Static task
static1
Behavioral task
behavioral1
Sample
cd36f5980e377bcc6fe073d343f063075f624ed4227f91a80e9bd5591836e90a.exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral2
Sample
cd36f5980e377bcc6fe073d343f063075f624ed4227f91a80e9bd5591836e90a.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
cd36f5980e377bcc6fe073d343f063075f624ed4227f91a80e9bd5591836e90a
-
Size
512KB
-
MD5
07165b82541d413e6f987336febc559b
-
SHA1
ade7dd6f95f573b60c452f5061a8fc95c6be5477
-
SHA256
cd36f5980e377bcc6fe073d343f063075f624ed4227f91a80e9bd5591836e90a
-
SHA512
b2af4c818c96786dd9f818538d62e12b71a4e20facf9f0f74d80f1fa2eb283684e0c12f7ce75f324ace0f532dc22dacc9283b6c241d1fc4bb8dd75c2530568bf
-
SSDEEP
12288:9gqCoApAy5NYK7WWjWhvXlBsdDm2J12ky5zwokQBkrci:9gq4kK7WWShs9z2qo1kr
Malware Config
Signatures
Files
-
cd36f5980e377bcc6fe073d343f063075f624ed4227f91a80e9bd5591836e90a.exe windows x86
7c606afcb46ca86bc3bd846d9679746f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord1576
comdlg32
GetSaveFileNameW
PrintDlgW
FindTextW
ChooseColorA
GetOpenFileNameA
ReplaceTextW
GetOpenFileNameW
FindTextA
ChooseFontA
PageSetupDlgA
ChooseColorW
CommDlgExtendedError
PrintDlgA
PrintDlgExA
GetFileTitleW
PageSetupDlgW
GetFileTitleA
GetSaveFileNameA
ChooseFontW
ReplaceTextA
wininet
InternetGetCookieW
FtpCreateDirectoryA
InternetGetConnectedState
InternetGoOnline
InternetOpenA
InternetCloseHandle
FtpCreateDirectoryW
FtpGetCurrentDirectoryA
CommitUrlCacheEntryA
HttpQueryInfoA
InternetSetOptionExA
FtpOpenFileW
SetUrlCacheEntryInfoA
HttpSendRequestA
FindCloseUrlCache
FindFirstUrlCacheEntryA
ReadUrlCacheEntryStream
InternetGetCookieA
InternetAutodial
InternetTimeToSystemTimeW
FtpDeleteFileA
HttpEndRequestW
FindFirstUrlCacheEntryW
FtpFindFirstFileW
InternetGetLastResponseInfoA
InternetOpenUrlA
InternetAutodialHangup
HttpSendRequestExA
InternetCrackUrlW
InternetCheckConnectionA
InternetErrorDlg
HttpSendRequestW
InternetAttemptConnect
InternetQueryDataAvailable
InternetOpenW
DeleteUrlCacheEntry
FtpSetCurrentDirectoryA
InternetDial
InternetQueryOptionW
InternetCombineUrlA
FtpPutFileW
FtpRemoveDirectoryW
InternetReadFile
FtpRemoveDirectoryA
HttpEndRequestA
CreateUrlCacheEntryA
InternetGetConnectedStateExW
HttpAddRequestHeadersW
DetectAutoProxyUrl
InternetConnectA
HttpSendRequestExW
HttpAddRequestHeadersA
InternetSetOptionA
UnlockUrlCacheEntryStream
GetUrlCacheEntryInfoW
FtpSetCurrentDirectoryW
DeleteUrlCacheEntryW
FtpDeleteFileW
InternetSetFilePointer
FtpOpenFileA
FindNextUrlCacheEntryW
InternetCheckConnectionW
FindNextUrlCacheEntryA
InternetConnectW
InternetTimeFromSystemTime
FtpGetFileA
InternetSetStatusCallbackW
HttpQueryInfoW
FtpGetFileSize
InternetGetLastResponseInfoW
InternetTimeToSystemTime
HttpOpenRequestW
InternetCrackUrlA
InternetOpenUrlW
InternetSetCookieA
InternetQueryOptionA
InternetCanonicalizeUrlA
FtpFindFirstFileA
InternetSetOptionW
InternetWriteFile
FtpRenameFileA
InternetSetStatusCallback
InternetCanonicalizeUrlW
InternetFindNextFileA
RetrieveUrlCacheEntryStreamW
FtpPutFileA
HttpOpenRequestA
kernel32
OpenSemaphoreA
GetVersionExW
InterlockedCompareExchange
LoadLibraryA
GetSystemTimeAdjustment
LocalSize
DeleteFiber
EnumLanguageGroupLocalesW
GetStartupInfoA
WaitNamedPipeA
SetErrorMode
CreateNamedPipeW
GetPrivateProfileStructA
ExpandEnvironmentStringsW
lstrcpyW
LCMapStringA
ContinueDebugEvent
EnumResourceNamesA
CreateSemaphoreW
EnumResourceNamesW
DeleteAtom
Module32First
EnumSystemLanguageGroupsW
GetFullPathNameA
GetExitCodeProcess
VirtualFree
GetEnvironmentStringsW
GlobalMemoryStatus
GetTempPathA
GetTapeParameters
DeleteVolumeMountPointW
FindResourceExW
VirtualProtectEx
CopyFileW
SetFilePointer
FormatMessageA
WaitForMultipleObjects
CreateMutexW
SetCommTimeouts
VirtualUnlock
Beep
Module32FirstW
VirtualProtect
CreateThread
VirtualLock
MapViewOfFile
GetSystemWindowsDirectoryA
FindFirstChangeNotificationW
GetDateFormatW
IsBadReadPtr
GetCurrentDirectoryA
