Static task
static1
Behavioral task
behavioral1
Sample
00b3efc7887524c402a63ce438ee8f78.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
00b3efc7887524c402a63ce438ee8f78.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
00b3efc7887524c402a63ce438ee8f78
-
Size
580KB
-
MD5
00b3efc7887524c402a63ce438ee8f78
-
SHA1
576f4e320f395b5cc05f2d4de09c0d246bf909ff
-
SHA256
54a87485915145e163159eeaf6c254afc21123ea19adaad9a068b75f27069592
-
SHA512
07adeffc1b1dc57a9c19b4fcaada7d5fd0cf041350ccfa9a476884802f23867d0b3832f7fb8147617d2b7ed83fc04a220464fcf8e8400462e8329458c3ebc8ab
-
SSDEEP
12288:r4TiL2ZYCXYNozXIafuiPuA4VVKWrK3+q/2:r4TQUXYNocafurndrU/2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 00b3efc7887524c402a63ce438ee8f78
Files
-
00b3efc7887524c402a63ce438ee8f78.exe windows:4 windows x86 arch:x86
eac212ef64b002274872e26cbe47f32b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ole32
CoTreatAsClass
OleCreate
CoGetInterfaceAndReleaseStream
OleFlushClipboard
ReleaseStgMedium
CLSIDFromString
OleQueryLinkFromData
SetConvertStg
GetRunningObjectTable
OleGetClipboard
OleLoad
OleRegEnumVerbs
CoDisconnectObject
IsAccelerator
OleSetContainedObject
CoRegisterMallocSpy
OleDraw
OleSetClipboard
CoTaskMemAlloc
OleCreateStaticFromData
CoRegisterMessageFilter
OleCreateLinkToFile
CoSetProxyBlanket
StgOpenStorage
OleCreateFromData
StgCreateStorageEx
OleDestroyMenuDescriptor
OleSave
CoMarshalInterface
OleLockRunning
StgCreateDocfileOnILockBytes
OleTranslateAccelerator
OleUninitialize
CreateILockBytesOnHGlobal
RevokeDragDrop
CoInitializeSecurity
StringFromCLSID
CoTaskMemFree
CreateGenericComposite
ProgIDFromCLSID
CoFreeUnusedLibraries
GetClassFile
CoLockObjectExternal
OleGetIconOfClass
CoCreateInstance
OleRun
StgIsStorageFile
StgOpenStorageOnILockBytes
CoRegisterClassObject
OleCreateFromFile
ReadClassStg
CoResumeClassObjects
IIDFromString
StringFromGUID2
WriteClassStg
OleSetMenuDescriptor
CoCopyProxy
BindMoniker
OleDuplicateData
GetHGlobalFromILockBytes
CoUninitialize
CreateClassMoniker
CoSuspendClassObjects
CoInitializeEx
StgIsStorageILockBytes
CoImpersonateClient
OleIsCurrentClipboard
DoDragDrop
CoUnmarshalInterface
CoInitialize
CreateDataAdviseHolder
WriteClassStm
CoGetMalloc
StgCreateDocfile
OleCreateLinkFromData
MkParseDisplayName
CoCreateInstanceEx
CoQueryProxyBlanket
CoGetClassObject
OleLoadFromStream
RegisterDragDrop
CoRevokeClassObject
StringFromIID
CoCreateGuid
CreateBindCtx
GetHGlobalFromStream
OleSaveToStream
CoTaskMemRealloc
CreateItemMoniker
CreateOleAdviseHolder
CoRevokeMallocSpy
OleRegGetUserType
OleInitialize
OleQueryCreateFromData
ReadFmtUserTypeStg
OleRegGetMiscStatus
CreateStreamOnHGlobal
CoLoadLibrary
CoMarshalInterThreadInterfaceInStream
CreateFileMoniker
OleCreateMenuDescriptor
CoGetObject
CoReleaseMarshalData
WriteFmtUserTypeStg
CoFileTimeNow
ReadClassStm
PropVariantClear
CoRevertToSelf
FreePropVariantArray
CLSIDFromProgID
OleIsRunning
winspool.drv
EnumPrintersA
GetPrinterW
DeviceCapabilitiesA
SetPrinterW
EndPagePrinter
EnumPrinterDriversA
StartDocPrinterA
EnumJobsA
GetFormW
SetJobW
FindNextPrinterChangeNotification
DeletePrinterDriverA
FindFirstPrinterChangeNotification
OpenPrinterW
DeviceCapabilitiesW
WritePrinter
GetPrinterDriverDirectoryA
EnumFormsW
ord204
GetPrinterDriverA
PrinterProperties
GetJobW
AddPrinterDriverA
SetPrinterDataW
AddFormW
DeletePrintProcessorW
ClosePrinter
EnumPortsW
OpenPrinterA
GetJobA
DeleteFormW
EnumPrintersW
SetPrinterA
AddPrinterA
AbortPrinter
DocumentPropertiesW
DeletePrinter
FreePrinterNotifyInfo
EnumPortsA
StartPagePrinter
EnumJobsW
EndDocPrinter
DeletePrintProcessorA
StartDocPrinterW
DocumentPropertiesA
GetPrinterA
kernel32
InitializeCriticalSection
GetVolumeInformationA
ContinueDebugEvent
GetEnvironmentStringsW
GetFileSize
