Static task
static1
Behavioral task
behavioral1
Sample
11b51eea49539f20a277dcbecd070807e7e61ee496f6ce04b0670e382899387d.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
11b51eea49539f20a277dcbecd070807e7e61ee496f6ce04b0670e382899387d.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
11b51eea49539f20a277dcbecd070807e7e61ee496f6ce04b0670e382899387d
-
Size
512KB
-
MD5
9b7d2529c2c4e200d66c2ebf1854c81e
-
SHA1
77622fc0caca9b112bf718dd8ea44f698d1a6bf5
-
SHA256
11b51eea49539f20a277dcbecd070807e7e61ee496f6ce04b0670e382899387d
-
SHA512
f5f8bc549ccbf457c3e3eac6d702977b7270e5cedf244593f9d74144a1b22a8b91db254b900f6cd353a0eacb6c98dd70287530aef97ac71f3c7c588eb2713539
-
SSDEEP
12288:ejw27AhC8mrtHxZzx8uM/1lWWPGJ71uWqoSP:Asmr7Zzx8rNlWW+V1Pqoa
Malware Config
Signatures
Files
-
11b51eea49539f20a277dcbecd070807e7e61ee496f6ce04b0670e382899387d.exe windows x86
7618842a38e66109a7cafa12d2c6145b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
winspool.drv
EndPagePrinter
DocumentPropertiesA
EndDocPrinter
DocumentPropertiesW
EnumPrinterDriversA
ClosePrinter
PrinterProperties
DeletePrinterDriverA
FreePrinterNotifyInfo
EnumPrintersW
EnumJobsA
DeviceCapabilitiesW
SetPrinterA
AddPrinterA
GetFormW
AddFormW
FindFirstPrinterChangeNotification
WritePrinter
EnumPortsW
StartPagePrinter
GetPrinterA
GetJobA
StartDocPrinterA
AddPrinterDriverA
GetPrinterDriverDirectoryA
OpenPrinterW
GetPrinterDriverA
SetJobW
SetPrinterW
DeletePrinter
DeleteFormW
GetJobW
OpenPrinterA
ord204
DeviceCapabilitiesA
EnumJobsW
DeletePrintProcessorA
DeletePrintProcessorW
AbortPrinter
EnumPrintersA
EnumPortsA
SetPrinterDataW
GetPrinterW
FindNextPrinterChangeNotification
EnumFormsW
StartDocPrinterW
advapi32
AddAce
LockServiceDatabase
RegOpenKeyW
LsaRemoveAccountRights
DuplicateToken
EncryptFileW
CryptAcquireContextW
CryptReleaseContext
GetSecurityDescriptorGroup
GetTokenInformation
GetEffectiveRightsFromAclA
OpenServiceA
CryptDestroyKey
SetTokenInformation
DuplicateTokenEx
OpenSCManagerW
SetSecurityDescriptorOwner
LogonUserW
CryptVerifySignatureA
EqualPrefixSid
RegUnLoadKeyW
RegDeleteKeyA
GetSidIdentifierAuthority
CheckTokenMembership
EnumDependentServicesW
RegQueryValueExW
CreateServiceW
CryptAcquireContextA
DeregisterEventSource
MakeAbsoluteSD
QueryServiceStatus
SetSecurityDescriptorSacl
RegDeleteKeyW
RegSetValueExA
ChangeServiceConfig2A
CreateProcessAsUserA
CryptGenRandom
CreateProcessAsUserW
GetSecurityDescriptorLength
RegisterServiceCtrlHandlerA
SetNamedSecurityInfoW
GetKernelObjectSecurity
LookupPrivilegeValueA
CryptCreateHash
RegCreateKeyA
GetAce
GetSidSubAuthority
LookupAccountSidA
GetSecurityDescriptorDacl
SetNamedSecurityInfoA
LookupPrivilegeValueW
AddAccessAllowedAce
GetAclInformation
RegDeleteValueA
CryptDestroyHash
RegEnumValueA
AllocateAndInitializeSid
GetNamedSecurityInfoA
ConvertStringSidToSidA
BuildExplicitAccessWithNameW
OpenSCManagerA
RegCloseKey
InitializeSecurityDescriptor
ReportEventA
LsaFreeMemory
MapGenericMask
WriteEncryptedFileRaw
