ScreenShot
| Created | 2024.11.13 14:07 | Machine | s1_win7_x6403 |
| Filename | djksahjkdhkh.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 49 detected (AIDetectMalware, Malicious, score, Lazy, Unsafe, confidence, Attribute, HighConfidence, high confidence, GameHack, FileRepMalware, Misc, CLOUD, AGEN, Static AI, Malicious PE, Detected, Eldorado, R674221, Artemis, GdSda, Gencirc, susgen, GenKryptik, GHEK) | ||
| md5 | bb90600c0a9be0cb52202b5ebf95c5cc | ||
| sha256 | bc23dc2a555f56be059cb588f37bf5b4067935491775e43dfb782599828e8701 | ||
| ssdeep | 98304:PmiwqOVm5ttYOpDo4CyZwg562/K5a6e6c8hDkDe9ncT40Dfv:Pmve1YooryEJg6cXs0Dfv | ||
| imphash | 0e7987153df41024e457d66b6f850c4d | ||
| impfuzzy | 192:T+raW2WTQNxvFRlB6rzXGmaeUpDDYhdykw16:iaR9zszypfiIkw4 | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 49 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
d3dx11_43.dll
0x140128e70 D3DX11CreateShaderResourceViewFromMemory
d3d11.dll
0x140128e60 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x140128170 D3DCompile
KERNEL32.dll
0x1401281a8 ReadFile
0x1401281b0 PeekNamedPipe
0x1401281b8 WaitForMultipleObjects
0x1401281c0 GetFileSizeEx
0x1401281c8 CreateFileMappingA
0x1401281d0 GetEnvironmentVariableA
0x1401281d8 WaitForSingleObjectEx
0x1401281e0 MoveFileExA
0x1401281e8 GetTickCount
0x1401281f0 CreateFileMappingW
0x1401281f8 MapViewOfFile
0x140128200 UnmapViewOfFile
0x140128208 GetModuleFileNameA
0x140128210 GetModuleHandleW
0x140128218 QueryFullProcessImageNameW
0x140128220 QueryPerformanceCounter
0x140128228 FreeLibrary
0x140128230 VerSetConditionMask
0x140128238 VerifyVersionInfoA
0x140128240 DeleteCriticalSection
0x140128248 OutputDebugStringW
0x140128250 ReleaseSRWLockExclusive
0x140128258 AcquireSRWLockExclusive
0x140128260 WakeAllConditionVariable
0x140128268 SleepConditionVariableSRW
0x140128270 RtlCaptureContext
0x140128278 RtlLookupFunctionEntry
0x140128280 RtlVirtualUnwind
0x140128288 UnhandledExceptionFilter
0x140128290 SetUnhandledExceptionFilter
0x140128298 IsProcessorFeaturePresent
0x1401282a0 GetCurrentProcessId
0x1401282a8 GetCurrentThreadId
0x1401282b0 GetSystemTimeAsFileTime
0x1401282b8 InitializeSListHead
0x1401282c0 GetProcAddress
0x1401282c8 QueryPerformanceFrequency
0x1401282d0 LoadLibraryA
0x1401282d8 GetModuleHandleA
0x1401282e0 GlobalUnlock
0x1401282e8 GlobalLock
0x1401282f0 GlobalFree
0x1401282f8 GlobalAlloc
0x140128300 GetFileAttributesW
0x140128308 lstrcmpiW
0x140128310 GetConsoleWindow
0x140128318 WideCharToMultiByte
0x140128320 CreateThread
0x140128328 CloseHandle
0x140128330 Process32FirstW
0x140128338 CreateFileA
0x140128340 Process32NextW
0x140128348 GetLastError
0x140128350 Sleep
0x140128358 GetSystemDirectoryA
0x140128360 SleepEx
0x140128368 LeaveCriticalSection
0x140128370 CreateFileW
0x140128378 HeapDestroy
0x140128380 HeapAlloc
0x140128388 HeapReAlloc
0x140128390 GetFileType
0x140128398 HeapFree
0x1401283a0 HeapSize
0x1401283a8 GetProcessHeap
0x1401283b0 GetCurrentProcess
0x1401283b8 MultiByteToWideChar
0x1401283c0 CreateToolhelp32Snapshot
0x1401283c8 SetConsoleWindowInfo
0x1401283d0 TerminateProcess
0x1401283d8 DeviceIoControl
0x1401283e0 GetStdHandle
0x1401283e8 SetConsoleScreenBufferSize
0x1401283f0 SetConsoleTitleA
0x1401283f8 SetConsoleTextAttribute
0x140128400 InitializeCriticalSectionEx
0x140128408 IsDebuggerPresent
0x140128410 SetLastError
0x140128418 EnterCriticalSection
0x140128420 FormatMessageA
0x140128428 LocalFree
0x140128430 VirtualProtect
USER32.dll
0x140128730 SetCursor
0x140128738 SetCursorPos
0x140128740 OpenClipboard
0x140128748 CloseClipboard
0x140128750 GetClipboardData
0x140128758 SetClipboardData
0x140128760 GetKeyState
0x140128768 LoadCursorW
0x140128770 UpdateWindow
