Static task
static1
Behavioral task
behavioral1
Sample
a2cf16c8ff2e8162c5b6c6f81bc9e441_icedid_vidar_JC.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
a2cf16c8ff2e8162c5b6c6f81bc9e441_icedid_vidar_JC.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
a2cf16c8ff2e8162c5b6c6f81bc9e441_icedid_vidar_JC.exe
-
Size
10.5MB
-
MD5
a2cf16c8ff2e8162c5b6c6f81bc9e441
-
SHA1
e2de45461b1253337b034ad28236fa7332a6e9ab
-
SHA256
d40d39702ee4037e0563cace31fd1bb33d808929fae89b098a495a12aba30423
-
SHA512
1887d17ba985236aaedd0bb645a9e4d3d8c3dce7a1f2c088a53402e22ac28af9c3277fd9685eb44777eaf5e9423bdb55db5331e241a524033ff2cb92fbb011fc
-
SSDEEP
196608:NxqNSjOirg9BvnhcgSzjMSVRjpThlPaaj/0/zvTOE8DkFLOyomFHKnP:DqAgcjBFPaaj2vTOEGkF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a2cf16c8ff2e8162c5b6c6f81bc9e441_icedid_vidar_JC.exe
Files
-
a2cf16c8ff2e8162c5b6c6f81bc9e441_icedid_vidar_JC.exe.exe windows x86
7aad7be3f9717a9f01d2bc3d2e64b72b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
language
?L3_CHOICE_SMENA_EXIT@@3QBDB
?L3_CHOICE_SMENA_BUT_CREATE@@3QBDB
?L3_CHOICE_SMENA_STATUS_PRESSCREATE@@3QBDB
?L3_CHOICE_SMENA_STATUS_ENTERNAME@@3QBDB
?T_IF_CHANGE_SEAT_TO_ANOTHER_COMPUTER_MOVEMINUTES@@3QBDB
?WOL_SWITCH_ON@@3QBDB
?PERSONS_DB_IF_BUTTON@@3QBDB
?T_FINE@@3QBDB
?DU_POGASHENIE_DOLGA@@3QBDB
?T_IB5@@3QBDB
?T_IB4@@3QBDB
?T_IB3@@3QBDB
?T_IB1@@3QBDB
?T_WORKWITH@@3QBDB
?GS_FREE_WORK_BY_REASON@@3QBDB
?STR_GROUPS_DELETE_WARNING@@3QBDB
?STR_GROUPS_EDIT_NAME@@3QBDB
?STR_GROUPS_ADD_NAME@@3QBDB
?STR_CDB_GROUPS_DISCOUNT_INTERNET@@3QBDB
?STR_CDB_GROUPS_DISCOUNT_GAMES@@3QBDB
?STR_CDB_GROUPS_SETTINGS@@3QBDB
?STR_CDB_GROUPS_TITLE@@3QBDB
?STR_CDB_GROUPS_BUTTON_DELETE@@3QBDB
?STR_CDB_GROUPS_BUTTON_EDIT@@3QBDB
?STR_CDB_GROUPS_BUTTON_ADD@@3QBDB
?TITLE_TIMER_FREE@@3QBDB
?PRICHINA_1@@3QBDB
?PRICHINA_DEF@@3QBDB
?TITLE_FREEPRICHINA@@3QBDB
?T_FINE_DLG_MIN_PO_PRICHINE@@3QBDB
?T_FINE_DLG_TITLE@@3QBDB
?SECNOTE_SERVICE_PRICES_CHANGED@@3QBDB
?DU_ZERO_KOLVO@@3QBDB
?DU_K_OPLATE@@3QBDB
?DU_KOLICHESTVO@@3QBDB
?DU_BLANK_VIBERITE_USLUGU@@3QBDB
?DU_REDAKTOR_USLUG@@3QBDB
?DU_OPLATIT@@3QBDB
?DU_DOPOLNITELNIE_USLUGI@@3QBDB
?T4COMPUTER@@3QBDB
?COMPUTER_RELEASE_LIST_RELEASE_AT@@3QBDB
?COMPUTER_RELEASE_LIST_COMPUTER@@3QBDB
?T_PECHAT@@3QBDB
?LOG3_COMBO_COMPUTER_N@@3QBDB
?CLVINFO_OFFLINE_851@@3QBDB
?CLVUPD_UPDATE_START@@3QBDB
?CLVUPD_SEND_FILE_ERROR@@3QBDB
?CLVUPD_SEND_FILE@@3QBDB
?CLVUPD_ERROR_SSA_OF_WRONG_VER@@3QBDB
?CLVUPD_ERROR_SSA_ERROR@@3QBDB
?CLVINFO_ERRFILE_WRONG_MD5@@3QBDB
?CLVINFO_ERRFILE_CANT_CALCULATE@@3QBDB
?CLVINFO_SSA_FILE_WRONG_VERSION@@3QBDB
?CLVINFO_SSA_FILE_ERROR@@3QBDB
?CLVINFO_VERSION@@3QBDB
?CLVINFO_UPDATE@@3QBDB
?CLVINFO_CHECK@@3QBDB
?T_DEFAULT@@3QBDB
?CTRL_CLIENT_SOUND_UNMUTE_ON_TIME_OPEN@@3QBDB
?CTRL_CLIENT_SOUND_MUTE_ON_RESET@@3QBDB
?CTRL_CLIENT_SOUND_SET_ON_TIME_OPEN@@3QBDB
?CTRL_CLIENT_SOUND_STD_SOUND_SETTINGS@@3QBDB
?CTRL_CLIENT_SOUND_UPR_TITLE@@3QBDB
?INFOPORT_T_ERROR_CONNECT@@3QBDB
?CTRL_CLIENT_SOUND_GET_ERROR@@3QBDB
?CTRL_CLIENT_SOUND_VOLUME_SET_DEFAULT@@3QBDB
?CTRL_CLIENT_SOUND_VOLUME_SET@@3QBDB
?CTRL_CLIENT_SOUND_VOLUME_OFF@@3QBDB
?CTRL_CLIENT_SOUND_VOLUME_WAVE@@3QBDB
?CTRL_CLIENT_SOUND_VOLUME_MASTER@@3QBDB
?TITLE_CLIENT_SOUND_VOLUME@@3QBDB
?HWM_CONF_CHANGED@@3QBDB
?HWM_BUT_SHOW@@3QBDB
?HWM_NOW@@3QBDB
?HWM_WAS@@3QBDB
?HWM_WARN_DIFF@@3QBDB
?HWM_IDENTICAL_TO_ETALON@@3QBDB
?HWM_ERR_LOAD@@3QBDB
?HWM_HW_RECV_OK@@3QBDB
?HWM_BUT_SAVE@@3QBDB
?HWM_BUT_CHECK@@3QBDB
?CLVINFO_COMPUTER@@3QBDB
?REMOTE_USB_CONNECTIONS_LOCKED@@3QBDB
?HW_LB_RAM@@3QBDB
?HW_LB_CPU@@3QBDB
?HW_LB_VIDEO@@3QBDB
?HW_LB_HDD@@3QBDB
?BUT_HARDWARE@@3QBDB
?CLVINFO_CONNECTION_ERROR@@3QBDB
?T_SURE_TRANSFER_TO@@3QBDB
?T_TRANSFER_TO@@3QBDB
?T_SWAP_SEATS@@3QBDB
?T_CHANGE_SEAT_FROM@@3QBDB
?DENIED_REBATE_100@@3QBDB
?NASTRLIMIT@@3QBDB
?T_NANASTROIKU@@3QBDB
