Static task
static1
Behavioral task
behavioral1
Sample
c3a9ebc35c0b9ddce1d79ee3f04f82d9937ce7d46f255580777e700c4df2d346.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
c3a9ebc35c0b9ddce1d79ee3f04f82d9937ce7d46f255580777e700c4df2d346.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
c3a9ebc35c0b9ddce1d79ee3f04f82d9937ce7d46f255580777e700c4df2d346
-
Size
584KB
-
MD5
cc4b45f4434dfce63b2c5f568ebdacbe
-
SHA1
4ef06e5635a116726be4cb67ea5933f767f2ff52
-
SHA256
c3a9ebc35c0b9ddce1d79ee3f04f82d9937ce7d46f255580777e700c4df2d346
-
SHA512
dd69957117273e79f7d66be5615b7b4276f781f29e87030f8586d4a8faefba5e21358035cf9a966d95b5d6872d4bc7efec7802975828e896f2e74bbdcf802a0d
-
SSDEEP
12288:KyaMQ29bFwy7XNKdiAdPVpVx9WbffGUedfVk:Kypbiy7XIdiAdhjWb2U8k
Malware Config
Signatures
Files
-
c3a9ebc35c0b9ddce1d79ee3f04f82d9937ce7d46f255580777e700c4df2d346.exe windows x86
87109bb68f74a55f6c0f80e4dac86353
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
CoLockObjectExternal
OleFlushClipboard
CoSuspendClassObjects
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
FreePropVariantArray
PropVariantClear
CoRevokeMallocSpy
CoCopyProxy
CoResumeClassObjects
StgIsStorageFile
CoCreateInstance
CreateFileMoniker
OleQueryLinkFromData
OleGetIconOfClass
CreateDataAdviseHolder
OleCreateLinkToFile
OleLoadFromStream
CoCreateInstanceEx
ProgIDFromCLSID
OleLoad
OleCreateMenuDescriptor
CoInitialize
OleSave
CoTaskMemFree
CoQueryProxyBlanket
CoRegisterClassObject
CoMarshalInterface
OleRegEnumVerbs
ReleaseStgMedium
OleCreateFromData
OleTranslateAccelerator
CoTaskMemAlloc
StgIsStorageILockBytes
CoFreeUnusedLibraries
OleQueryCreateFromData
OleSaveToStream
GetHGlobalFromStream
CoImpersonateClient
OleRegGetUserType
CoInitializeSecurity
IIDFromString
CoRegisterMessageFilter
CoUninitialize
CoGetInterfaceAndReleaseStream
OleRegGetMiscStatus
CoLoadLibrary
OleSetClipboard
StgOpenStorage
RegisterDragDrop
CLSIDFromString
CoDisconnectObject
MkParseDisplayName
OleCreateFromFile
OleDuplicateData
ReadClassStg
CreateGenericComposite
WriteFmtUserTypeStg
OleCreate
WriteClassStm
GetHGlobalFromILockBytes
GetClassFile
CoRevertToSelf
OleIsCurrentClipboard
CreateItemMoniker
WriteClassStg
ReadFmtUserTypeStg
CoRegisterMallocSpy
CoFileTimeNow
CoGetObject
StgOpenStorageOnILockBytes
CLSIDFromProgID
CreateOleAdviseHolder
OleGetClipboard
DoDragDrop
StringFromIID
CoCreateGuid
CreateILockBytesOnHGlobal
CoInitializeEx
OleInitialize
StringFromCLSID
OleSetContainedObject
OleLockRunning
StgCreateDocfile
OleRun
OleCreateStaticFromData
OleDraw
CoGetMalloc
OleDestroyMenuDescriptor
OleCreateLinkFromData
OleSetMenuDescriptor
CreateBindCtx
CoTreatAsClass
ReadClassStm
StgCreateStorageEx
CreateClassMoniker
OleIsRunning
RevokeDragDrop
CoRevokeClassObject
StgCreateDocfileOnILockBytes
OleUninitialize
CoReleaseMarshalData
CoGetClassObject
GetRunningObjectTable
CoSetProxyBlanket
SetConvertStg
CreateStreamOnHGlobal
BindMoniker
IsAccelerator
CoTaskMemRealloc
StringFromGUID2
oleaut32
LoadTypeLi
rpcrt4
RpcStringBindingComposeA
RpcStringFreeA
I_RpcGetBuffer
NdrClientCall2
NdrServerCall2
UuidToStringW
RpcStringFreeW
NdrPointerBufferSize
NdrConformantStringUnmarshall
NdrPointerFree
NdrPointerMarshall
