Static task
static1
Behavioral task
behavioral1
Sample
258169d8210b3e337c4f803ba3324d69_JaffaCakes118.exe
Resource
win7-20240611-en
windows7-x64
Behavioral task
behavioral2
Sample
258169d8210b3e337c4f803ba3324d69_JaffaCakes118.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
258169d8210b3e337c4f803ba3324d69_JaffaCakes118
-
Size
385KB
-
MD5
258169d8210b3e337c4f803ba3324d69
-
SHA1
fdcc6b4b4d5569336df2a15e53566afcde89ddf6
-
SHA256
e8ca3d16d786dfb9433386cf527928cc5e9ab37300c1c2a3594e4240329bc7e3
-
SHA512
5cdc3e9eab1905ee9626ea36c1ed13ca16bcb89f648fbdb1f3d6a9834d4635b43bd3079b37d122ec2e629b07ddc7b2681bc177d9f7771463d96e9763a0da9bdf
-
SSDEEP
6144:8zKKK5ZXnBEiXSQij/zxByV6E7ybJMVGd+X8fJyIRXPUeT6hMa9cTbujTMzM1gIt:8zKKI3B1pi3xYf7BV6bPUFht2NzhGySt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 258169d8210b3e337c4f803ba3324d69_JaffaCakes118
Files
-
258169d8210b3e337c4f803ba3324d69_JaffaCakes118.exe windows:4 windows x86 arch:x86
664f59211e8c29676d503f58e6f73f54
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
QueryPerformanceCounter
BeginUpdateResourceA
InterlockedExchange
LocalReAlloc
FindAtomA
LocalHandle
GetCalendarInfoW
FatalAppExitA
GetVersionExA
IsBadCodePtr
GetCPInfoExA
HeapCreate
IsBadHugeReadPtr
ReadConsoleOutputCharacterA
SetConsoleWindowInfo
WriteConsoleOutputCharacterW
GetCommandLineW
CloseHandle
DefineDosDeviceW
AllocConsole
SetFileTime
TlsSetValue
GetDriveTypeA
GetCommMask
Beep
GetCPInfoExW
_hwrite
FindNextChangeNotification
GetAtomNameW
lstrcpyA
LocalCompact
GlobalFindAtomW
ScrollConsoleScreenBufferA
GetConsoleTitleW
FindFirstFileA
GetEnvironmentStrings
GetPrivateProfileSectionNamesA
SetCurrentDirectoryA
HeapSize
FatalAppExitW
CreateMutexA
InterlockedCompareExchange
RemoveDirectoryA
GetPrivateProfileSectionW
SetVolumeLabelW
SetEnvironmentVariableW
LocalFlags
GlobalHandle
SetThreadLocale
SetProcessPriorityBoost
Heap32Next
GetCommModemStatus
TransactNamedPipe
GetUserDefaultLCID
GlobalSize
CallNamedPipeA
GetCommProperties
GetSystemDefaultLangID
CopyFileA
GetBinaryTypeA
GetStdHandle
GetDateFormatA
OutputDebugStringA
WriteProcessMemory
SetFileAttributesW
FindFirstFileW
GetSystemDefaultLCID
GetLongPathNameA
CreateFileA
GetThreadLocale
GetFileTime
GetCurrentThread
GetCommConfig
WriteFileEx
ReadProcessMemory
DefineDosDeviceA
GetStringTypeW
IsValidCodePage
WaitCommEvent
TransmitCommChar
CompareStringA
EnumResourceNamesA
BeginUpdateResourceW
FlushViewOfFile
SetSystemTime
ScrollConsoleScreenBufferW
SetLocaleInfoW
GetSystemInfo
GetProfileIntW
SetConsoleOutputCP
TerminateProcess
GetTempPathA
SearchPathA
CancelDeviceWakeupRequest
FlushInstructionCache
IsBadStringPtrW
GetThreadPriority
ClearCommBreak
CreateNamedPipeW
EnumSystemCodePagesA
GetPrivateProfileStringA
GetLogicalDriveStringsW
lstrcmpA
SetConsoleTitleA
IsDBCSLeadByteEx
CreateMailslotA
WaitNamedPipeW
GetExitCodeProcess
PrepareTape
