Static task
static1
Behavioral task
behavioral1
Sample
c801e850c3a11604f1bdce25e7225c40exe_JC.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
c801e850c3a11604f1bdce25e7225c40exe_JC.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
c801e850c3a11604f1bdce25e7225c40exe_JC.exe
-
Size
774KB
-
MD5
c801e850c3a11604f1bdce25e7225c40
-
SHA1
218f8211d2ab8647d2d5bc7fa21a0cc9f2c42215
-
SHA256
3d33c5722d2dca82639a80d70476a7fa6391bd8ec8a1ddc9905a3f7a7688f841
-
SHA512
3dd317e8f611f2c9c836cd005d2d61a984dcb90c5c669239dbb593053d5ff16cec3dabf08c5c3c619ed23ca7723f552b0ae4825b916dbe9b85003ada9dbc0ef5
-
SSDEEP
24576:yvllcqlXoFfRbAuQn6sFCEREiwcUhCfN/YrtKAS:ytKqlm5bDQ6IX+iGhCaZ3S
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c801e850c3a11604f1bdce25e7225c40exe_JC.exe
Files
-
c801e850c3a11604f1bdce25e7225c40exe_JC.exe.exe windows:4 windows x86
668e39b720a4cd2b7e07739753688250
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFindExtensionW
PathAppendW
PathRelativePathToA
PathCombineW
PathStripToRootA
StrStrIA
PathStripToRootW
PathIsUNCServerShareA
UrlCombineW
PathSkipRootA
PathCombineA
PathCompactPathW
PathAddBackslashA
PathRemoveFileSpecA
StrToInt64ExW
AssocQueryStringW
PathRemoveBlanksW
StrCpyW
PathFileExistsW
PathCompactPathA
PathBuildRootA
StrToIntExW
PathIsRelativeA
PathGetDriveNumberA
StrCmpNIW
PathIsURLW
PathIsUNCW
PathRemoveFileSpecW
SHDeleteValueW
SHDeleteKeyW
StrFormatKBSizeW
PathMatchSpecW
StrRetToStrW
PathIsDirectoryW
UrlCreateFromPathW
StrCmpIW
StrRetToBufW
PathCreateFromUrlW
PathRemoveBackslashW
PathIsDirectoryEmptyW
PathCanonicalizeW
SHDeleteEmptyKeyA
PathIsDirectoryA
StrToIntW
PathParseIconLocationA
SHAutoComplete
SHCopyKeyA
PathRemoveExtensionW
SHDeleteValueA
SHSetValueW
PathGetCharTypeW
PathRemoveExtensionA
PathRelativePathToW
PathIsRootA
PathAddBackslashW
PathMakeSystemFolderW
PathStripPathW
UrlCanonicalizeW
PathIsNetworkPathW
PathFileExistsA
PathMakePrettyW
SHCreateStreamOnFileA
PathSetDlgItemPathW
PathIsUNCA
PathIsURLA
StrStrIW
StrStrA
PathRemoveArgsA
PathFindFileNameW
PathFindExtensionA
StrStrW
SHCreateStreamOnFileW
StrTrimA
PathRenameExtensionA
UrlUnescapeA
StrCmpW
StrTrimW
PathMakePrettyA
PathRenameExtensionW
UrlIsW
StrCatW
StrToIntA
PathIsUNCServerA
PathQuoteSpacesA
UrlUnescapeW
StrDupW
StrFromTimeIntervalA
PathUnquoteSpacesA
PathAppendA
PathIsRelativeW
PathCanonicalizeA
PathIsRootW
StrFormatByteSizeW
PathFindFileNameA
PathRemoveBackslashA
PathIsFileSpecW
PathCommonPrefixW
SHDeleteKeyA
PathStripPathA
version
GetFileVersionInfoA
VerInstallFileA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
ole32
OleDraw
CLSIDFromProgID
OleIsRunning
CoSuspendClassObjects
OleCreateLinkFromData
OleLoad
OleTranslateAccelerator
StringFromGUID2
RegisterDragDrop
OleCreateMenuDescriptor
StgIsStorageILockBytes
CoDisconnectObject
CoInitializeSecurity
CreateGenericComposite
CoMarshalInterThreadInterfaceInStream
StringFromIID
GetRunningObjectTable
OleCreateFromData
CoResumeClassObjects
StgCreateDocfileOnILockBytes
FreePropVariantArray
CoMarshalInterface
OleCreateStaticFromData
CoGetObject
OleSetClipboard
StgIsStorageFile
CoRevokeMallocSpy
CoCreateInstance
ReleaseStgMedium
CoTaskMemRealloc
ReadClassStm
IsAccelerator
CreateFileMoniker
StgCreateStorageEx
CoQueryProxyBlanket
CoTreatAsClass
CoGetMalloc
OleGetIconOfClass
CoFileTimeNow
OleUninitialize
OleCreateLinkToFile
OleQueryLinkFromData
CoRevertToSelf
CoLockObjectExternal
CoReleaseMarshalData
OleFlushClipboard
CoGetClassObject
OleRegGetMiscStatus
ReadFmtUserTypeStg
StringFromCLSID
CoImpersonateClient
CoTaskMemFree
ProgIDFromCLSID
StgOpenStorage
CoRegisterMessageFilter
BindMoniker
OleLockRunning
CreateILockBytesOnHGlobal
OleDuplicateData
OleCreate
SetConvertStg
WriteClassStm
CreateStreamOnHGlobal
OleSave