0x140128778 FindWindowA
0x140128780 GetClientRect
0x140128788 FindWindowW
0x140128790 TranslateMessage
0x140128798 SetLayeredWindowAttributes
0x1401287a0 GetForegroundWindow
0x1401287a8 PeekMessageW
0x1401287b0 ClientToScreen
0x1401287b8 EmptyClipboard
0x1401287c0 DispatchMessageW
0x1401287c8 GetAsyncKeyState
0x1401287d0 ShowWindow
0x1401287d8 GetWindowLongPtrW
0x1401287e0 ScreenToClient
0x1401287e8 GetSystemMetrics
0x1401287f0 MessageBoxA
0x1401287f8 GetWindow
0x140128800 DestroyWindow
0x140128808 SetWindowPos
0x140128810 SetWindowLongPtrW
0x140128818 GetCursorPos
ADVAPI32.dll
0x140128000 StartServiceW
0x140128008 ControlService
0x140128010 DeleteService
0x140128018 OpenSCManagerW
0x140128020 CloseServiceHandle
0x140128028 QueryServiceStatus
0x140128030 CreateServiceW
0x140128038 OpenProcessToken
0x140128040 AddAccessAllowedAce
0x140128048 GetLengthSid
0x140128050 GetTokenInformation
0x140128058 InitializeAcl
0x140128060 IsValidSid
0x140128068 SetSecurityInfo
0x140128070 CopySid
0x140128078 CryptEncrypt
0x140128080 CryptImportKey
0x140128088 CryptDestroyKey
0x140128090 CryptDestroyHash
0x140128098 CryptHashData
0x1401280a0 CryptCreateHash
0x1401280a8 CryptGenRandom
0x1401280b0 CryptGetHashParam
0x1401280b8 CryptReleaseContext
0x1401280c0 CryptAcquireContextA
0x1401280c8 ConvertSidToStringSidA
0x1401280d0 OpenServiceW
SHELL32.dll
0x140128720 ShellExecuteA
MSVCP140.dll
0x140128440 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128448 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140128450 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140128458 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140128460 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128468 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140128470 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128478 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128480 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140128488 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140128490 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
0x140128498 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x1401284a0 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401284a8 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
0x1401284b0 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
0x1401284b8 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1401284c0 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401284c8 ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
0x1401284d0 ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
0x1401284d8 ?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
0x1401284e0 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1401284e8 ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
0x1401284f0 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x1401284f8 ?_Incref@facet@locale@std@@UEAAXXZ
0x140128500 ??Bid@locale@std@@QEAA_KXZ
0x140128508 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140128510 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128518 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140128520 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140128528 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128530 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140128538 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128540 _Mtx_unlock
0x140128548 _Thrd_join
0x140128550 _Xtime_get_ticks
0x140128558 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140128560 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x140128568 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140128570 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x140128578 _Query_perf_counter
