Static task
static1
Behavioral task
behavioral1
Sample
4752b58ac1c9501cab1d6d0abaf309360b27cc909d715d812d0757d7efa82c5c.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
4752b58ac1c9501cab1d6d0abaf309360b27cc909d715d812d0757d7efa82c5c.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
4752b58ac1c9501cab1d6d0abaf309360b27cc909d715d812d0757d7efa82c5c
-
Size
764KB
-
MD5
660f9853c3c036794980d09c1cb26c1f
-
SHA1
7c9193b89ce2df48d58271cd77763e2c1936b983
-
SHA256
4752b58ac1c9501cab1d6d0abaf309360b27cc909d715d812d0757d7efa82c5c
-
SHA512
84357951445ed52e7a643ab8f9e3a54f8055f825ff91ac90d8a369f87c7836d6d6e55df6315d1b43f882d5c79527ad75183b4d33440d4fc59ebd4d8adb32a14c
-
SSDEEP
12288:oIg0xi3dneQvhVrp89+2xiS6QRnvd7KKaPOqQn6vA7xawLZ1DEj81+UMcspGnRmc:fg0mdn3vWZRvRKaqQ6v+ag3AI+SyGRhf
Malware Config
Signatures
Files
-
4752b58ac1c9501cab1d6d0abaf309360b27cc909d715d812d0757d7efa82c5c.exe windows x86
2d69bb583b194f6c19624e91990d9f93
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comdlg32
ReplaceTextW
GetOpenFileNameW
PageSetupDlgA
ChooseFontA
ReplaceTextA
PrintDlgExA
CommDlgExtendedError
FindTextA
GetSaveFileNameA
ChooseColorA
FindTextW
GetOpenFileNameA
GetSaveFileNameW
GetFileTitleA
GetFileTitleW
PrintDlgW
ChooseColorW
PrintDlgA
PageSetupDlgW
ChooseFontW
user32
GetLastActivePopup
CreateIconFromResourceEx
GetDoubleClickTime
GetKeyboardLayoutNameA
IsDialogMessageW
GetWindowLongA
LoadAcceleratorsW
SendMessageTimeoutA
GetLastInputInfo
ShowOwnedPopups
GetDlgItemInt
MessageBeep
SetProcessWindowStation
GetUpdateRect
GetTitleBarInfo
BringWindowToTop
SendNotifyMessageA
GetClipboardData
GetMenuInfo
GetDlgItem
LookupIconIdFromDirectoryEx
AppendMenuA
ScrollDC
GetNextDlgTabItem
OffsetRect
SetClassLongW
NotifyWinEvent
SetCaretPos
WinHelpA
IsZoomed
SetWindowTextA
GetMonitorInfoW
IntersectRect
DrawTextW
GetScrollPos
DdeDisconnect
EnumDisplaySettingsA
LoadMenuIndirectW
DdeCreateStringHandleA
GetPropW
DefFrameProcW
GetOpenClipboardWindow
CallMsgFilterA
CreateWindowExW
DefMDIChildProcW
WindowFromPoint
TrackMouseEvent
GetClassInfoW
AttachThreadInput
GetWindowInfo
ScrollWindowEx
GetClipboardFormatNameW
IsWindowVisible
PeekMessageA
GetUserObjectInformationA
GetMenuStringW
GetKeyboardLayout
CheckMenuRadioItem
LoadBitmapW
UpdateWindow
GetMessagePos
SetPropW
GetSystemMenu
ToUnicode
GetCursor
DdeUnaccessData
SetClassLongA
ClientToScreen
LockSetForegroundWindow
EndDialog
SetWindowPos
DdeFreeStringHandle
GetKeyNameTextW
IsIconic
GetForegroundWindow
RedrawWindow
GetIconInfo
SetFocus
DdeGetData
ValidateRgn
SystemParametersInfoA
DdeConnect
FindWindowW
GetGUIThreadInfo
GetTopWindow
IsCharLowerA
FindWindowExW
GetWindowRect
mouse_event
ReleaseDC
LoadMenuA
RegisterClassA
EnumWindows
UnhookWinEvent
CreateDialogIndirectParamA
SendDlgItemMessageW
MessageBoxExA
GetWindowWord
GetWindow
GetScrollRange
SendMessageW
FlashWindow
HideCaret
CreateMDIWindowW
DlgDirSelectExA
RegisterClipboardFormatA
CloseWindow
SetActiveWindow
SetDlgItemTextA
EnumDisplaySettingsW
ToUnicodeEx
BeginPaint
GetKeyNameTextA
GetWindowContextHelpId
GetMenuDefaultItem
RegisterClassExA
ToAscii
CharLowerBuffW
LoadIconA
TileWindows
InSendMessage
GetNextDlgGroupItem
DrawFocusRect
EnableWindow
CharNextA
SetMenuContextHelpId
TabbedTextOutW
SetUserObjectSecurity
LoadStringA
OpenDesktopW
CharLowerW
