Static task
static1
Behavioral task
behavioral1
Sample
2bf2d82d53992bb059e54c7ec3e3926e_JaffaCakes118.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral2
Sample
2bf2d82d53992bb059e54c7ec3e3926e_JaffaCakes118.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
General
-
Target
2bf2d82d53992bb059e54c7ec3e3926e_JaffaCakes118
-
Size
336KB
-
MD5
2bf2d82d53992bb059e54c7ec3e3926e
-
SHA1
e1ee828186f47335bf3e92b00f19fd5c2fdd4182
-
SHA256
25f2b1ae083cc297de5569837c24b9acbc2ba93d8d6f9faa54597f7522e81789
-
SHA512
fa6d7038e900aecf6f20e6a64e5b97dcb80cd41e506f5d19da56da376d6f7e33f267dfc0cea0306aa11e757abb8c712a849689ba6bc46ea624aff27ab3f685c6
-
SSDEEP
6144:zR/iL0ds5ZeiayqC1Bidy3ejzL6hSGPomgVCbedqBc6BSyrWuYTO3ZOqOsld:dlsfejyqCvuy3ejzL6hS0yVCb/Bc7yia
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2bf2d82d53992bb059e54c7ec3e3926e_JaffaCakes118
Files
-
2bf2d82d53992bb059e54c7ec3e3926e_JaffaCakes118.exe windows:4 windows x86 arch:x86
f867c071d006c636961c18bd5bfa2d59
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalCompact
ConvertDefaultLocale
SetThreadPriorityBoost
GetSystemDefaultLCID
ClearCommBreak
GetCPInfoExA
CreateIoCompletionPort
GetConsoleScreenBufferInfo
_lopen
GlobalReAlloc
SetComputerNameW
LockFile
ReadFileEx
EnterCriticalSection
CloseHandle
ResumeThread
LocalHandle
OutputDebugStringA
GetDateFormatA
GlobalGetAtomNameW
WaitForSingleObject
WaitCommEvent
GetDriveTypeA
LoadModule
OutputDebugStringW
FindResourceExA
DebugBreak
GetProfileStringA
FindAtomA
ResetWriteWatch
GetFullPathNameA
GetFileAttributesA
EndUpdateResourceW
GetDefaultCommConfigW
SetHandleInformation
IsDBCSLeadByte
CopyFileW
WritePrivateProfileStringA
RemoveDirectoryW
VirtualFree
DefineDosDeviceA
GetEnvironmentStrings
SetConsoleCursorInfo
VirtualQuery
EnumResourceTypesA
CreateFileMappingW
SetMailslotInfo
SetFileApisToOEM
WriteConsoleInputW
InterlockedDecrement
GetTickCount
ReadConsoleOutputCharacterW
SetErrorMode
FreeConsole
GetAtomNameA
SetCommBreak
SetNamedPipeHandleState
IsValidLocale
GetACP
FormatMessageA
GetAtomNameW
GetProcessHeaps
CreateMutexW
GetCommModemStatus
FillConsoleOutputCharacterW
CallNamedPipeW
GetNumberOfConsoleMouseButtons
GetCommandLineW
GetThreadSelectorEntry
MapViewOfFileEx
ExpandEnvironmentStringsA
SetCommTimeouts
CreateEventA
AddAtomW
WriteProfileSectionW
GetVersionExA
GlobalFree
GetUserDefaultLangID
SearchPathW
GetPrivateProfileIntA
HeapLock
WriteConsoleOutputA
ReadProcessMemory
InterlockedExchangeAdd
HeapSize
EnumCalendarInfoW
SetLocalTime
SetCommConfig
GetNumberFormatA
EnumResourceTypesW
SleepEx
GetProcessHeap
GetCalendarInfoA
GetCommConfig
ReadConsoleOutputA
SetThreadLocale
GetTimeFormatA
DebugActiveProcess
SystemTimeToTzSpecificLocalTime
ClearCommError
GetTempFileNameA
UnhandledExceptionFilter
