Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Overview
overview
7Static
static
36e44038874...18.exe
windows7-x64
76e44038874...18.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$WINDIR/Sy...cs.dll
windows7-x64
1$WINDIR/Sy...cs.dll
windows10-2004-x64
1$_2_/SBIEB...ct.dll
windows7-x64
6$_2_/SBIEB...ct.dll
windows10-2004-x64
6$_2_/rlz_id.dll
windows7-x64
3$_2_/rlz_id.dll
windows10-2004-x64
3$_2_/sma.exe
windows7-x64
1$_2_/sma.exe
windows10-2004-x64
1$_2_/smci32.dll
windows7-x64
3$_2_/smci32.dll
windows10-2004-x64
1$_2_/smci64.dll
windows7-x64
1$_2_/smci64.dll
windows10-2004-x64
1$_2_/smi32.exe
windows7-x64
1$_2_/smi32.exe
windows10-2004-x64
1$_2_/smi64.exe
windows7-x64
1$_2_/smi64.exe
windows10-2004-x64
1$_2_/smu.exe
windows7-x64
1$_2_/smu.exe
windows10-2004-x64
7$_2_/smw.dll
windows7-x64
1$_2_/smw.dll
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
6e44038874ba9925eb17a7e65dae99ea_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6e44038874ba9925eb17a7e65dae99ea_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240419-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$WINDIR/System32/rsrcs.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$WINDIR/System32/rsrcs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$_2_/SBIEBrowserHelperObject.dll
Resource
win7-20231129-en
Behavioral task
behavioral14
Sample
$_2_/SBIEBrowserHelperObject.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$_2_/rlz_id.dll
Resource
win7-20240220-en
Behavioral task
behavioral16
Sample
$_2_/rlz_id.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
$_2_/sma.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
$_2_/sma.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
$_2_/smci32.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$_2_/smci32.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
$_2_/smci64.dll
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
$_2_/smci64.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
$_2_/smi32.exe
Resource
win7-20240508-en
Behavioral task
behavioral24
Sample
$_2_/smi32.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
$_2_/smi64.exe
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
$_2_/smi64.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
$_2_/smu.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
$_2_/smu.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
$_2_/smw.dll
Resource
win7-20240215-en
Behavioral task
behavioral30
Sample
$_2_/smw.dll
Resource
win10v2004-20240508-en
Target
6e44038874ba9925eb17a7e65dae99ea_JaffaCakes118
Size
3.0MB
MD5
6e44038874ba9925eb17a7e65dae99ea
SHA1
0169c3e0d6c4eb7a20609cea73ffccdfe29f1ec8
SHA256
b38764ac5a035a5d3357f2c68c65a090fbd5321c1309dedf73e4f540e5500f27
SHA512
9f7153012fbb60796fdf307ae5283c1e331cde2a0a3da598a86a042a9ae86aa6a7e9c0f7bc6387d8fc50ebb90c173165714ca4dccfea9380984f584fb7d5d1ed
SSDEEP
49152:ow1gJ2xOZi2p1x37cn6LYznadZT/eCYZYdrCyTD0hiJKMzDnpUpjSdKp+/4lpTOJ:xuJ2IZjDemvfBQjToJHLCpjGKD0lL
Checks for missing Authenticode signature.
