ScreenShot
| Created | 2025.05.04 13:06 | Machine | s1_win7_x6403 |
| Filename | m9ibmb.dll | ||
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 41 detected (AIDetectMalware, Malicious, score, Lazy, Unsafe, confidence, high confidence, AGen, MalwareX, Misc, smehml, Kryptik@AI, RDML, dO3c2ISs, 3t4LY4Jjsgr3A, jfvpf, Static AI, Suspicious PE, Detected, GrayWare, Wacapew, Wacatac, ABTrojan, DXHZ, Artemis, Krypt, R002H09E225, Oader, Ywhl) | ||
| md5 | 67d530e3716e378b36d830296ae17133 | ||
| sha256 | 58ac4ce90f8996fa7cd20eb455347ab65e52dac930581c68d16dd541028222f7 | ||
| ssdeep | 24576:RR0YpbEVbj6638h5fuenNnVnKxRWxA9eno8YdYhSr/:RmsoVblMZnNwi9Sr | ||
| imphash | b700a0849eb2790086b0bd7d1064a564 | ||
| impfuzzy | 96:B25Xo72lXZ6xxNW/ty7v+c89fcTeIELE+E+MCVAvJn9IailSxUaagA8poogEPQVS:Q4UaW47Wc89fcTgMTTat5I7TqeqcyI | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 41 AntiVirus engines on VirusTotal as malicious |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
d3d11.dll
0x180085a18 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x180085038 D3DCompile
KERNEL32.dll
0x180085070 GetExitCodeThread
0x180085078 GetLastError
0x180085080 CloseHandle
0x180085088 CreateThread
0x180085090 VirtualFree
0x180085098 VirtualAlloc
0x1800850a0 GetSystemInfo
0x1800850a8 VirtualQuery
0x1800850b0 HeapCreate
0x1800850b8 VirtualProtect
0x1800850c0 HeapFree
0x1800850c8 GetCurrentProcess
0x1800850d0 Thread32Next
0x1800850d8 Thread32First
0x1800850e0 GetCurrentThreadId
0x1800850e8 SuspendThread
0x1800850f0 ResumeThread
0x1800850f8 CreateToolhelp32Snapshot
0x180085100 Sleep
0x180085108 HeapReAlloc
0x180085110 HeapAlloc
0x180085118 HeapDestroy
0x180085120 GetThreadContext
0x180085128 GetCurrentProcessId
0x180085130 FlushInstructionCache
0x180085138 SetThreadContext
0x180085140 OpenThread
0x180085148 ReadFile
0x180085150 GetModuleFileNameA
0x180085158 Process32First
0x180085160 WriteProcessMemory
0x180085168 SetHandleInformation
0x180085170 WriteFile
0x180085178 OutputDebugStringA
0x180085180 TerminateProcess
0x180085188 CreatePipe
0x180085190 InitializeCriticalSectionEx
0x180085198 OpenProcess
0x1800851a0 HeapSize
0x1800851a8 SetCurrentDirectoryA
0x1800851b0 GetTickCount64
0x1800851b8 DisableThreadLibraryCalls
0x1800851c0 TerminateThread
0x1800851c8 Process32Next
0x1800851d0 VirtualProtectEx
0x1800851d8 Beep
0x1800851e0 LocalFree
0x1800851e8 DeleteCriticalSection
0x1800851f0 GlobalFree
0x1800851f8 QueryPerformanceCounter
0x180085200 QueryPerformanceFrequency
0x180085208 WinExec
0x180085210 CreateProcessA
0x180085218 GetTickCount
0x180085220 VirtualQueryEx
0x180085228 GlobalAlloc
0x180085230 GetLocaleInfoEx
0x180085238 AreFileApisANSI
0x180085240 ReleaseSRWLockExclusive
0x180085248 AcquireSRWLockExclusive
0x180085250 SleepConditionVariableSRW
0x180085258 WakeAllConditionVariable
0x180085260 IsDebuggerPresent
0x180085268 UnhandledExceptionFilter
0x180085270 SetUnhandledExceptionFilter
0x180085278 IsProcessorFeaturePresent
0x180085280 GetSystemTimeAsFileTime
0x180085288 InitializeSListHead
0x180085290 OutputDebugStringW
0x180085298 WaitForSingleObject
0x1800852a0 FreeLibrary
0x1800852a8 GetProcessHeap
0x1800852b0 GetProcAddress
0x1800852b8 MultiByteToWideChar
0x1800852c0 LoadLibraryA
0x1800852c8 GetModuleHandleA
0x1800852d0 GlobalUnlock
0x1800852d8 WideCharToMultiByte
0x1800852e0 GetConsoleWindow
0x1800852e8 GlobalLock
0x1800852f0 FormatMessageA
0x1800852f8 ReadProcessMemory
USER32.dll
0x180085508 ReleaseCapture
0x180085510 IsWindowUnicode
0x180085518 GetWindowThreadProcessId
0x180085520 SetCursorPos
0x180085528 GetAsyncKeyState
0x180085530 DefWindowProcW
0x180085538 DispatchMessageA
0x180085540 GetWindowRect
0x180085548 DestroyWindow
0x180085550 EnumChildWindows
0x180085558 SetClipboardData
0x180085560 GetClipboardData
