D:\HPWolftree0204\Release\WolfTree.pdb
Static task
static1
3 signatures
Behavioral task
behavioral1
Sample
2024-05-14_498b3767a20baadb6b77b88a89bcedd4_mafia_revil.exe
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-05-14_498b3767a20baadb6b77b88a89bcedd4_mafia_revil.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2024-05-14_498b3767a20baadb6b77b88a89bcedd4_mafia_revil
-
Size
12.5MB
-
MD5
498b3767a20baadb6b77b88a89bcedd4
-
SHA1
f273b53864ae67777d2ec89052bdb3830ff57853
-
SHA256
ca43f1fdb436c960bab4f908868efe0a3ac6a3705e72dd5e049087f6ad2befd1
-
SHA512
46601cfd8cfa29d9c123803d318ae5c94967752b0eddc6be6b8d10f224525704ea366a3f863efa2d8b0aa84012e462570175befada42ae573fe4a80a940e20e3
-
SSDEEP
196608:5kPT39lBM7FUzFL0rZfCtUHYO/R8Zgv8JGwqWOa4dgsIe:5qZF0r0CHYO/Rrwq/a4Ks
Score
10/10
Malware Config
Signatures
-
Detects executables calling ClearMyTracksByProcess 1 IoCs
resource yara_rule sample INDICATOR_SUSPICIOUS_EXE_ClearMyTracksByProcess -
Detects executables embedding registry key / value combination manipulating RDP / Terminal Services 1 IoCs
resource yara_rule sample INDICATOR_SUSPICIOUS_EXE_RegKeyComb_RDP -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-05-14_498b3767a20baadb6b77b88a89bcedd4_mafia_revil
Files
-
2024-05-14_498b3767a20baadb6b77b88a89bcedd4_mafia_revil.exe windows:5 windows x86 arch:x86
5b2ced30a53d93d3faa10638ca94561b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
shlwapi
PathRemoveFileSpecW
PathIsDirectoryA
PathFileExistsA
StrPBrkA
StrChrA
UrlUnescapeA
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
SHAutoComplete
PathStripPathA
PathRemoveFileSpecA
kernel32
QueryPerformanceCounter
GetSystemTimeAsFileTime
ConvertThreadToFiber
ConvertFiberToThread
GetSystemTime
FormatMessageW
FindFirstFileW
FindNextFileW
GetStdHandle
GetFileType
GetVersion
CreateFiber
SwitchToFiber
DeleteFiber
DeleteTimerQueueTimer
CreateTimerQueueTimer
InterlockedExchangeAdd
GetNativeSystemInfo
GetConsoleMode
CancelWaitableTimer
SetWaitableTimer
HeapAlloc
UnmapViewOfFile
SwitchToThread
CreateIoCompletionPort
CreateFileMappingA
MapViewOfFileEx
PostQueuedCompletionStatus
CreateWaitableTimerA
GetQueuedCompletionStatus
HeapDestroy
HeapCreate
HeapFree
DeleteTimerQueueEx
CreateTimerQueue
RaiseException
InterlockedCompareExchange
SetConsoleMode
ReadConsoleA
TryEnterCriticalSection
ReadConsoleW
CreateEventA
CloseHandle
GetEnvironmentVariableW
TerminateThread
WaitForSingleObject
RtlUnwind
SetEvent
ResumeThread
CreateThread
Sleep
FindResourceW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte
VirtualFree
GetDriveTypeA
FindFirstFileExA
DecodePointer
EncodePointer
ExitThread
VirtualQuery
HeapSetInformation
GetStartupInfoW
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
SetConsoleCtrlHandler
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
GetTimeZoneInformation
GetFileInformationByHandle
PeekNamedPipe
VirtualAlloc
GetVolumeInformationA
GetComputerNameA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetConsoleCP
GetLocaleInfoW
GetStringTypeW
SetHandleCount
FatalAppExitA
LCMapStringW
GetTickCount
ReadFile
GetFileSize
CreateFileA
GetProcAddress
LoadLibraryA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
lstrlenA
InterlockedExchange
GetCurrentThreadId
lstrcpyA
MultiByteToWideChar
LocalFree
LocalAlloc
lstrcmpA
FindClose
FindNextFileA
FindFirstFileA
GetFileAttributesA
WriteFile
SetFilePointer
RemoveDirectoryA
DeleteFileA
GetLastError
CreateDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetLastError
DeactivateActCtx
ActivateActCtx
GetModuleHandleA
GetModuleFileNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
SetFileAttributesA
ExitProcess
CreateProcessA
GetStartupInfoA
GetCommandLineA
MulDiv
FreeResource
FindResourceA
ResetEvent
FreeEnvironmentStringsW