UnmapViewOfFile
OpenFileMappingW
SetSystemTimeAdjustment
SetFileTime
TransactNamedPipe
QueryPerformanceCounter
EnumSystemLocalesW
LocalReAlloc
CancelDeviceWakeupRequest
GetConsoleTitleW
PurgeComm
BeginUpdateResourceW
ReadFileScatter
GlobalUnlock
BackupWrite
GetNamedPipeInfo
HeapCreate
OpenEventW
BuildCommDCBW
ScrollConsoleScreenBufferA
SetHandleCount
GetModuleHandleW
MultiByteToWideChar
GetConsoleCursorInfo
SetDefaultCommConfigA
SetConsoleTitleA
DuplicateHandle
FindResourceA
GetVolumeInformationA
SetTimeZoneInformation
GetFullPathNameW
SetEnvironmentVariableW
IsBadCodePtr
SetConsoleTextAttribute
FindResourceW
GetTempFileNameW
FreeEnvironmentStringsA
GlobalWire
GetWindowsDirectoryW
OpenMutexA
ConnectNamedPipe
GetMailslotInfo
PulseEvent
GetProcessPriorityBoost
GetLogicalDriveStringsW
EscapeCommFunction
FreeLibrary
WritePrivateProfileStructW
UpdateResourceA
ScrollConsoleScreenBufferW
LoadLibraryW
SetTapePosition
CreateDirectoryExW
LeaveCriticalSection
WaitForMultipleObjects
GlobalHandle
HeapValidate
GetProfileIntA
GetThreadPriority
GetOverlappedResult
WriteConsoleOutputAttribute
LocalAlloc
GetTapeStatus
EnumDateFormatsA
SetupComm
IsBadStringPtrW
SearchPathA
FindFirstChangeNotificationW
GlobalAddAtomW
WriteProcessMemory
FindAtomW
lstrcmpW
InitializeCriticalSection
GetFileInformationByHandle
MoveFileW
GetFileAttributesW
IsSystemResumeAutomatic
SetConsoleActiveScreenBuffer
CreateSemaphoreW
lstrlenW
DosDateTimeToFileTime
WriteFile
GlobalFlags
CreateSemaphoreA
EndUpdateResourceA
GetStringTypeA
lstrcpynW
lstrcmpiW
LoadLibraryA
_hwrite
CreateToolhelp32Snapshot
FileTimeToDosDateTime
GetConsoleOutputCP
SetThreadExecutionState
ResetEvent
SetConsoleCtrlHandler
GetConsoleMode
GetThreadPriorityBoost
GetStartupInfoA
OpenSemaphoreA
GetTapePosition
LocalUnlock
GetNumberFormatW
GetModuleHandleA
SetFilePointer
GetVersionExW
GetPrivateProfileStructW
GetDevicePowerState
GetProcessAffinityMask
GetQueuedCompletionStatus
GetWindowsDirectoryA
SetSystemPowerState
Module32Next
CommConfigDialogW
GetLargestConsoleWindowSize
Heap32ListFirst
GetEnvironmentVariableW
MoveFileExW
GetPrivateProfileIntW
SetLocaleInfoW
GetConsoleCP
ReleaseMutex
GetStringTypeW
GetCurrentDirectoryW
HeapReAlloc
SetConsoleMode
_lwrite
GetExitCodeThread
WaitForMultipleObjectsEx
InterlockedCompareExchange
CreateDirectoryA
GetTimeFormatW
GetSystemTime
GetProcessVersion
BuildCommDCBAndTimeoutsW
CreateFileW
CreateRemoteThread
SetThreadAffinityMask
UnlockFileEx
QueryPerformanceFrequency
FillConsoleOutputAttribute
UnlockFile
VirtualProtectEx
BackupRead
FindCloseChangeNotification
LocalLock
DeleteAtom
CommConfigDialogA
LocalFree
TlsFree
GlobalAddAtomA
OpenMutexW
EnumTimeFormatsA
lstrlenA
WritePrivateProfileStringW
_lread
lstrcatA
GetFileSize
