Static task
static1
Behavioral task
behavioral1
Sample
23e0489fac87dca2b208a67ba12f3268_JaffaCakes118.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
23e0489fac87dca2b208a67ba12f3268_JaffaCakes118.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
23e0489fac87dca2b208a67ba12f3268_JaffaCakes118
-
Size
320KB
-
MD5
23e0489fac87dca2b208a67ba12f3268
-
SHA1
06e10be80ac882bd90585e2e06b9a3157179d458
-
SHA256
66b2f125e3878b2dfb736744b74383daa9f2315925e12c6b8c34c46c82fd4833
-
SHA512
8cbf15c6789ec443ed8148ddb3c939805b36862e8354ccc02b2328708c5102bbd03f0d070e4f2f381b6b3d6bd0785ede1f617044b864d426ff25d3448fbdae8e
-
SSDEEP
6144:5ARSCYiWepkaKtceHwpGcscSnBwdqcS7EZknr/YRTsyfGQkVLIy:5eSCNWrjwpGcscipb7ESvyfGQ+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 23e0489fac87dca2b208a67ba12f3268_JaffaCakes118
Files
-
23e0489fac87dca2b208a67ba12f3268_JaffaCakes118.exe windows:4 windows x86 arch:x86
2031d42f1ac83023e8570fbdf062ff81
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
MoveFileExW
GetPrivateProfileSectionW
DuplicateHandle
CreateFileMappingW
GetModuleFileNameA
FillConsoleOutputCharacterA
ReadConsoleOutputCharacterW
SetSystemPowerState
HeapCompact
GetCalendarInfoA
GetProfileStringW
LockFileEx
GetModuleFileNameW
SetFileAttributesA
FreeLibrary
UnlockFile
DebugBreak
lstrcpyA
GlobalGetAtomNameA
WriteFile
GetCommConfig
GetPrivateProfileIntW
GetStringTypeExW
EnumCalendarInfoW
FlushFileBuffers
SetFilePointer
lstrcmpA
LockResource
_lclose
LoadResource
ReadProcessMemory
GetBinaryTypeA
WriteProfileSectionA
WriteProfileStringA
GetACP
GetCurrentProcessId
CreateEventW
MapViewOfFileEx
FindResourceExW
EnumResourceTypesW
WritePrivateProfileStructA
CreateDirectoryW
SetLastError
EndUpdateResourceA
SetConsoleWindowInfo
GetConsoleTitleW
SetSystemTime
GetNamedPipeHandleStateA
TlsAlloc
EnumTimeFormatsA
SetConsoleCursorInfo
SearchPathW
LocalFlags
GetCPInfoExA
DeleteAtom
FatalExit
ReleaseSemaphore
GetWindowsDirectoryW
WriteConsoleOutputCharacterA
SetVolumeLabelW
GetCPInfo
GetMailslotInfo
GetLogicalDriveStringsW
WriteFileEx
GetSystemTimeAsFileTime
WritePrivateProfileStructW
CreateRemoteThread
CopyFileW
OpenMutexW
GetProfileSectionW
FileTimeToDosDateTime
GetVolumeInformationW
ExitProcess
lstrlenW
GetLocalTime
SetCommTimeouts
VirtualProtectEx
ReadFile
GetStdHandle
FindFirstChangeNotificationA
FreeResource
FillConsoleOutputCharacterW
AddAtomW
GetTimeFormatW
FatalAppExitW
Toolhelp32ReadProcessMemory
SetTapeParameters
EnumTimeFormatsW
RequestWakeupLatency
ExitThread
GetComputerNameA
GetSystemDirectoryW
GetThreadPriorityBoost
WriteConsoleOutputW
GetCalendarInfoW
FindNextChangeNotification
OpenEventW
PeekConsoleInputA
_lread
LCMapStringA
CreateDirectoryExA
