Static task
static1
Behavioral task
behavioral1
Sample
b09be2b35ca2d49df6328e59fa4ca1565f41ebfa50777edff6f3689ea8a6f4fb.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
b09be2b35ca2d49df6328e59fa4ca1565f41ebfa50777edff6f3689ea8a6f4fb.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
b09be2b35ca2d49df6328e59fa4ca1565f41ebfa50777edff6f3689ea8a6f4fb
-
Size
1.6MB
-
MD5
0e96a7d7cde50b20e2a9238fa546f046
-
SHA1
02e4c441788cdbde146572ec794af13849d2cdd9
-
SHA256
b09be2b35ca2d49df6328e59fa4ca1565f41ebfa50777edff6f3689ea8a6f4fb
-
SHA512
b56be35240968410bcc8847276891bb4e4cfd0aa2876bbd63cae94cc6b59b8dfefc1c30f34435742fe534d206588e4c77223ac02ef3826f6b603969dc43cb45d
-
SSDEEP
49152:UGTV9KANwBfHGGUkXdaRoL456a7PyMIL3f:JVZH045dby
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b09be2b35ca2d49df6328e59fa4ca1565f41ebfa50777edff6f3689ea8a6f4fb
Files
-
b09be2b35ca2d49df6328e59fa4ca1565f41ebfa50777edff6f3689ea8a6f4fb.exe windows:5 windows x86 arch:x86
051786bd22ec6484eb655b68459dab96
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
utilities
?OnInitFinished@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UAEXVxml_node@pugi@@@Z
?GetObjectType@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UBEHXZ
?SetAttribute@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UAEJPBD0H@Z
?SetAttribute@?$SObjectImpl@UIObject@SOUI@@@SOUI@@UAEJABV?$TStringT@DUchar_traits@SOUI@@@2@0H@Z
?GetBuffer@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEPA_WH@Z
?Format@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAA?AV12@PB_WZZ
?GetClassType@IObject@SOUI@@SAHXZ
?Right@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE?AV12@H@Z
?Compare@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBEHPB_W@Z
??Y?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEABV01@PB_W@Z
??4?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEAAV01@PB_W@Z
??4?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAEAAV01@ABV01@@Z
??B?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBEPB_WXZ
?IsEmpty@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE_NXZ
?GetLength@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBEHXZ
??1?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@XZ
??0?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@PB_W@Z
??0?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@ABV01@@Z
??0?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QAE@XZ
??1?$TStringT@DUchar_traits@SOUI@@@SOUI@@QAE@XZ
??0?$TStringT@DUchar_traits@SOUI@@@SOUI@@QAE@PBD@Z
?ConcatCopy@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@IAE_NHPB_WH0@Z
?GetData@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@IBEPAUTStringData@2@XZ
