Overview
overview
7Static
static
73f3d2a7261...18.exe
windows7-x64
73f3d2a7261...18.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$TEMP/~nsi...e3.dll
windows7-x64
7$TEMP/~nsi...e3.dll
windows10-2004-x64
7$TEMP/~nsi...41.dll
windows7-x64
7$TEMP/~nsi...41.dll
windows10-2004-x64
7$WINDIR/Sy...dr.exe
windows7-x64
1$WINDIR/Sy...dr.exe
windows10-2004-x64
1sqlite3.dll
windows7-x64
7sqlite3.dll
windows10-2004-x64
7wincarrierb541.dll
windows7-x64
7wincarrierb541.dll
windows10-2004-x64
7wincarriers541.dll
windows7-x64
7wincarriers541.dll
windows10-2004-x64
7wincarrieru.exe
windows7-x64
1wincarrieru.exe
windows10-2004-x64
1Behavioral task
behavioral1
Sample
3f3d2a7261de92986344e3f5045961b2_JaffaCakes118.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral2
Sample
3f3d2a7261de92986344e3f5045961b2_JaffaCakes118.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral8
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
$TEMP/~nsis/c3i022/sqlite3.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral10
Sample
$TEMP/~nsis/c3i022/sqlite3.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
$TEMP/~nsis/c3i022/wincarriers541.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral12
Sample
$TEMP/~nsis/c3i022/wincarriers541.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
$WINDIR/System32/wincarrierdr.exe
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral14
Sample
$WINDIR/System32/wincarrierdr.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
sqlite3.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral16
Sample
sqlite3.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
wincarrierb541.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
wincarrierb541.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
wincarriers541.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral20
Sample
wincarriers541.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
wincarrieru.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral22
Sample
wincarrieru.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Target
3f3d2a7261de92986344e3f5045961b2_JaffaCakes118
Size
1.7MB
MD5
3f3d2a7261de92986344e3f5045961b2
SHA1
e5fb7ae3ed6a96bbbf038f695513645f16f04453
SHA256
06457e77d1a46d5791e290a8959e7bc5cc2df89a09ded219a8745dba2229b8b8
SHA512
a6528807a9c56a40bd0db4cf64ac7ded65ed5af3edac3ab43104f00812a51cb3970a2f2b95473ffe1eab8fb32068c57951db25ee5fcd95de4353eb6385b70750
SSDEEP
49152:O0pFcWWX6HPZp6sSghG/OTdJvk1j1kgSnoIZjp:LpGWFHxpJyOTf81hLSoIZjp
Detects file using ACProtect software.
| resource | yara_rule |
|---|---|
| static1/unpack001/$TEMP/~nsis/c3i022/sqlite3.dll | acprotect |
| static1/unpack001/sqlite3.dll | acprotect |
| resource | yara_rule |
|---|---|
| static1/unpack001/$TEMP/~nsis/c3i022/sqlite3.dll | upx |
| static1/unpack001/sqlite3.dll | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/$PLUGINSDIR/InstallOptions.dll |
| unpack001/$PLUGINSDIR/System.dll |
| unpack001/$PLUGINSDIR/nsProcess.dll |
| resource | yara_rule |
|---|---|
| sample | nsis_installer_1 |
| sample | nsis_installer_2 |
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc
MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect
SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
CoTaskMemFree
dialog
initDialog
show
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
wsprintfA
StringFromGUID2
CLSIDFromString
Alloc
Call
Copy
Free
Get
Int64Op
Store
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
lstrlenA
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
lstrcpynA
GlobalAlloc
_FindProcess
_KillProcess
_Unload
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DLL
sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_config
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_sql
sqlite3_status
sqlite3_step
sqlite3_stmt_status
sqlite3_table_column_metadata
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_win32_mbcs_to_utf8
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
sqlite3_changes
sqlite3_bind_text
sqlite3_bind_int
sqlite3_bind_double
sqlite3_bind_blob
sqlite3_bind_null
sqlite3_open
sqlite3_reset
sqlite3_exec
sqlite3_get_table
sqlite3_last_insert_rowid
sqlite3_busy_timeout
sqlite3_prepare
sqlite3_free_table
sqlite3_close
sqlite3_step
sqlite3_finalize
sqlite3_errmsg
sqlite3_column_type
sqlite3_column_decltype
sqlite3_column_name
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_column_double
sqlite3_column_int
sqlite3_column_text
sqlite3_column_count
sqlite3_vmprintf
sqlite3_mprintf
sqlite3_free
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetFileSize
GetFileTime
LocalAlloc
GetCurrentThread
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
GetProcessVersion
GetCPInfo
FindNextFileA
GetCurrentDirectoryA
RtlUnwind
RaiseException
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
CreateThread
ExitThread
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindFirstFileA
SetLastError
FindClose
ReleaseMutex
CreateMutexA
FormatMessageA
LocalFree
FlushFileBuffers
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
lstrlenW
HeapDestroy
GlobalAlloc
GlobalFree
lstrcpynA
FindResourceA
SizeofResource
LoadResource
LockResource
GetVersion
GetFileAttributesA
SetFileAttributesA
LoadLibraryA
FreeLibrary
CreateProcessA
GetExitCodeProcess
RemoveDirectoryA
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetFileAttributesExA
GetPrivateProfileStringA
GetModuleFileNameA
ExpandEnvironmentStringsA
GetShortPathNameA
MoveFileA
CreateDirectoryA
WideCharToMultiByte
WritePrivateProfileStringA
OpenProcess
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
ReadProcessMemory
VirtualFreeEx
GetExitCodeThread
GetCurrentThreadId
MultiByteToWideChar
SetFilePointer
WriteFile
ReadFile
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiA
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
GetLastError
Sleep
GetCurrentProcessId
DeleteFileA
lstrlenA
lstrcpyA
lstrcatA
GetTickCount
GetCurrentProcess
DuplicateHandle
ResumeThread
CreateEventA
ResetEvent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
SetEvent
TerminateThread
InitializeCriticalSection
GetThreadLocale
MulDiv
SuspendThread
lstrcmpA
GetOEMCP
InterlockedExchange
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
ClientToScreen
UnregisterClassA
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
CharUpperA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
GetMessageA
TranslateMessage
ValidateRect
LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
GetKeyState
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
CharNextA
GetClassInfoA
AttachThreadInput
SetForegroundWindow
BringWindowToTop
GetDC
ReleaseDC
MonitorFromPoint
GetMonitorInfoA
CopyRect
GetWindowLongA
RegisterWindowMessageA
SetRect
SetWindowTextA
GetWindowTextA
EnumChildWindows
GetClassNameA
ShowWindow
RedrawWindow
IsZoomed
InvalidateRect
UpdateWindow
FindWindowExA
SetWindowsHookExA
GetFocus
GetAsyncKeyState
CallNextHookEx
UnhookWindowsHookEx
CallWindowProcA
SetWindowLongA
GetActiveWindow
GetCursorPos
PtInRect
GetClientRect
GetWindowRect
GetParent
ScreenToClient
SetWindowRgn
EnableWindow
LoadStringA
DestroyMenu
GetSysColorBrush
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
PeekMessageA
GetForegroundWindow
PostMessageA
SetWindowPos
SetTimer
KillTimer
GetDesktopWindow
SetParent
GetWindowThreadProcessId
IsWindow
SendMessageA
wsprintfA
GetWindowDC
EndDialog
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
LPtoDP
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
DPtoLP
ExtTextOutA
GetMapMode
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetViewportOrgEx
ScaleWindowExtEx
SetWindowExtEx
EnumFontFamiliesA
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
CombineRgn
DeleteObject
GetStockObject
RestoreDC
SaveDC
DeleteDC
SelectObject
GetBkColor
GetTextColor
GetOpenFileNameA
GetFileTitleA
ClosePrinter
OpenPrinterA
DocumentPropertiesA
RegGetKeySecurity
RegCreateKeyExA
ControlService
DeleteService
EnumServicesStatusA
QueryServiceConfigA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegSetKeySecurity
RegQueryInfoKeyA
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegCloseKey
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
RegEnumValueA
RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegSetValueExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
ShellExecuteA
ord680
SHGetDesktopFolder
SHGetSpecialFolderPathA
ord17
ord8
OleInitialize
CoInitialize
CoUninitialize
OleUninitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ord253
VariantChangeType
SysAllocStringByteLen
VariantCopy
RegisterTypeLi
LoadTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
VariantTimeToSystemTime
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear
WSACleanup
WSAStartup
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetQueryOptionA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetOpenA
InternetSetOptionA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetCanonicalizeUrlA
GetAdaptersInfo
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
timeKillEvent
timeSetEvent
MakeSureDirectoryPathExists
ord22
ord23
ord20
ImmNotifyIME
ImmReleaseContext
ImmGetContext
AccessibleObjectFromWindow