GetModuleFileNameW
GetVersionExA
lstrcatW
GetProfileIntA
GetLogicalDrives
Heap32ListNext
FlushViewOfFile
SetTapePosition
SystemTimeToFileTime
DebugActiveProcess
GlobalMemoryStatusEx
HeapCompact
FileTimeToSystemTime
ReadFile
GetShortPathNameW
SetUnhandledExceptionFilter
WideCharToMultiByte
SizeofResource
Process32First
OpenMutexW
SetFileAttributesA
SetCommBreak
HeapReAlloc
SetCommState
WriteConsoleW
GetLocalTime
MoveFileExW
WriteFileEx
AreFileApisANSI
GetProcessVersion
lstrcmpW
GetProfileStringW
WriteConsoleA
ProcessIdToSessionId
LoadLibraryExA
OpenThread
WriteFile
CreateWaitableTimerW
LockFile
VerifyVersionInfoW
LockFileEx
CreateMailslotA
GetLocaleInfoA
WritePrivateProfileSectionA
GetCurrentDirectoryW
EndUpdateResourceW
IsBadStringPtrW
GetOEMCP
ReleaseSemaphore
OpenMutexA
CreateSemaphoreA
GetExitCodeThread
BeginUpdateResourceW
GetACP
SetEnvironmentVariableA
GetModuleHandleA
CopyFileA
FatalAppExitA
SetupComm
GetComputerNameExW
FindNextFileW
OpenEventA
FlushInstructionCache
MulDiv
TransmitCommChar
GetCommProperties
GetTempFileNameA
CommConfigDialogW
SetComputerNameW
CreatePipe
CancelIo
SetNamedPipeHandleState
GetCommandLineW
GetProfileStringA
GetPrivateProfileStringW
GetComputerNameExA
GetCPInfo
GetSystemTime
ReadConsoleInputA
GetPriorityClass
SearchPathW
FindAtomW
GetCurrentThread
DeleteVolumeMountPointA
OpenFileMappingA
HeapDestroy
FreeEnvironmentStringsW
UnlockFile
LoadLibraryExW
FreeLibrary
GetFullPathNameW
GetFileAttributesExA
PurgeComm
lstrcpynW
QueryDosDeviceA
EnumCalendarInfoA
QueryDosDeviceW
GetWindowsDirectoryA
BackupRead
SetConsoleTitleW
GetFileAttributesW
GetProcessAffinityMask
FreeResource
SetFileTime
ReleaseMutex
OpenFileMappingW
ExitProcess
LocalLock
DuplicateHandle
EnterCriticalSection
SetPriorityClass
GetEnvironmentVariableW
SetProcessWorkingSetSize
GetVersion
BackupWrite
GetDateFormatA
MoveFileA
GetCommMask
DisconnectNamedPipe
GetModuleHandleW
GetFileSizeEx
WinExec
VerLanguageNameA
AllocConsole
GetFileTime
Thread32Next
GetSystemInfo
GetNumberFormatW
Heap32ListFirst
VirtualQueryEx
IsBadStringPtrA
SetConsoleMode
GlobalSize
EnumCalendarInfoW
SetEndOfFile
GetLogicalDriveStringsW
PostQueuedCompletionStatus
GetConsoleScreenBufferInfo
lstrlenW
WriteProfileStringW
EnumUILanguagesW
LockResource
LocalFree
GetBinaryTypeA
CompareFileTime
FindFirstFileA
SetWaitableTimer
GlobalFindAtomA
GetModuleFileNameA
UnmapViewOfFile
LCMapStringW
LocalUnlock
BuildCommDCBA
GetTimeFormatW
LoadResource
_hwrite
SetFileAttributesW
PulseEvent
InitializeCriticalSectionAndSpinCount
_lclose
_lcreat
SetHandleCount
ClearCommBreak
VirtualAllocEx
RaiseException
OpenFile
GetCommModemStatus
SetVolumeLabelW
WritePrivateProfileStructA
CreateDirectoryExA
GetProcessHeaps
CreateFileW
LocalCompact
Sleep
SetMailslotInfo
GetTickCount
WriteConsoleOutputW
ResumeThread
Toolhelp32ReadProcessMemory
GetProcAddress
Module32Next
FindFirstVolumeW
CloseHandle
GetConsoleCP
EnumResourceLanguagesW
SetStdHandle
lstrlenA
IsProcessorFeaturePresent
CompareStringW
GetDiskFreeSpaceA
QueueUserWorkItem
GlobalGetAtomNameW
FileTimeToLocalFileTime
GetTempFileNameW
WaitNamedPipeW
GetLogicalDriveStringsA
SetConsoleCursorPosition
GetSystemDirectoryA
ExitThread
lstrcpyA
CreateProcessW
IsBadWritePtr
GetProfileIntW
ReadProcessMemory
GetStdHandle
MapViewOfFileEx
DefineDosDeviceA
GlobalFlags
TlsAlloc
_llseek
lstrcatA
GlobalUnlock
VerSetConditionMask
DeviceIoControl
ResetEvent
GetFileType
GetCommConfig
GlobalGetAtomNameA
FindFirstChangeNotificationA
IsDebuggerPresent
TlsFree
CreateFileMappingA
SetSystemTime
GetComputerNameA
GetPrivateProfileSectionNamesA
CopyFileExW
LocalAlloc
FileTimeToDosDateTime
FindCloseChangeNotification
FlushFileBuffers
GetNumberFormatA
GetLastError
GlobalAddAtomA
GetCurrentProcessId
GetEnvironmentStrings
GetLocaleInfoW
WritePrivateProfileSectionW
GetStringTypeW
ConvertThreadToFiber
DeleteCriticalSection
GlobalDeleteAtom
QueryPerformanceCounter