FileTimeToSystemTime
GlobalAddAtomA
GenerateConsoleCtrlEvent
GetFileSize
VirtualAllocEx
AreFileApisANSI
GetConsoleMode
GetConsoleOutputCP
GlobalFindAtomA
WaitNamedPipeA
GetDriveTypeW
_hwrite
GlobalFindAtomW
CompareStringA
IsDBCSLeadByte
GetNamedPipeInfo
ReadConsoleW
GetCommModemStatus
WriteProfileSectionW
IsBadReadPtr
GetComputerNameW
HeapSize
lstrcmpW
DefineDosDeviceA
GetDiskFreeSpaceExA
LocalCompact
CreateFileA
CreateMailslotW
InitAtomTable
GetFileTime
QueryDosDeviceW
Heap32First
SetConsoleOutputCP
ResetWriteWatch
LocalReAlloc
GetLogicalDriveStringsA
SetFileAttributesW
CallNamedPipeW
HeapUnlock
CreateConsoleScreenBuffer
WriteConsoleOutputCharacterW
_lwrite
LocalFree
SetNamedPipeHandleState
DeleteFileA
CreateTapePartition
SetCurrentDirectoryW
GetNamedPipeHandleStateW
GlobalWire
lstrlenA
GetPrivateProfileSectionA
SetProcessShutdownParameters
UnmapViewOfFile
EnumSystemLocalesA
GetLastError
GetFileInformationByHandle
HeapValidate
WriteProcessMemory
IsBadHugeReadPtr
GlobalMemoryStatus
VirtualQuery
SetLocalTime
MoveFileW
OutputDebugStringW
GetAtomNameA
GetLongPathNameW
SetEnvironmentVariableW
GetTimeFormatA
FindFirstFileW
CommConfigDialogA
GetProcessHeaps
CreateThread
GlobalUnfix
SizeofResource
PrepareTape
FormatMessageA
GetCurrentProcess
TlsGetValue
_lcreat
GetExitCodeProcess
SetEndOfFile
IsDBCSLeadByteEx
HeapAlloc
GetTickCount
SetConsoleActiveScreenBuffer
GetProfileStringA
GetProcessShutdownParameters
GetStartupInfoW
GetFullPathNameA
GetUserDefaultLangID
SetThreadAffinityMask
SetConsoleCP
WriteConsoleOutputAttribute
SetFileApisToANSI
GetThreadLocale
UpdateResourceW
GetVersion
DosDateTimeToFileTime
EnumDateFormatsW
GetShortPathNameA
CompareStringW
SetCommMask
SetThreadContext
GetModuleHandleW
SetPriorityClass
SetThreadPriorityBoost
GetPrivateProfileSectionNamesA
DeviceIoControl
GlobalReAlloc
CreateIoCompletionPort
BuildCommDCBW
SetHandleInformation
GetFileAttributesA
FindNextFileA
WriteConsoleInputW
ReadConsoleA
FreeEnvironmentStringsA
GetFileAttributesExW
LocalUnlock
GetThreadTimes
UnlockFileEx
GetCurrentThreadId
WriteConsoleA
TransmitCommChar
SetHandleCount
_llseek
BuildCommDCBA
SetMailslotInfo
CreateProcessA
CallNamedPipeA
GetSystemDirectoryA
SearchPathA
WaitForMultipleObjects
GlobalFree
FillConsoleOutputAttribute
WritePrivateProfileStringA
GetUserDefaultLCID
GetThreadContext
GetCommTimeouts
CreateEventA
GetDiskFreeSpaceExW
GetDefaultCommConfigW
GlobalFlags
GetTempPathW
MapViewOfFile
GetFullPathNameW
GetCommandLineW
SetCalendarInfoA
lstrcpyW
SetEnvironmentVariableA
GetPriorityClass
GetProfileIntW
GetModuleHandleA
GetCommMask
GetWindowsDirectoryA
BackupWrite
FileTimeToLocalFileTime
ConnectNamedPipe
DeleteCriticalSection