PropVariantClear
OleCreateFromFile
CoUnmarshalInterface
CoTaskMemAlloc
CoRegisterClassObject
StgOpenStorageOnILockBytes
CoSetProxyBlanket
CoInitialize
CreateOleAdviseHolder
CreateBindCtx
MkParseDisplayName
CoCreateInstanceEx
OleRegGetUserType
CreateClassMoniker
CLSIDFromString
OleIsCurrentClipboard
WriteFmtUserTypeStg
IIDFromString
CoFreeUnusedLibraries
ReadClassStg
GetHGlobalFromStream
OleRun
CoCreateGuid
OleDestroyMenuDescriptor
CoRegisterMallocSpy
CoLoadLibrary
OleQueryCreateFromData
OleRegEnumVerbs
GetClassFile
CoRevokeClassObject
WriteClassStg
OleSaveToStream
OleGetClipboard
RevokeDragDrop
DoDragDrop
GetHGlobalFromILockBytes
CoInitializeEx
CoCopyProxy
OleSetContainedObject
CreateItemMoniker
OleInitialize
OleLoadFromStream
OleSetMenuDescriptor
CoUninitialize
CreateDataAdviseHolder
StgCreateDocfile
CoGetInterfaceAndReleaseStream
gdi32
PolyPolygon
Polygon
GetSystemPaletteEntries
GetViewportExtEx
CreateDIBitmap
GetObjectType
SetTextJustification
PlayMetaFile
LPtoDP
ResetDCW
GetMapMode
SetGraphicsMode
GetEnhMetaFileA
GetFontLanguageInfo
GetColorAdjustment
SetMapMode
CreateEnhMetaFileA
FillPath
GetCharABCWidthsA
ExtEscape
GetCharABCWidthsFloatA
SetTextAlign
GetClipRgn
EqualRgn
GetPixelFormat
ExtTextOutA
DrawEscape
CreateDIBPatternBrushPt
SetPixel
ResetDCA
SetMapperFlags
FillRgn
GetCharABCWidthsFloatW
CopyEnhMetaFileW
CreateFontIndirectW
FrameRgn
SetICMMode
SetViewportExtEx
GetLayout
GdiComment
SetColorAdjustment
GetStretchBltMode
SetICMProfileA
CreateICA
CreateHalftonePalette
AbortPath
GetPixel
ChoosePixelFormat
GetMetaFileA
GetPolyFillMode
LineTo
RealizePalette
SetArcDirection
SaveDC
ResizePalette
GetEnhMetaFilePaletteEntries
CreateICW
PathToRegion
UnrealizeObject
SetPixelFormat
SetAbortProc
GetRegionData
FlattenPath
ExtCreatePen
Polyline
GetTextExtentPoint32A
CloseMetaFile
EnumEnhMetaFile
CopyMetaFileW
OffsetViewportOrgEx
EnumFontFamiliesW
SetTextCharacterExtra
GdiFlush
Arc
SetViewportOrgEx
GetTextCharsetInfo
CreateEnhMetaFileW
MaskBlt
EnumObjects
GetWindowExtEx
GetMetaFileBitsEx
EndPage
MoveToEx
TextOutA
GetNearestPaletteIndex
EndPath
GetCharacterPlacementW
OffsetClipRgn
GetTextMetricsA
CreateRectRgnIndirect
GetArcDirection
ExcludeClipRect
RoundRect
IntersectClipRect
GetCurrentObject
GetTextExtentPointW
RestoreDC
DPtoLP
GetCharWidthA
SetPixelV
GetCharWidthFloatA
OffsetRgn
ExtFloodFill
EndDoc
PlayEnhMetaFile
CreateCompatibleDC
GetAspectRatioFilterEx
ScaleWindowExtEx
GetClipBox
CreateFontA
SelectObject
SetBkColor
Ellipse
EnumFontsA
GetRgnBox
ArcTo
CreateEllipticRgn
DescribePixelFormat
GetBkMode
FloodFill
GetBkColor
SetWinMetaFileBits
GetBitmapBits
BitBlt
SetWindowOrgEx
CreatePenIndirect
RectVisible
GetGlyphOutlineW
GetObjectA
StrokePath
DeleteDC
CreateRectRgn
SetPaletteEntries
CopyEnhMetaFileA
CreateHatchBrush
PolylineTo
WidenPath
GetOutlineTextMetricsA
GetTextCharacterExtra
GetEnhMetaFileHeader
EnumFontFamiliesExA
StartPage
CreateMetaFileA
SetDCBrushColor
GetTextColor
TranslateCharsetInfo
GetGraphicsMode
DeleteMetaFile
PtInRegion
Chord
GetPaletteEntries
OffsetWindowOrgEx
GetCharABCWidthsW
SetRectRgn
GetEnhMetaFileW
SetDIBits
GetTextExtentPoint32W
GetTextExtentPointA
AbortDoc
InvertRgn
StartDocA
CreateMetaFileW
PlgBlt
SetWorldTransform
GetCurrentPositionEx
CreateRoundRectRgn
ExtSelectClipRgn
CopyMetaFileA
SwapBuffers
SetPolyFillMode
PlayMetaFileRecord
SetDIBColorTable
SetWindowExtEx
CreatePen
CreateDIBSection
SelectPalette
PlayEnhMetaFileRecord
EnumMetaFile
RectInRegion
GetDCOrgEx
GetDIBits
Rectangle
CreateEllipticRgnIndirect
CreateDCW
GetTextAlign
EnumFontFamiliesExW
ModifyWorldTransform
SetBrushOrgEx
PtVisible
GetDeviceCaps
SetStretchBltMode
SelectClipRgn
CreateCompatibleBitmap
AnimatePalette
SetDCPenColor
SetDIBitsToDevice
PolyBezier