0x140128580 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x140128588 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140128590 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140128598 _Thrd_id
0x1401285a0 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1401285a8 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1401285b0 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1401285b8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401285c0 ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
0x1401285c8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d0 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1401285e0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1401285e8 _Thrd_sleep
0x1401285f0 _Cnd_do_broadcast_at_thread_exit
0x1401285f8 _Mtx_init_in_situ
0x140128600 _Mtx_lock
0x140128608 _Mtx_destroy_in_situ
0x140128610 ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
0x140128618 ?id@?$ctype@D@std@@2V0locale@2@A
0x140128620 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x140128628 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x140128630 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140128638 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140128640 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128648 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128650 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x140128658 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x140128660 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x140128668 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140128670 ?_Xout_of_range@std@@YAXPEBD@Z
0x140128678 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x140128680 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x140128688 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140128690 ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
0x140128698 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1401286a0 ?uncaught_exceptions@std@@YAHXZ
0x1401286a8 ?_Throw_Cpp_error@std@@YAXH@Z
0x1401286b0 ?_Xbad_function_call@std@@YAXXZ
0x1401286b8 ?_Xlength_error@std@@YAXPEBD@Z
0x1401286c0 _Query_perf_frequency
0x1401286c8 ??1_Lockit@std@@QEAA@XZ
0x1401286d0 ??0_Lockit@std@@QEAA@H@Z
dwmapi.dll
0x140128e80 DwmExtendFrameIntoClientArea
WINHTTP.dll
0x1401288d8 WinHttpReceiveResponse
0x1401288e0 WinHttpOpen
0x1401288e8 WinHttpOpenRequest
0x1401288f0 WinHttpCloseHandle
0x1401288f8 WinHttpSendRequest
0x140128900 WinHttpConnect
0x140128908 WinHttpQueryOption
CRYPT32.dll
0x1401280e0 CertFreeCertificateChainEngine
0x1401280e8 CertCreateCertificateChainEngine
0x1401280f0 CryptQueryObject
0x1401280f8 CertGetNameStringA
0x140128100 CertFindExtension
0x140128108 CertAddCertificateContextToStore
0x140128110 CryptDecodeObjectEx
0x140128118 CertGetCertificateChain
0x140128120 PFXImportCertStore
0x140128128 CryptStringToBinaryA
0x140128130 CertFindCertificateInStore
0x140128138 CertEnumCertificatesInStore
0x140128140 CertOpenStore
0x140128148 CertGetCertificateContextProperty
0x140128150 CertCloseStore
0x140128158 CertFreeCertificateChain
0x140128160 CertFreeCertificateContext
IMM32.dll
0x140128180 ImmReleaseContext
0x140128188 ImmSetCompositionWindow
0x140128190 ImmGetContext
0x140128198 ImmSetCandidateWindow
Normaliz.dll
0x1401286e0 IdnToAscii
WLDAP32.dll
0x140128918 None
0x140128920 None
0x140128928 None
0x140128930 None
0x140128938 None
0x140128940 None
0x140128948 None
0x140128950 None
0x140128958 None
0x140128960 None
0x140128968 None
0x140128970 None
0x140128978 None
0x140128980 None
0x140128988 None
0x140128990 None
0x140128998 None
0x1401289a0 None
WS2_32.dll
0x1401289b0 select
0x1401289b8 freeaddrinfo
0x1401289c0 __WSAFDIsSet