SHDeleteKeyA
GetModuleFileNameExA
BeforeNavigate2
ConntBrowser
DocumentComplete
HookIEAddressBar
NSIS_After_Patch
NSIS_After_Setup
NSIS_After_UnInstall
NSIS_IsPatchStartible
NSIS_IsSetupStartible
NSIS_URL32Encoding
NSIS_VersionCheck
NavigateComplete2
NewWindow2
NewWindow3
OnAddressBar
OnMenuBar
OnToolBar
Quit
SetBandWeb
SetupRegisterServer
SetupUnregisterServer
Test_Func
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
ExpandEnvironmentStringsA
GetModuleHandleA
TerminateThread
GetModuleFileNameA
CompareStringW
CompareStringA
GetProcAddress
GetVersionExA
lstrcmpiA
DeleteFileA
CreateFileA
WriteFile
MoveFileA
CreateThread
GetLastError
lstrcatA
lstrcpyA
ResetEvent
GetTickCount
Sleep
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
LoadLibraryA
lstrlenA
GetOEMCP
GetACP
SetEnvironmentVariableA
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapSize
UnhandledExceptionFilter
wsprintfA
ControlService
DeleteService
CreateServiceA
ChangeServiceConfig2A
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
StartServiceA
ShellExecuteA
SHGetFileInfoA
InternetOpenA
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetCloseHandle
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DLL
sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_config
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_sql
sqlite3_status
sqlite3_step
sqlite3_stmt_status
sqlite3_table_column_metadata
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_win32_mbcs_to_utf8
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InterlockedDecrement
lstrlenW
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
SizeofResource
LoadResource
FindResourceA
DisableThreadLibraryCalls
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
GetOEMCP
GetACP
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
WideCharToMultiByte
lstrcatA
lstrlenA
lstrcmpiA
lstrcpyA
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
LoadLibraryA
GetLastError
FreeLibrary
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CallWindowProcA
DefWindowProcA
SetWindowLongA
GetWindowLongA
CharNextA
PostMessageA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegEnumValueA
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
VariantCopy
SysFreeString
VariantClear
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
sqlite3_changes
sqlite3_bind_text
sqlite3_bind_int
sqlite3_bind_double
sqlite3_bind_blob
sqlite3_bind_null
sqlite3_open
sqlite3_reset
sqlite3_exec
sqlite3_get_table
sqlite3_last_insert_rowid
sqlite3_busy_timeout
sqlite3_prepare
sqlite3_free_table
sqlite3_close
sqlite3_step
sqlite3_finalize
sqlite3_errmsg
sqlite3_column_type
sqlite3_column_decltype
sqlite3_column_name
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_column_double
sqlite3_column_int
sqlite3_column_text
sqlite3_column_count
sqlite3_vmprintf
sqlite3_mprintf
sqlite3_free
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetFileSize
GetFileTime
LocalAlloc
GetCurrentThread
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
GetProcessVersion
GetCPInfo
FindNextFileA
GetCurrentDirectoryA
RtlUnwind
RaiseException
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
CreateThread
ExitThread
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindFirstFileA
SetLastError
FindClose
ReleaseMutex
CreateMutexA
FormatMessageA
LocalFree
FlushFileBuffers
SetThreadPriority
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
lstrlenW
HeapDestroy
GlobalAlloc
GlobalFree
lstrcpynA
FindResourceA
SizeofResource
LoadResource
LockResource
GetVersion
GetFileAttributesA
SetFileAttributesA
LoadLibraryA
FreeLibrary
CreateProcessA
GetExitCodeProcess
RemoveDirectoryA
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetFileAttributesExA
GetPrivateProfileStringA
GetModuleFileNameA
ExpandEnvironmentStringsA
GetShortPathNameA
MoveFileA
CreateDirectoryA
WideCharToMultiByte
WritePrivateProfileStringA
OpenProcess
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
ReadProcessMemory
VirtualFreeEx
GetExitCodeThread
GetCurrentThreadId
MultiByteToWideChar
SetFilePointer
WriteFile
ReadFile
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiA
CreateFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
GetLastError
Sleep
GetCurrentProcessId
DeleteFileA
lstrlenA
lstrcpyA
lstrcatA
GetTickCount
GetCurrentProcess
DuplicateHandle
ResumeThread
CreateEventA
ResetEvent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
SetEvent
TerminateThread
InitializeCriticalSection
GetThreadLocale
MulDiv
SuspendThread
lstrcmpA
GetOEMCP
InterlockedExchange
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
