Static task
static1
Behavioral task
behavioral1
Sample
ff7650a6fc49e13310727f267ce82fa6a674ef10a608bfff921e7b751a0bc02e.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
ff7650a6fc49e13310727f267ce82fa6a674ef10a608bfff921e7b751a0bc02e.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
ff7650a6fc49e13310727f267ce82fa6a674ef10a608bfff921e7b751a0bc02e
-
Size
528KB
-
MD5
420b2ba87491125c8f6ccc5e62a1bd44
-
SHA1
fa025fc023722093f2e368967d1a74ace937409a
-
SHA256
ff7650a6fc49e13310727f267ce82fa6a674ef10a608bfff921e7b751a0bc02e
-
SHA512
2d4260f255e17765adaaab3bab197ee1a1802cb722709a9a0318c6d18ff02b2ac835aa544fa73492bffa2a259ad691ee33c6dd577279f5d44f7dc38410cd2326
-
SSDEEP
12288:g9hRLsIzGeE+OI2SWYQrQ7cjnWQtyDuB08Jmj5b1TJZck:GhRLsITEpIKzscjWQtyS6j5Fb
Malware Config
Signatures
Files
-
ff7650a6fc49e13310727f267ce82fa6a674ef10a608bfff921e7b751a0bc02e.exe windows x86
b93c0eeda08180b49f9d2a7c404a3820
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wsock32
WSACleanup
user32
RegisterDeviceNotificationW
LoadStringA
GetWindowInfo
RegisterClassA
CloseClipboard
CascadeWindows
GetSubMenu
ModifyMenuW
EndDialog
CheckRadioButton
HideCaret
OemToCharA
ReuseDDElParam
ChildWindowFromPointEx
BeginDeferWindowPos
GetMessageExtraInfo
CharPrevA
DrawEdge
GetCapture
MapVirtualKeyExA
DestroyCursor
RedrawWindow
SendMessageTimeoutA
SetDlgItemInt
GetCursorPos
LoadIconW
IsDialogMessageW
PostMessageW
GetWindowTextLengthA
DdeUninitialize
DeferWindowPos
GetWindowDC
MessageBoxW
InflateRect
InsertMenuW
HiliteMenuItem
SetPropW
DeleteMenu
GetCursorInfo
GetMenuStringW
InvalidateRect
AnimateWindow
LockSetForegroundWindow
CreateIcon
GetWindowThreadProcessId
RegisterWindowMessageA
InsertMenuItemA
GetMenuItemInfoA
GetClassLongW
EnableWindow
DrawStateA
EnableScrollBar
CopyImage
DrawAnimatedRects
GetComboBoxInfo
GetAncestor
SetWindowTextW
IsRectEmpty
SwitchDesktop
GetMenuItemRect
GetMenuDefaultItem
MonitorFromPoint
SetFocus
DdeCreateStringHandleW
SetClipboardViewer
SetWindowLongW
EnumDisplaySettingsW
GetMenuItemCount
MapVirtualKeyExW
ScrollWindowEx
DrawFocusRect
MessageBeep
mouse_event
CreateCaret
KillTimer
GetWindowRect
CopyIcon
IsDialogMessageA
GetScrollBarInfo
UnregisterClassW
GetClipboardViewer
UnpackDDElParam
wsprintfW
EnumClipboardFormats
GetSysColor
IsCharAlphaNumericW
CheckMenuItem
GetTabbedTextExtentA
GetUpdateRgn
CloseWindow
GetClipboardFormatNameW
UnhookWindowsHookEx
GetWindowWord
GetUserObjectInformationA
DrawTextW
DrawIcon
CreatePopupMenu
CreateAcceleratorTableW
LoadCursorA
CreateIconFromResourceEx
SetProcessWindowStation
GetPropW
TranslateMDISysAccel
LoadMenuIndirectA
AttachThreadInput
SendMessageW
MapWindowPoints
RegisterClassExA
SetScrollRange
CheckDlgButton
GetKeyboardLayoutList
DlgDirListComboBoxW
PostThreadMessageW
ShowWindowAsync
SendInput
SetWindowsHookExW
IsMenu
OpenDesktopA
TileWindows
GetDC
GrayStringW
DialogBoxParamA
DdeNameService
UnionRect
DefDlgProcA
MapDialogRect
CreateDesktopW