GetCompressedFileSizeW
GetNumberFormatW
TlsFree
WriteConsoleOutputAttribute
GetTempFileNameW
IsBadHugeWritePtr
GetShortPathNameA
SetEnvironmentVariableA
lstrcatA
SetHandleInformation
RequestDeviceWakeup
LoadLibraryExA
SetThreadPriorityBoost
VerLanguageNameW
LoadModule
ReadConsoleA
MoveFileA
LocalSize
GlobalFindAtomA
GetVolumeInformationW
GetCurrentProcess
SetThreadPriority
GetNamedPipeHandleStateW
GetFileAttributesA
SetConsoleTitleW
_lread
GetConsoleCP
DeleteCriticalSection
GetThreadPriorityBoost
WritePrivateProfileSectionW
EnumSystemLocalesA
GetProcessVersion
SetCurrentDirectoryW
GetLocalTime
GetDateFormatW
Heap32ListNext
lstrcmpiA
SetThreadExecutionState
SetDefaultCommConfigA
FoldStringW
LockFileEx
GetCurrentProcessId
GetTempPathW
SetEvent
EndUpdateResourceA
HeapLock
SetCommConfig
GetUserDefaultLangID
MultiByteToWideChar
WritePrivateProfileSectionA
OutputDebugStringW
IsValidLocale
Sleep
GetFileAttributesExW
BuildCommDCBW
GetLogicalDriveStringsA
GetSystemDirectoryA
GetPrivateProfileStructA
EnumTimeFormatsA
GetFileAttributesExA
RaiseException
GetSystemTimeAdjustment
GetPrivateProfileIntW
lstrlenA
GlobalLock
GetPrivateProfileIntA
EraseTape
WriteTapemark
GetThreadTimes
VirtualUnlock
CreateToolhelp32Snapshot
DeleteAtom
FreeEnvironmentStringsW
EnumResourceLanguagesW
FindFirstChangeNotificationW
Module32Next
CreateDirectoryExW
_lopen
SetConsoleCursorPosition
GlobalDeleteAtom
HeapReAlloc
GetPrivateProfileStringW
GetModuleFileNameA
SetCommState
GetNumberOfConsoleMouseButtons
SetThreadContext
SuspendThread
GetModuleHandleA
GlobalAlloc
ClearCommError
GlobalFix
HeapDestroy
CreateIoCompletionPort
GetEnvironmentVariableW
GetLogicalDrives
GetDefaultCommConfigW
lstrcpyW
GetCurrentDirectoryW
LocalUnlock
ReadConsoleOutputW
GlobalUnWire
SystemTimeToTzSpecificLocalTime
GetTimeFormatA
LCMapStringA
GlobalGetAtomNameW
GetConsoleTitleA
CompareFileTime
EnumSystemCodePagesW
GetCommState
SetLocaleInfoA
VirtualFreeEx
WaitForSingleObjectEx
VirtualAlloc
SetMailslotInfo
BackupSeek
GetSystemTimeAsFileTime
Toolhelp32ReadProcessMemory
FreeConsole
GetTimeZoneInformation
FindAtomW
ResetWriteWatch
SetPriorityClass
BuildCommDCBAndTimeoutsA
FindResourceA
SetErrorMode
ExpandEnvironmentStringsW
WritePrivateProfileStringA
SetTimeZoneInformation
GetFileSize
CallNamedPipeW
FreeResource
Thread32First
lstrcmpiW
RequestWakeupLatency
GetLocaleInfoA
VirtualAllocEx
GlobalMemoryStatus
WritePrivateProfileStringW
OpenMutexW
GetVersionExW
SetStdHandle
OpenSemaphoreW
AreFileApisANSI
FormatMessageW
WriteConsoleOutputW
CreateConsoleScreenBuffer
DeleteFileW
GetDriveTypeW
SizeofResource
InterlockedExchangeAdd
GetPrivateProfileSectionA
FindNextFileA
LoadLibraryA
GetProcAddress
CreateMutexW
GetPrivateProfileSectionNamesW
EnumResourceNamesW
SetConsoleActiveScreenBuffer
VirtualQueryEx
PeekConsoleInputW
CopyFileW
LocalShrink
SetLastError
OpenFile
_lclose