DialogBoxParamA
GrayStringW
GetClientRect
MsgWaitForMultipleObjects
DdePostAdvise
CopyIcon
SetParent
DdeCreateDataHandle
GetAsyncKeyState
CreateIconFromResource
VkKeyScanExA
IsDlgButtonChecked
CharUpperBuffW
CopyImage
GetDlgItemTextA
ChildWindowFromPoint
ChangeDisplaySettingsA
PostQuitMessage
DdeGetLastError
CharNextExA
CallWindowProcW
ScrollWindow
CharNextW
SendInput
PostMessageW
MapVirtualKeyExW
CopyAcceleratorTableW
GetMenuState
ModifyMenuW
CharPrevA
ActivateKeyboardLayout
DrawIconEx
DlgDirSelectComboBoxExA
LoadImageW
InsertMenuItemA
GetWindowTextLengthA
GetDC
GetClassLongW
UnpackDDElParam
SetWindowContextHelpId
GetDlgItemTextW
ShowScrollBar
TrackPopupMenuEx
GetMenuContextHelpId
DdeClientTransaction
SetWindowPlacement
ScreenToClient
EndPaint
DeferWindowPos
MoveWindow
GetMenuCheckMarkDimensions
AllowSetForegroundWindow
GetSubMenu
VkKeyScanA
GetParent
ExitWindowsEx
ClipCursor
CascadeWindows
DdeFreeDataHandle
EmptyClipboard
MapVirtualKeyExA
DrawStateA
CreateMenu
GetWindowTextLengthW
GetDlgCtrlID
DialogBoxIndirectParamW
GetCursorPos
ValidateRect
DefWindowProcW
MapVirtualKeyA
SetCapture
GetWindowDC
WinHelpW
SetWindowsHookExA
LoadStringW
CallNextHookEx
UnhookWindowsHookEx
LookupIconIdFromDirectory
RegisterDeviceNotificationW
IsWindowUnicode
DispatchMessageW
GetWindowLongW
GetClipboardOwner
GetMenuItemCount
wvsprintfW
GetUserObjectInformationW
UnregisterHotKey
IsMenu
GetThreadDesktop
MessageBoxIndirectA
DefFrameProcA
GetMenuItemInfoW
SwitchDesktop
DrawEdge
LoadKeyboardLayoutA
GetSystemMetrics
DrawFrameControl
RegisterWindowMessageW
SetCursor
CreateMDIWindowA
GetClipCursor
PostThreadMessageW
UnregisterClassW
ShowWindowAsync
FindWindowA
GetClipboardFormatNameA
OemToCharA
IsCharUpperA
CreateIcon
LoadIconW
CheckMenuItem
GetComboBoxInfo
MessageBoxW
DlgDirListComboBoxW
SetWindowRgn
GetTabbedTextExtentA
InsertMenuA
CheckDlgButton
SendNotifyMessageW
EnumChildWindows
RegisterClassW
CharUpperA
CallWindowProcA
IsRectEmpty
CloseWindowStation
GetKeyState
SetMenu
DrawTextA
GetMessageExtraInfo
PtInRect
EnableMenuItem
ShowCursor
DefMDIChildProcA
GetMenuItemInfoA
DdeInitializeW
TranslateAcceleratorA
MsgWaitForMultipleObjectsEx
MapDialogRect
CreateDesktopW
OemToCharBuffA
TranslateMDISysAccel
BeginDeferWindowPos
TranslateAcceleratorW
BroadcastSystemMessage
MapWindowPoints
SendMessageA
CreateAcceleratorTableW
LoadMenuIndirectA
DdeAccessData
PostThreadMessageA
GetUserObjectSecurity
IsDialogMessageA
IsClipboardFormatAvailable
keybd_event
DialogBoxIndirectParamA
CheckRadioButton
HiliteMenuItem
InsertMenuW
GetPropA
DestroyIcon
SetLayeredWindowAttributes
KillTimer
DlgDirListA
SubtractRect
IsWindow
GetMenu
SetClipboardData
CreateAcceleratorTableA
AnimateWindow
GrayStringA
DestroyAcceleratorTable
DestroyCaret
VkKeyScanW
GetWindowThreadProcessId
GetClassWord
RegisterClipboardFormatW
SetMenuInfo
CreateDialogParamW
GetWindowRgn
IsCharAlphaNumericW
UnionRect
CreateCursor
DeleteMenu
GetClassNameA
DefWindowProcA
UnregisterClassA
SendMessageTimeoutW
WaitMessage
wsprintfA
InvalidateRect
LockWindowUpdate
ReleaseCapture
MonitorFromWindow
LoadImageA
SetMenuDefaultItem
GetSysColor
ChangeClipboardChain
CopyRect
GetWindowPlacement
FillRect
DispatchMessageA
ReuseDDElParam
CreateDialogIndirectParamW
LoadCursorW
SetWindowLongA
DrawTextExW
GetClassInfoExA