SetMenuContextHelpId
RegisterClassW
SetWindowPos
SetActiveWindow
CallNextHookEx
MessageBoxA
OpenInputDesktop
DialogBoxParamW
GetFocus
IsCharAlphaNumericA
GetClassInfoA
GetSystemMetrics
CountClipboardFormats
LoadKeyboardLayoutA
ShowCursor
TrackPopupMenuEx
AllowSetForegroundWindow
CharNextW
GetIconInfo
GetMessageA
IsCharAlphaA
LoadCursorFromFileW
SetClipboardData
GetWindow
SetMenuDefaultItem
AppendMenuW
GetWindowTextW
ShowCaret
GetParent
GetClassNameA
AdjustWindowRectEx
LockWindowUpdate
SendDlgItemMessageW
DdeQueryStringA
ScrollDC
VkKeyScanW
BroadcastSystemMessage
GetCaretBlinkTime
LookupIconIdFromDirectoryEx
EndDeferWindowPos
IsZoomed
RemoveMenu
LoadCursorW
SetWindowRgn
InvertRect
GetKeyboardState
FindWindowA
EnableMenuItem
ClientToScreen
IsWindowUnicode
CreateMDIWindowA
GetProcessWindowStation
TabbedTextOutW
GetCaretPos
ShowOwnedPopups
TrackMouseEvent
TrackPopupMenu
GetPropA
MonitorFromWindow
IsClipboardFormatAvailable
LoadAcceleratorsW
GetWindowTextLengthW
ReplyMessage
ValidateRgn
GetWindowLongA
GetTopWindow
DdeFreeStringHandle
LoadStringW
DdeQueryStringW
ChildWindowFromPoint
SetWindowLongA
DdeDisconnect
LoadCursorFromFileA
SetDlgItemTextA
SetClassLongW
AdjustWindowRect
CallWindowProcA
SetPropA
SystemParametersInfoA
ArrangeIconicWindows
LoadImageA
WaitForInputIdle
CharLowerBuffW
DdeGetLastError
MapVirtualKeyW
GetClassLongA
RegisterWindowMessageW
wvsprintfW
GetTitleBarInfo
GetDialogBaseUnits
ModifyMenuA
CreateIconIndirect
DdeInitializeA
ShowWindow
DialogBoxIndirectParamA
DlgDirListA
SendMessageA
SetDoubleClickTime
RemovePropW
DestroyWindow
FreeDDElParam
wsprintfA
SetForegroundWindow
GetUserObjectInformationW
GetScrollInfo
OemToCharBuffA
AppendMenuA
ValidateRect
CopyAcceleratorTableW
CreateCursor
DialogBoxIndirectParamW
GetWindowRgn
DispatchMessageA
EnumDisplayMonitors
DestroyCaret
SetScrollPos
IsWindowEnabled
DrawIconEx
DdeCreateDataHandle
CharUpperBuffA
SetMenuInfo
CharToOemA
DlgDirSelectExA
GetWindowModuleFileNameW
GetKeyState
DrawTextExA
SendNotifyMessageW
SetCursor
PeekMessageW
GetKeyboardLayoutNameA
PostQuitMessage
LoadBitmapW
SetUserObjectSecurity
ScreenToClient
MoveWindow
FlashWindow
TileChildWindows
MenuItemFromPoint
FillRect
FindWindowExA
CloseWindowStation
DdeUnaccessData
WindowFromPoint
ExitWindowsEx
DestroyIcon
GetClassInfoW
EnumDesktopWindows
SetWindowTextA
CreateIconFromResource
PostMessageA
GetMessageTime
SetRectEmpty
SetThreadDesktop
ReleaseDC
SetClassLongA
GetMonitorInfoA
FlashWindowEx
IsIconic
SetCaretPos
CloseDesktop
GetClassInfoExW
InsertMenuItemW
GetWindowPlacement
DdeGetData
SetWindowPlacement
DispatchMessageW
GetWindowContextHelpId
DdeCreateStringHandleA
GetOpenClipboardWindow
CreateDialogParamW
LoadImageW
DragDetect
DefWindowProcA
GetWindowTextA
CharUpperBuffW
GetForegroundWindow
ActivateKeyboardLayout
GetClassNameW
DefFrameProcA
UnregisterClassA
GetClipboardFormatNameA
MessageBoxIndirectA
IsCharLowerA
GetSysColorBrush
SetCursorPos
