?NormalizeWholeImageFilePath@@YA_NAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@_N@Z
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-06-02_172dd08ea723313f45b68bda3fd2af0e_icedid.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-06-02_172dd08ea723313f45b68bda3fd2af0e_icedid.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
2024-06-02_172dd08ea723313f45b68bda3fd2af0e_icedid
-
Size
897KB
-
MD5
172dd08ea723313f45b68bda3fd2af0e
-
SHA1
6a6cb0d4dacd7130c1fa817eda1850fc3c62124b
-
SHA256
29227b350b78228d9f6bb22f363049db56fc1c11c36c6e59e0ecb4385980e869
-
SHA512
49c588c54926eb4cc6eb9138bc897fac7390cd63b8a5d8f86782312293fdc4e8feb3b94a64390407b04605e602dc4fc130c967dd53c45880ce31ebf0f2a1dd68
-
SSDEEP
24576:pblMwyFzbIRpYLWzswpKrqXWOKKTw7lk2oilB8E3YVi73dc:NHyFHI4LWzswpKrqXWOKKTw7lk2oilBC
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-06-02_172dd08ea723313f45b68bda3fd2af0e_icedid
Files
-
2024-06-02_172dd08ea723313f45b68bda3fd2af0e_icedid.exe windows:5 windows x86 arch:x86
6194dae784097d77bfc4260927f9ad06
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
iscflash
?GetAtpErrorMessage@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?SMI_CheckATpStatus@@YA_NXZ
?GetUtilitySupportIhisiVersion@@YA_NAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?SMI_FlashByBiosCheck@@YA_NPAUSBiosDecideInformation@@PAEKAAUSBiosDecideFlashOutput@@@Z
?AllocateZeroMemory@@YAPAEK@Z
?GetBvdtInfo_Struct@@YA_NAAPAUSBvdtInfo@@@Z
?SMI_GetFlashPartInfo@@YA_NPAK@Z
?LogIniConfig@@YAXXZ
?LogAppInformation@@YAXXZ
?SetMessageBoxParentWindowHandle@@YAXPAUHWND__@@@Z
?SetReservedBlock@@YAXXZ
?SMI_GetPlatformRomMap@@YA_NHH@Z
?GetModelCheckFlag@@YAEXZ
?IsBatteryEnough@@YA_N_N@Z
?IsAcPowerConnect@@YA_N_N@Z
?GetNewImgRom@@YA_NAAPAEAAK@Z
?SetUefiFlash@@YAX_N@Z
?PassVersionToBios@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?IsNewBiosVersionAllowToFlash@@YA_NV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?InitialImage@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?SetNotProtectEventLog@@YAXUSRomMapBlock@@@Z
?SMI_GetWholeRomMap@@YA_NPAUSRomMapBlock@@PAE@Z
?SMI_GetH19ExtendInformation@@YA_NPAUSSignCheckInformation@@@Z
?SMI_FlashBeforeConfirm@@YA_NXZ
?SMI_CheckPasswordByBios@@YA_NEV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@AAE@Z
?SMI_WriteRom@@YAHPAK@Z
?CopyVariableFromRomToImage@@YA_N_N@Z
?ProtectAuthenticatedVariable@@YA_NXZ
?SMI_OemOdmCustom2@@YA_NE@Z
?CheckPasswordByCommand@@YA_NXZ
?GetImageVersionInfo@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?CopyFileToExtractFolder@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0AAV12@@Z
?SaveDecryptFileToTargetFolder@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0AAUSDecryptData@@AAV12@@Z
?FlashCalpellaMe@@YA_NXZ
?GetOsVersion@@YA_NAAKAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAK2@Z
?GetSystemDirectoryW@@YAKAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?IsDriverLoaded@@YA_NXZ
?GetImageVersionInfo@@YA_NAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0AAE@Z
?SetWizardModeErrorCode@@YAXK@Z
?ParseUsb@@YA_NPAUSUsbDisk@@@Z
?CreateUSBKey@@YAHPAVCProgressCtrl@@PAVCStatic@@HPAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?CreateUSBKey@@YAHPAVCProgressCtrl@@PAVCStatic@@HPAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@KPAUSDecryptData@@@Z
?GetMultiFdFileList@@YAXPAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAK@Z
?GetWizardModeErrorCode@@YAXPA_NPAH@Z
?GetWizardModeErrorCode@@YAKXZ
?DecryptFileInList@@YAXPAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@KPAUSDecryptData@@@Z
?SetLastErrorCode@@YAXK@Z
?GetCurrentBiosBuildDate@@YAXAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DisplayDialog@@YAHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0I@Z
?SMI_EcWriteProgressBar@@YAHEK_N@Z
?SMI_EcWrite@@YAHXZ
?SetBBLSetting@@YAXPAEK@Z
?EnableMouseKeyboardInput@@YA_N_N@Z
?SMI_ExtraDataWrite@@YA_NEK_NKH0@Z
?GetLastSMIReturnCode@@YAEXZ
?GetUpdateExtraDataMessage@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@HE@Z
?GetLastErrorCode@@YAKXZ
?GetMeFilename@@YAPA_WXZ
?UpdateMeByIntelTool@@YA_NXZ
?SMI_PassIniConfigToBios@@YA_NXZ
?GetProjectNameFromFilename@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@V12@@Z
