 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x140128680 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x140128688 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140128690 ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
0x140128698 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1401286a0 ?uncaught_exceptions@std@@YAHXZ
0x1401286a8 ?_Throw_Cpp_error@std@@YAXH@Z
0x1401286b0 ??0_Lockit@std@@QEAA@H@Z
0x1401286b8 ??1_Lockit@std@@QEAA@XZ
0x1401286c0 ?_Xbad_function_call@std@@YAXXZ
0x1401286c8 ?_Xlength_error@std@@YAXPEBD@Z
0x1401286d0 _Query_perf_frequency
dwmapi.dll
0x140128e88 DwmExtendFrameIntoClientArea
WINHTTP.dll
0x1401288e0 WinHttpReceiveResponse
0x1401288e8 WinHttpOpen
0x1401288f0 WinHttpOpenRequest
0x1401288f8 WinHttpCloseHandle
0x140128900 WinHttpSendRequest
0x140128908 WinHttpConnect
0x140128910 WinHttpQueryOption
CRYPT32.dll
0x1401280e0 CertCreateCertificateChainEngine
0x1401280e8 CryptQueryObject
0x1401280f0 CertGetCertificateChain
0x1401280f8 CertFindExtension
0x140128100 CertAddCertificateContextToStore
0x140128108 CryptDecodeObjectEx
0x140128110 CertGetNameStringA
0x140128118 CertFreeCertificateChainEngine
0x140128120 PFXImportCertStore
0x140128128 CryptStringToBinaryA
0x140128130 CertFindCertificateInStore
0x140128138 CertEnumCertificatesInStore
0x140128140 CertOpenStore
0x140128148 CertGetCertificateContextProperty
0x140128150 CertFreeCertificateChain
0x140128158 CertCloseStore
0x140128160 CertFreeCertificateContext
IMM32.dll
0x140128180 ImmReleaseContext
0x140128188 ImmSetCompositionWindow
0x140128190 ImmGetContext
0x140128198 ImmSetCandidateWindow
Normaliz.dll
0x1401286e0 IdnToAscii
WLDAP32.dll
0x140128920 None
0x140128928 None
0x140128930 None
0x140128938 None
0x140128940 None
0x140128948 None
0x140128950 None
0x140128958 None
0x140128960 None
0x140128968 None
0x140128970 None
0x140128978 None
0x140128980 None
0x140128988 None
0x140128990 None
0x140128998 None
0x1401289a0 None
0x1401289a8 None
WS2_32.dll
0x1401289b8 select
0x1401289c0 freeaddrinfo
0x1401289c8 __WSAFDIsSet
0x1401289d0 ioctlsocket
0x1401289d8 listen
0x1401289e0 htonl
0x1401289e8 recvfrom
0x1401289f0 accept
0x1401289f8 WSACleanup
0x140128a00 WSAStartup
0x140128a08 WSAIoctl
0x140128a10 sendto
0x140128a18 gethostname
0x140128a20 ntohl
0x140128a28 WSASetLastError
0x140128a30 socket
0x140128a38 setsockopt
0x140128a40 ntohs
0x140128a48 htons
0x140128a50 getsockopt
0x140128a58 getsockname
0x140128a60 getaddrinfo
0x140128a68 connect
0x140128a70 getpeername
0x140128a78 WSAGetLastError
0x140128a80 ind
0x140128a88 send
0x140128a90 recv
0x140128a98 closesocket
RPCRT4.dll
0x140128700 RpcStringFreeA
0x140128708 UuidToStringA
0x140128710 UuidCreate
PSAPI.DLL
0x1401286f0 GetModuleInformation
USERENV.dll
0x140128830 UnloadUserProfile
VCRUNTIME140_1.dll
0x1401288d0 __CxxFrameHandler4
VCRUNTIME140.dll
0x140128840 __current_exception_context
0x140128848 __current_exception
0x140128850 __C_specific_handler
0x140128858 longjmp
0x140128860 strrchr
0x140128868 strchr
0x140128870 memset
0x140128878 __intrinsic_setjmp
0x140128880 memcmp
0x140128888 memmove
0x140128890 _CxxThrowException
0x140128898 strstr
0x1401288a0 __std_terminate
0x1401288a8 __std_exception_copy
0x1401288b0 __std_exception_destroy
0x1401288b8 memcpy
0x1401288c0 memchr
api-ms-win-crt-runtime-l1-1-0.dll
0x140128be8 exit
0x140128bf0 _invalid_parameter_noinfo_noreturn
0x140128bf8 terminate
0x140128c00 strerror
