ScreenShot
| Created | 2025.03.30 14:16 | Machine | s1_win7_x6403 |
| Filename | riotloader.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 44 detected (AIDetectMalware, GameHack, Malicious, score, GenericKD, Unsafe, confidence, 100%, Attribute, HighConfidence, high confidence, FileRepMalware, Hacktool, CLOUD, AGEN, Static AI, Suspicious PE, Detected, Caynamer, Sabsik, Eldorado, Artemis, PE04C9V, Gencirc, susgen) | ||
| md5 | 7e2f48566d2ecb1223567928b6e95c79 | ||
| sha256 | cb80abcdbee3558eee4334c52eca2edf78ab8c5b82616a702f58281fa226cfeb | ||
| ssdeep | 49152:Y+j+hPEzZwvSTA5fXz98CQTT8+HEFn0+di1KZSBGSr:PqdE69aB | ||
| imphash | 36a63129f349de3f1f9e9005bc50040e | ||
| impfuzzy | 192:+WKfwG3Ins6lsqVmrQXamENQtVLkaVGXYsOl9:+p4dds8zENqkwGEl9 | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 44 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x14011c168 GetEnvironmentVariableA
0x14011c170 GetStdHandle
0x14011c178 GetFileType
0x14011c180 PeekNamedPipe
0x14011c188 WaitForMultipleObjects
0x14011c190 ReleaseSRWLockExclusive
0x14011c198 AcquireSRWLockExclusive
0x14011c1a0 SleepConditionVariableSRW
0x14011c1a8 GetCurrentThreadId
0x14011c1b0 GetLocaleInfoEx
0x14011c1b8 GetCurrentDirectoryW
0x14011c1c0 CreateDirectoryW
0x14011c1c8 FindClose
0x14011c1d0 FindFirstFileW
0x14011c1d8 MoveFileExA
0x14011c1e0 GetTickCount
0x14011c1e8 VerifyVersionInfoA
0x14011c1f0 GetSystemDirectoryA
0x14011c1f8 SleepEx
0x14011c200 LeaveCriticalSection
0x14011c208 EnterCriticalSection
0x14011c210 GetFileAttributesExW
0x14011c218 AreFileApisANSI
0x14011c220 GetFileInformationByHandleEx
0x14011c228 WakeAllConditionVariable
0x14011c230 RtlCaptureContext
0x14011c238 RtlLookupFunctionEntry
0x14011c240 RtlVirtualUnwind
0x14011c248 UnhandledExceptionFilter
0x14011c250 SetUnhandledExceptionFilter
0x14011c258 TerminateProcess
0x14011c260 IsProcessorFeaturePresent
0x14011c268 IsDebuggerPresent
0x14011c270 GetStartupInfoW
0x14011c278 GetCurrentProcessId
0x14011c280 GetSystemTimeAsFileTime
0x14011c288 InitializeSListHead
0x14011c290 OutputDebugStringW
0x14011c298 LocalFree
0x14011c2a0 FormatMessageA
0x14011c2a8 SetLastError
0x14011c2b0 QueryFullProcessImageNameW
0x14011c2b8 GetModuleHandleW
0x14011c2c0 GetModuleFileNameW
0x14011c2c8 GetModuleFileNameA
0x14011c2d0 CreateFileMappingW
0x14011c2d8 VirtualProtect
0x14011c2e0 CreateThread
0x14011c2e8 GetCurrentProcess
0x14011c2f0 DeleteCriticalSection
0x14011c2f8 InitializeCriticalSectionEx
0x14011c300 HeapSize
0x14011c308 HeapDestroy
0x14011c310 GetLastError
0x14011c318 CreateFileMappingA
0x14011c320 UnmapViewOfFile
0x14011c328 MapViewOfFile
0x14011c330 GetProcessHeap
0x14011c338 HeapFree
0x14011c340 HeapReAlloc
0x14011c348 HeapAlloc
0x14011c350 ReadFile
0x14011c358 GetFileSizeEx
0x14011c360 CreateFileA
0x14011c368 QueryPerformanceCounter
0x14011c370 VerSetConditionMask
0x14011c378 QueryPerformanceFrequency
0x14011c380 GlobalUnlock
0x14011c388 WideCharToMultiByte
0x14011c390 GlobalLock
0x14011c398 GlobalFree
0x14011c3a0 GlobalAlloc
0x14011c3a8 MultiByteToWideChar
0x14011c3b0 FreeLibrary
0x14011c3b8 SystemTimeToFileTime
0x14011c3c0 LoadLibraryA
0x14011c3c8 Sleep
0x14011c3d0 CreateFileW
0x14011c3d8 SetFileTime
0x14011c3e0 GetProcAddress
0x14011c3e8 WaitForSingleObjectEx
0x14011c3f0 CloseHandle
0x14011c3f8 GetModuleHandleA
USER32.dll
0x14011c728 GetForegroundWindow
0x14011c730 TrackMouseEvent
0x14011c738 ClientToScreen
0x14011c740 GetCapture
0x14011c748 IsWindowUnicode
0x14011c750 LoadIconA
0x14011c758 TranslateMessage
0x14011c760 SetClipboardData
0x14011c768 SetCursor
0x14011c770 GetWindowLongA
0x14011c778 SetWindowLongA
0x14011c780 ShowWindow
0x14011c788 RegisterClassExW
0x14011c790 UnregisterClassW
0x14011c798 GetSystemMetrics