GetEnvironmentStringsW
CompareStringW
GetDriveTypeW
GetProcessHeap
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
CreateFileW
SearchPathA
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
SetErrorMode
GetAtomNameA
GetACP
GlobalFlags
VirtualProtect
WaitForMultipleObjects
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
GetProfileIntA
TlsFree
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetDiskFreeSpaceA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetUserDefaultLCID
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleHandleW
SuspendThread
LocalLock
LocalUnlock
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetShortPathNameA
GetFullPathNameA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
MoveFileA
LocalSize
GetThreadLocale
GetStringTypeExA
lstrlenW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryW
lstrcmpW
GetSystemInfo
lstrcpynA
FormatMessageA
lstrcmpiA
CompareStringA
InitializeCriticalSectionAndSpinCount
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
GetPrivateProfileSectionNamesA
CopyFileA
GetExitCodeThread
SetThreadPriority
GetOEMCP
GetCPInfo
GetVersionExA
EnumResourceTypesA
EnumResourceLanguagesA
EnumResourceNamesA
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
lstrcatA
LocalReAlloc
user32
DrawIcon
ValidateRect
UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
InsertMenuItemA
TranslateAcceleratorA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
GetWindowThreadProcessId
RemoveMenu
ScrollWindowEx
PostQuitMessage
ShowOwnedPopups
SetWindowContextHelpId
DispatchMessageA
TranslateMessage
SetWindowTextA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
SendDlgItemMessageA
WinHelpA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
MonitorFromWindow
ScrollWindow
LoadAcceleratorsW
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
InSendMessage
MsgWaitForMultipleObjectsEx
NotifyWinEvent
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
UnregisterClassA
InvalidateRgn
GetNextDlgGroupItem
WindowFromDC
PostThreadMessageA
GetMessageA
InvalidateRect
SendMessageA
EnableWindow
SetRect
MessageBoxA
wsprintfA
LoadCursorA
DestroyCursor
SetClassLongA
ReleaseDC
DestroyIcon
GetDC
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
MsgWaitForMultipleObjects
GetIconInfo
SetTimer
DrawTextA
GetKeyState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
DrawIconEx
AppendMenuA
CheckMenuItem
GetMenuState
CheckMenuRadioItem
PostMessageA
GetSystemMenu
GetClientRect
IsWindowVisible
GetTabbedTextExtentW
LoadCursorW
UpdateWindow
GetDlgCtrlID
GetParent
GetCursorPos
DeleteMenu
GetSubMenu
LoadMenuW
LoadIconA
GetSysColor
FindWindowExA
GetClassNameA
GetWindowTextA
WindowFromPoint
mouse_event
SetCursor
SendMessageTimeoutA
IsWindow
GetDesktopWindow
CharNextA
CreatePopupMenu
EnableMenuItem
GetMenuItemCount
SetCapture
GetWindow
LoadIconW
GetSystemMetrics
MessageBeep
InflateRect
OffsetRect
RedrawWindow
GetMenu
GetFocus
CopyRect
FillRect
DrawFocusRect
GetWindowRect
LockWindowUpdate
GetScrollRange
SetScrollRange
SetWindowLongA
GetWindowLongA
LoadImageA
TrackPopupMenuEx
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CreateDialogIndirectParamA
EndDialog
GetClipboardFormatNameA
GetAsyncKeyState
MapDialogRect
GetTabbedTextExtentA
GetActiveWindow
IsWindowUnicode
CallWindowProcA
GetWindowLongW
SetWindowLongW
SetMenu
DestroyWindow
IsMenu
GetNextDlgTabItem
GetWindowRgn
SetCursorPos
GetScrollInfo
GetDoubleClickTime
GetMenuStringA
GetMenuStringW
LoadBitmapA
LoadMenuA
LoadMenuIndirectA
LookupIconIdFromDirectoryEx
CopyImage
IsDialogMessageA
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
GetMenuDefaultItem
GetMenuItemInfoA
GetWindowTextLengthA
GetDialogBaseUnits
GrayStringA
DrawTextExA
TabbedTextOutA
InvertRect
GetForegroundWindow