0x140128c08 __sys_nerr
0x140128c10 _invalid_parameter_noinfo
0x140128c18 _resetstkoflw
0x140128c20 system
0x140128c28 _getpid
0x140128c30 _beginthreadex
0x140128c38 _register_thread_local_exe_atexit_callback
0x140128c40 _c_exit
0x140128c48 __p___argv
0x140128c50 __p___argc
0x140128c58 _exit
0x140128c60 _initterm_e
0x140128c68 _initterm
0x140128c70 _get_initial_narrow_environment
0x140128c78 _set_app_type
0x140128c80 _seh_filter_exe
0x140128c88 _cexit
0x140128c90 _crt_atexit
0x140128c98 _register_onexit_function
0x140128ca0 _initialize_onexit_table
0x140128ca8 _initialize_narrow_environment
0x140128cb0 _configure_narrow_argv
0x140128cb8 _errno
api-ms-win-crt-stdio-l1-1-0.dll
0x140128cc8 fclose
0x140128cd0 __p__commode
0x140128cd8 __acrt_iob_func
0x140128ce0 _lseeki64
0x140128ce8 __stdio_common_vsprintf_s
0x140128cf0 fgetc
0x140128cf8 fflush
0x140128d00 _read
0x140128d08 feof
0x140128d10 fputs
0x140128d18 fopen
0x140128d20 _write
0x140128d28 _close
0x140128d30 _open
0x140128d38 __stdio_common_vfprintf
0x140128d40 fputc
0x140128d48 _pclose
0x140128d50 fgets
0x140128d58 fwrite
0x140128d60 _set_fmode
0x140128d68 __stdio_common_vsscanf
0x140128d70 _wfopen
0x140128d78 __stdio_common_vsprintf
0x140128d80 fseek
0x140128d88 ftell
0x140128d90 _get_stream_buffer_pointers
0x140128d98 _fseeki64
0x140128da0 fread
0x140128da8 fsetpos
0x140128db0 ungetc
0x140128db8 fgetpos
0x140128dc0 setvbuf
0x140128dc8 _popen
api-ms-win-crt-heap-l1-1-0.dll
0x140128b18 realloc
0x140128b20 _set_new_mode
0x140128b28 malloc
0x140128b30 calloc
0x140128b38 _callnewh
0x140128b40 free
api-ms-win-crt-math-l1-1-0.dll
0x140128b68 atanf
0x140128b70 asinf
0x140128b78 acosf
0x140128b80 ceilf
0x140128b88 cos
0x140128b90 cosf
0x140128b98 fmodf
0x140128ba0 _dclass
0x140128ba8 tanf
0x140128bb0 powf
0x140128bb8 roundf
0x140128bc0 sin
0x140128bc8 sinf
0x140128bd0 sqrtf
0x140128bd8 __setusermatherr
api-ms-win-crt-string-l1-1-0.dll
0x140128dd8 strncmp
0x140128de0 strncpy
0x140128de8 isupper
0x140128df0 tolower
0x140128df8 strpbrk
0x140128e00 strcmp
0x140128e08 _strdup
0x140128e10 strspn
0x140128e18 strcspn
api-ms-win-crt-time-l1-1-0.dll
0x140128e28 _localtime64_s
0x140128e30 _gmtime64
0x140128e38 strftime
0x140128e40 _time64
api-ms-win-crt-convert-l1-1-0.dll
0x140128aa8 strtod
0x140128ab0 strtoull
0x140128ab8 strtol
0x140128ac0 atoi
0x140128ac8 strtoul
0x140128ad0 strtoll
api-ms-win-crt-utility-l1-1-0.dll
0x140128e50 qsort
0x140128e58 rand
api-ms-win-crt-filesystem-l1-1-0.dll
0x140128ae0 _lock_file
0x140128ae8 _access
0x140128af0 _unlink
0x140128af8 _stat64
0x140128b00 _fstat64
0x140128b08 _unlock_file
api-ms-win-crt-locale-l1-1-0.dll
0x140128b50 _configthreadlocale
0x140128b58 localeconv
EAT(Export Address Table) is none
d3dx11_43.dll
0x140128e78 D3DX11CreateShaderResourceViewFromMemory
d3d11.dll
0x140128e68 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x140128170 D3DCompile
KERNEL32.dll
0x1401281a8 ReadFile
0x1401281b0 PeekNamedPipe
0x1401281b8 WaitForMultipleObjects
0x1401281c0 GetFileSizeEx
0x1401281c8 CreateFileMappingA
0x1401281d0 GetEnvironmentVariableA
0x1401281d8 WaitForSingleObjectEx
0x1401281e0 MoveFileExA
0x1401281e8 GetTickCount
0x1401281f0 CreateFileMappingW
0x1401281f8 MapViewOfFile
0x140128200 UnmapViewOfFile
0x140128208 GetModuleFileNameA
0x140128210 GetModuleHandleW
0x140128218 QueryFullProcessImageNameW
0x140128220 QueryPerformanceCounter
0x140128228 FreeLibrary
0x140128230 VerSetConditionMask
