Extracted

• 048835e6a6ab7532504a10cc30df6b3fa3f74368e9df797456c12b252e27470d

  .exe windows:4 windows x86 arch:x86

  dbcf2a4deb216c4be49068990ac64d93

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  shlwapi

  PathIsNetworkPathW

  StrCmpIW

  SHAutoComplete

  ColorHLSToRGB

  ColorRGBToHLS

  StrStrIW

  ord176

  UrlUnescapeW

  iphlpapi

  GetExtendedTcpTable

  GetExtendedUdpTable

  ws2_32

  htons

  ntohl

  ntohs

  htonl

  gethostbyaddr

  getservbyport

  WSAStartup

  mpr

  WNetGetConnectionW

  comctl32

  ImageList_ReplaceIcon

  ImageList_Add

  InitCommonControlsEx

  ImageList_Destroy

  ImageList_DrawEx

  ImageList_GetIconSize

  ImageList_Create

  ImageList_AddMasked

  ImageList_BeginDrag

  ImageList_EndDrag

  ImageList_DragEnter

  ImageList_DragLeave

  ImageList_DragMove

  ImageList_DragShowNolock

  ord17

  PropertySheetW

  CreateStatusWindowW

  ord413

  CreatePropertySheetPageW

  ImageList_GetIcon

  ord410

  version

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  VerQueryValueW

  credui

  CredUIPromptForCredentialsW

  setupapi

  SetupDiGetDeviceInterfaceDetailW

  SetupDiEnumDeviceInterfaces

  SetupDiGetClassDevsW

  SetupDiDestroyDeviceInfoList

  crypt32

  CertDuplicateCertificateContext

  CertGetNameStringW

  aclui

  ord1

  powrprof

  SetSuspendState

  IsPwrSuspendAllowed

  IsPwrHibernateAllowed

  wtsapi32

  WTSDisconnectSession

  WTSSendMessageW

  WTSEnumerateSessionsW

  WTSQuerySessionInformationW

  WTSLogoffSession

  WTSFreeMemory

  uxtheme

  OpenThemeData

  CloseThemeData

  DrawThemeBackground

  GetThemePartSize

  SetWindowTheme

  EnableThemeDialogTexture

  ntdll

  NtSetInformationProcess

  VerSetConditionMask

  NtLoadDriver

  NtCreateKey

  NtOpenKey

  NtQuerySymbolicLinkObject

  NtQueryEvent

  NtQueryMutant

  NtQuerySystemInformation

  NtQueryInformationThread

  NtQuerySection

  NtResumeThread

  NtSuspendProcess

  NtResumeProcess

  NtOpenThread

  RtlCreateQueryDebugBuffer

  RtlQueryProcessDebugInformation

  RtlDestroyQueryDebugBuffer

  NtOpenSymbolicLinkObject

  NtQueryInformationProcess

  NtQueryObject

  NtQuerySemaphore

  NtSuspendThread

  RtlUnwind

  gdi32

  GetDeviceCaps

  GetStockObject

  LineTo

  RectInRegion

  SelectClipRgn

  SelectObject

  GetBkMode

  SetDCPenColor

  SetBkMode

  SetTextColor

  GetTextMetricsW

  MoveToEx

  Polyline

  ExtTextOutW

  SetViewportOrgEx

  CreateFontIndirectW

  GetTextExtentPoint32W

  Rectangle

  SetTextAlign

  TextOutW

  SetMapMode

  StartDocW

  EndDoc

  StartPage

  EndPage

  CreateBitmap

  CreatePatternBrush

  ExcludeClipRect

  GetCurrentObject

  PatBlt

  Polygon

  GetTextExtentExPointW

  RestoreDC

  SaveDC

  SetROP2

  GetBkColor

  DeleteDC

  CreateSolidBrush

  CreateRectRgnIndirect

  CreatePen

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  DeleteObject

  GetObjectW

  CreateDIBSection

  SetBkColor

  comdlg32

  PrintDlgW

  ChooseFontW

  CommDlgExtendedError

  GetOpenFileNameW

  GetSaveFileNameW

  ChooseColorW

  FindTextW

  kernel32

  GetLongPathNameW

  WriteFile

  CloseHandle

  GetLastError

  SetErrorMode

  InitializeCriticalSection

  Sleep

  GetCurrentProcess

  ExitThread

  TlsAlloc

  TlsSetValue

  CreateProcessW

  OpenProcess

  GetVersion

  GetSystemWindowsDirectoryW

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  IsWow64Process

  GetSystemWow64DirectoryW

  GetModuleFileNameW

  GetModuleHandleW

  GetProcAddress

  LocalFree

  FormatMessageA

  lstrlenW

  FileTimeToSystemTime

  GetDateFormatW

  GetTimeFormatW

  GetLocaleInfoW

  GetNumberFormatW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  FindFirstFileW