EnumResourceTypesA
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
GetFileInformationByHandle
SetProcessAffinityMask
MoveFileExW
GetEnvironmentVariableA
LoadLibraryExW
FormatMessageA
BuildCommDCBA
GlobalUnlock
GetPrivateProfileStructW
WaitNamedPipeA
GetProfileSectionW
FlushConsoleInputBuffer
IsDBCSLeadByte
CreateEventW
GetThreadContext
PulseEvent
CreateProcessW
MoveFileW
GetTapePosition
SetTapePosition
ReleaseSemaphore
GetStartupInfoW
CreateRemoteThread
FindResourceExA
DebugBreak
GetCurrentThreadId
GetACP
GetNamedPipeInfo
CreateSemaphoreW
LocalFileTimeToFileTime
GetPriorityClass
GetCurrencyFormatA
ResetEvent
GetShortPathNameW
_hread
OpenFileMappingW
InterlockedDecrement
FindClose
GlobalAddAtomW
ContinueDebugEvent
WriteConsoleInputA
FileTimeToSystemTime
GetConsoleMode
FatalExit
SystemTimeToFileTime
SetEndOfFile
GetCalendarInfoA
GetSystemDirectoryW
ReleaseMutex
SetCommMask
EnumSystemLocalesW
QueryPerformanceFrequency
GetTapeStatus
GetProfileSectionA
GetDefaultCommConfigA
IsBadStringPtrA
GenerateConsoleCtrlEvent
WriteProfileStringA
SetFileApisToANSI
UnhandledExceptionFilter
QueryDosDeviceA
MapViewOfFile
ReadConsoleOutputCharacterW
GetLocaleInfoW
FreeLibrary
GetTickCount
SearchPathW
GetExitCodeThread
WritePrivateProfileStructW
GetOverlappedResult
WideCharToMultiByte
GetConsoleCursorInfo
IsProcessorFeaturePresent
EnumCalendarInfoW
SetupComm
CreateFileW
CreateFileMappingW
OpenFileMappingA
GetStartupInfoA
OpenProcess
SetFileAttributesA
GetProcessHeaps
SetVolumeLabelA
CreateTapePartition
SetHandleCount
GetStringTypeA
CreateDirectoryExA
user32
GetClassInfoExW
CharPrevA
SetUserObjectSecurity
IsCharLowerA
TrackPopupMenu
SendNotifyMessageA
CreatePopupMenu
DrawEdge
DefFrameProcA
GetMessageA
ShowScrollBar
LockWindowUpdate
GetKeyNameTextA
ArrangeIconicWindows
GetClassLongW
DlgDirListW
KillTimer
CharNextA
CharPrevExA
GetPriorityClipboardFormat
FindWindowExA
FindWindowExW
GetWindowThreadProcessId
BeginPaint
GetMenuContextHelpId
GetClientRect
GetDlgItemInt
DrawIcon
DestroyAcceleratorTable
GrayStringA
RegisterWindowMessageW
SetDlgItemTextA
SetActiveWindow
GetDialogBaseUnits
ToUnicode
CreateDesktopA
SendDlgItemMessageA
IsDialogMessageA
GetUserObjectInformationA
OpenWindowStationA
SendMessageTimeoutA
DialogBoxIndirectParamA
ChangeMenuA
GetUpdateRect
LoadMenuIndirectW
SetWindowTextA
AppendMenuW
EndDeferWindowPos
MessageBoxA
GetKBCodePage
IsDlgButtonChecked
LoadCursorFromFileW
SetParent
GetParent
SetMenuDefaultItem
GetWindowTextA
EnableWindow
ValidateRect
UnhookWindowsHook
IsCharAlphaNumericW
CreateAcceleratorTableA
DrawFocusRect
RemoveMenu
IsCharUpperA
MsgWaitForMultipleObjectsEx
GetWindowRgn
SetMenuContextHelpId
VkKeyScanExA
GetMenuCheckMarkDimensions
PeekMessageW
GetWindowRect
DlgDirSelectExW
RegisterClassExW
GetDlgItem
SystemParametersInfoW
IsChild
GetDlgCtrlID
CharToOemA
wsprintfA
DefFrameProcW
ExcludeUpdateRgn