ToAsciiEx
GrayStringA
GetMenu
GetDlgItemTextA
WinHelpA
GetDlgItem
DrawTextExW
PostThreadMessageA
GetDoubleClickTime
RealChildWindowFromPoint
CheckMenuRadioItem
SetMenuItemBitmaps
SetWindowContextHelpId
SendMessageTimeoutW
GetSystemMenu
GetWindowLongW
MsgWaitForMultipleObjectsEx
LookupIconIdFromDirectory
SubtractRect
DefFrameProcW
IsDialogMessage
OpenClipboard
WindowFromDC
PtInRect
GetMenuBarInfo
GetClassWord
GetKeyNameTextA
GetDesktopWindow
IntersectRect
TranslateAcceleratorW
ToUnicode
MapVirtualKeyA
IsChild
DefMDIChildProcA
DdeConnect
CharToOemBuffA
GetDlgCtrlID
ChangeDisplaySettingsA
SetTimer
RemovePropA
EnumThreadWindows
GetGUIThreadInfo
CreateAcceleratorTableA
GetNextDlgTabItem
SendNotifyMessageA
CallMsgFilterA
GetLastInputInfo
EnumChildWindows
DdeClientTransaction
InsertMenuA
SwapMouseButton
ReleaseCapture
OpenIcon
GetMenuState
UpdateWindow
DdeFreeDataHandle
CharLowerA
GetThreadDesktop
CopyRect
SetWindowsHookExA
UnhookWinEvent
DlgDirListComboBoxA
CreateMDIWindowW
GetDlgItemInt
DdePostAdvise
WinHelpW
DdeAccessData
IsCharUpperA
IsWindowVisible
SetLayeredWindowAttributes
SetScrollInfo
GetInputState
FindWindowW
DrawFrameControl
GetDlgItemTextW
GetKeyboardLayout
TranslateMessage
CreateMenu
CopyAcceleratorTableA
CharUpperW
ToUnicodeEx
InvalidateRgn
CharUpperA
SetMenu
GetDCEx
SetKeyboardState
EnumDisplaySettingsA
CreateWindowExW
OpenWindowStationA
IsCharLowerW
DestroyAcceleratorTable
SetMenuItemInfoW
DrawCaption
GetClipboardOwner
keybd_event
GetLastActivePopup
EndPaint
RegisterClipboardFormatW
NotifyWinEvent
UnregisterDeviceNotification
GetKeyNameTextW
wvsprintfA
SetDlgItemTextW
CharNextExA
RegisterHotKey
MsgWaitForMultipleObjects
LoadMenuIndirectW
GetClassInfoExA
GetScrollRange
TranslateAcceleratorA
EnumWindows
PackDDElParam
MessageBoxExA
LoadMenuW
GetMenuInfo
GetClientRect
VkKeyScanExA
GetClipboardData
CharNextA
LoadAcceleratorsA
FindWindowExW
DefMDIChildProcW
GetMenuItemInfoW
CharLowerBuffA
IsWindow
VkKeyScanA
CreateDialogIndirectParamW
DdeInitializeW
BringWindowToTop
LoadBitmapA
GetClipCursor
EmptyClipboard
CallWindowProcW
ShowScrollBar
GetNextDlgGroupItem
GetMonitorInfoW
ChangeDisplaySettingsW
IsDlgButtonChecked
MonitorFromRect
DlgDirSelectComboBoxExA
CreateDialogParamA
DrawMenuBar
SetParent
DrawTextA
SetCapture
SendDlgItemMessageA
GetMenuStringA
GetUpdateRect
GetMenuItemID
LoadMenuA
OpenWindowStationW
SetRect
BeginPaint
SetCaretBlinkTime
OffsetRect
GetUserObjectSecurity
ChangeClipboardChain
RegisterClassExW
SystemParametersInfoW
CreateWindowExA
RegisterClipboardFormatA
GetQueueStatus
GetMessagePos
FrameRect
DrawStateW
SetMenuItemInfoA
InSendMessage
WaitMessage
DestroyMenu
GetScrollPos
GetMessageW
PeekMessageA
ExcludeUpdateRgn
ToAscii
TabbedTextOutA
OpenDesktopW
EqualRect
ClipCursor
SetMessageExtraInfo
GetAsyncKeyState
GetCursor
GetMenuCheckMarkDimensions
DefWindowProcW
GetMenuContextHelpId
GetActiveWindow
LoadIconA
CreateDialogIndirectParamA
ScrollWindow