DisableThreadLibraryCalls
SetFileApisToOEM
ScrollConsoleScreenBufferA
MultiByteToWideChar
OpenFile
VirtualProtect
ExpandEnvironmentStringsA
FindAtomA
GetTempPathA
WriteProfileStringW
SetDefaultCommConfigA
LockFile
WaitNamedPipeW
GetEnvironmentStrings
EnumResourceNamesW
GetPrivateProfileSectionNamesW
SetCurrentDirectoryA
GetSystemDefaultLangID
BackupRead
ReadConsoleInputW
QueryPerformanceCounter
Heap32Next
MoveFileExA
VirtualAlloc
WriteFileGather
WaitForMultipleObjectsEx
SetConsoleTitleW
InitializeCriticalSection
GetPrivateProfileStringW
GetConsoleTitleA
SetConsoleScreenBufferSize
CloseHandle
SetVolumeLabelA
CreateMailslotA
GetLocaleInfoA
GetCommProperties
CompareFileTime
GetConsoleCursorInfo
SetStdHandle
GetNumberOfConsoleMouseButtons
GetCurrencyFormatA
_hread
CreateDirectoryA
WritePrivateProfileSectionW
GetLongPathNameA
ConvertDefaultLocale
GetFileAttributesExA
FindResourceExA
CopyFileA
GetCompressedFileSizeA
SetErrorMode
EnumResourceLanguagesW
GetProcessWorkingSetSize
FindNextFileW
BackupSeek
WaitForSingleObjectEx
RemoveDirectoryW
CreatePipe
LoadLibraryW
CreateDirectoryExW
GetHandleInformation
GetProcessAffinityMask
WriteTapemark
OpenSemaphoreW
GetVersionExA
OpenSemaphoreA
RemoveDirectoryA
FindFirstFileA
CreateToolhelp32Snapshot
RequestDeviceWakeup
GetSystemTime
GetDiskFreeSpaceW
GetProcessTimes
GetOEMCP
GetStartupInfoA
Process32Next
VirtualFreeEx
CommConfigDialogW
FoldStringA
PeekNamedPipe
FoldStringW
MulDiv
GlobalFix
UnhandledExceptionFilter
GetEnvironmentStringsW
RaiseException
EnumCalendarInfoA
GlobalSize
SetConsoleTitleA
CancelIo
InterlockedExchangeAdd
GetConsoleScreenBufferInfo
user32
RegisterClipboardFormatW
CheckRadioButton
GetMenuItemRect
AdjustWindowRectEx
GetWindowContextHelpId
CharToOemW
wsprintfA
DefFrameProcA
SetSysColors
MapDialogRect
SetCursorPos
GetMenuState
WaitMessage
HideCaret
GetClassInfoExA
IsCharUpperW
CreateAcceleratorTableW
LoadImageA
PostQuitMessage
AppendMenuW
GetUserObjectInformationA
SetFocus
OpenIcon
FillRect
OemToCharBuffW
DestroyWindow
CreateDialogIndirectParamW
CharToOemBuffA
GetSysColorBrush
GetClassInfoExW
SetWindowLongA
ShowWindow
DeferWindowPos
CreateCaret
CharLowerW
EnableMenuItem
CheckMenuRadioItem
GetKeyboardLayout
DrawTextA
CharUpperBuffA
EnumWindowStationsA
GetWindow
FindWindowExA
GetTabbedTextExtentW
IsWindowEnabled
EnumDesktopWindows
CopyAcceleratorTableA
MapVirtualKeyExW
CloseWindow
GetMenuItemInfoA
AnyPopup
GetScrollRange
EnumThreadWindows
InternalGetWindowText
SetWindowLongW
GetCapture
SetWindowPlacement
TabbedTextOutA
DrawFocusRect
LoadKeyboardLayoutW
GetCursor
CountClipboardFormats
MoveWindow
GetDlgItem
SetMenuContextHelpId
EnumClipboardFormats
RegisterClassExA
PostThreadMessageW
GetTabbedTextExtentA