GlobalFlags
OpenProcess
SetProcessWorkingSetSize
BeginUpdateResourceW
CreateToolhelp32Snapshot
FindFirstChangeNotificationA
CreateSemaphoreA
IsValidCodePage
SetHandleCount
IsDebuggerPresent
SetThreadExecutionState
DeleteVolumeMountPointA
GetDriveTypeA
SetFilePointer
MapViewOfFile
SetCommMask
Heap32ListNext
GetDiskFreeSpaceW
SleepEx
GlobalGetAtomNameA
GetFileTime
Module32NextW
EndUpdateResourceW
TerminateProcess
lstrcmpW
FlushConsoleInputBuffer
CreateEventW
GetVersionExW
RemoveDirectoryA
UnhandledExceptionFilter
CancelIo
EnumCalendarInfoW
GetPrivateProfileStringA
SuspendThread
GetComputerNameW
GetProfileStringA
CreateDirectoryExA
FileTimeToSystemTime
IsDBCSLeadByte
CreateFileW
EnumCalendarInfoExW
FileTimeToDosDateTime
EnumCalendarInfoA
BuildCommDCBA
EndUpdateResourceA
EnterCriticalSection
GlobalLock
LCMapStringA
SetUnhandledExceptionFilter
PeekNamedPipe
RaiseException
VirtualFree
BackupRead
GetFullPathNameW
OpenEventW
CreateWaitableTimerA
GetAtomNameA
ReleaseMutex
CreateThread
OpenEventA
UnlockFileEx
LCMapStringW
FreeEnvironmentStringsW
EnumLanguageGroupLocalesW
SetThreadPriority
FindResourceExW
Heap32Next
GetFileSizeEx
PostQueuedCompletionStatus
GlobalMemoryStatus
OpenFileMappingA
Module32Next
GetStdHandle
GetFileInformationByHandle
GetEnvironmentVariableA
CreateProcessA
GetTimeFormatA
UpdateResourceW
WritePrivateProfileStringA
VerSetConditionMask
UpdateResourceA
MoveFileA
TlsAlloc
GetLogicalDriveStringsW
GetFileAttributesA
GetCompressedFileSizeW
GetFullPathNameA
WriteConsoleA
SetCommState
PulseEvent
DisconnectNamedPipe
GetCommState
CreateDirectoryA
WriteProcessMemory
LocalAlloc
_llseek
DefineDosDeviceA
WritePrivateProfileStructW
GetThreadLocale
GetThreadTimes
GetProcessHeap
GetTempFileNameA
lstrlenW
GetPriorityClass
OpenMutexA
GetWindowsDirectoryW
GetEnvironmentVariableW
lstrlenA
SystemTimeToTzSpecificLocalTime
SetHandleInformation
GetEnvironmentStrings
GetCurrentDirectoryA
GetCurrentThread
FreeConsole
SetTimeZoneInformation
SetNamedPipeHandleState
_lread
GetConsoleMode
GetSystemInfo
Heap32ListFirst
WriteConsoleOutputW
RtlUnwind
GlobalUnlock
Thread32Next
AddAtomW
SystemTimeToFileTime
ClearCommBreak
GetVersionExA
GetQueuedCompletionStatus
GetOverlappedResult
CreateNamedPipeA
SetPriorityClass
GlobalAddAtomW
GetSystemPowerStatus
GetCurrentProcessId
InterlockedCompareExchange
ConnectNamedPipe
SetEvent
SetThreadContext
GlobalDeleteAtom
SetThreadAffinityMask
DisableThreadLibraryCalls
WaitForSingleObject
_hwrite
EscapeCommFunction
ReadDirectoryChangesW
FreeResource
ReleaseSemaphore
GetPrivateProfileSectionNamesA
AllocConsole
GetSystemTimeAsFileTime
GetFileAttributesExA
TransmitCommChar
DeleteVolumeMountPointW
SetComputerNameW
SetErrorMode
OpenSemaphoreA
DeleteFiber
GetModuleFileNameW
MoveFileW
GetLocaleInfoW
GetSystemWindowsDirectoryA
GetUserDefaultUILanguage
WriteFileEx
VirtualQueryEx
SetCommTimeouts
EnumResourceNamesW
GetHandleInformation
WaitNamedPipeW
CompareStringW
InterlockedDecrement
WaitNamedPipeA
CopyFileA
GetDiskFreeSpaceExW
SetCurrentDirectoryA
FatalAppExitA
GetFileAttributesExW
Process32First
EnumUILanguagesW
SetFileAttributesW
IsBadReadPtr
GlobalMemoryStatusEx
OpenFile
FormatMessageA
GetTempFileNameW
DeleteFileW
lstrcpyA
SwitchToThread
MoveFileExA
CreateMutexA
DeviceIoControl
GlobalReAlloc
InterlockedExchangeAdd
GetFileAttributesW
EnumSystemLanguageGroupsW
InitializeCriticalSectionAndSpinCount
GlobalSize
Module32FirstW
Sleep
GetVolumePathNameA
QueryPerformanceFrequency
GetUserDefaultLCID
GlobalGetAtomNameW
Process32NextW
CreateFileA
GetDiskFreeSpaceExA
FindResourceW
FreeEnvironmentStringsA
WritePrivateProfileStringW
VerifyVersionInfoA
ProcessIdToSessionId
GetShortPathNameW
CreateNamedPipeW
GetExitCodeThread
CommConfigDialogW
ConvertThreadToFiber
SetLocalTime
