Static task
static1
Behavioral task
behavioral1
Sample
2e6c0856149f85501b3b76b5c17140381b1718b1c478cdc543b3010f55303776.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
2e6c0856149f85501b3b76b5c17140381b1718b1c478cdc543b3010f55303776.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
2e6c0856149f85501b3b76b5c17140381b1718b1c478cdc543b3010f55303776
-
Size
1.6MB
-
MD5
bb53c97257c0157de29f4e8c8c150a43
-
SHA1
13d46f4f4762850bff55c88a303389995662ac51
-
SHA256
2e6c0856149f85501b3b76b5c17140381b1718b1c478cdc543b3010f55303776
-
SHA512
804d71e4100ca1762ecdf336a8adcfd818990e8a092475ca83c2253dea3a8565b692c375fb4270f7f77b9a4222ccb1f29b349d53101112da7672c1aa25189d9c
-
SSDEEP
49152:vabvAdk3hnuCPK8IkIzHRR6abPpZLbxQqr:vabDqHRkwTx
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2e6c0856149f85501b3b76b5c17140381b1718b1c478cdc543b3010f55303776
Files
-
2e6c0856149f85501b3b76b5c17140381b1718b1c478cdc543b3010f55303776.exe windows:5 windows x86 arch:x86
3e6ac5e508527f4346d0ed5167c31703
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
utilities
?OnInitFinished@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UAEXVxml_node@pugi@@@Z
?GetObjectType@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UBEHXZ
?SetAttribute@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UAEJPBD0H@Z
?SetAttribute@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UAEJABV?$TStringT@DUchar_traits@SOUI@@@2@0H@Z
?GetBuffer@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEPA_WH@Z
?Format@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAA?AV12@PB_WZZ
?GetClassType@IObject@SOUI@@SAHXZ
?Right@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE?AV12@H@Z
?Compare@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBEHPB_W@Z
??Y?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEABV01@PB_W@Z
??4?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEAAV01@PB_W@Z
??4?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEAAV01@ABV01@@Z
??B?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBEPB_WXZ
?IsEmpty@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE_NXZ
?GetLength@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBEHXZ
??1?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@XZ
??0?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@PB_W@Z
??0?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@ABV01@@Z
??0?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@XZ
??1?$TStringT@DUchar_traits@SOUI@@@SOUI@@QAE@XZ
??0?$TStringT@DUchar_traits@SOUI@@@SOUI@@QAE@PBD@Z
?ConcatCopy@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@IAE_NHPB_WH0@Z
?GetData@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@IBEPAUTStringData@2@XZ
?SafeStrlen@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@SAHPB_W@Z
?GetData@?$TStringT@DUchar_traits@SOUI@@@SOUI@@IBEPAUTStringData@2@XZ
?Mid@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE?AV12@HH@Z
??A?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE_WH@Z
?Mid@?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBE?AV12@HH@Z
??B?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBEPBDXZ
??A?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBEDH@Z
?GetLength@?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBEHXZ
?SouiCalloc@soui_mem_wrapper@SOUI@@SAPAXII@Z
?SouiFree@soui_mem_wrapper@SOUI@@SAXPAX@Z
soui
?RequestRelayout@SHostWnd@SOUI@@UAEXKH@Z
?onRootResize@SHostWnd@SOUI@@UAE_NPAVEventArgs@2@@Z
?SetValue@SProgress@SOUI@@QAEHH@Z
?GetWindowTextW@SWindow@SOUI@@UAE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@H@Z
?SetWindowTextW@SWindow@SOUI@@UAEXPB_W@Z
?SetToolTipText@SWindow@SOUI@@UAEXPB_W@Z
?GetToolTipText@SWindow@SOUI@@UAE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@XZ
?GetClientRect@SWindow@SOUI@@UBEXPAUtagRECT@@@Z
?IsContainPoint@SWindow@SOUI@@UBEHABUtagPOINT@@H@Z
?OnColorize@SWindow@SOUI@@MAEXK@Z
?FindChildByName@SWindow@SOUI@@QAEPAV12@PB_WH@Z
?CreateChildren@SWindow@SOUI@@UAEHVxml_node@pugi@@@Z
?SSendMessage@SWindow@SOUI@@QAEJIIJPAH@Z
?GetSelectedChildInGroup@SWindow@SOUI@@UAEPAV12@XZ
?OnSetCursor@SWindow@SOUI@@UAEHABVCPoint@2@@Z
?OnUpdateToolTip@SWindow@SOUI@@UAEHVCPoint@2@AAUSwndToolTipInfo@2@@Z
?OnStateChanging@SWindow@SOUI@@UAEXKK@Z
?OnStateChanged@SWindow@SOUI@@UAEXKK@Z
?OnContentChanged@SWindow@SOUI@@UAEXXZ
?tr@SWindow@SOUI@@UAE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@ABV32@@Z
?SwndFromPoint@SWindow@SOUI@@UAEKVCPoint@2@H@Z
?FireEvent@SWindow@SOUI@@UAEHAAVEventArgs@2@@Z
?OnGetDlgCode@SWindow@SOUI@@UAEIXZ
?IsFocusable@SWindow@SOUI@@UAEHXZ
?OnNcHitTest@SWindow@SOUI@@UAEHVCPoint@2@@Z
?UpdateChildrenPosition@SWindow@SOUI@@UAEXXZ
?OnRelayout@SWindow@SOUI@@UAEHABVCRect@2@@Z
?GetChildrenLayoutRect@SWindow@SOUI@@UAE?AVCRect@2@XZ
?IsSiblingsAutoGroupped@SWindow@SOUI@@UAEHXZ
?GetSelectedSiblingInGroup@SWindow@SOUI@@UAEPAV12@XZ
?IsClipClient@SWindow@SOUI@@UAEHXZ
?OnUpdateFloatPosition@SWindow@SOUI@@UAEXABVCRect@2@@Z
?SwndProc@SWindow@SOUI@@MAEHIIJAAJ@Z
?OnScaleChanged@SHostWnd@SOUI@@MAEXH@Z
?SetAttribute@SWindow@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
?GetClassNameW@SStatic@SOUI@@SAPB_WXZ
?GetClassNameW@SProgress@SOUI@@SAPB_WXZ
?GetDesiredSize@SWindow@SOUI@@UAE?AVCSize@2@PBUtagRECT@@@Z
?NeedRedrawWhenStateChange@SWindow@SOUI@@UAEHXZ
?GetTextRect@SWindow@SOUI@@UAEXPAUtagRECT@@@Z
?DrawTextW@SWindow@SOUI@@UAEXPAUIRenderTarget@2@PB_WHPAUtagRECT@@I@Z
?DrawFocus@SWindow@SOUI@@UAEXPAUIRenderTarget@2@@Z
?UnregisterTimelineHandler@SHostWnd@SOUI@@MAEHPAUITimelineHandler@2@@Z
?CreateCaret@SWindow@SOUI@@UAEHPAUHBITMAP__@@HH@Z
?ShowCaret@SWindow@SOUI@@UAEXH@Z
?SetCaretPos@SWindow@SOUI@@UAEXHH@Z
?IsDrawToCache@SWindow@SOUI@@MBE_NXZ
?DefAttributeProc@SWindow@SOUI@@MAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
?AfterAttribute@SWindow@SOUI@@MAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0HJ@Z
?GetAttribute@SWindow@SOUI@@MBE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@ABV32@@Z
?RegisterDragDrop@SwndContainerImpl@SOUI@@MAEHKPAUIDropTarget@@@Z
?RevokeDragDrop@SwndContainerImpl@SOUI@@MAEHK@Z
?DoFrameEvent@SwndContainerImpl@SOUI@@MAEJIIJ@Z
?OnSetSwndFocus@SwndContainerImpl@SOUI@@MAEXK@Z
?OnGetSwndCapture@SwndContainerImpl@SOUI@@MAEKXZ
?GetFocus@SwndContainerImpl@SOUI@@MAEKXZ
?GetHover@SwndContainerImpl@SOUI@@MAEKXZ
?RegisterTrackMouseEvent@SwndContainerImpl@SOUI@@MAEHK@Z
?UnregisterTrackMouseEvent@SwndContainerImpl@SOUI@@MAEHK@Z
?MarkWndTreeZorderDirty@SwndContainerImpl@SOUI@@MAEXXZ