?T_BMINUT@@3QBDB
?T_CHAN_ER5@@3QBDB
?T_ANULATE@@3QBDB
?CHANGE_ALT_NAME@@3QBDB
?ASMT_MM@@3QBDB
?ASMT_HH@@3QBDB
?DF_AUTOSMENATARIFA@@3QBDB
?ST_AP_ASK_SURE_DELETE_RECORD@@3QBDB
?ST_AP_EDIT@@3QBDB
?ST_AP_AUTOSKIDKA@@3QBDB
?ST_AP_PACKETS@@3QBDB
?TITLE_AUTOSKIDKA_PACKETS@@3QBDB
?DU_RU_REMOVE@@3QBDB
?DU_RU_ADD@@3QBDB
?ASK_ST_PRO@@3QBDB
?ASK_ST_MIN@@3QBDB
?DF_AUTOSKIDKA@@3QBDB
?AUTOMATION_DONTSHOW_PAYMENT_DETAILS_WINDOW_ON_TIMER_STOP@@3QBDB
?AUTOMATION_MINIMIZE_TO_SYSTEM_TRAY@@3QBDB
?AUTOMATION_DONT_SEND_MIN_FOR_NAPOMINANIE@@3QBDB
?AUTOMATION_SHOW_PAY_SUM_FOR_ADMIN@@3QBDB
?AUTOMATION_ASK_SHUTDOWN_ON_RESET@@3QBDB
?T_SWITCH_OFF_SOUND_SIGNALS@@3QBDB
?AUTOMATION_DONTSHOW_CLOSESESSION_DIALOG_ON_EXIT@@3QBDB
?WARN_ON_LINK_DISCONNECT@@3QBDB
?KANP_AFTERRESET@@3QBDB
?RESTART_ON_RESET@@3QBDB
?SZP_VESTI_PROTOKOL@@3QBDB
?AU_CH5@@3QBDB
?AU_CH4@@3QBDB
?AU_CH2@@3QBDB
?AU_CH1@@3QBDB
?DF_AUTOMATION@@3QBDB
?T_CLOSE@@3QBDB
?STR_RESTART_FREE_ONLY@@3QBDB
?STR_RESTART_ALL@@3QBDB
?PERSONS_DB_TITLE@@3QBDB
?CLVINFO_TITLE@@3QBDB
?SPISOK_ZAP_PROCESSOV@@3QBDB
?DF_SHUTDOWN_ALL@@3QBDB
?DF_RESTART_ALL@@3QBDB
?DF_B_SPISOK@@3QBDB
?TITLE_FUNC_DOP@@3QBDB
?ST_AP_ERR_PRICE_ZERO@@3QBDB
?ST_AP_ERR_SKIDKA_ZERO@@3QBDB
?ST_AP_ERR_MIN_ZERO@@3QBDB
?ST_AP_ERR_HOUR_FROM_GREATER_TO@@3QBDB
?ST_AP_HOUR_TO@@3QBDB
?ST_AP_HOUR_FROM@@3QBDB
?ST_AP_USE_HOUR_INTERVAL@@3QBDB
?ST_AP_PRICE@@3QBDB
?ST_AP_SKIDKA@@3QBDB
?ST_MIN_E@@3QBDB
?ST_MIN_GE@@3QBDB
?ST_AP_INET@@3QBDB
?ST_AP_GAMES@@3QBDB
?ST_AP_AUTOSKIDKU@@3QBDB
?ST_AP_PACKET@@3QBDB
?PERSONS_DB_EDIT@@3QBDB
?PERSONS_DB_ADD@@3QBDB
?AP_EMAILA_LEFT2@@3QBDB
?AP_HOMEPA_LEFT2@@3QBDB
?AP_CONPHO_RIGHT3@@3QBDB
?AP_CONPHO_RIGHT2@@3QBDB
?AP_CONPHO_RIGHT1@@3QBDB
?AP_CONPHO_LEFT@@3QBDB
?AP_INFOPR_LEFT@@3QBDB
?AP_NOVVER_LEFT@@3QBDB
?AP_SERNUM_LEFT@@3QBDB
?LOG3_GRUB_TIMERANULATE_NA_FREE@@3QBDB
?LOG3_GRUB_CHANGESTIMER_NA_FREE@@3QBDB
?LOG3_GRUB_TIMERSTOP_NA_FREE@@3QBDB
?LOG3_GRUB_CHANGESMADE_NA_FREE@@3QBDB
?LOG3_GRUB_ANULATE_NA_FREE@@3QBDB
?LOG3_GRUB_VOZVRATOSTATKA_S_FREE@@3QBDB
?LOG3_GRUB_PERESADKA_S_FREE@@3QBDB
?LOG3_GRUB_RESET_NA_FREE@@3QBDB
?LOG3_GRUB_TIMERANULATE_NA_ZANYATOM@@3QBDB
?LOG3_GRUB_TIMERCHANGE_NA_ZANYATOM@@3QBDB
?LOG3_GRUB_TIMERSTOP_NA_ZANYATOM@@3QBDB
?LOG3_GRUB_TIMERMODE_NA_ZANYATOM@@3QBDB
?LOG3_GRUB_ERROR_PERESADKA_NA_ZANYATIY@@3QBDB
?LOG3_REPORT_SECU_ERROR_GRUB@@3QBDB
?LOG3_REPORT_SECU_ERROR_TIMEBACK_HIDDEN@@3QBDB
?LOG3_REPORT_SECU_ERROR_TIMEBACK@@3QBDB
?LOG3_REPORT_SECU_ERROR_5MIN@@3QBDB
?LOG3_REPORT_SECU_Z_DESCR@@3QBDB
?LOG3_REPORT_SECU_Z_PARAM@@3QBDB
?LOG3_REPORT_MAIN_L_PUSTO@@3QBDB
?LOG3_REPORT_MAIN_Z2_NIGHT@@3QBDB
?LOG3_REPORT_MAIN_Z2_MONEY@@3QBDB
?LOG3_REPORT_MAIN_Z2_TIME@@3QBDB
?LOG3_REPORT_MAIN_Z2_PUSTO@@3QBDB
?LOG3_REPORT_MAIN_Z_FREE@@3QBDB
?LOG3_REPORT_MAIN_Z_NOCONN@@3QBDB
?LOG3_REPORT_MAIN_Z_TOTAL@@3QBDB
?LOG3_REPORT_MAIN_Z_INET_NIGHT@@3QBDB
?LOG3_REPORT_MAIN_Z_INET_MONEY@@3QBDB
?LOG3_REPORT_MAIN_Z_INET_TIME@@3QBDB
?LOG3_REPORT_MAIN_Z_GAME_NIGHT@@3QBDB
?LOG3_REPORT_MAIN_Z_GAME_MONEY@@3QBDB
?LOG3_REPORT_MAIN_Z_GAME_TIME@@3QBDB
?LOG3_REPORT_MAIN_Z_N@@3QBDB
?LOG3_REPORT_STAT_T_ZAPIS_ISPORCHENA@@3QBDB
?LOG3_REPORT_STAT_Z_DESCRIPTION@@3QBDB
?LOG3_REPORT_STAT_Z_DATETIME@@3QBDB
?LOG3_REPORT_STAT_Z_ID@@3QBDB
?LOG3_COMBO_COMPUTER_ALL@@3QBDB
?LOG3_COMBO_TIMEMODE_SELTIME@@3QBDB
?LOG3_COMBO_TIMEMODE_ALLTIME@@3QBDB
?LOG3_COMBO_TIMEMODE_ZA_DEN@@3QBDB
?LOG3_COMBO_TIMEMODE_VIBSMENA@@3QBDB
?LOG3_COMBO_TIMEMODE_TEKSMENA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_LOGOFF_ONE@@3QBDB
?VERNULI_N_MIN@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TAKE_CASH@@3QBDB
