APMonUI.pdb
Static task
static1
Behavioral task
behavioral1
Sample
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a.7z
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a.7z
Resource
win10v2004-20240226-en
General
-
Target
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a.7z
-
Size
104.3MB
-
MD5
a5ec3cc8b641474e277c8277d228c490
-
SHA1
1b1981e09fda2880f6d2914ed8c42c6915376138
-
SHA256
c787cef9e7216be955d5f4ff7b305f3f08d1d283ac3f09a01f821bf7b2d4a9a2
-
SHA512
f47331c336bd51fe1594f7bcd414d19c881954205cb5e9e4c0bd964efe1be9ac5f262fb35cf77abba4ad470a2e24f9611329f4a36679d75760664e8055dd8677
-
SSDEEP
3145728:dXmm9U2pg/nJSeKHDUc2FofSxwj3WpAerPQ1:xmGU2pgP0HDUc2PA3Ek1
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a/APMonUI.dll unpack001/e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a/activator.exe
Files
-
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a.7z.7z
Password: infected
-
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a/APMonUI.dll.dll windows:10 windows x64 arch:x64
Password: infected
0aa8e6d7d3c3544c89b26103bac4f14a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
msvcrt
wcschr
swscanf_s
__C_specific_handler
_XcptFilter
free
_callnewh
malloc
_purecall
memmove_s
memcpy_s
_lock
_unlock
__dllonexit
_onexit
memcmp
_vsnwprintf
_initterm
_amsg_exit
memset
ntdll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
kernel32
Sleep
WideCharToMultiByte
LoadLibraryExW
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
ActivateActCtx
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
CreateSemaphoreExW
CreateMutexExW
GetCurrentProcessId
GetProcAddress
GetLastError
SetLastError
FormatMessageW
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetModuleHandleExW
GetModuleFileNameA
DebugBreak
GetModuleHandleW
IsDebuggerPresent
OutputDebugStringW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
CloseHandle
ReleaseSemaphore
ReleaseMutex
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
WaitForSingleObjectEx
EnterCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
WaitForSingleObject
OpenSemaphoreW
CreateThreadpoolTimer
LoadLibraryW
FreeLibrary
DisableThreadLibraryCalls
LocalFree
user32
MessageBeep
SendMessageW
GetDlgItem
SetWindowLongPtrW
SetWindowTextW
LoadCursorW
SetCursor
GetWindowTextW
GetWindowLongPtrW
LoadStringW
MessageBoxW
winspool.drv
ClosePrinter
OpenPrinterW
ws2_32
inet_addr
WSAGetLastError
WSAStartup
GetAddrInfoW
WSACleanup
FreeAddrInfoW
shlwapi
StrStrW
wininet
InternetCrackUrlW
InternetCreateUrlW
Exports
Exports
InitializePrintMonitorUI
LocalConfigurePortUI
Sections
.text Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 92B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a/FlixGrab.exe.exe windows:6 windows x86 arch:x86
Password: infected
5a594319a0d69dbc452e748bcf05892e
Code Sign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28-07-2020 00:00Not After18-03-2029 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28-07-2020 00:00Not After28-07-2030 00:00SubjectCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
4c:18:91:12:9f:47:c0:71:a0:f4:87:11Certificate
IssuerCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before15-04-2022 09:43Not After15-04-2025 09:43SubjectSERIALNUMBER=1185275027410,CN=TECHNOLOGY LLC,O=TECHNOLOGY LLC,STREET=Vaneeva street\, 19 kv 30,L=Nizhny Novgorod,ST=Nizhny Novgorod Oblast,C=RU,1.3.6.1.4.1.311.60.2.1.2=#13164e697a686e79204e6f76676f726f64204f626c617374,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06-04-2022 07:45Not After08-05-2033 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20-06-2018 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10-12-2014 00:00Not After10-12-2034 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
2e:bd:b6:85:b5:dd:6d:dc:fe:5f:b1:f2:48:31:0f:d8:72:cd:16:7b:84:52:15:72:26:51:3e:62:9d:4b:63:6dSigner
Actual PE Digest2e:bd:b6:85:b5:dd:6d:dc:fe:5f:b1:f2:48:31:0f:d8:72:cd:16:7b:84:52:15:72:26:51:3e:62:9d:4b:63:6dDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
GetACP
GetExitCodeProcess
LocalFree
CloseHandle
SizeofResource
VirtualProtect
VirtualFree
GetFullPathNameW
ExitProcess
HeapAlloc
GetCPInfoExW
RtlUnwind
GetCPInfo
GetStdHandle
GetModuleHandleW
FreeLibrary
HeapDestroy
ReadFile
CreateProcessW
GetLastError
GetModuleFileNameW
SetLastError
FindResourceW
CreateThread
CompareStringW
LoadLibraryA
ResetEvent
GetVersion
RaiseException
FormatMessageW
SwitchToThread
GetExitCodeThread
GetCurrentThread
LoadLibraryExW
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
VirtualQueryEx