NdrConvert
RpcMgmtStopServerListening
RpcServerRegisterIf
UuidFromStringA
RpcServerListen
RpcBindingFree
NdrServerInitializeNew
UuidToStringA
RpcRaiseException
UuidCreateSequential
RpcServerUseProtseqEpA
NdrServerCall
UuidFromStringW
RpcServerUnregisterIf
RpcBindingFromStringBindingA
UuidCreate
kernel32
FlushInstructionCache
_lclose
SetThreadAffinityMask
SetErrorMode
GetConsoleScreenBufferInfo
LoadResource
SearchPathA
DebugBreak
FindFirstVolumeW
GetEnvironmentStrings
DeleteFileW
WriteFile
GetFileSize
GetShortPathNameW
BackupRead
OpenSemaphoreA
GlobalUnlock
GetPrivateProfileStringA
OpenMutexA
BuildCommDCBA
GetTempPathW
GetPriorityClass
UpdateResourceW
SetFileAttributesA
GetDiskFreeSpaceW
CreateDirectoryW
DeleteFileA
GetCPInfo
GetSystemWindowsDirectoryA
GlobalFindAtomW
SetConsoleMode
ReleaseMutex
GetUserDefaultLangID
MapViewOfFileEx
GetCurrentThreadId
SetCommMask
GetDateFormatW
Heap32Next
CreateFileA
DeleteAtom
GetVersion
Module32FirstW
Process32Next
VirtualAlloc
HeapFree
OpenFileMappingA
CopyFileExA
GetSystemInfo
FindVolumeClose
Heap32ListNext
FindNextFileA
ResumeThread
GetFileAttributesA
SetFilePointer
GetConsoleCP
QueryPerformanceFrequency
GetDiskFreeSpaceA
CreateEventW
RaiseException
LoadLibraryA
CompareFileTime
GlobalAddAtomA
HeapValidate
OpenMutexW
AllocConsole
EnumCalendarInfoW
WriteConsoleOutputW
WritePrivateProfileSectionA
_hwrite
GetLongPathNameA
SetupComm
ReadProcessMemory
ClearCommBreak
CreateSemaphoreA
DeleteVolumeMountPointW
GlobalGetAtomNameA
SetTimeZoneInformation
EnumSystemLocalesA
GetOverlappedResult
LocalFree
VerifyVersionInfoA
GetCommandLineW
SetEnvironmentVariableA
GetDriveTypeW
GetStringTypeExA
GetFileSizeEx
SetProcessShutdownParameters
SetVolumeMountPointA
LocalUnlock
IsValidCodePage
OpenSemaphoreW
WritePrivateProfileSectionW
DeleteVolumeMountPointA
SetWaitableTimer
GetPrivateProfileStringW
SuspendThread
SetComputerNameW
SetLastError
GetProfileIntW
InterlockedDecrement
IsDBCSLeadByteEx
BackupSeek
WriteProcessMemory
GetTapeParameters
GetExitCodeThread
GlobalHandle
InterlockedExchangeAdd
TlsAlloc
GetAtomNameA
VerLanguageNameA
GetProcessVersion
SetProcessWorkingSetSize
FindCloseChangeNotification
UnmapViewOfFile
GetComputerNameW
GetLogicalDriveStringsA
lstrlenW
SetMailslotInfo
SwitchToThread
GetConsoleOutputCP
GetLogicalDriveStringsW
SetConsoleTitleW
FindResourceA
GetProcessHeaps
TerminateProcess
GetCommTimeouts
WaitCommEvent
GetDiskFreeSpaceExA
FormatMessageW
ExpandEnvironmentStringsA
SetProcessPriorityBoost
PeekNamedPipe
GetCurrentProcess
OpenThread
FlushFileBuffers
DeleteFiber
GetThreadContext
WriteFileEx
WaitForSingleObject
FindResourceW
GetStdHandle
GetEnvironmentVariableA
DosDateTimeToFileTime
CreateIoCompletionPort
LCMapStringW
SetThreadExecutionState
HeapCompact
SetCommTimeouts
GetDiskFreeSpaceExW
SetCurrentDirectoryA
lstrcpyW
VirtualFree
PostQueuedCompletionStatus
SetCommConfig
GlobalMemoryStatusEx
GetUserDefaultLCID
GetThreadLocale
HeapSize
SetTapePosition
InterlockedExchange
GetProfileIntA
GetNumberFormatW
GetShortPathNameA
LocalAlloc
GetCurrentProcessId
GetCompressedFileSizeW
SetThreadLocale
lstrcatW
GetUserDefaultUILanguage
CreateProcessA
IsValidLocale
GetFullPathNameW