0x140128238 VerifyVersionInfoA
0x140128240 DeleteCriticalSection
0x140128248 OutputDebugStringW
0x140128250 ReleaseSRWLockExclusive
0x140128258 AcquireSRWLockExclusive
0x140128260 WakeAllConditionVariable
0x140128268 SleepConditionVariableSRW
0x140128270 RtlCaptureContext
0x140128278 RtlLookupFunctionEntry
0x140128280 RtlVirtualUnwind
0x140128288 UnhandledExceptionFilter
0x140128290 SetUnhandledExceptionFilter
0x140128298 IsProcessorFeaturePresent
0x1401282a0 GetCurrentProcessId
0x1401282a8 GetCurrentThreadId
0x1401282b0 GetSystemTimeAsFileTime
0x1401282b8 InitializeSListHead
0x1401282c0 GetProcAddress
0x1401282c8 QueryPerformanceFrequency
0x1401282d0 LoadLibraryA
0x1401282d8 GetModuleHandleA
0x1401282e0 GlobalUnlock
0x1401282e8 GlobalLock
0x1401282f0 GlobalFree
0x1401282f8 GlobalAlloc
0x140128300 GetFileAttributesW
0x140128308 lstrcmpiW
0x140128310 GetConsoleWindow
0x140128318 WideCharToMultiByte
0x140128320 CreateThread
0x140128328 CloseHandle
0x140128330 Process32FirstW
0x140128338 CreateFileA
0x140128340 Process32NextW
0x140128348 GetLastError
0x140128350 Sleep
0x140128358 GetSystemDirectoryA
0x140128360 SleepEx
0x140128368 LeaveCriticalSection
0x140128370 CreateFileW
0x140128378 HeapDestroy
0x140128380 HeapAlloc
0x140128388 HeapReAlloc
0x140128390 GetFileType
0x140128398 HeapFree
0x1401283a0 HeapSize
0x1401283a8 GetProcessHeap
0x1401283b0 GetCurrentProcess
0x1401283b8 MultiByteToWideChar
0x1401283c0 CreateToolhelp32Snapshot
0x1401283c8 SetConsoleWindowInfo
0x1401283d0 TerminateProcess
0x1401283d8 DeviceIoControl
0x1401283e0 GetStdHandle
0x1401283e8 SetConsoleScreenBufferSize
0x1401283f0 SetConsoleTitleA
0x1401283f8 SetConsoleTextAttribute
0x140128400 InitializeCriticalSectionEx
0x140128408 IsDebuggerPresent
0x140128410 SetLastError
0x140128418 EnterCriticalSection
0x140128420 FormatMessageA
0x140128428 LocalFree
0x140128430 VirtualProtect
USER32.dll
0x140128730 SetCursorPos
0x140128738 SetCursor
0x140128740 OpenClipboard
0x140128748 CloseClipboard
0x140128750 EmptyClipboard
0x140128758 SetClipboardData
0x140128760 GetKeyState
0x140128768 GetWindow
0x140128770 LoadCursorW
0x140128778 UpdateWindow
0x140128780 FindWindowA
0x140128788 GetClientRect
0x140128790 FindWindowW
0x140128798 TranslateMessage
0x1401287a0 SetLayeredWindowAttributes
0x1401287a8 GetForegroundWindow
0x1401287b0 SetWindowDisplayAffinity
0x1401287b8 PeekMessageW
0x1401287c0 GetClipboardData
0x1401287c8 ClientToScreen
0x1401287d0 DispatchMessageW
0x1401287d8 GetAsyncKeyState
0x1401287e0 ShowWindow
0x1401287e8 ScreenToClient
0x1401287f0 GetWindowLongPtrW
0x1401287f8 MessageBoxA
0x140128800 DestroyWindow
0x140128808 SetWindowPos
0x140128810 SetWindowLongPtrW
0x140128818 GetSystemMetrics
0x140128820 GetCursorPos
ADVAPI32.dll
0x140128000 OpenServiceW
0x140128008 ControlService
0x140128010 DeleteService
0x140128018 OpenSCManagerW
0x140128020 CloseServiceHandle
0x140128028 QueryServiceStatus
0x140128030 CreateServiceW
0x140128038 OpenProcessToken
0x140128040 AddAccessAllowedAce
0x140128048 GetLengthSid
0x140128050 GetTokenInformation
0x140128058 InitializeAcl
0x140128060 IsValidSid
0x140128068 SetSecurityInfo
0x140128070 CopySid
0x140128078 CryptEncrypt
0x140128080 CryptImportKey
0x140128088 CryptDestroyKey
0x140128090 CryptDestroyHash
0x140128098 CryptHashData
0x1401280a0 CryptCreateHash
0x1401280a8 CryptGenRandom
0x1401280b0 CryptGetHashParam
0x1401280b8 CryptReleaseContext