Processes:
| resource |
|---|
| 6e44038874ba9925eb17a7e65dae99ea_JaffaCakes118 |
| unpack001/$PLUGINSDIR/System.dll |
| unpack001/$PLUGINSDIR/nsDialogs.dll |
| unpack001/$PLUGINSDIR/nsExec.dll |
| unpack001/$PLUGINSDIR/nsProcess.dll |
| unpack001/$WINDIR/System32/rsrcs.dll |
| unpack001/$_2_/SBIEBrowserHelperObject.dll |
| unpack001/$_2_/rlz_id.dll |
| unpack001/$_2_/sma.exe |
| unpack001/$_2_/smci32.dll |
| unpack001/$_2_/smci64.dll |
| unpack001/$_2_/smi32.exe |
| unpack001/$_2_/smi64.exe |
| unpack001/$_2_/smu.exe |
Processes:
| resource | yara_rule |
|---|---|
| sample | nsis_installer_1 |
| sample | nsis_installer_2 |
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
GetTickCount
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
SearchPathA
GetShortPathNameA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
CloseHandle
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrlenA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcpyA
lstrcatA
GetSystemDirectoryA
GetVersion
GetProcAddress
GlobalAlloc
CompareFileTime
SetFileTime
ExpandEnvironmentStringsA
lstrcmpiA
lstrcmpA
WaitForSingleObject
GlobalFree
GetExitCodeProcess
GetModuleHandleA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryExA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
WriteFile
FindClose
WritePrivateProfileStringA
MultiByteToWideChar
MulDiv
GetPrivateProfileStringA
FreeLibrary
CreateWindowExA
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
GetDC
SystemParametersInfoA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
GetDlgItem
wsprintfA
SetForegroundWindow
ShowWindow
IsWindow
LoadImageA
SetWindowLongA
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
PostQuitMessage
FindWindowExA
SendMessageTimeoutA
SetWindowTextA
SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError
wsprintfA
StringFromGUID2
CLSIDFromString
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetFileAttributesA
lstrcpyA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
lstrcmpiA
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
HeapAlloc
DestroyWindow
CallWindowProcA
SetCursor
GetPropA
CharPrevA
MapWindowPoints
DrawFocusRect
GetWindowLongA
GetClientRect
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
LoadCursorA
RemovePropA
DrawTextA
SetTextColor
SHBrowseForFolderA
SHGetPathFromIDListA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
CoTaskMemFree
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GetModuleHandleA
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
lstrcpynA
ReadFile
PeekNamedPipe
GetTickCount
lstrcpyA
CreateProcessA
GetStartupInfoA
GetProcAddress
GlobalLock
DeleteFileA
lstrcmpiA
GetCurrentProcess
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
CreatePipe
GetVersionExA
lstrcatA
SendMessageA
OemToCharBuffA
FindWindowExA
CharNextA
wsprintfA
CharPrevA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
Exec
ExecToLog
ExecToStack
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
lstrcpynA
lstrlenA
LoadLibraryA
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExA
GlobalFree
GlobalAlloc
GetWindowThreadProcessId
EnumWindows
wsprintfA
PostMessageA
_CloseProcess
_FindProcess
_KillProcess
_Unload
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
C:\Builds\Build_Watchman2013\Utilities\Utilities.Weedg\Release\rsrcs.pdb
_lock
_unlock
_calloc_crt
__crtTerminateProcess
_onexit
__clean_type_info_names_internal
_except_handler4_common
__crtUnhandledException
_crt_debugger_hook
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__dllonexit
__CppXcptFilter
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
C:\Builds\Build_Watchman2013\Ver2\Speedbit.Watchman\Bin\SearchModule_SearchModule\Win32\WinMV\Release\SBIEBrowserHelperObject.pdb
DisableThreadLibraryCalls
WriteConsoleW
GetModuleFileNameW
IsBadWritePtr
InterlockedDecrement
CloseHandle
InterlockedIncrement
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
OutputDebugStringW
HeapReAlloc
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
HeapFree
HeapAlloc
RaiseException
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
MultiByteToWideChar
ExitProcess