0x14011c7a0 CreateWindowExW
0x14011c7a8 DestroyWindow
0x14011c7b0 DispatchMessageA
0x14011c7b8 SetCapture
0x14011c7c0 DefWindowProcA
0x14011c7c8 ReleaseCapture
0x14011c7d0 SetCursorPos
0x14011c7d8 GetCursorPos
0x14011c7e0 OpenClipboard
0x14011c7e8 CloseClipboard
0x14011c7f0 EmptyClipboard
0x14011c7f8 GetClientRect
0x14011c800 GetClipboardData
0x14011c808 ScreenToClient
0x14011c810 LoadCursorA
0x14011c818 GetMessageExtraInfo
0x14011c820 GetKeyState
0x14011c828 UpdateWindow
0x14011c830 PostQuitMessage
0x14011c838 GetWindowRect
0x14011c840 MoveWindow
0x14011c848 SetLayeredWindowAttributes
0x14011c850 MessageBoxA
0x14011c858 PeekMessageA
ADVAPI32.dll
0x14011c000 CryptDestroyHash
0x14011c008 RegGetValueA
0x14011c010 OpenProcessToken
0x14011c018 AddAccessAllowedAce
0x14011c020 GetLengthSid
0x14011c028 GetTokenInformation
0x14011c030 CryptEncrypt
0x14011c038 CryptImportKey
0x14011c040 CryptDestroyKey
0x14011c048 CryptHashData
0x14011c050 CryptCreateHash
0x14011c058 CryptGenRandom
0x14011c060 InitializeAcl
0x14011c068 IsValidSid
0x14011c070 SetSecurityInfo
0x14011c078 CopySid
0x14011c080 ConvertSidToStringSidA
0x14011c088 CryptAcquireContextA
0x14011c090 CryptReleaseContext
0x14011c098 CryptGetHashParam
ole32.dll
0x14011ce60 CoInitializeEx
0x14011ce68 CoCreateInstance
0x14011ce70 CoUninitialize
OLEAUT32.dll
0x14011c6b0 VariantInit
0x14011c6b8 SysFreeString
0x14011c6c0 SysAllocString
0x14011c6c8 VariantClear
MSVCP140.dll
0x14011c408 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14011c410 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14011c418 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c420 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x14011c428 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x14011c430 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c438 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x14011c440 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14011c448 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14011c450 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14011c458 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14011c460 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14011c468 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14011c470 ?id@?$ctype@D@std@@2V0locale@2@A
0x14011c478 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x14011c480 ?_Xlength_error@std@@YAXPEBD@Z
0x14011c488 _Query_perf_frequency
0x14011c490 ??1_Lockit@std@@QEAA@XZ
0x14011c498 ??0_Lockit@std@@QEAA@H@Z
0x14011c4a0 ?_Throw_Cpp_error@std@@YAXH@Z
0x14011c4a8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x14011c4b0 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x14011c4b8 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
0x14011c4c0 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
0x14011c4c8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x14011c4d0 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
0x14011c4d8 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14011c4e0 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14011c4e8 ?_Xout_of_range@std@@YAXPEBD@Z
0x14011c4f0 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
0x14011c4f8 ?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c500 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x14011c508 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x14011c510 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14011c518 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14011c520 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14011c528 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x14011c530 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x14011c538 _Cnd_do_broadcast_at_thread_exit