0x1401289c8 ioctlsocket
0x1401289d0 listen
0x1401289d8 htonl
0x1401289e0 recvfrom
0x1401289e8 accept
0x1401289f0 WSACleanup
0x1401289f8 WSAStartup
0x140128a00 WSAIoctl
0x140128a08 sendto
0x140128a10 gethostname
0x140128a18 ntohl
0x140128a20 WSASetLastError
0x140128a28 socket
0x140128a30 setsockopt
0x140128a38 ntohs
0x140128a40 htons
0x140128a48 getsockopt
0x140128a50 getsockname
0x140128a58 getaddrinfo
0x140128a60 connect
0x140128a68 getpeername
0x140128a70 WSAGetLastError
0x140128a78 ind
0x140128a80 send
0x140128a88 recv
0x140128a90 closesocket
RPCRT4.dll
0x140128700 RpcStringFreeA
0x140128708 UuidToStringA
0x140128710 UuidCreate
PSAPI.DLL
0x1401286f0 GetModuleInformation
USERENV.dll
0x140128828 UnloadUserProfile
VCRUNTIME140_1.dll
0x1401288c8 __CxxFrameHandler4
VCRUNTIME140.dll
0x140128838 __current_exception_context
0x140128840 __current_exception
0x140128848 __C_specific_handler
0x140128850 longjmp
0x140128858 strrchr
0x140128860 strchr
0x140128868 memset
0x140128870 __intrinsic_setjmp
0x140128878 memcmp
0x140128880 memmove
0x140128888 _CxxThrowException
0x140128890 strstr
0x140128898 __std_terminate
0x1401288a0 __std_exception_copy
0x1401288a8 __std_exception_destroy
0x1401288b0 memcpy
0x1401288b8 memchr
api-ms-win-crt-runtime-l1-1-0.dll
0x140128be0 exit
0x140128be8 _invalid_parameter_noinfo_noreturn
0x140128bf0 terminate
0x140128bf8 strerror
0x140128c00 __sys_nerr
0x140128c08 _invalid_parameter_noinfo
0x140128c10 _resetstkoflw
0x140128c18 system
0x140128c20 _getpid
0x140128c28 _beginthreadex
0x140128c30 _register_thread_local_exe_atexit_callback
0x140128c38 _c_exit
0x140128c40 __p___argv
0x140128c48 __p___argc
0x140128c50 _exit
0x140128c58 _initterm_e
0x140128c60 _initterm
0x140128c68 _get_initial_narrow_environment
0x140128c70 _set_app_type
0x140128c78 _seh_filter_exe
0x140128c80 _cexit
0x140128c88 _crt_atexit
0x140128c90 _register_onexit_function
0x140128c98 _initialize_onexit_table
0x140128ca0 _initialize_narrow_environment
0x140128ca8 _configure_narrow_argv
0x140128cb0 _errno
api-ms-win-crt-stdio-l1-1-0.dll
0x140128cc0 fclose
0x140128cc8 __p__commode
0x140128cd0 __acrt_iob_func
0x140128cd8 _lseeki64
0x140128ce0 __stdio_common_vsprintf_s
0x140128ce8 fgetc
0x140128cf0 fflush
0x140128cf8 _read
0x140128d00 feof
0x140128d08 fputs
0x140128d10 fopen
0x140128d18 _write
0x140128d20 _close
0x140128d28 _open
0x140128d30 __stdio_common_vfprintf
0x140128d38 fputc
0x140128d40 _pclose
0x140128d48 fgets
0x140128d50 fwrite
0x140128d58 _set_fmode
0x140128d60 __stdio_common_vsscanf
0x140128d68 _wfopen
0x140128d70 __stdio_common_vsprintf
0x140128d78 fseek
0x140128d80 ftell
0x140128d88 _get_stream_buffer_pointers
0x140128d90 _fseeki64
0x140128d98 fread
0x140128da0 fsetpos
0x140128da8 ungetc
0x140128db0 fgetpos
0x140128db8 setvbuf
0x140128dc0 _popen
api-ms-win-crt-heap-l1-1-0.dll
0x140128b10 realloc
0x140128b18 _set_new_mode
0x140128b20 malloc
0x140128b28 calloc
0x140128b30 _callnewh
0x140128b38 free
api-ms-win-crt-math-l1-1-0.dll
0x140128b60 atanf
0x140128b68 asinf
0x140128b70 acosf
0x140128b78 ceilf
0x140128b80 cos
0x140128b88 cosf
0x140128b90 fmodf
0x140128b98 _dclass
0x140128ba0 tanf
0x140128ba8 powf
0x140128bb0 roundf
0x140128bb8 sin
0x140128bc0 sinf
0x140128bc8 sqrtf
0x140128bd0 __setusermatherr
api-ms-win-crt-string-l1-1-0.dll
0x140128dd0 strncmp
0x140128dd8 strncpy
0x140128de0 isupper
0x140128de8 tolower
0x140128df0 strpbrk
0x140128df8 strcmp
0x140128e00 _strdup
0x140128e08 strspn
0x140128e10 strcspn
api-ms-win-crt-time-l1-1-0.dll
0x140128e20 _localtime64_s
0x140128e28 _gmtime64
0x140128e30 strftime
0x140128e38 _time64
api-ms-win-crt-convert-l1-1-0.dll
0x140128aa0 strtod
0x140128aa8 strtoull
0x140128ab0 strtol
0x140128ab8 atoi
0x140128ac0 strtoul