GetTextExtentExPointW
UpdateColors
GetTextFaceW
CombineRgn
GetDIBColorTable
CreatePolygonRgn
StretchDIBits
GetTextExtentExPointA
StartDocW
GetTextFaceA
SetBoundsRect
SetLayout
PolyPolyline
GetNearestColor
PatBlt
SetBitmapDimensionEx
StretchBlt
RemoveFontResourceA
ExtTextOutW
SetEnhMetaFileBits
DeleteObject
AddFontResourceA
AngleArc
ScaleViewportExtEx
StrokeAndFillPath
CreateDiscardableBitmap
GetWinMetaFileBits
DeleteEnhMetaFile
CloseFigure
GetTextMetricsW
PolyDraw
GetWindowOrgEx
CreateFontW
CreateBitmap
GetTextCharset
Escape
CreateBitmapIndirect
GetCharWidth32A
SetBitmapBits
SetMetaFileBitsEx
CloseEnhMetaFile
GetBitmapDimensionEx
GetCharWidthW
LineDDA
GetFontData
EnumFontFamiliesA
GetObjectW
GetMetaRgn
GetKerningPairsA
CreateDCA
PaintRgn
GetCharWidth32W
BeginPath
GetPath
CreatePatternBrush
SetTextColor
CreateSolidBrush
CreatePalette
GetEnhMetaFileBits
GetBrushOrgEx
TextOutW
ExtCreateRegion
GetROP2
Pie
GetViewportOrgEx
SetBkMode
CreateBrushIndirect
SetROP2
SelectClipPath
GetBoundsRect
SetMiterLimit
GetMiterLimit
PolyBezierTo
CreatePolyPolygonRgn
CreateFontIndirectA
GetGlyphOutlineA
EnumFontsW
GetStockObject
comctl32
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Add
ImageList_Create
ImageList_SetOverlayImage
CreateToolbarEx
ImageList_LoadImageA
ImageList_SetImageCount
ImageList_Write
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetImageCount
ImageList_Merge
FlatSB_ShowScrollBar
ImageList_GetImageInfo
InitCommonControlsEx
DrawStatusTextW
ImageList_Draw
_TrackMouseEvent
PropertySheetA
ImageList_GetIconSize
FlatSB_EnableScrollBar
ImageList_SetFlags
ImageList_GetDragImage
ImageList_DragLeave
InitializeFlatSB
CreateUpDownControl
ImageList_EndDrag
ImageList_LoadImageW
PropertySheetW
ImageList_BeginDrag
CreateStatusWindowW
ImageList_Remove
ImageList_Destroy
ImageList_DragMove
ord17
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DrawIndirect
ImageList_Replace
ImageList_GetBkColor
MakeDragList
ImageList_ReplaceIcon
CreatePropertySheetPageW
ImageList_Read
ImageList_DrawEx
ImageList_Duplicate
ImageList_LoadImage
ImageList_SetIconSize
ImageList_GetIcon
ImageList_Copy
ImageList_DragEnter
ImageList_AddIcon
oleaut32
LoadTypeLi
user32
GetWindowDC
GetQueueStatus
ReleaseDC
ShowWindow
GetFocus
RemovePropA
MonitorFromPoint
WaitMessage
SetPropA
UnpackDDElParam
LoadImageW
AttachThreadInput
TabbedTextOutW
DdeInitializeW
IsCharLowerA
GetLastActivePopup
MapVirtualKeyExA
CreateIconIndirect
CharUpperW
ChildWindowFromPoint
CreateWindowExA
InsertMenuA
UnregisterClassW
GetForegroundWindow
GetClipboardFormatNameW
ToAsciiEx
GetClipboardData
SetProcessWindowStation
MapVirtualKeyW
SendMessageA
UnregisterHotKey
LoadIconA
RegisterClassExW
GetWindowContextHelpId
EnumDesktopWindows
SetRect
GetThreadDesktop
DdeFreeStringHandle
AdjustWindowRectEx
LoadCursorA
GetWindowModuleFileNameW
LoadImageA
CharUpperA
RealChildWindowFromPoint
DdeDisconnect
GetCapture
UnregisterClassA
GetMessageTime
CharPrevA
SetParent
OpenInputDesktop
LoadAcceleratorsA
CountClipboardFormats
SetCursorPos
GetClassInfoW
ExcludeUpdateRgn
PostMessageA
SetDlgItemTextA
SetCapture
RegisterClipboardFormatW
DestroyCursor
EnumClipboardFormats
GetMenuItemRect
SetMenuItemInfoA
SetMenuDefaultItem
GetMenuState
GetWindowTextLengthA
SetDlgItemTextW
LoadKeyboardLayoutA
SetWindowLongW
OffsetRect
GetMenuCheckMarkDimensions
ChildWindowFromPointEx
LookupIconIdFromDirectoryEx
DestroyWindow
CharNextA
MessageBoxW
GrayStringW
TrackPopupMenuEx
WindowFromDC
RegisterWindowMessageA
GetPropW
GetWindowRgn
DefDlgProcA
DdeGetData
GetSysColor
GetUpdateRect
IsWindow
SetUserObjectSecurity
DdeConnect
CallWindowProcA
CreateDesktopW
EnumDisplaySettingsA
HiliteMenuItem
ScrollWindowEx
GetMonitorInfoW
AllowSetForegroundWindow
BroadcastSystemMessage