  GetFileAttributesW

  GetPrivateProfileStringW

  FreeLibrary

  ExitProcess

  ReadFile

  MultiByteToWideChar

  FindClose

  FindNextFileW

  EnterCriticalSection

  LeaveCriticalSection

  SetEvent

  WaitForSingleObject

  CreateEventW

  WaitForMultipleObjects

  GetCurrentThread

  HeapDestroy

  HeapAlloc

  HeapReAlloc

  HeapFree

  HeapSize

  GetProcessHeap

  CreateThread

  GetExitCodeThread

  FindResourceExW

  LoadResource

  LockResource

  SizeofResource

  FindResourceW

  SetLastError

  GetVersionExW

  GetFileSizeEx

  LoadLibraryW

  GetTickCount

  MulDiv

  GlobalAddAtomW

  GlobalAlloc

  GlobalUnlock

  GlobalLock

  GetPrivateProfileIntW

  GetFileTime

  InitializeCriticalSectionEx

  DeleteCriticalSection

  GetCurrentThreadId

  DeleteFileW

  GetTempFileNameW

  GetTempPathW

  GetThreadId

  FormatMessageW

  GetCommandLineW

  GetFileType

  LocalAlloc

  TerminateThread

  GlobalReAlloc

  Module32FirstW

  Module32NextW

  GetSystemTime

  GetSystemTimeAsFileTime

  SystemTimeToFileTime

  IsBadStringPtrW

  OpenEventW

  VerifyVersionInfoW

  GetEnvironmentVariableW

  ReadProcessMemory

  lstrcmpiW

  GetSystemDirectoryW

  SearchPathW

  SetFilePointer

  GetCurrentProcessId

  IsProcessorFeaturePresent

  VirtualQueryEx

  OpenThread

  ResumeThread

  GetThreadContext

  Thread32First

  Thread32Next

  QueryPerformanceCounter

  QueryPerformanceFrequency

  ResetEvent

  IsBadReadPtr

  TerminateProcess

  SetPriorityClass

  ProcessIdToSessionId

  GetProcessId

  GlobalMemoryStatusEx

  GetLogicalProcessorInformation

  SetProcessWorkingSetSize

  GlobalFree

  PulseEvent

  GetComputerNameW

  WTSGetActiveConsoleSessionId

  GetCurrentDirectoryW

  GetDriveTypeW

  OutputDebugStringW

  DuplicateHandle

  DeviceIoControl

  VirtualAlloc

  VirtualFree

  GetProcessWorkingSetSize

  TrySubmitThreadpoolCallback

  IsProcessInJob

  CreateJobObjectW

  QueryInformationJobObject

  GetThreadGroupAffinity

  SetThreadGroupAffinity

  GlobalMemoryStatus

  GetProcessAffinityMask

  SetProcessAffinityMask

  GetActiveProcessorGroupCount

  GetActiveProcessorCount

  WideCharToMultiByte

  K32GetModuleFileNameExW

  K32GetMappedFileNameW

  K32QueryWorkingSet

  DecodePointer

  GetStartupInfoW

  GetThreadIdealProcessorEx

  GetTickCount64

  QueryThreadCycleTime

  SystemTimeToTzSpecificLocalTime

  GetNativeSystemInfo

  GetConsoleCP

  LCMapStringEx

  GetStringTypeW

  TryAcquireSRWLockExclusive

  AcquireSRWLockExclusive

  ReleaseSRWLockExclusive

  InitializeSRWLock

  LoadLibraryExA

  FlushInstructionCache

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  InitializeSListHead

  EncodePointer

  IsDebuggerPresent

  GetSystemInfo

  VirtualProtect

  VirtualQuery

  CompareStringW

  LCMapStringW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  SetFilePointerEx

