Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
76a3cd0034b09275986b29fe186b8841_JaffaCakes118.exe
Resource
win7-20240508-en
windows7-x64
11 signatures
150 seconds
Behavioral task
behavioral2
Sample
76a3cd0034b09275986b29fe186b8841_JaffaCakes118.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
11 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
ʿװʦ_c_360.exe
Resource
win7-20240508-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral6
Sample
ʿװʦ_c_360.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
8 signatures
150 seconds
General
-
Target
76a3cd0034b09275986b29fe186b8841_JaffaCakes118
-
Size
25.5MB
-
MD5
76a3cd0034b09275986b29fe186b8841
-
SHA1
0e7d00bf69f98fe509fed3ad4d6ce153569f242d
-
SHA256
7e7f0d9ddb46f248d30b3a6181695bc7b48a084928ff59cd73be357311a23dd4
-
SHA512
f7fb3122a0ffb1dd9029c621385b21afdc543763689b955edeea7e45a5e8149ad776762aab24343700b4f61da6f70c3aad3b0eb23c8a33f5b3506da77c18b57c
-
SSDEEP
393216:O7r5GKgD1aCz7ULg0xC/mS8k27bdMLgwKBMArJ/Qt2rYI48Hkqs8hRbiSrs71+3N:fd/Erc+fdMs8w/prYKEobiNRjcH3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 76a3cd0034b09275986b29fe186b8841_JaffaCakes118 unpack001/$PLUGINSDIR/System.dll -
NSIS installer 2 IoCs
resource yara_rule sample nsis_installer_1 sample nsis_installer_2
Files
-
76a3cd0034b09275986b29fe186b8841_JaffaCakes118.exe windows:4 windows x86 arch:x86
bc77b9a252d627644710848cb34f2b28
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
GetTickCount
ReadFile
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
SetFileAttributesA
GlobalUnlock
GlobalLock
CreateThread
CreateDirectoryA
CreateProcessA
GetTempFileNameA
WriteFile
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
RemoveDirectoryA
lstrcpyA
MoveFileExA
GetFileAttributesA
SetCurrentDirectoryA
GetLastError
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalAlloc
GlobalFree
GetModuleHandleA
LoadLibraryExA
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
MulDiv
GetPrivateProfileStringA
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetDiskFreeSpaceA
user32
GetMessagePos
CallWindowProcA
IsWindowVisible
LoadBitmapA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuA
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
DialogBoxParamA
ScreenToClient
CreateWindowExA
SystemParametersInfoA
RegisterClassA
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
GetSysColor
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
IsDlgButtonChecked
GetAsyncKeyState
CheckDlgButton
LoadCursorA
SetCursor
GetClassInfoA
GetWindowLongA
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PostQuitMessage
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegEnumValueA
LookupPrivilegeValueA
comctl32
ImageList_Destroy
ImageList_AddMasked
ord17
ImageList_Create
ole32
OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 264KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 99KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
a63bc4b7c4d1f188db3234e718bbfcec
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
lstrlenA
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
MultiByteToWideChar
FreeLibrary
GetLastError
user32
wsprintfA
ole32
CLSIDFromString
StringFromGUID2
Exports
Exports
Sections
.text Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 899B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 68B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 632B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ʿװʦ_c_360.exe.exe windows:5 windows x86 arch:x86
b681b6c7fda3728acdd0509ee2d68995
Code Sign
6d:79:16:4f:42:57:0d:7a:07:0b:5e:c7:60:39:7c:47Certificate
IssuerCN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CNNot Before15/08/2017, 07:55Not After15/08/2028, 07:55SubjectCN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CNExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
49:d5:44:45:f2:b7:ea:b4:5b:e9:46:2f:13:e5:67:7cCertificate
IssuerCN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CNNot Before18/07/2017, 05:24Not After18/09/2018, 05:24SubjectCN=Guangzhou Tianxingke Network Technology Co.\, Ltd.,O=Guangzhou Tianxingke Network Technology Co.\, Ltd.,L=Guangzhou,ST=Guangdong,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageDigitalSignature
5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91Certificate
IssuerCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNNot Before08/08/2009, 01:00Not After08/08/2039, 01:00SubjectCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNKey Usages
KeyUsageCertSign
KeyUsageCRLSign
51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0eCertificate
IssuerCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNNot Before08/04/2015, 00:58Not After08/04/2025, 00:58SubjectCN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CNExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54Certificate
IssuerCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNNot Before08/11/2014, 00:58Not After08/11/2029, 00:58SubjectCN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
19:c2:85:30:e9:3b:36Certificate
IssuerCN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=ILNot Before17/09/2006, 22:46Not After31/12/2019, 23:59SubjectCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNKey Usages
KeyUsageCertSign
KeyUsageCRLSign
6d:79:16:4f:42:57:0d:7a:07:0b:5e:c7:60:39:7c:47Certificate
IssuerCN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CNNot Before15/08/2017, 07:55Not After15/08/2028, 07:55SubjectCN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CNExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0eCertificate
IssuerCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNNot Before08/04/2015, 00:58Not After08/04/2025, 00:58SubjectCN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CNExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91Certificate
IssuerCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNNot Before08/08/2009, 01:00Not After08/08/2039, 01:00SubjectCN=Certification Authority of WoSign,O=WoSign CA Limited,C=CNKey Usages
KeyUsageCertSign
KeyUsageCRLSign
4f:20:35:94:aa:0c:2f:8c:22:26:d3:60:08:46:80:61:28:92:62:d9:fe:ae:cd:32:b8:05:10:7f:04:e7:dd:7dSigner
Actual PE Digest4f:20:35:94:aa:0c:2f:8c:22:26:d3:60:08:46:80:61:28:92:62:d9:fe:ae:cd:32:b8:05:10:7f:04:e7:dd:7dDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
TlsGetValue
TlsAlloc
GetFileAttributesExA
SetThreadPriority
GetPrivateProfileIntA
lstrcmpA
CompareStringA
GlobalGetAtomNameA
TlsSetValue
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
LoadLibraryExW
GetThreadLocale
lstrcmpiA
GlobalFindAtomA
TlsFree
GetModuleFileNameW
DuplicateHandle
FileTimeToLocalFileTime
GetFileSizeEx
lstrcpynA
GetCommandLineA
SetVolumeLabelA
lstrcpyA
MulDiv
InterlockedExchange
GetFileInformationByHandle
LocalFileTimeToFileTime
GetCurrentDirectoryA
lstrcmpiW
lstrlenW
SetLastError
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
GetLogicalDriveStringsA
lstrlenA
AreFileApisANSI
DeleteFileW
OutputDebugStringA
Sleep
GetFileAttributesExW
GetDiskFreeSpaceA
CreateFileMappingA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
GetFileAttributesW
HeapValidate
HeapCreate
HeapDestroy
FormatMessageW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
OutputDebugStringW
LockFile
UnlockFile
InterlockedCompareExchange
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
SetEndOfFile
SetFilePointer
CreateMutexW
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
ResetEvent
SetEvent
ResumeThread
CreateEventA
WaitForMultipleObjects
GetCurrentThreadId
GetCurrentThread
GetSystemTime
GetExitCodeProcess
ReadFile
PeekNamedPipe
SetErrorMode
GetVolumeInformationA
GetSystemDefaultLangID
CreateProcessA
DeleteVolumeMountPointA
GetSystemPowerStatus
QueryDosDeviceA
LoadLibraryA
GlobalFree
GetSystemDirectoryA
GlobalSize
GlobalMemoryStatusEx
GetDiskFreeSpaceExA
GetCurrentProcessId
lstrcatA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
TerminateProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
GetSystemInfo
GetVersionExA
GetCurrentProcess
DeviceIoControl
GetModuleHandleW
GetLocalTime
GetTickCount
LocalAlloc
LocalFree
CopyFileExA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
FreeResource
WriteFile
FindResourceA
CopyFileA
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetLogicalDrives
GetDriveTypeA
OpenFile
FindNextFileA