comctl32
ImageList_DragEnter
ImageList_Write
ImageList_SetDragCursorImage
ImageList_GetDragImage
_TrackMouseEvent
ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
MakeDragList
PropertySheetA
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Copy
FlatSB_EnableScrollBar
InitializeFlatSB
ImageList_DragShowNolock
ImageList_SetImageCount
ImageList_Duplicate
ImageList_GetIcon
ImageList_SetBkColor
ImageList_BeginDrag
PropertySheetW
ImageList_Replace
CreatePropertySheetPageA
ImageList_LoadImage
ImageList_Merge
ImageList_AddMasked
ImageList_GetBkColor
ImageList_AddIcon
ImageList_LoadImageW
ImageList_Add
FlatSB_ShowScrollBar
ImageList_SetIconSize
ImageList_DragMove
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_Read
ImageList_Draw
CreatePropertySheetPageW
ImageList_GetImageCount
ImageList_DragLeave
ord17
ImageList_SetOverlayImage
CreateStatusWindowW
CreateUpDownControl
ImageList_SetFlags
ImageList_LoadImageA
CreateToolbarEx
DrawStatusTextW
ImageList_Destroy
DestroyPropertySheetPage
ImageList_EndDrag
InitCommonControlsEx
kernel32
SetThreadAffinityMask
GetCommProperties
SleepEx
QueryPerformanceCounter
IsProcessorFeaturePresent
LoadLibraryExW
GetQueuedCompletionStatus
Module32FirstW
Sleep
SetSystemTime
GetThreadContext
UnlockFileEx
ContinueDebugEvent
FindResourceExA
ExpandEnvironmentStringsA
FindNextChangeNotification
GetThreadLocale
ClearCommError
WriteConsoleA
DefineDosDeviceA
IsValidCodePage
GlobalLock
OpenFileMappingW
GetWindowsDirectoryW
CreateDirectoryW
GetProfileIntA
InterlockedIncrement
HeapSize
GetFullPathNameW
AreFileApisANSI
GetCommState
BeginUpdateResourceW
RtlUnwind
EndUpdateResourceW
GetTempFileNameA
FindNextFileA
Process32First
TlsFree
BackupSeek
GetCommTimeouts
EnumCalendarInfoW
GetCurrentThread
FindAtomW
SetUnhandledExceptionFilter
InterlockedDecrement
SetNamedPipeHandleState
GlobalAddAtomW
EnumSystemLanguageGroupsW
CreateWaitableTimerW
DuplicateHandle
GetProcessVersion
GetCurrentDirectoryA
FileTimeToDosDateTime
FreeEnvironmentStringsW
UnmapViewOfFile
GetSystemDirectoryW
IsDebuggerPresent
ReadProcessMemory
SizeofResource
WideCharToMultiByte
TerminateProcess
WaitForSingleObjectEx
FindFirstFileA
SwitchToFiber
CreateThread
GetComputerNameExW
Heap32First
VirtualFreeEx
QueryDosDeviceW
LeaveCriticalSection
FindFirstChangeNotificationW
SetVolumeLabelA
LCMapStringA
SetVolumeMountPointA
CopyFileA
LocalReAlloc
WriteProfileStringW
CompareStringA
GetStringTypeW
EnumLanguageGroupLocalesW
GetVolumeNameForVolumeMountPointW
GlobalHandle
FindCloseChangeNotification
FindResourceW
VirtualAlloc
GetFileSizeEx
ConnectNamedPipe
FormatMessageA
GlobalGetAtomNameW
ConvertThreadToFiber
CreateMutexA
LoadResource
InterlockedCompareExchange
QueueUserWorkItem
GetSystemTimeAsFileTime
WritePrivateProfileStructW
CreatePipe
WritePrivateProfileStringA
SetConsoleTitleW
GetPrivateProfileStringW
GetAtomNameA
HeapCreate
GetWindowsDirectoryA
GetConsoleMode
GetProcessHeaps