lstrcatA
QueryDosDeviceW
GetMailslotInfo
lstrcpynA
GetLongPathNameW
OutputDebugStringW
EnumResourceLanguagesW
SetVolumeLabelW
UpdateResourceA
EnumResourceNamesA
FindFirstChangeNotificationW
AddAtomW
IsBadStringPtrW
lstrcmpA
CreateMailslotA
GetCPInfoExA
GetDateFormatA
VirtualQuery
SetVolumeLabelA
CreateEventA
DeleteCriticalSection
RemoveDirectoryA
ReadDirectoryChangesW
GetPrivateProfileSectionA
FindNextVolumeW
SetThreadContext
ReleaseSemaphore
IsProcessorFeaturePresent
BackupWrite
GlobalFlags
Thread32First
TlsGetValue
GetLocalTime
OpenProcess
SystemTimeToTzSpecificLocalTime
EnumUILanguagesW
OpenEventA
GetStringTypeA
WinExec
WriteProfileStringA
FormatMessageA
TerminateThread
WriteConsoleA
FindResourceExA
GetCommState
LocalFileTimeToFileTime
VirtualQueryEx
Process32FirstW
OpenEventW
GetStringTypeW
lstrlenA
GetEnvironmentStringsW
CreateDirectoryA
GetFileType
GetVolumeInformationW
GetTickCount
GetThreadTimes
LocalSize
SizeofResource
GetStringTypeExW
WaitNamedPipeW
PurgeComm
GetVolumeNameForVolumeMountPointW
FreeEnvironmentStringsA
VirtualProtectEx
GetCurrentThread
GetProfileStringW
OpenFileMappingW
SetEndOfFile
OutputDebugStringA
LoadLibraryExA
VirtualFreeEx
LoadLibraryW
Process32NextW
SwitchToFiber
Beep
GetFileAttributesW
CommConfigDialogW
GetExitCodeProcess
SearchPathW
IsBadStringPtrA
GetTimeZoneInformation
Module32Next
GetVersionExA
GetCurrentDirectoryA
GetVolumePathNameW
GetTempPathA
GetFileTime
MapViewOfFile
TlsSetValue
CreateNamedPipeW
FindAtomW
FlushConsoleInputBuffer
GetQueuedCompletionStatus
GetSystemTime
WriteProfileStringW
HeapReAlloc
ResetEvent
Heap32ListFirst
Heap32First
GetBinaryTypeA
FlushViewOfFile
InterlockedCompareExchange
FindNextFileW
InitializeCriticalSectionAndSpinCount
GetProcessAffinityMask
CreateMutexW
SetFileTime
GetStartupInfoW
EndUpdateResourceW
GetCurrentDirectoryW
SetThreadPriority
MoveFileA
GetLocaleInfoW
SetSystemTime
CreateWaitableTimerW
GetCommConfig
EnumResourceNamesW
FreeConsole
FindFirstFileA
Module32First
SetCommState
GetFileAttributesExW
GetLocaleInfoA
CreateFileMappingA
WritePrivateProfileStructA
HeapAlloc
SetEnvironmentVariableW
WritePrivateProfileStructW
VirtualLock
GetModuleHandleW
SetHandleCount
CancelIo
SystemTimeToFileTime
CreateNamedPipeA
ContinueDebugEvent
Sleep
GetProfileStringA
lstrcpynW
ProcessIdToSessionId
MoveFileExW
WaitNamedPipeA
LeaveCriticalSection
lstrcmpiW
EnumSystemLanguageGroupsW
ConvertDefaultLocale
GetSystemDefaultLangID
ExpandEnvironmentStringsW
GetSystemPowerStatus
CreateToolhelp32Snapshot
Process32First
CreateProcessW
BeginUpdateResourceW
EnumCalendarInfoExW
GetTimeFormatA
FindClose
DeviceIoControl
GetProcessWorkingSetSize
ConnectNamedPipe
GetCommProperties
GetSystemTimeAsFileTime
GetComputerNameExA
GetProfileSectionA
GetProcessHeap
LCMapStringA
GlobalAlloc
GetProcessTimes
GlobalGetAtomNameW
GetThreadPriority
FindResourceExW
GlobalFree
SleepEx
GetWindowsDirectoryA
GetNumberFormatA
CopyFileW
_lread
MoveFileExA
LocalLock
SetPriorityClass
FileTimeToLocalFileTime
FileTimeToDosDateTime
lstrcpyA
WaitForDebugEvent
CreateDirectoryExA
PulseEvent
ReadFile
GetComputerNameA
CompareStringW
RtlUnwind
GetCommMask
GlobalLock
SetProcessAffinityMask
QueueUserAPC