WaitForSingleObjectEx
MultiByteToWideChar
GetThreadContext
RemoveDirectoryW
GetCommTimeouts
WinExec
GetTempPathW
GetPrivateProfileStringW
IsBadStringPtrA
SwitchToFiber
SetEndOfFile
OpenMutexW
LocalFree
_lcreat
SearchPathW
GetStringTypeW
GetSystemDirectoryW
GlobalFindAtomW
FindNextFileW
GetConsoleCP
GetLongPathNameA
LocalLock
QueryDosDeviceA
Process32Next
SetTapePosition
WriteProfileStringA
VirtualProtectEx
SetStdHandle
CreateMutexW
GetComputerNameA
LoadLibraryW
GetPrivateProfileIntA
SetCommConfig
FindFirstVolumeW
ResetEvent
IsValidLocale
lstrcmpA
IsDBCSLeadByteEx
CreateFileMappingA
DosDateTimeToFileTime
GetProcessTimes
WriteProfileStringW
ExpandEnvironmentStringsA
QueryPerformanceCounter
SetProcessAffinityMask
GetModuleHandleW
_lopen
IsProcessorFeaturePresent
TlsFree
CopyFileExW
GetCommandLineW
GetProfileIntW
CopyFileExA
GetStringTypeA
VerLanguageNameA
GetDriveTypeW
GetVersion
Beep
ClearCommError
GetTimeZoneInformation
SetVolumeMountPointA
GetPrivateProfileIntW
HeapReAlloc
CompareStringA
FreeLibrary
GetSystemDefaultLangID
GetCommMask
GetUserDefaultLangID
CreateMailslotA
SetCurrentDirectoryW
GetCommConfig
VirtualAllocEx
GlobalAddAtomA
GetTickCount
Thread32First
GetLogicalDriveStringsA
ReadConsoleInputA
GetStartupInfoA
SizeofResource
GetVolumeInformationW
IsBadWritePtr
GetThreadPriority
FindResourceExA
FlushInstructionCache
GetProcessAffinityMask
FlushViewOfFile
GetStringTypeExA
lstrcpynA
IsBadStringPtrW
ExitThread
TryEnterCriticalSection
GetCurrentProcess
ReadProcessMemory
GetModuleHandleA
GetPrivateProfileStructA
TlsGetValue
SetEnvironmentVariableW
GetCPInfo
FindNextFileA
GetComputerNameExW
LocalHandle
GetProcAddress
lstrcpyW
GetLongPathNameW
FindNextChangeNotification
Module32First
LoadLibraryA
GetNumberFormatA
SetFileTime
GetSystemTime
CreateIoCompletionPort
GlobalAlloc
GetProcessVersion
GetProcessHeaps
CreateFileMappingW
LockFile
_lclose
GetVolumeNameForVolumeMountPointA
GetCommProperties
DeleteAtom
HeapSize
OpenFileMappingW
Toolhelp32ReadProcessMemory
CopyFileW
LoadLibraryExA
BackupSeek
SetWaitableTimer
DuplicateHandle
SetMailslotInfo
EnumResourceNamesA
QueueUserAPC
DeleteFileA
TlsSetValue
SetEnvironmentVariableA
FindFirstChangeNotificationW
GetVolumePathNameW
CreatePipe
GetLogicalDrives
GetStringTypeExW
GetVolumeNameForVolumeMountPointW
InterlockedExchange
GetCurrentThreadId
GlobalFree
SetConsoleCursorPosition
GetWindowsDirectoryA
FindAtomW
lstrcatA
DeleteCriticalSection
GetFileType
FindFirstFileW
BeginUpdateResourceA
SetThreadLocale
FindFirstFileExW
GetACP
SetProcessShutdownParameters
ExpandEnvironmentStringsW
LocalCompact
ReadFile
lstrcatW
WaitForMultipleObjects
GetDateFormatA
GetCommModemStatus
GetConsoleOutputCP
GetComputerNameExA
BackupWrite
VirtualProtect
RtlFillMemory
WaitForDebugEvent
GetMailslotInfo
CreateFiber
LocalUnlock
GetProfileSectionA
WritePrivateProfileStructA
OutputDebugStringW
LocalSize
SetProcessPriorityBoost
GetPrivateProfileSectionA
HeapCompact
AreFileApisANSI
_hread
GetConsoleScreenBufferInfo
lstrcmpiW
WritePrivateProfileSectionA
SetCommBreak
SetupComm
WritePrivateProfileSectionW
EnumSystemLocalesA
SearchPathA
GetModuleFileNameA
SetVolumeLabelW
VirtualFreeEx
EnumResourceLanguagesA
SetFilePointerEx
GetCurrencyFormatA
InterlockedIncrement
GetSystemDefaultLCID
MulDiv
UnmapViewOfFile
LoadLibraryExW
GetStartupInfoW
SetConsoleMode
FindNextVolumeW
CreateDirectoryW
ExitProcess
CloseHandle
OutputDebugStringA
FileTimeToLocalFileTime
UnlockFile
WaitForMultipleObjectsEx
GetSystemDirectoryA
GetTempPathA
MapViewOfFileEx
CreateProcessW
CreateSemaphoreW
GetTimeFormatW
OpenSemaphoreW
WriteFile
SetVolumeLabelA
LocalReAlloc
EnumResourceLanguagesW
QueryDosDeviceW
GetNumberFormatW
GetProcessWorkingSetSize
GetProfileIntA
FindClose
GetShortPathNameA