DeleteFileA
FlushInstructionCache
lstrcpynW
UnhandledExceptionFilter
ReadFile
TransmitCommChar
HeapCompact
lstrcpyA
SetTimeZoneInformation
SetEnvironmentVariableA
Process32NextW
DeleteVolumeMountPointW
GetConsoleCP
CreateWaitableTimerA
Thread32First
GetCommConfig
GetVolumeInformationA
GetProcAddress
DisableThreadLibraryCalls
SetHandleInformation
TerminateThread
ProcessIdToSessionId
CompareFileTime
GetDiskFreeSpaceExW
GetModuleFileNameW
GetACP
SetMailslotInfo
GetProfileStringA
lstrcmpiW
GetFileType
PurgeComm
GetCPInfo
SetConsoleCursorPosition
SetCommBreak
GetTimeZoneInformation
EscapeCommFunction
SetCommMask
Beep
CreateEventA
SetStdHandle
VirtualAllocEx
BeginUpdateResourceA
GlobalAddAtomA
FindFirstFileExW
Toolhelp32ReadProcessMemory
GetTempFileNameW
lstrcmpiA
GetVolumeInformationW
GetComputerNameExA
_lwrite
OpenEventW
WaitForSingleObject
SwitchToThread
lstrcatW
EnumResourceLanguagesW
GetMailslotInfo
lstrcpyW
GetLongPathNameA
GetHandleInformation
GetLogicalDrives
InitializeCriticalSection
SetComputerNameW
ClearCommBreak
VerifyVersionInfoW
CreateDirectoryExA
FindResourceExW
_hwrite
GetProfileIntW
WaitNamedPipeA
LocalFileTimeToFileTime
GetLogicalDriveStringsA
Heap32ListNext
GetLongPathNameW
BuildCommDCBA
Heap32Next
RemoveDirectoryW
CompareStringW
VirtualLock
SetTapePosition
GetDiskFreeSpaceW
AllocConsole
GetOEMCP
FindVolumeClose
GetSystemTime
GetLastError
ConvertDefaultLocale
GetComputerNameA
GetVolumeNameForVolumeMountPointA
SetEnvironmentVariableW
GetFileTime
TryEnterCriticalSection
GlobalSize
GlobalGetAtomNameA
AddAtomW
RtlFillMemory
OpenProcess
SetCurrentDirectoryW
DebugBreak
OpenFileMappingA
CreateFiber
CreateProcessW
WriteProfileStringA
lstrlenW
DebugActiveProcess
lstrcatA
_llseek
WaitForMultipleObjectsEx
DeleteFiber
GetTempPathA
VirtualQuery
FlushFileBuffers
LoadLibraryW
OpenMutexW
WriteProcessMemory
_lread
SetCurrentDirectoryA
GetLocalTime
GetModuleHandleW
GetModuleHandleA
TlsAlloc
ReadDirectoryChangesW
GetOverlappedResult
FileTimeToSystemTime
VirtualFree
EnumSystemLocalesA
IsBadReadPtr
SetFileTime
GetProcessTimes
GetModuleFileNameA
SearchPathA
FindNextFileW
GetCurrencyFormatA
LocalCompact
GetLocaleInfoA
VirtualQueryEx
WriteConsoleW
GetStartupInfoA
PostQueuedCompletionStatus
GetSystemWindowsDirectoryA
SetFileAttributesW
RaiseException
IsBadCodePtr
OpenMutexA
lstrcmpA
WaitForMultipleObjects
SetupComm
GlobalFindAtomW
TlsGetValue
_hread
HeapFree
GetShortPathNameW
GetFileSize
VirtualProtect
CloseHandle
HeapAlloc
CreateEventW
GetCurrentDirectoryW
WritePrivateProfileSectionA
GetDriveTypeA
BackupRead
GetVolumePathNameW
DeleteCriticalSection
DeleteAtom
SetConsoleCtrlHandler
IsDBCSLeadByte
GlobalMemoryStatusEx
CreateSemaphoreA
CreateMailslotA
GlobalDeleteAtom
FindClose
OutputDebugStringW
GetTempPathW
GetPrivateProfileStringA
EnumCalendarInfoA
FileTimeToLocalFileTime
lstrcpynA
LocalAlloc
EnumCalendarInfoExW
GetLogicalDriveStringsW
QueueUserAPC
WaitCommEvent
