Extended Key Usages
ExtKeyUsageCodeSigning
Static task
static1
Behavioral task
behavioral1
Sample
explorer.exe
Resource
win10v2004-20240508-en
Target
explorer.exe
Size
4.8MB
MD5
5aa0083da0d364d21966eb8d2ea904e3
SHA1
b813e6ba3250f5b2b8ebba7bfa9571973f6a744b
SHA256
d70bb0cdc990c67027b0e8bef2d834b70f56c627e14c40d3cb1c1455c0c1567a
SHA512
ce65da6e97ab6d6bb7803f67b94594cca526e26ee9432fbebef585e001b45aecb8eced50da331de21a4a443d6afbeace9ef1c869efac273c98f72558a4210f13
SSDEEP
98304:zgiJOhpATnaC95pgZ1pRtqMIs7yPSQoGHKtJbFXynRw8a0cD5ZU:zgiJOhpATnaC95pgZ1p3qMIsGPIGHKte
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
explorer.pdb
?_Xbad_function_call@std@@YAXXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
_Thrd_detach
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_join
_Thrd_id
_Cnd_do_broadcast_at_thread_exit
?_Xinvalid_argument@std@@YAXPBD@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG00@Z
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXPAG0@Z
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE_JPBG_J@Z
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEPAV12@PAG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JXZ
?tolower@?$ctype@G@std@@QBEPBGPAGPBG@Z
?_Xbad_alloc@std@@YAXXZ
?tolower@?$ctype@G@std@@QBEGG@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAE_JPBG_J@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
_Wcscoll
?_Xout_of_range@std@@YAXPBD@Z
?id@?$collate@G@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?id@?$ctype@G@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
??0_Lockit@std@@QAE@H@Z
??0_Locinfo@std@@QAE@PBD@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??1_Lockit@std@@QAE@XZ
??1_Locinfo@std@@QAE@XZ
?is@?$ctype@G@std@@QBE_NFG@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEXH@Z
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBEPAGXZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAEXXZ
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QBE_NXZ
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEHXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGXZ
?width@ios_base@std@@QAE_J_J@Z
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QAEXH_N@Z
_Mtx_init_in_situ
_Xtime_get_ticks
_Mtx_destroy_in_situ
_Mtx_unlock
_Mtx_lock
?_Xlength_error@std@@YAXPBD@Z
_Wcsxfrm
_register_thread_local_exe_atexit_callback
_c_exit
_initterm_e
_initterm
_set_error_mode
memset
_wcsrev
wcsncpy
wcscspn
strncmp
wcsncmp
_time32
_o_exit
_o_floor
_o_free
_o_iswalnum
_o_iswspace
_o_memcpy_s
_o_realloc
_o_roundf
_o_terminate
_o_toupper
_o_towlower
_o_wcscat_s
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstol
_o_wcstoll
_except_handler4_common
_o__wcsnicmp
_o_ceil
_o__wcsicmp
memmove
_o_bsearch
_o__set_new_mode
_o__set_fmode
_o__set_errno
_o__set_app_type
_o__seh_filter_exe
_o__register_onexit_function
_o__recalloc
_o__purecall
_o__mktime32
_o__wtoi
_o__localtime32
_o__itow_s
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_wide_environment
_o__initialize_onexit_table
_o__get_wide_winmain_command_line
_o__get_errno