0x140128ac8 strtoll
api-ms-win-crt-utility-l1-1-0.dll
0x140128e48 qsort
0x140128e50 rand
api-ms-win-crt-filesystem-l1-1-0.dll
0x140128ad8 _lock_file
0x140128ae0 _access
0x140128ae8 _unlink
0x140128af0 _stat64
0x140128af8 _fstat64
0x140128b00 _unlock_file
api-ms-win-crt-locale-l1-1-0.dll
0x140128b48 _configthreadlocale
0x140128b50 localeconv
EAT(Export Address Table) is none
d3dx11_43.dll
0x140128e70 D3DX11CreateShaderResourceViewFromMemory
d3d11.dll
0x140128e60 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x140128170 D3DCompile
KERNEL32.dll
0x1401281a8 ReadFile
0x1401281b0 PeekNamedPipe
0x1401281b8 WaitForMultipleObjects
0x1401281c0 GetFileSizeEx
0x1401281c8 CreateFileMappingA
0x1401281d0 GetEnvironmentVariableA
0x1401281d8 WaitForSingleObjectEx
0x1401281e0 MoveFileExA
0x1401281e8 GetTickCount
0x1401281f0 CreateFileMappingW
0x1401281f8 MapViewOfFile
0x140128200 UnmapViewOfFile
0x140128208 GetModuleFileNameA
0x140128210 GetModuleHandleW
0x140128218 QueryFullProcessImageNameW
0x140128220 QueryPerformanceCounter
0x140128228 FreeLibrary
0x140128230 VerSetConditionMask
0x140128238 VerifyVersionInfoA
0x140128240 DeleteCriticalSection
0x140128248 OutputDebugStringW
0x140128250 ReleaseSRWLockExclusive
0x140128258 AcquireSRWLockExclusive
0x140128260 WakeAllConditionVariable
0x140128268 SleepConditionVariableSRW
0x140128270 RtlCaptureContext
0x140128278 RtlLookupFunctionEntry
0x140128280 RtlVirtualUnwind
0x140128288 UnhandledExceptionFilter
0x140128290 SetUnhandledExceptionFilter
0x140128298 IsProcessorFeaturePresent
0x1401282a0 GetCurrentProcessId
0x1401282a8 GetCurrentThreadId
0x1401282b0 GetSystemTimeAsFileTime
0x1401282b8 InitializeSListHead
0x1401282c0 GetProcAddress
0x1401282c8 QueryPerformanceFrequency
0x1401282d0 LoadLibraryA
0x1401282d8 GetModuleHandleA
0x1401282e0 GlobalUnlock
0x1401282e8 GlobalLock
0x1401282f0 GlobalFree
0x1401282f8 GlobalAlloc
0x140128300 GetFileAttributesW
0x140128308 lstrcmpiW
0x140128310 GetConsoleWindow
0x140128318 WideCharToMultiByte
0x140128320 CreateThread
0x140128328 CloseHandle
0x140128330 Process32FirstW
0x140128338 CreateFileA
0x140128340 Process32NextW
0x140128348 GetLastError
0x140128350 Sleep
0x140128358 GetSystemDirectoryA
0x140128360 SleepEx
0x140128368 LeaveCriticalSection
0x140128370 CreateFileW
0x140128378 HeapDestroy
0x140128380 HeapAlloc
0x140128388 HeapReAlloc
0x140128390 GetFileType
0x140128398 HeapFree
0x1401283a0 HeapSize
0x1401283a8 GetProcessHeap
0x1401283b0 GetCurrentProcess
0x1401283b8 MultiByteToWideChar
0x1401283c0 CreateToolhelp32Snapshot
0x1401283c8 SetConsoleWindowInfo
0x1401283d0 TerminateProcess
0x1401283d8 DeviceIoControl
0x1401283e0 GetStdHandle
0x1401283e8 SetConsoleScreenBufferSize
0x1401283f0 SetConsoleTitleA
0x1401283f8 SetConsoleTextAttribute
0x140128400 InitializeCriticalSectionEx
0x140128408 IsDebuggerPresent
0x140128410 SetLastError
0x140128418 EnterCriticalSection
0x140128420 FormatMessageA
0x140128428 LocalFree
0x140128430 VirtualProtect
USER32.dll
0x140128730 SetCursor
0x140128738 SetCursorPos
0x140128740 OpenClipboard
0x140128748 CloseClipboard
0x140128750 GetClipboardData
0x140128758 SetClipboardData
0x140128760 GetKeyState
0x140128768 LoadCursorW
0x140128770 UpdateWindow
0x140128778 FindWindowA
0x140128780 GetClientRect
0x140128788 FindWindowW
0x140128790 TranslateMessage
0x140128798 SetLayeredWindowAttributes
0x1401287a0 GetForegroundWindow
0x1401287a8 PeekMessageW
0x1401287b0 ClientToScreen
0x1401287b8 EmptyClipboard
0x1401287c0 DispatchMessageW
0x1401287c8 GetAsyncKeyState
0x1401287d0 ShowWindow
0x1401287d8 GetWindowLongPtrW
0x1401287e0 ScreenToClient
0x1401287e8 GetSystemMetrics
0x1401287f0 MessageBoxA
0x1401287f8 GetWindow
0x140128800 DestroyWindow
0x140128808 SetWindowPos