?BuildWndTreeZorder@SwndContainerImpl@SOUI@@MAEXXZ
?OnNextFrame@SwndContainerImpl@SOUI@@UAEXXZ
?GetClassNameW@STabCtrl@SOUI@@SAPB_WXZ
?GetClassNameW@SRichEdit@SOUI@@SAPB_WXZ
?GetObjectType@SwndContainerImpl@SOUI@@UBEHXZ
?FrameToHost@SwndContainerImpl@SOUI@@MAEXAAUtagRECT@@@Z
?GetAcceleratorMgr@SwndContainerImpl@SOUI@@MAEPAUIAcceleratorMgr@2@XZ
?DestroyWindow@CSimpleWnd@SOUI@@QAEHXZ
?OnLanguageChanged@SHostWnd@SOUI@@MAEJXZ
?UpdateLayout@SHostWnd@SOUI@@MAEXXZ
?AfterPaint@SHostWnd@SOUI@@MAEXPAUIRenderTarget@2@AAVSPainter@2@@Z
?BeforePaint@SHostWnd@SOUI@@MAEXPAUIRenderTarget@2@AAVSPainter@2@@Z
?GetScale@SHostWnd@SOUI@@MBEHXZ
?GetScriptModule@SHostWnd@SOUI@@MAEPAUIScriptModule@2@XZ
?ProcessSwndMessage@SWindow@SOUI@@MAEHIIJAAJ@Z
?GetMsgLoop@SHostWnd@SOUI@@MAEPAVSMessageLoop@2@XZ
?GetObjectClass@SHostWnd@SOUI@@UBEPB_WXZ
?GetObjectType@SHostWnd@SOUI@@UBEHXZ
?SetTimer@SHostWnd@SOUI@@QAEIII@Z
?IsClass@SHostWnd@SOUI@@UBEHPB_W@Z
?IsLayeredWindow@SHostWnd@SOUI@@MBEHXZ
?_HandleEvent@SHostWnd@SOUI@@UAEHPAVEventArgs@2@@Z
?ProcessWindowMessage@SHostWnd@SOUI@@UAEHPAUHWND__@@IIJAAJK@Z
?OnFinalRelease@?$TObjRefImpl2@UIObjRef@@VSWindow@SOUI@@@SOUI@@UAEXXZ
?getSingleton@?$SSingleton@VSApplication@SOUI@@@SOUI@@SAAAVSApplication@2@XZ
?Release@?$TObjRefImpl@UIObjRef@@@SOUI@@UAEJXZ
?AddRef@?$TObjRefImpl@UIObjRef@@@SOUI@@UAEJXZ
?RegisterTimelineHandler@SHostWnd@SOUI@@MAEHPAUITimelineHandler@2@@Z
?UpdateTooltip@SHostWnd@SOUI@@MAEXXZ
?UpdateWindow@SHostWnd@SOUI@@MAEHXZ
?OnSetCaretPos@SHostWnd@SOUI@@MAEHHH@Z
?OnShowCaret@SHostWnd@SOUI@@MAEHH@Z
?OnCreateCaret@SHostWnd@SOUI@@MAEHKPAUHBITMAP__@@HH@Z
?IsSendWheel2Hover@SHostWnd@SOUI@@MBEHXZ
?IsTranslucent@SHostWnd@SOUI@@MBEHXZ
?OnSetSwndCapture@SHostWnd@SOUI@@MAEKK@Z
?OnReleaseSwndCapture@SHostWnd@SOUI@@MAEHXZ
?OnRedraw@SHostWnd@SOUI@@MAEXABVCRect@2@@Z
?OnReleaseRenderTarget@SHostWnd@SOUI@@MAEXPAUIRenderTarget@2@ABVCRect@2@K@Z
?OnGetRenderTarget@SHostWnd@SOUI@@MAEPAUIRenderTarget@2@ABVCRect@2@K@Z
?GetTranslatorContext@SHostWnd@SOUI@@MBEABV?$TStringT@_WUwchar_traits@SOUI@@@2@XZ
?GetHostHwnd@SHostWnd@SOUI@@MAEPAUHWND__@@XZ
?GetContainerRect@SHostWnd@SOUI@@MAE?AVCRect@2@XZ
?getSingletonPtr@?$SSingleton@VSApplication@SOUI@@@SOUI@@SAPAVSApplication@2@XZ
??0SHostWnd@SOUI@@QAE@PB_W@Z
??1SHostWnd@SOUI@@UAE@XZ
?GetLogManager@SApplication@SOUI@@QAEPAUILog4zManager@2@XZ
?SetCurSel@STabCtrl@SOUI@@QAEHH@Z
?ReflectNotifications@CSimpleWnd@SOUI@@QAEJIIJAAH@Z
?OnFireEvent@SHostWnd@SOUI@@MAEHAAVEventArgs@2@@Z
?OnDestroy@SHostWnd@SOUI@@IAEXXZ
?GetClientRect@SHostWnd@SOUI@@UBE?AVCRect@2@XZ
?KillTimer@SHostWnd@SOUI@@QAEHI@Z
?GetObjectType@SWindow@SOUI@@UBEHXZ
?GetLayoutParam@SWindow@SOUI@@UBEPAUILayoutParam@2@XZ
?GetName@SWindow@SOUI@@UBEPB_WXZ
?GetTrCtx@SWindow@SOUI@@UBEABV?$TStringT@_WUwchar_traits@SOUI@@@2@XZ
?GetID@SWindow@SOUI@@UBEHXZ
?Create@SHostWnd@SOUI@@QAEPAUHWND__@@PAU3@KKHHHH@Z
?InitFromXml@SHostWnd@SOUI@@UAEHVxml_node@pugi@@@Z
?DestroyWindow@SHostWnd@SOUI@@QAEHXZ
?GetDesiredSize@SWindow@SOUI@@UAE?AVCSize@2@HH@Z
?OnFinalMessage@CSimpleWnd@SOUI@@MAEXPAUHWND__@@@Z
??0SObjectInfo@SOUI@@QAE@ABV?$TStringT@_WUwchar_traits@SOUI@@@1@H@Z
?RegisterSystemObjects@SApplication@SOUI@@MAEXXZ
??0SObjectDefaultRegister@SOUI@@QAE@XZ