0x14011c540 _Query_perf_counter
0x14011c548 _Thrd_detach
0x14011c550 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14011c558 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x14011c560 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14011c568 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x14011c570 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14011c578 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x14011c580 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14011c588 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14011c590 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c598 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5a0 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5a8 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5b0 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x14011c5b8 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5c0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x14011c5c8 ?width@ios_base@std@@QEAA_J_J@Z
0x14011c5d0 ?width@ios_base@std@@QEBA_JXZ
0x14011c5d8 ?setf@ios_base@std@@QEAAHHH@Z
0x14011c5e0 ?flags@ios_base@std@@QEBAHXZ
0x14011c5e8 ?good@ios_base@std@@QEBA_NXZ
0x14011c5f0 ??7ios_base@std@@QEBA_NXZ
0x14011c5f8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14011c600 ?_Winerror_map@std@@YAHH@Z
0x14011c608 ?_Syserror_map@std@@YAPEBDH@Z
0x14011c610 ?uncaught_exception@std@@YA_NXZ
0x14011c618 ?_Xbad_alloc@std@@YAXXZ
0x14011c620 ?_Xbad_function_call@std@@YAXXZ
0x14011c628 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14011c630 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x14011c638 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14011c640 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14011c648 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c650 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14011c658 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14011c660 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14011c668 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c670 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c678 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x14011c680 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x14011c688 ??Bid@locale@std@@QEAA_KXZ
0x14011c690 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
IMM32.dll
0x14011c140 ImmReleaseContext
0x14011c148 ImmGetContext
0x14011c150 ImmSetCandidateWindow
0x14011c158 ImmSetCompositionWindow
D3DCOMPILER_43.dll
0x14011c130 D3DCompile
dwmapi.dll
0x14011ce50 DwmExtendFrameIntoClientArea
d3d11.dll
0x14011ce30 D3D11CreateDeviceAndSwapChain
d3dx11_43.dll
0x14011ce40 D3DX11CreateShaderResourceViewFromMemory
Normaliz.dll
0x14011c6a0 IdnToAscii
WLDAP32.dll
0x14011c918 None
0x14011c920 None
0x14011c928 None
0x14011c930 None
0x14011c938 None
0x14011c940 None
0x14011c948 None
0x14011c950 None
0x14011c958 None
0x14011c960 None
0x14011c968 None
0x14011c970 None
0x14011c978 None
0x14011c980 None
0x14011c988 None
0x14011c990 None
0x14011c998 None
0x14011c9a0 None
CRYPT32.dll
0x14011c0a8 CryptQueryObject
0x14011c0b0 CertCreateCertificateChainEngine
0x14011c0b8 CertFreeCertificateChainEngine
0x14011c0c0 CertGetCertificateChain
0x14011c0c8 CertFreeCertificateChain
0x14011c0d0 CertGetNameStringA
0x14011c0d8 CertFindExtension
0x14011c0e0 CertAddCertificateContextToStore
0x14011c0e8 CertOpenStore
0x14011c0f0 CertCloseStore
0x14011c0f8 CertEnumCertificatesInStore
0x14011c100 CertFindCertificateInStore
0x14011c108 CertFreeCertificateContext
0x14011c110 CryptStringToBinaryA
0x14011c118 PFXImportCertStore
0x14011c120 CryptDecodeObjectEx
WS2_32.dll
0x14011c9b0 closesocket
0x14011c9b8 recv