  FlushFileBuffers

  GetConsoleOutputCP

  GetConsoleMode

  SetConsoleMode

  ReadConsoleInputW

  GetFileSize

  FileTimeToLocalFileTime

  CreateFileW

  ExpandEnvironmentStringsW

  SetEnvironmentVariableW

  GetStdHandle

  TlsGetValue

  ReadConsoleW

  GetTimeZoneInformation

  FindFirstFileExW

  IsValidCodePage

  GetACP

  GetCPInfo

  InitializeCriticalSectionAndSpinCount

  WaitForSingleObjectEx

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TlsFree

  FreeLibraryAndExitThread

  GetOEMCP

  GetCommandLineA

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetStdHandle

  SetEndOfFile

  WriteConsoleW

  GetFullPathNameW

  RaiseException

  GetModuleHandleExW

  LoadLibraryExW

  user32

  CheckDlgButton

  IsDlgButtonChecked

  EnableWindow

  ModifyMenuW

  TrackPopupMenu

  SetMenuInfo

  InvalidateRgn

  EnumWindows

  CopyAcceleratorTableW

  TranslateAcceleratorW

  DrawMenuBar

  IsDialogMessageW

  GetMenuBarInfo

  ShowWindowAsync

  IsIconic

  EndTask

  RegisterWindowMessageW

  GetMessageW

  TranslateMessage

  DispatchMessageW

  ExitWindowsEx

  SetLayeredWindowAttributes

  CreateDialogParamW

  GetDlgItemTextW

  CreateMenu

  GetMenuInfo

  EndMenu

  LoadIconW

  LockWorkStation

  IsHungAppWindow

  SendMessageTimeoutW

  SetDlgItemInt

  CheckRadioButton

  MsgWaitForMultipleObjects

  GetGuiResources

  CharNextW

  GetWindowPlacement

  MonitorFromPoint

  CheckMenuRadioItem

  GetWindow

  GetDesktopWindow

  SetRectEmpty

  WindowFromPoint

  ClientToScreen

  SetCursorPos

  MessageBeep

  AdjustWindowRectEx

  AllowSetForegroundWindow

  SetMenuDefaultItem

  GetMenuItemInfoW

  TrackPopupMenuEx

  RemoveMenu

  AppendMenuW

  GetMenuItemCount

  GetMenuItemID

  EnableMenuItem

  CreatePopupMenu

  GetMenuStringW

  LoadMenuW

  LoadAcceleratorsW

  GetDlgCtrlID

  SetWindowPlacement

  IsWindow

  PostQuitMessage

  GetMessagePos

  PeekMessageW

  DrawEdge

  TrackMouseEvent

  LoadStringA

  DefMDIChildProcW

  DefFrameProcW

  DefDlgProcW

  CreateIconIndirect

  DestroyWindow

  EnumChildWindows

  UnionRect

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  DrawFrameControl

  DialogBoxParamW

  GetDlgItem

  EndDialog

  DialogBoxIndirectParamW

  GetAncestor

  GetWindowModuleFileNameW

  GetMonitorInfoW

  MonitorFromWindow

  SystemParametersInfoW

  CallNextHookEx

  UnhookWindowsHookEx

  SetWindowsHookExW

  GetClassNameW

  SetClassLongW

  PtInRect

  FrameRect

  DrawFocusRect

  ScreenToClient

  ShowScrollBar

  SetScrollPos

  RedrawWindow

  GetWindowDC

  IsWindowEnabled

  IsZoomed

  IsWindowVisible

  MoveWindow

  IsChild

  GetSysColorBrush

  GetWindowTextLengthW

  GetWindowTextW

  SetWindowTextW

  KillTimer

  GetClassInfoExW

  UnregisterClassW

  DrawIconEx

  GetSysColor

  SetMenuItemInfoW

  DestroyMenu

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  OpenClipboard

  GetScrollInfo

  SetScrollInfo

  GetClassLongW

  SetWindowLongW

  GetWindowLongW

  OffsetRect

  IntersectRect

  InflateRect

  CopyRect

  SetRect

  FillRect

  MapWindowPoints

  GetCursorPos

  SendMessageW

  WaitForInputIdle

  ShowWindow

  SetFocus

  GetSystemMetrics

  GetMenu

  CheckMenuItem

  GetSubMenu

  InsertMenuW

  DeleteMenu

  SetForegroundWindow

  GetWindowRect

  GetClientRect

  GetPropW

  SetPropW

  ScrollWindowEx

  ValidateRect

  InvalidateRect

  EndPaint

  UpdateWindow

  DrawTextW

  SetTimer

  ReleaseCapture

  SetCapture

  GetCapture

  GetKeyState

  GetFocus

  SetWindowPos

  CreateWindowExW

  RegisterClassExW

  MessageBoxW

