e59e3d3790feb649e7ce52b40e5a6bce

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2021-Aug-24 14:02:18
Detected languages English - United States

Plugin Output

Info Libraries used to perform cryptographic operations: Microsoft's Cryptography API
Suspicious The PE is packed with UPX Unusual section name found: .UPX0
Unusual section name found: .UPX1
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryExW
  • LoadLibraryExA
  • LoadLibraryW
  • LoadLibraryA
  • GetProcAddress
Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
Code injection capabilities:
  • VirtualAlloc
  • OpenProcess
  • WriteProcessMemory
Code injection capabilities (process hollowing):
  • SetThreadContext
  • ResumeThread
  • WriteProcessMemory
Can access the registry:
  • RegOpenKeyExW
  • RegCreateKeyA
  • RegSetValueExA
  • RegEnumKeyExW
  • RegEnumValueW
  • RegQueryInfoKeyW
  • RegQueryValueExW
  • RegQueryValueExA
  • RegOpenKeyExA
  • RegCloseKey
Uses Windows's Native API:
  • ntohl
  • ntohs
Uses Microsoft's cryptographic API:
  • CryptDestroyHash
  • CryptHashData
  • CryptCreateHash
  • CryptGetHashParam
  • CryptAcquireContextA
  • CryptReleaseContext
  • CryptGenRandom
  • CryptStringToBinaryA
  • CryptQueryObject
Memory manipulation functions often used by packers:
  • VirtualProtect
  • VirtualAlloc
Leverages the raw socket API to access the Internet:
  • setsockopt
  • select
  • getsockopt
  • ioctlsocket
  • connect
  • closesocket
  • inet_ntop
  • freeaddrinfo
  • WSAStartup
  • inet_addr
  • WSACleanup
  • ntohl
  • listen
  • accept
  • WSAIoctl
  • getpeername
  • send
  • WSASetLastError
  • WSAGetLastError
  • WSARecv
  • WSASend
  • WSASocketW
  • htonl
  • htons
  • inet_ntoa
  • ntohs
  • bind
  • recv
  • getsockname
  • recvfrom
  • sendto
  • socket
  • gethostbyname
  • gethostname
  • getaddrinfo
  • inet_pton
  • __WSAFDIsSet
Enumerates local disk drives:
  • GetVolumeInformationA
Manipulates other processes:
  • Process32NextW
  • Process32FirstW
  • ReadProcessMemory
  • OpenProcess
  • WriteProcessMemory
Can use the microphone to record audio:
  • waveInOpen
Interacts with the certificate store:
  • CertOpenStore
  • CertAddCertificateContextToStore
Suspicious VirusTotal score: 1/67 (Scanned on 2021-08-28 07:00:33) Cylance: Unsafe

Hashes

MD5 e59e3d3790feb649e7ce52b40e5a6bce
SHA1 309054212dc32963a0aab79e75ebddd7b2484a0b
SHA256 a4e871f8f56b35277093dcb870d6cc302a66837a6e1132db861aefc8042dbe82
SHA3 29c5857b260c3b73d50b323ef6901069046d6f49e3a1f7c53e2c7f4e3366d582
SSDeep 393216:gxqGTkXIBiahy/QXdTvZeMvYBCVUq1IyRBJbLdNAgd6hrBCeW:gzkYBiahS2zZy4X1bpN/EhroB
Imports Hash 949092316c71a086fde20b7f6ea51853

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 10
TimeDateStamp 2021-Aug-24 14:02:18
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x4c2000
SizeOfInitializedData 0x268c00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000000000228A8E8 (Section: .UPX1)
BaseOfCode 0x1000
ImageBase 0x180000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x25a5000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x4c1681
VirtualAddress 0x1000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ

.code

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x66a
VirtualAddress 0x4c3000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ

.rdata

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x16b696
VirtualAddress 0x4c4000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ

.data

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0xcf088
VirtualAddress 0x630000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x2a798
VirtualAddress 0x700000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ

_RDATA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x830
VirtualAddress 0x72b000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ

.UPX0

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0xd95367
VirtualAddress 0x72c000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ

.UPX1

MD5 8d03afff64bb665993000ba288d43a9a
SHA1 adef2efce48843e0f0289e28a5f267d6376baa87
SHA256 c75c5528cbd7975506c621e9cb89d5ed39194c60104816d9eb5e817491d1e39d
SHA3 b91bc129de4e119843cabcefeb80e5842f2e1dbaf9136ae62b24c5c3de0c4054
VirtualSize 0x10e0698
VirtualAddress 0x14c2000
SizeOfRawData 0x10e0800
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_NOT_PAGED
IMAGE_SCN_MEM_READ
Entropy 7.98227