ScreenToClient
ClipCursor
RegisterWindowMessageA
GetMonitorInfoA
MonitorFromPoint
PtInRect
DefWindowProcA
RegisterClassA
GetScrollPos
SetScrollPos
GetSysColorBrush
GetCapture
IsClipboardFormatAvailable
IsRectEmpty
SetRectEmpty
IntersectRect
DrawEdge
GetMenuItemID
HideCaret
ShowCaret
ClientToScreen
SendNotifyMessageA
EnableScrollBar
DestroyAcceleratorTable
CreateAcceleratorTableA
UpdateLayeredWindow
LoadImageW
FrameRect
GetUpdateRect
CharUpperBuffA
SubtractRect
KillTimer
ReleaseCapture
IsZoomed
SetWindowPos
EqualRect
IsChild
SetParent
DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
SystemParametersInfoA
GetTopWindow
WaitMessage
PeekMessageA
MapVirtualKeyA
SetActiveWindow
GetLastActivePopup
DrawFrameControl
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetCursor
DrawStateA
SetForegroundWindow
IsWindowEnabled
IsIconic
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
LoadAcceleratorsA
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
CopyAcceleratorTableA
CharUpperA
MapWindowPoints
SetFocus
InsertMenuA
LoadBitmapW
GetDlgItem
SetMenuDefaultItem
TrackPopupMenu
EnumChildWindows
FindWindowA
DrawAnimatedRects
UnionRect
GetDCEx
GetClassLongA
BringWindowToTop
MoveWindow
ShowWindow
SetWindowRgn
AdjustWindowRectEx
gdi32
Escape
RectVisible
PtVisible
PatBlt
GetCurrentObject
SetPixel
GetPixel
GetTextColor
ExtCreateRegion
GetBitmapBits
CreateRectRgn
Rectangle
Polygon
GetTextAlign
GetTextMetricsA
SetBkMode
GetStockObject
GetDIBColorTable
SetDIBColorTable
CreateFontA
SetLayout
CreatePen
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
TextOutA
StretchBlt
SetBkColor
SetTextColor
ExtTextOutA
StretchDIBits
CreateCompatibleDC
CreateDIBSection
SelectObject
SetStretchBltMode
DeleteDC
DeleteObject
ExtSelectClipRgn
PolylineTo
CreateDIBPatternBrushPt
SelectPalette
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
DPtoLP
SetRectRgn
GetMapMode
CreateEllipticRgn
LPtoDP
StartPage
EndPage
SetAbortProc
EnumFontFamiliesExA
EndDoc
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
GetTextExtentPointA
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
OffsetRgn
FillRgn
FrameRgn
GetBoundsRect
SetPaletteEntries
SetPixelV
CreateBitmap
GetDIBits
ExtTextOutW
Ellipse
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
LineTo
PolyBezierTo
BeginPath
ExtFloodFill
SetBrushOrgEx
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
OffsetClipRgn
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetArcDirection
SetColorAdjustment
SelectClipRgn
SelectClipPath
CreatePatternBrush
GetBkColor
Polyline
PtInRegion
CreatePolygonRgn
GetRgnBox
GetWindowOrgEx
RoundRect
CombineRgn
GetViewportOrgEx
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
GetTextExtentPoint32W
MoveToEx
GetCharWidthA
GetCurrentPositionEx
IntersectClipRect
GetClipBox
AbortDoc
GetClipRgn
StartDocA
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
PolyDraw
PlayMetaFileRecord
ArcTo
winspool.drv
GetJobA
ClosePrinter
DocumentPropertiesA
OpenPrinterA
comdlg32
GetFileTitleA
advapi32
CryptReleaseContext
RegOpenKeyA
RegQueryValueExA
CryptGenRandom
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegCreateKeyExA
RegisterEventSourceW
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExW
RegSetValueA
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
CryptEnumProvidersW
RegCloseKey
CryptDestroyKey
CryptGetProvParam
CryptAcquireContextW
CryptGetUserKey
CryptExportKey
CryptDestroyHash
CryptSignHashW
CryptSetHashParam
CryptCreateHash
CryptDecrypt
DeregisterEventSource
ReportEventW
shell32
SHGetDesktopFolder
DragQueryFileA
SHGetFileInfoA
SHGetSpecialFolderPathA
ord71
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
Shell_NotifyIconA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteExA
DragFinish