  SetCursor

  FindWindowW

  FindWindowExW

  GetWindowThreadProcessId

  LoadCursorW

  DestroyIcon

  LoadImageW

  EnumDisplaySettingsW

  GetDC

  ReleaseDC

  LoadStringW

  PostMessageW

  SetDlgItemTextW

  GetParent

  DefWindowProcW

  CallWindowProcW

  BeginPaint

  advapi32

  AdjustTokenPrivileges

  AllocateAndInitializeSid

  DuplicateTokenEx

  EqualSid

  FreeSid

  GetTokenInformation

  ImpersonateLoggedOnUser

  CreateRestrictedToken

  GetAce

  GetSidIdentifierAuthority

  RevertToSelf

  GetSidSubAuthority

  GetSidSubAuthorityCount

  InitializeAcl

  IsValidSid

  SetTokenInformation

  GetSecurityInfo

  SetSecurityInfo

  LookupAccountSidW

  LookupAccountNameW

  LsaFreeMemory

  LsaClose

  LsaOpenPolicy

  LsaEnumerateAccountRights

  ConvertSidToStringSidW

  FlushTraceW

  RegConnectRegistryW

  CreateProcessAsUserW

  GetKernelObjectSecurity

  OpenProcessToken

  LookupPrivilegeNameW

  EnumServicesStatusExW

  InitializeSecurityDescriptor

  SetSecurityDescriptorDacl

  SetSecurityDescriptorOwner

  RegEnumKeyExW

  SetEntriesInAclW

  AddAccessAllowedAce

  QueryServiceConfigW

  GetLengthSid

  CopySid

  CloseTrace

  ProcessTrace

  OpenTraceW

  ControlTraceW

  StartTraceW

  SetServiceObjectSecurity

  QueryServiceObjectSecurity

  LookupPrivilegeValueW

  RegCreateKeyExW

  RegDeleteKeyW

  RegEnumKeyW

  RegEnumValueW

  MapGenericMask

  RegGetValueW

  RegCreateKeyW

  StartServiceW

  QueryServiceStatus

  ControlService

  QueryServiceConfig2W

  SetKernelObjectSecurity

  RegCloseKey

  OpenServiceW

  OpenSCManagerW

  RegLoadKeyW

  RegOpenKeyW

  RegOpenKeyExW

  GetServiceDisplayNameW

  CloseServiceHandle

  RegDeleteValueW

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptGetHashParam

  CryptReleaseContext

  CryptAcquireContextW

  RegQueryValueW

  RegUnLoadKeyW

  RegSetValueExW

  RegQueryValueExW

  RegQueryInfoKeyW

  AddAce

  shell32

  Shell_NotifyIconW

  SHGetMalloc

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  ShellExecuteExW

  ExtractAssociatedIconW

  ShellExecuteW

  SHBrowseForFolderW

  ExtractIconExW

  SHGetStockIconInfo

  SHGetFolderPathW

  SHGetFileInfoW

  ole32

  CoCreateInstance

  CoUninitialize

  CoTaskMemFree

  CoMarshalInterThreadInterfaceInStream

  CoInitializeEx

  CoSetProxyBlanket

  CoInitialize

  CoTaskMemAlloc

  CoTaskMemRealloc

  CoGetInterfaceAndReleaseStream

  oleaut32

  SafeArrayGetElement

  VarUI4FromStr

  SysAllocStringLen

  SafeArrayUnaccessData

  SafeArrayAccessData

  SafeArrayGetLBound

  SysAllocString

  SysFreeString

  SysStringLen

  SysAllocStringByteLen

  VariantInit

  VariantClear

  VariantChangeType

  SafeArrayGetUBound

  SafeArrayDestroy

  msimg32

  GradientFill

  dwmapi

  DwmDefWindowProc

  DwmSetWindowAttribute

  winhttp

  WinHttpOpen

  WinHttpOpenRequest

  WinHttpSendRequest

  WinHttpReceiveResponse

  WinHttpCloseHandle

  WinHttpQueryHeaders

  WinHttpGetProxyForUrl

  WinHttpQueryDataAvailable

  WinHttpWriteData

  WinHttpReadData

  WinHttpConnect

  WinHttpSetOption

  Sections

  .text

  Size: 997KB - Virtual size: 996KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 226KB - Virtual size: 225KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 43KB - Virtual size: 244KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3.1MB - Virtual size: 3.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .oknm

  Size: 1024B - Virtual size: 540B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3.1MB - Virtual size: 3.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