SetHandleInformation
GetEnvironmentVariableW
LockFile
RemoveDirectoryW
InterlockedIncrement
FindFirstChangeNotificationA
CreateWaitableTimerA
MultiByteToWideChar
GetWindowsDirectoryW
IsDebuggerPresent
EnumLanguageGroupLocalesW
IsDBCSLeadByte
GlobalDeleteAtom
HeapDestroy
QueryPerformanceCounter
SetNamedPipeHandleState
SetCurrentDirectoryW
SetFilePointerEx
VirtualProtect
ClearCommError
FatalAppExitA
WideCharToMultiByte
IsBadWritePtr
ExitProcess
GetFileAttributesExA
EnterCriticalSection
WaitForMultipleObjectsEx
EnumResourceTypesA
GetTimeFormatW
WaitForMultipleObjects
GetTempFileNameW
AreFileApisANSI
ReadConsoleInputA
DisconnectNamedPipe
UnlockFileEx
GetCommModemStatus
EndUpdateResourceA
CloseHandle
GetVersionExW
LockFileEx
lstrcmpiA
FileTimeToSystemTime
TransmitCommChar
GetSystemDirectoryA
GetComputerNameExW
GetPrivateProfileStructA
GetPrivateProfileSectionNamesA
VirtualUnlock
CreateMutexA
EnumCalendarInfoA
Module32NextW
CreateFileW
FreeEnvironmentStringsW
LoadLibraryExW
GetSystemDirectoryW
ConvertThreadToFiber
GetLastError
QueryDosDeviceA
WriteConsoleW
SetCommBreak
GetStartupInfoA
DuplicateHandle
GlobalSize
_lopen
FindFirstFileW
WritePrivateProfileStringA
GetOEMCP
GlobalMemoryStatus
CreateFiber
DisableThreadLibraryCalls
GetProcAddress
GetVolumeNameForVolumeMountPointA
FindNextChangeNotification
GetConsoleMode
SetFileAttributesW
GetSystemDefaultLCID
CreateFileMappingW
FindFirstFileExW
_lwrite
MulDiv
CopyFileA
EnumResourceLanguagesA
IsBadReadPtr
ExitThread
_lcreat
GetPrivateProfileIntW
GetHandleInformation
GetPrivateProfileIntA
SetStdHandle
GetACP
GetCurrencyFormatA
FreeLibrary
MoveFileW
GetVolumeInformationA
Thread32Next
GetModuleFileNameW
CreateSemaphoreW
EscapeCommFunction
GetModuleFileNameA
VirtualAllocEx
DebugActiveProcess
VerSetConditionMask
DefineDosDeviceA
LocalHandle
GlobalAddAtomW
GlobalReAlloc
CompareStringA
SetEvent
BeginUpdateResourceA
_llseek
WritePrivateProfileStringW
UnlockFile
LockResource
RtlFillMemory
LocalCompact
CopyFileExW
WaitForSingleObjectEx
Toolhelp32ReadProcessMemory
VerifyVersionInfoW
InitializeCriticalSection
GetDriveTypeA
GetVolumePathNameA
SetUnhandledExceptionFilter
SetLocalTime
GetCommandLineA
GetLogicalDrives
HeapCreate
IsBadCodePtr
_hread
GetFileInformationByHandle
FreeResource
GetTempFileNameA
GetFullPathNameA
lstrcmpW
GlobalFindAtomA
user32
ChildWindowFromPoint
LoadKeyboardLayoutA
SetScrollPos
SendNotifyMessageA
DdeCreateStringHandleA
CreateMenu
RegisterWindowMessageW
GetWindowRgn
GetMessageExtraInfo
GetScrollPos
SetProcessWindowStation
CharLowerW
CreateAcceleratorTableW
VkKeyScanExA
GetClipboardFormatNameW
PtInRect
IsMenu
MapVirtualKeyExW
ReplyMessage
CharNextW
DefMDIChildProcA
DrawIconEx
SetFocus
CreateWindowExA
KillTimer
LoadStringW
CreateMDIWindowA
CallWindowProcW
SendMessageTimeoutW
GetUserObjectSecurity
IsIconic
BeginPaint
GetDesktopWindow
InvertRect
SendNotifyMessageW
DdeUninitialize
GetPropA
CharUpperBuffA
ActivateKeyboardLayout
RegisterClassW
RemovePropW
PostMessageW
GetInputState
GetClassNameW
GetDialogBaseUnits
RemoveMenu
MapVirtualKeyExA
LockWindowUpdate
SendDlgItemMessageA
GetCapture
LoadBitmapW
EndDialog
OpenWindowStationA
EndPaint
TrackPopupMenuEx