OpenClipboard
LoadMenuW
SetMessageExtraInfo
DrawTextExA
CharLowerBuffA
RealChildWindowFromPoint
IsWindowEnabled
TranslateMessage
ChangeDisplaySettingsW
PackDDElParam
OpenWindowStationA
GetQueueStatus
wvsprintfA
MonitorFromRect
SetScrollRange
RegisterClassExW
GetWindowTextA
DestroyWindow
TrackPopupMenu
MessageBoxA
SetKeyboardState
SystemParametersInfoW
GetMenuItemID
RemovePropA
SetWindowLongW
GetCaretPos
RemoveMenu
SetCursorPos
GetCursorInfo
CharUpperW
WaitForInputIdle
CreatePopupMenu
InflateRect
IsCharAlphaNumericA
CharToOemBuffA
RegisterHotKey
SwapMouseButton
SetWindowsHookExW
GetDesktopWindow
SetScrollInfo
GetActiveWindow
SetCaretBlinkTime
IsCharLowerW
SetTimer
LoadBitmapA
DdeCreateStringHandleW
SetDoubleClickTime
DdeQueryStringA
SetDlgItemTextW
InsertMenuItemW
GetWindowModuleFileNameW
CloseDesktop
DefDlgProcA
EnumClipboardFormats
ExcludeUpdateRgn
FrameRect
SetRect
UnregisterDeviceNotification
GetMonitorInfoA
GetMessageA
GetMessageW
ArrangeIconicWindows
SetClipboardViewer
LoadCursorFromFileA
LoadCursorFromFileW
GetClassLongA
DdeQueryStringW
SetMenuItemInfoA
SetMenuItemBitmaps
CopyAcceleratorTableA
GetAncestor
SetThreadDesktop
DlgDirListComboBoxA
CharToOemA
DrawStateW
SetDlgItemInt
wsprintfW
SendDlgItemMessageA
WindowFromDC
IsDialogMessage
GetScrollInfo
EnumDisplayMonitors
SetWindowTextW
GetInputState
GetCapture
GetMenuStringA
DestroyMenu
DialogBoxParamW
InvalidateRgn
TileChildWindows
LoadCursorA
DestroyCursor
EqualRect
OpenWindowStationW
SetForegroundWindow
AdjustWindowRect
CountClipboardFormats
EndDeferWindowPos
GetClipboardViewer
ReplyMessage
CreateWindowExA
GetDCEx
DdeUninitialize
GetMenuItemRect
EnableScrollBar
GetCaretBlinkTime
FindWindowExA
GetDialogBaseUnits
GetProcessWindowStation
EnumThreadWindows
RegisterWindowMessageA
SetScrollPos
GetClassNameW
DrawAnimatedRects
OpenDesktopA
GetClassInfoA
GetFocus
OpenInputDesktop
PostMessageA
DdeInitializeA
LoadAcceleratorsA
SetRectEmpty
SetMenuItemInfoW
CreateIconIndirect
EnumDesktopWindows
MenuItemFromPoint
GetUpdateRgn
InvertRect
ShowWindow
ChildWindowFromPointEx
GetWindowTextW
GetKeyboardState
SetPropA
IsCharAlphaA
CharLowerA
FreeDDElParam
RemovePropW
GetClassInfoExW
AppendMenuW
GetMenuBarInfo
PeekMessageW
GetSysColorBrush
CreateCaret
CreateDialogParamA
FlashWindowEx
GetMessageTime
DragDetect
AdjustWindowRectEx
ShowCaret
ToAsciiEx
MapVirtualKeyW
DrawCaption
TabbedTextOutA
IsChild
CloseClipboard
CharUpperBuffA
MonitorFromPoint
DrawIcon
OpenIcon
GetScrollBarInfo
GetKeyboardLayoutList
DrawMenuBar
wsock32
WSACleanup
winspool.drv
EnumJobsA
EndPagePrinter
GetPrinterDriverDirectoryA
AddPrinterA
GetPrinterA
DocumentPropertiesW
DeletePrinter
SetJobW
EndDocPrinter
DocumentPropertiesA
StartDocPrinterA
FindFirstPrinterChangeNotification
ClosePrinter
GetJobA
EnumPrintersW
PrinterProperties
GetPrinterDriverA
DeviceCapabilitiesW
EnumPortsW
AddPrinterDriverA
EnumPortsA
DeletePrintProcessorA
FreePrinterNotifyInfo
AddFormW
GetPrinterW
StartDocPrinterW
WritePrinter
OpenPrinterA
DeletePrinterDriverA
DeleteFormW
OpenPrinterW
DeletePrintProcessorW
EnumPrintersA
ord204
SetPrinterW
SetPrinterDataW
AbortPrinter
EnumPrinterDriversA
EnumJobsW
GetFormW
SetPrinterA
EnumFormsW
GetJobW
DeviceCapabilitiesA
StartPagePrinter
FindNextPrinterChangeNotification
ole32
ReleaseStgMedium
OleRun