VkKeyScanW
EqualRect
DlgDirListA
TrackPopupMenu
SendNotifyMessageA
GetCaretPos
SendNotifyMessageW
VkKeyScanA
GetMessageW
GetMessagePos
BringWindowToTop
ModifyMenuW
EnumDisplayMonitors
PostMessageW
TranslateAcceleratorA
GetMenu
IsMenu
DrawTextExA
GetSystemMenu
FindWindowExW
DdePostAdvise
PackDDElParam
SendMessageTimeoutA
DdeAccessData
SwitchDesktop
SetClassLongA
GetMenuDefaultItem
CopyAcceleratorTableA
GetClassNameA
GetMenuInfo
InvertRect
GetClassNameW
MessageBoxIndirectA
SetWindowTextW
CopyImage
ShowScrollBar
wvsprintfW
IsClipboardFormatAvailable
SetDlgItemInt
GetDlgCtrlID
ShowCursor
GetLastInputInfo
CloseClipboard
MapWindowPoints
GetWindow
SetWindowLongA
DrawIconEx
KillTimer
GetClassWord
LoadIconW
GetScrollBarInfo
CreateAcceleratorTableA
BeginPaint
EnumChildWindows
DrawStateW
SetPropW
DeferWindowPos
CreatePopupMenu
SetScrollPos
UnionRect
RegisterHotKey
ChangeDisplaySettingsA
DlgDirSelectExA
SetMenuItemInfoW
GetTitleBarInfo
DrawMenuBar
DefFrameProcW
GetNextDlgGroupItem
CharUpperBuffA
DefMDIChildProcW
IntersectRect
FrameRect
CharLowerA
SystemParametersInfoA
GetUserObjectInformationW
GetScrollRange
TileWindows
CheckMenuItem
SetScrollInfo
RemovePropW
InvalidateRect
CopyIcon
CharLowerBuffW
GetClassInfoExW
SystemParametersInfoW
SetCaretBlinkTime
DdeFreeDataHandle
SetActiveWindow
RedrawWindow
GetClassInfoExA
SetClassLongW
ScrollWindow
CharLowerW
GetMenuItemInfoA
DeleteMenu
RegisterClassExA
IsDialogMessage
InsertMenuW
GetKeyboardLayoutList
GetDlgItemInt
SubtractRect
SetRectEmpty
GetWindowThreadProcessId
IsChild
CloseWindow
PostThreadMessageW
MoveWindow
EnableMenuItem
MapVirtualKeyA
CheckRadioButton
keybd_event
UnhookWindowsHookEx
PostThreadMessageA
CreateDialogParamW
SetCursor
IsDialogMessageA
GetWindowLongW
SetWindowPos
IsWindowEnabled
PeekMessageA
UpdateWindow
SetKeyboardState
DlgDirListComboBoxA
OpenWindowStationA
GetKeyboardState
wsprintfW
LookupIconIdFromDirectory
GetProcessWindowStation
WaitForInputIdle
UnregisterDeviceNotification
GetClientRect
CheckDlgButton
ShowCaret
ChangeDisplaySettingsW
DialogBoxIndirectParamA
NotifyWinEvent
GetClassLongA
HideCaret
CreateMenu
GetAncestor
InflateRect
ScreenToClient
GetActiveWindow
EndPaint
RegisterClassA
InSendMessage
SendDlgItemMessageA
GetClipboardViewer
CheckMenuRadioItem
GetWindowWord
OpenIcon
CharLowerBuffA
SetMenuContextHelpId
FillRect
GrayStringA
ChangeClipboardChain
TranslateMessage
RegisterDeviceNotificationW
SendMessageTimeoutW
SwapMouseButton
CallWindowProcW
DefFrameProcA
LoadMenuIndirectA
MessageBoxExA
ClientToScreen
GetWindowRect
IsZoomed
LoadAcceleratorsW
WindowFromPoint
AdjustWindowRect
LockWindowUpdate
TranslateAcceleratorW
ArrangeIconicWindows
CallNextHookEx
IsWindowVisible
SendInput
DrawStateA
GetDCEx
ExitWindowsEx
GetWindowInfo
DrawTextA
OpenDesktopA
MapDialogRect
CreateWindowExW
DestroyMenu
ClipCursor
GetMessageExtraInfo
ScrollDC
GetMenuBarInfo
DdeCreateStringHandleW
GetClassInfoA
GetMenuStringW
GetDlgItemTextW
GetMenuStringA
MonitorFromRect
GetUserObjectInformationA
DdeUninitialize
ReleaseCapture
CreateMDIWindowA
EnableWindow
GetInputState
CreateIconFromResource
SetMenu
AnimateWindow
GetDlgItemTextA
CharNextExA
IsWindowUnicode
SetDoubleClickTime
GetWindowPlacement
SetCaretPos
AppendMenuW
GetComboBoxInfo
ShowWindowAsync
GetGUIThreadInfo
InsertMenuItemW
IsDlgButtonChecked
GetPropA
GetMenuContextHelpId
GetDC
CreateDialogIndirectParamW
PeekMessageW
GetWindowTextW
MonitorFromWindow
LoadCursorW
DragDetect
RegisterClassW
MenuItemFromPoint
IsRectEmpty
MessageBoxA
DispatchMessageA
DrawTextExW
PtInRect
CallMsgFilterA
DrawTextW
GetCaretBlinkTime
DrawFocusRect
SetTimer
DialogBoxIndirectParamW
LoadStringW
ModifyMenuA
FlashWindow
GetCursor
BeginDeferWindowPos
TranslateMDISysAccel
EnumWindows