WriteProfileStringW
ContinueDebugEvent
HeapDestroy
GetConsoleTitleA
GetSystemTimeAdjustment
Beep
MoveFileA
_lclose
BackupSeek
SetConsoleScreenBufferSize
CreateDirectoryW
GetOEMCP
ExitProcess
PeekConsoleInputA
GetProfileSectionA
GetSystemPowerStatus
TlsGetValue
BuildCommDCBAndTimeoutsA
GlobalDeleteAtom
GetNamedPipeHandleStateA
GetThreadContext
GetDiskFreeSpaceExA
GetPrivateProfileSectionNamesA
InitAtomTable
FatalAppExitW
FindClose
IsBadHugeReadPtr
GetDriveTypeW
GetCPInfoExW
GetLogicalDriveStringsA
WritePrivateProfileStructA
SetCalendarInfoW
CreateMutexA
WriteFileEx
CompareStringA
GetLocaleInfoW
GetNamedPipeHandleStateW
FlushViewOfFile
MapViewOfFile
LocalCompact
SetConsoleCursorPosition
GetPrivateProfileStringA
GetModuleFileNameW
FreeEnvironmentStringsW
SetTapeParameters
IsValidCodePage
IsBadStringPtrA
GetTempPathA
SetMessageWaitingIndicator
DisableThreadLibraryCalls
CreateMailslotA
GetEnvironmentVariableA
IsBadWritePtr
GetUserDefaultLCID
WriteTapemark
lstrcatW
OpenFileMappingA
FoldStringA
SetCurrentDirectoryA
ReadConsoleOutputAttribute
SetCommState
GlobalMemoryStatus
RequestWakeupLatency
GetPrivateProfileSectionNamesW
GetCompressedFileSizeW
VirtualProtect
OpenFile
MulDiv
OpenProcess
FindNextChangeNotification
GetCurrencyFormatA
GetSystemDirectoryW
GetFileAttributesExW
GetBinaryTypeA
OpenSemaphoreW
WaitNamedPipeW
EnumSystemCodePagesA
FindFirstChangeNotificationA
WriteConsoleW
Heap32ListNext
SystemTimeToFileTime
HeapAlloc
FindResourceExW
WriteConsoleInputA
GetCalendarInfoW
GetDiskFreeSpaceA
SetProcessAffinityMask
SetStdHandle
FileTimeToSystemTime
PostQueuedCompletionStatus
GetSystemDefaultLangID
HeapWalk
UpdateResourceW
QueryDosDeviceW
LocalFlags
GetStartupInfoW
CompareStringW
TerminateProcess
GetCurrentProcess
FindNextFileA
Heap32First
HeapCompact
SetVolumeLabelA
GetCurrentThreadId
VirtualFreeEx
ReadConsoleOutputW
GetVersion
WinExec
SetUnhandledExceptionFilter
CallNamedPipeA
ReadConsoleInputA
SetCalendarInfoA
RequestDeviceWakeup
CompareFileTime
SetLastError
Thread32Next
SetDefaultCommConfigW
SetFileAttributesW
GetCompressedFileSizeA
_llseek
GetStringTypeExA
SetConsoleOutputCP
GetDiskFreeSpaceW
lstrcpynA
GetProcAddress
user32
GetWindowTextLengthW
DefFrameProcW
IsDialogMessageA
UnregisterClassW
MapVirtualKeyExW
IsRectEmpty
EnumDisplaySettingsA
CallMsgFilterA
GetIconInfo
SetWindowsHookExW
SetKeyboardState
IsDialogMessageW
OpenWindowStationW
GetMessageTime
EnumDisplaySettingsW
ChangeDisplaySettingsA
DrawFocusRect
SetRect
CreateDialogIndirectParamW
BeginPaint
GetTabbedTextExtentA
RegisterClassExW
DrawEdge
GetWindowTextLengthA
WindowFromDC
FlashWindow
EndDialog
GetParent
PostThreadMessageA
DrawStateA
ChangeMenuW
GetWindowContextHelpId
SubtractRect
ShowScrollBar
CreateDialogParamW
DlgDirListComboBoxA