0x1401280c0 CryptAcquireContextA
0x1401280c8 ConvertSidToStringSidA
0x1401280d0 StartServiceW
SHELL32.dll
0x140128720 ShellExecuteA
MSVCP140.dll
0x140128440 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140128448 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128450 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140128458 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140128460 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140128468 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128470 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140128478 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128480 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128488 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140128490 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140128498 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
0x1401284a0 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x1401284a8 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401284b0 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
0x1401284b8 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
0x1401284c0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1401284c8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401284d0 ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
0x1401284d8 ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
0x1401284e0 ?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
0x1401284e8 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1401284f0 ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
0x1401284f8 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x140128500 ?_Incref@facet@locale@std@@UEAAXXZ
0x140128508 ??Bid@locale@std@@QEAA_KXZ
0x140128510 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140128518 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128520 _Mtx_unlock
0x140128528 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x140128530 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140128538 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128540 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140128548 _Thrd_join
0x140128550 _Xtime_get_ticks
0x140128558 _Query_perf_counter
0x140128560 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128568 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140128570 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x140128578 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140128580 _Thrd_id
0x140128588 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x140128590 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x140128598 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1401285a0 _Thrd_sleep
0x1401285a8 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1401285b0 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1401285b8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401285c0 ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
0x1401285c8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d0 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1401285e0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1401285e8 _Cnd_do_broadcast_at_thread_exit
0x1401285f0 _Mtx_init_in_situ
0x1401285f8 _Mtx_lock
0x140128600 _Mtx_destroy_in_situ
0x140128608 ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
0x140128610 ?id@?$ctype@D@std@@2V0locale@2@A