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
WriteFile
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
LoadLibraryExW
RtlUnwind
CreateFileW
wsprintfW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
SafeArrayGetUBound
SafeArrayUnaccessData
VariantChangeType
VariantInit
SafeArrayAccessData
VariantClear
SafeArrayGetLBound
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
C:\chrome38\src\build\Release\rlz_id.pdb
timeGetTime
LookupAccountNameW
ConvertSidToStringSidW
OutputDebugStringW
GetVolumeInformationW
GetLastError
GetSystemDirectoryW
LocalFree
GetComputerNameW
CreateFileW
WriteFile
CloseHandle
SetLastError
GetCurrentProcessId
GetModuleFileNameW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
RaiseException
Sleep
GetCurrentProcess
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleExW
GetProcAddress
GetModuleHandleW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetCommandLineA
IsProcessorFeaturePresent
HeapFree
GetConsoleCP
GetConsoleMode
ExitProcess
HeapReAlloc
HeapAlloc
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
LCMapStringW
HeapSize
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetStdHandle
SetFilePointerEx
WriteConsoleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetMachineId
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
InternetSetOptionW
InternetCrackUrlW
InternetQueryOptionW
InternetOpenW
HttpOpenRequestW
InternetWriteFile
InternetConnectW
HttpSendRequestExW
InternetCloseHandle
HttpQueryInfoW
InternetReadFileExA
InternetQueryDataAvailable
InternetOpenUrlA
InternetSetStatusCallbackW
GetConsoleMode
GetStdHandle
GetLastError
SetLastError
LocalAlloc
LocalSize
LocalFree
InitializeCriticalSectionEx
lstrlenW
RaiseException
DecodePointer
DeleteCriticalSection
MultiByteToWideChar
FreeLibrary
GetCurrentProcess
CreateDirectoryW
OutputDebugStringW
GetModuleHandleW
WideCharToMultiByte
LoadLibraryW
Sleep
GetVersionExW
GetOEMCP
GetModuleFileNameW
CreateFileW
GetProcAddress
IsValidCodePage
CloseHandle
WaitForSingleObject
SetEvent
ResetEvent
CreateEventW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
CreateThread
GetConsoleCP
HeapSize
ExitProcess
GetProcessHeap
IsDebuggerPresent
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointerEx
HeapReAlloc
LoadLibraryExW
SetStdHandle
GetACP
WriteConsoleW
ReadConsoleW
SetEndOfFile
LCMapStringW
GetStartupInfoW
FormatMessageW
GetEnvironmentVariableW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTime
GetFileType
ReadFile
WriteFile
GetNamedPipeInfo
GetModuleHandleExW
GetStringTypeW
EncodePointer
HeapFree
HeapAlloc
GetCommandLineW
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
IsProcessorFeaturePresent
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DestroyWindow
RegisterClassExW
IsWindow
CreateWindowExW
DefWindowProcW
PostMessageW
LoadStringW
ShellExecuteW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
C:\Builds\Build_Watchman2013\Ver2\Speedbit.Watchman\Bin\SearchModule_SearchModule\Win32\WinMV\Release\smci32.pdb
VirtualQuery
GetThreadContext
SetThreadContext
CompareStringW
SetLastError
GetFullPathNameW
GetFullPathNameA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
UnmapViewOfFile
UnlockFileEx
LockFileEx
InterlockedCompareExchange
FindNextFileA
GetCurrentThreadId
GetProcessHeap
FindFirstFileA
FindFirstFileExW
FindFirstFileExA
GetFileAttributesExA
GetFileAttributesA
CreateFileMappingW
CreateFileMappingA
OpenFile
MapViewOfFile
GetFileSizeEx
GetModuleHandleExA
GetNativeSystemInfo
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
FlushInstructionCache
EncodePointer
lstrlenA
FormatMessageW
CreateProcessW
GlobalMemoryStatusEx
GetProcessTimes
CompareFileTime
LockFile
UnlockFile
SetFilePointer
LocalAlloc
VirtualAlloc
VirtualFree
CloseHandle
lstrcmpA
lstrcpyW
GetTempPathW
DeleteFileW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
InitializeCriticalSection
WaitForSingleObject
LocalSize
GetSystemTime
GetEnvironmentVariableW
LocalFree
WideCharToMultiByte
GetModuleHandleExW
DisableThreadLibraryCalls
OpenProcess
ExitProcess
TerminateProcess
CreateThread
SetEvent
WaitForMultipleObjects
Sleep
CreateEventW
OpenEventW