GetPrivateProfileIntA
GetStringTypeExW
HeapReAlloc
GetFileAttributesExW
DisconnectNamedPipe
GlobalFlags
ResumeThread
GetVersionExW
SetThreadPriority
MoveFileA
FreeLibrary
GetPriorityClass
GetUserDefaultLangID
SetProcessWorkingSetSize
EnumResourceNamesA
GetCommMask
lstrlenA
LocalUnlock
OpenSemaphoreW
GetVersionExA
LCMapStringW
GlobalAlloc
GetComputerNameW
GetTapeParameters
RemoveDirectoryA
UnlockFile
GetPrivateProfileStructA
SetCommConfig
SetWaitableTimer
WinExec
GetCurrentThreadId
GetCommModemStatus
IsBadStringPtrW
DeleteFileW
GetTimeFormatW
FreeEnvironmentStringsA
GetThreadPriority
QueryDosDeviceA
SetLocalTime
GetTimeFormatA
PulseEvent
FatalAppExitA
GetDateFormatW
SetThreadContext
GetDriveTypeW
IsDBCSLeadByteEx
GlobalReAlloc
GetPrivateProfileSectionA
GetCurrentProcess
CreateNamedPipeA
GetConsoleScreenBufferInfo
MultiByteToWideChar
CreateMutexW
GetSystemTimeAdjustment
GetNumberFormatA
Heap32ListFirst
GetFullPathNameA
SystemTimeToTzSpecificLocalTime
TlsSetValue
WritePrivateProfileStringW
CreateFileA
VirtualUnlock
ReadConsoleInputA
SetErrorMode
CreateFileMappingA
GetDiskFreeSpaceA
LocalHandle
SetProcessShutdownParameters
VirtualProtectEx
SetThreadExecutionState
GetCurrentProcessId
WaitForDebugEvent
GetPrivateProfileIntW
VerifyVersionInfoA
SetFilePointer
WritePrivateProfileSectionW
MoveFileExA
EnumResourceTypesA
GetCPInfoExA
VerSetConditionMask
OutputDebugStringA
SearchPathW
SetCommTimeouts
LockFile
WritePrivateProfileStructA
SetFilePointerEx
GetEnvironmentVariableW
SystemTimeToFileTime
GetExitCodeProcess
OpenFile
LocalLock
MapViewOfFileEx
EnumUILanguagesW
PeekNamedPipe
SetProcessAffinityMask
WriteFileEx
DeviceIoControl
GetSystemInfo
GetStringTypeA
HeapDestroy
_lclose
WaitNamedPipeW
HeapValidate
GetProcessAffinityMask
OpenSemaphoreA
ExpandEnvironmentStringsW
CreateIoCompletionPort
GetCompressedFileSizeW
GetDiskFreeSpaceExA
ExitProcess
GetFileAttributesW
GetSystemDefaultLangID
FormatMessageW
ResetEvent
GetUserDefaultUILanguage
OpenThread
CreateFileMappingW
GlobalFindAtomA
MapViewOfFile
CreateFileW
CreateDirectoryA
FreeResource
SetVolumeLabelW
EndUpdateResourceA
InterlockedExchangeAdd
FlushConsoleInputBuffer
VerLanguageNameA
CommConfigDialogW
UpdateResourceW
GetEnvironmentStringsW
SetFileAttributesA
CreateProcessA
IsBadWritePtr
GetSystemPowerStatus
FindFirstVolumeW
Module32First
MoveFileW
LocalSize
GetBinaryTypeA
GlobalUnlock
GetFileAttributesExA
LockResource
CreateNamedPipeW
GetCommandLineW
GetStdHandle
GetShortPathNameA
GetEnvironmentStrings
UpdateResourceA
FindNextVolumeW
Thread32Next
GetEnvironmentVariableA
EnterCriticalSection
_lopen
WriteFile
OpenEventA
Module32NextW
SetConsoleMode
MulDiv
BackupWrite
GetDateFormatA
FindResourceA
SetThreadLocale
QueryPerformanceFrequency
lstrcmpW
InitializeCriticalSectionAndSpinCount
FindFirstChangeNotificationA
FlushViewOfFile
SuspendThread
GetLocaleInfoW
GlobalFree
CreateToolhelp32Snapshot
GetSystemDefaultLCID
GetStartupInfoW