EnumServicesStatusA
RegQueryValueA
LookupAccountSidW
RegLoadKeyA
RegisterServiceCtrlHandlerW
ConvertSecurityDescriptorToStringSecurityDescriptorW
CryptHashData
ControlService
RegCreateKeyW
RegNotifyChangeKeyValue
SetSecurityDescriptorGroup
RevertToSelf
IsValidSid
StartServiceA
CryptImportKey
OpenProcessToken
CryptGetHashParam
ConvertStringSidToSidW
LsaLookupNames
RegConnectRegistryW
AdjustTokenPrivileges
StartServiceW
MakeSelfRelativeSD
RegConnectRegistryA
CryptExportKey
LsaOpenPolicy
ReportEventW
CryptEncrypt
LsaAddAccountRights
InitiateSystemShutdownExW
RegisterEventSourceA
GetExplicitEntriesFromAclW
LsaClose
SetFileSecurityA
InitializeAcl
CryptSetProvParam
CloseEncryptedFileRaw
OpenServiceW
ImpersonateLoggedOnUser
RegQueryInfoKeyW
SetEntriesInAclA
RegEnumValueW
LsaQueryInformationPolicy
AccessCheck
LsaNtStatusToWinError
RegSetValueW
StartServiceCtrlDispatcherW
DeleteAce
UnlockServiceDatabase
RegSetKeySecurity
CryptDecrypt
ChangeServiceConfigA
OpenEncryptedFileRawW
BuildTrusteeWithNameW
RegQueryInfoKeyA
CopySid
ReadEncryptedFileRaw
DeleteService
LookupAccountNameA
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
LookupAccountNameW
ChangeServiceConfigW
IsValidAcl
OpenThreadToken
LookupPrivilegeDisplayNameA
RegEnumKeyW
IsValidSecurityDescriptor
RegOpenKeyA
RegFlushKey
SetSecurityDescriptorControl
StartServiceCtrlDispatcherA
RegEnumKeyExW
GetSidLengthRequired
SetServiceObjectSecurity
RegSaveKeyW
GetSecurityDescriptorOwner
RegisterServiceCtrlHandlerExA
RegCreateKeyExA
RegisterEventSourceW
RegDeleteValueW
SetSecurityDescriptorDacl
GetSecurityInfo
QueryServiceLockStatusW
SetFileSecurityW
QueryServiceStatusEx
GetUserNameA
RegOpenCurrentUser
SetSecurityInfo
CryptGenKey
GetUserNameW
RegUnLoadKeyA
GetFileSecurityW
CryptEnumProvidersW
RegSetValueA
SetEntriesInAclW
ImpersonateNamedPipeClient
RegOpenKeyExW
RegEnumKeyExA
RegOpenKeyExA
BuildTrusteeWithSidW
RegQueryValueExA
CryptGetUserKey
SetServiceStatus
CreateWellKnownSid
InitializeSid
ChangeServiceConfig2W
RegCreateKeyExW
LogonUserA
FreeSid
QueryServiceConfigW
GetSecurityDescriptorSacl
RegDisablePredefinedCache
RegQueryValueW
GetNamedSecurityInfoW
LookupPrivilegeNameA
RegRestoreKeyA
RegRestoreKeyW
RegGetKeySecurity
GetSidSubAuthorityCount
InitiateSystemShutdownA
CreateServiceA
RegSaveKeyA
EqualSid
CryptDeriveKey
CryptGetKeyParam
SetThreadToken
CloseServiceHandle
RegSetValueExW
GetFileSecurityA
QueryServiceConfigA
RegEnumKeyA
RegLoadKeyW
GetLengthSid
GetSecurityDescriptorControl
ImpersonateSelf
LsaLookupSids
comctl32
ImageList_DragMove
ImageList_GetImageInfo
CreatePropertySheetPageA
ImageList_Copy
ImageList_SetOverlayImage
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
DrawStatusTextW
ImageList_DragEnter
MakeDragList
ImageList_Duplicate
ImageList_BeginDrag
ImageList_SetImageCount
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Remove
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_GetDragImage
ImageList_Read
ImageList_Destroy