CreateNamedPipeA
Heap32First
GetConsoleOutputCP
SetProcessPriorityBoost
GetFileAttributesExW
InterlockedIncrement
Heap32Next
SetLocalTime
AddAtomW
HeapAlloc
lstrcmpiA
GetUserDefaultUILanguage
FreeEnvironmentStringsA
InitializeCriticalSection
GetQueuedCompletionStatus
CreateIoCompletionPort
SetCurrentDirectoryA
EnumSystemLocalesA
SuspendThread
EscapeCommFunction
GlobalReAlloc
GlobalFree
GetVolumePathNameA
CreateProcessA
WaitForDebugEvent
VerifyVersionInfoA
GetStringTypeA
WritePrivateProfileStructW
GetPrivateProfileSectionA
EnumCalendarInfoExW
SetThreadPriority
BeginUpdateResourceA
FindFirstFileExW
QueueUserAPC
BackupSeek
CreateToolhelp32Snapshot
OutputDebugStringA
LocalFileTimeToFileTime
GetPrivateProfileStringA
TerminateProcess
GetThreadTimes
GetDiskFreeSpaceExW
GetVolumeInformationW
HeapFree
GetDiskFreeSpaceW
_lread
WaitForSingleObjectEx
GetStartupInfoW
InterlockedDecrement
CreateFileMappingW
CreateDirectoryW
SetCommConfig
IsValidCodePage
CreateEventW
UnlockFileEx
FormatMessageW
GetCurrentThreadId
TlsGetValue
IsBadCodePtr
CreateDirectoryA
Process32Next
DebugBreak
CompareStringA
WritePrivateProfileStringA
OpenProcess
MoveFileExA
GetDriveTypeW
PeekNamedPipe
SetProcessAffinityMask
WaitForMultipleObjectsEx
HeapValidate
SleepEx
QueryPerformanceFrequency
OpenSemaphoreW
CopyFileExA
UnhandledExceptionFilter
GetThreadPriority
WriteProcessMemory
lstrcpynA
GetEnvironmentVariableA
GlobalHandle
FindResourceW
SetCommMask
GetLongPathNameA
ExpandEnvironmentStringsA
RemoveDirectoryA
SetVolumeLabelA
GetUserDefaultLCID
SetThreadExecutionState
GetSystemDirectoryW
GetFileInformationByHandle
SwitchToThread
TerminateThread
GetVolumeNameForVolumeMountPointA
SetTimeZoneInformation
GetAtomNameA
FindNextFileA
WaitForSingleObject
HeapCreate
Thread32First
FindResourceA
_lopen
DosDateTimeToFileTime
HeapSize
FlushConsoleInputBuffer
UpdateResourceA
GetThreadContext
SetProcessShutdownParameters
VirtualQuery
FindNextChangeNotification
GlobalLock
Process32FirstW
LocalHandle
SystemTimeToTzSpecificLocalTime
GetDiskFreeSpaceExA
GetVolumeNameForVolumeMountPointW
GetFileAttributesA
UpdateResourceW
SetThreadAffinityMask
GlobalAlloc
CreateFiber
ConnectNamedPipe
SetThreadLocale
GetTimeFormatA
GetVolumePathNameW
SwitchToFiber
GetProcessHeap
EnumResourceLanguagesA
OutputDebugStringW
GetOverlappedResult
SetConsoleCtrlHandler
GetCompressedFileSizeW
SetEnvironmentVariableW
OpenEventW
SetVolumeMountPointA
GetCPInfoExA
GetStringTypeExA
GetCurrencyFormatA
SetLastError
EnumResourceTypesA
FindFirstFileW
CreateWaitableTimerA
SetCurrentDirectoryW
DeleteFileA
ConvertDefaultLocale
VirtualAlloc
GetDriveTypeA
lstrcmpiW
GetCommTimeouts
GetUserDefaultLangID
IsDBCSLeadByteEx
GetSystemPowerStatus
SetThreadContext
GetSystemDefaultLCID
CreateEventA
GetSystemDefaultLangID
GetProcessWorkingSetSize
CreateMutexA
ClearCommError
_lwrite
RemoveDirectoryW
GetCurrentProcess
lstrcmpA
GetMailslotInfo
GetTempPathW
FindClose
InterlockedExchangeAdd
Process32NextW
DisableThreadLibraryCalls
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetFilePointerEx
InterlockedExchange
LocalReAlloc
RtlFillMemory
GetHandleInformation
LoadLibraryW
ReadDirectoryChangesW
GetFileSize
SetHandleInformation
GetStringTypeExW
WriteProfileStringA
GetThreadLocale
GetProfileSectionA
GetWindowsDirectoryW
VirtualFreeEx
GetPrivateProfileIntA
WaitCommEvent
RtlUnwind
GetVolumeInformationA
LeaveCriticalSection
GetCommState
SetEvent
FindResourceExA
GetCommandLineA
IsValidLocale
MoveFileW
GetComputerNameW
MultiByteToWideChar
FindVolumeClose
Module32NextW
TryEnterCriticalSection
DeleteFileW
GetShortPathNameA
WritePrivateProfileStringW
GetProcessTimes
CreateFileA
shell32
SHGetDataFromIDListW
SHFileOperationA
SHFileOperationW
SHBrowseForFolderW
SHCreateDirectoryExA
FindExecutableA
DragQueryFileW
SHGetFolderLocation
Shell_NotifyIconA
SHEmptyRecycleBinA
SHGetDesktopFolder
DragAcceptFiles
SHGetFolderPathW
