d:\dev\URLOpener\Release\URLOpener.pdb
Overview
overview
10Static
static
10intro.exe
windows7-x64
1intro.exe
windows10-2004-x64
1keygen-pr.exe
windows7-x64
1keygen-pr.exe
windows10-2004-x64
1keygen-step-1.exe
windows7-x64
10keygen-step-1.exe
windows10-2004-x64
10keygen-step-3.exe
windows7-x64
7keygen-step-3.exe
windows10-2004-x64
1keygen-step-4.exe
windows7-x64
10keygen-step-4.exe
windows10-2004-x64
10keygen.bat
windows7-x64
10keygen.bat
windows10-2004-x64
10user32.dll
windows10-2004-x64
1Behavioral task
behavioral1
Sample
intro.exe
Resource
win7-20240704-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
intro.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral3
Sample
keygen-pr.exe
Resource
win7-20240708-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
keygen-pr.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral5
Sample
keygen-step-1.exe
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral6
Sample
keygen-step-1.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral7
Sample
keygen-step-3.exe
Resource
win7-20240704-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral8
Sample
keygen-step-3.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
keygen-step-4.exe
Resource
win7-20240704-en
windows7-x64
29 signatures
150 seconds
Behavioral task
behavioral10
Sample
keygen-step-4.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
32 signatures
150 seconds
Behavioral task
behavioral11
Sample
keygen.bat
Resource
win7-20240705-en
azorultfabookieffdroiderponybootkitcollectiondiscoveryinfostealerpersistenceratspywarestealertrojanupx
windows7-x64
37 signatures
150 seconds
Behavioral task
behavioral12
Sample
keygen.bat
Resource
win10v2004-20240709-en
azorultfabookieffdroiderponybootkitcollectiondiscoveryevasioninfostealerpersistenceratspywarestealertrojanupx
windows10-2004-x64
40 signatures
150 seconds
Behavioral task
behavioral13
Sample
user32.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
39c5ea241fa0aed95ea39cbb933526d8_JaffaCakes118
-
Size
10.0MB
-
MD5
39c5ea241fa0aed95ea39cbb933526d8
-
SHA1
a68e1b83880dedbf928b4c2c98589f15cca5095e
-
SHA256
693883c68fc9fd236ff5e63c81c01a0ba5ffa60360c4db1c125c5094bbce68fa
-
SHA512
481c11b36fc5983b35b567a2d1270a677d4ebe78432210001ac19c393b195a191dc3238f02041becb1b86d8d0f2a97095a62882766cf0077df80938a325e5a2e
-
SSDEEP
196608:wxN8BUsNXpwd/HSznBUwJhx2S8LwqDWJEYUvUF/P5chhPtSgx2:cMXpwJHSzBR2S8LvYOggx2
Score
10/10
Malware Config
Extracted
Family
azorult
C2
http://kvaka.li/1210776429.php
Signatures
-
Azorult family
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack001/intro.exe unpack001/keygen-pr.exe unpack001/keygen-step-1.exe unpack001/keygen-step-3.exe unpack001/keygen-step-4.exe
Files
-
39c5ea241fa0aed95ea39cbb933526d8_JaffaCakes118.rar
-
intro.exe.exe windows:6 windows x86 arch:x86
d1c9964ba2ee42f1db3bf43b17e164f4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
wininet
InternetReadFile
InternetConnectW
InternetCloseHandle
HttpSendRequestW
InternetOpenW
HttpOpenRequestW
kernel32
DecodePointer
WriteConsoleW
CloseHandle
CreateFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
LCMapStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
Sections
.text Size: 113KB - Virtual size: 113KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
keygen-pr.exe.exe windows:5 windows x86 arch:x86
3eaa732d4dae53340f9646bdd85dac41
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb
Imports
comctl32
InitCommonControlsEx
shlwapi
SHAutoComplete
kernel32
ReadFile
GetFileAttributesW
SetFileAttributesW
FindNextFileW
GetFullPathNameW
GetModuleFileNameW
FindResourceW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetLocaleInfoW
GetNumberFormatW
ExpandEnvironmentStringsW
WaitForSingleObject
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetExitCodeProcess
GetTempPathW
MoveFileExW
Sleep
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
CreateFileMappingW
GetTickCount
SetEnvironmentVariableW
OpenFileMappingW
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetProcessAffinityMask
ReleaseSemaphore
ResetEvent
DeleteCriticalSection
SetEvent
SetThreadPriority
InitializeCriticalSection
CreateEventW
CreateSemaphoreW
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
FindFirstFileW
GetFileType
SetCurrentDirectoryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
RaiseException
GetSystemTimeAsFileTime
SetEndOfFile
SetFilePointer
GetStdHandle
WriteFile
FlushFileBuffers
GetLongPathNameW
MoveFileW
GetShortPathNameW
CreateDirectoryW
RemoveDirectoryW
GlobalAlloc
DeleteFileW
FindClose
CreateFileW
DeviceIoControl
SetFileTime
GetCurrentProcess
CloseHandle
CreateHardLinkW
SetLastError
GetLastError
GetCurrentDirectoryW
CreateFileA
GetCPInfo
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
user32
EnableWindow
ShowWindow
GetDlgItem
MessageBoxW
FindWindowExW
GetParent
MapWindowPoints
CreateWindowExW
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
DestroyWindow
CopyRect
IsWindow
CharUpperW
OemToCharBuffA
LoadIconW
PostMessageW
GetSysColor
SetForegroundWindow
WaitForInputIdle
IsWindowVisible
DialogBoxParamW
DestroyIcon
SetFocus
GetClassNameW
SendDlgItemMessageW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
wvsprintfW
SendMessageW
GetDC
ReleaseDC
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
SetWindowLongW
LoadBitmapW
gdi32
GetDeviceCaps
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteDC
DeleteObject
comdlg32
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
shell32
SHChangeNotify
SHGetFileInfoW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
SHFileOperationW
ole32
CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
oleaut32
VariantInit
Sections
.text Size: 149KB - Virtual size: 149KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 133KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
keygen-step-1.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 2KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
keygen-step-3.exe.exe windows:6 windows x86 arch:x86
18c76be64c3a2a2a761412561cc18dd8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
TryEnterCriticalSection
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
lstrlenA
lstrcatA
CopyFileA
CreateThread
FindNextFileW
GetModuleFileNameW
FindClose
SetStdHandle
VerSetConditionMask
VerifyVersionInfoW
ExitProcess
GetModuleHandleW
DeviceIoControl
FreeEnvironmentStringsW
ReadFile
AreFileApisANSI
SetEnvironmentVariableW
LoadLibraryW
GetEnvironmentStringsW
GetOEMCP
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
DecodePointer
GetCPInfo
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
RtlUnwind
RaiseException
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
QueryPerformanceFrequency
GetStdHandle
GetFileType
WriteConsoleW
GetCommandLineA
GetCommandLineW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