?LOG3_OPERATION_DESCRIPTION_MOVEMINUTES_TO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_MOVEMINUTES_FROM@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PAUSE_RESET@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PAUSE_SET@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_OBICHNO_BALANCE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERSTOP_OBICHNO_BALANCE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERSTART_OBICHNO_BALANCE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_USLUGA_0_COMPUTER@@3QBDB
?PRNCTRL_FORMAT_UNKNOWN@@3QBDB
?PRNCTRL_COLOR@@3QBDB
?PRNCTRL_BW@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PRNCTRL_PRINT@@3QBDB
?LOG3_OPERATION_DESCRIPTION_SECURITY_NOTE_ALL@@3QBDB
?LOG3_OPERATION_DESCRIPTION_SECURITY_NOTE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TRAFCTRL_PAY@@3QBDB
?DESCR_SECURITY_PROBLEM_ID_QUERY_ERROR_MAYBE_USER_ABSENT@@3QBDB
?DESCR_PDB_DELETE_USER@@3QBDB
?DESCR_PDB_CHANGE_INFO@@3QBDB
?DESCR_PDB_ADD_USER@@3QBDB
?DESCR_SECURITY_PROBLEM_PDB_CORRUPTED_RECORD@@3QBDB
?DESCR_SECURITY_PROBLEM_PDB_LENGTH_CHANGED@@3QBDB
?PERSONS_DB_LOG3_PERSON_ID@@3QBDB
?LOG3_OPERATION_DESCRIPTION_SESSION_CLOSED@@3QBDB
?LOG3_OPERATION_DESCRIPTION_SESSION_CREATED@@3QBDB
?LOG3_OPERATION_DESCRIPTION_FINE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PERESADKA_TRANSFER_TO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PERESADKA_SWAP_SEATS@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PERESADKA_S_TO_FREE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_VOZVRATOSTATKA_TRANSFER_TO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_NIGHT_HALFNIGHT@@3QBDB
?LOG3_OPERATION_DESCRIPTION_IPF_INFO_NOTUSING@@3QBDB
?LOG3_OPERATION_DESCRIPTION_IPF_INFO_USING@@3QBDB
?LOG3_OPERATION_DESCRIPTION_USLUGA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_MESS@@3QBDB
?LOG3_OPERATION_DESCRIPTION_KAP@@3QBDB
?LOG3_OPERATION_DESCRIPTION_SHUTDOWN_ONE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_RESTART_ONE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_COMPUTERZAL_EXIT@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERANULATE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_CHANGESMADE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_ANULATE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PRICHINA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_VOZVRATOSTATKA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERSTOP_OBICHNO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERSTOP_FREE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PERESADKA_NA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_ZAMETKA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_RESET@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_TARIF@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERSTART_OBICHNO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_OBICHNO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_NACHALO_OP@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_SO_SKIDKOY@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMERSTART_FREE_PO_PRICHINE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_PLUS_FREE_PO_PRICHINE@@3QBDB
?LOG3_OPERATION_DESCRIPTION_CON_NO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_CON_YES@@3QBDB
?LOG3_OPERATION_DESCRIPTION_LTO@@3QBDB
?LOG3_OPERATION_DESCRIPTION_TIMEBACK@@3QBDB
?LOG3_OPERATION_DESCRIPTION_5MIN_METKA@@3QBDB
?LOG3_OPERATION_DESCRIPTION_COMPUTERZAL_RUN@@3QBDB
?LOG3_T_INET@@3QBDB
?LOG3_T_IGRI@@3QBDB
?WORK_MONITOR_SAVE_JPEG@@3QBDB
?WORK_MONITOR_REFRESH_SPEED@@3QBDB
?NAPOMINAT_ZA5@@3QBDB
?WORK_MONITOR_QUALITY@@3QBDB
?WORK_MONITOR_TITLE_OF_COMPUTER@@3QBDB
?V_MINUTAH@@3QBDB
?T_VOZ_F_PRESENT_BALANCE_MIN@@3QBDB
?VOICE_SETTINGS_CLIENT@@3QBDB
?VOICE_SETTINGS_ADMIN@@3QBDB
?VOICE_SETTINGS_ABOUT_TIMEOUT@@3QBDB
?VOICE_SETTINGS_ABOUT_5MIN_LEFT@@3QBDB
?T_USLUGI_CENA@@3QBDB
?T_USLUGI_NAZV@@3QBDB
?TITLE_USLUGI_ADD_EDIT@@3QBDB
?UBP_ICON_SELECTION_CHOOSE_ONE@@3QBDB