0x140128810 SetWindowLongPtrW
0x140128818 GetCursorPos
ADVAPI32.dll
0x140128000 StartServiceW
0x140128008 ControlService
0x140128010 DeleteService
0x140128018 OpenSCManagerW
0x140128020 CloseServiceHandle
0x140128028 QueryServiceStatus
0x140128030 CreateServiceW
0x140128038 OpenProcessToken
0x140128040 AddAccessAllowedAce
0x140128048 GetLengthSid
0x140128050 GetTokenInformation
0x140128058 InitializeAcl
0x140128060 IsValidSid
0x140128068 SetSecurityInfo
0x140128070 CopySid
0x140128078 CryptEncrypt
0x140128080 CryptImportKey
0x140128088 CryptDestroyKey
0x140128090 CryptDestroyHash
0x140128098 CryptHashData
0x1401280a0 CryptCreateHash
0x1401280a8 CryptGenRandom
0x1401280b0 CryptGetHashParam
0x1401280b8 CryptReleaseContext
0x1401280c0 CryptAcquireContextA
0x1401280c8 ConvertSidToStringSidA
0x1401280d0 OpenServiceW
SHELL32.dll
0x140128720 ShellExecuteA
MSVCP140.dll
0x140128440 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128448 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x140128450 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x140128458 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x140128460 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x140128468 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x140128470 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128478 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128480 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x140128488 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
0x140128490 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
0x140128498 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x1401284a0 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401284a8 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
0x1401284b0 ??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
0x1401284b8 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x1401284c0 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1401284c8 ??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
0x1401284d0 ??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
0x1401284d8 ?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
0x1401284e0 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x1401284e8 ?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
0x1401284f0 ?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
0x1401284f8 ?_Incref@facet@locale@std@@UEAAXXZ
0x140128500 ??Bid@locale@std@@QEAA_KXZ
0x140128508 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x140128510 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x140128518 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x140128520 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x140128528 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128530 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x140128538 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x140128540 _Mtx_unlock
0x140128548 _Thrd_join
0x140128550 _Xtime_get_ticks
0x140128558 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x140128560 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x140128568 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x140128570 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x140128578 _Query_perf_counter
0x140128580 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x140128588 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x140128590 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x140128598 _Thrd_id
0x1401285a0 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1401285a8 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1401285b0 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1401285b8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x1401285c0 ??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