CreateWaitableTimerW
GetCurrentDirectoryW
FindCloseChangeNotification
GetOEMCP
GetLocalTime
GetCommandLineA
TerminateThread
VerifyVersionInfoW
GetProfileStringW
GetCPInfoExA
Heap32First
Process32FirstW
SetFileAttributesA
ConvertDefaultLocale
HeapDestroy
OpenThread
WideCharToMultiByte
SetLastError
GetExitCodeProcess
LocalFileTimeToFileTime
GetTapeParameters
GlobalHandle
QueueUserWorkItem
FlushFileBuffers
EnumResourceTypesA
HeapFree
DebugActiveProcess
FormatMessageW
GlobalFindAtomA
FindVolumeClose
GetSystemTimeAdjustment
VirtualQuery
GetBinaryTypeA
IsBadCodePtr
HeapValidate
MoveFileExW
FindResourceA
FindFirstFileA
lstrcpynW
SetConsoleTitleW
_lwrite
WriteConsoleW
SetSystemTime
LeaveCriticalSection
HeapAlloc
VirtualUnlock
ResumeThread
VirtualLock
SetConsoleCtrlHandler
PurgeComm
LockFileEx
GetDiskFreeSpaceA
comctl32
ImageList_SetDragCursorImage
ImageList_DragLeave
PropertySheetA
ImageList_LoadImage
FlatSB_EnableScrollBar
ImageList_SetIconSize
ImageList_GetIcon
ImageList_Create
ImageList_Add
CreatePropertySheetPageW
ImageList_DragMove
CreateUpDownControl
CreatePropertySheetPageA
MakeDragList
ImageList_DrawIndirect
ImageList_Copy
ImageList_Merge
ImageList_Duplicate
ImageList_ReplaceIcon
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_Remove
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_DragEnter
ImageList_BeginDrag
CreateStatusWindowW
DrawStatusTextW
ImageList_Replace
ImageList_AddIcon
InitializeFlatSB
DestroyPropertySheetPage
ImageList_SetFlags
PropertySheetW
ord17
ImageList_SetImageCount
CreateToolbarEx
ImageList_Read
ImageList_EndDrag
ImageList_Write
ImageList_GetBkColor
InitCommonControlsEx
ImageList_DrawEx
ImageList_GetImageCount
ImageList_SetBkColor
_TrackMouseEvent
ImageList_LoadImageA
ImageList_Destroy
FlatSB_ShowScrollBar
ImageList_Draw
user32
UnpackDDElParam
CheckDlgButton
RegisterClipboardFormatW
DdeCreateStringHandleW
InsertMenuItemA
CreateAcceleratorTableA
TabbedTextOutW
LoadMenuW
CharUpperBuffW
ValidateRgn
GetWindowRgn
IsWindowUnicode
SendDlgItemMessageW
VkKeyScanW
DrawTextA
EnableScrollBar
TranslateAcceleratorW
TrackPopupMenu
UpdateWindow
DestroyCaret
FindWindowExW
EqualRect
GetKeyboardLayout
SetThreadDesktop
SendDlgItemMessageA
CreateMDIWindowA
SetMenuDefaultItem
ChildWindowFromPoint
MoveWindow
DrawIcon
SetClipboardViewer
GetPropA
mouse_event
GetThreadDesktop
GetMessagePos
SetMenuContextHelpId
RegisterClassExA
UnhookWindowsHookEx
GetScrollInfo
GetWindowContextHelpId
LoadBitmapA
AdjustWindowRectEx
SetProcessWindowStation
GetIconInfo
CreateAcceleratorTableW
ScrollWindow
IsWindowEnabled
GetMenuDefaultItem
IsCharLowerA
IsDialogMessage
WaitMessage
WinHelpW
GetClassInfoExA
CallMsgFilterA
CreateMDIWindowW
CreateDialogParamA
OpenWindowStationW
GetWindowTextA
UnhookWinEvent
CopyRect
EnumChildWindows
GetCapture
GetLastActivePopup
RegisterHotKey
GetOpenClipboardWindow
PackDDElParam
EnumThreadWindows
MonitorFromRect
GetActiveWindow
HideCaret
DdeClientTransaction
GetClipCursor
LoadStringA
IsClipboardFormatAvailable
DdePostAdvise
GetClassNameA
GetMenuItemCount
CreateWindowExW
SetMessageExtraInfo
GetMessageW
RemovePropA
LoadIconA
LoadMenuIndirectW
MapDialogRect
CharNextW
SetCursorPos
GetQueueStatus
AllowSetForegroundWindow
DialogBoxIndirectParamW
GetMessageA
GetDlgItemTextA
ReuseDDElParam
SetCapture
OpenClipboard
IsDlgButtonChecked
GetWindowWord
CallWindowProcW
IsRectEmpty
CreateCursor
GetUpdateRgn
GetMenuItemRect
ScrollDC
UnregisterDeviceNotification
SetRect
DialogBoxParamA
CreateDialogIndirectParamW
ClipCursor
BringWindowToTop
SetClipboardData
GetClassInfoW
InvalidateRgn
RegisterDeviceNotificationW
DrawTextExA
LoadCursorFromFileW
IsChild
DlgDirListComboBoxW
GetClipboardFormatNameW
DestroyWindow
IsCharAlphaNumericA
WaitForInputIdle
MessageBoxA
GetClassInfoA