0x14011c9c0 send
0x14011c9c8 WSAGetLastError
0x14011c9d0 ind
0x14011c9d8 connect
0x14011c9e0 getpeername
0x14011c9e8 getsockname
0x14011c9f0 getsockopt
0x14011c9f8 htons
0x14011ca00 ntohs
0x14011ca08 setsockopt
0x14011ca10 socket
0x14011ca18 WSASetLastError
0x14011ca20 WSAIoctl
0x14011ca28 WSAStartup
0x14011ca30 WSACleanup
0x14011ca38 ntohl
0x14011ca40 gethostname
0x14011ca48 sendto
0x14011ca50 recvfrom
0x14011ca58 freeaddrinfo
0x14011ca60 getaddrinfo
0x14011ca68 select
0x14011ca70 __WSAFDIsSet
0x14011ca78 ioctlsocket
0x14011ca80 listen
0x14011ca88 htonl
0x14011ca90 accept
SHLWAPI.dll
0x14011c718 PathFindFileNameW
RPCRT4.dll
0x14011c6e8 UuidToStringA
0x14011c6f0 UuidCreate
0x14011c6f8 RpcStringFreeA
PSAPI.DLL
0x14011c6d8 GetModuleInformation
USERENV.dll
0x14011c868 UnloadUserProfile
VCRUNTIME140_1.dll
0x14011c908 __CxxFrameHandler4
VCRUNTIME140.dll
0x14011c878 __std_exception_copy
0x14011c880 __std_terminate
0x14011c888 __std_exception_destroy
0x14011c890 __intrinsic_setjmp
0x14011c898 strchr
0x14011c8a0 strrchr
0x14011c8a8 longjmp
0x14011c8b0 memcpy
0x14011c8b8 memmove
0x14011c8c0 memset
0x14011c8c8 strstr
0x14011c8d0 memchr
0x14011c8d8 memcmp
0x14011c8e0 __current_exception
0x14011c8e8 __current_exception_context
0x14011c8f0 _CxxThrowException
0x14011c8f8 __C_specific_handler
api-ms-win-crt-runtime-l1-1-0.dll
0x14011cbc8 abort
0x14011cbd0 _configure_narrow_argv
0x14011cbd8 _initialize_narrow_environment
0x14011cbe0 _initialize_onexit_table
0x14011cbe8 _getpid
0x14011cbf0 _crt_atexit
0x14011cbf8 _cexit
0x14011cc00 _seh_filter_exe
0x14011cc08 _set_app_type
0x14011cc10 _get_narrow_winmain_command_line
0x14011cc18 _errno
0x14011cc20 _initterm
0x14011cc28 _initterm_e
0x14011cc30 _exit
0x14011cc38 _resetstkoflw
0x14011cc40 terminate
0x14011cc48 _invalid_parameter_noinfo
0x14011cc50 _beginthreadex
0x14011cc58 __sys_nerr
0x14011cc60 strerror
0x14011cc68 exit
0x14011cc70 _invalid_parameter_noinfo_noreturn
0x14011cc78 system
0x14011cc80 _register_thread_local_exe_atexit_callback
0x14011cc88 _c_exit
0x14011cc90 _register_onexit_function
api-ms-win-crt-stdio-l1-1-0.dll
0x14011cca0 fgets
0x14011cca8 _popen
0x14011ccb0 __p__commode
0x14011ccb8 _read
0x14011ccc0 _write
0x14011ccc8 fopen
0x14011ccd0 fputs
0x14011ccd8 feof
0x14011cce0 _close
0x14011cce8 _open
0x14011ccf0 _pclose
0x14011ccf8 fputc
0x14011cd00 fflush
0x14011cd08 fclose
0x14011cd10 _lseeki64
0x14011cd18 __stdio_common_vsscanf
0x14011cd20 fgetc
0x14011cd28 __stdio_common_vsprintf
0x14011cd30 _wfopen
0x14011cd38 _set_fmode
0x14011cd40 fwrite
0x14011cd48 __stdio_common_vfprintf
0x14011cd50 fseek
0x14011cd58 __acrt_iob_func
0x14011cd60 ftell
0x14011cd68 _get_stream_buffer_pointers
0x14011cd70 _fseeki64
0x14011cd78 fread
0x14011cd80 fsetpos
0x14011cd88 ungetc
0x14011cd90 setvbuf
0x14011cd98 fgetpos
api-ms-win-crt-filesystem-l1-1-0.dll
0x14011cae8 _unlock_file
0x14011caf0 _fstat64
0x14011caf8 _stat64
0x14011cb00 _access
0x14011cb08 _unlink
0x14011cb10 _lock_file
api-ms-win-crt-utility-l1-1-0.dll
0x14011ce20 qsort
api-ms-win-crt-string-l1-1-0.dll
0x14011cda8 strspn
0x14011cdb0 isupper
0x14011cdb8 strncpy
0x14011cdc0 strcspn
0x14011cdc8 strcmp
0x14011cdd0 strncmp
0x14011cdd8 _strdup
0x14011cde0 strpbrk
0x14011cde8 tolower
api-ms-win-crt-heap-l1-1-0.dll
0x14011cb20 free
0x14011cb28 malloc
0x14011cb30 _set_new_mode
0x14011cb38 realloc
0x14011cb40 calloc
0x14011cb48 _callnewh
api-ms-win-crt-convert-l1-1-0.dll
0x14011caa0 strtol
0x14011caa8 atoi
0x14011cab0 strtoul
0x14011cab8 strtod
0x14011cac0 strtoll
0x14011cac8 strtoull
api-ms-win-crt-environment-l1-1-0.dll
0x14011cad8 getenv
api-ms-win-crt-math-l1-1-0.dll
0x14011cb78 _dclass
0x14011cb80 __setusermatherr
0x14011cb88 fmodf
0x14011cb90 cosf
0x14011cb98 sqrtf