ProgIDFromCLSID
GetHGlobalFromStream
CoInitialize
CoLoadLibrary
StgOpenStorage
BindMoniker
StgCreateDocfileOnILockBytes
CreateDataAdviseHolder
CreateClassMoniker
CoRevokeClassObject
StgIsStorageFile
CoUnmarshalInterface
OleCreateLinkToFile
CoFreeUnusedLibraries
CoReleaseMarshalData
DoDragDrop
OleLoad
OleDestroyMenuDescriptor
CoSuspendClassObjects
CoQueryProxyBlanket
CoCopyProxy
ReadClassStm
OleDuplicateData
CoInitializeEx
CoSetProxyBlanket
OleIsCurrentClipboard
StgIsStorageILockBytes
OleCreate
CoImpersonateClient
CoInitializeSecurity
GetRunningObjectTable
StringFromGUID2
CoLockObjectExternal
SetConvertStg
OleInitialize
IsAccelerator
ReadFmtUserTypeStg
OleRegGetMiscStatus
OleUninitialize
OleGetClipboard
RegisterDragDrop
OleCreateStaticFromData
OleCreateFromData
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoGetObject
CreateStreamOnHGlobal
StringFromIID
CoFileTimeNow
CreateBindCtx
OleRegEnumVerbs
ReadClassStg
CoTaskMemRealloc
WriteClassStg
CreateGenericComposite
OleCreateFromFile
CoRegisterMallocSpy
CLSIDFromProgID
OleGetIconOfClass
IIDFromString
MkParseDisplayName
OleSetMenuDescriptor
GetHGlobalFromILockBytes
CoTaskMemFree
OleRegGetUserType
CoResumeClassObjects
CoTreatAsClass
CoUninitialize
CoRevertToSelf
OleIsRunning
StringFromCLSID
OleCreateMenuDescriptor
OleTranslateAccelerator
CLSIDFromString
RevokeDragDrop
StgCreateStorageEx
OleFlushClipboard
CreateItemMoniker
CoMarshalInterface
OleQueryLinkFromData
CoDisconnectObject
OleDraw
OleSaveToStream
OleSetClipboard
CoRegisterClassObject
CoGetClassObject
GetClassFile
OleLoadFromStream
WriteFmtUserTypeStg
CoCreateGuid
CreateOleAdviseHolder
CoCreateInstanceEx
OleSetContainedObject
CreateFileMoniker
OleQueryCreateFromData
PropVariantClear
CoGetMalloc
CoRegisterMessageFilter
StgCreateDocfile
CoRevokeMallocSpy
CoGetInterfaceAndReleaseStream
FreePropVariantArray
CoCreateInstance
WriteClassStm
OleLockRunning
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleSave
OleCreateLinkFromData
shell32
DragAcceptFiles
SHGetFolderLocation
SHGetSpecialFolderPathA
SHFileOperationA
ShellExecuteExW
SHGetDataFromIDListA
SHCreateDirectoryExA
DragQueryFileW
ExtractIconExW
SHEmptyRecycleBinA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetFolderPathA
ShellExecuteExA
SHGetFileInfoW
SHFreeNameMappings
SHGetFileInfoA
SHGetPathFromIDListW
SHGetPathFromIDListA
SHBrowseForFolderW
SHGetFolderPathW
FindExecutableA
SHGetDataFromIDListW
CommandLineToArgvW
DragQueryPoint
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetDesktopFolder
DoEnvironmentSubstW
SHAppBarMessage
SHGetInstanceExplorer
ShellExecuteA
ShellExecuteW
DuplicateIcon
Shell_NotifyIconW
SHFileOperationW
SHBindToParent
SHChangeNotify
SHAddToRecentDocs
ExtractIconW
ExtractIconExA
ord155
FindExecutableW
SHGetMalloc
ExtractIconA
Shell_NotifyIconA
comctl32
ImageList_GetImageCount
ImageList_GetBkColor
ImageList_GetIconSize
ImageList_Copy
ImageList_Merge
ImageList_ReplaceIcon
MakeDragList
ImageList_LoadImageA
_TrackMouseEvent
ImageList_SetImageCount
PropertySheetA
FlatSB_ShowScrollBar
ImageList_DragShowNolock
ImageList_AddMasked
CreatePropertySheetPageA
ImageList_Duplicate
ImageList_SetBkColor
ImageList_GetDragImage
ImageList_AddIcon
ImageList_SetIconSize
ImageList_SetFlags
ImageList_Create
ImageList_Read