OpenWindowStationW
DrawCaption
SetClipboardData
SetMenuInfo
CascadeWindows
ValidateRgn
DestroyAcceleratorTable
CharNextW
SetScrollRange
GetMenuItemID
IsCharLowerW
CreateCursor
SetMessageExtraInfo
mouse_event
FlashWindowEx
OpenDesktopW
GetSysColorBrush
SendMessageW
EndDeferWindowPos
SetFocus
AppendMenuA
GetCursorInfo
DdeNameService
GetWindowTextLengthW
EmptyClipboard
WinHelpW
DrawFrameControl
ToAscii
SetWindowsHookExW
DdeGetLastError
EnableScrollBar
GetUserObjectSecurity
FindWindowA
CreateIconFromResourceEx
OemToCharA
GetOpenClipboardWindow
EnumThreadWindows
FindWindowExA
FreeDDElParam
FindWindowW
GetKeyNameTextW
LoadCursorFromFileW
MsgWaitForMultipleObjectsEx
SetWindowPlacement
DdeCreateDataHandle
CreateIcon
IsIconic
GetUpdateRgn
DdeUnaccessData
GetDlgItem
CharToOemBuffA
MapVirtualKeyExW
GetIconInfo
GetMonitorInfoA
GetScrollPos
CreateAcceleratorTableW
GetMenuItemCount
TrackMouseEvent
IsCharAlphaNumericA
LoadMenuIndirectW
GetKeyNameTextA
CreateMDIWindowW
SetWindowTextA
GetMessageA
CopyAcceleratorTableW
CloseDesktop
DdeQueryStringA
OpenClipboard
DestroyIcon
GetClipboardOwner
GetWindowTextA
GetAsyncKeyState
DrawAnimatedRects
SetLayeredWindowAttributes
DdeCreateStringHandleA
WinHelpA
ActivateKeyboardLayout
DefWindowProcW
GetKeyState
LoadCursorFromFileA
ToUnicodeEx
DdeInitializeA
GetKeyboardLayoutNameA
LoadBitmapW
ReuseDDElParam
LockSetForegroundWindow
GetClipCursor
CloseWindowStation
LoadStringA
LoadBitmapA
GetSystemMetrics
wvsprintfA
GetMenuItemInfoW
DrawIcon
GetTabbedTextExtentA
LoadMenuA
DlgDirListComboBoxW
CopyRect
GetParent
GetClassLongW
GetCursorPos
SendDlgItemMessageW
EnumDisplaySettingsW
IsCharAlphaA
CreateDialogIndirectParamA
TabbedTextOutA
ReplyMessage
InvalidateRgn
GetWindowLongA
MessageBeep
SetWindowContextHelpId
DrawEdge
GetNextDlgTabItem
SetForegroundWindow
ToUnicode
MsgWaitForMultipleObjects
GetClipboardFormatNameA
CharUpperBuffW
TileChildWindows
DialogBoxParamW
GetSubMenu
PostQuitMessage
DefMDIChildProcA
GetDesktopWindow
RemoveMenu
ValidateRect
GetTopWindow
GetDialogBaseUnits
DdeClientTransaction
DispatchMessageW
CreateDialogParamA
IsCharUpperA
GetDoubleClickTime
UnhookWinEvent
OemToCharBuffA
DestroyCaret
VkKeyScanExA
GetScrollInfo
DdeQueryStringW
SetWindowRgn
ShowOwnedPopups
CreateCaret
InsertMenuItemA
DefWindowProcA
RegisterWindowMessageW
SetClipboardViewer
SetWindowsHookExA
GetKeyboardLayout
CharToOemA
DlgDirSelectComboBoxExA
DialogBoxParamA
LoadMenuW
EndDialog
IsCharAlphaNumericW
wsprintfA
RegisterClipboardFormatA
IsDialogMessageW
kernel32
FindFirstFileExW
GetTimeFormatA
GlobalHandle
GetSystemDirectoryA
SetFileAttributesA
GetSystemWindowsDirectoryA
GlobalMemoryStatus
WritePrivateProfileSectionW
GetNumberFormatW
GetCurrentThread
GetWindowsDirectoryA
GetDriveTypeW
GetProfileStringA
GetTempFileNameW
SetCurrentDirectoryA
LCMapStringW
MultiByteToWideChar
GetCommTimeouts
GetSystemTimeAsFileTime
LocalAlloc
GetVolumeInformationA
Process32First
WaitForSingleObject
GetFileType
ConvertDefaultLocale
UnmapViewOfFile
SwitchToFiber
ReadProcessMemory
GetCurrentThreadId
_lcreat
IsBadCodePtr
LoadLibraryW
ContinueDebugEvent
GetEnvironmentStrings
SetTimeZoneInformation
OpenProcess
CreateEventA
CreateFileA
SetProcessWorkingSetSize
BackupRead
GlobalAlloc
GetThreadTimes
AllocConsole
GetVersionExW
GetVolumeNameForVolumeMountPointA
WriteFile
GetWindowsDirectoryW
IsBadStringPtrW
GlobalSize
GetFileAttributesExW
FreeLibrary
WriteProfileStringW
GetShortPathNameW
WriteProcessMemory
CopyFileExA
MoveFileW
GetDiskFreeSpaceW
CreateWaitableTimerW
VerifyVersionInfoW
lstrcpynA
CancelIo
FindResourceW
CreateNamedPipeW
SetUnhandledExceptionFilter
lstrcpyW
SetTapePosition
GetNumberFormatA
GetLogicalDriveStringsA
GetProfileIntW
QueryPerformanceFrequency
EnumLanguageGroupLocalesW