.reloc

MD5 435f9164c4cb84f591bc32d3bcdb99e3
SHA1 b65cd7dd2cbbcd591391931e1bcb7113b05e4139
SHA256 c97c971c3eedb876208534390edf89c17bf6be374781d047ecec95e86f85e6b8
SHA3 852a002ca3a8733266b5b4fcd494e1d0108d49b0f1729579f438f9d5c4dd5873
VirtualSize 0xcc
VirtualAddress 0x25a3000
SizeOfRawData 0x200
PointerToRawData 0x10e0c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 2.13025

.rsrc

MD5 b630f9b4198f3d4925404106d5dec178
SHA1 ec15a72d147437e6f20e3a4e4a8ea2df5ededd27
SHA256 6221b3bde43082cca0195eb0727364291f70f2c62b1883c32ba63e2410995b6f
SHA3 4e071dec2d580a9b2fde339abec3ba0be11cea8ed2755b3565e327bc52995d40
VirtualSize 0x1d5
VirtualAddress 0x25a4000
SizeOfRawData 0x200
PointerToRawData 0x10e0e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.73697

Imports

KERNEL32.dll IsDebuggerPresent
IsProcessorFeaturePresent
InitializeSListHead
DeleteFileW
CreateFileW
FormatMessageA
GetModuleHandleExW
DisableThreadLibraryCalls
VirtualProtect
GetSystemTimeAsFileTime
SetDllDirectoryW
ExitProcess
MultiByteToWideChar
SetCurrentDirectoryW
K32GetModuleFileNameExW
Process32NextW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
WaitForSingleObjectEx
GetStartupInfoA
GetSystemRegistryQuota
GlobalMemoryStatus
GetVersion
GlobalMemoryStatusEx
GetSystemTimes
GetExitCodeThread
SetThreadPriority
GetProcessTimes
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
VerifyVersionInfoA
LocalFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
QueueUserAPC
Process32FirstW
SetWaitableTimer
CreateEventA
SleepEx
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
VerSetConditionMask
Module32NextW
Module32FirstW
ReadProcessMemory
K32GetModuleInformation
CreateThread
GetComputerNameA
GetVolumeInformationA
FormatMessageW
LoadLibraryExW
GetModuleFileNameW
GetFullPathNameW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetCurrentDirectoryW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetModuleHandleExA
GetModuleFileNameA
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
VirtualFree
VirtualAlloc
Thread32Next
Thread32First
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
OpenThread
GetCurrentProcessId
HeapReAlloc
HeapCreate
LoadLibraryExA
FreeLibrary
VirtualQuery
GetSystemInfo
RaiseException
CreateToolhelp32Snapshot
WideCharToMultiByte
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetTickCount64
OpenProcess
GetCurrentThreadId
GetCurrentThread
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionEx
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
CreateFileA
GetFileSizeEx
GlobalAlloc
GlobalFree
GetEnvironmentVariableA
GetVersionExW
DeviceIoControl
WaitForMultipleObjectsEx
CancelWaitableTimer
CreateWaitableTimerW
GetPriorityClass
SwitchToFiber
DeleteFiber
CreateFiber
ConvertThreadToFiber
Sleep
HeapFree
HeapAlloc
CloseHandle
SetLastError
GetLastError
DuplicateHandle
WaitForMultipleObjects
USER32.dll EnumWindows
GetClassNameA
SetForegroundWindow
CallWindowProcA
GetWindowTextW
MessageBoxA
SetActiveWindow
ScreenToClient
MessageBoxW
GetKeyState
SendMessageA
IsWindowVisible
GetAsyncKeyState
GetCursorPos
LoadImageW
SetWindowLongPtrA
WindowFromPoint
ADVAPI32.dll RegOpenKeyExW
RegCreateKeyA
RegSetValueExA
RegEnumKeyExW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
RegEnumValueW
RegQueryInfoKeyW
GetUserNameA
GetCurrentHwProfileA
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
ole32.dll PropVariantClear
CoCreateInstance
CoInitializeEx