ImageList_LoadImageA
PropertySheetW
ImageList_SetIconSize
InitCommonControlsEx
ImageList_GetIconSize
ImageList_SetBkColor
FlatSB_ShowScrollBar
ord17
ImageList_DragLeave
ImageList_GetBkColor
ImageList_ReplaceIcon
DestroyPropertySheetPage
InitializeFlatSB
ImageList_SetFlags
ImageList_LoadImage
CreateUpDownControl
ImageList_DrawIndirect
PropertySheetA
ImageList_Add
ImageList_Replace
ImageList_Create
ImageList_Merge
ImageList_AddIcon
CreatePropertySheetPageW
ImageList_Write
FlatSB_EnableScrollBar
CreateStatusWindowW
_TrackMouseEvent
ImageList_LoadImageW
CreateToolbarEx
user32
DdeInitializeW
SetWindowPos
CheckMenuItem
DlgDirSelectComboBoxExA
DrawMenuBar
IsWindow
CreateDialogParamW
GetWindowTextW
CallWindowProcA
OpenWindowStationA
DdeUnaccessData
InflateRect
InsertMenuItemW
CallMsgFilterA
DestroyCursor
UnregisterHotKey
SendMessageW
EnumDisplayMonitors
SetWindowContextHelpId
CharNextW
IsDialogMessageW
DestroyIcon
BeginDeferWindowPos
GetWindowTextLengthA
GetUpdateRect
GetDCEx
OpenDesktopW
GetDC
IsWindowVisible
DefMDIChildProcW
IsChild
CreateAcceleratorTableW
ScreenToClient
TrackPopupMenuEx
SetRectEmpty
GetScrollPos
ToUnicode
MessageBoxIndirectA
GetLastActivePopup
DefWindowProcA
DialogBoxIndirectParamA
MonitorFromRect
FillRect
CharToOemBuffA
LockSetForegroundWindow
SetActiveWindow
SetScrollPos
IsCharLowerA
MapVirtualKeyA
GetDialogBaseUnits
GetTitleBarInfo
FreeDDElParam
CreateAcceleratorTableA
FrameRect
GetKeyboardLayout
SetMenuDefaultItem
GetProcessWindowStation
CloseWindowStation
CopyRect
GetClassInfoW
CreateDesktopW
DrawEdge
GetClipboardViewer
GetCaretPos
GetWindowInfo
GetWindowTextA
GetMenuItemRect
InvertRect
MessageBoxExA
GetTabbedTextExtentA
CharNextExA
RemoveMenu
DragDetect
SetMenuItemInfoA
RegisterHotKey
DlgDirListComboBoxA
CheckDlgButton
GetClassInfoA
PostMessageA
MonitorFromPoint
DrawTextExW
CreateIcon
GetWindowModuleFileNameW
ValidateRect
RegisterClassA
DialogBoxParamA
DlgDirListA
SendMessageA
CopyAcceleratorTableW
CharLowerW
WaitForInputIdle
CreateIconIndirect
GetNextDlgTabItem
CharUpperA
GetUserObjectSecurity
RedrawWindow
GetCursor
CreateCursor
TranslateAcceleratorW
CreateWindowExA
IsWindowUnicode
GetSysColorBrush
UnhookWinEvent
GetClipboardFormatNameW
IsDialogMessage
IntersectRect
GetClipboardOwner
GetForegroundWindow
PostThreadMessageA
DdeAccessData
IsDlgButtonChecked
CreateIconFromResource
SendNotifyMessageA
DdeInitializeA
SendMessageTimeoutW
RegisterDeviceNotificationW
GetWindow
ToAscii
FindWindowExA
ModifyMenuW
GetDoubleClickTime
wvsprintfW
GetClipboardData
GetClassLongW
GetScrollRange
GetTopWindow
LoadMenuIndirectA
VkKeyScanW
GetClassInfoExA
RegisterClassExA
EmptyClipboard
WinHelpA
LoadIconA
IsZoomed
BeginPaint
DdePostAdvise
DdeQueryStringW
SetParent
ToUnicodeEx
SetPropA
SwapMouseButton
BringWindowToTop
GetWindowTextLengthW
IsWindowEnabled
CreateDialogIndirectParamA
DefWindowProcW
GetMonitorInfoW
CallWindowProcW
MonitorFromWindow
ClipCursor
EndPaint
CreateCaret
MessageBoxA
GetQueueStatus
SetDlgItemInt