0x140128618 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x140128620 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140128628 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x140128630 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140128638 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x140128640 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140128648 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128650 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128658 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x140128660 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x140128668 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140128670 ?_Xout_of_range@std@@YAXPEBD@Z
0x140128678 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x140128680 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x140128688 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140128690 ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
0x140128698 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1401286a0 ?uncaught_exceptions@std@@YAHXZ
0x1401286a8 ?_Throw_Cpp_error@std@@YAXH@Z
0x1401286b0 ??0_Lockit@std@@QEAA@H@Z
0x1401286b8 ??1_Lockit@std@@QEAA@XZ
0x1401286c0 ?_Xbad_function_call@std@@YAXXZ
0x1401286c8 ?_Xlength_error@std@@YAXPEBD@Z
0x1401286d0 _Query_perf_frequency
dwmapi.dll
0x140128e88 DwmExtendFrameIntoClientArea
WINHTTP.dll
0x1401288e0 WinHttpReceiveResponse
0x1401288e8 WinHttpOpen
0x1401288f0 WinHttpOpenRequest
0x1401288f8 WinHttpCloseHandle
0x140128900 WinHttpSendRequest
0x140128908 WinHttpConnect
0x140128910 WinHttpQueryOption
CRYPT32.dll
0x1401280e0 CertCreateCertificateChainEngine
0x1401280e8 CryptQueryObject
0x1401280f0 CertGetCertificateChain
0x1401280f8 CertFindExtension
0x140128100 CertAddCertificateContextToStore
0x140128108 CryptDecodeObjectEx
0x140128110 CertGetNameStringA
0x140128118 CertFreeCertificateChainEngine
0x140128120 PFXImportCertStore
0x140128128 CryptStringToBinaryA
0x140128130 CertFindCertificateInStore
0x140128138 CertEnumCertificatesInStore
0x140128140 CertOpenStore
0x140128148 CertGetCertificateContextProperty
0x140128150 CertFreeCertificateChain
0x140128158 CertCloseStore
0x140128160 CertFreeCertificateContext
IMM32.dll
0x140128180 ImmReleaseContext
0x140128188 ImmSetCompositionWindow
0x140128190 ImmGetContext
0x140128198 ImmSetCandidateWindow
Normaliz.dll
0x1401286e0 IdnToAscii
WLDAP32.dll
0x140128920 None
0x140128928 None
0x140128930 None
0x140128938 None
0x140128940 None
0x140128948 None
0x140128950 None
0x140128958 None
0x140128960 None
0x140128968 None
0x140128970 None
0x140128978 None
0x140128980 None
0x140128988 None
0x140128990 None
0x140128998 None
0x1401289a0 None
0x1401289a8 None
WS2_32.dll
0x1401289b8 select
0x1401289c0 freeaddrinfo
0x1401289c8 __WSAFDIsSet
0x1401289d0 ioctlsocket
0x1401289d8 listen
0x1401289e0 htonl
0x1401289e8 recvfrom
0x1401289f0 accept
0x1401289f8 WSACleanup
0x140128a00 WSAStartup
0x140128a08 WSAIoctl
0x140128a10 sendto
0x140128a18 gethostname
0x140128a20 ntohl
0x140128a28 WSASetLastError
0x140128a30 socket
0x140128a38 setsockopt
0x140128a40 ntohs
0x140128a48 htons
0x140128a50 getsockopt
0x140128a58 getsockname
0x140128a60 getaddrinfo
0x140128a68 connect
0x140128a70 getpeername
0x140128a78 WSAGetLastError
0x140128a80 ind
0x140128a88 send
0x140128a90 recv
0x140128a98 closesocket
RPCRT4.dll
0x140128700 RpcStringFreeA
0x140128708 UuidToStringA
0x140128710 UuidCreate
PSAPI.DLL