_o__exit
_o__errno
_o__difftime32
_o__crt_atexit
_o__controlfp_s
_o__configure_wide_argv
_o__configthreadlocale
_o__CIsqrt
_o__CIpow
_o__cexit
_o__beginthreadex
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_exception_destroy
_o___std_exception_copy
_o___p__commode
wcsstr
__std_terminate
__CxxFrameHandler3
_CxxThrowException
memcmp
memcpy
_o_malloc
PicRetrieveFileInfo
PicFreeFileInfo
ord9
AssignProcessToJobObject
SetInformationJobObject
CreateJobObjectW
QueryInformationJobObject
RegisterApplicationRestart
HashData
UrlUnescapeW
PathIsURLW
CheckElevation
CheckElevationEnabled
SHRegGetUSValueW
SHRegGetBoolUSValueW
CoRegisterMessageFilter
GlobalGetAtomNameW
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
ActivateActCtx
RtlGetVersion
ZwQuerySystemInformation
RtlInitString
wcsspn
RtlQueryResourcePolicy
NtOpenThreadToken
RtlInitUnicodeString
ZwQueryValueKey
RtlUpcaseUnicodeChar
ZwQueryDirectoryFile
RtlpEnsureBufferSize
RtlNtPathNameToDosPathName
ZwOpenFile
ZwEnumerateKey
RtlInitUnicodeStringEx
RtlFormatCurrentUserKeyPath
ZwCreateFile
ZwQueryInformationFile
ZwCreateSection
ZwQueryInformationProcess
ZwSetInformationProcess
RtlxAnsiStringToUnicodeSize
RtlAnsiStringToUnicodeString
ZwUnmapViewOfSection
ZwMapViewOfSection
LdrResSearchResource
RtlVerifyVersionInfo
RtlImageDirectoryEntryToData
RtlReleaseSRWLockShared
RtlAcquireSRWLockShared
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockExclusive
NtClose
NtQueryInformationToken
NtOpenProcessToken
RtlCompareUnicodeString
RtlFreeHeap
RtlGetNativeSystemInformation
wcschr
RtlDosPathNameToNtPathName_U_WithStatus
wcsrchr
strchr
RtlPublishWnfStateData
NtSetSystemInformation
RtlFlushHeaps
NtQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWaitForCompletion
ZwOpenKey
RtlQueryWnfStateData
RtlNtStatusToDosError
RtlGetDeviceFamilyInfoEnum
NtSetInformationProcess
ZwClose
NtQueryInformationProcess
RtlReAllocateHeap
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
RtlRunOnceExecuteOnce
RtlCopyUnicodeString
RtlUpcaseUnicodeString
RtlIsStateSeparationEnabled
RtlAllocateHeap
RtlNtStatusToDosErrorNoTeb
RtlFreeUnicodeString
NtSetThreadExecutionState
VerSetConditionMask
WinSqmSetDWORD
WinSqmIsOptedIn
WinSqmAddToStreamEx
FreeLibrary
SizeofResource
LoadResource
GetModuleFileNameW
GetModuleHandleA
LockResource
GetModuleHandleExW
FindStringOrdinal
GetModuleHandleW
FindResourceExW
GetProcAddress
LoadLibraryExW
LoadStringW
GetModuleFileNameA
Sleep
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
OpenMutexW
CreateSemaphoreExW
AcquireSRWLockShared
CreateMutexExW
ReleaseSRWLockShared
OpenSemaphoreW
ResetEvent
InitializeCriticalSectionAndSpinCount
CreateMutexW
WaitForSingleObjectEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ReleaseMutex
WaitForSingleObject
InitializeCriticalSectionEx
LeaveCriticalSection
OpenEventW
TryEnterCriticalSection
CreateEventExW
SetEvent
TryAcquireSRWLockExclusive
CreateEventW
ReleaseSemaphore
EnterCriticalSection
InitializeCriticalSection
SleepEx
WaitForMultipleObjectsEx
InitializeSRWLock
DeleteCriticalSection