ShowWindowAsync
DrawStateA
DragDetect
GetSystemMetrics
SendMessageTimeoutW
DefWindowProcW
GetNextDlgTabItem
SetUserObjectSecurity
DialogBoxParamW
SystemParametersInfoA
UnhookWindowsHookEx
GetKeyboardType
LoadMenuW
GetUpdateRgn
MessageBoxA
ToUnicodeEx
CallMsgFilterA
GetKeyboardLayoutNameA
DrawStateW
SetDlgItemTextW
DefWindowProcA
ExitWindowsEx
GetPropA
CopyAcceleratorTableW
GetActiveWindow
MessageBoxExW
ReleaseDC
SystemParametersInfoW
GetMenu
KillTimer
ScrollWindowEx
LoadStringA
GetDlgItemTextW
InsertMenuItemA
SendNotifyMessageA
GetMenuDefaultItem
InSendMessage
GetMenuContextHelpId
SetMenu
WindowFromDC
EnumPropsExA
ReplyMessage
DestroyAcceleratorTable
GetMenuItemID
GetMenuItemInfoW
SetWindowTextW
GetMessageA
GetProcessWindowStation
DlgDirListComboBoxA
GetSystemMenu
MessageBoxW
InsertMenuW
CallNextHookEx
GetFocus
IsCharAlphaNumericA
DlgDirSelectExW
GetDlgItemInt
UnionRect
EqualRect
AttachThreadInput
SendMessageW
DestroyCaret
ToUnicode
SubtractRect
SetCapture
GetKeyNameTextW
SetMessageExtraInfo
GetPropW
TranslateMessage
SetActiveWindow
IsClipboardFormatAvailable
SetMenuItemInfoW
WinHelpA
GetPriorityClipboardFormat
LookupIconIdFromDirectory
EnumChildWindows
SetClassWord
SendDlgItemMessageA
OemKeyScan
LoadCursorA
VkKeyScanExW
CloseDesktop
DlgDirSelectComboBoxExW
EnumPropsW
SetWindowWord
SetWindowsHookExW
CharPrevExA
InvalidateRect
ShowScrollBar
GetMenuCheckMarkDimensions
EnableScrollBar
DefMDIChildProcA
GetClassInfoA
GetQueueStatus
GetWindowTextLengthW
RegisterHotKey
DestroyMenu
AdjustWindowRect
PeekMessageW
DrawCaption
ShowOwnedPopups
GetWindowLongW
LoadCursorFromFileA
UnloadKeyboardLayout
DrawAnimatedRects
CreatePopupMenu
GetKeyboardLayoutNameW
SetDoubleClickTime
CreateIconIndirect
ClientToScreen
RegisterClassW
GetKeyboardLayoutList
ValidateRect
LoadBitmapA
LoadAcceleratorsW
SetCursor
WaitForInputIdle
SetForegroundWindow
EnumDisplaySettingsW
WinHelpW
IsChild
IsWindow
OffsetRect
SetWindowsHookExA
ValidateRgn
ChangeDisplaySettingsExA
RegisterWindowMessageA
SendMessageTimeoutA
IsCharAlphaA
wsprintfW
InsertMenuItemW
ScreenToClient
CreateWindowStationA
ChangeClipboardChain
SetDlgItemInt
GetForegroundWindow
GetClipboardOwner
CreateIconFromResourceEx
TrackPopupMenuEx
GetMenuStringA
CreateDesktopA
DrawMenuBar
RegisterClassA
MessageBoxExA
CreateMDIWindowW
keybd_event
CloseClipboard
IntersectRect
UnhookWindowsHook
GetMessageExtraInfo
LookupIconIdFromDirectoryEx
GetNextDlgGroupItem
EnumDesktopsA
RegisterWindowMessageW
DrawTextExA
UpdateWindow
MessageBoxIndirectW
IsDialogMessageA
ToAscii
SetScrollRange
GetInputState
TranslateAcceleratorA
CheckMenuItem
CreateMenu
SetProcessWindowStation
IsCharAlphaW
FindWindowExW
DrawIconEx
SetWindowRgn