LoadCursorA
LookupIconIdFromDirectory
GetDesktopWindow
PtInRect
IntersectRect
DefWindowProcA
UnregisterClassW
DdeQueryStringA
DispatchMessageA
GetMenuState
SetWindowPlacement
DdeInitializeW
MonitorFromPoint
GetClientRect
ShowWindow
InvertRect
VkKeyScanA
GetKeyNameTextW
GetWindowTextLengthA
TrackMouseEvent
GetMenuItemInfoW
SendMessageA
GetKeyboardState
GetWindowThreadProcessId
SetForegroundWindow
GetMonitorInfoW
SetUserObjectSecurity
RegisterClassExW
KillTimer
DragDetect
GetTabbedTextExtentA
SetDlgItemTextA
DlgDirSelectComboBoxExA
InSendMessage
GetKeyboardLayoutNameA
SystemParametersInfoW
GetMenuInfo
CharNextExA
CloseWindowStation
CountClipboardFormats
DlgDirSelectExA
DdeUninitialize
IsCharAlphaA
DefDlgProcA
PostQuitMessage
CharToOemA
SetMenu
LoadMenuA
CascadeWindows
SetScrollRange
RedrawWindow
SystemParametersInfoA
GetClassLongW
IsDialogMessageA
PeekMessageA
GetSystemMetrics
DefFrameProcA
MessageBoxIndirectA
MapWindowPoints
DefMDIChildProcW
AppendMenuW
GetDoubleClickTime
DlgDirListA
SetPropA
DestroyAcceleratorTable
DdeQueryStringW
EnumDisplayMonitors
GetMenuCheckMarkDimensions
CloseWindow
GetSysColorBrush
TileWindows
SetMenuItemInfoW
DeferWindowPos
GetGUIThreadInfo
ToAsciiEx
GetWindowPlacement
CheckMenuRadioItem
GetWindowLongA
RemoveMenu
GetMonitorInfoA
CopyImage
LookupIconIdFromDirectoryEx
SendNotifyMessageA
GetSubMenu
OemToCharBuffA
GetMenuItemID
SetFocus
SetWindowLongW
DrawEdge
RegisterWindowMessageW
PeekMessageW
DialogBoxParamW
GetClassInfoExW
MapVirtualKeyExW
PostThreadMessageA
MessageBoxW
CharToOemBuffA
ModifyMenuA
SubtractRect
SetTimer
InvalidateRect
InsertMenuA
AppendMenuA
PostMessageW
GetInputState
TranslateMDISysAccel
RegisterClipboardFormatA
OpenInputDesktop
ToUnicodeEx
SetMenuItemBitmaps
GetPropW
MonitorFromWindow
CharUpperW
ShowCursor
LoadAcceleratorsA
SetWindowsHookExW
DlgDirListComboBoxA
LoadKeyboardLayoutA
SetMenuInfo
UnregisterHotKey
SwapMouseButton
ShowWindowAsync
IsWindowVisible
wvsprintfW
ExitWindowsEx
GetDlgItemInt
GetClassWord
GetDC
UnionRect
EmptyClipboard
WinHelpA
CharLowerW
DrawFocusRect
CreateIcon
OffsetRect
wsprintfW
NotifyWinEvent
GetClipboardOwner
GetWindowModuleFileNameW
SetWindowRgn
ModifyMenuW
GetMenuStringA
GetTitleBarInfo
DdeInitializeA
GetScrollBarInfo
TranslateMessage
DrawTextExW
SetCaretPos
SetWindowLongA
OemToCharA
LoadAcceleratorsW
ReleaseCapture
CreateIconFromResource
ActivateKeyboardLayout
EnumClipboardFormats
DrawAnimatedRects
DdeUnaccessData
wvsprintfA
GetWindowDC
DdeGetLastError
IsIconic
LoadImageW
ToUnicode
CharLowerA
InflateRect
DdeGetData
SetClassLongA
GetMenuBarInfo
SetDoubleClickTime
TileChildWindows
keybd_event
ChangeDisplaySettingsW
CreateDialogParamW
DdeFreeStringHandle
LoadIconW
ScreenToClient
OpenDesktopW
SetKeyboardState
GetProcessWindowStation
GetAsyncKeyState
FindWindowExA
SetScrollInfo
CreateDesktopW
FillRect
GetUserObjectInformationW
GrayStringW
CopyAcceleratorTableA
CreateCaret
DispatchMessageW
CreateWindowExA
FrameRect
CreateDialogIndirectParamA
LoadCursorW
SetLayeredWindowAttributes
LockWindowUpdate
DdeAccessData
GetWindowInfo
SetMenuItemInfoA
DialogBoxIndirectParamA
WindowFromPoint
ShowOwnedPopups
SetRectEmpty
GetMenuStringW
GetDialogBaseUnits
RegisterClassA
DrawFrameControl
SetWindowsHookExA
BroadcastSystemMessage
GetNextDlgGroupItem
GetUserObjectInformationA
SetDlgItemInt
GetNextDlgTabItem
CharLowerBuffA
MenuItemFromPoint
DrawStateA
EnumWindows
GetMenu
EnumDesktopWindows
SendNotifyMessageW
GetSysColor
AdjustWindowRect
EnumDisplaySettingsW
HiliteMenuItem
CheckRadioButton
IsCharLowerW
BeginDeferWindowPos
GetCaretPos
WindowFromDC
SetCursor
EnableWindow
DeleteMenu
CallNextHookEx
TabbedTextOutA
GetScrollRange
DestroyIcon
GetParent
AnimateWindow
ClientToScreen
GetDlgCtrlID
GetDlgItem
TrackPopupMenuEx