SHChangeNotify
SHGetFileInfoW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetSpecialFolderLocation
DragFinish
SHAddToRecentDocs
ShellExecuteExW
CommandLineToArgvW
DuplicateIcon
SHGetPathFromIDListW
SHBrowseForFolderA
SHGetSpecialFolderPathA
ExtractIconExA
Shell_NotifyIconW
SHFreeNameMappings
SHGetPathFromIDListA
SHGetFileInfoA
SHBindToParent
ExtractIconExW
ExtractIconA
ShellExecuteA
DragQueryFileA
ShellExecuteExA
ord155
SHGetMalloc
SHAppBarMessage
SHGetDataFromIDListA
FindExecutableW
DoEnvironmentSubstW
DragQueryPoint
SHGetFolderPathA
ShellExecuteW
SHGetInstanceExplorer
ExtractIconW
oleaut32
LoadTypeLi
ole32
CoQueryProxyBlanket
CoRegisterClassObject
CoRevokeMallocSpy
CoGetObject
OleCreateStaticFromData
OleSaveToStream
CoCopyProxy
OleQueryLinkFromData
PropVariantClear
CoMarshalInterThreadInterfaceInStream
CoTreatAsClass
CoDisconnectObject
WriteFmtUserTypeStg
CoCreateInstance
CoReleaseMarshalData
BindMoniker
CoLockObjectExternal
OleTranslateAccelerator
StgOpenStorage
CreateItemMoniker
OleRegEnumVerbs
ReadClassStm
CreateDataAdviseHolder
CoGetClassObject
IIDFromString
CoImpersonateClient
CoRevokeClassObject
OleSetClipboard
OleRun
CoRegisterMallocSpy
DoDragDrop
RegisterDragDrop
CreateStreamOnHGlobal
CLSIDFromProgID
OleUninitialize
GetClassFile
StringFromIID
GetHGlobalFromStream
SetConvertStg
CoInitializeSecurity
OleLoad
StgOpenStorageOnILockBytes
OleDraw
OleLockRunning
ReadFmtUserTypeStg
StringFromGUID2
CreateILockBytesOnHGlobal
RevokeDragDrop
GetHGlobalFromILockBytes
StgCreateDocfile
OleLoadFromStream
OleCreateLinkFromData
CoRegisterMessageFilter
CreateOleAdviseHolder
OleDestroyMenuDescriptor
CoFileTimeNow
CoCreateGuid
CoRevertToSelf
OleCreateFromData
CreateClassMoniker
OleGetClipboard
StgCreateStorageEx
CoTaskMemAlloc
CoResumeClassObjects
CoCreateInstanceEx
MkParseDisplayName
WriteClassStm
ProgIDFromCLSID
OleCreateFromFile
CoGetMalloc
CoInitializeEx
CreateBindCtx
CoSuspendClassObjects
CreateFileMoniker
CoLoadLibrary
OleSetMenuDescriptor
CoFreeUnusedLibraries
CoUninitialize
OleInitialize
OleCreate
CreateGenericComposite
FreePropVariantArray
OleQueryCreateFromData
OleSave
CoSetProxyBlanket
OleRegGetMiscStatus
CoInitialize
OleCreateLinkToFile
OleSetContainedObject
StgCreateDocfileOnILockBytes
OleCreateMenuDescriptor
GetRunningObjectTable
CoUnmarshalInterface
CoTaskMemRealloc
StgIsStorageILockBytes
OleDuplicateData
OleRegGetUserType
CoGetInterfaceAndReleaseStream
StringFromCLSID
StgIsStorageFile
OleIsCurrentClipboard
ReleaseStgMedium
CoMarshalInterface
CLSIDFromString
WriteClassStg
OleIsRunning
OleGetIconOfClass
IsAccelerator
OleFlushClipboard
CoTaskMemFree
ReadClassStg
comctl32
ImageList_DragLeave
ImageList_AddIcon
ImageList_Merge
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_DragEnter
DrawStatusTextW
FlatSB_ShowScrollBar
ImageList_Read
MakeDragList
ImageList_Draw
InitCommonControlsEx
ImageList_Destroy
ImageList_GetIcon
ImageList_DragMove
CreatePropertySheetPageA
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_SetFlags
ImageList_SetIconSize
ImageList_Duplicate
CreateToolbarEx
ImageList_Copy
CreateUpDownControl
DestroyPropertySheetPage
InitializeFlatSB
ImageList_SetDragCursorImage
ImageList_Create
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_SetOverlayImage
CreatePropertySheetPageW
ImageList_Replace
ImageList_DrawEx
ImageList_SetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_Add
ImageList_Remove
ord17
ImageList_Write
CreateStatusWindowW
_TrackMouseEvent
FlatSB_EnableScrollBar
ImageList_EndDrag
ImageList_DrawIndirect
PropertySheetA
ImageList_GetImageCount
ImageList_LoadImage
PropertySheetW
ImageList_SetImageCount
gdi32
Rectangle
EnumFontFamiliesExA
FloodFill
SetLayout
GetCharABCWidthsFloatA
AbortDoc
CreateICA
StrokePath
GetTextCharsetInfo
GetBitmapDimensionEx
DeleteMetaFile
CopyMetaFileA
ExtTextOutA
GetTextExtentExPointW
GetEnhMetaFileA
DescribePixelFormat
CreateBitmap
FillRgn