GetFileSizeEx
SetFilePointerEx
GetConsoleCP
GetConsoleMode
FindFirstFileExW
IsValidCodePage
GetACP
Sections
.text Size: 140KB - Virtual size: 139KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.txet Size: 399KB - Virtual size: 398KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 47KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
keygen-step-4.exe.exe windows:5 windows x86 arch:x86
ae9f6a32bb8b03dce37903edbc855ba1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\Projects\WinRAR\sfx\build\sfxzip32\Release\sfxzip.pdb
Imports
kernel32
GetLastError
SetLastError
FormatMessageW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileTime
CloseHandle
CreateFileW
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
MoveFileW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
WaitForSingleObject
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlUnwind
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer
gdiplus
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
Sections
.text Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 211KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
keygen.bat
-
user32.dll.dll windows:10 windows x86 arch:x86
fc723bfb16384b9a9334f645e7850b95
Code Sign
33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66Certificate
IssuerCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before04-03-2020 18:30Not After03-03-2021 18:30SubjectCN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:07:76:56:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before19-10-2011 18:41Not After19-10-2026 18:51SubjectCN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
59:16:5e:da:7d:c9:38:79:c0:72:3a:e4:50:4f:29:e5:98:af:60:c9:31:59:58:4b:53:c9:65:12:34:fe:fe:25Signer
Actual PE Digest59:16:5e:da:7d:c9:38:79:c0:72:3a:e4:50:4f:29:e5:98:af:60:c9:31:59:58:4b:53:c9:65:12:34:fe:fe:25Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
wuser32.pdb
Imports
win32u
NtUserChangeDisplaySettings
NtUserRemoveProp
NtUserUnregisterClass
NtUserEnumDisplaySettings
NtUserGetAltTabInfo
NtUserSetClassLong
NtUserGetMessage
NtUserGetKeyboardLayoutName
NtUserDrawCaptionTemp
NtUserSetProp
NtUserVkKeyScanEx
NtUserCallMsgFilter
NtUserCallHwndLockSafe
NtUserSetImeOwnerWindow
NtUserNotifyIMEStatus
NtUserUpdateInputContext
NtUserCountClipboardFormats
NtUserGetPriorityClipboardFormat
NtUserGetClipboardOwner
NtUserGetClipboardSequenceNumber
NtUserGetClipboardViewer
NtUserSetClipboardViewer
NtUserChangeClipboardChain
NtUserAddClipboardFormatListener
NtUserRemoveClipboardFormatListener
NtUserGetUpdatedClipboardFormats
NtUserSetWindowCompositionAttribute
NtUserCallNoParam
NtUserCallTwoParam
NtUserSetThreadDesktop
NtUserActivateKeyboardLayout
NtUserGetOpenClipboardWindow
NtUserWOWCleanup
NtUserTranslateAccelerator
NtUserGetClipboardData
NtUserSetClipboardData
NtUserDrawIconEx
NtUserGetUpdateRgn
NtUserGetUpdateRect
NtUserWaitForInputIdle
NtUserMsgWaitForMultipleObjectsEx
NtUserWaitForMsgAndEvent
NtUserSetObjectInformation
NtUserCreateWindowStation
NtUserOpenWindowStation
NtUserCreateDesktopEx
NtUserOpenDesktop
NtUserSwitchDesktop
NtUserYieldTask
NtUserGetMenuIndex
NtUserCallHwndOpt
NtUserUnloadKeyboardLayout
NtUserGetKeyboardLayout
NtUserCreateWindowEx
NtUserEnumDisplayDevices
NtUserSetProcessDpiAwarenessContext
NtUserGetDpiForMonitor
NtUserShutdownBlockReasonCreate
NtUserGetCurrentDpiInfoForWindow