MSVCP140.dll ??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
_Read_dir
_To_wide
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_broadcast
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
_Cnd_do_broadcast_at_thread_exit
?_XGetLastError@std@@YAXXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
??0task_continuation_context@Concurrency@@AEAA@XZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_BADOFF@std@@3_JB
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
_Query_perf_counter
_Query_perf_frequency
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
_Mtx_trylock
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
_To_byte
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??Bios_base@std@@QEBA_NXZ
?is@?$ctype@D@std@@QEBA_NFD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAXXZ
_Equivalent
_Rename
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
?setf@ios_base@std@@QEAAHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?uncaught_exceptions@std@@YAHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?__ExceptionPtrRethrow@@YAXPEBX@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
??7ios_base@std@@QEBA_NXZ
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
_File_size
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??Bid@locale@std@@QEAA_KXZ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Wcsxfrm
_Cnd_signal
_Cnd_wait
_Cnd_destroy
_Cnd_init
_Wcscoll
_Mtx_unlock
_Mtx_lock
_Mtx_destroy
_Mtx_init
_Thrd_sleep
?_Syserror_map@std@@YAPEBDH@Z
_Thrd_detach
_Xtime_get_ticks
_Thrd_start
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAHH@Z
?_Winerror_message@std@@YAKKPEADK@Z
_Open_dir
??1_Lockit@std@@QEAA@XZ
?id@?$collate@_W@std@@2V0locale@2@A
?id@?$ctype@_W@std@@2V0locale@2@A
_Unlink
??0_Lockit@std@@QEAA@H@Z
_Close_dir
_Current_get
_Make_dir
_Lstat
_Remove_dir
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
_Stat
IPHLPAPI.DLL IcmpSendEcho
IcmpCloseHandle
IcmpCreateFile
GetAdaptersInfo
bass.dll BASS_Init
BASS_ChannelSetSync
BASS_ChannelSetPosition
BASS_SetConfig
BASS_SetConfigPtr
BASS_ChannelStop
BASS_ChannelPlay
BASS_StreamPutData
BASS_StreamFree
BASS_StreamCreate
BASS_ChannelGetAttribute
BASS_ChannelSetAttribute
VCRUNTIME140.dll _CxxThrowException
__CxxFrameHandler3
memcpy
memmove
__C_specific_handler
strrchr
__std_exception_copy
__std_exception_destroy
memset
strstr
_purecall
__std_type_info_name
__std_terminate
__std_type_info_compare
strchr
memcmp
__std_type_info_destroy_list
__RTDynamicCast
memchr
api-ms-win-crt-runtime-l1-1-0.dll __sys_nerr
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_endthreadex
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_beginthreadex
_invalid_parameter_noinfo
abort
exit
strerror
_errno
_wassert
terminate
_cexit
api-ms-win-crt-heap-l1-1-0.dll _callnewh
realloc
_aligned_free
_aligned_malloc
free
malloc
calloc
_msize
api-ms-win-crt-stdio-l1-1-0.dll ungetc
_lseeki64
_fseeki64
fsetpos
fread
__stdio_common_vsscanf
_wfopen
_open
fputc
setvbuf
fputs
fgets
fgetpos
_read
_write
fgetc
__stdio_common_vsprintf_s
fflush
_close
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
fopen
_get_stream_buffer_pointers
fputws
__stdio_common_vfwprintf
fclose
fwrite
rewind
__stdio_common_vsnprintf_s
ftell
fseek
__stdio_common_vswprintf_s
__stdio_common_vswprintf
api-ms-win-crt-filesystem-l1-1-0.dll _stat64
_access
_lock_file
_unlock_file
_fstat64
api-ms-win-crt-string-l1-1-0.dll wcsnlen