WinExec
GetStringTypeExW
GetPrivateProfileSectionA
TlsGetValue
HeapCompact
VirtualLock
TerminateProcess
GlobalLock
FindNextFileA
GetConsoleMode
FindAtomW
UpdateResourceW
GetTimeFormatW
ExitThread
RemoveDirectoryW
CreateWaitableTimerA
SetFileTime
lstrlenW
QueueUserWorkItem
OutputDebugStringA
DisconnectNamedPipe
HeapReAlloc
OpenSemaphoreA
QueryDosDeviceA
GetSystemDirectoryW
GetDiskFreeSpaceExW
FatalAppExitA
CopyFileA
SetProcessShutdownParameters
GetCurrentProcess
GlobalFindAtomA
SearchPathA
GlobalAddAtomA
VirtualProtect
TlsAlloc
CreateSemaphoreA
FlushInstructionCache
TlsFree
EndUpdateResourceW
WritePrivateProfileSectionA
FindCloseChangeNotification
CreateFiber
Toolhelp32ReadProcessMemory
CommConfigDialogW
GetLongPathNameA
_lwrite
OpenThread
FindVolumeClose
GetProfileIntA
GlobalFlags
GetStartupInfoW
SetCommState
SetLastError
TlsSetValue
VirtualAllocEx
EnumCalendarInfoW
EscapeCommFunction
CreateToolhelp32Snapshot
GetModuleFileNameW
SetErrorMode
GetCurrencyFormatA
FreeEnvironmentStringsA
Module32First
WaitNamedPipeA
CreateDirectoryExA
FindResourceExW
CreateFileW
VirtualFree
WaitCommEvent
FreeEnvironmentStringsW
GetSystemDefaultLangID
UnlockFileEx
SetHandleInformation
DebugActiveProcess
GlobalGetAtomNameW
CompareStringW
EnumResourceNamesW
CreateSemaphoreW
SetNamedPipeHandleState
GetCompressedFileSizeW
FlushConsoleInputBuffer
CreateThread
GetCurrentProcessId
GetCurrentDirectoryA
CompareStringA
IsBadStringPtrA
HeapAlloc
ExitProcess
HeapDestroy
Thread32Next
GetEnvironmentVariableW
LeaveCriticalSection
Heap32ListFirst
_lread
GetFileSize
ExpandEnvironmentStringsW
DeleteVolumeMountPointA
GetPrivateProfileStringW
GetExitCodeProcess
ReleaseSemaphore
_lopen
lstrcmpW
FindNextFileW
SetFileAttributesW
SetHandleCount
GetVolumePathNameW
RaiseException
Heap32First
WriteConsoleOutputW
SetConsoleMode
GetConsoleScreenBufferInfo
BeginUpdateResourceW
SetVolumeLabelA
GetACP
CreateMutexA
GetProcessWorkingSetSize
FormatMessageW
lstrcatW
CreateMutexW
GetCPInfoExA
WaitForMultipleObjectsEx
GlobalGetAtomNameA
CreateMailslotA
GetCommState
WritePrivateProfileStringA
GetFileAttributesA
SetPriorityClass
OpenEventA
HeapCreate
UnlockFile
BeginUpdateResourceA
GetDiskFreeSpaceA
FlushViewOfFile
_hwrite
GetPrivateProfileStringA
GetThreadPriority
ClearCommBreak
SetThreadAffinityMask
EnumResourceNamesA
FindFirstFileA
GetPrivateProfileSectionNamesA
MapViewOfFile
PurgeComm
GetLogicalDrives
GetStringTypeW
SetEnvironmentVariableW
LoadResource
SetFilePointerEx
GetProfileSectionA
GetProcessHeaps
ConnectNamedPipe
WriteConsoleA
OpenFileMappingW
QueueUserAPC
ResetEvent
lstrcmpiW
GetStringTypeExA
VirtualAlloc
SetLocalTime
InterlockedExchange
FindNextVolumeW
CreateFileMappingW
IsBadReadPtr
IsDBCSLeadByteEx
WaitForDebugEvent
DeviceIoControl
SetSystemTime
GetStdHandle
lstrcatA
DeleteAtom
LoadLibraryA
GetFullPathNameA
FileTimeToSystemTime
MoveFileA
VirtualQuery
VirtualUnlock
SystemTimeToFileTime
FreeConsole
SetEndOfFile
IsValidLocale
LocalSize
BackupSeek
SetEvent
AddAtomW
OpenEventW
CreateFileMappingA
MulDiv
GetPrivateProfileIntA
GetProcessAffinityMask
GetUserDefaultLangID
SetEnvironmentVariableA
WaitForSingleObjectEx
SetWaitableTimer
UpdateResourceA
WaitForMultipleObjects
ReleaseMutex
GetProfileStringW
lstrcpyA
EnumCalendarInfoExW
RtlFillMemory
GetComputerNameW
SetStdHandle
VerSetConditionMask
GetCommConfig
CreateEventW
CreateIoCompletionPort
GetComputerNameA
WaitNamedPipeW
_llseek
CreateProcessA
GetPrivateProfileStructA
LocalReAlloc
Process32FirstW
CopyFileExW
Sleep
GetDiskFreeSpaceExA
GetLocaleInfoA
IsDebuggerPresent
lstrlenA
FindFirstChangeNotificationW
ProcessIdToSessionId
lstrcmpA
GlobalUnlock
LockResource
RemoveDirectoryA
SetMailslotInfo
DefineDosDeviceA
GetSystemTimeAdjustment
GetDateFormatA