0x180085568 EmptyClipboard
0x180085570 CloseClipboard
0x180085578 GetClientRect
0x180085580 SetCursor
0x180085588 SetCapture
0x180085590 GetForegroundWindow
0x180085598 TrackMouseEvent
0x1800855a0 ClientToScreen
0x1800855a8 GetCapture
0x1800855b0 ScreenToClient
0x1800855b8 LoadCursorA
0x1800855c0 GetKeyState
0x1800855c8 OpenClipboard
0x1800855d0 UpdateWindow
0x1800855d8 FindWindowA
0x1800855e0 SetWindowLongPtrA
0x1800855e8 GetCursorPos
0x1800855f0 PostQuitMessage
0x1800855f8 PostMessageA
0x180085600 CreateWindowExW
0x180085608 GetSystemMetrics
0x180085610 UnregisterClassW
0x180085618 GetWindowLongPtrA
0x180085620 PeekMessageA
0x180085628 LoadIconA
0x180085630 TranslateMessage
0x180085638 SetLayeredWindowAttributes
0x180085640 MessageBoxA
0x180085648 GetWindowLongA
0x180085650 GetWindowTextA
0x180085658 FindWindowExA
0x180085660 SetWindowLongA
0x180085668 ShowWindow
0x180085670 RegisterClassExW
0x180085678 MessageBeep
ADVAPI32.dll
0x180085000 GetLengthSid
0x180085008 GetTokenInformation
0x180085010 IsValidSid
0x180085018 CopySid
0x180085020 ConvertSidToStringSidA
0x180085028 OpenProcessToken
MSVCP140.dll
0x180085308 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x180085310 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x180085318 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085320 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
0x180085328 ?_Xlength_error@std@@YAXPEBD@Z
0x180085330 ??1_Lockit@std@@QEAA@XZ
0x180085338 ??0_Lockit@std@@QEAA@H@Z
0x180085340 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x180085348 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x180085350 ?uncaught_exception@std@@YA_NXZ
0x180085358 ?_Xbad_alloc@std@@YAXXZ
0x180085360 ?_Id_cnt@id@locale@std@@0HA
0x180085368 ?_Xout_of_range@std@@YAXPEBD@Z
0x180085370 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x180085378 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x180085380 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x180085388 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x180085390 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x180085398 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1800853a0 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x1800853a8 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x1800853b0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1800853b8 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1800853c0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1800853c8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1800853d0 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x1800853d8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1800853e0 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1800853e8 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1800853f0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1800853f8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085400 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x180085408 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x180085410 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x180085418 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085420 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x180085428 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
0x180085430 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085438 ?good@ios_base@std@@QEBA_NXZ
0x180085440 ??Bios_base@std@@QEBA_NXZ
0x180085448 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x180085450 ?_Throw_Cpp_error@std@@YAXH@Z
0x180085458 ?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
0x180085460 ?_Winerror_map@std@@YAHH@Z
0x180085468 ?_Xbad_function_call@std@@YAXXZ
0x180085470 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x180085478 ?_Syserror_map@std@@YAPEBDH@Z