_isctype_l
isalpha
isdigit
_wcsnicmp
_strnicmp
strncmp
_wcsicmp
wcsncmp
towlower
strcmp
strnlen
wcsncpy
strncpy
_strdup
isprint
strpbrk
iswctype
tolower
iswspace
isupper
api-ms-win-crt-convert-l1-1-0.dll _strtod_l
strtoull
strtol
atoi
strtoul
_ui64tow_s
_i64tow_s
_ecvt_s
_i64toa_s
wcstoul
_ui64toa_s
strtoll
api-ms-win-crt-utility-l1-1-0.dll srand
qsort
rand
bsearch
api-ms-win-crt-time-l1-1-0.dll _gmtime64
_time64
api-ms-win-crt-math-l1-1-0.dll fmaxf
logf
log10f
cosf
log
sinf
pow
floor
atan
sqrtf
_dtest
_ldtest
exp
cos
sin
expf
floorf
acosf
log10
roundf
sqrt
api-ms-win-crt-locale-l1-1-0.dll __pctype_func
_free_locale
_create_locale
localeconv
discord-rpc.dll Discord_Initialize
Discord_UpdatePresence
WS2_32.dll setsockopt
select
getsockopt
ioctlsocket
connect
closesocket
inet_ntop
freeaddrinfo
WSAStartup
inet_addr
WSACleanup
ntohl
listen
accept
WSAIoctl
getpeername
send
WSASetLastError
WSAGetLastError
WSARecv
WSASend
WSASocketW
htonl
htons
inet_ntoa
ntohs
bind
recv
getsockname
recvfrom
sendto
socket
gethostbyname
gethostname
getaddrinfo
inet_pton
__WSAFDIsSet
v8.dll ?Compile@Script@v8@@SA?AV?$MaybeLocal@VScript@v8@@@2@V?$Local@VContext@v8@@@2@V?$Local@VString@v8@@@2@PEAVScriptOrigin@2@@Z
?Escape@EscapableHandleScope@v8@@AEAAPEA_KPEA_K@Z
??0EscapableHandleScope@v8@@QEAA@PEAVIsolate@1@@Z
?Run@Script@v8@@QEAA?AV?$MaybeLocal@VValue@v8@@@2@V?$Local@VContext@v8@@@2@@Z
?CreateHandle@HandleScope@v8@@KAPEA_KPEAVIsolate@internal@2@_K@Z
??1HandleScope@v8@@QEAA@XZ
??0HandleScope@v8@@QEAA@PEAVIsolate@1@@Z
?IsObject@Value@v8@@QEBA_NXZ
??1CachedData@ScriptCompiler@v8@@QEAA@XZ
?CompileUnboundScript@ScriptCompiler@v8@@SA?AV?$MaybeLocal@VUnboundScript@v8@@@2@PEAVIsolate@2@PEAVSource@12@W4CompileOptions@12@W4NoCacheReason@12@@Z
?IsBoolean@Value@v8@@QEBA_NXZ
?IsNumber@Value@v8@@QEBA_NXZ
?IsInt32@Value@v8@@QEBA_NXZ
?Compile@ScriptCompiler@v8@@SA?AV?$MaybeLocal@VScript@v8@@@2@V?$Local@VContext@v8@@@2@PEAVSource@12@W4CompileOptions@12@W4NoCacheReason@12@@Z
?Compile@ScriptCompiler@v8@@SA?AV?$MaybeLocal@VScript@v8@@@2@V?$Local@VContext@v8@@@2@PEAVStreamedSource@12@V?$Local@VString@v8@@@2@AEBVScriptOrigin@2@@Z
?CompileFunctionInContext@ScriptCompiler@v8@@SA?AV?$MaybeLocal@VFunction@v8@@@2@V?$Local@VContext@v8@@@2@PEAVSource@12@_KQEAV?$Local@VString@v8@@@2@2QEAV?$Local@VObject@v8@@@2@W4CompileOptions@12@W4NoCacheReason@12@@Z
?Get@Message@v8@@QEBA?AV?$Local@VString@v8@@@2@XZ
?GetSourceLine@Message@v8@@QEBA?AV?$MaybeLocal@VString@v8@@@2@V?$Local@VContext@v8@@@2@@Z
?GetScriptResourceName@Message@v8@@QEBA?AV?$Local@VValue@v8@@@2@XZ
?GetStackTrace@Message@v8@@QEBA?AV?$Local@VStackTrace@v8@@@2@XZ
?GetLineNumber@Message@v8@@QEBA?AV?$Maybe@H@2@V?$Local@VContext@v8@@@2@@Z
?IsArray@Value@v8@@QEBA_NXZ
?GetFrame@StackTrace@v8@@QEBA?AV?$Local@VStackFrame@v8@@@2@PEAVIsolate@2@I@Z
?GetFrameCount@StackTrace@v8@@QEBAHXZ
?GetLineNumber@StackFrame@v8@@QEBAHXZ
?GetFunctionName@StackFrame@v8@@QEBA?AV?$Local@VString@v8@@@2@XZ
?IsTrue@Value@v8@@QEBA_NXZ
?ToString@Value@v8@@QEBA?AV?$MaybeLocal@VString@v8@@@2@V?$Local@VContext@v8@@@2@@Z
?NewInstance@Function@v8@@QEBA?AV?$MaybeLocal@VObject@v8@@@2@V?$Local@VContext@v8@@@2@HQEAV?$Local@VValue@v8@@@2@@Z
?SetAlignedPointerInInternalField@Object@v8@@QEAAXHPEAX@Z
?Utf8Length@String@v8@@QEBAHPEAVIsolate@2@@Z
?Stringify@JSON@v8@@SA?AV?$MaybeLocal@VString@v8@@@2@V?$Local@VContext@v8@@@2@V?$Local@VValue@v8@@@2@V?$Local@VString@v8@@@2@@Z