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GetFileAttributesA
FindFirstFileA
GetModuleFileNameA
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileTime
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryW
SetFileTime
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
GetExitCodeThread
WaitForSingleObject
CreateThread
FindClose
FindNextFileW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DeleteFileA
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
GetACP
MultiByteToWideChar
WideCharToMultiByte
CreatePipe
SetEnvironmentVariableA
WriteConsoleW
GetCurrentDirectoryW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetDriveTypeW
GetStringTypeW
GetStdHandle
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MoveFileExW
IsValidCodePage
HeapQueryInformation
GetFileType
SetStdHandle
RtlUnwind
ExitThread
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualAlloc
FindFirstFileExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetUserDefaultLCID
FindResourceExW
SearchPathA
GetProfileIntA
VirtualProtect
GetTempFileNameA
GetWindowsDirectoryA
VerifyVersionInfoA
VerSetConditionMask
GetCPInfo
user32
SetCaretPos
SetFocus
EqualRect
SetForegroundWindow
RegisterClipboardFormatA
UnionRect
IsWindowVisible
MessageBoxW
SetWindowTextA
GetClipboardData
HideCaret
CreateCaret
CopyRect
GetSysColor
GetKeyState
GetParent
GetWindowRgn
DrawIcon
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
ExitWindowsEx
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowLongA
SendMessageA
GetClassNameA
GetWindowThreadProcessId
EnumWindows
GetWindowTextA
GetWindow
SystemParametersInfoA
GetSystemMetrics
ReleaseDC
DrawMenuBar
MapVirtualKeyExA
IsCharLowerA
PostThreadMessageA
IsClipboardFormatAvailable
FrameRect
CharUpperBuffA
SubtractRect
PostMessageA
CreateDesktopA
CloseDesktop
UnregisterClassA
wsprintfA
GetDesktopWindow
OffsetRect
InvalidateRect
GetDC
DrawTextA
GetWindowDC
DispatchMessageA
TranslateMessage
GetMessageA
LoadImageW
SetRect
GetIconInfo
LoadIconW
DestroyIcon
PtInRect
GetKeyNameTextA
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
SetCursor
LoadCursorA
GetClientRect
SetWindowLongA
CloseWindow
GetWindowRect
EnableWindow
SetWindowPos
SetTimer
KillTimer
DestroyCaret
GetCursorPos
ScreenToClient
IsWindow
UpdateWindow
LoadBitmapW
IsIconic
IntersectRect
IsRectEmpty
IsZoomed
SetWindowRgn
SetCapture
ReleaseCapture
DefWindowProcA
GetCaretPos
RedrawWindow
ClientToScreen
UpdateLayeredWindow
RegisterClassExA
CreateWindowExA
ShowWindow
DestroyWindow
MoveWindow
CharUpperA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
DrawTextExA
GrayStringA
TabbedTextOutA
BeginPaint
EndPaint
FillRect
IsWindowEnabled
MessageBoxA
GetLastActivePopup
UnhookWindowsHookEx
InflateRect
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
WindowFromPoint
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
GetFocus
GetWindowTextLengthA
IsDialogMessageA
RegisterWindowMessageA
PeekMessageA
GetMessagePos
GetMessageTime
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetCapture
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
ValidateRect
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
AdjustWindowRectEx
MapWindowPoints
GetClassLongA
GetTopWindow
SetWindowsHookExA
CallNextHookEx
LoadIconA
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
CharNextA
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
DrawEdge
DrawFrameControl
DrawStateA
GetSysColorBrush
DrawFocusRect
DrawIconEx
ShowOwnedPopups
RealChildWindowFromPoint
DestroyMenu
GetMenuItemInfoA
CopyImage
CopyAcceleratorTableA
InvalidateRgn
WaitMessage
LoadCursorW
DeleteMenu
GetNextDlgGroupItem
MessageBeep
SetLayeredWindowAttributes
SetRectEmpty
EnumDisplayMonitors
SetParent
MonitorFromPoint
LoadImageA
GetKeyboardState
TrackMouseEvent
GetAsyncKeyState
LoadMenuW
GetSystemMenu
NotifyWinEvent
SetCursorPos
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
ModifyMenuA
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
InvertRect
MapVirtualKeyA
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetKeyboardLayout
gdi32
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
ExcludeClipRect
Escape
CreateSolidBrush
CreatePatternBrush