SetThreadDesktop
AppendMenuA
CheckDlgButton
OpenDesktopW
GetClassInfoW
GetNextDlgGroupItem
SetWindowsHookExW
ShowWindow
CreateDialogParamW
MsgWaitForMultipleObjects
UnregisterHotKey
GetWindowWord
GetKeyNameTextW
OpenClipboard
SetPropW
CallWindowProcW
GetClipboardFormatNameW
UnregisterClassW
OffsetRect
CopyAcceleratorTableA
GetKeyboardLayoutNameA
GetSubMenu
SetWindowPlacement
GetKeyboardLayoutNameW
SetClipboardData
mouse_event
DrawTextW
CascadeWindows
IsCharLowerW
PostThreadMessageW
SetRect
ClientToScreen
CallMsgFilterA
GetTabbedTextExtentW
GetClipCursor
EqualRect
RegisterHotKey
RedrawWindow
SwitchDesktop
CheckMenuRadioItem
SetClassLongA
OemToCharW
EnumDesktopsW
ChildWindowFromPointEx
WaitMessage
GetMessagePos
GetSysColor
wvsprintfA
GetClipboardFormatNameA
ScrollWindowEx
LoadImageW
SetMenuItemInfoA
DragDetect
SetMenuItemInfoW
FrameRect
GetMenuStringW
CharNextW
EnumPropsA
IsMenu
MessageBeep
TranslateAcceleratorW
CharToOemW
CreateIcon
OemToCharBuffW
InsertMenuItemA
ChangeMenuW
IsCharAlphaW
CreateDialogParamA
IsDialogMessageW
GetKeyboardLayoutList
WindowFromDC
HideCaret
PostQuitMessage
GetSysColorBrush
CopyRect
DragObject
SetDoubleClickTime
SetMessageQueue
GetMessageExtraInfo
GetClipboardData
LoadMenuW
DialogBoxParamA
WinHelpA
ScreenToClient
DrawTextA
SwapMouseButton
DefMDIChildProcW
SendMessageTimeoutW
CharLowerBuffW
ValidateRgn
CreateMDIWindowA
ChangeDisplaySettingsExA
GetWindowTextW
GetScrollPos
SetClassWord
InvalidateRgn
CharToOemBuffA
FillRect
ToAscii
EnumDesktopWindows
CharLowerW
IsRectEmpty
LoadImageA
IsCharUpperW
DrawCaption
CreateIconIndirect
InvertRect
SetScrollRange
TrackPopupMenuEx
GetUserObjectInformationW
DefMDIChildProcA
FindWindowW
VkKeyScanA
BeginDeferWindowPos
IsIconic
GetCursorPos
LoadIconW
LookupIconIdFromDirectory
GetClassWord
SendMessageW
CloseWindow
EnumPropsW
GetClassNameA
SetKeyboardState
CreateWindowStationA
DrawStateA
MessageBoxIndirectW
InvalidateRect
CharUpperBuffW
GetActiveWindow
SetMessageExtraInfo
GetOpenClipboardWindow
TabbedTextOutA
ShowWindowAsync
PostMessageA
DrawTextExW
SetWindowLongW
IsClipboardFormatAvailable
EnableMenuItem
GetTopWindow
FlashWindow
CopyIcon
UnregisterClassA
CreateAcceleratorTableW
ReplyMessage
WindowFromPoint
IsWindow
IsCharAlphaA
DrawIconEx
GetDCEx
SetFocus
InsertMenuW
PostThreadMessageA
EnumWindows
SendMessageCallbackW
GetCaretBlinkTime
GetWindowTextLengthA
SetCursor
GetCaretPos
SetUserObjectInformationA
CharNextExA
CreateWindowStationW
GetCapture
GetClassNameW
GetForegroundWindow
SwitchToThisWindow
IsWindowEnabled
SetWindowRgn
EnumWindowStationsW
FindWindowA
GetWindowContextHelpId
DestroyCaret
GetClassLongA
SetWindowTextW
OemKeyScan
AttachThreadInput
OpenIcon
LoadBitmapW
GetMenuStringA
GetScrollRange
MessageBoxIndirectA
GetDoubleClickTime
SetCaretPos
DestroyIcon
GetWindowTextLengthW
CreateDialogIndirectParamW
CopyImage
DefDlgProcA