EnumMetaFile
CloseEnhMetaFile
GetMetaFileBitsEx
GetArcDirection
GetDIBColorTable
UnrealizeObject
GdiFlush
SetDIBitsToDevice
LineDDA
CreateDCW
SetROP2
GetEnhMetaFileHeader
SetTextAlign
GetSystemPaletteEntries
CreateRectRgn
TranslateCharsetInfo
PtVisible
GetFontData
GetCharWidth32W
CreateICW
ExtFloodFill
GetCharacterPlacementW
GetMiterLimit
GetBkMode
RemoveFontResourceA
StartDocA
CombineRgn
BeginPath
EndPage
SetPaletteEntries
SetPixelFormat
CreateFontIndirectA
GetPath
GetTextExtentPoint32A
SetWindowExtEx
EnumEnhMetaFile
OffsetRgn
CreateMetaFileW
IntersectClipRect
EnumFontFamiliesExW
GetMetaFileA
PolyDraw
CloseFigure
GetTextMetricsW
GetGlyphOutlineA
CreateHalftonePalette
GetViewportExtEx
EnumFontFamiliesW
CopyEnhMetaFileW
GetMapMode
InvertRgn
CreateDIBPatternBrushPt
ExtCreatePen
GetCharWidthW
GetEnhMetaFilePaletteEntries
SetBitmapBits
PlayEnhMetaFileRecord
MaskBlt
GetDIBits
CreatePolygonRgn
SetGraphicsMode
SetAbortProc
GetCurrentPositionEx
GetCharABCWidthsW
SaveDC
DrawEscape
CreateRectRgnIndirect
DPtoLP
GetBkColor
SetPixelV
Chord
ScaleViewportExtEx
GetOutlineTextMetricsA
GetTextCharset
GetStockObject
ExtCreateRegion
CreateDIBitmap
SetStretchBltMode
ExtEscape
CopyMetaFileW
SetPixel
OffsetViewportOrgEx
StretchDIBits
SetTextColor
GetCharABCWidthsA
GetDeviceCaps
FrameRgn
FillPath
CreateFontW
GetFontLanguageInfo
SetPolyFillMode
ExcludeClipRect
SelectObject
SetMetaFileBitsEx
SetBrushOrgEx
GetEnhMetaFileBits
ResetDCW
SetWindowOrgEx
CreatePalette
EnumFontsW
GetCurrentObject
GetWindowOrgEx
GetNearestPaletteIndex
WidenPath
OffsetClipRgn
SetViewportExtEx
EnumFontsA
TextOutW
StretchBlt
GetTextExtentExPointA
Pie
GetObjectA
Polyline
PolyBezierTo
CloseMetaFile
CreateBrushIndirect
PlayEnhMetaFile
PlayMetaFile
EqualRgn
GetROP2
OffsetWindowOrgEx
GetTextFaceW
GetPaletteEntries
PlayMetaFileRecord
GetTextColor
Arc
RectInRegion
CreateEllipticRgn
CreateFontA
GetClipRgn
SetDIBits
GetClipBox
CreatePen
EnumFontFamiliesA
SetWorldTransform
SetRectRgn
PatBlt
ScaleWindowExtEx
CreatePatternBrush
GetPolyFillMode
AbortPath
GetNearestColor
SetBkMode
GetWinMetaFileBits
ResetDCA
Ellipse
GetBrushOrgEx
PolyPolygon
ModifyWorldTransform
SetBoundsRect
ExtSelectClipRgn
SetDIBColorTable
SetMapMode
MoveToEx
PaintRgn
RectVisible
CreateSolidBrush
GetViewportOrgEx
AddFontResourceA
SetWinMetaFileBits
CreateEllipticRgnIndirect
ArcTo
StrokeAndFillPath
EndDoc
GetCharWidthA
GetTextAlign
SetDCPenColor
GetCharWidthFloatA
CreateEnhMetaFileA
DeleteObject
SelectClipRgn
GetPixelFormat
PolyBezier
RestoreDC
StartDocW
AngleArc
SetICMProfileA
CreateDiscardableBitmap
SetTextJustification
GetTextExtentPointW
GetLayout
GetCharABCWidthsFloatW
CreateBitmapIndirect
GdiComment
PathToRegion
CreateCompatibleBitmap
UpdateColors
LPtoDP
GetRegionData
SelectPalette
GetTextFaceA
ChoosePixelFormat
SetMiterLimit
Escape
CreateCompatibleDC
TextOutA
GetMetaRgn
CreateDCA
GetAspectRatioFilterEx
PolyPolyline
SetBkColor
SelectClipPath
GetCharWidth32A
StartPage
CreateDIBSection
GetColorAdjustment
PtInRegion
RoundRect
CreatePenIndirect
CreateRoundRectRgn
GetGraphicsMode
CreatePolyPolygonRgn
LineTo
CreateEnhMetaFileW
SetViewportOrgEx
GetEnhMetaFileW
GetStretchBltMode
EnumObjects
GetTextExtentPointA
PlgBlt
GetBitmapBits
SetEnhMetaFileBits
SetBitmapDimensionEx
GetRgnBox
GetTextExtentPoint32W
GetGlyphOutlineW
BitBlt
ResizePalette
DeleteEnhMetaFile
SetColorAdjustment
RealizePalette
SwapBuffers
GetPixel
SetTextCharacterExtra
FlattenPath
SetMapperFlags
GetKerningPairsA
CopyEnhMetaFileA
AnimatePalette
CreateHatchBrush
GetBoundsRect
CreateFontIndirectW
GetObjectType
EndPath
GetTextMetricsA
SetDCBrushColor
GetDCOrgEx
GetTextCharacterExtra
SetICMMode
DeleteDC
CreateMetaFileA
SetArcDirection
GetObjectW
GetWindowExtEx
Polygon
ExtTextOutW
PolylineTo
advapi32
IsValidAcl
ControlService
LsaOpenPolicy
CloseServiceHandle
RegGetKeySecurity
GetNamedSecurityInfoA
LsaQueryInformationPolicy
RegEnumKeyExA
GetExplicitEntriesFromAclW