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_EndDrag
ImageList_DragMove
ImageList_Draw
ImageList_Destroy
ImageList_DragEnter
DrawStatusTextW
ImageList_Write
ImageList_BeginDrag
ImageList_DrawEx
PropertySheetW
CreateUpDownControl
ImageList_SetDragCursorImage
ImageList_Remove
InitializeFlatSB
InitCommonControlsEx
ImageList_LoadImageW
ImageList_DragLeave
FlatSB_EnableScrollBar
ImageList_GetImageInfo
CreateToolbarEx
ord17
ImageList_Replace
CreateStatusWindowW
DestroyPropertySheetPage
ImageList_Add
CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_GetIcon
advapi32
LookupPrivilegeDisplayNameA
CryptVerifySignatureA
RegOpenKeyW
AccessCheck
SetFileSecurityW
SetSecurityDescriptorControl
LookupPrivilegeValueW
RevertToSelf
SetSecurityInfo
StartServiceCtrlDispatcherW
GetFileSecurityA
RegEnumKeyW
GetUserNameA
RegUnLoadKeyW
ConvertSecurityDescriptorToStringSecurityDescriptorW
LsaLookupSids
ImpersonateLoggedOnUser
RegCreateKeyExW
GetSecurityInfo
GetSecurityDescriptorDacl
RegSetValueExA
ConvertStringSidToSidW
QueryServiceStatusEx
ConvertSidToStringSidW
CryptDecrypt
RegCreateKeyA
LookupPrivilegeNameA
ReportEventW
InitializeAcl
SetServiceStatus
AddAce
MakeAbsoluteSD
IsValidAcl
GetAce
ImpersonateSelf
LsaOpenPolicy
QueryServiceStatus
RegOpenKeyExW
GetAclInformation
LockServiceDatabase
OpenThreadToken
RegFlushKey
RegEnumValueW
RegLoadKeyA
QueryServiceConfigW
SetNamedSecurityInfoA
CryptDestroyKey
EnumServicesStatusA
RegUnLoadKeyA
RegSaveKeyW
GetEffectiveRightsFromAclA
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptAcquireContextA
SetTokenInformation
GetTokenInformation
DeleteService
ChangeServiceConfigA
LsaLookupNames
CryptDestroyHash
InitializeSid
EncryptFileW
RegQueryValueW
RegisterEventSourceA
RegNotifyChangeKeyValue
UnlockServiceDatabase
GetSecurityDescriptorLength
CloseServiceHandle
GetSidLengthRequired
RegOpenKeyA
OpenSCManagerW
GetSidSubAuthority
CryptGetHashParam
CryptExportKey
CreateServiceW
GetSecurityDescriptorGroup
CryptEncrypt
SetServiceObjectSecurity
RegSetValueW
GetKernelObjectSecurity
GetSecurityDescriptorOwner
RegCloseKey
CryptEnumProvidersW
ChangeServiceConfigW
MapGenericMask
RegQueryInfoKeyA
BuildTrusteeWithNameW
RegRestoreKeyA
GetSidIdentifierAuthority
DeregisterEventSource
CopySid
RegQueryValueExA
LsaFreeMemory
StartServiceW
RegOpenCurrentUser
RegSetValueA
LogonUserA
EqualPrefixSid
CloseEncryptedFileRaw
CryptGetKeyParam
AdjustTokenPrivileges
CreateProcessAsUserA
AddAccessAllowedAce
SetFileSecurityA
ChangeServiceConfig2W
SetEntriesInAclA
IsValidSecurityDescriptor
ChangeServiceConfig2A
CryptHashData
OpenEncryptedFileRawW
CryptGenRandom
RegCreateKeyExA
GetExplicitEntriesFromAclW
EqualSid
RegisterEventSourceW
BuildExplicitAccessWithNameW
RegDeleteValueA
RegDeleteKeyA
LsaAddAccountRights
GetUserNameW
RegDeleteKeyW
RegQueryValueExW
RegQueryInfoKeyW
GetSecurityDescriptorSacl
AllocateAndInitializeSid
GetSecurityDescriptorControl
RegisterServiceCtrlHandlerExA
OpenProcessToken
ImpersonateNamedPipeClient
ControlService
CryptSetProvParam
SetSecurityDescriptorSacl
LsaQueryInformationPolicy
RegConnectRegistryW
IsValidSid
GetLengthSid
RegisterServiceCtrlHandlerW
RegGetKeySecurity
MakeSelfRelativeSD
GetFileSecurityW
InitiateSystemShutdownA
LookupAccountSidA
LsaClose
CryptAcquireContextW
DuplicateTokenEx
SetSecurityDescriptorDacl