GetTabbedTextExtentA
SwapMouseButton
MessageBeep
GetClipboardViewer
LoadImageW
EmptyClipboard
SendDlgItemMessageW
GetKeyboardLayoutNameA
CheckRadioButton
LoadCursorW
SetWindowLongW
CharToOemA
GetWindowWord
EnumWindows
CheckMenuItem
GetComboBoxInfo
AdjustWindowRect
UnregisterDeviceNotification
ReuseDDElParam
CopyAcceleratorTableW
GetClassInfoExW
LoadCursorFromFileA
TrackMouseEvent
FlashWindowEx
SetWindowsHookExA
CreateDialogParamA
GetLastActivePopup
GetMonitorInfoW
EnumDisplayMonitors
GetMonitorInfoA
DdeFreeStringHandle
EnumThreadWindows
TranslateAcceleratorW
VkKeyScanA
UnhookWinEvent
SetMenuItemInfoW
GetUpdateRgn
GetMenuDefaultItem
LoadBitmapA
IsDialogMessageA
DdeInitializeW
AdjustWindowRectEx
DdeClientTransaction
CopyIcon
GetClassLongA
CharLowerBuffW
RegisterHotKey
DrawStateA
TranslateMDISysAccel
ScrollWindowEx
RealChildWindowFromPoint
MapVirtualKeyA
SetMenuItemInfoA
InsertMenuItemW
HideCaret
GetMessagePos
PostMessageA
LoadAcceleratorsW
DeleteMenu
GetWindowLongA
DlgDirListA
InflateRect
IsCharAlphaA
CreateMDIWindowW
InvalidateRgn
MsgWaitForMultipleObjects
GetDlgItem
LoadIconW
SetMessageExtraInfo
wvsprintfA
CreateDialogParamW
GetMenuBarInfo
TranslateMessage
IsChild
DrawEdge
GetParent
IsCharLowerA
DestroyMenu
SendInput
LoadMenuIndirectA
GetScrollInfo
DlgDirSelectExA
WinHelpW
RegisterClassExW
SetKeyboardState
GetTopWindow
GetMessageW
DialogBoxIndirectParamA
ScrollDC
PackDDElParam
GetDlgItemInt
GetWindowPlacement
ClipCursor
GetNextDlgTabItem
IsCharAlphaNumericW
DrawFocusRect
SetMenuInfo
CreateDesktopW
GetAsyncKeyState
ChangeDisplaySettingsW
SetScrollInfo
GetSubMenu
EnumDisplaySettingsW
FindWindowW
GetClipboardFormatNameA
GetIconInfo
ScrollWindow
GetClientRect
UnpackDDElParam
TabbedTextOutW
CascadeWindows
GetWindowLongW
GetWindowThreadProcessId
SetMenuDefaultItem
DdeQueryStringA
GetClipboardOwner
GrayStringW
GetClassInfoA
GetMenuItemInfoA
GetMenu
GetCursorPos
MoveWindow
SetCursorPos
GetUpdateRect
SetWindowRgn
DefWindowProcW
mouse_event
GetWindowModuleFileNameW
LoadMenuW
UpdateWindow
CallWindowProcA
OpenClipboard
HiliteMenuItem
DdeCreateStringHandleW
keybd_event
SetWindowTextW
EnumDesktopWindows
DrawTextExA
NotifyWinEvent
GetUserObjectInformationA
SetMenuContextHelpId
ToAscii
GetWindowRect
SetClipboardViewer
ClientToScreen
DdeGetLastError
GetClassNameA
GetActiveWindow
EnableMenuItem
MapDialogRect
IsClipboardFormatAvailable
MessageBoxIndirectA
OemToCharBuffA
CheckDlgButton
GetQueueStatus
wsprintfW
DdeInitializeA
CopyImage
CallNextHookEx
DispatchMessageW
EnumChildWindows
ShowScrollBar
FindWindowExW
GetKeyNameTextW
ShowCaret
SystemParametersInfoA
wvsprintfW
SetPropW
SetTimer
SetRectEmpty
GetSysColorBrush
ToUnicodeEx
GetNextDlgGroupItem
GetSystemMetrics
SetLayeredWindowAttributes
IsDialogMessage
GetOpenClipboardWindow
DrawTextW
EnableScrollBar
DialogBoxParamA
ChangeDisplaySettingsA
GetProcessWindowStation
DlgDirListComboBoxW
FreeDDElParam
CreateDialogIndirectParamA
GetDC
DrawStateW
SubtractRect
CreatePopupMenu
UnregisterHotKey
MessageBoxExA
IsWindowVisible
SetClipboardData
CharLowerA
TranslateAcceleratorA
OpenWindowStationW
LookupIconIdFromDirectory
GetMenuItemInfoW
LoadCursorA
MonitorFromWindow
IsCharLowerW
SetWindowContextHelpId