GetMessageW
ExitWindowsEx
PostQuitMessage
GetDlgCtrlID
LoadMenuIndirectW
GetDC
LoadCursorW
CheckDlgButton
CheckRadioButton
GetQueueStatus
GetUserObjectInformationW
GetKeyNameTextW
GetNextDlgGroupItem
SetTimer
EqualRect
SetMenuItemInfoA
SetWindowsHookA
ChildWindowFromPointEx
LoadStringA
GetClassNameA
GetKBCodePage
LoadMenuW
LoadBitmapA
OemToCharBuffW
GetCursorPos
DestroyAcceleratorTable
GetProcessWindowStation
LoadStringW
CreateIconIndirect
EndDeferWindowPos
GetMenuStringW
InternalGetWindowText
LoadIconA
DefWindowProcA
CloseWindow
PtInRect
GetMenuStringA
IsZoomed
CharPrevExA
DrawIconEx
GetMenuItemRect
SetClipboardData
RegisterClassW
UnloadKeyboardLayout
RemovePropW
SendDlgItemMessageW
GetMessagePos
keybd_event
SetDlgItemTextW
GetMenuContextHelpId
SetSystemCursor
OemToCharW
SetScrollRange
InflateRect
IsCharAlphaA
CreateDesktopW
SendMessageTimeoutA
LoadImageW
ArrangeIconicWindows
MessageBoxIndirectA
EmptyClipboard
AppendMenuW
EnableMenuItem
UnregisterClassA
GetDialogBaseUnits
MoveWindow
SetClassWord
DrawMenuBar
ScrollWindow
CharToOemBuffW
KillTimer
GetAsyncKeyState
SetPropW
SetCursorPos
EnumWindows
CharLowerA
EnumDesktopWindows
ScrollDC
GetCapture
DefWindowProcW
DefMDIChildProcW
OpenDesktopA
SendMessageCallbackA
AnyPopup
CopyAcceleratorTableW
DlgDirSelectExA
GetPropA
SwapMouseButton
OemToCharA
GetWindowWord
CreateCursor
GetMenuCheckMarkDimensions
DlgDirListW
ValidateRgn
CharNextA
SetClipboardViewer
CharUpperBuffA
OpenDesktopW
LookupIconIdFromDirectoryEx
MsgWaitForMultipleObjects
GetWindowLongA
SetProcessWindowStation
CreatePopupMenu
GetThreadDesktop
CopyAcceleratorTableA
DragObject
SetRectEmpty
PostMessageW
MenuItemFromPoint
HiliteMenuItem
DlgDirSelectExW
SetScrollInfo
GetMenuItemCount
MessageBoxIndirectW
IntersectRect
InsertMenuW
AppendMenuA
RegisterClassExA
WinHelpW
OpenWindowStationA
SetWindowRgn
CharLowerBuffA
CharNextW
CharNextExA
GetKeyboardLayout
ClipCursor
ChangeMenuA
MapVirtualKeyExA
GetWindowLongW
CallWindowProcW
CreateDialogIndirectParamA
SystemParametersInfoA
CopyIcon
GetWindowDC
GetClipboardFormatNameW
GetDCEx
OpenInputDesktop
LoadCursorFromFileA
SetWindowPos
SetMessageExtraInfo
InsertMenuItemA
VkKeyScanExW
WaitMessage
CharUpperA
IsDlgButtonChecked
UpdateWindow
DialogBoxIndirectParamW
GetUserObjectSecurity
EnumWindowStationsW
InvalidateRgn
EnumClipboardFormats
InsertMenuItemW
DeferWindowPos
GetOpenClipboardWindow
SetUserObjectInformationA
MessageBoxExA
VkKeyScanA
SwitchToThisWindow
ToAscii
FillRect
SystemParametersInfoW
RegisterClassA
SetMenu
GetWindowTextW
SetActiveWindow
GetDlgItemTextA
CharUpperW
CloseClipboard
FindWindowW
ClientToScreen
CreateIconFromResource
UnionRect
DefFrameProcA
GetWindowRect
ChangeClipboardChain
ShowCaret
EnumDesktopsW
CreateCaret
DeleteMenu