DestroyWindow
IsCharUpperA
wsprintfW
SetRect
SetMenu
DdeGetData
GetSysColor
ExcludeUpdateRgn
GetClipCursor
MapVirtualKeyExW
DefFrameProcW
GetMenuItemInfoW
OffsetRect
SetWindowLongW
IsCharAlphaNumericA
GetPropA
GetCaretBlinkTime
PeekMessageA
EnumWindows
GetWindowRgn
GetWindowWord
GetKeyboardLayoutNameA
ExitWindowsEx
CloseClipboard
SetMenuItemBitmaps
DrawFrameControl
DispatchMessageA
AppendMenuA
ValidateRgn
DrawStateA
PtInRect
LoadBitmapA
GrayStringA
SetClassLongW
SetForegroundWindow
AnimateWindow
EnumDisplaySettingsA
SetCursorPos
InSendMessage
GetMenuDefaultItem
mouse_event
SetTimer
SetWindowsHookExA
CallNextHookEx
SetMenuInfo
ReplyMessage
LoadImageA
GetMessageW
GetMenuStringW
CascadeWindows
DdeCreateDataHandle
SetMenuItemInfoW
DeferWindowPos
EnumChildWindows
FindWindowExW
DestroyAcceleratorTable
SystemParametersInfoA
VkKeyScanA
IsMenu
GetMessagePos
IsIconic
GetThreadDesktop
CreateMDIWindowW
AttachThreadInput
GetMenuItemCount
DlgDirListComboBoxW
GetKeyboardLayoutList
CreateDialogIndirectParamW
FlashWindowEx
TranslateMessage
PackDDElParam
SetCursor
GetKeyboardState
GetWindowLongW
CreateDialogParamA
GetMenuBarInfo
GetWindowThreadProcessId
CharPrevA
CharLowerA
MapDialogRect
GetWindowContextHelpId
DdeGetLastError
SetCapture
GetCursorPos
ChildWindowFromPoint
GetKeyState
CopyAcceleratorTableA
wsprintfA
LoadMenuA
ChildWindowFromPointEx
PeekMessageW
GetScrollBarInfo
RegisterWindowMessageA
SendMessageTimeoutA
TileChildWindows
SetKeyboardState
GetOpenClipboardWindow
keybd_event
SetWindowLongA
TabbedTextOutW
GetMessageExtraInfo
GetFocus
GetComboBoxInfo
OemToCharBuffA
MsgWaitForMultipleObjects
GetSystemMetrics
GetMenuContextHelpId
DrawFocusRect
RealChildWindowFromPoint
GetPropW
HiliteMenuItem
LoadCursorFromFileA
ReuseDDElParam
GetDlgCtrlID
MapWindowPoints
MenuItemFromPoint
InvalidateRgn
GetClassNameW
WindowFromDC
DdeQueryStringA
LoadMenuIndirectW
GetWindowPlacement
GetInputState
VkKeyScanExA
SetPropW
GetSystemMenu
DefMDIChildProcA
EnumClipboardFormats
GetScrollInfo
WinHelpW
DrawIconEx
CharToOemA
DdeCreateStringHandleW
GetClassInfoExW
AdjustWindowRectEx
SetThreadDesktop
ReleaseDC
IsDialogMessageA
UnregisterClassW
InsertMenuA
TabbedTextOutA
UpdateWindow
SetScrollInfo
OpenDesktopA
GetMenuState
DispatchMessageW
EndDialog
MoveWindow
LoadCursorW
SetMenuContextHelpId
GetClassNameA
CreatePopupMenu
GetLastInputInfo
DrawAnimatedRects
GetKeyNameTextA
UnregisterClassA
DdeFreeDataHandle
NotifyWinEvent
DdeUninitialize
RegisterClipboardFormatA
EnableMenuItem
ChangeClipboardChain
GetParent
SetScrollRange
GetMenu
OpenWindowStationW
IsCharAlphaA
RegisterWindowMessageW
CheckMenuRadioItem
LoadImageW
ReleaseCapture
RemovePropA
DdeConnect
PostMessageW
GetNextDlgGroupItem
IsCharAlphaNumericW
ScrollWindow
GetClassWord
ClientToScreen
ShowOwnedPopups
SetFocus
MapVirtualKeyExA
OpenIcon
EnableScrollBar
SendDlgItemMessageW
EnumThreadWindows
DrawTextA
EnumDesktopWindows
ShowCaret
GetClipboardFormatNameA
CopyIcon
SetClipboardViewer
LoadStringW