0x14011cba0 acosf
0x14011cba8 ceilf
0x14011cbb0 _dsign
0x14011cbb8 sinf
api-ms-win-crt-time-l1-1-0.dll
0x14011cdf8 _gmtime64
0x14011ce00 _time64
0x14011ce08 _localtime64
0x14011ce10 strftime
api-ms-win-crt-locale-l1-1-0.dll
0x14011cb58 ___lc_codepage_func
0x14011cb60 _configthreadlocale
0x14011cb68 localeconv
SHELL32.dll
0x14011c708 ShellExecuteA
EAT(Export Address Table) is none
KERNEL32.dll
0x14011c168 GetEnvironmentVariableA
0x14011c170 GetStdHandle
0x14011c178 GetFileType
0x14011c180 PeekNamedPipe
0x14011c188 WaitForMultipleObjects
0x14011c190 ReleaseSRWLockExclusive
0x14011c198 AcquireSRWLockExclusive
0x14011c1a0 SleepConditionVariableSRW
0x14011c1a8 GetCurrentThreadId
0x14011c1b0 GetLocaleInfoEx
0x14011c1b8 GetCurrentDirectoryW
0x14011c1c0 CreateDirectoryW
0x14011c1c8 FindClose
0x14011c1d0 FindFirstFileW
0x14011c1d8 MoveFileExA
0x14011c1e0 GetTickCount
0x14011c1e8 VerifyVersionInfoA
0x14011c1f0 GetSystemDirectoryA
0x14011c1f8 SleepEx
0x14011c200 LeaveCriticalSection
0x14011c208 EnterCriticalSection
0x14011c210 GetFileAttributesExW
0x14011c218 AreFileApisANSI
0x14011c220 GetFileInformationByHandleEx
0x14011c228 WakeAllConditionVariable
0x14011c230 RtlCaptureContext
0x14011c238 RtlLookupFunctionEntry
0x14011c240 RtlVirtualUnwind
0x14011c248 UnhandledExceptionFilter
0x14011c250 SetUnhandledExceptionFilter
0x14011c258 TerminateProcess
0x14011c260 IsProcessorFeaturePresent
0x14011c268 IsDebuggerPresent
0x14011c270 GetStartupInfoW
0x14011c278 GetCurrentProcessId
0x14011c280 GetSystemTimeAsFileTime
0x14011c288 InitializeSListHead
0x14011c290 OutputDebugStringW
0x14011c298 LocalFree
0x14011c2a0 FormatMessageA
0x14011c2a8 SetLastError
0x14011c2b0 QueryFullProcessImageNameW
0x14011c2b8 GetModuleHandleW
0x14011c2c0 GetModuleFileNameW
0x14011c2c8 GetModuleFileNameA
0x14011c2d0 CreateFileMappingW
0x14011c2d8 VirtualProtect
0x14011c2e0 CreateThread
0x14011c2e8 GetCurrentProcess
0x14011c2f0 DeleteCriticalSection
0x14011c2f8 InitializeCriticalSectionEx
0x14011c300 HeapSize
0x14011c308 HeapDestroy
0x14011c310 GetLastError
0x14011c318 CreateFileMappingA
0x14011c320 UnmapViewOfFile
0x14011c328 MapViewOfFile
0x14011c330 GetProcessHeap
0x14011c338 HeapFree
0x14011c340 HeapReAlloc
0x14011c348 HeapAlloc
0x14011c350 ReadFile
0x14011c358 GetFileSizeEx
0x14011c360 CreateFileA
0x14011c368 QueryPerformanceCounter
0x14011c370 VerSetConditionMask
0x14011c378 QueryPerformanceFrequency
0x14011c380 GlobalUnlock
0x14011c388 WideCharToMultiByte
0x14011c390 GlobalLock
0x14011c398 GlobalFree
0x14011c3a0 GlobalAlloc
0x14011c3a8 MultiByteToWideChar
0x14011c3b0 FreeLibrary
0x14011c3b8 SystemTimeToFileTime
0x14011c3c0 LoadLibraryA
0x14011c3c8 Sleep
0x14011c3d0 CreateFileW
0x14011c3d8 SetFileTime
0x14011c3e0 GetProcAddress
0x14011c3e8 WaitForSingleObjectEx
0x14011c3f0 CloseHandle
0x14011c3f8 GetModuleHandleA
USER32.dll
0x14011c728 GetForegroundWindow
0x14011c730 TrackMouseEvent
0x14011c738 ClientToScreen
0x14011c740 GetCapture
0x14011c748 IsWindowUnicode
0x14011c750 LoadIconA
0x14011c758 TranslateMessage
0x14011c760 SetClipboardData
0x14011c768 SetCursor
0x14011c770 GetWindowLongA
0x14011c778 SetWindowLongA
0x14011c780 ShowWindow
0x14011c788 RegisterClassExW
0x14011c790 UnregisterClassW
0x14011c798 GetSystemMetrics
0x14011c7a0 CreateWindowExW
0x14011c7a8 DestroyWindow
0x14011c7b0 DispatchMessageA
0x14011c7b8 SetCapture
0x14011c7c0 DefWindowProcA
0x14011c7c8 ReleaseCapture
0x14011c7d0 SetCursorPos
0x14011c7d8 GetCursorPos
0x14011c7e0 OpenClipboard
0x14011c7e8 CloseClipboard
0x14011c7f0 EmptyClipboard
0x14011c7f8 GetClientRect
0x14011c800 GetClipboardData
0x14011c808 ScreenToClient
0x14011c810 LoadCursorA
0x14011c818 GetMessageExtraInfo
0x14011c820 GetKeyState