?SafeStrlen@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@SAHPB_W@Z
?GetData@?$TStringT@DUchar_traits@SOUI@@@SOUI@@IBEPAUTStringData@2@XZ
?Mid@?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE?AV12@HH@Z
??A?$TStringT@_WUwchar_traits@SOUI@@@SOUI@@QBE_WH@Z
?Mid@?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBE?AV12@HH@Z
??B?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBEPBDXZ
??A?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBEDH@Z
?GetLength@?$TStringT@DUchar_traits@SOUI@@@SOUI@@QBEHXZ
?SouiCalloc@soui_mem_wrapper@SOUI@@SAPAXII@Z
?SouiFree@soui_mem_wrapper@SOUI@@SAXPAX@Z
soui
?OnScaleChanged@SHostWnd@SOUI@@MAEXH@Z
?RequestRelayout@SHostWnd@SOUI@@UAEXKH@Z
?onRootResize@SHostWnd@SOUI@@UAE_NPAVEventArgs@2@@Z
?SetValue@SProgress@SOUI@@QAEHH@Z
?GetWindowTextW@SWindow@SOUI@@UAE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@H@Z
?SetWindowTextW@SWindow@SOUI@@UAEXPB_W@Z
?SetToolTipText@SWindow@SOUI@@UAEXPB_W@Z
?GetToolTipText@SWindow@SOUI@@UAE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@XZ
?GetClientRect@SWindow@SOUI@@UBEXPAUtagRECT@@@Z
?IsContainPoint@SWindow@SOUI@@UBEHABUtagPOINT@@H@Z
?OnColorize@SWindow@SOUI@@MAEXK@Z
?FindChildByName@SWindow@SOUI@@QAEPAV12@PB_WH@Z
?CreateChildren@SWindow@SOUI@@UAEHVxml_node@pugi@@@Z
?SSendMessage@SWindow@SOUI@@QAEJIIJPAH@Z
?GetSelectedChildInGroup@SWindow@SOUI@@UAEPAV12@XZ
?OnSetCursor@SWindow@SOUI@@UAEHABVCPoint@2@@Z
?OnUpdateToolTip@SWindow@SOUI@@UAEHVCPoint@2@AAUSwndToolTipInfo@2@@Z
?OnStateChanging@SWindow@SOUI@@UAEXKK@Z
?OnStateChanged@SWindow@SOUI@@UAEXKK@Z
?OnContentChanged@SWindow@SOUI@@UAEXXZ
?tr@SWindow@SOUI@@UAE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@ABV32@@Z
?SwndFromPoint@SWindow@SOUI@@UAEKVCPoint@2@H@Z
?FireEvent@SWindow@SOUI@@UAEHAAVEventArgs@2@@Z
?OnGetDlgCode@SWindow@SOUI@@UAEIXZ
?IsFocusable@SWindow@SOUI@@UAEHXZ
?OnNcHitTest@SWindow@SOUI@@UAEHVCPoint@2@@Z
?UpdateChildrenPosition@SWindow@SOUI@@UAEXXZ
?OnRelayout@SWindow@SOUI@@UAEHABVCRect@2@@Z
?GetChildrenLayoutRect@SWindow@SOUI@@UAE?AVCRect@2@XZ
?IsSiblingsAutoGroupped@SWindow@SOUI@@UAEHXZ
?GetSelectedSiblingInGroup@SWindow@SOUI@@UAEPAV12@XZ
?IsClipClient@SWindow@SOUI@@UAEHXZ
?OnUpdateFloatPosition@SWindow@SOUI@@UAEXABVCRect@2@@Z
?SwndProc@SWindow@SOUI@@MAEHIIJAAJ@Z
?OnLanguageChanged@SHostWnd@SOUI@@MAEJXZ
?SetAttribute@SWindow@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
?GetClassNameW@SStatic@SOUI@@SAPB_WXZ
?GetClassNameW@SProgress@SOUI@@SAPB_WXZ
?GetDesiredSize@SWindow@SOUI@@UAE?AVCSize@2@PBUtagRECT@@@Z
?NeedRedrawWhenStateChange@SWindow@SOUI@@UAEHXZ
?GetTextRect@SWindow@SOUI@@UAEXPAUtagRECT@@@Z
?DrawTextW@SWindow@SOUI@@UAEXPAUIRenderTarget@2@PB_WHPAUtagRECT@@I@Z