CreateIconFromResourceEx
InSendMessage
CreateDesktopA
SetWindowPlacement
LoadAcceleratorsW
EnumChildWindows
ActivateKeyboardLayout
CharLowerW
SetClassLongW
GetSystemMetrics
GetFocus
SetWindowLongA
GetForegroundWindow
TranslateMDISysAccel
DialogBoxParamA
CloseWindowStation
MapDialogRect
SwitchDesktop
EnumPropsExA
PaintDesktop
GetMessageA
UnhookWindowsHookEx
WaitForInputIdle
PeekMessageA
EnableScrollBar
EnumPropsExW
GetClipboardData
ModifyMenuA
SetUserObjectInformationW
GetTopWindow
ChildWindowFromPoint
CopyImage
IsWindowUnicode
mouse_event
GetKeyboardState
GetWindow
GetPriorityClipboardFormat
SetWindowContextHelpId
GetClassInfoW
GetKeyboardType
LoadCursorFromFileW
SetMenuDefaultItem
GetScrollInfo
SetWindowTextA
GetClassInfoExA
wsprintfA
GetWindowTextA
GetCaretBlinkTime
MsgWaitForMultipleObjectsEx
CascadeWindows
LoadImageA
LockWindowUpdate
WindowFromPoint
EnumDesktopsA
OpenClipboard
IsCharUpperW
IsClipboardFormatAvailable
IsWindowEnabled
SendMessageTimeoutW
SetCapture
VkKeyScanW
MapVirtualKeyA
GetClipCursor
AdjustWindowRect
CreateWindowExA
SetThreadDesktop
DrawFrameControl
ChangeDisplaySettingsExA
CallWindowProcA
SetUserObjectSecurity
GetCaretPos
EnumThreadWindows
CharToOemA
FindWindowExA
SetCursor
SetWindowLongW
RegisterWindowMessageW
TrackPopupMenuEx
AdjustWindowRectEx
gdi32
SetDIBitsToDevice
GetBitmapBits
GetTextCharset
CreatePenIndirect
Pie
GetBkColor
StrokePath
MoveToEx
GetViewportOrgEx
GetEnhMetaFileBits
GetTextFaceA
RectInRegion
GetWinMetaFileBits
SetWindowOrgEx
PlgBlt
AbortPath
EnumEnhMetaFile
UpdateICMRegKeyW
SetWindowExtEx
GetPaletteEntries
CreateBitmap
CreateRectRgn
RemoveFontResourceA
GetCharWidthFloatA
SelectClipPath
EnumICMProfilesA
EnumFontsA
CreateCompatibleDC
GetViewportExtEx
GetNearestPaletteIndex
GetDIBColorTable
ExtCreatePen
DeleteEnhMetaFile
PlayMetaFileRecord
EnumFontFamiliesW
StretchBlt
SetAbortProc
GetClipRgn
ExcludeClipRect
StartDocA
GetBitmapDimensionEx
InvertRgn
GetGlyphOutlineA
IntersectClipRect
ResetDCW
GetCharacterPlacementW
SetTextJustification
CreateEnhMetaFileW
GetCharacterPlacementA
SetViewportExtEx
GetBkMode
TextOutW
PatBlt
GetCharWidth32A
PolyBezier
SetICMProfileW
GetTextAlign
ModifyWorldTransform
PaintRgn
RestoreDC
GetMapMode
FillRgn
SetROP2
SetBkMode
CreateHalftonePalette
DrawEscape
GetCharWidthFloatW
AddFontResourceA
GdiComment
SetBkColor
ResizePalette
CreateScalableFontResourceA
AnimatePalette
CreateDIBSection
EnumFontFamiliesExW
SetPixelFormat
FixBrushOrgEx
GetObjectType
GetMetaFileA
FrameRgn
CreateDCA
GetICMProfileA
CreateICA
TranslateCharsetInfo
Polygon
CreateColorSpaceA
GetStockObject
GetGraphicsMode
SetEnhMetaFileBits
GetMiterLimit
CombineTransform
GetCurrentPositionEx
GetRasterizerCaps
AbortDoc
GetOutlineTextMetricsA
OffsetWindowOrgEx