?Parse@JSON@v8@@SA?AV?$MaybeLocal@VValue@v8@@@2@V?$Local@VContext@v8@@@2@V?$Local@VString@v8@@@2@@Z
?MakeWeak@V8@v8@@CAXPEA_KPEAXP6AXAEBV?$WeakCallbackInfo@X@2@@ZW4WeakCallbackType@2@@Z
?CheckMemoryPressure@Isolate@v8@@AEAAXXZ
?SetInternalFieldCount@ObjectTemplate@v8@@QEAAXH@Z
?SetAccessor@ObjectTemplate@v8@@QEAAXV?$Local@VString@v8@@@2@P6AX0AEBV?$PropertyCallbackInfo@VValue@v8@@@2@@ZP6AX0V?$Local@VValue@v8@@@2@AEBV?$PropertyCallbackInfo@X@2@@Z3W4AccessControl@2@W4PropertyAttribute@2@V?$Local@VAccessorSignature@v8@@@2@W4SideEffectType@2@9@Z
?PrototypeTemplate@FunctionTemplate@v8@@QEAA?AV?$Local@VObjectTemplate@v8@@@2@XZ
?Inherit@FunctionTemplate@v8@@QEAAXV?$Local@VFunctionTemplate@v8@@@2@@Z
?InstanceTemplate@FunctionTemplate@v8@@QEAA?AV?$Local@VObjectTemplate@v8@@@2@XZ
?Set@Template@v8@@QEAAXV?$Local@VName@v8@@@2@V?$Local@VData@v8@@@2@W4PropertyAttribute@2@@Z
?Call@Function@v8@@QEAA?AV?$MaybeLocal@VValue@v8@@@2@V?$Local@VContext@v8@@@2@V?$Local@VValue@v8@@@2@HQEAV52@@Z
?CreationContext@Object@v8@@QEAA?AV?$Local@VContext@v8@@@2@XZ
?Exit@Context@v8@@QEAAXXZ
?Enter@Context@v8@@QEAAXXZ
?New@Context@v8@@SA?AV?$Local@VContext@v8@@@2@PEAVIsolate@2@PEAVExtensionConfiguration@2@V?$MaybeLocal@VObjectTemplate@v8@@@2@V?$MaybeLocal@VValue@v8@@@2@UDeserializeInternalFieldsCallback@2@@Z
?Dispose@Isolate@v8@@QEAAXXZ
?Exit@Isolate@v8@@QEAAXXZ
?GetFunction@FunctionTemplate@v8@@QEAA?AV?$MaybeLocal@VFunction@v8@@@2@V?$Local@VContext@v8@@@2@@Z
?Value@External@v8@@QEBAPEAXXZ
?New@External@v8@@SA?AV?$Local@VExternal@v8@@@2@PEAVIsolate@2@PEAX@Z
?Set@Object@v8@@QEAA?AV?$Maybe@_N@2@V?$Local@VContext@v8@@@2@V?$Local@VValue@v8@@@2@1@Z
?GetIsolate@Context@v8@@QEAAPEAVIsolate@2@XZ
?Global@Context@v8@@QEAA?AV?$Local@VObject@v8@@@2@XZ
?Message@TryCatch@v8@@QEBA?AV?$Local@VMessage@v8@@@2@XZ
?Exception@TryCatch@v8@@QEBA?AV?$Local@VValue@v8@@@2@XZ
?HasCaught@TryCatch@v8@@QEBA_NXZ
??1TryCatch@v8@@QEAA@XZ
??0TryCatch@v8@@QEAA@PEAVIsolate@1@@Z
?ToLocalEmpty@V8@v8@@CAXXZ
?FromJustIsNothing@V8@v8@@CAXXZ
?DisposeGlobal@V8@v8@@CAXPEA_K@Z
?GlobalizeReference@V8@v8@@CAPEA_KPEAVIsolate@internal@2@PEA_K@Z
?InitializePlatform@V8@v8@@SAXPEAVPlatform@2@@Z
?InitializeICUDefaultLocation@V8@v8@@SA_NPEBD0@Z
?Initialize@V8@v8@@SA_NXZ
?SetFlagsFromString@V8@v8@@SAXPEBDH@Z
?SetSnapshotDataBlob@V8@v8@@SAXPEAVStartupData@2@@Z
?SetNativesDataBlob@V8@v8@@SAXPEAVStartupData@2@@Z
?SetCaptureStackTraceForUncaughtExceptions@Isolate@v8@@QEAAX_NHW4StackTraceOptions@StackTrace@2@@Z
?AddMessageListener@Isolate@v8@@QEAA_NP6AXV?$Local@VMessage@v8@@@2@V?$Local@VValue@v8@@@2@@Z1@Z
?SetFatalErrorHandler@Isolate@v8@@QEAAXP6AXPEBD0@Z@Z
?SetStackLimit@Isolate@v8@@QEAAX_K@Z
?CancelTerminateExecution@Isolate@v8@@QEAAXXZ
?ThrowException@Isolate@v8@@QEAA?AV?$Local@VValue@v8@@@2@V32@@Z
?GetCurrentContext@Isolate@v8@@QEAA?AV?$Local@VContext@v8@@@2@XZ
?Enter@Isolate@v8@@QEAAXXZ
?GetCurrent@Isolate@v8@@SAPEAV12@XZ
?New@Isolate@v8@@SAPEAV12@AEBUCreateParams@12@@Z
?Error@Exception@v8@@SA?AV?$Local@VValue@v8@@@2@V?$Local@VString@v8@@@2@@Z
??0ResourceConstraints@v8@@QEAA@XZ
?GetFunction@FunctionTemplate@v8@@QEAA?AV?$Local@VFunction@v8@@@2@XZ
?New@FunctionTemplate@v8@@SA?AV?$Local@VFunctionTemplate@v8@@@2@PEAVIsolate@2@P6AXAEBV?$FunctionCallbackInfo@VValue@v8@@@2@@ZV?$Local@VValue@v8@@@2@V?$Local@VSignature@v8@@@2@HW4ConstructorBehavior@2@W4SideEffectType@2@@Z
?NewDefaultAllocator@Allocator@ArrayBuffer@v8@@SAPEAV123@XZ
?Call@Function@v8@@QEAA?AV?$Local@VValue@v8@@@2@V32@HQEAV32@@Z