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetFileSize
GetStartupInfoW
GetFileAttributesW
InitializeCriticalSection
GetThreadPriority
SetThreadPriority
GetCurrentProcess
VirtualAlloc
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetVersionExW
VerifyVersionInfoW
HeapCreate
GetWindowsDirectoryW
VerSetConditionMask
GetDiskFreeSpaceW
FindFirstFileW
GetUserDefaultUILanguage
lstrlenW
QueryPerformanceCounter
SetEndOfFile
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
GetSystemDirectoryW
DeleteFileW
GetLocalTime
GetEnvironmentVariableW
WaitForSingleObject
WriteFile
ExitThread
DeleteCriticalSection
TlsGetValue
GetDateFormatW
SetErrorMode
IsValidLocale
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
GetUserDefaultLangID
RemoveDirectoryW
CreateEventW
SetThreadLocale
GetThreadLocale
comctl32
InitCommonControls
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
user32
CreateWindowExW
TranslateMessage
CharLowerBuffW
CallWindowProcW
CharUpperW
PeekMessageW
GetSystemMetrics
SetWindowLongW
MessageBoxW
DestroyWindow
CharUpperBuffW
CharNextW
MsgWaitForMultipleObjects
LoadStringW
ExitWindowsEx
DispatchMessageW
oleaut32
SysAllocStringLen
SafeArrayPtrOfIndex
VariantCopy
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysFreeString
SysReAllocStringLen
VariantChangeType
SafeArrayCreate
netapi32
NetWkstaGetInfo
NetApiBufferFree
advapi32
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
OpenProcessToken
RegOpenKeyExW
Exports
Exports
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
Sections
.text Size: 718KB - Virtual size: 717KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 27KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didata Size: 512B - Virtual size: 420B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 154B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: - Virtual size: 24B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 93B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 427KB - Virtual size: 426KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
e1dc058fc8282acb95648c1ee6b0bc36b0d6b5e6853d4f602df5549e67d6d11a/activator.exe.exe windows:6 windows x64 arch:x64
Password: infected
7d1af93bff113e340ca5136296ead8da
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\User\Downloads\Telegram Desktop\coyotegui\coyotev2\x64\Debug\Activator.pdb
Imports
kernel32
GetDateFormatW
SetConsoleCtrlHandler
SetStdHandle
WriteConsoleW
GetFileType
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
HeapValidate
LCMapStringW
GetConsoleMode
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
RtlPcToFileHeader
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
FormatMessageA
OutputDebugStringW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
VirtualAlloc
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
DebugBreak
RtlUnwind
GetThreadTimes
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetConsoleOutputCP
TryEnterCriticalSection
InitOnceBeginInitialize
InitOnceComplete
SetFileInformationByHandle
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
SetCurrentDirectoryW
CreateDirectoryW
GetDriveTypeW
GetFileInformationByHandle
VirtualQuery
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
LocalUnlock
LocalLock
CreateSemaphoreW
WaitForMultipleObjects
CreateMutexW
ReleaseSemaphore
PulseEvent
ResetEvent
Sleep
SearchPathW
GetTickCount
GetWindowsDirectoryW
FindResourceExW
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
SystemTimeToTzSpecificLocalTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetFileAttributesW
GetTempPathW
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
GetHandleInformation
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
VirtualProtect
GetProfileIntW
GetAtomNameW
SetErrorMode
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalGetAtomNameW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
ResumeThread
GetThreadPriority
SetThreadPriority
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
SuspendThread
CreateEventW
SetEvent
GlobalFree
GlobalUnlock
FreeResource
CompareStringA
WideCharToMultiByte
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
OutputDebugStringA
SetConsoleTitleA
GetModuleFileNameA
SetConsoleTextAttribute
AllocConsole
GetStdHandle
GetModuleFileNameW
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
CreateProcessA
TerminateProcess
GetFileAttributesA
GetCurrentDirectoryA
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
Wow64DisableWow64FsRedirection
CreateMutexA
ReleaseMutex
CloseHandle