HeapAlloc
HeapFree
HeapSetInformation
GetProcessHeap
GetLastError
UnhandledExceptionFilter
SetErrorMode
SetLastError
RaiseException
SetUnhandledExceptionFilter
GetFileAttributesW
FindNextFileW
FindClose
CompareFileTime
DeleteFileW
CreateFileW
WriteFile
FindFirstFileW
GetLongPathNameW
EventSetInformation
EventWriteTransfer
EventRegister
EventActivityIdControl
EventEnabled
EventWrite
EventProviderEnabled
EventUnregister
RegQueryInfoKeyW
RegSetKeySecurity
RegNotifyChangeKeyValue
RegGetKeySecurity
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegGetValueW
RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegOpenCurrentUser
RegOpenKeyExW
RegDeleteTreeW
RegDeleteKeyExW
SetThreadpoolWait
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CreateThreadpoolWork
SubmitThreadpoolWork
TrySubmitThreadpoolCallback
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolWait
GetCurrentProcess
OpenThreadToken
GetCurrentThread
OpenProcessToken
GetStartupInfoW
QueueUserAPC
ExitProcess
CreateProcessW
OpenThread
GetThreadPriority
GetProcessId
ResumeThread
GetPriorityClass
GetCurrentThreadId
SetPriorityClass
SetProcessShutdownParameters
CreateThread
ProcessIdToSessionId
GetCurrentProcessId
SetThreadPriorityBoost
TerminateProcess
SetThreadPriority
GetExitCodeProcess
GetUserDefaultLangID
GetLocaleInfoEx
GetCalendarInfoW
FormatMessageW
GetLocaleInfoW
GetUserDefaultLocaleName
GetGeoInfoW
GetThreadUILanguage
OutputDebugStringW
IsDebuggerPresent
DebugBreak
CloseHandle
DuplicateHandle
SysAllocString
VarUI4FromStr
SysStringLen
SafeArrayAccessData
SafeArrayCreate
SafeArrayUnaccessData
SysAllocStringByteLen
SafeArrayDestroy
VariantClear
SysFreeString
VariantInit
SHTaskPoolQueueTask
SHTaskPoolGetUniqueContext
SetCurrentProcessExplicitAppUserModelID
IsOS
CoReleaseMarshalData
CoCreateGuid
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
StringFromIID
CoInitializeEx
StringFromGUID2
CreateStreamOnHGlobal
CoTaskMemRealloc
PropVariantClear
IIDFromString
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterClassObject
CLSIDFromString
CoGetMalloc
CoGetStdMarshalEx
CoFreeUnusedLibraries
CoCreateFreeThreadedMarshaler
CoInitializeSecurity
CoIncrementMTAUsage
CoCreateInstance
CoEnableCallCancellation
CoTaskMemFree
CoGetObjectContext
CoDisableCallCancellation
CoGetApartmentType
CoUninitialize
CoSetProxyBlanket
CoGetCallContext
CoWaitForMultipleHandles
CoCancelCall
StrCmpNIW
StrCmpW
StrChrW
StrCmpIW
StrToIntW
StrCmpICA
StrStrIW
StrCmpNICW
StrCmpICW
StrChrIW
StrRChrW
QISearch
SHStrDupW
CommandLineToArgvW
IUnknown_Set
IUnknown_GetSite
IUnknown_SetSite
IUnknown_QueryService
LocalAlloc
LocalReAlloc
GlobalFree
LocalFree
GlobalAlloc
OpenProcess
GetProcessMitigationPolicy
IsProcessorFeaturePresent
GetDateFormatW
GetSystemTime
GetLocalTime
GetLogicalProcessorInformation
GetSystemTimeAsFileTime
GetTickCount64
GetSystemDirectoryW
GetTickCount
GetVersionExW
GetWindowsDirectoryW
GetTimeFormatEx
GetDateFormatEx
GetCurrentDirectoryW
GetCommandLineW
SearchPathW
ExpandEnvironmentStringsW
PathFindExtensionW
PathFileExistsW
PathGetArgsW