CryptAcquireContextA
CloseEncryptedFileRaw
SetFileSecurityA
ChangeServiceConfig2A
GetUserNameW
LsaFreeMemory
RegCloseKey
RegOpenKeyExW
StartServiceCtrlDispatcherA
RegNotifyChangeKeyValue
RegEnumValueW
UnlockServiceDatabase
DeleteAce
LookupAccountSidW
RegSetKeySecurity
IsValidSid
EnumServicesStatusA
CryptVerifySignatureA
GetAclInformation
RegRestoreKeyA
RegEnumKeyA
CryptCreateHash
CryptEnumProvidersW
InitializeSid
CryptGenRandom
QueryServiceConfigA
GetSidIdentifierAuthority
ReadEncryptedFileRaw
RegOpenKeyExA
LockServiceDatabase
InitiateSystemShutdownA
RegEnumKeyExW
ConvertSidToStringSidW
SetServiceObjectSecurity
QueryServiceLockStatusW
SetSecurityInfo
LogonUserW
InitializeAcl
CopySid
ReportEventW
RegLoadKeyA
IsValidSecurityDescriptor
RegSaveKeyA
SetFileSecurityW
RegDisablePredefinedCache
RegEnumKeyW
RegOpenKeyA
RegQueryValueExA
GetSecurityInfo
RegQueryValueW
RegisterServiceCtrlHandlerW
OpenThreadToken
GetUserNameA
SetEntriesInAclA
RevertToSelf
RegDeleteKeyW
RegCreateKeyExA
ImpersonateNamedPipeClient
DuplicateToken
SetSecurityDescriptorOwner
StartServiceW
CryptDecrypt
ImpersonateLoggedOnUser
MapGenericMask
GetSidSubAuthorityCount
RegisterServiceCtrlHandlerExA
GetFileSecurityA
LsaClose
RegQueryInfoKeyW
RegDeleteKeyA
CryptGetHashParam
CryptDestroyHash
LookupPrivilegeValueW
RegSetValueW
ConvertStringSidToSidA
GetNamedSecurityInfoW
LsaAddAccountRights
DeleteService
GetSecurityDescriptorOwner
RegConnectRegistryA
ConvertSecurityDescriptorToStringSecurityDescriptorW
DuplicateTokenEx
AllocateAndInitializeSid
SetServiceStatus
QueryServiceConfigW
EqualPrefixSid
CryptImportKey
SetNamedSecurityInfoW
CryptAcquireContextW
EncryptFileW
WriteEncryptedFileRaw
GetTokenInformation
LookupAccountNameA
RegConnectRegistryW
RegDeleteValueA
RegQueryValueExW
AccessCheck
QueryServiceStatusEx
GetEffectiveRightsFromAclA
LogonUserA
CryptHashData
SetEntriesInAclW
RegUnLoadKeyW
CryptDeriveKey
RegQueryInfoKeyA
RegEnumValueA
CryptGetUserKey
DeregisterEventSource
OpenServiceW
GetSidLengthRequired
CryptExportKey
CreateServiceA
InitializeSecurityDescriptor
LsaRemoveAccountRights
EqualSid
RegCreateKeyA
ChangeServiceConfig2W
RegisterServiceCtrlHandlerA
SetNamedSecurityInfoA
LsaLookupSids
QueryServiceStatus
LookupAccountSidA
OpenEncryptedFileRawW
AddAccessAllowedAce
RegLoadKeyW
RegRestoreKeyW
LookupPrivilegeValueA
BuildTrusteeWithNameW
RegSetValueExA
OpenSCManagerW
ReportEventA
BuildExplicitAccessWithNameW
CreateProcessAsUserW
GetLengthSid
RegDeleteValueW
RegisterEventSourceA
ConvertStringSidToSidW
StartServiceCtrlDispatcherW
AddAce
CryptReleaseContext
LookupPrivilegeNameA
GetSecurityDescriptorLength
SetTokenInformation
CryptEncrypt
RegSetValueExW
GetKernelObjectSecurity
LsaLookupNames
RegFlushKey
SetSecurityDescriptorSacl
GetSecurityDescriptorControl
SetSecurityDescriptorGroup
StartServiceA
CreateWellKnownSid
CreateProcessAsUserA
CryptSetProvParam
EnumDependentServicesW
SetSecurityDescriptorControl
LookupPrivilegeDisplayNameA
CreateServiceW
InitiateSystemShutdownExW
CryptDestroyKey
RegQueryValueA
MakeAbsoluteSD
LsaNtStatusToWinError
GetSecurityDescriptorGroup
RegUnLoadKeyA
RegCreateKeyW
BuildTrusteeWithSidW
ImpersonateSelf
GetSidSubAuthority
OpenServiceA
GetFileSecurityW
OpenSCManagerA
SetThreadToken
AdjustTokenPrivileges
GetAce
FreeSid
RegCreateKeyExW
ChangeServiceConfigW
CryptGetKeyParam
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
RegOpenKeyW
SetSecurityDescriptorDacl
OpenProcessToken
CheckTokenMembership
CryptGenKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
ChangeServiceConfigA
RegOpenCurrentUser
RegSaveKeyW
RegisterEventSourceW
LookupAccountNameW
MakeSelfRelativeSD
RegSetValueA
user32
GetWindowTextLengthW
TranslateMDISysAccel
RegisterDeviceNotificationW
ToAscii
FindWindowExA
GetClassLongA
SendMessageTimeoutA
MapVirtualKeyW
UnregisterClassA
GetClassInfoExW
SetWindowTextW
GetKeyboardLayout
GetMenuItemCount
ShowScrollBar