GetClassLongA
GetWindowPlacement
OpenWindowStationA
SetPropW
ExcludeUpdateRgn
ModifyMenuW
SetThreadDesktop
SetWindowContextHelpId
WindowFromPoint
GetWindowTextW
CallWindowProcA
SetWindowTextA
GetMenuStringW
LoadStringW
LoadMenuIndirectA
IsZoomed
GetKeyState
GetSysColor
ChangeDisplaySettingsExW
FlashWindow
DlgDirSelectExA
SwitchDesktop
HiliteMenuItem
GetWindowRect
GetWindowTextA
EnumWindows
SendMessageCallbackA
GetCaretBlinkTime
InsertMenuA
TileWindows
CreateWindowStationW
LoadCursorFromFileW
EnumPropsExW
CharNextExA
LoadImageW
ShowCaret
SetUserObjectInformationW
CallWindowProcW
ChildWindowFromPointEx
DlgDirListComboBoxW
IsCharUpperA
CreateWindowExW
CreateIcon
InvalidateRgn
DeleteMenu
DrawFrameControl
OemToCharBuffA
GetClipboardData
LoadMenuA
gdi32
GetMetaFileW
EnumMetaFile
SetPaletteEntries
CreatePen
GetViewportExtEx
SetBitmapDimensionEx
GdiComment
CreateDCA
GdiFlush
OffsetRgn
StartDocW
CreateMetaFileA
GetICMProfileA
PatBlt
SetDeviceGammaRamp
SetBkMode
GetNearestColor
GetObjectType
GetTextCharacterExtra
PolyDraw
GetEnhMetaFileDescriptionW
GetCharWidthA
SetWindowExtEx
GetGlyphOutlineA
GetTextMetricsA
SetTextCharacterExtra
CreateMetaFileW
UpdateICMRegKeyW
ColorMatchToTarget
GetStretchBltMode
PlayEnhMetaFile
SetDIBitsToDevice
GetTextExtentPoint32W
GetBrushOrgEx
ResetDCW
SetWorldTransform
GetObjectW
CreateColorSpaceA
Ellipse
UpdateColors
SetPolyFillMode
GetKerningPairsA
GetKerningPairsW
RealizePalette
GetTextExtentPointW
GetNearestPaletteIndex
ExtCreatePen
WidenPath
PathToRegion
GetArcDirection
SelectClipRgn
DrawEscape
CreateICW
GetWinMetaFileBits
GetTextCharsetInfo
SetSystemPaletteUse
GetColorAdjustment
GetCurrentPositionEx
GetCharacterPlacementA
SetMetaFileBitsEx
CreateEllipticRgnIndirect
GetLogColorSpaceW
GetCharWidth32A
CreateEnhMetaFileW
SaveDC
CreateRectRgn
GetDCOrgEx
GetPolyFillMode
SetBkColor
RoundRect
GetSystemPaletteEntries
DeleteColorSpace
GetCharWidthW
StretchBlt
GetLogColorSpaceA
CreateHalftonePalette
SetViewportExtEx
OffsetViewportOrgEx
GetCurrentObject
CombineRgn
EnumFontFamiliesA
PaintRgn
IntersectClipRect
AngleArc
CreateSolidBrush
StrokeAndFillPath
EnumFontsW
SelectObject
GetDIBColorTable
GetViewportOrgEx
GetTextAlign
GetEnhMetaFileBits
SetDIBits
EnumFontFamiliesExW
ExtSelectClipRgn
GetPixel
LPtoDP
GetClipBox
TextOutW
GetPixelFormat
GetColorSpace
SelectClipPath
LineDDA
GetCharacterPlacementW
OffsetClipRgn
EnumEnhMetaFile
ExtTextOutA
CreateColorSpaceW
CancelDC
GetCharWidthFloatA
SetRectRgn
GetOutlineTextMetricsW
BeginPath
CloseFigure
CheckColorsInGamut
CreatePatternBrush
SetEnhMetaFileBits
AddFontResourceW
CreateDIBPatternBrush
GetROP2
GetBitmapBits
SetBitmapBits
GetFontData
CreateBrushIndirect
SetWindowOrgEx