0x180085480 _Cnd_do_broadcast_at_thread_exit
0x180085488 _Thrd_detach
0x180085490 _Xtime_get_ticks
0x180085498 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x1800854a0 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1800854a8 ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1800854b0 ?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
0x1800854b8 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1800854c0 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x1800854c8 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1800854d0 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1800854d8 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1800854e0 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x1800854e8 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x1800854f0 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x1800854f8 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
IMM32.dll
0x180085048 ImmSetCandidateWindow
0x180085050 ImmReleaseContext
0x180085058 ImmGetContext
0x180085060 ImmSetCompositionWindow
dwmapi.dll
0x180085a38 DwmExtendFrameIntoClientArea
WININET.dll
0x180085720 HttpQueryInfoA
0x180085728 HttpOpenRequestA
0x180085730 InternetSetOptionA
0x180085738 InternetOpenA
0x180085740 InternetQueryOptionA
0x180085748 InternetSetCookieA
0x180085750 InternetCloseHandle
0x180085758 HttpSendRequestA
0x180085760 InternetReadFile
0x180085768 InternetConnectA
USERENV.dll
0x180085688 UnloadUserProfile
d3dx11_43.dll
0x180085a28 D3DX11CreateShaderResourceViewFromMemory
WINMM.dll
0x180085778 sndPlaySoundA
ntdll.dll
0x180085a48 RtlCaptureContext
0x180085a50 RtlLookupFunctionEntry
0x180085a58 RtlVirtualUnwind
VCRUNTIME140_1.dll
0x180085710 __CxxFrameHandler4
VCRUNTIME140.dll
0x180085698 __std_type_info_destroy_list
0x1800856a0 __current_exception_context
0x1800856a8 __current_exception
0x1800856b0 _CxxThrowException
0x1800856b8 memset
0x1800856c0 memcpy
0x1800856c8 memcmp
0x1800856d0 memchr
0x1800856d8 __C_specific_handler
0x1800856e0 strstr
0x1800856e8 __std_terminate
0x1800856f0 memmove
0x1800856f8 __std_exception_copy
0x180085700 __std_exception_destroy
api-ms-win-crt-stdio-l1-1-0.dll
0x1800858f8 fflush
0x180085900 __stdio_common_vsprintf_s
0x180085908 __acrt_iob_func
0x180085910 fclose
0x180085918 ftell
0x180085920 fwrite
0x180085928 _get_stream_buffer_pointers
0x180085930 _fseeki64
0x180085938 fsetpos
0x180085940 __stdio_common_vsprintf
0x180085948 ungetc
0x180085950 setvbuf
0x180085958 fgetpos
0x180085960 fread
0x180085968 fgetc
0x180085970 __stdio_common_vsscanf
0x180085978 fopen
0x180085980 fputc
0x180085988 fseek
0x180085990 _wfopen
0x180085998 __stdio_common_vfprintf
api-ms-win-crt-utility-l1-1-0.dll
0x180085a00 rand
0x180085a08 qsort
api-ms-win-crt-string-l1-1-0.dll
0x1800859a8 isalnum
0x1800859b0 strncmp
0x1800859b8 _stricmp
0x1800859c0 strcmp
0x1800859c8 strncpy
0x1800859d0 isspace
0x1800859d8 tolower
0x1800859e0 strcpy_s
api-ms-win-crt-heap-l1-1-0.dll
0x1800857c8 free
0x1800857d0 _callnewh
0x1800857d8 malloc
0x1800857e0 _msize
0x1800857e8 calloc
api-ms-win-crt-runtime-l1-1-0.dll
0x180085860 _cexit
0x180085868 _initterm
0x180085870 _initterm_e
0x180085878 _wassert
0x180085880 _resetstkoflw
0x180085888 _execute_onexit_table
0x180085890 _beginthreadex
0x180085898 _register_onexit_function
0x1800858a0 _initialize_onexit_table
0x1800858a8 _invalid_parameter_noinfo
0x1800858b0 _initialize_narrow_environment
0x1800858b8 exit
0x1800858c0 _configure_narrow_argv
0x1800858c8 _seh_filter_dll
0x1800858d0 _crt_atexit
0x1800858d8 terminate
0x1800858e0 _errno
0x1800858e8 _invalid_parameter_noinfo_noreturn
api-ms-win-crt-convert-l1-1-0.dll
0x180085788 strtoull
0x180085790 strtod
0x180085798 atof
0x1800857a0 strtoll
api-ms-win-crt-filesystem-l1-1-0.dll