0x1401285c8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d0 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1401285d8 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1401285e0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1401285e8 _Thrd_sleep
0x1401285f0 _Cnd_do_broadcast_at_thread_exit
0x1401285f8 _Mtx_init_in_situ
0x140128600 _Mtx_lock
0x140128608 _Mtx_destroy_in_situ
0x140128610 ?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
0x140128618 ?id@?$ctype@D@std@@2V0locale@2@A
0x140128620 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x140128628 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x140128630 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x140128638 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x140128640 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128648 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x140128650 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x140128658 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x140128660 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x140128668 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x140128670 ?_Xout_of_range@std@@YAXPEBD@Z
0x140128678 ?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
0x140128680 ?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
0x140128688 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x140128690 ?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
0x140128698 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x1401286a0 ?uncaught_exceptions@std@@YAHXZ
0x1401286a8 ?_Throw_Cpp_error@std@@YAXH@Z
0x1401286b0 ?_Xbad_function_call@std@@YAXXZ
0x1401286b8 ?_Xlength_error@std@@YAXPEBD@Z
0x1401286c0 _Query_perf_frequency
0x1401286c8 ??1_Lockit@std@@QEAA@XZ
0x1401286d0 ??0_Lockit@std@@QEAA@H@Z
dwmapi.dll
0x140128e80 DwmExtendFrameIntoClientArea
WINHTTP.dll
0x1401288d8 WinHttpReceiveResponse
0x1401288e0 WinHttpOpen
0x1401288e8 WinHttpOpenRequest
0x1401288f0 WinHttpCloseHandle
0x1401288f8 WinHttpSendRequest
0x140128900 WinHttpConnect
0x140128908 WinHttpQueryOption
CRYPT32.dll
0x1401280e0 CertFreeCertificateChainEngine
0x1401280e8 CertCreateCertificateChainEngine
0x1401280f0 CryptQueryObject
0x1401280f8 CertGetNameStringA
0x140128100 CertFindExtension
0x140128108 CertAddCertificateContextToStore
0x140128110 CryptDecodeObjectEx
0x140128118 CertGetCertificateChain
0x140128120 PFXImportCertStore
0x140128128 CryptStringToBinaryA
0x140128130 CertFindCertificateInStore
0x140128138 CertEnumCertificatesInStore
0x140128140 CertOpenStore
0x140128148 CertGetCertificateContextProperty
0x140128150 CertCloseStore
0x140128158 CertFreeCertificateChain
0x140128160 CertFreeCertificateContext
IMM32.dll
0x140128180 ImmReleaseContext
0x140128188 ImmSetCompositionWindow
0x140128190 ImmGetContext
0x140128198 ImmSetCandidateWindow
Normaliz.dll
0x1401286e0 IdnToAscii
WLDAP32.dll
0x140128918 None
0x140128920 None
0x140128928 None
0x140128930 None
0x140128938 None
0x140128940 None
0x140128948 None
0x140128950 None
0x140128958 None
0x140128960 None
0x140128968 None
0x140128970 None
0x140128978 None
0x140128980 None
0x140128988 None
0x140128990 None
0x140128998 None
0x1401289a0 None
WS2_32.dll
0x1401289b0 select
0x1401289b8 freeaddrinfo
0x1401289c0 __WSAFDIsSet
0x1401289c8 ioctlsocket
0x1401289d0 listen
0x1401289d8 htonl
0x1401289e0 recvfrom
0x1401289e8 accept
0x1401289f0 WSACleanup
0x1401289f8 WSAStartup
0x140128a00 WSAIoctl
0x140128a08 sendto
0x140128a10 gethostname
0x140128a18 ntohl
0x140128a20 WSASetLastError
0x140128a28 socket
0x140128a30 setsockopt
0x140128a38 ntohs
0x140128a40 htons
0x140128a48 getsockopt
0x140128a50 getsockname