DdeNameService
GetActiveWindow
IsCharLowerW
LoadMenuW
SetUserObjectSecurity
OpenClipboard
UnregisterDeviceNotification
GetAsyncKeyState
CharLowerBuffW
ShowWindow
ChangeDisplaySettingsA
GetMessageA
EnableWindow
GetWindowRect
SetCaretPos
UnionRect
GrayStringW
CloseDesktop
GetWindowDC
EqualRect
CreateIconFromResourceEx
ShowCursor
ScrollDC
UnpackDDElParam
LoadStringA
CopyImage
DrawIcon
SetProcessWindowStation
SetDlgItemTextA
ModifyMenuA
LockWindowUpdate
ActivateKeyboardLayout
DdeClientTransaction
SetClassLongA
WaitMessage
CharLowerBuffA
GetCursorInfo
GetDlgItemTextW
MapVirtualKeyW
DialogBoxParamW
LoadKeyboardLayoutA
GetMenuCheckMarkDimensions
LoadAcceleratorsW
LoadAcceleratorsA
SendDlgItemMessageA
CreateMenu
GetDlgItemInt
ArrangeIconicWindows
SetClipboardData
GetMenuInfo
CountClipboardFormats
OpenInputDesktop
GetUpdateRgn
GetCapture
LoadBitmapW
GetSubMenu
MsgWaitForMultipleObjectsEx
GetAncestor
SetWindowPlacement
DestroyCaret
AllowSetForegroundWindow
SystemParametersInfoW
GetClassLongA
FlashWindow
SetDoubleClickTime
GetMenuItemID
UnhookWindowsHookEx
SwitchDesktop
DrawTextW
HideCaret
CharUpperBuffA
SetWindowTextA
DeleteMenu
PostQuitMessage
InsertMenuItemA
ChangeDisplaySettingsW
TrackPopupMenu
DefDlgProcA
CreateWindowExW
SetWindowRgn
OemToCharA
WindowFromPoint
DrawStateW
BroadcastSystemMessage
LookupIconIdFromDirectory
DrawCaption
GetUserObjectInformationA
ScrollWindowEx
FindWindowW
PostThreadMessageW
TranslateAcceleratorA
LookupIconIdFromDirectoryEx
EnumDisplaySettingsW
GetUserObjectInformationW
GetDlgItemTextA
CharNextA
RegisterClassW
DdeDisconnect
InvalidateRect
GetDesktopWindow
CreateMDIWindowA
GetMenuStringA
wvsprintfA
IsRectEmpty
GetMenuItemInfoA
ShowScrollBar
SetDlgItemTextW
TrackMouseEvent
DrawTextExA
GetClientRect
MessageBoxW
AdjustWindowRect
LoadCursorA
MessageBeep
DestroyMenu
RegisterClassExW
SendNotifyMessageW
CloseWindow
TileWindows
CharUpperW
DialogBoxIndirectParamW
SendInput
SetMessageExtraInfo
AppendMenuW
DefFrameProcA
DdeCreateStringHandleA
TranslateMDISysAccel
SetWindowsHookExW
GetGUIThreadInfo
KillTimer
RegisterClipboardFormatW
RemovePropW
InsertMenuW
SetLayeredWindowAttributes
LoadCursorFromFileW
IsClipboardFormatAvailable
LoadIconW
CheckRadioButton
ShowWindowAsync
EndDeferWindowPos
CharUpperBuffW
GetDlgItem
ToAsciiEx
DlgDirSelectExA
FindWindowA
GetMonitorInfoA
SubtractRect
DdeFreeStringHandle
GetWindowLongA
GetKeyNameTextW
SetCaretBlinkTime
SetWindowTextW
wsock32
WSACleanup
kernel32
WritePrivateProfileStructA
LCMapStringA
GetVolumeInformationA
CreatePipe
GetCommProperties
GetFileAttributesExW
CreateMailslotA
GetFullPathNameA
ExpandEnvironmentStringsA
SystemTimeToFileTime
Sleep
ReleaseSemaphore
GetLogicalDriveStringsA
SetUnhandledExceptionFilter
LockFile
GetPrivateProfileStructA
Process32NextW
SwitchToThread
EnumUILanguagesW
lstrcpyW
WriteProfileStringA
Module32First
WaitForMultipleObjectsEx
SetConsoleTitleW
ConvertDefaultLocale
CreateFileMappingW
GetFileTime
OpenEventA
VirtualFreeEx