0x14011c828 UpdateWindow
0x14011c830 PostQuitMessage
0x14011c838 GetWindowRect
0x14011c840 MoveWindow
0x14011c848 SetLayeredWindowAttributes
0x14011c850 MessageBoxA
0x14011c858 PeekMessageA
ADVAPI32.dll
0x14011c000 CryptDestroyHash
0x14011c008 RegGetValueA
0x14011c010 OpenProcessToken
0x14011c018 AddAccessAllowedAce
0x14011c020 GetLengthSid
0x14011c028 GetTokenInformation
0x14011c030 CryptEncrypt
0x14011c038 CryptImportKey
0x14011c040 CryptDestroyKey
0x14011c048 CryptHashData
0x14011c050 CryptCreateHash
0x14011c058 CryptGenRandom
0x14011c060 InitializeAcl
0x14011c068 IsValidSid
0x14011c070 SetSecurityInfo
0x14011c078 CopySid
0x14011c080 ConvertSidToStringSidA
0x14011c088 CryptAcquireContextA
0x14011c090 CryptReleaseContext
0x14011c098 CryptGetHashParam
ole32.dll
0x14011ce60 CoInitializeEx
0x14011ce68 CoCreateInstance
0x14011ce70 CoUninitialize
OLEAUT32.dll
0x14011c6b0 VariantInit
0x14011c6b8 SysFreeString
0x14011c6c0 SysAllocString
0x14011c6c8 VariantClear
MSVCP140.dll
0x14011c408 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x14011c410 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14011c418 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c420 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x14011c428 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x14011c430 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c438 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
0x14011c440 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
0x14011c448 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14011c450 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x14011c458 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x14011c460 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14011c468 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x14011c470 ?id@?$ctype@D@std@@2V0locale@2@A
0x14011c478 ?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
0x14011c480 ?_Xlength_error@std@@YAXPEBD@Z
0x14011c488 _Query_perf_frequency
0x14011c490 ??1_Lockit@std@@QEAA@XZ
0x14011c498 ??0_Lockit@std@@QEAA@H@Z
0x14011c4a0 ?_Throw_Cpp_error@std@@YAXH@Z
0x14011c4a8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x14011c4b0 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x14011c4b8 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
0x14011c4c0 ?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
0x14011c4c8 ?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
0x14011c4d0 ?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
0x14011c4d8 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14011c4e0 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x14011c4e8 ?_Xout_of_range@std@@YAXPEBD@Z
0x14011c4f0 ?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
0x14011c4f8 ?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c500 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x14011c508 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x14011c510 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14011c518 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14011c520 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x14011c528 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x14011c530 ?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
0x14011c538 _Cnd_do_broadcast_at_thread_exit
0x14011c540 _Query_perf_counter
0x14011c548 _Thrd_detach
0x14011c550 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14011c558 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x14011c560 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14011c568 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x14011c570 ?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