0x140128a58 getaddrinfo
0x140128a60 connect
0x140128a68 getpeername
0x140128a70 WSAGetLastError
0x140128a78 ind
0x140128a80 send
0x140128a88 recv
0x140128a90 closesocket
RPCRT4.dll
0x140128700 RpcStringFreeA
0x140128708 UuidToStringA
0x140128710 UuidCreate
PSAPI.DLL
0x1401286f0 GetModuleInformation
USERENV.dll
0x140128828 UnloadUserProfile
VCRUNTIME140_1.dll
0x1401288c8 __CxxFrameHandler4
VCRUNTIME140.dll
0x140128838 __current_exception_context
0x140128840 __current_exception
0x140128848 __C_specific_handler
0x140128850 longjmp
0x140128858 strrchr
0x140128860 strchr
0x140128868 memset
0x140128870 __intrinsic_setjmp
0x140128878 memcmp
0x140128880 memmove
0x140128888 _CxxThrowException
0x140128890 strstr
0x140128898 __std_terminate
0x1401288a0 __std_exception_copy
0x1401288a8 __std_exception_destroy
0x1401288b0 memcpy
0x1401288b8 memchr
api-ms-win-crt-runtime-l1-1-0.dll
0x140128be0 exit
0x140128be8 _invalid_parameter_noinfo_noreturn
0x140128bf0 terminate
0x140128bf8 strerror
0x140128c00 __sys_nerr
0x140128c08 _invalid_parameter_noinfo
0x140128c10 _resetstkoflw
0x140128c18 system
0x140128c20 _getpid
0x140128c28 _beginthreadex
0x140128c30 _register_thread_local_exe_atexit_callback
0x140128c38 _c_exit
0x140128c40 __p___argv
0x140128c48 __p___argc
0x140128c50 _exit
0x140128c58 _initterm_e
0x140128c60 _initterm
0x140128c68 _get_initial_narrow_environment
0x140128c70 _set_app_type
0x140128c78 _seh_filter_exe
0x140128c80 _cexit
0x140128c88 _crt_atexit
0x140128c90 _register_onexit_function
0x140128c98 _initialize_onexit_table
0x140128ca0 _initialize_narrow_environment
0x140128ca8 _configure_narrow_argv
0x140128cb0 _errno
api-ms-win-crt-stdio-l1-1-0.dll
0x140128cc0 fclose
0x140128cc8 __p__commode
0x140128cd0 __acrt_iob_func
0x140128cd8 _lseeki64
0x140128ce0 __stdio_common_vsprintf_s
0x140128ce8 fgetc
0x140128cf0 fflush
0x140128cf8 _read
0x140128d00 feof
0x140128d08 fputs
0x140128d10 fopen
0x140128d18 _write
0x140128d20 _close
0x140128d28 _open
0x140128d30 __stdio_common_vfprintf
0x140128d38 fputc
0x140128d40 _pclose
0x140128d48 fgets
0x140128d50 fwrite
0x140128d58 _set_fmode
0x140128d60 __stdio_common_vsscanf
0x140128d68 _wfopen
0x140128d70 __stdio_common_vsprintf
0x140128d78 fseek
0x140128d80 ftell
0x140128d88 _get_stream_buffer_pointers
0x140128d90 _fseeki64
0x140128d98 fread
0x140128da0 fsetpos
0x140128da8 ungetc
0x140128db0 fgetpos
0x140128db8 setvbuf
0x140128dc0 _popen
api-ms-win-crt-heap-l1-1-0.dll
0x140128b10 realloc
0x140128b18 _set_new_mode
0x140128b20 malloc
0x140128b28 calloc
0x140128b30 _callnewh
0x140128b38 free
api-ms-win-crt-math-l1-1-0.dll
0x140128b60 atanf
0x140128b68 asinf
0x140128b70 acosf
0x140128b78 ceilf
0x140128b80 cos
0x140128b88 cosf
0x140128b90 fmodf
0x140128b98 _dclass
0x140128ba0 tanf
0x140128ba8 powf
0x140128bb0 roundf
0x140128bb8 sin
0x140128bc0 sinf
0x140128bc8 sqrtf
0x140128bd0 __setusermatherr
api-ms-win-crt-string-l1-1-0.dll
0x140128dd0 strncmp
0x140128dd8 strncpy
0x140128de0 isupper
0x140128de8 tolower
0x140128df0 strpbrk
0x140128df8 strcmp
0x140128e00 _strdup
0x140128e08 strspn
0x140128e10 strcspn
api-ms-win-crt-time-l1-1-0.dll
0x140128e20 _localtime64_s
0x140128e28 _gmtime64
0x140128e30 strftime
0x140128e38 _time64
api-ms-win-crt-convert-l1-1-0.dll
0x140128aa0 strtod
0x140128aa8 strtoull
0x140128ab0 strtol
0x140128ab8 atoi
0x140128ac0 strtoul
0x140128ac8 strtoll
api-ms-win-crt-utility-l1-1-0.dll
0x140128e48 qsort
0x140128e50 rand
api-ms-win-crt-filesystem-l1-1-0.dll
0x140128ad8 _lock_file
0x140128ae0 _access
0x140128ae8 _unlink
0x140128af0 _stat64
0x140128af8 _fstat64
0x140128b00 _unlock_file
api-ms-win-crt-locale-l1-1-0.dll
0x140128b48 _configthreadlocale
0x140128b50 localeconv
EAT(Export Address Table) is none