LoadStringW
GetDlgItemTextW
GetDlgItemTextA
IntersectRect
DefWindowProcW
GetClassInfoA
RegisterClassW
GetSystemMetrics
ScrollDC
ToAsciiEx
TileWindows
DialogBoxParamW
DlgDirListComboBoxA
DestroyCursor
CloseWindowStation
OpenWindowStationW
GrayStringW
GetShellWindow
ScrollWindow
ChangeDisplaySettingsA
GetMenuItemID
EnumDisplaySettingsW
LoadAcceleratorsW
CreateWindowExA
IsWindowVisible
ModifyMenuW
ShowCaret
SendNotifyMessageW
RegisterClassA
SetMenuItemBitmaps
EnableScrollBar
EnumThreadWindows
CheckMenuItem
MenuItemFromPoint
DestroyWindow
SetWindowsHookExA
CreateMDIWindowW
SetLastErrorEx
WinHelpW
GetTabbedTextExtentA
SetPropA
GetCursor
SetWindowContextHelpId
LoadStringA
CharToOemBuffW
GetMessageTime
CharUpperA
ChangeDisplaySettingsW
GetSystemMenu
GetWindowLongW
SendDlgItemMessageW
LoadCursorA
ChildWindowFromPoint
GetWindowDC
CreateCursor
SetCursorPos
PeekMessageA
UpdateWindow
EnumPropsExA
OemToCharBuffA
LoadIconA
SetDlgItemTextW
gdi32
GetKerningPairsW
GetCharWidthFloatA
CreateColorSpaceW
UpdateICMRegKeyA
GetICMProfileA
GetTextExtentExPointA
ScaleWindowExtEx
CloseMetaFile
OffsetClipRgn
StartDocA
GetTextColor
CreateHalftonePalette
StretchDIBits
GetDeviceGammaRamp
CreateICA
GetArcDirection
DeleteObject
GetWindowExtEx
GetTextFaceA
SetICMMode
SetRectRgn
ExtTextOutA
GetCurrentObject
GetGlyphOutlineA
CreateMetaFileA
DescribePixelFormat
IntersectClipRect
OffsetViewportOrgEx
SetBoundsRect
OffsetWindowOrgEx
MaskBlt
GetCharABCWidthsW
AbortDoc
EndPage
PlayEnhMetaFileRecord
SetMapperFlags
GetBkMode
SetBkColor
GetTextExtentPoint32A
ExtFloodFill
TextOutW
GetWorldTransform
CreateCompatibleDC
SetGraphicsMode
GetFontLanguageInfo
GetTextExtentPointA
CreateDiscardableBitmap
GetTextAlign
PolyPolyline
GetDCOrgEx
GetColorSpace
SelectClipRgn
SelectObject
GetTextCharset
SetDIBits
StrokeAndFillPath
RemoveFontResourceA
ChoosePixelFormat
GetRgnBox
SetStretchBltMode
CreateDCW
GetROP2
GetWindowOrgEx
CreatePolyPolygonRgn
GetTextMetricsW
EnumFontsW
SetBkMode
CreateScalableFontResourceA
EnumEnhMetaFile
BeginPath
RoundRect
PolyPolygon
CreatePolygonRgn
GdiGetBatchLimit
ResetDCA
AbortPath
AddFontResourceW
SetWorldTransform
GetTextExtentPointW
GetBoundsRect
GetBrushOrgEx
SetColorSpace
EnumFontFamiliesA
GetDIBits
ExtTextOutW
SetWindowOrgEx
CopyEnhMetaFileA
EnumFontFamiliesExA
LineDDA
CreateBitmapIndirect
GetMetaRgn
FloodFill
EndDoc
SetEnhMetaFileBits
CreateHatchBrush
GetObjectType
GetEnhMetaFileA
SetViewportExtEx
CreateFontW
GetRegionData
GetPath
GetNearestColor
EnumICMProfilesW
DrawEscape
PolyTextOutA
GetOutlineTextMetricsA
PaintRgn
GetClipRgn
GetKerningPairsA
GetViewportOrgEx
LineTo
ResizePalette
CopyMetaFileW
SetROP2
GetMetaFileW
CreateFontA
CreateScalableFontResourceW
WidenPath
UnrealizeObject
GetCharWidthW
GetStretchBltMode
GetSystemPaletteEntries
GetPolyFillMode
CreateRectRgnIndirect
GetTextExtentPoint32W
GetEnhMetaFileDescriptionA