?GetFilename@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@V12@@Z
?AloneFlashRegionMap@@YAHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@_NEV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@2@2AAV12@3AAV32@PAHHHHHH@Z
?IsFlashPartInSupportList@@YA_NXZ
?SMI_ExtraDataCommunication@@YA_NPAEHPAK_N@Z
?BvdtProtectRomMap@@YA_NXZ
?BootBlockFeature@@YA_NXZ
?IsDescriptorMode@@YA_NXZ
?GetMatchMeFilename@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?SetMeFilename@@YAXPA_W@Z
?CheckNewRomImage@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@_NEV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@2@2AAV12@3AAV32@PAH@Z
?IsDescriptorModeInNewRom@@YA_NXZ
?DescriptorRegionMap@@YAHHHHHHH@Z
?PreventUILock@@YAXXZ
?ReadWholeRom@@YA_NPAE@Z
?IsShowMainDialog@@YA_NXZ
?FreeImage@@YAXXZ
?IsUefiFlash@@YA_NXZ
?IsMeLockForceUpdate@@YA_NXZ
?WakeupSystemAfterShutdown@@YA_NXZ
?SMI_GetSpecialBoardType@@YAEKPA_N@Z
?GetVendorId@@YAGXZ
?ProcessArgument@@YA_NPAUSArgumentConfig@@@Z
?SetArgumentConfig@@YAXPAUSArgumentConfig@@@Z
?LoadDriver@@YA_NXZ
?SetFinalFlashFilename@@YAXV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?ProcessIni@@YAXXZ
?GetIniConfig@@YAPAUSIniConfig@@XZ
?UpdateFinalConfig@@YAXPAUSArgumentConfig@@@Z
?GetLoadDriverErrorMessage@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?LogToBios@@YA_NEV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?SetFlashUIWnd@@YAXPAVCWnd@@@Z
?VerifyRomFilePath@@YA_NAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DisplayUsage@@YAXPAEK@Z
?PrintUtilityHeader@@YAXXZ
?ConsoleSaveRomToFile@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@KK_N1@Z
?DisplayQueryInformation@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?SMI_IsSupport@@YA_N_N@Z
?GetIhisiVersion@@YAGXZ
?ShowIHISIVersion@@YAXPA_WG_N@Z
?GetFinalConfig@@YAPAUSFinalConfig@@XZ
?ConsolePrint@@YAXV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@ZZ
?ReadEcFile@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?SMI_EcIsSupport@@YAKXZ
?FETS_EcWithPrograssBar@@YA_NK@Z
?SMI_FlashComplete@@YA_N_NE@Z
?UpdateLogoFromFile@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?InitialRunningMode@@YA_NXZ
?InitialProgramReturnCode@@YAXXZ
?InitialLogFile@@YA_NXZ
?InitialDll@@YAXXZ
?InitConsoleProcess@@YAX_N@Z
?ProcessMultiFd@@YA_NXZ
?IsMultiFdEnable@@YA_NXZ
?GetMatchFdFilename@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?InitialIniPath@@YAXXZ
?InitialSetting_FdFile@@YAXPAUSFdFile@@@Z
?LoadSetting_FdFile@@YAXPAUSFdFile@@@Z
?AutoSearchRomFile@@YA_NAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetShowDialogMethod@@YAHXZ
?IsShowOtherDialog@@YA_NXZ
?UnloadDriver@@YAXXZ
?IsSilentMode@@YA_NXZ
?GetConsoleModeAction@@YAEPA_NPAUSArgumentConfig@@@Z
?ExitConsoleProcess@@YAXXZ
?InitialArgumentConfig@@YAXPAUSArgumentConfig@@@Z
?InitialFinalConfig@@YAXXZ
?DisplayDialog@@YAXV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0W4EMessageType@CMessageHandle@@@Z
?SetMyProfileString@@YAXV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@00@Z
?LoadStringW@@YA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@I@Z
?GetTempDirectory@@YAKAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?AllocateMemory@@YAPAEK@Z
?ConsoleReadRom@@YA_NKAAKPAPAE_N@Z
?IsBidSignatureFound@@YA_NPAEKPAK1@Z
?IsReadbackSignatureFound@@YA_NPAEKPAK1@Z
?ConsoleSaveBufferToFile@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAEK_N@Z
?OemCopyFile@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAV12@H@Z
?H19WMI@@YA_N_N@Z
?SMI_GetPlatformInfo@@YA_NAAV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0@Z
?IsWindows@@YA_NK@Z
?LaunchApplication@@YAKV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0_N@Z
?IsWizardMode@@YA_NXZ
?SMI_ApHookPoint@@YA_NK@Z
?GetProgramReturnCode@@YAHH@Z
?DisplayErrorDialog@@YAXV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@H@Z
?ReadFileToBuffer@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAPAEPAKAAV12@@Z
?WriteBufferToFile@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAEKAAV12@@Z
?FreeMemory@@YAXPAPAX@Z
?GetDiskFreeSpaceW@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AA_K@Z
?GetProgramDirectory@@YAKAAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetFolderUsedSpace@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AA_K@Z