BroadcastSystemMessage
CharLowerBuffA
MsgWaitForMultipleObjectsEx
SetDlgItemTextA
GrayStringA
GetMenuState
wsprintfA
GetDlgItemTextW
GetWindowContextHelpId
VkKeyScanW
ShowWindowAsync
RegisterDeviceNotificationW
GetPropW
IsZoomed
MenuItemFromPoint
GetCaretPos
CloseWindowStation
WinHelpA
GetClipCursor
DdeCreateDataHandle
GetScrollRange
GetWindowDC
BeginDeferWindowPos
GetForegroundWindow
FindWindowA
IsWindowEnabled
GetClassLongW
CreateIconFromResource
EqualRect
ScreenToClient
ExcludeUpdateRgn
ModifyMenuA
CreateDialogIndirectParamW
PostThreadMessageW
GetClassWord
GetClassInfoExA
DestroyAcceleratorTable
GetMenuItemRect
MonitorFromRect
LoadStringA
CreateIcon
TabbedTextOutA
GetKeyboardLayoutList
OpenInputDesktop
ChangeClipboardChain
GetGUIThreadInfo
IntersectRect
CharNextExA
WindowFromPoint
SetWindowTextA
TileChildWindows
InsertMenuItemA
PostQuitMessage
SwitchDesktop
DrawMenuBar
GetKeyboardState
DeferWindowPos
GetMenuStringW
AllowSetForegroundWindow
ExitWindowsEx
FlashWindow
SystemParametersInfoW
SetWindowPos
GetMenuInfo
GetTitleBarInfo
GetKeyNameTextA
InSendMessage
DdeQueryStringW
DdeAccessData
CreateAcceleratorTableA
AnimateWindow
AppendMenuW
ChildWindowFromPointEx
MonitorFromPoint
SetCaretPos
IsDialogMessageW
MessageBoxW
UnregisterClassW
RemovePropA
FindWindowExA
EnableWindow
SetWindowLongA
GetWindowTextW
CreateWindowExW
DialogBoxIndirectParamW
CharUpperBuffW
WaitForInputIdle
LoadAcceleratorsA
SetCaretBlinkTime
DdeNameService
ValidateRgn
GetThreadDesktop
SetCursor
UnregisterClassA
AttachThreadInput
DestroyWindow
FrameRect
CharPrevA
GetAncestor
DrawCaption
GetClassInfoW
DragDetect
GetDlgItemTextA
CharNextA
PeekMessageA
WindowFromDC
CopyRect
GetKeyState
DdeGetData
DestroyCaret
MapVirtualKeyW
OemToCharA
ReleaseDC
BringWindowToTop
AppendMenuA
PeekMessageW
GetWindowTextA
CreateCursor
GetSysColor
GetWindowInfo
GetMenuCheckMarkDimensions
LoadIconA
SetParent
FillRect
GetMenuItemID
GetDoubleClickTime
GetSystemMenu
DlgDirSelectComboBoxExA
DefDlgProcA
DestroyIcon
SetPropA
DdeUnaccessData
CallMsgFilterA
DefFrameProcA
SetMenuItemBitmaps
SetMenu
DefMDIChildProcW
GetUserObjectInformationW
WaitMessage
SetScrollRange
DdePostAdvise
IsCharAlphaNumericA
DrawIcon
IsWindowUnicode
UnionRect
SetDlgItemInt
SendMessageA
GetCaretBlinkTime
ShowWindow
DdeDisconnect
RegisterClassExA
SetDoubleClickTime
RegisterWindowMessageA
LoadCursorFromFileW
DispatchMessageA
ToUnicode
CloseDesktop
DestroyCursor
InsertMenuA
GetKeyboardLayout
IsWindow
DefFrameProcW
LockSetForegroundWindow
IsDlgButtonChecked
DialogBoxParamW
ReleaseCapture
GetMenuStringA
MessageBoxA
SetClassLongW
SetRect
CopyAcceleratorTableA
CreateIconIndirect
GetDlgCtrlID
DefWindowProcA
GetLastInputInfo
SetForegroundWindow
SendMessageTimeoutA
ModifyMenuW
RegisterClipboardFormatW
RedrawWindow
GetWindowTextLengthA
ShowOwnedPopups
DrawFrameControl
SetClassLongA
GetMenuItemCount
PostThreadMessageA
LoadImageA
ValidateRect
EndDeferWindowPos
SetThreadDesktop
IsCharUpperA
OffsetRect
CharToOemBuffA
LoadMenuIndirectW
DrawTextA
DdeFreeDataHandle
SetWindowsHookExW
SetActiveWindow
ShowCursor
GetMenuContextHelpId
IsRectEmpty
GetCursorInfo
GetScrollBarInfo
GetMessageA
RegisterClassA
GetDCEx