0x14011c578 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x14011c580 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14011c588 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x14011c590 ?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c598 ?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5a0 ?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5a8 ?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5b0 ?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
0x14011c5b8 ?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
0x14011c5c0 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x14011c5c8 ?width@ios_base@std@@QEAA_J_J@Z
0x14011c5d0 ?width@ios_base@std@@QEBA_JXZ
0x14011c5d8 ?setf@ios_base@std@@QEAAHHH@Z
0x14011c5e0 ?flags@ios_base@std@@QEBAHXZ
0x14011c5e8 ?good@ios_base@std@@QEBA_NXZ
0x14011c5f0 ??7ios_base@std@@QEBA_NXZ
0x14011c5f8 ?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x14011c600 ?_Winerror_map@std@@YAHH@Z
0x14011c608 ?_Syserror_map@std@@YAPEBDH@Z
0x14011c610 ?uncaught_exception@std@@YA_NXZ
0x14011c618 ?_Xbad_alloc@std@@YAXXZ
0x14011c620 ?_Xbad_function_call@std@@YAXXZ
0x14011c628 ?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
0x14011c630 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x14011c638 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x14011c640 ??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x14011c648 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c650 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x14011c658 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x14011c660 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x14011c668 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c670 ??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x14011c678 ?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
0x14011c680 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x14011c688 ??Bid@locale@std@@QEAA_KXZ
0x14011c690 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
IMM32.dll
0x14011c140 ImmReleaseContext
0x14011c148 ImmGetContext
0x14011c150 ImmSetCandidateWindow
0x14011c158 ImmSetCompositionWindow
D3DCOMPILER_43.dll
0x14011c130 D3DCompile
dwmapi.dll
0x14011ce50 DwmExtendFrameIntoClientArea
d3d11.dll
0x14011ce30 D3D11CreateDeviceAndSwapChain
d3dx11_43.dll
0x14011ce40 D3DX11CreateShaderResourceViewFromMemory
Normaliz.dll
0x14011c6a0 IdnToAscii
WLDAP32.dll
0x14011c918 None
0x14011c920 None
0x14011c928 None
0x14011c930 None
0x14011c938 None
0x14011c940 None
0x14011c948 None
0x14011c950 None
0x14011c958 None
0x14011c960 None
0x14011c968 None
0x14011c970 None
0x14011c978 None
0x14011c980 None
0x14011c988 None
0x14011c990 None
0x14011c998 None
0x14011c9a0 None
CRYPT32.dll
0x14011c0a8 CryptQueryObject
0x14011c0b0 CertCreateCertificateChainEngine
0x14011c0b8 CertFreeCertificateChainEngine
0x14011c0c0 CertGetCertificateChain
0x14011c0c8 CertFreeCertificateChain
0x14011c0d0 CertGetNameStringA
0x14011c0d8 CertFindExtension
0x14011c0e0 CertAddCertificateContextToStore
0x14011c0e8 CertOpenStore
0x14011c0f0 CertCloseStore
0x14011c0f8 CertEnumCertificatesInStore
0x14011c100 CertFindCertificateInStore
0x14011c108 CertFreeCertificateContext
0x14011c110 CryptStringToBinaryA
0x14011c118 PFXImportCertStore
0x14011c120 CryptDecodeObjectEx
WS2_32.dll
0x14011c9b0 closesocket
0x14011c9b8 recv
0x14011c9c0 send
0x14011c9c8 WSAGetLastError
0x14011c9d0 ind
0x14011c9d8 connect
0x14011c9e0 getpeername
0x14011c9e8 getsockname
0x14011c9f0 getsockopt
0x14011c9f8 htons
0x14011ca00 ntohs
0x14011ca08 setsockopt
0x14011ca10 socket
0x14011ca18 WSASetLastError
0x14011ca20 WSAIoctl
0x14011ca28 WSAStartup
0x14011ca30 WSACleanup
0x14011ca38 ntohl
0x14011ca40 gethostname
0x14011ca48 sendto