GetClassNameW
FindWindowW
GetForegroundWindow
VkKeyScanExA
DrawStateW
ReplyMessage
IsCharUpperA
EnableMenuItem
MapVirtualKeyExA
DrawTextW
ExcludeUpdateRgn
SetCaretBlinkTime
GetKeyState
SendInput
IsZoomed
MessageBoxExA
DdeCreateStringHandleA
OpenWindowStationA
DrawIconEx
DrawMenuBar
RegisterWindowMessageA
GetClipboardViewer
CopyAcceleratorTableW
CharLowerBuffW
GetAncestor
EndDeferWindowPos
FlashWindow
DdeCreateDataHandle
SetDlgItemTextW
CharUpperBuffA
CharUpperA
ShowCaret
GetLastInputInfo
MapVirtualKeyA
GetWindowLongW
LoadStringW
GetWindowTextLengthW
GetTopWindow
DestroyMenu
RegisterClassW
GetKeyNameTextA
OpenIcon
ArrangeIconicWindows
CharNextA
SetWindowTextW
GetClipboardFormatNameA
GetMessageExtraInfo
AttachThreadInput
PostMessageA
TranslateAcceleratorA
ChangeClipboardChain
ChangeDisplaySettingsA
LoadMenuIndirectA
IsWindow
GetClassLongA
GetFocus
SwitchDesktop
GetWindow
SetWindowTextA
SendMessageTimeoutW
GetScrollPos
LockSetForegroundWindow
OpenDesktopA
SetParent
FreeDDElParam
DefFrameProcW
CreatePopupMenu
GetMenuItemInfoA
ReleaseDC
GetMenuContextHelpId
GetUserObjectSecurity
SetScrollPos
SendMessageW
GetDlgItemTextW
FindWindowA
DefMDIChildProcA
BeginPaint
MsgWaitForMultipleObjects
ValidateRect
GetClipboardData
EnumDisplaySettingsA
DdeConnect
ChildWindowFromPointEx
UnregisterClassA
SetClassLongW
GetMessageTime
CreateIconFromResourceEx
GrayStringA
DdeDisconnect
GetCursorInfo
LoadImageA
IsMenu
CheckMenuItem
GetCaretBlinkTime
CloseDesktop
CreateIconIndirect
SetWindowContextHelpId
RemovePropW
GetComboBoxInfo
DdeFreeDataHandle
MessageBeep
CopyIcon
GetDCEx
DdeNameService
CloseClipboard
GetSystemMenu
RealChildWindowFromPoint
GetKeyboardLayoutList
GetCursorPos
DrawCaption
InsertMenuW
SendMessageTimeoutA
ScrollWindowEx
SetPropW
ToAscii
PostThreadMessageW
CharPrevA
SetWindowPos
CallWindowProcA
GetUpdateRect
CreateMenu
MapVirtualKeyW
GetWindowTextW
IsDialogMessageW
GetWindowRect
LoadCursorFromFileA
ShowScrollBar
LoadBitmapW
DefWindowProcW
wsprintfA
EndDialog
IsCharAlphaNumericW
InsertMenuItemW
DestroyCursor
SetActiveWindow
GetCursor
EndPaint
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerInstallFileA
VerLanguageNameA
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
VerQueryValueW
gdi32
SetWorldTransform
DeleteDC
SetPaletteEntries
GetTextExtentPointA
SetROP2
SetBitmapDimensionEx
CloseEnhMetaFile
EnumFontFamiliesExA
ResetDCA
GetGlyphOutlineA
GetAspectRatioFilterEx
CreateFontA
GetROP2
PlayMetaFile
GetWindowExtEx
SetViewportExtEx
GetCurrentObject
GetTextFaceA
ExtCreateRegion
SetBkMode
StretchBlt
ScaleWindowExtEx
AngleArc
AddFontResourceA
EnumEnhMetaFile
StartPage
CreateFontIndirectA
GetBitmapDimensionEx
GetTextCharacterExtra
OffsetWindowOrgEx
CreateDIBSection
GetEnhMetaFileBits
SetTextJustification
StrokePath
CopyMetaFileA
EndPath
SetLayout
GetRgnBox
CreatePolygonRgn
InvertRgn
TextOutA
ExtTextOutW
GetBitmapBits
GetBrushOrgEx
ExtTextOutA
SetMapMode
GdiFlush
MaskBlt
UnrealizeObject
SetMiterLimit
GetRegionData
SetBrushOrgEx
SetWindowExtEx
SetDCPenColor
ChoosePixelFormat
SetAbortProc
GetCharacterPlacementW
GetTextExtentPoint32A
OffsetViewportOrgEx
SetWinMetaFileBits
DrawEscape
SetPixelV
GetGraphicsMode
SetRectRgn
PatBlt
Chord
SetTextAlign
GetDIBColorTable
CreateMetaFileW
GetWinMetaFileBits
GetTextExtentPoint32W
CreateBrushIndirect
StartDocA
GetViewportExtEx
PaintRgn
GetColorAdjustment
EnumFontsW
ExtEscape
CreateEllipticRgnIndirect
SelectPalette
SetArcDirection
SetTextCharacterExtra
SetDIBColorTable
GetStockObject
GetBkMode
PtVisible
SetBkColor
SetPolyFillMode
GetDIBits
CreateRectRgnIndirect
SelectClipRgn
WidenPath
GetTextMetricsA
PolylineTo
GetTextAlign
CreateEnhMetaFileW
EnumMetaFile
DeleteEnhMetaFile
LineDDA
CreatePatternBrush
SwapBuffers
SetPixelFormat
FillRgn
EndPage