?ValidateBIOSVersion@@YAHV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0V?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@2@@Z
?VersionToInt@@YA_NPADHPAH_N@Z
?DoPassMeCounterToBios@@YA_NV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AA_N@Z
?OemEfiFlashPrepare@@YAHV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@H_N11@Z
?CopyImageToPartition@@YA_NPAV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@V12@H_NAAV12@@Z
?IsMemoryMatch@@YA_NPAX0K@Z
?EnterFunction@@YAXPA_W@Z
?LeaveFunction@@YAXPA_W0@Z
?Log@@YAXEPB_WZZ
?CheckPowerStatus@@YA_NAA_NAAE@Z
?IsWin8AndNewer@@YA_NXZ
?SMI_GetH19Information@@YA_NPA_N0@Z
winmm
PlaySoundW
kernel32
GetFileAttributesW
GetFileSizeEx
GetFileTime
WritePrivateProfileStringW
GetStartupInfoW
RtlUnwind
MoveFileA
GetFileAttributesA
HeapAlloc
HeapFree
RaiseException
HeapReAlloc
ExitProcess
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
VirtualAlloc
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetExitCodeProcess
CreateProcessA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FreeEnvironmentStringsA
GetEnvironmentStrings
SetEnvironmentVariableA
CreateFileA
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceW
GetWindowsDirectoryW
MultiByteToWideChar
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
OutputDebugStringW
GetLogicalDrives
CloseHandle
DeviceIoControl
CreateFileW
Sleep
lstrlenW
lstrcpyW
GetVolumePathNamesForVolumeNameW
WideCharToMultiByte
LocalFree
FormatMessageW
CreateDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetVolumeInformationW
DeleteFileW
CopyFileW
FindVolumeClose
FindNextVolumeW
QueryDosDeviceW
FindFirstVolumeW
WriteFile
SetFilePointer
ReadFile
WaitForSingleObject
CreateProcessW
GetDriveTypeW
GetLogicalDriveStringsW
CreateEventW
SetErrorMode
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetFullPathNameW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenA
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
InterlockedDecrement
GetVersion
SetProcessAffinityMask
CreateMutexW
SetThreadExecutionState
FreeLibrary
GetCurrentProcess
SetEvent
user32
DestroyMenu
GetSysColorBrush
GetMessageW
GetCursorPos
ValidateRect
PostQuitMessage
CharUpperW
GetDesktopWindow
CreateDialogIndirectParamW
EndDialog
GetWindowThreadProcessId
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
EndPaint
BeginPaint
GetWindowDC
IsWindowEnabled
MoveWindow
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemID
DestroyIcon
DrawStateW
ReleaseDC
GetDC
GetMenuItemCount
GetSubMenu
ShowWindow
SetWindowPos
PostMessageW
LoadBitmapW
IsIconic
DrawIcon
EnumWindows
GetWindowTextLengthW
GetWindowTextW
SetForegroundWindow
BringWindowToTop
LoadCursorW
CopyIcon
MessageBeep
SetWindowTextW
SetRect
IsRectEmpty
IsWindowVisible
UnregisterClassW
PeekMessageW
CopyRect
InflateRect
OffsetRect
FillRect
FrameRect
DrawFocusRect
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem
WindowFromPoint
EnableWindow
GetWindowLongW
SetCursor
GetSysColor
DestroyCursor
SendMessageW
KillTimer
RegisterWindowMessageW
IsWindow
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetFocus
DrawEdge
PtInRect
GetKeyState
TranslateMessage
DispatchMessageW
GetSystemMetrics
LoadIconW
SetTimer
UpdateWindow
GetParent
gdi32
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetTextExtentPoint32W
GetCurrentObject
LPtoDP
DPtoLP
GetMapMode
GetBkColor
CreateSolidBrush
RoundRect
CreateFontIndirectW
CreatePen
GetObjectW
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
comdlg32
GetFileTitleW
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
advapi32
RegQueryValueExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetMalloc
comctl32
_TrackMouseEvent
shlwapi
PathFileExistsW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathIsDirectoryW
ole32
CoTaskMemFree
CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoCreateInstance
oleaut32
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocString
Exports
Exports
Sections
.text Size: 334KB - Virtual size: 334KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 115KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 129KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 435KB - Virtual size: 435KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