LoadLibraryExA
IsBadStringPtrA
GetSystemDirectoryA
GetVersion
LockFileEx
Process32FirstW
LocalFree
IsValidLocale
SetProcessPriorityBoost
WriteConsoleOutputW
ReleaseSemaphore
LoadLibraryA
DeleteVolumeMountPointA
EnumResourceNamesW
Process32Next
GetUserDefaultLCID
GetConsoleOutputCP
GetVolumePathNameA
CancelIo
SetHandleCount
SetEvent
GetProfileStringW
GetStringTypeExA
GetThreadTimes
CreateSemaphoreW
CopyFileExA
MoveFileExW
GetPrivateProfileSectionNamesA
GetTickCount
GetProfileSectionA
_lcreat
SetLastError
FindFirstFileW
CopyFileW
InterlockedExchange
GetProcessWorkingSetSize
ReleaseMutex
GetExitCodeThread
GetCommandLineA
SetEndOfFile
GetFileInformationByHandle
shell32
SHGetFileInfoA
SHFileOperationA
DragFinish
ExtractIconExW
ShellExecuteA
DragQueryFileW
SHGetPathFromIDListA
SHEmptyRecycleBinA
SHCreateDirectoryExA
SHFreeNameMappings
FindExecutableA
SHGetMalloc
DragQueryFileA
SHBrowseForFolderA
SHGetDesktopFolder
SHChangeNotify
Shell_NotifyIconA
DuplicateIcon
SHGetSpecialFolderLocation
FindExecutableW
ShellExecuteExW
SHGetDataFromIDListA
SHCreateDirectoryExW
ExtractIconW
SHAppBarMessage
SHGetPathFromIDListW
ord155
Shell_NotifyIconW
SHGetInstanceExplorer
ShellExecuteW
SHGetSpecialFolderPathA
SHGetDataFromIDListW
DragQueryPoint
SHAddToRecentDocs
SHGetFolderPathA
SHFileOperationW
SHBindToParent
ShellExecuteExA
DragAcceptFiles
DoEnvironmentSubstW
SHBrowseForFolderW
ExtractIconExA
SHGetFolderPathW
SHGetFolderLocation
SHGetFileInfoW
ExtractIconA
CommandLineToArgvW
SHGetSpecialFolderPathW
comdlg32
GetSaveFileNameA
GetSaveFileNameW
ChooseColorA
GetOpenFileNameA
PrintDlgExA
ChooseColorW
ReplaceTextW
ReplaceTextA
FindTextA
ChooseFontW
FindTextW
PageSetupDlgW
GetOpenFileNameW
PrintDlgA
PrintDlgW
PageSetupDlgA
GetFileTitleW
ChooseFontA
GetFileTitleA
CommDlgExtendedError
advapi32
ChangeServiceConfig2W
SetServiceStatus
LsaRemoveAccountRights
RegNotifyChangeKeyValue
CryptEncrypt
GetAclInformation
GetEffectiveRightsFromAclA
GetSidIdentifierAuthority
CryptDestroyKey
InitiateSystemShutdownExW
SetTokenInformation
RevertToSelf
RegConnectRegistryW
StartServiceW
OpenServiceA
LookupAccountSidA
GetSecurityDescriptorControl
InitializeSecurityDescriptor
BuildTrusteeWithSidW
RegEnumKeyExW
DuplicateToken
OpenServiceW
GetKernelObjectSecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
LogonUserW
CloseEncryptedFileRaw
RegOpenKeyExA
CryptGetKeyParam
GetAce
CryptGetHashParam
SetNamedSecurityInfoW
SetEntriesInAclA
OpenSCManagerA
LsaAddAccountRights
LsaLookupNames
LookupPrivilegeDisplayNameA
RegSaveKeyA
RegSetValueExW
RegEnumKeyW
GetUserNameA
CryptCreateHash
ChangeServiceConfigW
AddAce
CopySid
RegEnumKeyA
RegSetValueA
RegSaveKeyW
ReadEncryptedFileRaw
RegQueryInfoKeyA
RegisterEventSourceW
RegFlushKey
RegisterServiceCtrlHandlerA
MakeSelfRelativeSD
RegSetValueW
GetExplicitEntriesFromAclW
CryptDestroyHash
RegCreateKeyW
LsaNtStatusToWinError
RegQueryValueW
EnumServicesStatusA
EnumDependentServicesW