GetWindowWord
LoadStringW
GetWindowRect
DdeQueryStringA
TileWindows
RemoveMenu
UnionRect
OemToCharBuffA
IsZoomed
FillRect
DialogBoxIndirectParamW
AppendMenuA
InflateRect
DlgDirListA
CreateIcon
AppendMenuW
DrawEdge
CreateDialogParamW
VkKeyScanA
LoadAcceleratorsW
RealChildWindowFromPoint
DdeCreateDataHandle
DdeCreateStringHandleA
WaitMessage
UpdateWindow
LoadMenuIndirectA
EnableMenuItem
DestroyAcceleratorTable
IsChild
IsDialogMessage
ChangeDisplaySettingsW
DrawTextExW
MoveWindow
GetScrollInfo
LoadIconA
DeferWindowPos
GetUpdateRect
GetCapture
SetWindowLongA
CharPrevA
FindWindowW
ToAsciiEx
DefWindowProcA
ChildWindowFromPoint
DestroyMenu
SendMessageA
GetCaretBlinkTime
BeginDeferWindowPos
OpenInputDesktop
IsCharAlphaNumericA
CallWindowProcW
WindowFromDC
CharUpperW
CharNextExA
GetClassWord
wvsprintfW
SetMenuItemBitmaps
BringWindowToTop
GetScrollPos
ExitWindowsEx
SetCaretPos
FlashWindowEx
CreateIconFromResourceEx
GetWindowInfo
DdePostAdvise
IsCharLowerW
DragDetect
AllowSetForegroundWindow
BeginPaint
EnableScrollBar
ScrollDC
SwitchDesktop
DefDlgProcA
GetMenuStringA
ValidateRgn
RegisterClassExW
GetMenuState
GetQueueStatus
GetMenuItemRect
SetRectEmpty
ScrollWindow
GetSysColorBrush
DdeInitializeA
SetDlgItemTextW
IsCharAlphaA
SetForegroundWindow
WindowFromPoint
CharUpperBuffW
GetTopWindow
GetWindowContextHelpId
EndDeferWindowPos
GetMessageExtraInfo
WinHelpA
PostMessageA
SetCursor
RemovePropW
InvalidateRect
CopyImage
GetUpdateRgn
OemToCharA
AdjustWindowRect
GetMessageTime
DeleteMenu
GetMonitorInfoW
ShowWindow
AttachThreadInput
CharLowerBuffW
CharLowerW
GetClipboardOwner
GetTabbedTextExtentA
EndPaint
SetClipboardViewer
GetClassNameW
GetClipboardViewer
CheckMenuItem
IsDialogMessageA
ArrangeIconicWindows
CreateDesktopW
EnableWindow
FlashWindow
CheckRadioButton
CreateDialogParamA
PeekMessageA
GetLastInputInfo
DefFrameProcW
GetLastActivePopup
DdeFreeDataHandle
SetWindowRgn
SendDlgItemMessageW
InvertRect
ModifyMenuW
SetProcessWindowStation
EnumClipboardFormats
IsIconic
SetRect
CreatePopupMenu
MsgWaitForMultipleObjects
SubtractRect
SetDlgItemTextA
GetDC
DrawTextW
RedrawWindow
LoadBitmapW
MessageBoxIndirectA
IsWindowVisible
LoadKeyboardLayoutA
GetMonitorInfoA
GetMessagePos
IsDialogMessageW
SendInput
CloseWindowStation
SetWindowPlacement
SetUserObjectSecurity
SendDlgItemMessageA
LoadCursorFromFileA
SystemParametersInfoW
keybd_event
DrawIcon
ExcludeUpdateRgn
IsMenu
DialogBoxParamW
CheckDlgButton
ClipCursor
CreateMenu
GetDoubleClickTime
CreateMDIWindowA
GetMessageW
DrawTextExA
GetForegroundWindow
IsDlgButtonChecked
GetKeyNameTextA
CloseDesktop
OpenWindowStationA
ToUnicodeEx
DdeNameService
SendNotifyMessageW
CreateCursor
GetDlgItem
GetInputState
GetPropA
LoadCursorW
InvalidateRgn
LoadImageW
PostMessageW
MapVirtualKeyExA
IsCharLowerA
CharToOemBuffA
CallMsgFilterA
GetDlgItemTextA
DdeCreateStringHandleW
TrackPopupMenuEx
UnregisterDeviceNotification
RegisterHotKey
RegisterWindowMessageA
MenuItemFromPoint
GetMenuItemInfoW
ScreenToClient
GetThreadDesktop
GetMenuDefaultItem
LoadStringA
GetPropW
GetCursorInfo
SetParent
CreateAcceleratorTableW
GetClassInfoExA
EqualRect
FreeDDElParam
InsertMenuW
DdeGetData
UnhookWindowsHookEx
GetMenu
CascadeWindows
RegisterClipboardFormatA
SetMenuDefaultItem
OpenIcon
GetWindowDC
IsCharUpperA
SetLayeredWindowAttributes
EnumDesktopWindows
GetNextDlgGroupItem
InsertMenuA
GetTitleBarInfo
EnumChildWindows
OpenWindowStationW
SetScrollInfo
ChangeDisplaySettingsA
GetCursor
GetWindowLongW
InSendMessage
CreateDialogIndirectParamA
ChangeClipboardChain
SetThreadDesktop
RemovePropA
SetMenu
GetScrollRange
CreateIconFromResource
GetDesktopWindow
KillTimer
ValidateRect
mouse_event
EnumThreadWindows
RegisterClassA
ModifyMenuA
SetScrollRange
MessageBeep
LoadCursorA
GetWindowTextLengthA
GetClassNameA
TranslateAcceleratorA
DialogBoxIndirectParamA
DefFrameProcA
GetKeyboardState
GetDlgItemTextW
EnumDisplayMonitors
SendMessageW