CreateWellKnownSid
SetNamedSecurityInfoW
RegConnectRegistryA
RegLoadKeyW
QueryServiceConfigA
CreateProcessAsUserW
SetEntriesInAclW
GetSidSubAuthorityCount
LsaNtStatusToWinError
RegDisablePredefinedCache
ReportEventA
InitiateSystemShutdownExW
GetNamedSecurityInfoW
EnumDependentServicesW
RegRestoreKeyW
CreateServiceA
FreeSid
LogonUserW
CryptDeriveKey
RegCreateKeyW
StartServiceA
LookupPrivilegeValueA
DuplicateToken
DeleteAce
CryptCreateHash
LookupAccountNameW
WriteEncryptedFileRaw
RegEnumValueA
SetSecurityDescriptorOwner
SetThreadToken
RegSaveKeyA
RegEnumKeyExW
RegSetValueExW
OpenServiceW
CryptGetUserKey
OpenSCManagerA
RegEnumKeyExA
SetSecurityDescriptorGroup
RegDeleteValueW
CryptGenKey
RegQueryValueA
ConvertStringSidToSidA
CryptImportKey
InitializeSecurityDescriptor
LookupAccountSidW
RegOpenKeyExA
StartServiceCtrlDispatcherA
CryptReleaseContext
GetNamedSecurityInfoA
CheckTokenMembership
LsaRemoveAccountRights
RegEnumKeyA
LookupAccountNameA
RegSetKeySecurity
BuildTrusteeWithSidW
RegisterServiceCtrlHandlerA
OpenServiceA
QueryServiceLockStatusW
ReadEncryptedFileRaw
version
VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoSizeA
VerInstallFileA
VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoW
kernel32
ResumeThread
LocalFileTimeToFileTime
GetTimeFormatW
GetTempPathA
IsDBCSLeadByte
SetConsoleCursorPosition
SetThreadPriority
GetFileSize
EnumLanguageGroupLocalesW
EndUpdateResourceW
TransmitCommChar
GetLocalTime
DeleteVolumeMountPointA
GetUserDefaultLCID
GetVolumeInformationA
Heap32ListNext
FormatMessageW
SetFilePointerEx
GetTapeParameters
SetThreadLocale
GetLocaleInfoW
SetTimeZoneInformation
GetLocaleInfoA
SetThreadAffinityMask
EnumCalendarInfoW
ReadDirectoryChangesW
ReadFile
GetDriveTypeW
FindFirstChangeNotificationA
GetThreadLocale
VerifyVersionInfoA
EnumSystemLanguageGroupsW
lstrcatW
SuspendThread
EnumCalendarInfoA
SwitchToFiber
GetSystemDirectoryA
WriteFileEx
FreeEnvironmentStringsA
Thread32First
QueryDosDeviceA
WritePrivateProfileSectionA
MapViewOfFile
LCMapStringA
FindFirstVolumeW
SetConsoleTitleW
Module32First
InitializeCriticalSection
FreeEnvironmentStringsW
GetUserDefaultUILanguage
SetVolumeLabelW
LoadLibraryExW
FindFirstFileExW
GetCommandLineW
MultiByteToWideChar
UnlockFile
GetComputerNameA
Sleep
FindClose
lstrlenW
DeleteVolumeMountPointW
FindNextChangeNotification
SetHandleCount
CreateToolhelp32Snapshot
GetNumberFormatW
FindResourceExW
MoveFileW
SetEnvironmentVariableA
SleepEx
TlsAlloc
CancelIo
WriteProcessMemory
VirtualQueryEx
PeekNamedPipe
lstrcmpA
VirtualFreeEx
InterlockedCompareExchange
FileTimeToSystemTime
SetCommConfig
GetCommTimeouts
GetFileAttributesExW
CreateEventA
OpenMutexA
GetConsoleMode
BeginUpdateResourceW
LockResource
TerminateThread
InitializeCriticalSectionAndSpinCount
ConvertDefaultLocale
GetProfileStringW
GlobalDeleteAtom
GetDiskFreeSpaceExW
CreateSemaphoreA
QueueUserWorkItem
WriteConsoleOutputW
GetFileType
CreateDirectoryW
GetFileAttributesW
QueryPerformanceFrequency
SetProcessPriorityBoost
GetCommState
GlobalGetAtomNameW
LocalUnlock
ConvertThreadToFiber
VerSetConditionMask
SetHandleInformation
GetQueuedCompletionStatus
GetConsoleCP
MoveFileA
SystemTimeToTzSpecificLocalTime
CloseHandle
GetVersionExA
_lclose
EscapeCommFunction
ExitThread
IsBadCodePtr
FindResourceA
SetCommMask