CloseClipboard
CheckMenuRadioItem
SetUserObjectSecurity
GetWindowTextLengthW
CloseWindow
MapWindowPoints
DdeConnect
CharUpperW
EnumDisplaySettingsA
ArrangeIconicWindows
OpenDesktopW
SetDlgItemTextW
DrawTextExW
CreateCaret
InvalidateRect
TileWindows
CountClipboardFormats
CreateIconFromResourceEx
UnhookWindowsHookEx
GetCursor
DlgDirListComboBoxA
CharUpperA
InsertMenuW
GetFocus
GetMessageTime
SendMessageW
RegisterClipboardFormatA
ToAsciiEx
DrawAnimatedRects
SetCapture
TrackPopupMenu
OpenDesktopA
SetWindowPlacement
GetWindow
LookupIconIdFromDirectoryEx
GetClipboardData
OpenIcon
winspool.drv
DeletePrintProcessorA
FindFirstPrinterChangeNotification
AddPrinterA
AddPrinterDriverA
GetPrinterW
FindNextPrinterChangeNotification
GetPrinterA
DocumentPropertiesA
OpenPrinterW
EnumPrintersW
EnumPrintersA
SetPrinterW
WritePrinter
OpenPrinterA
SetPrinterDataW
DeviceCapabilitiesA
EndDocPrinter
ord204
DeviceCapabilitiesW
GetPrinterDriverDirectoryA
EndPagePrinter
GetJobA
GetJobW
StartDocPrinterA
StartDocPrinterW
StartPagePrinter
AddFormW
AbortPrinter
EnumFormsW
EnumPortsW
DocumentPropertiesW
PrinterProperties
DeletePrinterDriverA
EnumPortsA
SetJobW
SetPrinterA
DeletePrintProcessorW
GetFormW
EnumPrinterDriversA
DeleteFormW
ClosePrinter
EnumJobsA
DeletePrinter
GetPrinterDriverA
EnumJobsW
FreePrinterNotifyInfo
comctl32
ImageList_Write
ImageList_SetDragCursorImage
CreatePropertySheetPageA
ImageList_DragShowNolock
ImageList_Destroy
DestroyPropertySheetPage
ImageList_SetImageCount
ImageList_DragMove
ImageList_SetBkColor
PropertySheetW
ImageList_SetIconSize
CreateStatusWindowW
CreateToolbarEx
ImageList_DragEnter
CreatePropertySheetPageW
ImageList_GetImageCount
ord17
ImageList_Copy
_TrackMouseEvent
ImageList_DragLeave
ImageList_DrawEx
DrawStatusTextW
ImageList_Duplicate
ImageList_GetIcon
FlatSB_EnableScrollBar
ImageList_Create
ImageList_Draw
ImageList_GetDragImage
ImageList_SetOverlayImage
ImageList_LoadImageW
FlatSB_ShowScrollBar
PropertySheetA
CreateUpDownControl
ImageList_Read
MakeDragList
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_AddMasked
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_LoadImage
ImageList_Replace
InitializeFlatSB
ImageList_DrawIndirect
ImageList_Add
ImageList_Remove
ImageList_BeginDrag
ImageList_AddIcon
ImageList_SetFlags
ImageList_Merge
ImageList_GetIconSize
advapi32
SetSecurityInfo
GetSecurityDescriptorOwner
StartServiceCtrlDispatcherA
CryptImportKey
RegQueryValueExA
QueryServiceStatus
IsValidAcl
LsaAddAccountRights
DeregisterEventSource
LsaLookupNames
OpenProcessToken
ReportEventA
WriteEncryptedFileRaw
ImpersonateNamedPipeClient
MapGenericMask
OpenSCManagerA
RegQueryValueA
SetSecurityDescriptorSacl
GetSidIdentifierAuthority
LookupAccountSidW
GetSidSubAuthority
CryptGenRandom
LockServiceDatabase
RegOpenKeyW
LsaFreeMemory
RegOpenKeyExW
BuildTrusteeWithNameW
LogonUserW
SetServiceStatus
EnumDependentServicesW
GetSidLengthRequired
EncryptFileW
SetThreadToken
GetEffectiveRightsFromAclA
ConvertSidToStringSidW
GetSecurityDescriptorSacl
OpenServiceW
RegEnumKeyExW
CryptGetKeyParam
GetTokenInformation
OpenThreadToken
LookupAccountNameA
DuplicateToken
SetSecurityDescriptorDacl
ConvertStringSidToSidW