SetConsoleMode
WriteProfileStringW
GetCurrentDirectoryA
GetThreadPriority
CreateEventW
GetCPInfo
SetHandleCount
_lcreat
SetCommBreak
GetFileAttributesA
SetCommTimeouts
ClearCommBreak
EnumResourceTypesA
GetSystemDirectoryW
SetProcessPriorityBoost
FlushInstructionCache
VirtualQuery
WaitNamedPipeW
FindFirstFileA
OutputDebugStringA
VirtualProtect
_llseek
GetDiskFreeSpaceExW
GetCommConfig
LocalFree
GetLongPathNameW
GetThreadLocale
EnterCriticalSection
SetWaitableTimer
GetSystemTime
lstrcmpiW
Heap32First
GetDiskFreeSpaceA
ResetEvent
LoadResource
LoadLibraryExW
BackupRead
UnlockFileEx
LocalReAlloc
Process32Next
IsDBCSLeadByte
GetWindowsDirectoryW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
HeapCompact
DosDateTimeToFileTime
GetMailslotInfo
OpenFile
FatalAppExitA
GetStringTypeA
Process32First
SetHandleInformation
CompareFileTime
GetFileSizeEx
TryEnterCriticalSection
Module32Next
GetLogicalDriveStringsW
FindFirstFileW
FreeConsole
BackupSeek
QueryDosDeviceA
GetShortPathNameA
lstrcpynW
HeapDestroy
GetAtomNameA
GetStartupInfoA
_lopen
GetModuleFileNameA
LockFileEx
GetProcessHeap
SearchPathW
SetProcessAffinityMask
GetThreadContext
LocalUnlock
GetOEMCP
GetModuleHandleA
GetCurrentThreadId
MoveFileW
GlobalFree
ClearCommError
SetFileAttributesW
FreeEnvironmentStringsA
InterlockedDecrement
SleepEx
GetFullPathNameW
FindResourceExA
CreateFiber
WritePrivateProfileStringW
GlobalGetAtomNameW
DeleteVolumeMountPointA
GetTempFileNameW
GetTimeFormatA
GetVersionExW
GlobalSize
lstrcatW
GetPrivateProfileSectionA
Thread32Next
FindFirstChangeNotificationW
CopyFileExW
GetVolumePathNameW
QueryPerformanceFrequency
GetEnvironmentStringsW
DisableThreadLibraryCalls
SetupComm
GetThreadTimes
GetCompressedFileSizeW
GlobalUnlock
RtlFillMemory
SetEvent
GetVersion
QueryDosDeviceW
SetFilePointerEx
SetLastError
GetFileType
IsDebuggerPresent
LocalAlloc
QueueUserAPC
GetCommMask
FindNextFileW
WriteConsoleA
DeleteVolumeMountPointW
LoadLibraryA
GetModuleFileNameW
GetDiskFreeSpaceW
EnumCalendarInfoA
CompareStringA
GlobalFlags
CreateWaitableTimerW
_hread
GetPrivateProfileIntA
DeviceIoControl
CreateProcessW
TlsAlloc
SearchPathA
OpenSemaphoreW
CreateDirectoryW
CancelIo
CopyFileW
GetTimeZoneInformation
SetCommState
FindVolumeClose
CreateIoCompletionPort
WritePrivateProfileStructW
OutputDebugStringW
EnumCalendarInfoW
EndUpdateResourceA
GetSystemWindowsDirectoryA
SetThreadContext
CreateToolhelp32Snapshot
GetWindowsDirectoryA
Beep
SetVolumeLabelA
ResumeThread
CloseHandle
LocalSize
EnumResourceLanguagesW
WriteConsoleW
CreateFileMappingA
AllocConsole
GetConsoleMode
ExpandEnvironmentStringsW
SetVolumeLabelW
OpenProcess
IsBadStringPtrA
CreateDirectoryExA
CopyFileA
GetNumberFormatW
Heap32ListNext
GetSystemTimeAsFileTime
DebugBreak
GetPrivateProfileIntW
EnumCalendarInfoExW
WriteFile
HeapFree
SetConsoleCursorPosition
GetComputerNameExA
SetComputerNameW
GetLocaleInfoA
RemoveDirectoryW
ConnectNamedPipe
GetConsoleCP
WaitCommEvent
PurgeComm
SetSystemTime