PathIsFileSpecW
PathParseIconLocationW
PathRemoveFileSpecW
PathRemoveBlanksW
PathFindFileNameW
PathQuoteSpacesW
PathCommonPrefixW
PathCombineW
SHExpandEnvironmentStringsW
PathGetDriveNumberW
WindowsDeleteStringBuffer
WindowsPreallocateStringBuffer
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsGetStringLen
WindowsDeleteString
WindowsPromoteStringBuffer
WindowsCompareStringOrdinal
WindowsCreateString
WindowsSubstringWithSpecifiedLength
RoActivateInstance
RoInitialize
RoGetActivationFactory
RoUninitialize
SHSetValueW
SHQueryInfoKeyW
SHRegGetValueW
SHDeleteKeyW
SHEnumKeyExW
SHGetValueW
SHDeleteValueW
WideCharToMultiByte
MultiByteToWideChar
CompareStringOrdinal
CompareStringW
SHCreateThreadRef
SHGetThreadRef
SetProcessReference
SHCreateThread
SHSetThreadRef
lstrlenW
lstrcmpiW
IsValidSid
GetLengthSid
EqualSid
CopySid
GetTokenInformation
GetAclInformation
GetAce
DeleteAce
InitializeAcl
AddAce
CreateWellKnownSid
CheckTokenMembership
MakeAbsoluteSD
DuplicateToken
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
SetKernelObjectSecurity
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceLoggerHandle
UnregisterTraceGuids
GetTraceEnableLevel
TraceMessage
GetUserDefaultUILanguage
FindResourceW
LoadLibraryW
SHLoadIndirectString
RemoveVectoredExceptionHandler
RegDeleteKeyValueW
RegSetKeyValueW
RoGetAgileReference
RoOriginateError
RoTransformError
RoFailFastWithErrorContext
GetRestrictedErrorInfo
SetRestrictedErrorInfo
RoGetMatchingRestrictedErrorInfo
RoOriginateLanguageException
PathCchRemoveFileSpec
PathCchAddExtension
PathCchAppend
PathCchCombine
PathAllocCombine
SHAnsiToUnicode
GlobalLock
GlobalUnlock
SetThreadDescription
SetProcessInformation
CreateFileMappingW
VirtualFree
VirtualProtect
OpenFileMappingW
MapViewOfFile
VirtualAlloc
UnmapViewOfFile
MulDiv
SHOpenRegStream2W
SHCreateMemStream
IStream_Reset
SHCreateStreamOnFileW
IStream_Write
SHCreateStreamOnFileEx
IStream_Read
GetTempPathW
QueryFullProcessImageNameW
ord170
CreateTimerQueueTimer
DeleteTimerQueueTimer
UnregisterWaitEx
ChangeTimerQueueTimer
GetProductInfo
GetOsSafeBootMode
GetUserDefaultGeoName
GetProfileType
DeriveAppContainerSidFromAppContainerName
FileTimeToSystemTime
GetTimeZoneInformation
GetDynamicTimeZoneInformation
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetComputerNameW
GetSystemPowerStatus
RegisterWaitForSingleObject
QueryPerformanceCounter
InitializeSListHead
InterlockedPushEntrySList
GetPersistedRegistryLocationW
LookupAccountNameW
CharNextW
CharLowerBuffW
QueryServiceConfigW
NotifyServiceStatusChangeW
CreateIoCompletionPort
GetQueuedCompletionStatus
GetPhysicallyInstalledSystemMemory
CreateStreamOverRandomAccessStream
SHRegGetValueFromHKCUHKLM
GetDpiForMonitor
ord244
GetNetworkConnectivityHint
Process32NextW
CreateToolhelp32Snapshot
Process32FirstW
RaiseFailFastException
CharNextA
PowerDeterminePlatformRoleEx
CallNtPowerInformation
GetPwrCapabilities
ApiSetQueryApiSetPresence
SHCreateWorkerWindowW
ord635
ord479
SHPinDllOfCLSID
ord481
ord509
IUnknown_GetWindow
SHIsChildOrSelf
ord197
ord544
ShellMessageBoxW