?New@Array@v8@@SA?AV?$Local@VArray@v8@@@2@PEAVIsolate@2@H@Z
?Length@Array@v8@@QEBAIXZ
?SlowGetAlignedPointerFromInternalField@Object@v8@@AEAAPEAXH@Z
?New@Object@v8@@SA?AV?$Local@VObject@v8@@@2@PEAVIsolate@2@@Z
?GetIsolate@Object@v8@@QEAAPEAVIsolate@2@XZ
?InternalFieldCount@Object@v8@@QEAAHXZ
?GetPrototype@Object@v8@@QEAA?AV?$Local@VValue@v8@@@2@XZ
?GetPropertyNames@Object@v8@@QEAA?AV?$Local@VArray@v8@@@2@XZ
?SetAccessor@Object@v8@@QEAA?AV?$Maybe@_N@2@V?$Local@VContext@v8@@@2@V?$Local@VName@v8@@@2@P6AX1AEBV?$PropertyCallbackInfo@VValue@v8@@@2@@ZP6AX1V?$Local@VValue@v8@@@2@AEBV?$PropertyCallbackInfo@X@2@@ZV?$MaybeLocal@VValue@v8@@@2@W4AccessControl@2@W4PropertyAttribute@2@W4SideEffectType@2@W4SideEffectType@2@@Z
?Get@Object@v8@@QEAA?AV?$Local@VValue@v8@@@2@I@Z
?Get@Object@v8@@QEAA?AV?$Local@VValue@v8@@@2@V32@@Z
?DefineOwnProperty@Object@v8@@QEAA?AV?$Maybe@_N@2@V?$Local@VContext@v8@@@2@V?$Local@VName@v8@@@2@V?$Local@VValue@v8@@@2@W4PropertyAttribute@2@@Z
?Set@Object@v8@@QEAA_NIV?$Local@VValue@v8@@@2@@Z
?Set@Object@v8@@QEAA_NV?$Local@VValue@v8@@@2@0@Z
?NewFromUnsigned@Integer@v8@@SA?AV?$Local@VInteger@v8@@@2@PEAVIsolate@2@I@Z
?New@Integer@v8@@SA?AV?$Local@VInteger@v8@@@2@PEAVIsolate@2@H@Z
?New@Number@v8@@SA?AV?$Local@VNumber@v8@@@2@PEAVIsolate@2@N@Z
??1Value@String@v8@@QEAA@XZ
??0Value@String@v8@@QEAA@PEAVIsolate@2@V?$Local@VValue@v8@@@2@@Z
??1Utf8Value@String@v8@@QEAA@XZ
??0Utf8Value@String@v8@@QEAA@PEAVIsolate@2@V?$Local@VValue@v8@@@2@@Z
?NewFromTwoByte@String@v8@@SA?AV?$Local@VString@v8@@@2@PEAVIsolate@2@PEBGW4NewStringType@12@H@Z
?NewFromOneByte@String@v8@@SA?AV?$MaybeLocal@VString@v8@@@2@PEAVIsolate@2@PEBEW4NewStringType@2@H@Z
?NewFromUtf8@String@v8@@SA?AV?$MaybeLocal@VString@v8@@@2@PEAVIsolate@2@PEBDW4NewStringType@2@H@Z
?NewFromUtf8@String@v8@@SA?AV?$Local@VString@v8@@@2@PEAVIsolate@2@PEBDW4NewStringType@12@H@Z
?Int32Value@Value@v8@@QEBA?AV?$Maybe@H@2@V?$Local@VContext@v8@@@2@@Z
?Uint32Value@Value@v8@@QEBA?AV?$Maybe@I@2@V?$Local@VContext@v8@@@2@@Z
?NumberValue@Value@v8@@QEBA?AV?$Maybe@N@2@V?$Local@VContext@v8@@@2@@Z
?BooleanValue@Value@v8@@QEBA?AV?$Maybe@_N@2@V?$Local@VContext@v8@@@2@@Z
?ToObject@Value@v8@@QEBA?AV?$Local@VObject@v8@@@2@PEAVIsolate@2@@Z
?ToString@Value@v8@@QEBA?AV?$Local@VString@v8@@@2@PEAVIsolate@2@@Z
?IsUint32@Value@v8@@QEBA_NXZ
?IsFunction@Value@v8@@QEBA_NXZ
v8_libplatform.dll ?NewDefaultPlatform@platform@v8@@YA?AV?$unique_ptr@VPlatform@v8@@U?$default_delete@VPlatform@v8@@@std@@@std@@HW4IdleTaskSupport@12@W4InProcessStackDumping@12@V?$unique_ptr@VTracingController@v8@@U?$default_delete@VTracingController@v8@@@std@@@4@@Z
WINMM.dll waveOutGetErrorTextW
waveOutRestart
waveOutReset
waveOutGetPosition
waveOutMessage
waveInGetNumDevs
waveOutClose
waveInGetErrorTextW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveOutOpen
waveOutPrepareHeader
timeEndPeriod
waveOutUnprepareHeader
timeGetTime
waveOutWrite
timeBeginPeriod
waveInReset
waveOutPause
waveInGetDevCapsW
waveInMessage
waveOutGetNumDevs
waveOutGetDevCapsW
api-ms-win-crt-multibyte-l1-1-0.dll _mbspbrk
_mbsncmp
_mbsnbcpy
_mbschr
api-ms-win-crt-environment-l1-1-0.dll getenv
SETUPAPI.dll SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceAlias
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInterfaces
WLDAP32.dll #200
#30
#79
#35
#33
#32
#27
#26
#22
#41
#50
#45
#60
#211
#46
#143
#301
CRYPT32.dll CertFreeCertificateChain
CertOpenStore