?GetClassType@SSkinObjBase@SOUI@@SAHXZ
?GetObjectType@SSkinObjBase@SOUI@@UBEHXZ
?GetAlpha@SSkinObjBase@SOUI@@UBEEXZ
?SetAlpha@SSkinObjBase@SOUI@@UAEXE@Z
?Draw@SSkinObjBase@SOUI@@UAEXPAUIRenderTarget@2@PBUtagRECT@@KE@Z
?Draw@SSkinObjBase@SOUI@@UAEXPAUIRenderTarget@2@PBUtagRECT@@K@Z
?GetScale@SSkinObjBase@SOUI@@UBEHXZ
?Scale@SSkinObjBase@SOUI@@UAEPAVISkinObj@2@H@Z
?GetName@SSkinObjBase@SOUI@@UBEPB_WXZ
?GetClassType@SSkinImgList@SOUI@@SAHXZ
?GetObjectType@SSkinImgList@SOUI@@UBEHXZ
?SetStates@SSkinImgList@SOUI@@UAEXH@Z
?SetImage@SSkinImgList@SOUI@@UAE_NPAUIBitmap@2@@Z
?GetImage@SSkinImgList@SOUI@@UAEPAUIBitmap@2@XZ
?SetTile@SSkinImgList@SOUI@@UAEXH@Z
?IsTile@SSkinImgList@SOUI@@UAEHXZ
?SetVertical@SSkinImgList@SOUI@@UAEXH@Z
?IsVertical@SSkinImgList@SOUI@@UAEHXZ
?GetClassNameW@SSkinScrollbar@SOUI@@SAPB_WXZ
?GetClassType@SSkinScrollbar@SOUI@@SAHXZ
?GetObjectType@SSkinScrollbar@SOUI@@UBEHXZ
?IsClass@SSkinScrollbar@SOUI@@UBEHPB_W@Z
?SetAttribute@SSkinScrollbar@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
?SendMessageW@CSimpleWnd@SOUI@@QAEJIIJ@Z
?ShowWindow@CSimpleWnd@SOUI@@QAEHH@Z
??1SSkinScrollbar@SOUI@@UAE@XZ
?OnFinalRelease@?$TObjRefImpl@V?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@@SOUI@@UAEXXZ
?Release@?$TObjRefImpl@V?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@@SOUI@@UAEJXZ
?AddRef@?$TObjRefImpl@V?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@@SOUI@@UAEJXZ
?OnInitFinished@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEXVxml_node@pugi@@@Z
?GetAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UBE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@ABV32@@Z
?GetObjectType@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UBEHXZ
?SetAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJPBD0H@Z
?SetAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJABV?$TStringT@DUchar_traits@SOUI@@@2@0H@Z
?AfterAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0HJ@Z
?GetID@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UBEHXZ
?InitFromXml@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEHVxml_node@pugi@@@Z
?DefAttributeProc@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
??1SObjectInfo@SOUI@@QAE@XZ
??0SSkinScrollbar@SOUI@@QAE@XZ
?_Draw@SSkinScrollbar@SOUI@@MAEXPAUIRenderTarget@2@PBUtagRECT@@KE@Z
?_Scale@SSkinScrollbar@SOUI@@MAEXPAVISkinObj@2@H@Z
?CreateResProvider@SOUI@@YAHW4BUILTIN_RESTYPE@1@PAPAUIObjRef@@@Z
?Create@SHostWnd@SOUI@@QAEPAUHWND__@@PAU3@HHHH@Z
?RegisterFactory@SObjectFactoryMgr@SOUI@@QAE_NAAVSObjectFactory@2@_N@Z
?CreateObject@SObjectFactoryMgr@SOUI@@UBEPAUIObject@2@ABVSObjectInfo@2@@Z
?GetSkinSize@SSkinImgList@SOUI@@UAE?AUtagSIZE@@XZ
?IgnoreState@SSkinImgList@SOUI@@UAEHXZ
?GetStates@SSkinImgList@SOUI@@UAEHXZ
?OnColorize@SSkinImgList@SOUI@@UAEXK@Z
?GetExpandMode@SSkinImgList@SOUI@@MAEIXZ
??0SApplication@SOUI@@QAE@PAUIRenderFactory@1@PAUHINSTANCE__@@PB_WABUISystemObjectRegister@1@H@Z
??1SApplication@SOUI@@UAE@XZ
?Run@SApplication@SOUI@@QAEHPAUHWND__@@@Z
?CreateWindowByName@SApplication@SOUI@@UBEPAVSWindow@2@PB_W@Z
?CreateSkinByName@SApplication@SOUI@@UBEPAVISkinObj@2@PB_W@Z
?CreateInterpolatorByName@SApplication@SOUI@@UBEPAUIInterpolator@2@PB_W@Z