?UBP_ICON_SELECTION@@3QBDB
?PROCESS_LIST_SHOW_SYSTEM@@3QBDB
?PROCESS_LIST_COLUMN_PATH@@3QBDB
?PROCESS_LIST_COLUMN_WEIGHT@@3QBDB
?PROCESS_LIST_COLUMN_NAME@@3QBDB
?PROCESS_LIST_COLUMN_ID@@3QBDB
?INFOPORT_T_ERROR_TRANSFER_MODULES@@3QBDB
?PROCESSVIEW_MODULES@@3QBDB
?INFOPORT_T_DESTROY@@3QBDB
?INFOPORT_T_ERROR_TRANSFER@@3QBDB
?INFOPORT_T_REFRESH@@3QBDB
?INFOPORT_T_COMPNSPISOKPROCESSOV@@3QBDB
?SZP_PROCESS@@3QBDB
?SZP_N@@3QBDB
?UBP_TITLE@@3QBDB
?VOICE_SETTINGS_TITLE@@3QBDB
?MAIN_SETTING_TITLE@@3QBDB
?PARAMBEZ_SWITCH_REZHIM_TO_ADMIN@@3QBDB
?PARAMBEZ_SWITCH_REZHIM_TO_BOSS@@3QBDB
?PARAMBEZ_TITLE@@3QBDB
?SPPR_REMINDERLIST@@3QBDB
?SPPR_BLACKLIST@@3QBDB
?SPPR_TITLE@@3QBDB
?DF_OKRUGLENIEOPLATI@@3QBDB
?DF_B_VRNANASTR@@3QBDB
?RRV_FULL_DESCR@@3QBDB
?RRV_TOTAL_SUM@@3QBDB
?RRV_TITLE@@3QBDB
?RCF_BUTTON_NAME_LOGOFF@@3QBDB
?BUT_CLIENT_SOUND_VOLUME@@3QBDB
?WORK_MONITOR_TITLE@@3QBDB
?INFOPORT_T_SPISOKPROCESSOV@@3QBDB
?KILL_ACTIVE_PROCESS@@3QBDB
?SHUTDOWN_COMPUTER@@3QBDB
?RESTART_COMPUTER@@3QBDB
?IB_SETUP_BN_VNIZ@@3QBDB
?IB_SETUP_BN_VVERH@@3QBDB
?PARAMBEZ_MINING_TITLE@@3QBDB
?PARAMBEZ_EMAIL_TITLE@@3QBDB
?PARAMBEZ_HWCTRL_TITLE@@3QBDB
?PARAMBEZ_INTERFACE_TITLE@@3QBDB
?PARAMBEZ_OTHER_TITLE@@3QBDB
?TC_TRAFFIC_CONTROL@@3QBDB
?PARAMBEZ_CDB_TITLE@@3QBDB
?PARAMBEZ_REPORTS_TITLE@@3QBDB
?PARAMBEZ_PASSWORDS_TITLE@@3QBDB
?PARAMBEZ_PRICES_TITLE@@3QBDB
?TC_SHOW_INET_PAYMENT_ALWAYS@@3QBDB
?T_INET_PAYMENT_STRATEGY_INCOMING@@3QBDB
?T_INET_PAYMENT_STRATEGY_SUM_OF_TWO@@3QBDB
?T_INET_PAYMENT_STRATEGY_MAX_OF_TWO@@3QBDB
?STR_TIP_DENY_TRAFCTRL_IN_GAMES_MODE@@3QBDB
?SECSET_TC_DONT_USE_FOR_GAMES@@3QBDB
?TC_DONT_USE_ON_FOLLOWING_PCS@@3QBDB
?RP_TC_DENY_EDIT_TRAFCTRL_SETTINGS@@3QBDB
?RP_TC_USE_TRAFCTRL@@3QBDB
?TREE_REPORT_FOR_ADMIN@@3QBDB
?TREE_REPORT_FOR_BOSS@@3QBDB
?LOG3_STAT_TYPE_SPECIAL_CLIENTS@@3QBDB
?LOG3_PROCUSED_TYPE_POPULARITY_RATING@@3QBDB
?LOG3_PROCUSED_TYPE_ALL@@3QBDB
?LOG3_COMBO_REPORT_TYPE_PROC@@3QBDB
?LOG3_STAT_TYPE_SECURITY_NOTE@@3QBDB
?LOG3_STAT_TYPE_ZAMETKI@@3QBDB
?LOG3_STAT_TYPE_CONNECTIONS@@3QBDB
?LOG3_STAT_TYPE_FREE_TIME@@3QBDB
?LOG3_STAT_TYPE_TECHNICAL@@3QBDB
?LOG3_STAT_TYPE_FINANCE@@3QBDB
?LOG3_STAT_TYPE_FULL@@3QBDB
?LOG3_COMBO_REPORT_TYPE_LIFL@@3QBDB
?RBACKUP_DENY_RESTORE@@3QBDB
?RBACKUP_DENY_SAVE@@3QBDB
?LOG3_COMBO_REPORT_TYPE_USLU@@3QBDB
?RP_POLICY_DENY_CURRENT@@3QBDB
?RP_POLICY_DENY_TRUNCATE@@3QBDB
?RP_POLICY_DENY_ANY@@3QBDB
?RP_ACTIVATE@@3QBDB
?LOG3_COMBO_REPORT_TYPE_PRIC@@3QBDB
?LOG3_COMBO_REPORT_TYPE_IZOP@@3QBDB
?LOG3_COMBO_REPORT_TYPE_5MIN@@3QBDB
?LOG3_COMBO_REPORT_TYPE_GRUB@@3QBDB
?LOG3_COMBO_REPORT_TYPE_SECU@@3QBDB
?LOG3_COMBO_REPORT_TYPE_MAIN@@3QBDB
?LOG3_COMBO_REPORT_TYPE_STAT@@3QBDB
?ZAPRET_DELITSA_S_PAKETA@@3QBDB
?DENY_RETURN_REST_FOR_PACKET@@3QBDB
?PARAMBEZ_DISCOUNT_MODE_PRICE__SPECIAL_APPLIED_TO_TIME_LENGTH@@3QBDB
?PARAMBEZ_DISCOUNT_MODE_PRICE__NORMAL_CHEAPER_HOUR@@3QBDB
?SECSET_DISABLE_EDIT_SERVICES@@3QBDB
?T_MIN_SUM_VOZVRAT@@3QBDB
?T_HALFNIGHT_FINISH_AT_GIVEN_HOUR@@3QBDB
?T_HALFNIGHT_FINISH_AFTER_INTERVAL_HALFNIGHT@@3QBDB
?L3_CHOICE_SMENA_SOZDANA@@3QBDB
?PARAMBEZ_PRICES_DIAPAZON_ERROR@@3QBDB
?WWW_NASTROIKIPROGRAMI@@3QBDB
?PARAMBEZ_PRICES_DENY_SWITCHING_GAMES_INET@@3QBDB
?PARAMBEZ_PRICES_DENY_CHANGE_TIME_USING_DISCOUNT@@3QBDB
?PARAMBEZ_PRICES_FREE_LIMIT@@3QBDB
?PARAMBEZ_PRICES_ANULATE_TIME@@3QBDB
?WWW_TABLE_STATUS@@3QBDB
?PARAMBEZ_PRICES_NO_EDIT_DISCOUNTS@@3QBDB
?PARAMBEZ_PRICES_NO_EDIT_PRICES@@3QBDB
?PARAMBEZ_PASSWORD_REQUIRE_PASSWORD_TO_CLOSE_SESSION@@3QBDB
?PARAMBEZ_PASSWORDS_INTERNETCONTROL@@3QBDB
?PARAMBEZ_PASSWORDS_ENTERPROGRAM@@3QBDB
?RP_PASS_ADMIN@@3QBDB
?RP_PASS_BOSS@@3QBDB
?REMOTE_CONTROL_ACCESS_PASSWORD@@3QBDB
?REMOTE_CONTROL_ALLOW@@3QBDB
?REMOTE_CONTROL_GROUP_TITLE@@3QBDB
?AUTO_SHUTDOWN_TITLE_EXCEPTION@@3QBDB
?AUTO_SHUTDOWN_EXCEPTION@@3QBDB
?SW_OFF_AFTER_MINUTES@@3QBDB