SwitchToFiber
GlobalMemoryStatusEx
_lclose
Heap32ListFirst
GetProfileStringA
GetEnvironmentVariableW
OpenEventW
CreateFileW
SetVolumeMountPointA
LocalHandle
GlobalGetAtomNameA
CreateFileA
GetHandleInformation
InterlockedExchange
FindNextChangeNotification
MoveFileA
EnumResourceNamesA
GetTickCount
WritePrivateProfileSectionA
GetVolumeNameForVolumeMountPointW
FindResourceW
GetProcessWorkingSetSize
IsBadCodePtr
SetFileTime
OpenMutexW
WaitNamedPipeA
FindNextVolumeW
GetPrivateProfileStringW
IsValidLocale
VerSetConditionMask
VirtualAlloc
DefineDosDeviceA
GetSystemInfo
VirtualLock
lstrcpyA
SetTimeZoneInformation
lstrcmpW
GlobalAlloc
GlobalLock
IsDBCSLeadByteEx
GetCPInfoExA
InterlockedExchangeAdd
DeleteCriticalSection
GetACP
GetLogicalDrives
PostQueuedCompletionStatus
GetTempPathW
GetStringTypeW
GlobalHandle
Heap32Next
GlobalFindAtomW
GetProcessVersion
SuspendThread
GetDateFormatA
GetOverlappedResult
GetTimeFormatW
FindFirstFileExW
FreeLibrary
CreateSemaphoreW
GlobalAddAtomA
GetTapeParameters
UnlockFile
lstrlenW
SetErrorMode
FindAtomW
FreeEnvironmentStringsW
CreateMutexA
VerLanguageNameA
LCMapStringW
GetStdHandle
LocalLock
VirtualAllocEx
SetCommMask
VerifyVersionInfoW
InterlockedIncrement
EndUpdateResourceW
FindNextFileA
SetLocalTime
CommConfigDialogW
GetUserDefaultLCID
GetLocalTime
GetEnvironmentVariableA
GetFileAttributesW
GlobalDeleteAtom
GetProcessHeaps
ContinueDebugEvent
GetUserDefaultUILanguage
GetSystemDefaultLangID
OpenFileMappingW
LoadLibraryExA
GetCommTimeouts
ReadDirectoryChangesW
GetProcAddress
QueueUserWorkItem
EnumSystemLocalesA
ProcessIdToSessionId
WaitForMultipleObjects
EnumLanguageGroupLocalesW
GetDiskFreeSpaceExA
CreateNamedPipeA
lstrcatA
GetProfileSectionA
VirtualQueryEx
FileTimeToLocalFileTime
EscapeCommFunction
LocalCompact
Toolhelp32ReadProcessMemory
FindResourceExW
WaitForSingleObjectEx
HeapCreate
ExitThread
GetVolumeNameForVolumeMountPointA
lstrcpynA
Module32NextW
SetThreadPriority
WriteConsoleOutputW
SetCurrentDirectoryW
FlushViewOfFile
DuplicateHandle
AreFileApisANSI
GetPriorityClass
AddAtomW
SetFileAttributesA
GetStartupInfoW
GetCurrentThread
GetFileSize
SetTapePosition
GetVersionExA
CreateWaitableTimerA
SetProcessWorkingSetSize
DeleteFileW
GetCommModemStatus
MoveFileExW
GetLastError
GetComputerNameW
RaiseException
GetCommState
TerminateThread
MoveFileExA
VirtualFree
SystemTimeToTzSpecificLocalTime
SetEnvironmentVariableW
GetQueuedCompletionStatus
GetCurrentProcessId
SetThreadAffinityMask
GetExitCodeThread
CreateNamedPipeW
UnmapViewOfFile
FlushConsoleInputBuffer
GetLocaleInfoW
FileTimeToSystemTime
SetCommConfig
FindFirstVolumeW
LoadLibraryW
DeleteAtom
OpenThread
BuildCommDCBA
_lread
ReadProcessMemory
TlsSetValue
GetEnvironmentStrings
GetCommandLineA
OpenMutexA
ExitProcess
TlsFree
Process32FirstW
IsBadStringPtrW
SetPriorityClass
IsBadReadPtr
VirtualUnlock
GetExitCodeProcess
_hwrite
SetMailslotInfo
CreateThread
GetDriveTypeA
UnhandledExceptionFilter
GetCurrentProcess
GetBinaryTypeA