LoadLibraryA
LoadLibraryExA
GetCommandLineW
LockResource
FindResourceExW
CreateFileW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
MoveFileExA
MoveFileExW
ReplaceFileA
ReplaceFileW
DuplicateHandle
GetFileSize
ReadFile
GetSystemDirectoryW
GetVolumeInformationW
GetComputerNameW
ResetEvent
FormatMessageA
GlobalAlloc
GlobalFree
GetVersionExW
FindClose
RemoveDirectoryW
GetFileAttributesW
FindFirstFileW
FindNextFileW
SystemTimeToFileTime
SetThreadPriority
ResumeThread
FindResourceA
WriteFile
GetStringTypeW
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCPInfo
GetSystemTimeAsFileTime
GetFileAttributesExW
SetFileAttributesW
InterlockedPopEntrySList
InterlockedPushEntrySList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetTickCount
CreateSemaphoreW
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
AreFileApisANSI
GetCurrentThread
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
GetThreadTimes
GetModuleHandleA
InitializeSListHead
VirtualProtect
SetStdHandle
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
GetVolumeInformationA
DeleteFileA
CreateFileA
GetTempFileNameW
GetTempPathA
WaitNamedPipeW
GetOverlappedResult
MultiByteToWideChar
FindResourceW
OutputDebugStringW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
lstrlenW
lstrcmpiW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcAddress
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DecodePointer
GetCurrentProcessId
IsWow64Process
GetLastError
CreateDirectoryW
GetCurrentProcess
SuspendThread
SendMessageTimeoutW
GetWindow
GetFocus
CharNextW
LoadStringW
PostMessageW
GetClientRect
UnregisterClassW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetDlgItem
GetWindowRect
SendMessageW
IsWindow
GetWindowLongW
SetWindowLongW
GetTopWindow
GetParent
IsWindowVisible
KillTimer
SetTimer
SetWindowPos
CloseWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorW
ClientToScreen
EqualRect
UnhookWindowsHookEx
CallNextHookEx
GetMenuItemInfoW
GetWindowRgn
GetDesktopWindow
wsprintfW
SetMenuItemInfoW
SetMenuDefaultItem
GetWindowDC
ReleaseDC
IsDialogMessageW
DrawTextW
CopyRect
InflateRect
MoveWindow
GetKeyState
CryptDestroyHash
SetSecurityDescriptorGroup
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyA
RegCreateKeyW
RegCreateKeyExA
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
RegOpenKeyW
RegEnumValueW
RegEnumKeyW
RegDeleteValueW
LookupAccountNameW
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
ConvertSidToStringSidW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
GetTokenInformation
CreateWellKnownSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
SetSecurityDescriptorOwner
CryptReleaseContext
SetSecurityDescriptorSacl
GetUserNameW
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
VariantCopy
VariantClear
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
VariantInit
SysStringLen
SysFreeString
SysAllocString
SHCopyKeyW
PathFindFileNameA
ImageList_Create
CoInternetSetFeatureEnabled
WinHttpWriteData
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpReadData
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpConnect
WinHttpCrackUrl
WinHttpOpen
WinHttpCloseHandle
WinHttpAddRequestHeaders
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
Rectangle
CreateDIBSection
PtInRegion
CreateRectRgn
SetViewportOrgEx
ExtTextOutW
SetTextColor
SetBkColor
FillRgn
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreatePen
DeleteObject
SelectObject
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
?LowLevelKeyboardProc@CIEToolbarHooker@Explorer@SpeedBit@@SGJHIJ@Z
SB_PROD_INJ_CHROME_QI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
SuspendThread
GetThreadContext
SetThreadContext
UnmapViewOfFile
UnlockFileEx
LockFileEx
GetFullPathNameW
GetFullPathNameA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
FindNextFileA
FindFirstFileExW
CompareStringW
FlushInstructionCache
FindFirstFileExA
FindFirstFileA
CreateFileMappingA
OpenFile
MapViewOfFile
CreateFileMappingW
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
GetModuleHandleExA
GetNativeSystemInfo
GetCurrentThreadId
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetLastError
EncodePointer
CreateProcessW
GlobalMemoryStatusEx
GetProcessTimes
CompareFileTime
LockFile
UnlockFile
SetFilePointer
GetVolumeInformationA
DeleteFileW
GetTempPathW
CloseHandle
VirtualAlloc
VirtualFree
LocalAlloc
lstrcmpA
lstrcpyW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
InitializeCriticalSection
WaitForSingleObject
LocalSize
GetEnvironmentVariableW
CreateDirectoryW
GetSystemTime
WideCharToMultiByte
lstrlenA
GetCommandLineW
SetEvent
CreateEventW
OpenEventW
Sleep
ExitProcess
TerminateProcess
CreateThread
OpenProcess
DisableThreadLibraryCalls
LoadLibraryExA
WaitForMultipleObjects
LoadLibraryA
FindResourceExW
LockResource
CreateFileW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
MoveFileExA
MoveFileExW
ReplaceFileA
ReplaceFileW
DuplicateHandle
GetFileSize
GetVolumeInformationW
ReadFile
GetSystemDirectoryW
GetComputerNameW
ResetEvent
FormatMessageA
GetVersionExW
GlobalAlloc
GlobalFree
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
RemoveDirectoryW
SystemTimeToFileTime
SetThreadPriority
ResumeThread
FindResourceA
WriteFile
InitializeCriticalSectionAndSpinCount
GetStringTypeW
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCPInfo
GetSystemTimeAsFileTime
GetFileAttributesExW
SetFileAttributesW
InterlockedPopEntrySList
InterlockedPushEntrySList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetTickCount
CreateSemaphoreW
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
AreFileApisANSI
GetCurrentThread
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
GetThreadTimes
GetModuleHandleA
InitializeSListHead
VirtualProtect
SetStdHandle
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
GetTempPathA
GetTempFileNameW
DeleteFileA
CreateFileA
GetOverlappedResult
WaitNamedPipeW
FormatMessageW
LocalFree
MultiByteToWideChar
FindResourceW
LoadLibraryW
lstrlenW
lstrcmpiW
SizeofResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
RaiseException
DecodePointer
OutputDebugStringW
GetCurrentProcessId
IsWow64Process
GetCurrentProcess
GetModuleHandleExW
GetLastError
VirtualQuery
LoadStringW
GetTopWindow
GetWindow
GetFocus
IsWindow
CharNextW
UnregisterClassW
GetClientRect
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
ClientToScreen
GetDlgItem
GetKeyState
GetWindowRect
PostMessageW
SendMessageTimeoutW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
IsWindowVisible
KillTimer
SetTimer
SetWindowPos
CloseWindow
ShowWindow
CreateWindowExA
RegisterClassExA
LoadCursorW
EqualRect
UnhookWindowsHookEx
CallNextHookEx
GetMenuItemInfoW
SetMenuItemInfoW
SetMenuDefaultItem
GetDesktopWindow
wsprintfW
GetWindowDC
ReleaseDC
IsDialogMessageW
DrawTextW
CopyRect
InflateRect
MoveWindow
GetWindowRgn
GetWindowLongW
CreateWindowExW
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyA
RegCreateKeyW
RegCreateKeyExA
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW
RegOpenKeyW
RegEnumValueW
LookupAccountNameW
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
ConvertSidToStringSidW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
OpenProcessToken
CreateWellKnownSid
GetTokenInformation
GetSecurityDescriptorSacl
CryptDestroyHash
CryptReleaseContext
InitializeSecurityDescriptor
GetUserNameW
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
RegSetValueExA
RegQueryValueExA
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
VariantCopy
VariantClear
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
VariantInit
SysStringLen
SysFreeString
SysAllocString
SHCopyKeyW
PathFindFileNameA
ImageList_Create
CoInternetSetFeatureEnabled
WinHttpWriteData
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpReadData
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpConnect
WinHttpCrackUrl
WinHttpOpen
WinHttpCloseHandle
WinHttpAddRequestHeaders
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
DeleteObject
CreateDIBSection
PtInRegion
CreateRectRgn
SetViewportOrgEx
ExtTextOutW
SetTextColor
SetBkColor
FillRgn
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SelectObject
Rectangle
CreatePen
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
SHGetFolderPathW
CommandLineToArgvW
ShellExecuteW