NtUserCallHwndSafe
NtUserTransformPoint
NtUserSystemParametersInfoForDpi
NtCreateCompositionInputSink
NtUserCreatePalmRejectionDelayZone
NtUserDestroyPalmRejectionDelayZone
NtUserSystemParametersInfo
NtUserGetProp
NtUserGetHDevName
NtUserGetRawInputDeviceInfo
NtUserUpdatePerUserSystemParameters
NtUserEvent
NtUserGetWOWClass
NtUserInitTask
NtUserConvertMemHandle
NtUserCreateLocalMemHandle
NtUserSetWindowsHookEx
NtUserSetWinEventHook
NtUserNotifyWinEvent
NtUserRegisterUserApiHook
NtUserDrawCaption
NtUserGetAsyncKeyState
NtUserGetKeyState
NtUserOpenClipboard
NtUserPeekMessage
NtUserTranslateMessage
NtUserSetWindowRgn
NtUserSetWindowRgnEx
NtUserInternalGetWindowText
NtUserInternalGetWindowIcon
NtUserSetWindowStationUser
NtUserSetSystemCursor
NtUserFindExistingCursorIcon
NtUserSetCursorIconData
NtUserDefSetText
NtUserToUnicodeEx
NtUserLoadKeyboardLayoutEx
NtUserModifyWindowTouchCapability
NtUserPaintDesktop
NtUserEnableMenuItem
NtUserCallNextHookEx
NtGdiDdDDIEscape
NtUserDisplayConfigGetDeviceInfo
NtUserGetDisplayConfigBufferSizes
NtUserSetDisplayConfig
NtUserQueryDisplayConfig
NtUserDisplayConfigSetDeviceInfo
NtUserFunctionalizeDisplayConfig
NtUserMapVirtualKeyEx
NtUserGetKeyNameText
NtUserRegisterWindowMessage
NtUserGetClipboardFormatName
NtUserPostThreadMessage
NtUserRegisterClassExWOW
NtUserFindWindowEx
NtUserUpdateLayeredWindow
NtUserSBGetParms
NtUserSetScrollInfo
NtUserGetClassName
NtUserTransformRect
NtUserTestForInteractiveUser
NtUserEnableScrollBar
NtMITSetLastInputRecipient
NtMITSetInputDelegationMode
NtMITGetCursorUpdateHandle
NtMITSynthesizeTouchInput
NtUserHwndSetRedirectionInfo
NtUserHwndQueryRedirectionInfo
NtUserSetSysColors
NtUserCallHwnd
NtUserModifyUserStartupInfoFlags
NtUserMNDragLeave
NtUserMNDragOver
NtUserDrawMenuBarTemp
NtUserThunkedMenuInfo
NtUserCheckMenuItem
NtUserMinMaximize
NtUserSetWindowLong
NtUserCheckAccessForIntegrityLevel
NtUserScrollWindowEx
NtUserCallHwndParamLock
NtUserDeferWindowPosAndBand
NtUserInitializeClientPfnArrays
NtUserProcessConnect
gDispatchTableValues
NtUserDisableProcessWindowFiltering
NtUserSetProcessUIAccessZorder
NtUserGetRawInputBuffer
NtUserScrollDC
NtUserSetSystemTimer
NtUserCloseClipboard
NtUserEmptyClipboard
NtUserIsClipboardFormatAvailable
NtUserShowCaret
NtUserCreateCaret
NtUserHideCaret
NtUserGetControlColor
NtUserSetCursor
NtUserSetThreadState
NtUserQueryWindow
NtUserFillWindow
NtUserDdeInitialize
NtUserUpdateInstance
NtUserConsoleControl
NtUserSetInformationThread
NtUserSetParent
NtUserReleaseDC
NtUserCallHwndParamLockSafe
NtUserPostMessage
NtUserGetTouchInputInfo
NtUserLockCursor
NtUserLinkDpiCursor
NtUserGetRequiredCursorSizes
NtUserGetCursorFrameInfo
NtUserGetIconInfo
NtUserDestroyAcceleratorTable
NtUserReportInertia
NtUserGetHimetricScaleFactorFromPixelLocation
NtUserRegisterEdgy
NtUserRegisterPointerInputTarget
NtUserGetPointerInfoList
NtUserGetCPD
NtUserCallOneParam
NtUserValidateTimerCallback
NtUserDispatchMessage
NtUserAutoPromoteMouseInPointer
NtUserGetDManipHookInitFunction
NtUserCallHwndLock
NtUserSetMenu
NtUserSetMenuFlagRtoL
NtUserThunkedMenuItemInfo
NtUserSetWindowsHookAW
NtUserUnhookWindowsHookEx
NtUserRealWaitMessageEx
NtUserRealInternalGetMessage
NtUserMessageCall
NtUserInjectGesture
NtUserGetGestureExtArgs
NtUserGetGestureInfo
NtUserBuildNameList
NtUserBuildPropList
NtUserBuildHwndList
NtUserGetAtomName
NtUserCallHwndParam