?STR_MIN_SHOW_PAY_SUM@@3QBDB
?T_PROC_DONT_WRITE_CLIENT2@@3QBDB
?T_PROC_HIDE_CLIENT2@@3QBDB
?T_ST_GRP_PROC_STAT@@3QBDB
?REFERRER_TITLE_PERCENT@@3QBDB
?PARAMBEZ_CDB_CLIENT_TYPES_PASSWORD@@3QBDB
?PARAMBEZ_CDB_DENY_EDIT_BALANCE_SETTINGS@@3QBDB
?PARAMBEZ_CDB_DENY_ADD_EDIT_GROUPS@@3QBDB
?PARAMBEZ_CDB_DENY_CLIENT_INFO@@3QBDB
?PARAMBEZ_CDB_DENY_DELETE_CLIENT@@3QBDB
?PARAMBEZ_CDB_DENY_CHANGE_INFO@@3QBDB
?PARAMBEZ_CDB_DENY_ALL@@3QBDB
?LIST_OF_MODULES_OF_PROCESS@@3QBDB
?PS_SENDMESSAGE@@3QBDB
?NO_CONNECTION_WITH_REMOTE@@3QBDB
?WWW_TABLE_COMPUTER@@3QBDB
?AP_USERNAME_LEFT@@3QBDB
?AP_TITLE@@3QBDB
?T_PROC_HIDE_CLIENT2_NAME@@3QBDB
?PRNCTRL_SECNOTE_OPEN_ERROR@@3QBDB
?WINDOW_TO_SMALL_PLEASE_WARN@@3QBDB
?T_NEWVER_FOUND_TEXT@@3QBDB
?T_NEWVER_FOUND_HEADER@@3QBDB
?T_ENTER_BOSS_PASSWORD@@3QBDB
?FREE_LIMIT_OUT@@3QBDB
?ERROR_ACCESS_DENIED_FOR_FUNCTION@@3QBDB
?WARNING_BOSSMODE_ACTIVATED@@3QBDB
?BOSSMODE_PASSWORD_ENTER_WARNING@@3QBDB
?SPPR_SIGNAL_COMPUTER@@3QBDB
?WARN_PASS_NOTFOUND_EX@@3QBDB
?UDP_ERROR_CANT_START@@3QBDB
?ERR_LOG3_START@@3QBDB
?CANT_AQUIRE_CONTEXT@@3QBDB
?CANT_OPENCREATE_CONFIG@@3QBDB
?BADKEY_MESSAGE@@3QBDB
?HTTP_LOG_OK_STARTED@@3QBDB
?HTTP_LOG_ERROR_CANTSTART@@3QBDB
?MSG_SOCK_ERR@@3QBDB
?WRONG_PASS_ENTERED@@3QBDB
?ALREADY_RUN@@3QBDB
?REGISTRED_NUM@@3QBDB
?REGISTRED_NAME@@3QBDB
?ERR_WRONG_AMOUNT@@3QBDB
?T_TAKE_CASH_REASON@@3QBDB
?T_TAKE_CASH_AMOUNT@@3QBDB
?T_TAKE@@3QBDB
?SNMP_SETTINGS_DESCRIPTION@@3QBDB
?SNMP_DLG_HEADER_OID@@3QBDB
?SNMP_DLG_HEADER_PASSWORD@@3QBDB
?SNMP_DLG_HEADER_IP@@3QBDB
?SNMP_DLG_HEADER_ACTIVE@@3QBDB
?SNMP_DLG_HEADER_COMPUTER@@3QBDB
?SNMP_POWER_CONTROL@@3QBDB
?L_DEMO@@3QBDB
?RESERVATION_INTERVAL_SELECTION_ALL@@3QBDB
?RESERVATION_INTERVAL_SELECTION_TITLE@@3QBDB
?RESERVATION_ERROR_TIME_BEGIN_AFTER_END@@3QBDB
?RESERVATION_ADDEDIT_COMMENT@@3QBDB
?RESERVATION_ADDEDIT_HEADER@@3QBDB
?RESERVATION_ADDEDIT_END@@3QBDB
?RESERVATION_ADDEDIT_BEGIN@@3QBDB
?RESERVATION_ADDEDIT_COMPUTER_S@@3QBDB
?RESERVATION_ADDEDIT_TITLE@@3QBDB
?RESERVATION_INFO_FORMAT@@3QBDB
?RESERVATION_SURE_WANT_TO_DELETE@@3QBDB
?RESERVATION_DELETE@@3QBDB
?RESERVATION_EDIT@@3QBDB
?RESERVATION_ADD@@3QBDB
?RESERVATION_TITLE@@3QBDB
?PARAMBEZ_MINING_ZCASH_FLYPOOL_ERROR_DEFAULT_WALLET@@3QBDB
?PARAMBEZ_MINING_ZCASH_STATS_TOTAL@@3QBDB
?PARAMBEZ_MINING_ZCASH_STATS_IF_ABSENT@@3QBDB
?PARAMBEZ_MINING_ZCASH_STATS_COMPUTER@@3QBDB
?PARAMBEZ_MINING_ZCASH_STATS_HEADER@@3QBDB
?PARAMBEZ_MINING_ZCASH_CHECK@@3QBDB
?PARAMBEZ_MINING_ZCASH_FOR_TEST@@3QBDB
?PARAMBEZ_MINING_ZCASH_PASSWORD@@3QBDB
?PARAMBEZ_MINING_ZCASH_WALLET@@3QBDB
?PARAMBEZ_MINING_ZCASH_PORT@@3QBDB
?PARAMBEZ_MINING_ZCASH_SERVER@@3QBDB
?PARAMBEZ_MINING_ZCASH_DEFAULT_PASSWORD@@3QBDB
?PARAMBEZ_MINING_ZCASH_DEFAULT_PORT@@3QBDB
?PARAMBEZ_MINING_ZCASH_DEFAULT_SERVER@@3QBDB
?PARAMBEZ_MINING_ZCASH_INFO@@3QBDB
?PARAMBEZ_MINING_ZCASH_GRP@@3QBDB
?PARAMBEZ_MINING_ENABLE@@3QBDB
?PARAMBEZ_DENY_TIMER_MODE@@3QBDB
?T_DENY_TAKING_CASH_FOR_ADMIN@@3QBDB
?T_DENY_CASH_MENU_FOR_ADMIN@@3QBDB
?PARAMBEZ_DENY_PAUSE_MODE@@3QBDB
?PBZ_USE_CUSTOM_INDMINLIST@@3QBDB
?PBZ_INDMINLIST@@3QBDB
?PARAMBEZ_PRICES_DENY_EDIT_LIST_PROCESS@@3QBDB
?PARAMBEZ_PRICES_DENY_EDIT_VOICE_REMINDER@@3QBDB
?PARAMBEZ_PRICES_DENY_EDIT_REMINDER_ON_STAYED_TIME@@3QBDB
?PB_HWC_ENABLE_USB_CONNECTIONS_COST@@3QBDB
?PB_HWC_BLOCK_USB_CONNECTIONS@@3QBDB
kernel32
OutputDebugStringW
FormatMessageW
LCMapStringW
GetStringTypeW
ExpandEnvironmentStringsA
AreFileApisANSI
DeleteFileW
GetFileAttributesExW
GetSystemInfo
CreateFileMappingW
GetDiskFreeSpaceW
LockFileEx
GetTempPathW
CreateFileW
GetFileAttributesW
HeapValidate
HeapCreate
UnlockFileEx
UnmapViewOfFile
MapViewOfFile
CreateMutexW
GetFullPathNameW
InterlockedCompareExchange
GetStdHandle
GetFileType
SwitchToFiber
DeleteFiber
CreateFiber
FindFirstFileW
FindNextFileW
ConvertFiberToThread