?LowLevelKeyboardProc@CIEToolbarHooker@Explorer@SpeedBit@@SA_JH_K_J@Z
SB_PROD_INJ_CHROME_QI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
CommandLineToArgvW
PathFileExistsW
ReadConsoleW
LocalAlloc
LocalSize
LocalFree
GetLastError
CreateFileW
OpenProcess
SetLastError
CloseHandle
CreateMutexW
GetCommandLineW
SetEndOfFile
GetStdHandle
WaitForSingleObject
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
TerminateProcess
ReadProcessMemory
WriteProcessMemory
FreeLibrary
GetProcAddress
GetCurrentProcess
LoadLibraryExW
GetModuleHandleW
FormatMessageW
GetFileType
WriteFile
ReadFile
GetNamedPipeInfo
GetCurrentProcessId
GetCurrentThreadId
GetSystemTime
GetEnvironmentVariableW
CreateDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationA
GetModuleFileNameW
LoadLibraryW
GetModuleHandleExW
GetStringTypeW
EncodePointer
DecodePointer
HeapFree
RaiseException
RtlUnwind
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsProcessorFeaturePresent
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
HeapSize
GetProcessHeap
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
HeapReAlloc
GetTimeZoneInformation
OutputDebugStringW
SetStdHandle
WriteConsoleW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
CommandLineToArgvW
PathFileExistsW
ReadConsoleW
GetStdHandle
GetLastError
LocalAlloc
LocalSize
CreateFileW
CloseHandle
SetLastError
CreateMutexW
OpenProcess
GetCommandLineW
SetEndOfFile
LocalFree
GetVolumeInformationA
TerminateProcess
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
GetCurrentProcess
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExW
FormatMessageW
GetFileType
ReadFile
WriteFile
GetNamedPipeInfo
GetEnvironmentVariableW
CreateDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTime
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
SetEnvironmentVariableA
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryW
GetStringTypeW
EncodePointer
DecodePointer
HeapFree
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
HeapAlloc
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsProcessorFeaturePresent
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
HeapSize
IsDebuggerPresent
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
HeapReAlloc
GetTimeZoneInformation
OutputDebugStringW
SetStdHandle
WriteConsoleW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
SHCreateDirectoryExW
SHGetFolderPathW
PathFileExistsW
CreateDirectoryW
DeleteFileW
GetTempPathW
CreateProcessW
MoveFileExW
MoveFileW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetFileAttributesW
FindNextFileW
GetUserDefaultLCID
GlobalFree
FindFirstFileW
FindClose
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
FindResourceExW
DeviceIoControl
GetOverlappedResult
CreateFileW
GetDiskFreeSpaceA
RegisterWaitForSingleObject
OpenFile
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesExA
GetFileAttributesA
WaitForMultipleObjects
CreateThread
ResetEvent
SetEvent
MultiByteToWideChar
LoadLibraryW
FreeLibrary
WaitForSingleObject
WTSGetActiveConsoleSessionId
GetModuleFileNameW
Sleep
Wow64SuspendThread
LoadResource
LockResource
CancelIo
SizeofResource
GetProcAddress
GetModuleHandleW
WriteProcessMemory
VirtualAllocEx
OpenProcess
ResumeThread
SuspendThread
OpenThread
CreateRemoteThread
UnregisterWait
GetDiskFreeSpaceW
GetFullPathNameA
GetFullPathNameW
LockFileEx
UnlockFileEx
LoadLibraryA
CreateFileMappingA
QueueUserAPC
CreateEventW
CloseHandle
GetTickCount
GetCommandLineW
LocalFree
LocalSize
LocalAlloc
DeleteCriticalSection
InitializeCriticalSectionEx
SetLastError
GetLastError
RaiseException
DecodePointer
CopyFileA
FormatMessageW
lstrlenW
SetEnvironmentVariableW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTime
CreateFileA
DeleteFileA
FlushFileBuffers
GetTempFileNameW
ReadFile
SetEndOfFile
WriteFile
GetTempPathA
CopyFileW
MoveFileA
MoveFileExA
ReplaceFileA
ReplaceFileW
GetCurrentProcess
GlobalMemoryStatusEx
GetVersionExW
GetNativeSystemInfo
GetACP
GetOEMCP
ReadFileEx
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjectsEx
SetThreadPriority
WideCharToMultiByte
ReleaseMutex
DuplicateHandle
SetHandleInformation
CreatePipe
GetExitCodeProcess
TerminateThread