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertAddCertificateContextToStore
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
WTSAPI32.dll WTSSendMessageW
KERNEL32.dll (#2) IsDebuggerPresent
IsProcessorFeaturePresent
InitializeSListHead
DeleteFileW
CreateFileW
FormatMessageA
GetModuleHandleExW
DisableThreadLibraryCalls
VirtualProtect
GetSystemTimeAsFileTime
SetDllDirectoryW
ExitProcess
MultiByteToWideChar
SetCurrentDirectoryW
K32GetModuleFileNameExW
Process32NextW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
WaitForSingleObjectEx
GetStartupInfoA
GetSystemRegistryQuota
GlobalMemoryStatus
GetVersion
GlobalMemoryStatusEx
GetSystemTimes
GetExitCodeThread
SetThreadPriority
GetProcessTimes
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
VerifyVersionInfoA
LocalFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
QueueUserAPC
Process32FirstW
SetWaitableTimer
CreateEventA
SleepEx
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
VerSetConditionMask
Module32NextW
Module32FirstW
ReadProcessMemory
K32GetModuleInformation
CreateThread
GetComputerNameA
GetVolumeInformationA
FormatMessageW
LoadLibraryExW
GetModuleFileNameW
GetFullPathNameW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetCurrentDirectoryW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetModuleHandleExA
GetModuleFileNameA
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
VirtualFree
VirtualAlloc
Thread32Next
Thread32First
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
OpenThread
GetCurrentProcessId
HeapReAlloc
HeapCreate
LoadLibraryExA
FreeLibrary
VirtualQuery
GetSystemInfo
RaiseException
CreateToolhelp32Snapshot
WideCharToMultiByte
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetTickCount64
OpenProcess
GetCurrentThreadId
GetCurrentThread
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionEx
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
CreateFileA
GetFileSizeEx
GlobalAlloc
GlobalFree
GetEnvironmentVariableA
GetVersionExW
DeviceIoControl
WaitForMultipleObjectsEx
CancelWaitableTimer
CreateWaitableTimerW
GetPriorityClass
SwitchToFiber
DeleteFiber
CreateFiber
ConvertThreadToFiber
Sleep
HeapFree
HeapAlloc
CloseHandle
SetLastError
GetLastError
DuplicateHandle
WaitForMultipleObjects
USER32.dll (#2) EnumWindows
GetClassNameA
SetForegroundWindow
CallWindowProcA
GetWindowTextW
MessageBoxA
SetActiveWindow
ScreenToClient
MessageBoxW
GetKeyState
SendMessageA
IsWindowVisible
GetAsyncKeyState
GetCursorPos
LoadImageW
SetWindowLongPtrA
WindowFromPoint
KERNEL32.dll (#3) IsDebuggerPresent
IsProcessorFeaturePresent
InitializeSListHead
DeleteFileW
CreateFileW
FormatMessageA
GetModuleHandleExW
DisableThreadLibraryCalls
VirtualProtect
GetSystemTimeAsFileTime
SetDllDirectoryW
ExitProcess
MultiByteToWideChar
SetCurrentDirectoryW
K32GetModuleFileNameExW
Process32NextW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
WaitForSingleObjectEx
GetStartupInfoA
GetSystemRegistryQuota
GlobalMemoryStatus
GetVersion
GlobalMemoryStatusEx
GetSystemTimes
GetExitCodeThread
SetThreadPriority
GetProcessTimes
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
VerifyVersionInfoA
LocalFree
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
QueueUserAPC
Process32FirstW
SetWaitableTimer
CreateEventA
SleepEx
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
VerSetConditionMask
Module32NextW
Module32FirstW
ReadProcessMemory
K32GetModuleInformation
CreateThread