BuildExplicitAccessWithNameW
LookupAccountNameW
ImpersonateNamedPipeClient
StartServiceCtrlDispatcherW
CryptExportKey
WriteEncryptedFileRaw
RegGetKeySecurity
DuplicateTokenEx
LookupAccountSidW
GetSecurityDescriptorLength
SetSecurityDescriptorSacl
ConvertStringSidToSidW
RegisterEventSourceA
LockServiceDatabase
BuildTrusteeWithNameW
RegQueryValueExW
SetSecurityDescriptorControl
LsaFreeMemory
RegOpenKeyW
SetFileSecurityW
OpenProcessToken
ChangeServiceConfigA
LsaLookupSids
RegEnumValueA
SetSecurityDescriptorDacl
RegQueryInfoKeyW
QueryServiceConfigA
InitializeSid
CryptGenKey
RegLoadKeyA
GetNamedSecurityInfoA
CryptDecrypt
RegLoadKeyW
GetSecurityDescriptorGroup
CryptHashData
QueryServiceConfigW
RegSetValueExA
GetSidLengthRequired
RegRestoreKeyA
SetNamedSecurityInfoA
RegConnectRegistryA
SetServiceObjectSecurity
LookupPrivilegeNameA
CreateProcessAsUserA
CheckTokenMembership
QueryServiceStatusEx
OpenEncryptedFileRawW
StartServiceCtrlDispatcherA
StartServiceA
GetNamedSecurityInfoW
QueryServiceStatus
OpenThreadToken
CloseServiceHandle
RegQueryValueExA
RegUnLoadKeyW
MapGenericMask
AddAccessAllowedAce
CryptAcquireContextA
CryptAcquireContextW
GetSidSubAuthorityCount
RegisterServiceCtrlHandlerW
LsaClose
GetSecurityDescriptorDacl
IsValidSid
RegCloseKey
RegOpenKeyA
DeleteService
InitializeAcl
GetTokenInformation
GetFileSecurityW
RegSetKeySecurity
RegQueryValueA
AccessCheck
QueryServiceLockStatusW
ImpersonateLoggedOnUser
ImpersonateSelf
GetFileSecurityA
CryptSetProvParam
CryptGenRandom
CreateServiceA
MakeAbsoluteSD
LookupPrivilegeValueA
OpenSCManagerW
SetThreadToken
GetSecurityDescriptorSacl
IsValidSecurityDescriptor
GetSidSubAuthority
RegDisablePredefinedCache
CryptDeriveKey
AdjustTokenPrivileges
RegDeleteKeyW
DeregisterEventSource
EqualSid
ControlService
LookupAccountNameA
GetLengthSid
CreateWellKnownSid
CreateServiceW
RegisterServiceCtrlHandlerExA
RegOpenCurrentUser
CryptImportKey
RegDeleteKeyA
ReportEventA
RegUnLoadKeyA
CreateProcessAsUserW
RegDeleteValueW
CryptEnumProvidersW
ReportEventW
GetSecurityInfo
LsaOpenPolicy
FreeSid
DeleteAce
EqualPrefixSid
SetSecurityDescriptorGroup
ChangeServiceConfig2A
CryptGetUserKey
RegCreateKeyExA
LogonUserA
SetEntriesInAclW
RegCreateKeyExW
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner
UnlockServiceDatabase
ConvertStringSidToSidA
RegCreateKeyA
GetUserNameW
RegEnumKeyExA
IsValidAcl
SetSecurityInfo
LookupPrivilegeValueW
RegDeleteValueA
RegOpenKeyExW
CryptReleaseContext
InitiateSystemShutdownA
SetFileSecurityA
ConvertSecurityDescriptorToStringSecurityDescriptorW
EncryptFileW
ConvertSidToStringSidW
RegRestoreKeyW
CryptVerifySignatureA
LsaQueryInformationPolicy
RegEnumValueW
AllocateAndInitializeSid
Sections
.text Size: 104KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 296KB - Virtual size: 293KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 100KB - Virtual size: 117KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