CreateHatchBrush
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
CreateRoundRectRgn
GetDeviceCaps
PtInRegion
GetBitmapBits
CombineRgn
CreateRectRgn
GetClipBox
SetPixel
StretchBlt
SetDIBColorTable
FillRgn
CreatePolygonRgn
CreatePen
RoundRect
GetStockObject
BitBlt
CreateCompatibleBitmap
GetTextExtentPoint32A
GetDIBits
GetObjectA
CreateDIBSection
EnumFontFamiliesExA
DeleteObject
DeleteDC
GetFontData
SelectObject
CreateCompatibleDC
CreateFontA
CreateRectRgnIndirect
GetMapMode
PatBlt
DPtoLP
GetBkColor
GetTextColor
CreateEllipticRgn
Ellipse
Polygon
Polyline
GetTextMetricsA
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
Rectangle
OffsetRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
SetBitmapBits
GetTextFaceA
CreateBitmap
CreateDCA
SetRectRgn
CopyMetaFileA
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
RegQueryValueA
RegEnumKeyA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
OpenSCManagerA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
StartServiceA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
ImpersonateLoggedOnUser
RevertToSelf
shell32
SHAppBarMessage
DragFinish
ShellExecuteExA
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteA
SHGetFileInfoA
ord165
DragQueryFileA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
ole32
OleUninitialize
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
OleDuplicateData
CoFreeUnusedLibraries
CoTaskMemAlloc
OleInitialize
OleSetContainedObject
CreateStreamOnHGlobal
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateGuid
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoGetClassObject
CoInitialize
oleaut32
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantChangeType
OleCreateFontIndirect
LoadTypeLi
SysStringLen
SysFreeString
VariantCopy
VarBstrFromDate
VariantClear
SysAllocString
SafeArrayDestroy
msimg32
TransparentBlt
AlphaBlend
comctl32
_TrackMouseEvent
InitCommonControlsEx
shlwapi
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathIsRootA
PathIsDirectoryA
PathFindExtensionW
PathFindExtensionA
PathFileExistsA
uxtheme
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetThemeSysColor
GetWindowTheme
oledlg
ord8
gdiplus
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipResetPath
GdipFillPath
GdipDrawPath
GdipDeletePath
GdipSetPenDashStyle
GdipDrawLineI
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipDeleteGraphics
GdiplusShutdown
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusStartup
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreatePath
GdipAddPathArcI
GdipAddPathLineI
GdipClosePathFigure
GdipImageGetFrameDimensionsCount
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectI
GdipSetInterpolationMode
GdipResetClip
GdipSetClipPath
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipLoadImageFromStream
GdipCreateImageAttributes
GdipImageSelectActiveFrame
GdipCreateBitmapFromFile
winmm
timeGetDevCaps
PlaySoundA
timeSetEvent
timeKillEvent
imm32
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext
ImmGetOpenStatus
ImmAssociateContext
setupapi
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
CM_Get_Parent
CM_Get_Device_IDA
crypt32
CryptStringToBinaryW
CryptUnprotectData
iphlpapi
GetAdaptersInfo
imagehlp
MakeSureDirectoryPathExists
ws2_32
inet_addr
ioctlsocket
setsockopt
WSAGetLastError
socket
gethostbyname
shutdown
send
recv
closesocket
select
connect
WSACleanup
WSAStartup
htons
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
rpcrt4
UuidFromStringW
UuidToStringW
RpcStringFreeW
wlanapi
WlanGetProfile
WlanFreeMemory
WlanGetProfileList
WlanEnumInterfaces
WlanOpenHandle
WlanCloseHandle
wininet
InternetCrackUrlA
InternetCanonicalizeUrlA
oleacc
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
Sections
.text Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 647KB - Virtual size: 647KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 43KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: 533KB - Virtual size: 532KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 234KB - Virtual size: 233KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 24.1MB - Virtual size: 24.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