ExtractIconA
SHAddToRecentDocs
ole32
WriteFmtUserTypeStg
SetConvertStg
CoInitializeEx
CoTaskMemFree
CoUninitialize
OleUninitialize
OleInitialize
CoCreateInstance
OleRun
CreateStreamOnHGlobal
WriteClassStg
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
CoFreeUnusedLibraries
GetClassFile
OleSetMenuDescriptor
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleLockRunning
OleSaveToStream
WriteClassStm
OleSave
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
OleGetClipboard
StringFromGUID2
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
PropVariantCopy
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
oleaut32
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SysStringByteLen
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
SysReAllocStringLen
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
OleCreateFontIndirect
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantChangeTypeEx
VarUdateFromDate
VarBstrFromDate
SafeArrayCreateVector
VarDateFromStr
OleLoadPicturePath
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
OleLoadPicture
SafeArrayLock
GetErrorInfo
SetErrorInfo
CreateErrorInfo
ws2_32
recv
getpeername
inet_ntoa
WSAGetLastError
send
closesocket
socket
gethostname
connect
htons
inet_addr
WSAStartup
WSACleanup
WSAIoctl
setsockopt
__WSAFDIsSet
shutdown
select
ntohs
ioctlsocket
listen
bind
getsockname
accept
ntohl
htonl
getsockopt
WSARecv
WSAStringToAddressA
getnameinfo
WSAGetOverlappedResult
recvfrom
WSAWaitForMultipleEvents
WSAEventSelect
WSACloseEvent
WSACreateEvent
gethostbyname
WSAEnumNetworkEvents
WSASetLastError
WSAAddressToStringA
sendto
WSASendTo
WSARecvFrom
WSASend
WSAResetEvent
getaddrinfo
freeaddrinfo
crypt32
CertFindCertificateInStore
CertOpenStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
msimg32
TransparentBlt
AlphaBlend
comctl32
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Draw
ImageList_Create
ImageList_AddMasked
ImageList_Add
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Remove
oledlg
ord7
ord3
ord8
ord9
ord4
ord5
ord6
ord1
urlmon
URLDownloadToFileA
gdiplus
GdipFree
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipDisposeImage
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDeleteGraphics
avifil32
AVIFileInit
AVIFileExit
AVIStreamSetFormat
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIFileRelease
AVIStreamRelease
AVIMakeCompressedStream
msvfw32
DrawDibDraw
ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICDecompress
DrawDibOpen
DrawDibClose
wininet
HttpOpenRequestA
InternetOpenUrlA
GopherOpenFileA
InternetConnectA
FtpFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpOpenFileA
GopherGetAttributeA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetCloseHandle
InternetFindNextFileA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetQueryDataAvailable
InternetGetCookieA
InternetSetCookieA
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
winmm
timeGetDevCaps
timeBeginPeriod
timeGetTime
PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetNumDevs
mixerGetDevCapsA
mixerOpen
mixerGetLineInfoA
mixerClose
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveOutClose
timeEndPeriod
pdh
PdhCollectQueryData
PdhCloseQuery
PdhAddCounterA
PdhOpenQueryA
PdhGetFormattedCounterValue
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
Sections
.text Size: 6.4MB - Virtual size: 6.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rodata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rotext Size: 109KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3.5MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 301KB - Virtual size: 300KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 426KB - Virtual size: 426KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