ArcTo
SetEnhMetaFileBits
GetSystemPaletteEntries
SetDIBitsToDevice
GetPaletteEntries
CreatePen
GetCharABCWidthsW
SetWindowOrgEx
BeginPath
GetTextExtentPointW
GetWindowOrgEx
CloseFigure
SetStretchBltMode
ScaleViewportExtEx
GetPath
GetDeviceCaps
ExtFloodFill
GetMapMode
Rectangle
GetStretchBltMode
GetTextExtentExPointW
GetArcDirection
GetCharWidth32W
PolyPolygon
CreateDIBPatternBrushPt
GetNearestColor
CopyEnhMetaFileA
EnumFontFamiliesA
MoveToEx
DeleteMetaFile
Polyline
ExtSelectClipRgn
GetFontData
GetDCOrgEx
GetTextCharset
SetMapperFlags
GetPixelFormat
PolyBezierTo
EnumFontsA
GetGlyphOutlineW
CreateMetaFileA
GetMetaFileBitsEx
TextOutW
PlayEnhMetaFile
GetCharABCWidthsA
GetMiterLimit
GetObjectA
CreateICA
SelectClipPath
ResizePalette
GetKerningPairsA
GetBkColor
PlayEnhMetaFileRecord
CombineRgn
CreateEnhMetaFileA
PlayMetaFileRecord
TranslateCharsetInfo
GetCurrentPositionEx
DeleteObject
GetCharABCWidthsFloatA
CreateFontIndirectW
FloodFill
CreateEllipticRgn
ResetDCW
SetGraphicsMode
CreateICW
CreateCompatibleBitmap
GetTextCharsetInfo
ExcludeClipRect
GetBoundsRect
CreateHalftonePalette
GetCharWidthFloatA
GetFontLanguageInfo
RemoveFontResourceA
SetColorAdjustment
RealizePalette
GdiComment
Escape
CopyMetaFileW
FlattenPath
AnimatePalette
OffsetRgn
SetBitmapBits
Pie
GetMetaRgn
GetPixel
PtInRegion
Polygon
GetObjectW
GetObjectType
RectVisible
DPtoLP
ModifyWorldTransform
SetDIBits
AbortPath
GetEnhMetaFileW
GetCharABCWidthsFloatW
GetLayout
SetDCBrushColor
StretchDIBits
EnumFontFamiliesW
GetEnhMetaFilePaletteEntries
PathToRegion
RectInRegion
RestoreDC
GetTextMetricsW
ExtCreatePen
GetCharWidthA
GetPolyFillMode
IntersectClipRect
EnumObjects
SetICMProfileA
RoundRect
CreateBitmap
GetTextColor
PolyPolyline
EqualRgn
OffsetClipRgn
GetCharWidth32A
GetEnhMetaFileHeader
Ellipse
SetBoundsRect
LPtoDP
CloseMetaFile
GetTextFaceW
GetClipBox
SetViewportOrgEx
PolyBezier
SetMetaFileBitsEx
CreateRoundRectRgn
GetMetaFileA
CreatePenIndirect
CreateCompatibleDC
GetTextExtentExPointA
StartDocW
CreateFontW
FrameRgn
SaveDC
PlgBlt
FillPath
Arc
GetClipRgn
CreatePolyPolygonRgn
SetTextColor
GetOutlineTextMetricsA
GetViewportOrgEx
CreateSolidBrush
CopyEnhMetaFileW
GetCharWidthW
PolyDraw
CreateRectRgn
LineTo
CreateDIBitmap
EnumFontFamiliesExW
EndDoc
CreatePalette
CreateDCW
GetEnhMetaFileA
CreateBitmapIndirect
SetPixel
AbortDoc
StrokeAndFillPath
BitBlt
SetICMMode
GetNearestPaletteIndex
CreateDCA
DescribePixelFormat
SelectObject
UpdateColors
CreateDiscardableBitmap
CreateHatchBrush
advapi32
ChangeServiceConfigW
ReadEncryptedFileRaw
CryptDestroyKey
RegDisablePredefinedCache
GetTokenInformation
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegOpenKeyW
SetNamedSecurityInfoW
RegCreateKeyA
DeleteService
EnumDependentServicesW
SetNamedSecurityInfoA
RegCreateKeyW
DeleteAce
GetSecurityDescriptorLength
MakeAbsoluteSD
LookupAccountNameA
LsaOpenPolicy
GetSecurityDescriptorDacl
SetFileSecurityA
RegGetKeySecurity
LockServiceDatabase
EqualSid
LookupPrivilegeDisplayNameA
RegRestoreKeyA
LookupAccountSidW
RegSetValueW
UnlockServiceDatabase
GetFileSecurityW
QueryServiceConfigA
RegQueryInfoKeyW
LsaQueryInformationPolicy
ConvertStringSecurityDescriptorToSecurityDescriptorW
StartServiceCtrlDispatcherA
CreateServiceW
CryptGetUserKey
CryptDeriveKey
LsaAddAccountRights
GetUserNameA
ControlService
GetSidSubAuthority
InitializeAcl
WriteEncryptedFileRaw
CryptGetKeyParam
RegOpenKeyA
CloseEncryptedFileRaw
BuildTrusteeWithSidW
CopySid
CryptAcquireContextW
RegisterEventSourceA
SetEntriesInAclA
RegOpenKeyExW
CreateServiceA
CryptSetProvParam
LookupAccountNameW
RegQueryValueW
BuildTrusteeWithNameW
RegConnectRegistryW
GetKernelObjectSecurity
SetSecurityInfo
RegUnLoadKeyA
SetSecurityDescriptorSacl
RegEnumKeyExA
CryptExportKey
RegEnumKeyExW