0x1800857b0 _unlock_file
0x1800857b8 _lock_file
api-ms-win-crt-time-l1-1-0.dll
0x1800859f0 _localtime64_s
api-ms-win-crt-locale-l1-1-0.dll
0x1800857f8 ___lc_codepage_func
0x180085800 localeconv
api-ms-win-crt-multibyte-l1-1-0.dll
0x180085850 _mbsicmp
api-ms-win-crt-math-l1-1-0.dll
0x180085810 ceilf
0x180085818 cosf
0x180085820 fmodf
0x180085828 acosf
0x180085830 sqrtf
0x180085838 sinf
0x180085840 powf
EAT(Export Address Table) is none
d3d11.dll
0x180085a18 D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll
0x180085038 D3DCompile
KERNEL32.dll
0x180085070 GetExitCodeThread
0x180085078 GetLastError
0x180085080 CloseHandle
0x180085088 CreateThread
0x180085090 VirtualFree
0x180085098 VirtualAlloc
0x1800850a0 GetSystemInfo
0x1800850a8 VirtualQuery
0x1800850b0 HeapCreate
0x1800850b8 VirtualProtect
0x1800850c0 HeapFree
0x1800850c8 GetCurrentProcess
0x1800850d0 Thread32Next
0x1800850d8 Thread32First
0x1800850e0 GetCurrentThreadId
0x1800850e8 SuspendThread
0x1800850f0 ResumeThread
0x1800850f8 CreateToolhelp32Snapshot
0x180085100 Sleep
0x180085108 HeapReAlloc
0x180085110 HeapAlloc
0x180085118 HeapDestroy
0x180085120 GetThreadContext
0x180085128 GetCurrentProcessId
0x180085130 FlushInstructionCache
0x180085138 SetThreadContext
0x180085140 OpenThread
0x180085148 ReadFile
0x180085150 GetModuleFileNameA
0x180085158 Process32First
0x180085160 WriteProcessMemory
0x180085168 SetHandleInformation
0x180085170 WriteFile
0x180085178 OutputDebugStringA
0x180085180 TerminateProcess
0x180085188 CreatePipe
0x180085190 InitializeCriticalSectionEx
0x180085198 OpenProcess
0x1800851a0 HeapSize
0x1800851a8 SetCurrentDirectoryA
0x1800851b0 GetTickCount64
0x1800851b8 DisableThreadLibraryCalls
0x1800851c0 TerminateThread
0x1800851c8 Process32Next
0x1800851d0 VirtualProtectEx
0x1800851d8 Beep
0x1800851e0 LocalFree
0x1800851e8 DeleteCriticalSection
0x1800851f0 GlobalFree
0x1800851f8 QueryPerformanceCounter
0x180085200 QueryPerformanceFrequency
0x180085208 WinExec
0x180085210 CreateProcessA
0x180085218 GetTickCount
0x180085220 VirtualQueryEx
0x180085228 GlobalAlloc
0x180085230 GetLocaleInfoEx
0x180085238 AreFileApisANSI
0x180085240 ReleaseSRWLockExclusive
0x180085248 AcquireSRWLockExclusive
0x180085250 SleepConditionVariableSRW
0x180085258 WakeAllConditionVariable
0x180085260 IsDebuggerPresent
0x180085268 UnhandledExceptionFilter
0x180085270 SetUnhandledExceptionFilter
0x180085278 IsProcessorFeaturePresent
0x180085280 GetSystemTimeAsFileTime
0x180085288 InitializeSListHead
0x180085290 OutputDebugStringW
0x180085298 WaitForSingleObject
0x1800852a0 FreeLibrary
0x1800852a8 GetProcessHeap
0x1800852b0 GetProcAddress
0x1800852b8 MultiByteToWideChar
0x1800852c0 LoadLibraryA
0x1800852c8 GetModuleHandleA
0x1800852d0 GlobalUnlock
0x1800852d8 WideCharToMultiByte
0x1800852e0 GetConsoleWindow
0x1800852e8 GlobalLock
0x1800852f0 FormatMessageA
0x1800852f8 ReadProcessMemory
USER32.dll
0x180085508 ReleaseCapture
0x180085510 IsWindowUnicode
0x180085518 GetWindowThreadProcessId
0x180085520 SetCursorPos
0x180085528 GetAsyncKeyState
0x180085530 DefWindowProcW
0x180085538 DispatchMessageA
0x180085540 GetWindowRect
0x180085548 DestroyWindow
0x180085550 EnumChildWindows
0x180085558 SetClipboardData
0x180085560 GetClipboardData
0x180085568 EmptyClipboard
0x180085570 CloseClipboard
0x180085578 GetClientRect
0x180085580 SetCursor
0x180085588 SetCapture
0x180085590 GetForegroundWindow
0x180085598 TrackMouseEvent
0x1800855a0 ClientToScreen
0x1800855a8 GetCapture
0x1800855b0 ScreenToClient
0x1800855b8 LoadCursorA
0x1800855c0 GetKeyState
0x1800855c8 OpenClipboard
0x1800855d0 UpdateWindow
0x1800855d8 FindWindowA
0x1800855e0 SetWindowLongPtrA
0x1800855e8 GetCursorPos
0x1800855f0 PostQuitMessage
0x1800855f8 PostMessageA
0x180085600 CreateWindowExW
0x180085608 GetSystemMetrics