GetExitCodeThread
ExitThread
VirtualAlloc
VirtualFree
lstrcmpA
lstrcpynW
lstrcpyW
Module32FirstW
Module32NextW
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleHandleExW
GetVolumeInformationA
GetLocalTime
LoadLibraryExW
CreateSemaphoreW
ConnectNamedPipe
DisconnectNamedPipe
CreateNamedPipeW
GetComputerNameW
FormatMessageA
GetFileType
GetNamedPipeInfo
GetFileSize
SetFilePointer
UnlockFile
LockFile
GetDateFormatW
CompareFileTime
GetProcessTimes
GetTimeFormatW
FileTimeToSystemTime
IsWow64Process
GetStringTypeW
EncodePointer
IsDebuggerPresent
OutputDebugStringW
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetSystemTimeAsFileTime
GetCPInfo
IsProcessorFeaturePresent
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
ExitProcess
AreFileApisANSI
IsValidCodePage
GetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
ReadConsoleW
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA
GetMessageW
wsprintfW
PostQuitMessage
PostThreadMessageW
PeekMessageW
SetSecurityDescriptorDacl
RegCreateKeyW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
RegOpenKeyA
RegOpenKeyW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
OpenProcessToken
CreateWellKnownSid
ConvertSidToStringSidW
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
DuplicateTokenEx
RegOpenUserClassesRoot
GetUserNameW
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountNameW
IsValidSid
RegEnumKeyW
SetSecurityDescriptorSacl
RegQueryValueW
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceW
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ImpersonateLoggedOnUser
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
GetSecurityDescriptorSacl
RegSetValueExW
RegOpenKeyExW
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA
InitializeSecurityDescriptor
LookupPrivilegeValueW
RevertToSelf
ImpersonateSelf
GetTokenInformation
AdjustTokenPrivileges
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoInitialize
OleRun
CoUninitialize
CoCreateGuid
SysAllocString
VariantClear
VariantInit
SysFreeString
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpReceiveResponse
WinHttpGetIEProxyConfigForCurrentUser
WinHttpReadData
GetPerAdapterInfo
GetAdaptersInfo
GetExtendedTcpTable
ntohs
GetModuleFileNameExW
WTSQueryUserToken
GetUserNameExW
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose
CryptDecodeObject
CryptQueryObject
GetProfilesDirectoryW
UnloadUserProfile
LoadUserProfileW
InternetOpenW
InternetCloseHandle
HttpEndRequestW
InternetGetLastResponseInfoW
HttpOpenRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetSetOptionW
HttpSendRequestExW
InternetQueryDataAvailable
InternetReadFile
HttpSendRequestW
InternetWriteFile
InternetConnectW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
ExAllocatePoolWithTag
IoBuildDeviceIoControlRequest
ExFreePoolWithTag
KeSetEvent
IoFreeWorkItem
KeInitializeEvent
IoAllocateWorkItem
KeWaitForSingleObject
PsGetCurrentThreadId
PsGetCurrentProcessId
IoQueueWorkItem
IofCallDriver
IoAcquireRemoveLockEx
IoDeleteSymbolicLink
RtlInitUnicodeString
IoDeleteDevice
IoReleaseRemoveLockAndWaitEx
IoCreateSymbolicLink
IoInitializeRemoveLockEx
IoReleaseRemoveLockEx
KeReleaseSpinLock
MmMapLockedPagesSpecifyCache
IoCsqInitialize
ZwClose
IofCompleteRequest
RtlUnicodeStringToInteger
KeAcquireSpinLockRaiseToDpc
IoCsqInsertIrp
IoCsqRemoveNextIrp
KeAreApcsDisabled
MmGetSystemRoutineAddress
ZwOpenProcess
RtlEqualUnicodeString
PsSetLoadImageNotifyRoutine
PsRemoveCreateThreadNotifyRoutine
IoAllocateDriverObjectExtension
PsSetCreateThreadNotifyRoutine
PsSetCreateProcessNotifyRoutine
PsRemoveLoadImageNotifyRoutine
IoGetDriverObjectExtension
IoCreateDevice
ObOpenObjectByPointer
ZwSetSecurityObject
IoDeviceObjectType
_snwprintf
RtlLengthSecurityDescriptor
SeCaptureSecurityDescriptor
RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlAbsoluteToSelfRelativeSD
IoIsWdmVersionAvailable
SeExports
wcschr
_wcsnicmp
RtlLengthSid
RtlAddAccessAllowedAce
RtlGetSaclSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
ZwOpenKey
ZwCreateKey
ZwQueryValueKey
ZwSetValueKey
RtlFreeUnicodeString
KeBugCheckEx
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