TrackPopupMenu
LoadCursorFromFileW
SendNotifyMessageA
GetUserObjectInformationW
PostQuitMessage
MessageBoxA
MapDialogRect
SetWindowLongW
DdeClientTransaction
GetSubMenu
EnumDisplaySettingsW
MapVirtualKeyA
InsertMenuItemA
CheckMenuRadioItem
PtInRect
GetClassInfoA
AnimateWindow
ReleaseCapture
GetScrollBarInfo
CreateWindowExW
NotifyWinEvent
DlgDirSelectExA
RegisterClipboardFormatW
CallNextHookEx
SystemParametersInfoA
SetClipboardData
GetWindowModuleFileNameW
GetAsyncKeyState
SetKeyboardState
SwapMouseButton
TabbedTextOutW
CopyIcon
GetFocus
MessageBoxExA
LookupIconIdFromDirectoryEx
GetClientRect
DdeUnaccessData
DdeInitializeW
DrawAnimatedRects
GetWindowTextW
GetGUIThreadInfo
MapVirtualKeyExW
PostThreadMessageW
CharNextA
GetKeyState
GetClipboardData
PeekMessageW
SetClassLongW
SetMenuInfo
ScrollWindowEx
GetClipboardFormatNameA
IntersectRect
GetUserObjectSecurity
DlgDirListComboBoxW
GetClassInfoW
GetWindowRgn
PackDDElParam
MonitorFromPoint
SetActiveWindow
InsertMenuItemW
GetMenuCheckMarkDimensions
CountClipboardFormats
GetWindowLongA
CharLowerA
DlgDirSelectComboBoxExA
OpenClipboard
GetDlgCtrlID
CharToOemA
LockWindowUpdate
SetScrollPos
CopyAcceleratorTableA
FrameRect
IsCharAlphaNumericW
EnumDisplaySettingsA
TranslateMessage
GetCaretPos
MonitorFromWindow
DestroyCursor
IsWindow
SetCapture
DispatchMessageA
CreateWindowExA
SetWindowsHookExW
BroadcastSystemMessage
LoadImageA
WaitForInputIdle
CopyAcceleratorTableW
CreateCaret
SetMenuContextHelpId
OffsetRect
DrawStateW
GetMenuBarInfo
SetDlgItemInt
SetWindowTextA
CharLowerBuffA
DispatchMessageW
DrawTextA
GrayStringA
LookupIconIdFromDirectory
DefMDIChildProcW
RegisterClassExA
GetWindowPlacement
DrawCaption
SetDoubleClickTime
GetWindowThreadProcessId
TranslateAcceleratorW
wvsprintfA
GetMenuItemInfoA
IsWindowEnabled
DdeConnect
IsClipboardFormatAvailable
CallWindowProcA
ChildWindowFromPointEx
UnpackDDElParam
GetDCEx
EnumWindows
GetUserObjectInformationA
ShowCaret
MapWindowPoints
DestroyWindow
DdeGetLastError
EndDialog
ShowCursor
TabbedTextOutA
UnhookWinEvent
DdeDisconnect
DdeFreeStringHandle
wsprintfW
VkKeyScanExA
CopyRect
AdjustWindowRectEx
VkKeyScanW
DrawFocusRect
GetClipboardFormatNameW
GrayStringW
OpenDesktopW
HiliteMenuItem
TileChildWindows
GetKeyNameTextW
GetKeyboardLayoutList
DefMDIChildProcA
GetWindow
LoadMenuIndirectW
DialogBoxParamA
DestroyCaret
SetPropA
MonitorFromRect
IsWindowUnicode
GetIconInfo
GetMenuContextHelpId
HideCaret
LoadMenuA
FindWindowExW
GetActiveWindow
ShowWindowAsync
GetKeyboardLayoutNameA
SetMessageExtraInfo
GetSysColor
DestroyIcon
DrawIconEx
CloseWindow
SetWindowContextHelpId
GetSystemMetrics
DdeUninitialize
RegisterClassW
ShowOwnedPopups
IsRectEmpty
DrawStateA
CreateIconIndirect
GetNextDlgTabItem
DdeAccessData
FindWindowA
LoadAcceleratorsA
DlgDirListComboBoxA
ReleaseDC
DdeQueryStringW
GetCursorPos
OpenDesktopA
GetMenuItemID
GetOpenClipboardWindow
SetWindowsHookExA
GetClipCursor
GetComboBoxInfo
ReplyMessage
ToUnicode
TrackMouseEvent
WinHelpW
DefWindowProcW
UnregisterHotKey
GetDlgItemInt
CharUpperA
UnregisterClassW
CreateMDIWindowW
CloseClipboard
GetClassLongW
SetMenuItemInfoA
DrawMenuBar
SendMessageTimeoutW
RegisterWindowMessageW
CharUpperBuffA
LoadBitmapA
MessageBoxW
SetCursorPos
GetMenuInfo
GetSystemMenu
CreateDialogIndirectParamW
SetMenuItemInfoW
SetWindowPos
SetTimer
GetParent
wsprintfA
CreateAcceleratorTableA
SetFocus
DrawFrameControl
SetCaretBlinkTime
GetProcessWindowStation
LockSetForegroundWindow
ReuseDDElParam
ActivateKeyboardLayout
GetMessageA
MsgWaitForMultipleObjectsEx
LoadIconW
SetClassLongA
GetMenuStringW
LoadMenuW
SetPropW
GetWindowTextA
GetAncestor
ClientToScreen
EmptyClipboard
PostThreadMessageA
Sections
.text Size: 76KB - Virtual size: 72KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 296KB - Virtual size: 295KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 104KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