GetPrivateProfileIntW
SetProcessPriorityBoost
SetConsoleCursorPosition
OpenMutexW
LoadLibraryExA
Process32Next
_hread
BuildCommDCBA
ReadConsoleInputA
InterlockedCompareExchange
GetCPInfo
FindFirstVolumeW
DeleteFiber
GetFileTime
EnterCriticalSection
Module32NextW
DeleteFileA
GetTempPathW
GetFileSizeEx
OutputDebugStringW
VerLanguageNameA
SetThreadPriority
GetConsoleCP
SetupComm
SwitchToThread
SleepEx
EnumSystemLocalesA
Module32FirstW
GetQueuedCompletionStatus
GetFileAttributesW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetTempPathA
InterlockedDecrement
BackupWrite
GetTempFileNameA
SetProcessAffinityMask
SetComputerNameW
VerifyVersionInfoA
GetUserDefaultLCID
FindClose
GetCommandLineA
GetOverlappedResult
GetShortPathNameA
SetFilePointer
_lclose
EnumUILanguagesW
WriteFileEx
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
FormatMessageA
ResumeThread
LCMapStringA
LocalCompact
FreeResource
EnumResourceTypesA
SetConsoleCtrlHandler
SuspendThread
TransmitCommChar
GetTimeZoneInformation
GetCommProperties
OpenMutexA
LockFileEx
ReadDirectoryChangesW
FlushFileBuffers
GetVersionExA
HeapFree
TryEnterCriticalSection
MoveFileExA
GetModuleHandleW
GetConsoleOutputCP
EnumResourceLanguagesA
SetCurrentDirectoryW
GetLogicalDriveStringsW
DeleteCriticalSection
GlobalFree
PeekNamedPipe
OpenFile
FileTimeToLocalFileTime
AreFileApisANSI
SetThreadExecutionState
WriteConsoleW
DeleteVolumeMountPointW
GetPriorityClass
IsValidCodePage
WritePrivateProfileStructW
DeleteFileW
SearchPathW
CompareFileTime
GetFileInformationByHandle
GetProcessHeap
InterlockedExchangeAdd
MapViewOfFileEx
SetCommTimeouts
LockFile
SetVolumeMountPointA
GlobalMemoryStatusEx
CreatePipe
SetThreadContext
LocalLock
GetVersion
GetThreadLocale
ReadFile
GetCommModemStatus
GetOEMCP
Beep
CreateNamedPipeA
GetHandleInformation
DosDateTimeToFileTime
OpenSemaphoreW
GetSystemInfo
IsProcessorFeaturePresent
IsDBCSLeadByte
FindFirstFileW
GetStartupInfoA
GetFullPathNameW
VirtualProtectEx
QueryPerformanceCounter
WritePrivateProfileStructA
GetLastError
InterlockedIncrement
GetStringTypeA
lstrcpynW
GetSystemDefaultLCID
lstrcmpiA
EnumCalendarInfoA
CreateProcessW
Thread32First
GetLocaleInfoW
SizeofResource
LocalFileTimeToFileTime
FindResourceA
LocalHandle
EnumResourceLanguagesW
GetBinaryTypeA
WriteProfileStringA
SetCommBreak
GetCommandLineW
GetDriveTypeA
Heap32ListNext
Process32NextW
FindResourceExA
IsBadWritePtr
GetMailslotInfo
RtlUnwind
GetSystemPowerStatus
VirtualQueryEx
GetProcessTimes
GetEnvironmentVariableA
GetTapeParameters
GetProcessVersion
GetCommMask
SetVolumeLabelW
SetCommMask
DebugBreak
ConvertThreadToFiber
SetThreadLocale
GetVolumeInformationW
MoveFileExW
LocalFree
ClearCommError
DisableThreadLibraryCalls
VirtualFreeEx
GetEnvironmentStringsW
GetFileAttributesExA
HeapSize
InitializeCriticalSection
CreateDirectoryW
PulseEvent
GetCurrentDirectoryW
GetTickCount
DuplicateHandle
GetUserDefaultUILanguage
GetThreadContext
ExpandEnvironmentStringsA
GlobalDeleteAtom
EnumSystemLanguageGroupsW
GetModuleFileNameA
EndUpdateResourceA
GetModuleHandleA
QueryDosDeviceW
CreateDirectoryA
OpenFileMappingA
GlobalFindAtomW
Heap32Next
FileTimeToDosDateTime
GetComputerNameExA
WritePrivateProfileStringW
GetAtomNameA
GetExitCodeThread
HeapValidate
GetSystemTime
CloseHandle
FindFirstChangeNotificationA
GetLongPathNameW
SetConsoleTitleW
GlobalAddAtomW
GetVolumeNameForVolumeMountPointW
TerminateThread
advapi32
SetSecurityDescriptorControl
BuildTrusteeWithNameW
LsaRemoveAccountRights
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptDestroyKey
EnumServicesStatusA
ChangeServiceConfigW
RegDeleteValueW
ReportEventW
OpenThreadToken
RegCreateKeyA
CryptImportKey
RegSetValueExW
CryptHashData
DuplicateTokenEx
RegSaveKeyW
RegisterEventSourceA