CreateDirectoryA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
RaiseException
DecodePointer
CreateThread
WaitForSingleObject
GetLastError
GetSystemInfo
PeekNamedPipe
user32
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
ScrollWindowEx
SetFocus
GetDlgCtrlID
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
SetWindowPos
MoveWindow
ShowWindow
NotifyWinEvent
ArrangeIconicWindows
DlgDirSelectComboBoxExW
DlgDirListComboBoxW
DlgDirSelectExW
DlgDirListW
GetWindow
GetTopWindow
FindWindowExW
FindWindowW
SetParent
ChildWindowFromPointEx
ChildWindowFromPoint
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowContextHelpId
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
ValidateRgn
InvalidateRgn
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowPlacement
GetDCEx
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
DragDetect
GetSystemMenu
DrawMenuBar
HiliteMenuItem
KillTimer
SetTimer
SetCapture
GetCapture
GetOpenClipboardWindow
ChangeClipboardChain
GetClipboardViewer
SetClipboardViewer
GetClipboardOwner
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
CloseWindow
OpenIcon
ShowOwnedPopups
FlashWindow
InSendMessage
GetComboBoxInfo
DestroyCursor
EnumChildWindows
MsgWaitForMultipleObjectsEx
MapVirtualKeyW
SendMessageW
LoadIconW
LoadImageW
SetPropW
PostThreadMessageW
SendNotifyMessageW
DrawAnimatedRects
DrawCaption
SendDlgItemMessageA
CheckMenuRadioItem
InvertRect
FrameRect
DrawFocusRect
GetMenuContextHelpId
SetMenuContextHelpId
ScrollDC
ExcludeUpdateRgn
WindowFromDC
GetPropW
RemovePropW
AdjustWindowRectEx
EqualRect
PtInRect
GetKeyNameTextW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongW
GetClassLongPtrW
UnhookWindowsHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
SetWindowPlacement
GetTabbedTextExtentW
DrawStateW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMenu
SetMenu
TrackPopupMenu
TrackPopupMenuEx
GetWindowDC
ScrollWindow
UnregisterClassW
UnregisterClassA
GetSystemMetrics
GetWindowTextA
EnumWindows
PeekMessageW
PostQuitMessage
PostMessageW
IsWindow
TabbedTextOutW
MapDialogRect
GetFocus
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetActiveWindow
EnableWindow
IsWindowEnabled
WaitMessage
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
SetCursor
MessageBoxW
GetParent
ReleaseCapture
CopyImage
RealChildWindowFromPoint
GetWindowThreadProcessId
GetLastActivePopup
DefWindowProcW
GetClassInfoW
SetLayeredWindowAttributes
GetSysColor
GetSysColorBrush
SetRectEmpty
CopyRect
IsRectEmpty
LoadCursorW
SystemParametersInfoW
GetMonitorInfoW
EnumDisplayMonitors
RegisterWindowMessageW
FillRect
InflateRect
OffsetRect
DrawIconEx
GetClassNameW
DrawEdge
DrawFrameControl
IsMenu
LoadMenuW
LoadMenuIndirectW
GetMenuStringW
GetMenuState
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
DeleteMenu
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
DrawTextW
DrawTextExW
GrayStringW
LoadAcceleratorsW
DestroyMenu
SetRect
GetAsyncKeyState
IsChild
GetDialogBaseUnits
GetClipboardFormatNameA
GetClipboardFormatNameW
UnpackDDElParam
DestroyIcon
CharUpperW
TranslateAcceleratorW
IntersectRect
GetMenuBarInfo
ReuseDDElParam
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
TrackMouseEvent
MessageBeep
SetCursorPos
SetClassLongPtrW
CloseClipboard
SetClipboardData
EmptyClipboard
MonitorFromPoint
UnionRect
GetDoubleClickTime
GetIconInfo
CopyIcon
UpdateLayeredWindow
IsCharLowerW
MapVirtualKeyExW
RegisterClipboardFormatW
CharUpperBuffW
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
SubtractRect
MessageBoxA
MonitorFromRect
gdi32
Chord
BitBlt
Arc
AnimatePalette
GetObjectW
GetTextCharsetInfo
GetStockObject
EnumFontFamiliesW
DeleteObject
CreateDIBitmap
CreateBitmap
ExtTextOutW
CreateEnhMetaFileW
CloseEnhMetaFile
CreateMetaFileW
CloseMetaFile
DeleteDC
CreatePolyPolygonRgn
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
DrawEscape
Ellipse
EnumObjects
EqualRgn
Escape
ExtEscape
ExtCreateRegion
ExtFloodFill
FillRgn
FloodFill
FrameRgn
GetROP2
GetAspectRatioFilterEx
GetBkColor
GetBkMode
GetBitmapBits
GetBitmapDimensionEx
GetBoundsRect
GetBrushOrgEx
GetCharWidthW
GetCharWidthFloatW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetFontData
GetGlyphOutlineW
GetGraphicsMode
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRegionData
GetRgnBox
GetStretchBltMode
GetTextCharacterExtra
GetTextAlign
GetTextColor
GetTextExtentPoint32W
GetFontLanguageInfo
GetCharacterPlacementW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
InvertRgn
MaskBlt
PlgBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PolyPolygon