ord165
ord292
StrRetToBufW
AssocQueryStringW
StrRetToStrW
ord478
PathRemoveArgsW
ord279
QueryDisplayConfig
GetSystemMetrics
SystemParametersInfoW
EnumDisplayMonitors
GetDisplayConfigBufferSizes
EnumDisplayDevicesW
GetMonitorInfoW
IsRectEmpty
EqualRect
OffsetRect
PtInRect
IntersectRect
SetRectEmpty
InflateRect
SetRect
SubtractRect
CopyRect
UnionRect
NotifyWinEvent
UnhookWinEvent
SetWinEventHook
SHBindToObject
SHBindToParent
ILClone
SHParseDisplayName
SHCreateItemFromIDList
ILFree
SHGetNameFromIDList
SHGetIDListFromObject
ILFindLastID
ILIsEqual
ILRemoveLastID
ILCombine
ILCloneFirst
SHCreateItemFromParsingName
ILIsParent
SHBindToFolderIDListParent
ILGetSize
DXGIDeclareAdapterRemovalSupport
GetPointerDevices
GetPointerType
GetPointerInfo
EnableMouseInPointer
GetCurrentInputMessageSource
SHGetFolderPathEx
GetThreadFlags
SHGetKnownFolderIDList
SetThreadFlags
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
GetPackageFullName
GetPackagesByPackageFamily
SetWindowFeedbackSetting
RegisterClipboardFormatW
CreateWindowInBand
GetWindowBand
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
PSCreateMemoryPropertyStore
PropVariantToBoolean
PSPropertyBag_WriteStr
PropVariantToUInt32
PSPropertyBag_WriteDWORD
InitVariantFromGUIDAsString
PropVariantToStringAlloc
InitVariantFromResource
PSGetPropertyFromPropertyStorage
CreateDispatcherQueueController
URLOpenBlockingStreamW
SHChangeNotify
SHCreateDataObject
ParseApplicationUserModelId
FindPackagesByPackageFamily
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
CreateRectRgn
SetRectRgn
OffsetRgn
GetDeviceCaps
GetOutlineTextMetricsW
CombineRgn
DeleteObject
GetObjectW
DeleteDC
CreateCompatibleDC
SelectObject
GetClipBox
CreateFontIndirectW
SetTextColor
SetTextAlign
GetTextMetricsW
ExtTextOutW
GetStockObject
GetTextExtentPoint32W
CreateRectRgnIndirect
GetGlyphOutlineW
GetClipRgn
SelectClipRgn
GetCurrentObject
StretchBlt
ExcludeClipRect
SetStretchBltMode
Rectangle
IsBadWritePtr
SetProcessDEPPolicy
NdrClientCall2
UuidFromStringW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
I_RpcExceptionFilter
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcBindingFree
InternetCrackUrlW
ord187
ord121
ord184
ord200
ord142
ord162
SHUnicodeToAnsi
ord1
ord192
ord123
ord183
ord126
ord109
ord186
ord190
ord174
ord723
ord885
ord95
ord644
ord743
ord907
ord43
Shell_GetCachedImageIndexW
ord790
ord792
ord727
ord162
SHAppBarMessage
ord894
ord193
ord906
ord895
SHGetLocalizedName
SHGetPropertyStoreForWindow
ord764
ord866
SHEvaluateSystemCommandTemplate
ord181
ord244
ExtractIconExW
ShellExecuteW
ord132
ord137
Shell_NotifyIconW
Shell_NotifyIconGetRect
ord680
SHGetStockIconInfo
DuplicateIcon
ord91
ord254
ord54
SHEnableServiceObject
ord61
ord896
SHAddToRecentDocs
ord60
SHUpdateRecycleBinIcon
ord2
ord711
SHFileOperationW
ord4
SHGetPathFromIDListW
ord645
ord850
ord753
ord733
SHChangeNotifyRegisterThread
DragQueryFileW
ord67
SHCreateItemInKnownFolder
ord206
ord201
ord188
ord899
ShellExecuteExW
ord245
ord200
ord89
ord190
ord85
ord100
ord6
ord22
ord134
ord172
PathIsRelativeW