0x14011ca50 recvfrom
0x14011ca58 freeaddrinfo
0x14011ca60 getaddrinfo
0x14011ca68 select
0x14011ca70 __WSAFDIsSet
0x14011ca78 ioctlsocket
0x14011ca80 listen
0x14011ca88 htonl
0x14011ca90 accept
SHLWAPI.dll
0x14011c718 PathFindFileNameW
RPCRT4.dll
0x14011c6e8 UuidToStringA
0x14011c6f0 UuidCreate
0x14011c6f8 RpcStringFreeA
PSAPI.DLL
0x14011c6d8 GetModuleInformation
USERENV.dll
0x14011c868 UnloadUserProfile
VCRUNTIME140_1.dll
0x14011c908 __CxxFrameHandler4
VCRUNTIME140.dll
0x14011c878 __std_exception_copy
0x14011c880 __std_terminate
0x14011c888 __std_exception_destroy
0x14011c890 __intrinsic_setjmp
0x14011c898 strchr
0x14011c8a0 strrchr
0x14011c8a8 longjmp
0x14011c8b0 memcpy
0x14011c8b8 memmove
0x14011c8c0 memset
0x14011c8c8 strstr
0x14011c8d0 memchr
0x14011c8d8 memcmp
0x14011c8e0 __current_exception
0x14011c8e8 __current_exception_context
0x14011c8f0 _CxxThrowException
0x14011c8f8 __C_specific_handler
api-ms-win-crt-runtime-l1-1-0.dll
0x14011cbc8 abort
0x14011cbd0 _configure_narrow_argv
0x14011cbd8 _initialize_narrow_environment
0x14011cbe0 _initialize_onexit_table
0x14011cbe8 _getpid
0x14011cbf0 _crt_atexit
0x14011cbf8 _cexit
0x14011cc00 _seh_filter_exe
0x14011cc08 _set_app_type
0x14011cc10 _get_narrow_winmain_command_line
0x14011cc18 _errno
0x14011cc20 _initterm
0x14011cc28 _initterm_e
0x14011cc30 _exit
0x14011cc38 _resetstkoflw
0x14011cc40 terminate
0x14011cc48 _invalid_parameter_noinfo
0x14011cc50 _beginthreadex
0x14011cc58 __sys_nerr
0x14011cc60 strerror
0x14011cc68 exit
0x14011cc70 _invalid_parameter_noinfo_noreturn
0x14011cc78 system
0x14011cc80 _register_thread_local_exe_atexit_callback
0x14011cc88 _c_exit
0x14011cc90 _register_onexit_function
api-ms-win-crt-stdio-l1-1-0.dll
0x14011cca0 fgets
0x14011cca8 _popen
0x14011ccb0 __p__commode
0x14011ccb8 _read
0x14011ccc0 _write
0x14011ccc8 fopen
0x14011ccd0 fputs
0x14011ccd8 feof
0x14011cce0 _close
0x14011cce8 _open
0x14011ccf0 _pclose
0x14011ccf8 fputc
0x14011cd00 fflush
0x14011cd08 fclose
0x14011cd10 _lseeki64
0x14011cd18 __stdio_common_vsscanf
0x14011cd20 fgetc
0x14011cd28 __stdio_common_vsprintf
0x14011cd30 _wfopen
0x14011cd38 _set_fmode
0x14011cd40 fwrite
0x14011cd48 __stdio_common_vfprintf
0x14011cd50 fseek
0x14011cd58 __acrt_iob_func
0x14011cd60 ftell
0x14011cd68 _get_stream_buffer_pointers
0x14011cd70 _fseeki64
0x14011cd78 fread
0x14011cd80 fsetpos
0x14011cd88 ungetc
0x14011cd90 setvbuf
0x14011cd98 fgetpos
api-ms-win-crt-filesystem-l1-1-0.dll
0x14011cae8 _unlock_file
0x14011caf0 _fstat64
0x14011caf8 _stat64
0x14011cb00 _access
0x14011cb08 _unlink
0x14011cb10 _lock_file
api-ms-win-crt-utility-l1-1-0.dll
0x14011ce20 qsort
api-ms-win-crt-string-l1-1-0.dll
0x14011cda8 strspn
0x14011cdb0 isupper
0x14011cdb8 strncpy
0x14011cdc0 strcspn
0x14011cdc8 strcmp
0x14011cdd0 strncmp
0x14011cdd8 _strdup
0x14011cde0 strpbrk
0x14011cde8 tolower
api-ms-win-crt-heap-l1-1-0.dll
0x14011cb20 free
0x14011cb28 malloc
0x14011cb30 _set_new_mode
0x14011cb38 realloc
0x14011cb40 calloc
0x14011cb48 _callnewh
api-ms-win-crt-convert-l1-1-0.dll
0x14011caa0 strtol
0x14011caa8 atoi
0x14011cab0 strtoul
0x14011cab8 strtod
0x14011cac0 strtoll
0x14011cac8 strtoull
api-ms-win-crt-environment-l1-1-0.dll
0x14011cad8 getenv
api-ms-win-crt-math-l1-1-0.dll
0x14011cb78 _dclass
0x14011cb80 __setusermatherr
0x14011cb88 fmodf
0x14011cb90 cosf
0x14011cb98 sqrtf
0x14011cba0 acosf
0x14011cba8 ceilf
0x14011cbb0 _dsign
0x14011cbb8 sinf
api-ms-win-crt-time-l1-1-0.dll
0x14011cdf8 _gmtime64
0x14011ce00 _time64
0x14011ce08 _localtime64
0x14011ce10 strftime
api-ms-win-crt-locale-l1-1-0.dll
0x14011cb58 ___lc_codepage_func
0x14011cb60 _configthreadlocale
0x14011cb68 localeconv
SHELL32.dll
0x14011c708 ShellExecuteA
EAT(Export Address Table) is none