StretchDIBits
GetCharWidth32W
PlgBlt
DeleteEnhMetaFile
EnumFontFamiliesExA
CreateEnhMetaFileA
GetObjectA
TextOutA
CreateDiscardableBitmap
GetStockObject
EnumICMProfilesW
RectInRegion
GetAspectRatioFilterEx
GetPaletteEntries
StrokePath
GetClipRgn
CreatePenIndirect
SetTextJustification
CopyMetaFileW
EnumFontFamiliesW
GetDeviceCaps
GetEnhMetaFileA
SetGraphicsMode
FixBrushOrgEx
DescribePixelFormat
OffsetWindowOrgEx
CreateBitmapIndirect
InvertRgn
SetMapperFlags
EndDoc
RestoreDC
CreateRectRgnIndirect
EqualRgn
CreateFontW
CreateDIBitmap
PlayMetaFile
CreateScalableFontResourceW
EndPath
GetRandomRgn
RemoveFontResourceA
SetViewportOrgEx
SetROP2
FlattenPath
GetTextCharset
SetColorAdjustment
UnrealizeObject
DeleteObject
SetMiterLimit
AnimatePalette
SwapBuffers
GetRgnBox
TranslateCharsetInfo
CreateCompatibleDC
ExtTextOutW
ExtEscape
SetPixelV
Arc
MoveToEx
GetEnhMetaFileW
LineTo
DeleteDC
CloseMetaFile
GdiSetBatchLimit
GetWindowOrgEx
DPtoLP
SetArcDirection
MaskBlt
AddFontResourceA
SetMetaRgn
ArcTo
EnumICMProfilesA
Pie
PolyBezierTo
CreateCompatibleBitmap
SetICMProfileW
GetRegionData
SetTextAlign
comdlg32
ChooseColorA
FindTextW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameA
GetFileTitleA
ChooseColorW
PageSetupDlgA
ChooseFontA
PrintDlgW
GetSaveFileNameA
advapi32
RegQueryValueA
GetAuditedPermissionsFromAclA
MakeSelfRelativeSD
GetUserNameW
RegDeleteKeyA
MakeAbsoluteSD
ObjectPrivilegeAuditAlarmA
OpenBackupEventLogA
FindFirstFreeAce
GetSecurityDescriptorControl
CryptSetHashParam
BackupEventLogW
RegReplaceKeyW
AddAce
RegSetValueExA
GetSecurityDescriptorDacl
OpenThreadToken
RegSaveKeyA
LookupPrivilegeValueA
DeregisterEventSource
RegEnumValueA
GetOldestEventLogRecord
CreateProcessAsUserA
CryptSetProviderW
FreeSid
DestroyPrivateObjectSecurity
ImpersonateLoggedOnUser
EnumServicesStatusW
InitializeAcl
RegCreateKeyExW
RegQueryInfoKeyA
RegConnectRegistryW
GetTokenInformation
RegEnumKeyA
ReportEventA
GetSidSubAuthorityCount
GetMultipleTrusteeA
ClearEventLogA
GetSidIdentifierAuthority
CryptSetProviderExW
StartServiceW
RegRestoreKeyA
CryptDestroyKey
CryptSetProviderA
InitiateSystemShutdownW
CryptCreateHash
CryptSetKeyParam
BuildTrusteeWithNameW
AreAllAccessesGranted
CryptHashSessionKey
GetServiceKeyNameW
RegEnumKeyExW
GetAce
RegSetValueW
CryptEnumProvidersA
ReportEventW
SetSecurityInfo
DeleteAce
GetMultipleTrusteeOperationA
BuildExplicitAccessWithNameA
RegFlushKey
SetSecurityDescriptorSacl
RegisterServiceCtrlHandlerA
LogonUserW
GetTrusteeNameA
GetExplicitEntriesFromAclA
RegUnLoadKeyA
AccessCheckAndAuditAlarmW
ClearEventLogW
SetSecurityDescriptorOwner
SetNamedSecurityInfoA
ObjectCloseAuditAlarmA
LockServiceDatabase
CryptEnumProviderTypesW
IsValidSid
OpenSCManagerW