0x180085610 UnregisterClassW
0x180085618 GetWindowLongPtrA
0x180085620 PeekMessageA
0x180085628 LoadIconA
0x180085630 TranslateMessage
0x180085638 SetLayeredWindowAttributes
0x180085640 MessageBoxA
0x180085648 GetWindowLongA
0x180085650 GetWindowTextA
0x180085658 FindWindowExA
0x180085660 SetWindowLongA
0x180085668 ShowWindow
0x180085670 RegisterClassExW
0x180085678 MessageBeep
ADVAPI32.dll
0x180085000 GetLengthSid
0x180085008 GetTokenInformation
0x180085010 IsValidSid
0x180085018 CopySid
0x180085020 ConvertSidToStringSidA
0x180085028 OpenProcessToken
MSVCP140.dll
0x180085308 ?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x180085310 ?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
0x180085318 ??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085320 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
0x180085328 ?_Xlength_error@std@@YAXPEBD@Z
0x180085330 ??1_Lockit@std@@QEAA@XZ
0x180085338 ??0_Lockit@std@@QEAA@H@Z
0x180085340 ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
0x180085348 ?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
0x180085350 ?uncaught_exception@std@@YA_NXZ
0x180085358 ?_Xbad_alloc@std@@YAXXZ
0x180085360 ?_Id_cnt@id@locale@std@@0HA
0x180085368 ?_Xout_of_range@std@@YAXPEBD@Z
0x180085370 ?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
0x180085378 ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x180085380 ?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
0x180085388 ?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
0x180085390 ?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
0x180085398 ??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1800853a0 ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
0x1800853a8 ?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
0x1800853b0 ?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
0x1800853b8 ?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
0x1800853c0 ??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
0x1800853c8 ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
0x1800853d0 ?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
0x1800853d8 ??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
0x1800853e0 ?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1800853e8 ?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
0x1800853f0 ?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
0x1800853f8 ??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085400 ?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
0x180085408 ?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
0x180085410 ?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
0x180085418 ??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085420 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
0x180085428 ??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
0x180085430 ??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
0x180085438 ?good@ios_base@std@@QEBA_NXZ
0x180085440 ??Bios_base@std@@QEBA_NXZ
0x180085448 ?always_noconv@codecvt_base@std@@QEBA_NXZ
0x180085450 ?_Throw_Cpp_error@std@@YAXH@Z
0x180085458 ?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
0x180085460 ?_Winerror_map@std@@YAHH@Z
0x180085468 ?_Xbad_function_call@std@@YAXXZ
0x180085470 ?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
0x180085478 ?_Syserror_map@std@@YAPEBDH@Z
0x180085480 _Cnd_do_broadcast_at_thread_exit
0x180085488 _Thrd_detach
0x180085490 _Xtime_get_ticks
0x180085498 ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
0x1800854a0 ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1800854a8 ?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
0x1800854b0 ?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
0x1800854b8 ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1800854c0 ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