ord164
PathIsDirectoryW
ord413
ord548
ord163
ord467
AssocQueryKeyW
ChrCmpIW
AssocCreate
GetThemeMargins
GetWindowTheme
GetThemeFont
ord138
OpenThemeDataForDpi
OpenThemeData
GetThemeBool
ord86
BufferedPaintSetAlpha
GetThemeBackgroundExtent
BufferedPaintUnInit
ord126
GetThemePartSize
IsThemeActive
DrawThemeTextEx
DrawThemeBackground
GetBufferedPaintBits
DrawThemeParentBackground
GetThemeInt
IsAppThemed
CloseThemeData
GetThemeColor
IsCompositionActive
EndBufferedPaint
BufferedPaintInit
BeginBufferedPaint
GetThemeMetric
SetWindowTheme
ord159
DwmRegisterThumbnail
ord113
DwmSetWindowAttribute
DwmQueryThumbnailSourceSize
ord124
DwmGetWindowAttribute
DwmUpdateThumbnailProperties
DwmEnableBlurBehindWindow
DwmUnregisterThumbnail
ord114
ord140
ord141
ord138
ord139
DwmIsCompositionEnabled
BringWindowToTop
ord2573
EndTask
IsTopLevelWindow
GetMenuState
SetScrollInfo
GetScrollInfo
SetScrollPos
GetMenuStringW
InternalGetWindowText
GetLayeredWindowAttributes
SetLayeredWindowAttributes
DrawTextExW
CascadeWindows
HungWindowFromGhostWindow
LoadIconW
GetKeyState
ExitWindowsEx
EndDialog
InsertMenuW
InjectMouseInput
MapVirtualKeyExW
InjectKeyboardInput
GetCaretBlinkTime
GetSysColor
CopyImage
DestroyIcon
DrawIconEx
GetSystemMetricsForDpi
ord2005
TrackMouseEvent
SetCapture
GetCapture
ReleaseCapture
GetDoubleClickTime
GetCursorInfo
PostThreadMessageW
UnregisterClassA
GhostWindowFromHungWindow
GetSysColorBrush
GetSystemMenu
GetPhysicalCursorPos
CalculatePopupWindowPosition
CopyIcon
GetLastInputInfo
AdjustWindowRect
GetDpiForWindow
SetWindowCompositionAttribute
ModifyMenuW
GetAsyncKeyState
ReplyMessage
MonitorFromPoint
IsProcessDPIAware
SetThreadDpiAwarenessContext
GetWindowCompositionAttribute
SetGestureConfig
GetMenuItemInfoW
GetWindowProcessHandle
UpdateLayeredWindow
ord2521
GetMenuItemCount
UnregisterClassW
ord2522
GetMenuInfo
SetMenuInfo
GetDpiForSystem
CreateIconIndirect
GetSubMenu
GetWindowDpiAwarenessContext
AreDpiAwarenessContextsEqual
CharLowerW
IsCharAlphaNumericW
LoadImageW
LoadMenuW
DrawTextW
FillRect
DeleteMenu
TrackPopupMenuEx
SendDlgItemMessageW
RegisterHotKey
GetClassLongW
UnregisterHotKey
GetLastActivePopup
CheckMenuItem
SwitchToThisWindow
GetClassWord
GetIconInfo
GetIconInfoExW
LockWorkStation
ShowWindowAsync
TileWindows
ord2574
IsHungAppWindow
GetGuiResources
MonitorFromRect
AdjustWindowRectEx
GetDC
ReleaseDC
MonitorFromWindow
IsIconic
CreatePopupMenu
GetMenuDefaultItem
EnableMenuItem
DestroyMenu
LoadCursorW
RemoveMenu
SetCursor
SetMenuItemInfoW
DefWindowProcA
IsWindowUnicode
LoadAcceleratorsW
ChangeWindowMessageFilterEx
TranslateAcceleratorW
SetMenuDefaultItem
ord2611
GetUserNameExW
ResolveDelayLoadedAPI
DelayLoadFailureHook
PowerSetRequest
VerifyVersionInfoW
PowerCreateRequest
IsProcessInWDAGContainer
CopyFileW
WaitForMultipleObjects
SetTermsrvAppInstallMode
ord292
EnableTraceEx2
StartTraceW
StopTraceW
GetStagedPackagePathByFullName2
BiPtAssociateApplicationEntryPoint
BiPtQueryWorkItem
BiPtEnumerateWorkItemsForPackageName
BiPtFreeMemory
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