?CreateAccProxy@SApplication@SOUI@@UBEPAUIAccProxy@2@PAVSWindow@2@@Z
?CreateAccessible@SApplication@SOUI@@UBEPAUIAccessible@@PAVSWindow@2@@Z
?AddResProvider@SResProviderMgr@SOUI@@QAEXPAUIResProvider@2@PB_W@Z
?CenterWindow@CSimpleWnd@SOUI@@QAEHPAUHWND__@@@Z
kernel32
HeapSize
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetConsoleCtrlHandler
ReadConsoleW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
GetACP
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
WriteConsoleW
GetStdHandle
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
QueryPerformanceFrequency
GetStringTypeW
FormatMessageW
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThread
DuplicateHandle
TryEnterCriticalSection
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
SetEndOfFile
SignalObjectAndWait
CreateTimerQueue
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
GetModuleHandleA
VirtualAlloc
VirtualFree
VirtualProtect
SetProcessAffinityMask
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
WaitForMultipleObjectsEx
WriteFile
GetTempPathW
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessTimes
GetSystemTime
GetModuleHandleW
CreateProcessW
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
MoveFileExW
HeapAlloc
Process32FirstW
Process32NextW
GetFileAttributesExW
CreateToolhelp32Snapshot
OpenProcess
GetVersionExW
CreateFileW
WaitForSingleObject
FindClose
CreatePipe
RemoveDirectoryW
HeapFree
ReadFile
GetStartupInfoW
CreateDirectoryW
MultiByteToWideChar
MoveFileW
lstrcmpW
GetTickCount
lstrcpyW
CopyFileW
DeleteCriticalSection
DecodePointer
RaiseException
DeleteFileW
lstrcatW
OutputDebugStringW
Sleep
CreateMutexW
RtlCaptureStackBackTrace
InitializeCriticalSectionAndSpinCount
TerminateProcess
FindNextFileW
FindFirstFileW
WideCharToMultiByte
OutputDebugStringA
FreeLibrary
GetProcAddress
SetCurrentDirectoryW
LoadLibraryW
GetModuleFileNameW
CloseHandle
GetLastError
GetCurrentProcess
user32
SendMessageW
GetActiveWindow
PostMessageW
GetPropW
OffsetRect
UnregisterClassW
EnumWindows
advapi32
OpenProcessToken
LookupPrivilegeValueW
RegQueryValueExW
RegEnumValueW
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyExA
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
CryptReleaseContext
CryptDestroyHash
CryptHashData
CryptDeriveKey
CryptCreateHash
CryptDecrypt
CryptEncrypt
CryptAcquireContextW
CryptGetKeyParam
CryptDestroyKey
AdjustTokenPrivileges
shell32
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ole32
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
OleInitialize
OleUninitialize
CoTaskMemFree
oleaut32
SysFreeString
SysStringLen
VariantClear
SysAllocString
shlwapi
PathFileExistsW
PathCanonicalizeW
PathIsDirectoryW
PathRemoveFileSpecW
StrCmpW
winhttp
WinHttpAddRequestHeaders
WinHttpCrackUrl
WinHttpConnect
WinHttpSetTimeouts
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReceiveResponse
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
netapi32
NetApiBufferFree
NetWkstaGetInfo
iphlpapi
GetIpForwardTable
GetAdaptersInfo
ws2_32
recv
gethostname
inet_ntoa
send
inet_addr
WSAStartup
select
gethostbyname
WSACleanup
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 233KB - Virtual size: 233KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