0x1800854c8 ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
0x1800854d0 ?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1800854d8 ?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
0x1800854e0 ?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x1800854e8 ?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
0x1800854f0 ?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
0x1800854f8 ?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
IMM32.dll
0x180085048 ImmSetCandidateWindow
0x180085050 ImmReleaseContext
0x180085058 ImmGetContext
0x180085060 ImmSetCompositionWindow
dwmapi.dll
0x180085a38 DwmExtendFrameIntoClientArea
WININET.dll
0x180085720 HttpQueryInfoA
0x180085728 HttpOpenRequestA
0x180085730 InternetSetOptionA
0x180085738 InternetOpenA
0x180085740 InternetQueryOptionA
0x180085748 InternetSetCookieA
0x180085750 InternetCloseHandle
0x180085758 HttpSendRequestA
0x180085760 InternetReadFile
0x180085768 InternetConnectA
USERENV.dll
0x180085688 UnloadUserProfile
d3dx11_43.dll
0x180085a28 D3DX11CreateShaderResourceViewFromMemory
WINMM.dll
0x180085778 sndPlaySoundA
ntdll.dll
0x180085a48 RtlCaptureContext
0x180085a50 RtlLookupFunctionEntry
0x180085a58 RtlVirtualUnwind
VCRUNTIME140_1.dll
0x180085710 __CxxFrameHandler4
VCRUNTIME140.dll
0x180085698 __std_type_info_destroy_list
0x1800856a0 __current_exception_context
0x1800856a8 __current_exception
0x1800856b0 _CxxThrowException
0x1800856b8 memset
0x1800856c0 memcpy
0x1800856c8 memcmp
0x1800856d0 memchr
0x1800856d8 __C_specific_handler
0x1800856e0 strstr
0x1800856e8 __std_terminate
0x1800856f0 memmove
0x1800856f8 __std_exception_copy
0x180085700 __std_exception_destroy
api-ms-win-crt-stdio-l1-1-0.dll
0x1800858f8 fflush
0x180085900 __stdio_common_vsprintf_s
0x180085908 __acrt_iob_func
0x180085910 fclose
0x180085918 ftell
0x180085920 fwrite
0x180085928 _get_stream_buffer_pointers
0x180085930 _fseeki64
0x180085938 fsetpos
0x180085940 __stdio_common_vsprintf
0x180085948 ungetc
0x180085950 setvbuf
0x180085958 fgetpos
0x180085960 fread
0x180085968 fgetc
0x180085970 __stdio_common_vsscanf
0x180085978 fopen
0x180085980 fputc
0x180085988 fseek
0x180085990 _wfopen
0x180085998 __stdio_common_vfprintf
api-ms-win-crt-utility-l1-1-0.dll
0x180085a00 rand
0x180085a08 qsort
api-ms-win-crt-string-l1-1-0.dll
0x1800859a8 isalnum
0x1800859b0 strncmp
0x1800859b8 _stricmp
0x1800859c0 strcmp
0x1800859c8 strncpy
0x1800859d0 isspace
0x1800859d8 tolower
0x1800859e0 strcpy_s
api-ms-win-crt-heap-l1-1-0.dll
0x1800857c8 free
0x1800857d0 _callnewh
0x1800857d8 malloc
0x1800857e0 _msize
0x1800857e8 calloc
api-ms-win-crt-runtime-l1-1-0.dll
0x180085860 _cexit
0x180085868 _initterm
0x180085870 _initterm_e
0x180085878 _wassert
0x180085880 _resetstkoflw
0x180085888 _execute_onexit_table
0x180085890 _beginthreadex
0x180085898 _register_onexit_function
0x1800858a0 _initialize_onexit_table
0x1800858a8 _invalid_parameter_noinfo
0x1800858b0 _initialize_narrow_environment
0x1800858b8 exit
0x1800858c0 _configure_narrow_argv
0x1800858c8 _seh_filter_dll
0x1800858d0 _crt_atexit
0x1800858d8 terminate
0x1800858e0 _errno
0x1800858e8 _invalid_parameter_noinfo_noreturn
api-ms-win-crt-convert-l1-1-0.dll
0x180085788 strtoull
0x180085790 strtod
0x180085798 atof
0x1800857a0 strtoll
api-ms-win-crt-filesystem-l1-1-0.dll
0x1800857b0 _unlock_file
0x1800857b8 _lock_file
api-ms-win-crt-time-l1-1-0.dll
0x1800859f0 _localtime64_s
api-ms-win-crt-locale-l1-1-0.dll
0x1800857f8 ___lc_codepage_func
0x180085800 localeconv
api-ms-win-crt-multibyte-l1-1-0.dll
0x180085850 _mbsicmp
api-ms-win-crt-math-l1-1-0.dll
0x180085810 ceilf
0x180085818 cosf
0x180085820 fmodf
0x180085828 acosf
0x180085830 sqrtf
0x180085838 sinf
0x180085840 powf
EAT(Export Address Table) is none