StartServiceA
ConvertSidToStringSidW
IsValidSid
RegSaveKeyA
CloseServiceHandle
QueryServiceLockStatusW
RegDeleteKeyW
AdjustTokenPrivileges
QueryServiceStatusEx
GetNamedSecurityInfoA
EqualPrefixSid
RegSetValueExW
RegFlushKey
LsaClose
AddAce
GetExplicitEntriesFromAclW
SetThreadToken
RegisterServiceCtrlHandlerA
RegLoadKeyA
FreeSid
RegUnLoadKeyW
GetSidIdentifierAuthority
SetSecurityDescriptorOwner
ConvertStringSidToSidW
DeregisterEventSource
CreateProcessAsUserW
RegEnumValueA
RegDeleteValueA
StartServiceW
ChangeServiceConfig2W
RegDeleteKeyA
RegCloseKey
ChangeServiceConfigA
LsaLookupSids
DuplicateTokenEx
CryptGenRandom
OpenEncryptedFileRawW
OpenSCManagerA
CryptDecrypt
LsaNtStatusToWinError
AddAccessAllowedAce
ReportEventA
RegQueryValueExW
RegEnumKeyW
CryptDestroyHash
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetUserNameW
RegRestoreKeyW
LookupPrivilegeValueA
CryptImportKey
GetAce
SetSecurityDescriptorGroup
SetEntriesInAclW
ImpersonateLoggedOnUser
RegisterServiceCtrlHandlerW
ImpersonateNamedPipeClient
GetAclInformation
LogonUserA
CryptGetHashParam
LookupPrivilegeValueW
InitiateSystemShutdownA
OpenSCManagerW
GetSecurityDescriptorOwner
CryptHashData
SetTokenInformation
SetSecurityDescriptorDacl
RegLoadKeyW
LsaFreeMemory
RegisterEventSourceW
CryptEnumProvidersW
MakeSelfRelativeSD
CreateWellKnownSid
RegOpenKeyExA
RegSetValueA
IsValidAcl
RegCreateKeyExW
EnumServicesStatusA
CryptAcquireContextA
InitializeSecurityDescriptor
QueryServiceStatus
OpenThreadToken
AllocateAndInitializeSid
RegEnumKeyA
RegDeleteValueW
SetFileSecurityW
OpenProcessToken
MapGenericMask
OpenServiceW
CryptCreateHash
RegOpenCurrentUser
CryptVerifySignatureA
SetSecurityDescriptorControl
RegEnumValueW
GetLengthSid
RegSaveKeyW
GetEffectiveRightsFromAclA
InitiateSystemShutdownExW
GetSecurityDescriptorControl
RegQueryValueA
RegSetValueExA
SetServiceStatus
RegNotifyChangeKeyValue
LsaLookupNames
EncryptFileW
RegisterServiceCtrlHandlerExA
RegQueryInfoKeyA
GetSecurityInfo
ConvertStringSidToSidA
RegSetKeySecurity
RegCreateKeyExA
OpenServiceA
ReportEventW
CryptEncrypt
CryptGenKey
GetSidSubAuthorityCount
GetSecurityDescriptorSacl
LookupAccountSidA
LookupPrivilegeNameA
GetSidLengthRequired
StartServiceCtrlDispatcherW
CheckTokenMembership
QueryServiceConfigW
LsaRemoveAccountRights
LogonUserW
ImpersonateSelf
CryptReleaseContext
RevertToSelf
RegQueryValueExA
CreateProcessAsUserA
IsValidSecurityDescriptor
SetServiceObjectSecurity
GetFileSecurityA
InitializeSid
GetSecurityDescriptorGroup
ChangeServiceConfig2A
DuplicateToken
RegConnectRegistryA
AccessCheck
oleaut32
LoadTypeLi
shell32
DragFinish
ord155
SHBrowseForFolderA
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
DoEnvironmentSubstW
FindExecutableA
ShellExecuteExW
DragQueryPoint
SHCreateDirectoryExW
SHGetFolderLocation
SHAddToRecentDocs
ShellExecuteA
DragQueryFileW
SHChangeNotify
SHGetDataFromIDListA
SHAppBarMessage
SHBrowseForFolderW
SHGetFolderPathA
CommandLineToArgvW
SHGetPathFromIDListA
ShellExecuteW
SHFreeNameMappings
SHEmptyRecycleBinA
ExtractIconA
Shell_NotifyIconW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
FindExecutableW
SHCreateDirectoryExA
ExtractIconExW
DuplicateIcon
SHGetInstanceExplorer
DragAcceptFiles
SHBindToParent
SHGetFolderPathW
ExtractIconW
DragQueryFileA
SHFileOperationW
Shell_NotifyIconA
SHGetDataFromIDListW
SHGetSpecialFolderPathW
ShellExecuteExA
ExtractIconExA
SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListW
Sections
.text Size: 99KB - Virtual size: 98KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 300KB - Virtual size: 300KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 102KB - Virtual size: 121KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 78KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