CopySid
RegOpenKeyW
GetMultipleTrusteeOperationW
SetSecurityDescriptorGroup
RegDeleteValueW
GetAclInformation
ControlService
RegisterEventSourceA
RegEnumKeyW
LookupPrivilegeDisplayNameA
RegRestoreKeyW
CryptEncrypt
GetTrusteeTypeA
GetServiceKeyNameA
OpenProcessToken
RegQueryMultipleValuesW
EqualSid
CryptGetHashParam
RegSaveKeyW
LookupAccountSidA
SetServiceBits
AddAccessDeniedAce
RegisterEventSourceW
IsValidAcl
CryptDecrypt
CryptGenKey
SetKernelObjectSecurity
ObjectOpenAuditAlarmW
RegGetKeySecurity
QueryServiceConfigW
GetPrivateObjectSecurity
GetServiceDisplayNameW
RegQueryInfoKeyW
ImpersonateNamedPipeClient
CryptGetKeyParam
ChangeServiceConfigW
SetNamedSecurityInfoW
StartServiceA
AbortSystemShutdownA
SetPrivateObjectSecurity
RegSetValueExW
CloseServiceHandle
RegisterServiceCtrlHandlerW
SetServiceStatus
ChangeServiceConfigA
PrivilegedServiceAuditAlarmW
CryptEnumProviderTypesA
GetMultipleTrusteeW
SetThreadToken
CryptImportKey
RegDeleteValueA
RegOpenKeyExW
BuildExplicitAccessWithNameW
RevertToSelf
BuildSecurityDescriptorA
CreateServiceW
DeleteService
SetFileSecurityW
InitiateSystemShutdownA
QueryServiceConfigA
GetFileSecurityA
PrivilegedServiceAuditAlarmA
CryptHashData
SetAclInformation
AbortSystemShutdownW
CreateProcessAsUserW
ReadEventLogA
GetExplicitEntriesFromAclW
QueryServiceLockStatusW
RegQueryValueExA
CryptDuplicateKey
RegEnumValueW
LookupPrivilegeNameW
GetKernelObjectSecurity
DuplicateTokenEx
SetFileSecurityA
ImpersonateSelf
SetEntriesInAclW
GetLengthSid
OpenBackupEventLogW
CryptDuplicateHash
AddAccessAllowedAce
StartServiceCtrlDispatcherW
GetNamedSecurityInfoW
AccessCheckAndAuditAlarmA
RegConnectRegistryA
CryptGetDefaultProviderA
AreAnyAccessesGranted
AdjustTokenPrivileges
GetSecurityInfo
AccessCheck
GetFileSecurityW
GetUserNameA
BuildSecurityDescriptorW
RegCreateKeyA
GetNamedSecurityInfoA
RegQueryValueExW
StartServiceCtrlDispatcherA
shell32
ShellExecuteExA
SHFormatDrive
SHGetSettings
CommandLineToArgvW
SHGetFileInfoA
SHGetPathFromIDListA
ExtractIconExA
FindExecutableW
ExtractIconW
DuplicateIcon
SHBrowseForFolderA
ShellExecuteW
SHInvokePrinterCommandW
SHGetDataFromIDListW
DoEnvironmentSubstA
SHGetDesktopFolder
Shell_NotifyIconA
SHGetDataFromIDListA
ExtractIconA
SHGetSpecialFolderPathW
ExtractIconExW
SHAppBarMessage
DragQueryFileW
FindExecutableA
SHGetPathFromIDListW
ExtractAssociatedIconW
SHFileOperationA
ShellAboutW
SHQueryRecycleBinA
DragFinish
SHFreeNameMappings
ExtractAssociatedIconA
SHLoadInProc
SHGetSpecialFolderPathA
ShellExecuteExW
SHQueryRecycleBinW
msvcrt
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
Sections
.text Size: 276KB - Virtual size: 272KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