?RegisterTimelineHandler@SHostWnd@SOUI@@MAEHPAUITimelineHandler@2@@Z
?GetTrCtx@SWindow@SOUI@@UBEABV?$TStringT@_WUwchar_traits@SOUI@@@2@XZ
?CreateCaret@SWindow@SOUI@@UAEHPAUHBITMAP__@@HH@Z
?ShowCaret@SWindow@SOUI@@UAEXH@Z
?SetCaretPos@SWindow@SOUI@@UAEXHH@Z
?IsDrawToCache@SWindow@SOUI@@MBE_NXZ
?DefAttributeProc@SWindow@SOUI@@MAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
?AfterAttribute@SWindow@SOUI@@MAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0HJ@Z
?GetAttribute@SWindow@SOUI@@MBE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@ABV32@@Z
?RegisterDragDrop@SwndContainerImpl@SOUI@@MAEHKPAUIDropTarget@@@Z
?RevokeDragDrop@SwndContainerImpl@SOUI@@MAEHK@Z
?DoFrameEvent@SwndContainerImpl@SOUI@@MAEJIIJ@Z
?OnSetSwndFocus@SwndContainerImpl@SOUI@@MAEXK@Z
?OnGetSwndCapture@SwndContainerImpl@SOUI@@MAEKXZ
?GetFocus@SwndContainerImpl@SOUI@@MAEKXZ
?GetHover@SwndContainerImpl@SOUI@@MAEKXZ
?RegisterTrackMouseEvent@SwndContainerImpl@SOUI@@MAEHK@Z
?UnregisterTrackMouseEvent@SwndContainerImpl@SOUI@@MAEHK@Z
?MarkWndTreeZorderDirty@SwndContainerImpl@SOUI@@MAEXXZ
?BuildWndTreeZorder@SwndContainerImpl@SOUI@@MAEXXZ
?OnNextFrame@SwndContainerImpl@SOUI@@UAEXXZ
?GetClassNameW@STabCtrl@SOUI@@SAPB_WXZ
?GetClassNameW@SRichEdit@SOUI@@SAPB_WXZ
?GetObjectType@SwndContainerImpl@SOUI@@UBEHXZ
?FrameToHost@SwndContainerImpl@SOUI@@MAEXAAUtagRECT@@@Z
?GetAcceleratorMgr@SwndContainerImpl@SOUI@@MAEPAUIAcceleratorMgr@2@XZ
?DestroyWindow@CSimpleWnd@SOUI@@QAEHXZ
?UpdateLayout@SHostWnd@SOUI@@MAEXXZ
?AfterPaint@SHostWnd@SOUI@@MAEXPAUIRenderTarget@2@AAVSPainter@2@@Z
?BeforePaint@SHostWnd@SOUI@@MAEXPAUIRenderTarget@2@AAVSPainter@2@@Z
?GetScale@SHostWnd@SOUI@@MBEHXZ
?GetScriptModule@SHostWnd@SOUI@@MAEPAUIScriptModule@2@XZ
?GetMsgLoop@SHostWnd@SOUI@@MAEPAVSMessageLoop@2@XZ
?ProcessSwndMessage@SWindow@SOUI@@MAEHIIJAAJ@Z
?UnregisterTimelineHandler@SHostWnd@SOUI@@MAEHPAUITimelineHandler@2@@Z
?GetObjectClass@SHostWnd@SOUI@@UBEPB_WXZ
?DestroyWindow@SHostWnd@SOUI@@QAEHXZ
?GetObjectType@SHostWnd@SOUI@@UBEHXZ
?IsClass@SHostWnd@SOUI@@UBEHPB_W@Z
?IsLayeredWindow@SHostWnd@SOUI@@MBEHXZ
?_HandleEvent@SHostWnd@SOUI@@UAEHPAVEventArgs@2@@Z
?ProcessWindowMessage@SHostWnd@SOUI@@UAEHPAUHWND__@@IIJAAJK@Z
?OnFinalRelease@?$TObjRefImpl2@UIObjRef@@VSWindow@SOUI@@@SOUI@@UAEXXZ
?getSingleton@?$SSingleton@VSApplication@SOUI@@@SOUI@@SAAAVSApplication@2@XZ
?Release@?$TObjRefImpl@UIObjRef@@@SOUI@@UAEJXZ
?UpdateTooltip@SHostWnd@SOUI@@MAEXXZ
?UpdateWindow@SHostWnd@SOUI@@MAEHXZ
?OnSetCaretPos@SHostWnd@SOUI@@MAEHHH@Z
?OnShowCaret@SHostWnd@SOUI@@MAEHH@Z
?OnCreateCaret@SHostWnd@SOUI@@MAEHKPAUHBITMAP__@@HH@Z
?IsSendWheel2Hover@SHostWnd@SOUI@@MBEHXZ
?IsTranslucent@SHostWnd@SOUI@@MBEHXZ