NtUserAlterWindowStyle
NtUserSetWindowFNID
NtUserBitBltSysBmp
NtUserGetOemBitmapSize
NtUserGetIconSize
NtUserGetThreadState
NtUserGetDC
NtUserGetControlBrush
NtUserDestroyCursor
NtUserCreateEmptyCursorObject
NtUserSetImeHotKey
NtUserGetImeHotKey
NtUserWindowFromPoint
NtUserWindowFromPhysicalPoint
NtUserGetClassInfoEx
NtUserWindowFromDC
NtUserWaitMessage
NtUserWaitForRedirectionStartComplete
NtUserWaitAvailableMessageEx
NtUserValidateRect
NtUserUserHandleGrantAccess
NtUserUpdateWindowTrackingInfo
NtUserUpdateWindowInputSinkHints
NtUserUpdateDefaultDesktopThumbnail
NtUserUnregisterUserApiHook
NtUserUnregisterSessionPort
NtUserUnregisterHotKey
NtUserUnlockWindowStation
NtUserUnhookWinEvent
NtUserUndelegateInput
NtUserTrackPopupMenuEx
NtUserTrackMouseEvent
NtUserSoundSentry
NtUserSlicerControl
NtUserDiscardPointerFrameMessages
NtUserSignalRedirectionStartComplete
NtUserShutdownBlockReasonQuery
NtUserShutdownReasonDestroy
NtUserShowWindowAsync
NtUserShowWindow
NtUserShowSystemCursor
NtUserShowScrollBar
NtUserShowCursor
NtUserSetWindowWord
NtUserSetWindowShowState
NtUserSetWindowPos
NtUserSetWindowPlacement
NtUserSetWindowGroup
NtUserSetWindowFeedbackSetting
NtUserSetWindowDisplayAffinity
NtUserSetWindowCompositionTransition
NtUserSetWindowBand
NtUserSetWindowArrangement
NtUserSetThreadInputBlocked
NtUserSetTargetForResourceBrokering
NtUserSetSystemMenu
NtUserSetShellWindowEx
NtSetShellCursorState
NtUserSetProcessWindowStation
NtUserSetProcessRestrictionExemption
NtUserSetProcessMousewheelRoutingMode
NtUserSetProcessInteractionFlags
NtUserSetPrecisionTouchPadConfiguration
NtSetPointerDeviceInputSpace
NtUserSetMirrorRendering
NtUserSetMenuDefaultItem
NtUserSetMenuContextHelpId
NtUserMagSetContextInformation
NtUserSetMagnificationDesktopMagnifierOffsetsDWMUpdated
NtUserSetLayeredWindowAttributes
NtUserSetKeyboardState
NtUserSetInternalWindowPos
NtUserSetInteractiveCtrlRotationAngle
NtUserSetInteractiveControlFocus
NtUserSetGestureConfig
NtUserSetForegroundWindowForApplication
NtUserSetFocus
NtUserSetFeatureReportResponse
NtUserSetFallbackForeground
NtUserSetDisplayMapping
NtUserSetDisplayAutoRotationPreferences
NtUserSetDialogControlDpiChangeBehavior
NtUserSetDesktopColorTransform
NtUserSetCursorPos
NtSetCursorInputSpace
NtUserSetCursorContents
NtUserSetCoreWindowPartner
NtUserSetCoreWindow
NtUserSetTimer
NtUserSetClassWord
NtUserSetChildWindowNoActivate
NtUserSetCapture
NtUserSetCalibrationData
NtUserSetBrokeredForeground
NtUserSetBridgeWindowChild
NtUserSetAutoRotation
NtUserSetActiveWindow
NtUserSetActiveProcessForMonitor
NtUserSetActivationFilter
NtUserSendInteractiveControlHapticsReport
NtUserSendInput
NtUserSendEventMessage
NtUserRestoreWindowDpiChanges
NtUserResolveDesktopForWOW
NtUserRequestMoveSizeOperation
NtUserRemoveVisualIdentifier
NtUserRemoveMenu
NtUserReleaseDwmHitTestWaiters
NtUserRegisterTouchPadCapable
NtUserRegisterTouchHitTestingWindow
NtUserRegisterTasklist
NtUserRegisterShellPTPListener
NtUserRegisterSessionPort
NtUserRegisterServicesProcess
NtUserRegisterRawInputDevices
NtUserRegisterPointerDeviceNotifications
NtUserRegisterHotKey
NtUserRegisterErrorReportingDialog
NtUserRegisterDManipHook
NtUserRegisterBSDRWindow
NtUserRedrawWindow
NtUserRealChildWindowFromPoint
NtRIMUpdateInputObserverRegistration
NtRIMUnregisterForInput
NtRIMSetTestModeStatus
NtRIMSetExtendedDeviceProperty
NtRIMRemoveInputObserver
NtRIMRegisterForInput