GetAce
GetSecurityDescriptorLength
GetSidLengthRequired
CryptDestroyHash
RegQueryInfoKeyA
GetFileSecurityW
LookupAccountNameW
ConvertStringSidToSidW
CryptGetUserKey
ChangeServiceConfig2W
SetSecurityInfo
SetEntriesInAclW
SetSecurityDescriptorDacl
RegQueryValueW
QueryServiceConfigW
RevertToSelf
RegCreateKeyExW
CreateWellKnownSid
QueryServiceLockStatusW
DeleteAce
CloseServiceHandle
DuplicateToken
RegisterServiceCtrlHandlerExA
QueryServiceConfigA
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyA
AddAccessAllowedAce
InitializeAcl
RegSaveKeyA
LockServiceDatabase
LookupPrivilegeValueA
CryptCreateHash
RegQueryInfoKeyW
RegDisablePredefinedCache
MakeSelfRelativeSD
ConvertStringSidToSidA
RegisterServiceCtrlHandlerA
OpenServiceA
CryptGetKeyParam
RegOpenKeyExW
InitializeSecurityDescriptor
GetSecurityDescriptorControl
QueryServiceStatus
CreateServiceW
InitializeSid
IsValidSecurityDescriptor
OpenServiceW
InitiateSystemShutdownA
RegRestoreKeyA
CryptGenKey
DeregisterEventSource
SetEntriesInAclA
CryptAcquireContextA
InitiateSystemShutdownExW
RegNotifyChangeKeyValue
BuildTrusteeWithSidW
RegLoadKeyW
RegConnectRegistryA
AddAce
CryptExportKey
EnumDependentServicesW
RegFlushKey
SetSecurityDescriptorSacl
SetThreadToken
SetNamedSecurityInfoA
CryptReleaseContext
CloseEncryptedFileRaw
SetTokenInformation
LsaLookupNames
EncryptFileW
UnlockServiceDatabase
CryptEncrypt
RegSetValueExA
CryptVerifySignatureA
GetNamedSecurityInfoA
LsaOpenPolicy
MakeAbsoluteSD
RegCreateKeyExA
LogonUserA
RegisterServiceCtrlHandlerW
RegEnumValueA
RegCloseKey
LsaAddAccountRights
GetSidSubAuthorityCount
ImpersonateLoggedOnUser
GetNamedSecurityInfoW
LsaLookupSids
LsaClose
LsaQueryInformationPolicy
MapGenericMask
CreateProcessAsUserA
QueryServiceStatusEx
IsValidAcl
OpenEncryptedFileRawW
GetAclInformation
RegQueryValueExA
RegDeleteValueA
CryptSetProvParam
RegCreateKeyW
WriteEncryptedFileRaw
SetServiceStatus
CopySid
RegUnLoadKeyA
RegOpenCurrentUser
LookupPrivilegeNameA
OpenProcessToken
CryptGenRandom
LookupPrivilegeDisplayNameA
RegQueryValueExW
GetFileSecurityA
StartServiceCtrlDispatcherW
OpenSCManagerW
GetSecurityInfo
CreateProcessAsUserW
ControlService
IsValidSid
LsaNtStatusToWinError
GetSecurityDescriptorGroup
CryptDeriveKey
ReadEncryptedFileRaw
SetServiceObjectSecurity
BuildExplicitAccessWithNameW
CryptEnumProvidersW
RegRestoreKeyW
AccessCheck
ReportEventA
RegisterEventSourceW
GetTokenInformation
LogonUserW
GetUserNameW
CryptGetHashParam
ChangeServiceConfigA
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyA
SetNamedSecurityInfoW
GetSidSubAuthority
StartServiceW
SetSecurityDescriptorOwner
GetUserNameA
GetSecurityDescriptorDacl
CreateServiceA
RegSetKeySecurity
ConvertSecurityDescriptorToStringSecurityDescriptorW
GetKernelObjectSecurity
GetLengthSid
ImpersonateSelf
SetFileSecurityA
GetEffectiveRightsFromAclA
GetSecurityDescriptorSacl
RegEnumKeyW
ImpersonateNamedPipeClient
GetExplicitEntriesFromAclW
SetFileSecurityW
AllocateAndInitializeSid
FreeSid
RegGetKeySecurity
DeleteService
LsaFreeMemory
GetSidIdentifierAuthority
CheckTokenMembership
ChangeServiceConfig2A
RegOpenKeyW
RegQueryValueA
RegOpenKeyA
SetSecurityDescriptorGroup
GetSecurityDescriptorOwner
AdjustTokenPrivileges
RegConnectRegistryW
RegDeleteKeyW
RegLoadKeyA
StartServiceA
RegSetValueW
CryptDecrypt
StartServiceCtrlDispatcherA
RegOpenKeyExA
LookupAccountNameA
EqualPrefixSid
RegSetValueA
RegUnLoadKeyW
CryptAcquireContextW
LookupAccountSidA
EqualSid
LookupAccountSidW
ConvertSidToStringSidW
OpenSCManagerA
Sections
.text Size: 78KB - Virtual size: 78KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 490KB - Virtual size: 489KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 133KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