PtInRegion
PtVisible
RectInRegion
RectVisible
Rectangle
ResetDCW
RealizePalette
RoundRect
ResizePalette
SelectObject
SetBitmapBits
SetBoundsRect
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
CombineRgn
UpdateColors
PlayEnhMetaFile
GdiComment
GetTextMetricsW
AngleArc
PolyPolyline
GetWorldTransform
GetColorAdjustment
CreateHalftonePalette
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetPath
PathToRegion
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
ExtCreatePen
GetMiterLimit
GetArcDirection
TextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetBitmapDimensionEx
SetBrushOrgEx
GetTextFaceW
GetKerningPairsW
UnrealizeObject
SetBkColor
SetTextColor
CopyMetaFileW
ExcludeClipRect
GetClipBox
GetClipRgn
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
StretchDIBits
CreateDIBSection
GetDIBits
SetDIBColorTable
EnumFontFamiliesExW
GetSystemPaletteEntries
DeleteMetaFile
GetTextExtentPointW
CreateBitmapIndirect
CreateBrushIndirect
CreateCompatibleBitmap
CreateDiscardableBitmap
CreateCompatibleDC
CreateDCW
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateFontIndirectW
CreateFontW
CreateHatchBrush
CreateICW
CreatePalette
CreatePen
SetRectRgn
CreateSolidBrush
CreatePenIndirect
msimg32
GradientFill
TransparentBlt
AlphaBlend
winspool.drv
GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
RegEnumKeyW
RegOpenKeyExW
RegEnumKeyExW
SetFileSecurityW
GetFileSecurityW
RegEnumValueW
RegSetValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
shell32
ShellExecuteExW
ShellExecuteW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
SHAddToRecentDocs
DragAcceptFiles
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHFileOperationA
SHGetDesktopFolder
comctl32
InitCommonControlsEx
shlwapi
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
PathFileExistsA
StrFormatKBSizeW
uxtheme
DrawThemeBackground
GetCurrentThemeName
IsAppThemed
DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
ole32
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLoad
CreateFileMoniker
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
OleRun
OleSetMenuDescriptor
OleGetIconOfClass
OleLockRunning
OleQueryLinkFromData
CoTaskMemFree
OleSaveToStream
OleSave
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
CreateILockBytesOnHGlobal
GetHGlobalFromILockBytes
WriteClassStm
StgIsStorageILockBytes
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
PropVariantCopy
CLSIDFromString
StringFromGUID2
OleQueryCreateFromData
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
CoDisconnectObject
CreateStreamOnHGlobal
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CoCreateGuid
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoGetClassObject
CLSIDFromProgID
OleIsRunning
CoRegisterMessageFilter
GetClassFile
CoGetMalloc
OleSetContainedObject
oleaut32
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SafeArrayPtrOfIndex
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SafeArrayGetElemsize
SafeArrayGetDim
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysStringLen
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysAllocString
VarBstrFromDec
VarDecFromStr
VariantCopy
VarDateFromStr
SystemTimeToVariantTime
VarBstrFromDate
GetErrorInfo
SetErrorInfo
CreateErrorInfo
VarBstrFromCy
VarCyFromStr
oledlg
OleUIUpdateLinksW
OleUIConvertW
OleUIChangeIconW
OleUIEditLinksW
OleUIPasteSpecialW
OleUIInsertObjectW
OleUIBusyW
gdiplus
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipCloneImage
GdipDrawImageRectI
GdiplusStartup
GdipGetImageWidth
GdipSetInterpolationMode
GdipCreateBitmapFromFileICM
GdipDeleteGraphics
GdipFree
GdipCreateBitmapFromFile
GdipAlloc
GdiplusShutdown
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
bcrypt
BCryptGenRandom
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
Exports
Exports
dummy
Sections
.textbss Size: - Virtual size: 6.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 13.3MB - Virtual size: 13.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.2MB - Virtual size: 4.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 142KB - Virtual size: 211KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 768KB - Virtual size: 768KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 987B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 337B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 1024B - Virtual size: 546B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 229KB - Virtual size: 229KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