SetPaletteEntries
EnumFontsW
EnumFontFamiliesExA
GetGlyphOutlineW
SetBitmapDimensionEx
SetPolyFillMode
SetMetaFileBitsEx
DeleteColorSpace
DeleteMetaFile
GetKerningPairsA
GetDIBits
SaveDC
GetCharABCWidthsFloatW
CreateDIBitmap
SetStretchBltMode
CreatePalette
GetMetaFileW
CopyEnhMetaFileA
GetStretchBltMode
SetBoundsRect
SetWorldTransform
CreateCompatibleBitmap
GetRgnBox
GetColorSpace
UpdateColors
SetColorAdjustment
SetMiterLimit
CreatePen
GetEnhMetaFileW
SelectObject
ExtSelectClipRgn
GetTextColor
SetICMProfileA
CreatePolygonRgn
GetPixel
TextOutA
PlayEnhMetaFileRecord
EnumObjects
LPtoDP
PolylineTo
GetDeviceGammaRamp
GetDeviceCaps
ExtFloodFill
Arc
GetPixelFormat
CopyEnhMetaFileW
OffsetRgn
GdiSetBatchLimit
CreateFontIndirectW
GetWorldTransform
GetROP2
GetLogColorSpaceW
GetTextMetricsW
GetNearestColor
CreateColorSpaceW
GetTextCharacterExtra
CreateICW
GdiGetBatchLimit
RoundRect
SetViewportOrgEx
CreateEllipticRgnIndirect
GetCharABCWidthsW
CreateFontW
LineDDA
GetSystemPaletteEntries
CreateRectRgnIndirect
StartDocW
SetICMMode
CreateEnhMetaFileA
GetPolyFillMode
OffsetViewportOrgEx
GetBoundsRect
CreatePolyPolygonRgn
CreateFontA
GetDCOrgEx
SetGraphicsMode
CreatePatternBrush
PolyPolygon
GetKerningPairsW
RemoveFontResourceW
EnumICMProfilesW
FloodFill
Ellipse
SetTextCharacterExtra
PtInRegion
GetEnhMetaFilePaletteEntries
comdlg32
GetOpenFileNameW
ReplaceTextA
GetFileTitleA
GetSaveFileNameW
GetSaveFileNameA
ChooseColorW
ChooseFontW
FindTextA
PageSetupDlgA
FindTextW
advapi32
SetSecurityDescriptorDacl
RegEnumValueA
CloseEventLog
RegOpenKeyW
LookupAccountNameA
InitiateSystemShutdownA
SetServiceObjectSecurity
CryptSetKeyParam
RegDeleteValueW
RegSetKeySecurity
LockServiceDatabase
GetSidLengthRequired
StartServiceCtrlDispatcherA
RegRestoreKeyA
CryptEncrypt
RegLoadKeyW
BuildImpersonateTrusteeW
BuildExplicitAccessWithNameA
AddAccessAllowedAce
SetServiceBits
GetSidSubAuthority
OpenBackupEventLogA
IsValidSid
SetTokenInformation
StartServiceW
GetFileSecurityW
SetFileSecurityW
SetSecurityDescriptorOwner
RegSaveKeyA
ImpersonateLoggedOnUser
RegDeleteValueA
ObjectCloseAuditAlarmA
GetAclInformation
CryptAcquireContextW
CryptEnumProviderTypesA
GetMultipleTrusteeW
RegReplaceKeyA
RevertToSelf
GetTrusteeTypeW
AccessCheckAndAuditAlarmA
CryptDuplicateHash
RegUnLoadKeyW
GetAuditedPermissionsFromAclW
LookupSecurityDescriptorPartsA
IsValidAcl
OpenServiceA
CryptGetKeyParam
FindFirstFreeAce
RegQueryValueA
AdjustTokenGroups
EqualSid
CryptSignHashW
CreateServiceA
LogonUserA
LookupPrivilegeNameW
GetServiceKeyNameW
CloseServiceHandle
QueryServiceConfigW
CreatePrivateObjectSecurity
GetTrusteeNameW
GetMultipleTrusteeA
PrivilegedServiceAuditAlarmA
RegQueryValueExA
RegSetValueExA
GetNamedSecurityInfoA
RegQueryValueExW
EnumDependentServicesA