?OnSetSwndCapture@SHostWnd@SOUI@@MAEKK@Z
?OnReleaseSwndCapture@SHostWnd@SOUI@@MAEHXZ
?OnRedraw@SHostWnd@SOUI@@MAEXABVCRect@2@@Z
?OnReleaseRenderTarget@SHostWnd@SOUI@@MAEXPAUIRenderTarget@2@ABVCRect@2@K@Z
?OnGetRenderTarget@SHostWnd@SOUI@@MAEPAUIRenderTarget@2@ABVCRect@2@K@Z
?GetTranslatorContext@SHostWnd@SOUI@@MBEABV?$TStringT@_WUwchar_traits@SOUI@@@2@XZ
?GetHostHwnd@SHostWnd@SOUI@@MAEPAUHWND__@@XZ
?GetContainerRect@SHostWnd@SOUI@@MAE?AVCRect@2@XZ
?OnFireEvent@SHostWnd@SOUI@@MAEHAAVEventArgs@2@@Z
?AddRef@?$TObjRefImpl@UIObjRef@@@SOUI@@UAEJXZ
?getSingletonPtr@?$SSingleton@VSApplication@SOUI@@@SOUI@@SAPAVSApplication@2@XZ
??0SHostWnd@SOUI@@QAE@PB_W@Z
?GetLogManager@SApplication@SOUI@@QAEPAUILog4zManager@2@XZ
?SetCurSel@STabCtrl@SOUI@@QAEHH@Z
?ReflectNotifications@CSimpleWnd@SOUI@@QAEJIIJAAH@Z
?OnDestroy@SHostWnd@SOUI@@IAEXXZ
?GetClientRect@SHostWnd@SOUI@@UBE?AVCRect@2@XZ
?KillTimer@SHostWnd@SOUI@@QAEHI@Z
?SetTimer@SHostWnd@SOUI@@QAEIII@Z
?GetObjectType@SWindow@SOUI@@UBEHXZ
?GetLayoutParam@SWindow@SOUI@@UBEPAUILayoutParam@2@XZ
?GetName@SWindow@SOUI@@UBEPB_WXZ
?DrawFocus@SWindow@SOUI@@UAEXPAUIRenderTarget@2@@Z
?GetID@SWindow@SOUI@@UBEHXZ
??1SHostWnd@SOUI@@UAE@XZ
?Create@SHostWnd@SOUI@@QAEPAUHWND__@@PAU3@KKHHHH@Z
?InitFromXml@SHostWnd@SOUI@@UAEHVxml_node@pugi@@@Z
?GetDesiredSize@SWindow@SOUI@@UAE?AVCSize@2@HH@Z
?OnFinalMessage@CSimpleWnd@SOUI@@MAEXPAUHWND__@@@Z
??0SObjectInfo@SOUI@@QAE@ABV?$TStringT@_WUwchar_traits@SOUI@@@1@H@Z
?RegisterSystemObjects@SApplication@SOUI@@MAEXXZ
??0SObjectDefaultRegister@SOUI@@QAE@XZ
?GetClassType@SSkinObjBase@SOUI@@SAHXZ
?GetObjectType@SSkinObjBase@SOUI@@UBEHXZ
?GetAlpha@SSkinObjBase@SOUI@@UBEEXZ
?SetAlpha@SSkinObjBase@SOUI@@UAEXE@Z
?Draw@SSkinObjBase@SOUI@@UAEXPAUIRenderTarget@2@PBUtagRECT@@KE@Z
?Draw@SSkinObjBase@SOUI@@UAEXPAUIRenderTarget@2@PBUtagRECT@@K@Z
?GetScale@SSkinObjBase@SOUI@@UBEHXZ
?Scale@SSkinObjBase@SOUI@@UAEPAVISkinObj@2@H@Z
?GetName@SSkinObjBase@SOUI@@UBEPB_WXZ
?GetClassType@SSkinImgList@SOUI@@SAHXZ
?GetObjectType@SSkinImgList@SOUI@@UBEHXZ
?SetStates@SSkinImgList@SOUI@@UAEXH@Z
?SetImage@SSkinImgList@SOUI@@UAE_NPAUIBitmap@2@@Z
?GetImage@SSkinImgList@SOUI@@UAEPAUIBitmap@2@XZ
?SetTile@SSkinImgList@SOUI@@UAEXH@Z
?IsTile@SSkinImgList@SOUI@@UAEHXZ
?SetVertical@SSkinImgList@SOUI@@UAEXH@Z
?IsVertical@SSkinImgList@SOUI@@UAEHXZ
?GetClassNameW@SSkinScrollbar@SOUI@@SAPB_WXZ
?GetClassType@SSkinScrollbar@SOUI@@SAHXZ
?GetObjectType@SSkinScrollbar@SOUI@@UBEHXZ
?IsClass@SSkinScrollbar@SOUI@@UBEHPB_W@Z
?SetAttribute@SSkinScrollbar@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
?SendMessageW@CSimpleWnd@SOUI@@QAEJIIJ@Z
?ShowWindow@CSimpleWnd@SOUI@@QAEHH@Z
??1SSkinScrollbar@SOUI@@UAE@XZ