GetComputerNameA
GetVolumeInformationA
FormatMessageW
LoadLibraryExW
GetModuleFileNameW
GetFullPathNameW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetCurrentDirectoryW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetModuleHandleExA
GetModuleFileNameA
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
VirtualFree
VirtualAlloc
Thread32Next
Thread32First
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
OpenThread
GetCurrentProcessId
HeapReAlloc
HeapCreate
LoadLibraryExA
FreeLibrary
VirtualQuery
GetSystemInfo
RaiseException
CreateToolhelp32Snapshot
WideCharToMultiByte
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetTickCount64
OpenProcess
GetCurrentThreadId
GetCurrentThread
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionEx
ExpandEnvironmentStringsA
GetSystemDirectoryA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
CreateFileA
GetFileSizeEx
GlobalAlloc
GlobalFree
GetEnvironmentVariableA
GetVersionExW
DeviceIoControl
WaitForMultipleObjectsEx
CancelWaitableTimer
CreateWaitableTimerW
GetPriorityClass
SwitchToFiber
DeleteFiber
CreateFiber
ConvertThreadToFiber
Sleep
HeapFree
HeapAlloc
CloseHandle
SetLastError
GetLastError
DuplicateHandle
WaitForMultipleObjects
USER32.dll (#3) EnumWindows
GetClassNameA
SetForegroundWindow
CallWindowProcA
GetWindowTextW
MessageBoxA
SetActiveWindow
ScreenToClient
MessageBoxW
GetKeyState
SendMessageA
IsWindowVisible
GetAsyncKeyState
GetCursorPos
LoadImageW
SetWindowLongPtrA
WindowFromPoint
libcef.dll (delay-loaded) cef_string_utf16_set
cef_string_utf16_clear
cef_string_utf8_to_utf16
cef_get_min_log_level
cef_string_utf16_cmp
cef_string_ascii_to_utf16
cef_string_utf8_clear
cef_string_utf16_to_utf8
cef_string_userfree_utf16_free
cef_string_list_alloc
cef_string_list_free
cef_post_task
cef_register_scheme_handler_factory
cef_execute_process
cef_initialize
cef_shutdown
cef_quit_message_loop
cef_enable_highdpi_support
cef_parse_url
cef_get_mime_type
cef_api_hash
cef_log
cef_stream_reader_create_for_file
cef_stream_reader_create_for_data
cef_request_context_get_global_context
cef_browser_host_create_browser
cef_string_map_alloc
cef_string_map_free
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_string_multimap_size
cef_string_multimap_key
cef_string_multimap_value
cef_string_multimap_append
cef_string_multimap_alloc
cef_string_multimap_free

Delayed Imports

Attributes 0x1
Name libcef.dll
ModuleHandle 0x63e380
DelayImportAddressTable 0x63b1d0
DelayImportNameTable 0x21acdd8
BoundDelayImportTable 0x626c20
UnloadDelayImportTable 0
TimeStamp 1970-Jan-01 00:00:00

2

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x17d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91161
MD5 1e4a89b11eae0fcf8bb5fdd5ec3b6f61
SHA1 4260284ce14278c397aaf6f389c1609b0ab0ce51
SHA256 4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df
SHA3 4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353

Version Info

TLS Callbacks

Load Configuration

Size 0x100
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x180631548

RICH Header

Errors

[!] Error: Could not reach the TLS callback table. [*] Warning: Section .text has a size of 0! [*] Warning: Section .code has a size of 0! [*] Warning: Section .rdata has a size of 0! [*] Warning: Section .data has a size of 0! [*] Warning: Section .pdata has a size of 0! [*] Warning: Section _RDATA has a size of 0! [*] Warning: Section .UPX0 has a size of 0!
<-- -->