LookupPrivilegeValueA
BuildImpersonateExplicitAccessWithNameW
IsValidSecurityDescriptor
CryptSetProviderA
SetFileSecurityA
IsTextUnicode
GetExplicitEntriesFromAclA
CryptEnumProvidersA
GetSecurityDescriptorDacl
GetSecurityInfo
GetNamedSecurityInfoW
RegSetValueW
ClearEventLogA
RegSaveKeyW
BuildSecurityDescriptorA
CopySid
ObjectDeleteAuditAlarmA
RegisterEventSourceW
RegOpenKeyExA
CreateProcessAsUserA
ReportEventA
RegCreateKeyW
SetSecurityDescriptorSacl
EnumServicesStatusA
GetOldestEventLogRecord
CryptSignHashA
CryptAcquireContextA
AddAce
MapGenericMask
ObjectPrivilegeAuditAlarmW
BuildExplicitAccessWithNameW
LookupPrivilegeValueW
RegLoadKeyA
BuildTrusteeWithSidA
PrivilegeCheck
GetSecurityDescriptorSacl
OpenServiceW
LookupPrivilegeDisplayNameW
RegDeleteKeyA
QueryServiceConfigA
CryptGenKey
StartServiceCtrlDispatcherW
BuildSecurityDescriptorW
CryptSetProviderExA
GetSidSubAuthorityCount
AreAllAccessesGranted
BackupEventLogW
RegOpenKeyA
RegEnumValueW
GetPrivateObjectSecurity
ControlService
RegEnumKeyExW
CryptVerifySignatureA
RegReplaceKeyW
RegNotifyChangeKeyValue
AllocateLocallyUniqueId
BuildTrusteeWithSidW
RegGetKeySecurity
GetAce
SetSecurityInfo
QueryServiceStatus
InitiateSystemShutdownW
SetAclInformation
RegFlushKey
CryptGetProvParam
DeleteAce
GetLengthSid
OpenEventLogA
ObjectOpenAuditAlarmA
InitializeSid
SetNamedSecurityInfoA
RegCreateKeyExW
ReadEventLogW
DeleteService
RegisterServiceCtrlHandlerW
DestroyPrivateObjectSecurity
DuplicateToken
ChangeServiceConfigW
SetKernelObjectSecurity
OpenSCManagerA
RegEnumKeyExA
CryptSetProviderW
CryptSetProviderExW
OpenBackupEventLogW
LookupAccountNameW
OpenThreadToken
MakeAbsoluteSD
RegSetValueExW
GetUserNameA
CryptVerifySignatureW
EqualPrefixSid
RegCreateKeyA
RegCloseKey
InitializeAcl
GetUserNameW
UnlockServiceDatabase
QueryServiceLockStatusA
shell32
ShellExecuteW
ExtractAssociatedIconA
ShellAboutA
SHEmptyRecycleBinA
DragQueryPoint
DoEnvironmentSubstW
SHFileOperationW
DragFinish
SHBrowseForFolderA
SHInvokePrinterCommandW
Shell_NotifyIconW
ShellAboutW
ExtractIconA
SHGetDataFromIDListA
DragQueryFileW
ExtractIconW
SHEmptyRecycleBinW
DuplicateIcon
ShellExecuteA
SHGetFileInfoW
SHGetInstanceExplorer
ExtractAssociatedIconExA
SHLoadInProc
SHGetMalloc
ShellExecuteExA
SHGetDesktopFolder
SHGetPathFromIDListA
SHAppBarMessage
ExtractAssociatedIconExW
SHQueryRecycleBinW
SHAddToRecentDocs
SHBrowseForFolderW
ExtractAssociatedIconW
Shell_NotifyIconA
CommandLineToArgvW
SHInvokePrinterCommandA
SHGetSpecialFolderLocation
FindExecutableA
SHGetFileInfoA
ExtractIconExA
SHGetDataFromIDListW
SHFileOperationA
msvcrt
__getmainargs
exit
_XcptFilter
_exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 280KB - Virtual size: 276KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