?OnFinalRelease@?$TObjRefImpl@V?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@@SOUI@@UAEXXZ
?Release@?$TObjRefImpl@V?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@@SOUI@@UAEJXZ
?AddRef@?$TObjRefImpl@V?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@@SOUI@@UAEJXZ
?OnInitFinished@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEXVxml_node@pugi@@@Z
?GetAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UBE?AV?$TStringT@_WUwchar_traits@SOUI@@@2@ABV32@@Z
?GetObjectType@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UBEHXZ
?SetAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJPBD0H@Z
?SetAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJABV?$TStringT@DUchar_traits@SOUI@@@2@0H@Z
?AfterAttribute@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0HJ@Z
?GetID@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UBEHXZ
?InitFromXml@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEHVxml_node@pugi@@@Z
?DefAttributeProc@?$SObjectImpl@VISkinObj@SOUI@@@SOUI@@UAEJABV?$TStringT@_WUwchar_traits@SOUI@@@2@0H@Z
??1SObjectInfo@SOUI@@QAE@XZ
??0SSkinScrollbar@SOUI@@QAE@XZ
?_Draw@SSkinScrollbar@SOUI@@MAEXPAUIRenderTarget@2@PBUtagRECT@@KE@Z
?_Scale@SSkinScrollbar@SOUI@@MAEXPAVISkinObj@2@H@Z
?CreateResProvider@SOUI@@YAHW4BUILTIN_RESTYPE@1@PAPAUIObjRef@@@Z
?Create@SHostWnd@SOUI@@QAEPAUHWND__@@PAU3@HHHH@Z
?RegisterFactory@SObjectFactoryMgr@SOUI@@QAE_NAAVSObjectFactory@2@_N@Z
?CreateObject@SObjectFactoryMgr@SOUI@@UBEPAUIObject@2@ABVSObjectInfo@2@@Z
?GetSkinSize@SSkinImgList@SOUI@@UAE?AUtagSIZE@@XZ
?IgnoreState@SSkinImgList@SOUI@@UAEHXZ
?GetStates@SSkinImgList@SOUI@@UAEHXZ
?OnColorize@SSkinImgList@SOUI@@UAEXK@Z
?GetExpandMode@SSkinImgList@SOUI@@MAEIXZ
??0SApplication@SOUI@@QAE@PAUIRenderFactory@1@PAUHINSTANCE__@@PB_WABUISystemObjectRegister@1@H@Z
??1SApplication@SOUI@@UAE@XZ
?Run@SApplication@SOUI@@QAEHPAUHWND__@@@Z
?CreateWindowByName@SApplication@SOUI@@UBEPAVSWindow@2@PB_W@Z
?CreateSkinByName@SApplication@SOUI@@UBEPAVISkinObj@2@PB_W@Z
?CreateInterpolatorByName@SApplication@SOUI@@UBEPAUIInterpolator@2@PB_W@Z
?CreateAccProxy@SApplication@SOUI@@UBEPAUIAccProxy@2@PAVSWindow@2@@Z
?CreateAccessible@SApplication@SOUI@@UBEPAUIAccessible@@PAVSWindow@2@@Z
?AddResProvider@SResProviderMgr@SOUI@@QAEXPAUIResProvider@2@PB_W@Z
?CenterWindow@CSimpleWnd@SOUI@@QAEHPAUHWND__@@@Z
kernel32
HeapSize
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
SetConsoleCtrlHandler
ReadConsoleW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
GetACP
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
WriteConsoleW
GetStdHandle
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
QueryPerformanceFrequency
GetStringTypeW
FormatMessageW