GlobalLock
UnlockFileEx
_hwrite
WriteConsoleA
QueueUserAPC
TlsSetValue
GetTimeFormatA
_lcreat
WaitForDebugEvent
GetDiskFreeSpaceW
Toolhelp32ReadProcessMemory
WaitForMultipleObjects
BuildCommDCBA
WriteConsoleW
GetProcessWorkingSetSize
EndUpdateResourceA
GetPrivateProfileSectionNamesA
SetNamedPipeHandleState
FindNextVolumeW
Process32First
OpenFileMappingW
lstrcatA
DuplicateHandle
EnumResourceLanguagesW
TlsGetValue
GetSystemTime
CreateFileMappingA
HeapReAlloc
TryEnterCriticalSection
Module32NextW
FindCloseChangeNotification
FindAtomW
GetVersion
GetPrivateProfileIntW
CreateFileA
SetMailslotInfo
GetFileTime
GetSystemDefaultLCID
GetProcessHeaps
HeapDestroy
WritePrivateProfileStructA
OpenFile
BackupRead
ConnectNamedPipe
SetThreadExecutionState
EnumUILanguagesW
lstrcmpW
AddAtomW
GlobalSize
GetVolumePathNameW
GetSystemDirectoryW
SetCurrentDirectoryA
GlobalFindAtomA
SetCurrentDirectoryW
InterlockedIncrement
OpenProcess
DisableThreadLibraryCalls
SetFileAttributesW
GetProcessHeap
_lopen
AllocConsole
PostQueuedCompletionStatus
MoveFileExW
SetFilePointer
CompareFileTime
RtlUnwind
GetOverlappedResult
DefineDosDeviceA
HeapCompact
LeaveCriticalSection
GetEnvironmentVariableW
GetDiskFreeSpaceA
FileTimeToLocalFileTime
GetComputerNameExA
DeleteAtom
OutputDebugStringA
GetVolumeNameForVolumeMountPointA
GetFullPathNameA
CreateThread
GetSystemInfo
VirtualProtect
LocalLock
WaitForSingleObject
lstrcpynA
SizeofResource
ReadProcessMemory
SystemTimeToFileTime
GetVersionExW
GetFileSizeEx
CompareStringA
WinExec
GetCommProperties
GetEnvironmentStringsW
SetCommBreak
LocalReAlloc
EnumCalendarInfoExW
QueryDosDeviceW
CopyFileW
WaitForSingleObjectEx
SetCommTimeouts
CreateWaitableTimerA
VirtualLock
SetComputerNameW
VirtualProtectEx
LocalAlloc
WriteProfileStringA
GlobalReAlloc
GetCurrentThread
ExpandEnvironmentStringsW
FlushFileBuffers
TlsFree
GetCommConfig
GetStringTypeExW
CreateFiber
GetACP
GlobalFindAtomW
SetWaitableTimer
GetVolumePathNameA
GetShortPathNameW
GetPrivateProfileIntA
InterlockedDecrement
CreateMutexW
GetProfileIntW
GlobalMemoryStatusEx
InterlockedExchangeAdd
GetFileInformationByHandle
SearchPathA
OpenThread
TerminateProcess
SetProcessWorkingSetSize
lstrcpyA
InterlockedExchange
EnumResourceLanguagesA
GetLogicalDriveStringsW
LocalHandle
VerLanguageNameA
GetDiskFreeSpaceExA
SetEvent
FindFirstFileW
GetEnvironmentVariableA
DebugActiveProcess
CopyFileExW
_lwrite
GetFileAttributesExA
GetTempFileNameA
Thread32Next
CopyFileExA
GlobalAddAtomA
WritePrivateProfileStringA
CreateMailslotA
IsBadWritePtr
CreateProcessA
GetThreadContext
Heap32ListFirst
GetModuleFileNameW
EnterCriticalSection
GetBinaryTypeA
SetConsoleMode
LCMapStringW
GetModuleHandleW
CreateProcessW
OpenSemaphoreW
GetLogicalDrives
OpenSemaphoreA
SetTapePosition
LocalCompact
LockFileEx
FileTimeToDosDateTime
WaitForMultipleObjectsEx
FreeResource
WideCharToMultiByte
SetLastError
CreateDirectoryA
Process32NextW
LocalSize
GetTempPathW
GetStringTypeA
GetVolumeNameForVolumeMountPointW
WaitNamedPipeA
SetEnvironmentVariableW
GlobalHandle
ReadConsoleInputA
GetWindowsDirectoryA
GetNumberFormatA
GetPrivateProfileSectionA
PurgeComm
IsBadStringPtrA
SwitchToThread
GetExitCodeProcess
LoadLibraryW
SetProcessAffinityMask
SetUnhandledExceptionFilter
GetStdHandle
VirtualQuery
GetSystemTimeAdjustment