CloseFigure
GetBkColor
SetICMProfileA
CreateSolidBrush
InvertRgn
SetAbortProc
GetCharacterPlacementW
SetTextColor
RectVisible
Chord
GetTextCharacterExtra
StartPage
PtVisible
GetDIBColorTable
PtInRegion
CreateFontIndirectW
GetEnhMetaFilePaletteEntries
GetTextCharsetInfo
ColorMatchToTarget
CreateDIBitmap
TextOutA
CreateBrushIndirect
SetTextAlign
CloseEnhMetaFile
SetPaletteEntries
EndPath
CreatePenIndirect
SetTextJustification
CreateDIBPatternBrushPt
ModifyWorldTransform
SetDIBitsToDevice
GetMapMode
GetCharABCWidthsFloatW
GetDeviceCaps
SetBitmapDimensionEx
GetCurrentPositionEx
UpdateColors
GetCharWidthA
EnumFontsA
GetEnhMetaFileDescriptionW
GetMetaFileBitsEx
CreateEllipticRgnIndirect
GetCharWidth32A
SetColorAdjustment
CreateICW
GetGlyphOutlineW
CombineRgn
ArcTo
GetStockObject
CancelDC
OffsetRgn
GetViewportExtEx
EnumFontFamiliesExW
GetCharABCWidthsFloatA
GetFontData
GetGraphicsMode
GetPaletteEntries
comdlg32
ReplaceTextW
GetOpenFileNameA
ChooseFontW
CommDlgExtendedError
PageSetupDlgW
GetSaveFileNameW
FindTextW
FindTextA
GetSaveFileNameA
ChooseColorW
PageSetupDlgA
ReplaceTextA
advapi32
LockServiceDatabase
StartServiceCtrlDispatcherA
OpenEventLogW
SetAclInformation
SetServiceObjectSecurity
BuildImpersonateExplicitAccessWithNameW
CryptDecrypt
OpenBackupEventLogW
SetFileSecurityA
ObjectDeleteAuditAlarmW
GetSecurityDescriptorDacl
SetTokenInformation
CryptSetProvParam
OpenServiceW
BuildTrusteeWithNameA
GetEffectiveRightsFromAclA
AreAnyAccessesGranted
SetNamedSecurityInfoA
OpenSCManagerW
GetMultipleTrusteeA
EnumServicesStatusA
UnlockServiceDatabase
CryptSetHashParam
RegQueryMultipleValuesA
RegSetValueExA
RegGetKeySecurity
GetServiceDisplayNameA
CryptEnumProvidersA
CryptVerifySignatureW
EqualSid
CreateProcessAsUserW
GetAuditedPermissionsFromAclA
GetSecurityDescriptorOwner
CryptSetKeyParam
CryptReleaseContext
ClearEventLogW
CryptHashData
RegConnectRegistryW
CloseEventLog
QueryServiceConfigA
GetExplicitEntriesFromAclA
CryptDeriveKey
GetSecurityDescriptorLength
RegQueryValueExA
BuildImpersonateExplicitAccessWithNameA
GetExplicitEntriesFromAclW
RegReplaceKeyA
GetFileSecurityW
RegisterEventSourceW
SetServiceBits
CreateProcessAsUserA
NotifyBootConfigStatus
RegConnectRegistryA
RegRestoreKeyW
RegisterEventSourceA
RegDeleteKeyW
ObjectPrivilegeAuditAlarmA
CryptGetKeyParam
ImpersonateNamedPipeClient
RegUnLoadKeyA
RegEnumValueA
GetSecurityDescriptorSacl
CryptGetDefaultProviderA
GetMultipleTrusteeW
RegRestoreKeyA
CryptCreateHash
CryptDuplicateKey
ObjectCloseAuditAlarmA
BuildExplicitAccessWithNameA
CryptEnumProviderTypesW
RegSaveKeyA
MapGenericMask
RegNotifyChangeKeyValue
ReportEventW
StartServiceA
AccessCheckAndAuditAlarmA
RegReplaceKeyW
RegLoadKeyW
DuplicateTokenEx
SetKernelObjectSecurity
AddAccessAllowedAce
SetPrivateObjectSecurity
PrivilegeCheck
CryptContextAddRef
GetMultipleTrusteeOperationA
BuildImpersonateTrusteeA