ConvertThreadToFiber
GlobalMemoryStatus
GetEnvironmentVariableW
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
VirtualAlloc
VirtualQuery
GetDriveTypeW
FindFirstFileExW
ExitProcess
GetModuleHandleExW
ExitThread
FreeLibraryAndExitThread
SetStdHandle
GetCommandLineA
GetCommandLineW
HeapQueryInformation
SetConsoleCtrlHandler
PeekNamedPipe
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetConsoleCP
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
FindFirstFileExA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW
SleepEx
CreateDirectoryA
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
GetProfileIntA
SearchPathA
LocalUnlock
LocalLock
FindResourceExW
SetErrorMode
VerifyVersionInfoA
VerSetConditionMask
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetACP
GlobalFlags
GetAtomNameA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LocalAlloc
CreateSemaphoreA
ReleaseMutex
ReleaseSemaphore
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
VirtualProtect
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFileSize
FlushFileBuffers
CreateFileA
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleFileNameW
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
lstrcpynA
GetVolumeInformationA
GetCPInfo
GetVersion
GetCurrentThreadId
GetFullPathNameA
SuspendThread
SetThreadPriority
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
SetLastError
GetCurrentProcessId
MoveFileA
GetSystemTime
GetFileAttributesA
SetFileAttributesA
FindNextFileA
FindFirstFileA
FindClose
ResumeThread
GetWindowsDirectoryA
lstrlenA
lstrcatA
lstrcpyA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetCurrentDirectoryA
GetModuleHandleW
CreateEventA
CreateMutexA
GetLocalTime
Sleep
DecodePointer
DeleteFileA
GetCurrentDirectoryA
GetTempFileNameA
GetTempPathA
GetComputerNameW
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerA
SystemTimeToFileTime
WaitForMultipleObjects
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
ResetEvent
LoadLibraryA
Beep
WaitForSingleObject
SetEvent
TerminateThread
CreateThread
WinExec
FindResourceW
InitializeCriticalSection
LockResource
CloseHandle
OpenProcess
WideCharToMultiByte
MultiByteToWideChar
IsDBCSLeadByte
FindResourceA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
lstrcmpiA
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
user32
GetProcessWindowStation
GetUserObjectInformationW
ClipCursor
GetTabbedTextExtentW
GetWindowRgn
GetDoubleClickTime
GetComboBoxInfo
InSendMessage
SendNotifyMessageA
GetUpdateRect
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
MonitorFromRect
GetDCEx
CharUpperBuffA
DrawIcon
SetCursorPos
InvertRect
HideCaret
LockWindowUpdate
RegisterClipboardFormatA
EnumChildWindows
CopyAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetTabbedTextExtentA
IsClipboardFormatAvailable
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetNextDlgGroupItem
SetParent
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
GetMenuDefaultItem
LoadCursorW
GetSystemMenu
LoadMenuW
GetDialogBaseUnits
CopyImage
LoadImageW
TrackMouseEvent
RealChildWindowFromPoint
MsgWaitForMultipleObjectsEx
NotifyWinEvent
IsZoomed
ShowOwnedPopups
PostQuitMessage
MapDialogRect
CharUpperA
MapVirtualKeyA
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemA
LoadMenuA
LoadAcceleratorsA
BringWindowToTop
IntersectRect
WaitMessage
GetMessageA
DestroyMenu
GetWindowThreadProcessId
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetCapture
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
GetClassInfoExA
GetClassInfoA
RegisterClassA
DefWindowProcA
GetMessageTime
GetMessagePos
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetRectEmpty
SendDlgItemMessageA
BeginPaint
UnhookWindowsHookEx
GetMenuStringA
IsRectEmpty
RegisterWindowMessageA