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThread
DuplicateHandle
TryEnterCriticalSection
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
SetEndOfFile
SignalObjectAndWait
CreateTimerQueue
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
GetModuleHandleA
VirtualAlloc
VirtualFree
VirtualProtect
SetProcessAffinityMask
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
WaitForMultipleObjectsEx
WriteFile
GetTempPathW
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessTimes
GetSystemTime
GetModuleHandleW
CreateProcessW
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
MoveFileExW
HeapAlloc
Process32FirstW
Process32NextW
GetFileAttributesExW
CreateToolhelp32Snapshot
OpenProcess
GetVersionExW
CreateFileW
WaitForSingleObject
FindClose
CreatePipe
RemoveDirectoryW
DeviceIoControl
HeapFree
ReadFile
GetStartupInfoW
CreateDirectoryW
MultiByteToWideChar
MoveFileW
lstrcmpW
GetTickCount
lstrcpyW
CopyFileW
DeleteCriticalSection
DecodePointer
RaiseException
DeleteFileW
lstrcatW
OutputDebugStringW
Sleep
CreateMutexW
RtlCaptureStackBackTrace
InitializeCriticalSectionAndSpinCount
TerminateProcess
FindNextFileW
FindFirstFileW
WideCharToMultiByte
OutputDebugStringA
FreeLibrary
GetProcAddress
SetCurrentDirectoryW
LoadLibraryW
GetModuleFileNameW
CloseHandle
GetLastError
GetCurrentProcess
user32
SendMessageW
GetActiveWindow
PostMessageW
GetPropW
OffsetRect
UnregisterClassW
EnumWindows
advapi32
OpenProcessToken
LookupPrivilegeValueW
RegQueryValueExW
RegEnumValueW
RegOpenKeyW
RegOpenKeyExW
RegOpenKeyExA
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCloseKey
CryptReleaseContext
CryptDestroyHash
CryptHashData
CryptDeriveKey
CryptCreateHash
CryptDecrypt
CryptEncrypt
CryptAcquireContextW
CryptGetKeyParam
CryptDestroyKey
AdjustTokenPrivileges
shell32
SHGetSpecialFolderLocation
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ole32
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
OleInitialize
OleUninitialize
CoTaskMemFree
oleaut32
SysFreeString
VariantClear
SysAllocString
shlwapi
PathCanonicalizeW
PathIsDirectoryW
StrCmpW
PathRemoveFileSpecW
PathFileExistsW
winhttp
WinHttpAddRequestHeaders
WinHttpCrackUrl
WinHttpConnect
WinHttpSetTimeouts
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReceiveResponse
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
netapi32
NetApiBufferFree
NetWkstaGetInfo
iphlpapi
GetIpForwardTable
GetAdaptersInfo
ws2_32
recv
gethostname
inet_ntoa
send
inet_addr
WSAStartup
select
gethostbyname
WSACleanup
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 233KB - Virtual size: 233KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 46KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