SetupComm
SetPriorityClass
FlushViewOfFile
WaitNamedPipeW
IsValidCodePage
VirtualAlloc
GetSystemPowerStatus
GetStringTypeExA
GlobalFree
ExpandEnvironmentStringsA
GetCurrentProcessId
GetProcessVersion
GetAtomNameA
Module32FirstW
GetThreadTimes
GetCurrentDirectoryW
GetStartupInfoW
IsDBCSLeadByteEx
GetPrivateProfileStructA
DebugBreak
GlobalMemoryStatus
SetLocalTime
_hread
ContinueDebugEvent
PulseEvent
GetProcAddress
GetStringTypeW
RtlFillMemory
ExitProcess
VirtualFree
CreateNamedPipeA
SetErrorMode
SetFileTime
ProcessIdToSessionId
SetThreadContext
GetLastError
Module32Next
GetTempFileNameW
GetCurrentThreadId
CreateDirectoryExA
GlobalGetAtomNameA
GetUserDefaultLangID
HeapAlloc
_llseek
IsProcessorFeaturePresent
EnumResourceNamesW
IsBadStringPtrW
FlushInstructionCache
GetCommandLineA
GetComputerNameExW
DeviceIoControl
GetLongPathNameA
GetDateFormatA
DosDateTimeToFileTime
OpenMutexW
GetThreadPriority
SetConsoleCtrlHandler
GetProfileStringA
GetSystemDefaultLangID
GetEnvironmentStrings
CreateFileW
SetCommState
VerifyVersionInfoW
EnumSystemLocalesA
FreeConsole
lstrcmpiW
FreeLibrary
GetHandleInformation
GetCurrencyFormatA
GlobalAlloc
GetPriorityClass
FormatMessageA
EnumResourceTypesA
FindNextFileW
GetFileAttributesA
GlobalAddAtomW
WriteProfileStringW
LockFile
HeapFree
BackupSeek
EnumResourceNamesA
GetProcessAffinityMask
HeapValidate
GetExitCodeThread
Beep
Process32Next
SetEndOfFile
MoveFileExA
DeleteCriticalSection
CommConfigDialogW
SetVolumeLabelA
FindFirstFileA
IsBadReadPtr
GetDateFormatW
_lread
HeapSize
lstrcpynW
QueryPerformanceCounter
ClearCommBreak
GetPrivateProfileStringW
IsValidLocale
LoadResource
RaiseException
GetConsoleScreenBufferInfo
WritePrivateProfileStringW
CreatePipe
GetWindowsDirectoryW
OpenEventW
SearchPathW
CreateWaitableTimerW
GetLongPathNameW
UpdateResourceW
GetOEMCP
FindFirstChangeNotificationW
CreateMutexA
lstrcpyW
VirtualAllocEx
ReleaseMutex
SetFileAttributesA
OutputDebugStringW
UnmapViewOfFile
GetModuleHandleA
CreateEventW
LoadLibraryExA
UnhandledExceptionFilter
GetModuleFileNameA
GetTickCount
GetConsoleOutputCP
WriteFile
UpdateResourceA
FindNextFileA
GetPrivateProfileStringA
GetShortPathNameA
ClearCommError
lstrcmpiA
FindVolumeClose
GlobalUnlock
RemoveDirectoryA
Heap32Next
ResetEvent
CreateFileMappingW
GetProfileIntA
Process32FirstW
ReleaseSemaphore
GetProfileSectionA
AreFileApisANSI
GetProcessTimes
GetCPInfo
CreateNamedPipeW
FindResourceW
GetMailslotInfo
DisconnectNamedPipe
OpenEventA
VirtualUnlock
lstrlenA
LoadLibraryA
CopyFileA
FatalAppExitA
GetCompressedFileSizeW
SetProcessShutdownParameters
GetVolumeInformationW
WaitCommEvent
BeginUpdateResourceA
FlushConsoleInputBuffer
BackupWrite
GetComputerNameW
HeapCreate
DeleteFiber
WritePrivateProfileSectionW
GetTimeZoneInformation
RemoveDirectoryW
GetFullPathNameW
GetStartupInfoA
GetDriveTypeA
CompareStringW
OpenFileMappingA
CreateSemaphoreW
SetStdHandle
GetCommModemStatus
GetLogicalDriveStringsA
Heap32First
DeleteFileA
FindResourceExA
SetSystemTime
WritePrivateProfileStructW
GetCurrentDirectoryA
GetSystemWindowsDirectoryA
Sections
.text Size: 96KB - Virtual size: 95KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 488KB - Virtual size: 487KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 140KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