ClientToScreen
UnregisterClassA
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
CharUpperA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
GetMessageA
TranslateMessage
ValidateRect
LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
GetKeyState
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
CharNextA
GetClassInfoA
AttachThreadInput
SetForegroundWindow
BringWindowToTop
GetDC
ReleaseDC
MonitorFromPoint
GetMonitorInfoA
CopyRect
GetWindowLongA
RegisterWindowMessageA
SetRect
SetWindowTextA
GetWindowTextA
EnumChildWindows
GetClassNameA
ShowWindow
RedrawWindow
IsZoomed
InvalidateRect
UpdateWindow
FindWindowExA
SetWindowsHookExA
GetFocus
GetAsyncKeyState
CallNextHookEx
UnhookWindowsHookEx
CallWindowProcA
SetWindowLongA
GetActiveWindow
GetCursorPos
PtInRect
GetClientRect
GetWindowRect
GetParent
ScreenToClient
SetWindowRgn
EnableWindow
LoadStringA
DestroyMenu
GetSysColorBrush
LoadCursorA
GrayStringA
DrawTextA
TabbedTextOutA
PeekMessageA
GetForegroundWindow
PostMessageA
SetWindowPos
SetTimer
KillTimer
GetDesktopWindow
SetParent
GetWindowThreadProcessId
IsWindow
SendMessageA
wsprintfA
GetWindowDC
EndDialog
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
LPtoDP
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetMapMode
DPtoLP
ExtTextOutA
GetMapMode
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
SetViewportOrgEx
ScaleWindowExtEx
SetWindowExtEx
EnumFontFamiliesA
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
CombineRgn
DeleteObject
GetStockObject
RestoreDC
SaveDC
DeleteDC
SelectObject
GetBkColor
GetTextColor
GetOpenFileNameA
GetFileTitleA
ClosePrinter
OpenPrinterA
DocumentPropertiesA
RegGetKeySecurity
RegCreateKeyExA
ControlService
DeleteService
EnumServicesStatusA
QueryServiceConfigA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegSetKeySecurity
RegQueryInfoKeyA
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegCloseKey
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
GetLengthSid
CopySid
RegEnumValueA
RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegSetValueExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
ShellExecuteA
ord680
SHGetDesktopFolder
SHGetSpecialFolderPathA
ord17
ord8
OleInitialize
CoInitialize
CoUninitialize
OleUninitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ord253
VariantChangeType
SysAllocStringByteLen
VariantCopy
RegisterTypeLi
LoadTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
VariantTimeToSystemTime
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear
WSACleanup
WSAStartup
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetQueryOptionA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntry
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetOpenA
InternetSetOptionA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetCanonicalizeUrlA
GetAdaptersInfo
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
timeKillEvent
timeSetEvent
MakeSureDirectoryPathExists
ord22
ord23
ord20
ImmNotifyIME
ImmReleaseContext
ImmGetContext
AccessibleObjectFromWindow
SHDeleteKeyA
GetModuleFileNameExA
BeforeNavigate2
ConntBrowser
DocumentComplete
HookIEAddressBar
NSIS_After_Patch
NSIS_After_Setup
NSIS_After_UnInstall
NSIS_IsPatchStartible
NSIS_IsSetupStartible
NSIS_URL32Encoding
NSIS_VersionCheck
NavigateComplete2
NewWindow2
NewWindow3
OnAddressBar
OnMenuBar
OnToolBar
Quit
SetBandWeb
SetupRegisterServer
SetupUnregisterServer
Test_Func
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
GetShortPathNameA
CreateProcessA
GetVersionExA
GetProcAddress
GetModuleHandleA
lstrcpynA
GetTempPathA
GetFileAttributesExA
DeleteFileA
FileTimeToLocalFileTime
FreeLibrary
LoadLibraryA
TerminateThread
GetModuleFileNameA
CompareStringW
CompareStringA
CreateFileA
WriteFile
MoveFileA
CreateThread
GetLastError
FindFirstFileA
FindNextFileA
FindClose
lstrcatA
ResetEvent
ExpandEnvironmentStringsA
GetTickCount
Sleep
lstrcmpiA
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
lstrcpyA
FileTimeToSystemTime
lstrlenA
GetOEMCP
SetEnvironmentVariableA
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
WideCharToMultiByte
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
wsprintfA
OpenServiceA
QueryServiceStatus
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegEnumKeyA
RegSetValueExA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
StartServiceA
SHGetFileInfoA
ShellExecuteA
SHGetSpecialFolderPathA
SHGetDesktopFolder
InternetReadFile
HttpQueryInfoA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
SHDeleteKeyA
SHDeleteValueA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