AbortSystemShutdownA
IsValidSecurityDescriptor
StartServiceCtrlDispatcherW
SetServiceStatus
CryptGetProvParam
DuplicateToken
RegOpenKeyExW
OpenServiceA
LookupAccountNameA
GetKernelObjectSecurity
InitiateSystemShutdownA
CryptDestroyKey
DestroyPrivateObjectSecurity
RegOpenKeyExA
CryptSetProviderExA
InitiateSystemShutdownW
RegCreateKeyExW
EnumServicesStatusW
CryptImportKey
ObjectCloseAuditAlarmW
LookupSecurityDescriptorPartsW
CryptGetUserKey
CryptSignHashA
CopySid
CryptSetProviderW
AllocateAndInitializeSid
PrivilegedServiceAuditAlarmA
ObjectOpenAuditAlarmA
GetSecurityDescriptorGroup
LookupPrivilegeNameW
BuildSecurityDescriptorA
OpenSCManagerA
AbortSystemShutdownW
BuildImpersonateTrusteeW
GetSidIdentifierAuthority
RegCloseKey
CryptEnumProviderTypesA
CryptSetProviderExW
CryptSetProviderA
RegUnLoadKeyW
RegOpenKeyA
ChangeServiceConfigA
CryptEncrypt
GetOldestEventLogRecord
CryptGenRandom
RegCreateKeyA
SetSecurityDescriptorOwner
SetFileSecurityW
RegQueryMultipleValuesW
RegQueryValueW
InitializeSid
GetTokenInformation
EnumDependentServicesA
RegCreateKeyW
LookupSecurityDescriptorPartsA
AccessCheckAndAuditAlarmW
LogonUserA
DeleteService
SetSecurityDescriptorSacl
SetSecurityDescriptorGroup
AdjustTokenGroups
InitializeAcl
GetMultipleTrusteeOperationW
CryptEnumProvidersW
GetNumberOfEventLogRecords
GetAce
LookupAccountNameW
RegCreateKeyExA
CloseServiceHandle
ClearEventLogA
RegQueryInfoKeyW
ObjectDeleteAuditAlarmA
NotifyChangeEventLog
IsValidSid
GetTrusteeNameW
CryptAcquireContextA
QueryServiceConfigW
AddAuditAccessAce
CryptGetHashParam
GetUserNameW
StartServiceW
AddAccessDeniedAce
SetEntriesInAclW
BuildTrusteeWithSidW
AddAce
LookupPrivilegeValueA
GetServiceKeyNameW
CryptGenKey
CreatePrivateObjectSecurity
GetServiceDisplayNameW
GetAclInformation
shell32
ShellExecuteExA
SHGetFileInfoW
FindExecutableA
SHGetPathFromIDListA
ExtractIconW
SHGetSpecialFolderLocation
DoEnvironmentSubstA
DragQueryFileA
ExtractAssociatedIconExA
SHGetSpecialFolderPathA
SHGetFileInfoA
SHBrowseForFolderA
SHAddToRecentDocs
SHGetDesktopFolder
ExtractIconExA
ExtractAssociatedIconExW
SHGetDataFromIDListA
ExtractAssociatedIconA
DragQueryFileW
SHGetInstanceExplorer
ExtractIconA
ShellExecuteW
SHEmptyRecycleBinA
SHQueryRecycleBinA
SHAppBarMessage
DoEnvironmentSubstW
SHGetSettings
ExtractAssociatedIconW
SHGetDataFromIDListW
DragQueryPoint
CommandLineToArgvW
SHFileOperationA
ShellExecuteExW
SHInvokePrinterCommandA
ShellExecuteA
ExtractIconExW
SHFreeNameMappings
SHBrowseForFolderW
SHChangeNotify
ShellAboutW
DragFinish
msvcrt
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode
Sections
.text Size: 290KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 30KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
5nudpm3c Size: 46KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
8d108bvd Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