WindowFromDC
IsWindowVisible
DrawFrameControl
SetWindowRgn
ScreenToClient
GetWindowDC
GetMenuItemRect
GetMenu
CreateWindowExA
CallWindowProcA
GetIconInfo
CreateIconIndirect
DestroyCursor
OffsetRect
DrawFocusRect
WindowFromPoint
ClientToScreen
DrawStateA
GetActiveWindow
GetNextDlgTabItem
IsMenu
DrawIconEx
LoadBitmapW
CopyRect
SetRect
GetSysColorBrush
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetMenuItemInfoA
DeleteMenu
RemoveMenu
ModifyMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
CreateMenu
GetMenuState
DrawEdge
PeekMessageA
FillRect
PostThreadMessageA
keybd_event
LoadIconW
GetKeyState
DispatchMessageA
TranslateMessage
CopyIcon
LoadCursorA
SetWindowLongA
InflateRect
SetCursor
MessageBeep
ReleaseDC
GetDC
ReleaseCapture
SetCapture
IsWindow
GetWindowLongA
PtInRect
GetFocus
DestroyAcceleratorTable
LoadIconA
UnregisterClassA
SystemParametersInfoA
FindWindowA
SetClassLongA
GetSystemMetrics
CreateAcceleratorTableA
CharNextW
GetWindow
GetWindowRect
GetClientRect
UpdateWindow
MessageBoxW
LoadImageA
DestroyIcon
LoadBitmapA
GetDesktopWindow
FrameRect
GetCursorPos
SetForegroundWindow
SetActiveWindow
SetMenuDefaultItem
TranslateAcceleratorA
SetFocus
SetWindowPos
ShowWindow
PostMessageA
GetParent
GetSysColor
RedrawWindow
GetAsyncKeyState
EnumWindows
GetWindowTextA
InvalidateRect
MessageBoxA
AppendMenuA
CreatePopupMenu
KillTimer
SetTimer
EnableWindow
SendMessageA
CharNextA
EndPaint
gdi32
GetCurrentPositionEx
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
CreateDIBSection
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapperFlags
SetGraphicsMode
CopyMetaFileA
ExcludeClipRect
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
CreatePatternBrush
GetTextMetricsA
GetCurrentObject
GetClipBox
CreatePolygonRgn
TextOutA
FrameRgn
FillRgn
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
GetClipRgn
CreateDIBPatternBrushPt
SetLayout
CreateDCA
ModifyWorldTransform
SetColorAdjustment
StartDocA
CreateRoundRectRgn
CreateRectRgn
CombineRgn
SetBkMode
PtInRegion
GetRgnBox
CreateRectRgnIndirect
SetTextColor
SetBkColor
CreateBitmap
ExtTextOutA
SetMapMode
SetPixel
RectVisible
PtVisible
PatBlt
GetTextExtentPoint32W
GetPixel
GetDeviceCaps
GetBkMode
Escape
Ellipse
CreatePen
CreateHatchBrush
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
GetTextExtentPoint32A
CreateFontIndirectA
DeleteDC
GetObjectA
Rectangle
GetStockObject
CreateBrushIndirect
SetDIBitsToDevice
CreateFontA
SaveDC
CreateSolidBrush
PolyDraw
SetPixelV
GetTextFaceA
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetROP2
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
GetBoundsRect
GetWindowOrgEx
GetViewportOrgEx
RoundRect
SetPaletteEntries
ExtFloodFill
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
LPtoDP
Polyline
Polygon
CreateEllipticRgn
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetTextColor
OffsetRgn
SetDIBColorTable
StretchBlt
RealizePalette
GetDIBits
EnumFontFamiliesExA
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
StretchDIBits
GetCharWidthA
GetBkColor
DPtoLP
SetRectRgn
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
ArcTo
msimg32
TransparentBlt
AlphaBlend
winspool.drv
EnumPrintersW
OpenPrinterW
EnumJobsW
ReadPrinter
FindFirstPrinterChangeNotification
FindNextPrinterChangeNotification
FindClosePrinterChangeNotification
ClosePrinter
OpenPrinterA
DocumentPropertiesA
GetJobA
advapi32
RegCloseKey
RegDeleteKeyA
CryptEnumProvidersW
CryptSignHashW
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueA
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
RegQueryValueExA
CryptDeriveKey
CryptDestroyKey
CryptGetHashParam
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDestroyHash
RegSetValueA
RegOpenKeyExW
RegEnumKeyA
RegEnumValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