ConvertThreadToFiber
ReleaseMutex
MultiByteToWideChar
GetConsoleOutputCP
SetConsoleCtrlHandler
GetDateFormatW
GetFileAttributesExA
InterlockedCompareExchange
PeekNamedPipe
GetSystemPowerStatus
GlobalFindAtomA
CreateMutexW
lstrcmpA
GlobalAddAtomW
PulseEvent
CompareStringW
WritePrivateProfileStringA
WinExec
DeleteFiber
IsProcessorFeaturePresent
WideCharToMultiByte
_lwrite
DisconnectNamedPipe
SetEndOfFile
DeleteFileA
GetComputerNameA
FileTimeToDosDateTime
UpdateResourceA
SetNamedPipeHandleState
GetSystemTimeAdjustment
GetSystemDirectoryA
GetFileInformationByHandle
FormatMessageA
GetStringTypeExA
GetProfileIntW
EnumResourceNamesW
SizeofResource
Module32FirstW
UpdateResourceW
QueryPerformanceCounter
GetNumberFormatA
Thread32First
lstrlenA
GetProcessAffinityMask
IsBadWritePtr
GetDriveTypeW
GetVolumeInformationW
GetCurrentDirectoryW
FlushFileBuffers
InitializeCriticalSection
RtlUnwind
GetVolumePathNameA
GetLongPathNameA
SetFilePointer
GetConsoleScreenBufferInfo
WaitForDebugEvent
HeapValidate
RemoveDirectoryA
OpenFileMappingA
LockResource
WriteProcessMemory
VerifyVersionInfoA
GetShortPathNameW
GetPrivateProfileStringA
FreeResource
FindFirstChangeNotificationA
HeapAlloc
FormatMessageW
lstrcmpiA
GlobalMemoryStatus
MulDiv
SetProcessShutdownParameters
GetPrivateProfileSectionNamesA
BeginUpdateResourceA
LeaveCriticalSection
ReadConsoleInputA
FindCloseChangeNotification
HeapReAlloc
CreateSemaphoreA
BackupWrite
CreateDirectoryA
SetThreadExecutionState
TlsGetValue
FindResourceA
GetTempFileNameA
FindClose
GetCurrencyFormatA
GetProfileIntA
GetStringTypeExW
GetUserDefaultLangID
BeginUpdateResourceW
GetComputerNameExW
EnumSystemLanguageGroupsW
CreateEventA
GetProcessTimes
VirtualProtectEx
TerminateProcess
GetCommandLineW
WriteFileEx
GetTempPathA
SetEnvironmentVariableA
CreateProcessA
OpenSemaphoreA
DebugActiveProcess
TransmitCommChar
CopyFileExA
MapViewOfFileEx
WritePrivateProfileSectionW
GetModuleHandleW
shell32
SHGetDataFromIDListA
DragQueryFileA
SHGetFolderPathA
SHFreeNameMappings
SHEmptyRecycleBinA
DragFinish
SHCreateDirectoryExW
SHCreateDirectoryExA
DragQueryPoint
SHGetMalloc
FindExecutableA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
DoEnvironmentSubstW
SHBrowseForFolderW
ShellExecuteW
Shell_NotifyIconA
SHGetFileInfoW
SHGetSpecialFolderLocation
SHFileOperationA
SHBindToParent
SHGetFolderPathW
SHFileOperationW
Shell_NotifyIconW
ShellExecuteA
ExtractIconExW
SHGetPathFromIDListW
ExtractIconExA
ExtractIconW
SHGetFolderLocation
SHGetDesktopFolder
CommandLineToArgvW
ord155
SHGetSpecialFolderPathW
SHGetInstanceExplorer
SHGetFileInfoA
SHGetDataFromIDListW
DragQueryFileW
ShellExecuteExW
SHAppBarMessage
FindExecutableW
SHChangeNotify
DuplicateIcon
ShellExecuteExA
ExtractIconA
DragAcceptFiles
SHAddToRecentDocs
Sections
.text Size: 216KB - Virtual size: 215KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 160KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 119KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