QueryServiceLockStatusW
BuildExplicitAccessWithNameW
DeleteService
SetEntriesInAclW
CryptEnumProvidersW
FreeSid
LookupPrivilegeValueW
GetSecurityInfo
LogonUserA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegisterEventSourceA
RegEnumKeyW
QueryServiceStatusEx
AddAccessAllowedAce
CryptGetUserKey
CryptGetHashParam
EnumServicesStatusA
RegCreateKeyExW
InitiateSystemShutdownA
CreateProcessAsUserW
GetSecurityDescriptorGroup
RegisterServiceCtrlHandlerExA
RegSaveKeyA
InitializeSid
RevertToSelf
EqualPrefixSid
GetExplicitEntriesFromAclW
SetSecurityDescriptorGroup
OpenSCManagerW
RegLoadKeyA
RegCloseKey
GetSecurityDescriptorLength
UnlockServiceDatabase
RegSetKeySecurity
CreateServiceA
InitiateSystemShutdownExW
LookupPrivilegeNameA
CloseEncryptedFileRaw
RegConnectRegistryA
GetNamedSecurityInfoA
LsaRemoveAccountRights
RegRestoreKeyW
CloseServiceHandle
ConvertSecurityDescriptorToStringSecurityDescriptorW
MakeSelfRelativeSD
CryptExportKey
RegUnLoadKeyW
RegCreateKeyA
LsaNtStatusToWinError
SetSecurityDescriptorOwner
GetSidSubAuthorityCount
CheckTokenMembership
StartServiceW
SetTokenInformation
GetSecurityDescriptorControl
GetUserNameA
ChangeServiceConfigW
SetFileSecurityW
GetFileSecurityW
ChangeServiceConfigA
RegisterEventSourceW
AllocateAndInitializeSid
RegCreateKeyExA
CryptEncrypt
CryptDestroyKey
RegQueryInfoKeyW
ImpersonateLoggedOnUser
RegGetKeySecurity
SetNamedSecurityInfoA
RegEnumValueA
GetAce
ConvertStringSidToSidA
RegQueryInfoKeyA
GetAclInformation
GetSecurityDescriptorDacl
SetEntriesInAclA
OpenEncryptedFileRawW
LookupAccountNameW
RegEnumValueW
RegFlushKey
CryptDestroyHash
QueryServiceConfigA
ReportEventW
CryptAcquireContextW
LookupPrivilegeValueA
CryptAcquireContextA
LsaOpenPolicy
EqualSid
LsaClose
RegOpenKeyA
QueryServiceConfigW
RegSetValueExW
DeleteAce
CryptCreateHash
GetLengthSid
LsaQueryInformationPolicy
RegOpenCurrentUser
LookupPrivilegeDisplayNameA
CryptVerifySignatureA
GetFileSecurityA
RegConnectRegistryW
RegSetValueW
LsaLookupSids
LookupAccountSidA
RegCreateKeyW
CreateProcessAsUserA
CopySid
RegDisablePredefinedCache
AddAce
IsValidSecurityDescriptor
CryptHashData
AccessCheck
RegLoadKeyW
RegDeleteKeyA
StartServiceCtrlDispatcherW
RegDeleteValueW
ReadEncryptedFileRaw
ImpersonateSelf
AdjustTokenPrivileges
MakeAbsoluteSD
ChangeServiceConfig2A
RegQueryValueExW
GetKernelObjectSecurity
RegDeleteKeyW
RegNotifyChangeKeyValue
GetUserNameW
CryptDecrypt
CreateServiceW
DuplicateTokenEx
CryptReleaseContext
RegSetValueA
CryptDeriveKey
SetFileSecurityA
RegEnumKeyExA
RegRestoreKeyA
RegUnLoadKeyA
ControlService
CreateWellKnownSid
OpenServiceA
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
CryptGenKey
IsValidSid
RegDeleteValueA
SetServiceObjectSecurity
RegisterServiceCtrlHandlerW
GetNamedSecurityInfoW
BuildTrusteeWithSidW
RegOpenKeyExA
InitializeAcl
RegSaveKeyW
StartServiceA
SetSecurityDescriptorControl
RegEnumKeyA
SetNamedSecurityInfoW
ChangeServiceConfig2W
CryptSetProvParam
RegSetValueExA
RegQueryValueW
Sections
.text Size: 100KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 288KB - Virtual size: 286KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 108KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