shell32
Shell_NotifyIconA
ShellExecuteA
ShellExecuteExA
DragQueryFileA
DragFinish
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
SHAppBarMessage
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
comctl32
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetIconSize
_TrackMouseEvent
ord17
ImageList_GetImageInfo
shlwapi
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
UrlUnescapeA
StrFormatKBSizeA
uxtheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor
IsAppThemed
ole32
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
StringFromGUID2
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
StringFromCLSID
ReadClassStg
WriteClassStg
CoTreatAsClass
CreateBindCtx
WriteFmtUserTypeStg
CLSIDFromProgID
CoRegisterMessageFilter
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleQueryCreateFromData
OleQueryLinkFromData
CoGetMalloc
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRun
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
GetHGlobalFromILockBytes
WriteClassStm
StgCreateDocfileOnILockBytes
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegEnumVerbs
OleRegGetMiscStatus
PropVariantCopy
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CreateFileMoniker
CreateILockBytesOnHGlobal
StgIsStorageFile
StgOpenStorageOnILockBytes
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CLSIDFromString
CoDisconnectObject
CoCreateGuid
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
oleaut32
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
CreateErrorInfo
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysReAllocStringLen
VarDateFromStr
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantCopy
VariantClear
VariantInit
VarUdateFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayGetElemsize
RegisterTypeLi
SysAllocStringLen
OleLoadPicture
OleCreatePictureIndirect
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysFreeString
SysAllocString
SetErrorInfo
GetErrorInfo
UnRegisterTypeLi
ws2_32
WSAEventSelect
WSACreateEvent
getsockopt
getnameinfo
freeaddrinfo
getaddrinfo
getservbyname
gethostname
ioctlsocket
__WSAFDIsSet
ntohs
gethostbyname
WSAStartup
listen
WSAAsyncSelect
WSASetLastError
socket
send
recv
htons
htonl
getsockname
getpeername
connect
bind
accept
ntohl
WSAGetLastError
WSASocketA
sendto
select
recvfrom
closesocket
inet_ntoa
inet_addr
WSACleanup
setsockopt
oledlg
ord8
urlmon
URLDownloadToFileA
gdiplus
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
iphlpapi
GetAdaptersInfo
GetExtendedUdpTable
psapi
GetModuleFileNameExA
winmm
mmioAscend
mmioDescend
mmioRead
mmioClose
mmioOpenA
PlaySoundA
wsnmp32
ord101
ord200
ord201
ord203
ord204
ord220
ord300
ord302
ord400
ord402
ord500
ord600
ord602
ord903
ord900
crashrpt1402
ord24
ord8
ord9
oleacc
CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow
wininet
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpOpenFileA
FtpRenameFileA
FtpDeleteFileA
FtpPutFileA
FtpGetFileA
FtpFindFirstFileA
InternetSetStatusCallback
InternetGetLastResponseInfoA
GopherCreateLocatorA
InternetQueryOptionA
InternetFindNextFileA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
DeleteUrlCacheEntry
FtpCommandA
GopherFindFirstFileA
GopherOpenFileA
GopherGetAttributeA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpSendRequestExA
HttpEndRequestA
HttpQueryInfoA
InternetSetCookieA
InternetGetCookieA
InternetSetOptionA
InternetErrorDlg
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
crypt32
CertOpenStore
CertCloseStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertEnumCertificatesInStore
Sections
.text Size: 5.4MB - Virtual size: 5.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 79KB - Virtual size: 130KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