0x1401286f0 GetModuleInformation
USERENV.dll
0x140128830 UnloadUserProfile
VCRUNTIME140_1.dll
0x1401288d0 __CxxFrameHandler4
VCRUNTIME140.dll
0x140128840 __current_exception_context
0x140128848 __current_exception
0x140128850 __C_specific_handler
0x140128858 longjmp
0x140128860 strrchr
0x140128868 strchr
0x140128870 memset
0x140128878 __intrinsic_setjmp
0x140128880 memcmp
0x140128888 memmove
0x140128890 _CxxThrowException
0x140128898 strstr
0x1401288a0 __std_terminate
0x1401288a8 __std_exception_copy
0x1401288b0 __std_exception_destroy
0x1401288b8 memcpy
0x1401288c0 memchr
api-ms-win-crt-runtime-l1-1-0.dll
0x140128be8 exit
0x140128bf0 _invalid_parameter_noinfo_noreturn
0x140128bf8 terminate
0x140128c00 strerror
0x140128c08 __sys_nerr
0x140128c10 _invalid_parameter_noinfo
0x140128c18 _resetstkoflw
0x140128c20 system
0x140128c28 _getpid
0x140128c30 _beginthreadex
0x140128c38 _register_thread_local_exe_atexit_callback
0x140128c40 _c_exit
0x140128c48 __p___argv
0x140128c50 __p___argc
0x140128c58 _exit
0x140128c60 _initterm_e
0x140128c68 _initterm
0x140128c70 _get_initial_narrow_environment
0x140128c78 _set_app_type
0x140128c80 _seh_filter_exe
0x140128c88 _cexit
0x140128c90 _crt_atexit
0x140128c98 _register_onexit_function
0x140128ca0 _initialize_onexit_table
0x140128ca8 _initialize_narrow_environment
0x140128cb0 _configure_narrow_argv
0x140128cb8 _errno
api-ms-win-crt-stdio-l1-1-0.dll
0x140128cc8 fclose
0x140128cd0 __p__commode
0x140128cd8 __acrt_iob_func
0x140128ce0 _lseeki64
0x140128ce8 __stdio_common_vsprintf_s
0x140128cf0 fgetc
0x140128cf8 fflush
0x140128d00 _read
0x140128d08 feof
0x140128d10 fputs
0x140128d18 fopen
0x140128d20 _write
0x140128d28 _close
0x140128d30 _open
0x140128d38 __stdio_common_vfprintf
0x140128d40 fputc
0x140128d48 _pclose
0x140128d50 fgets
0x140128d58 fwrite
0x140128d60 _set_fmode
0x140128d68 __stdio_common_vsscanf
0x140128d70 _wfopen
0x140128d78 __stdio_common_vsprintf
0x140128d80 fseek
0x140128d88 ftell
0x140128d90 _get_stream_buffer_pointers
0x140128d98 _fseeki64
0x140128da0 fread
0x140128da8 fsetpos
0x140128db0 ungetc
0x140128db8 fgetpos
0x140128dc0 setvbuf
0x140128dc8 _popen
api-ms-win-crt-heap-l1-1-0.dll
0x140128b18 realloc
0x140128b20 _set_new_mode
0x140128b28 malloc
0x140128b30 calloc
0x140128b38 _callnewh
0x140128b40 free
api-ms-win-crt-math-l1-1-0.dll
0x140128b68 atanf
0x140128b70 asinf
0x140128b78 acosf
0x140128b80 ceilf
0x140128b88 cos
0x140128b90 cosf
0x140128b98 fmodf
0x140128ba0 _dclass
0x140128ba8 tanf
0x140128bb0 powf
0x140128bb8 roundf
0x140128bc0 sin
0x140128bc8 sinf
0x140128bd0 sqrtf
0x140128bd8 __setusermatherr
api-ms-win-crt-string-l1-1-0.dll
0x140128dd8 strncmp
0x140128de0 strncpy
0x140128de8 isupper
0x140128df0 tolower
0x140128df8 strpbrk
0x140128e00 strcmp
0x140128e08 _strdup
0x140128e10 strspn
0x140128e18 strcspn
api-ms-win-crt-time-l1-1-0.dll
0x140128e28 _localtime64_s
0x140128e30 _gmtime64
0x140128e38 strftime
0x140128e40 _time64
api-ms-win-crt-convert-l1-1-0.dll
0x140128aa8 strtod
0x140128ab0 strtoull
0x140128ab8 strtol
0x140128ac0 atoi
0x140128ac8 strtoul
0x140128ad0 strtoll
api-ms-win-crt-utility-l1-1-0.dll
0x140128e50 qsort
0x140128e58 rand
api-ms-win-crt-filesystem-l1-1-0.dll
0x140128ae0 _lock_file
0x140128ae8 _access
0x140128af0 _unlink
0x140128af8 _stat64
0x140128b00 _fstat64
0x140128b08 _unlock_file
api-ms-win-crt-locale-l1-1-0.dll
0x140128b50 _configthreadlocale
0x140128b58 localeconv
EAT(Export Address Table) is none