NtRIMReadInput
NtRIMOnTimerNotification
NtRIMOnPnpNotification
NtRIMObserveNextInput
NtRIMGetSourceProcessId
NtRIMGetPhysicalDeviceRect
NtRIMGetDevicePropertiesLockfree
NtRIMGetDeviceProperties
NtRIMGetDevicePreparsedDataLockfree
NtRIMGetDevicePreparsedData
NtRIMFreeInputBuffer
NtRIMEnableMonitorMappingForDevice
NtRIMDeviceIoControl
NtRIMAreSiblingDevices
NtRIMAddInputObserver
NtUserQuerySendMessage
NtUserQueryBSDRWindow
NtUserQueryActivationObject
NtUserPromotePointer
NtUserProcessInkFeedbackCommand
NtUserPrintWindow
NtUserPerMonitorDPIPhysicalToLogicalPoint
NtUserPhysicalToLogicalPoint
NtUserPhysicalToLogicalDpiPointForWindow
NtUserPaintMonitor
NtUserPaintMenuBar
NtUserOpenThreadDesktop
NtUserOpenInputDesktop
NtUserNavigateFocus
NtUserMoveWindow
NtUserMenuItemFromPoint
NtMapVisualRelativePoints
NtUserMapPointsByVisualIdentifier
NtUserLogicalToPerMonitorDPIPhysicalPoint
NtUserLogicalToPhysicalPoint
NtUserLogicalToPhysicalDpiPointForWindow
NtUserLockWorkStation
NtUserLockWindowUpdate
NtUserLockWindowStation
NtUserLayoutCompleted
NtUserKillTimer
NtUserIsWindowGDIScaledDpiMessageEnabled
NtUserIsWindowBroadcastingDpiToChildren
NtUserIsTouchWindow
NtUserIsTopLevelWindow
NtUserIsResizeLayoutSynchronizationEnabled
NtIsOneCoreTransformMode
NtUserIsNonClientDpiScalingEnabled
NtUserIsMouseInputEnabled
NtUserIsMouseInPointerEnabled
NtUserIsChildWindowDpiMessageEnabled
NtUserInvalidateRgn
NtUserInvalidateRect
NtUserInteractiveControlQueryUsage
NtUserInjectTouchInput
NtUserInjectPointerInput
NtUserInjectMouseInput
NtUserInjectKeyboardInput
NtUserInjectGenericHidInput
NtUserInjectDeviceInput
NtUserInitializeTouchInjection
NtUserInitializePointerDeviceInjectionEx
NtUserInitializePointerDeviceInjection
NtUserInitializeInputDeviceInjection
NtUserInitializeGenericHidInjection
NtUserInheritWindowMonitor
NtUserImpersonateDdeClientWindow
NtUserHungWindowFromGhostWindow
NtUserHiliteMenuItem
NtUserHidePointerContactVisualization
NtUserHandleDelegatedInput
NtUserGhostWindowFromHungWindow
NtUserGetWindowRgnEx
NtUserGetWindowProcessHandle
NtUserGetWindowPlacement
NtUserGetWindowMinimizeRect
NtUserGetWindowGroupId
NtUserGetWindowFeedbackSetting
NtUserGetWindowDisplayAffinity
NtUserGetWindowDC
NtUserGetWindowCompositionInfo
NtUserGetWindowCompositionAttribute
NtUserGetWindowBand
NtUserGetObjectInformation
NtUserGetUniformSpaceMapping
NtUserGetTouchValidationStatus
NtUserGetTopLevelWindow
NtUserGetTitleBarInfo
NtUserGetThreadDesktop
NtUserGetSystemMenu
NtUserGetSystemDpiForProcess
NtUserGetScrollBarInfo
NtUserGetResizeDCompositionSynchronizationObject
NtUserGetRegisteredRawInputDevices
NtUserGetRawPointerDeviceData
NtUserGetRawInputDeviceList
NtUserGetRawInputData
NtUserGetQueueStatusReadonly
NtUserGetProcessWindowStation
NtUserGetProcessUIContextInformation
NtUserGetPrecisionTouchPadConfiguration
NtUserGetPointerType
NtUserGetPointerProprietaryId
NtUserGetPointerInputTransform
NtUserGetPointerFrameTimes
NtUserGetPointerDevices
NtUserGetPointerDeviceRects
NtUserGetPointerDeviceProperties
NtUserGetPointerDeviceOrientation
NtUserGetPointerDeviceCursors
NtUserGetPointerDevice
NtUserGetPointerCursorId
NtUserGetPhysicalDeviceRect
NtUserGetOwnerTransformedMonitorRect
NtUserGetMouseMovePointsEx
NtUserGetMenuItemRect
NtUserGetMenuBarInfo
NtUserMagGetContextInformation
NtUserGetListBoxInfo
NtUserGetLayeredWindowAttributes
NtUserGetKeyboardState
NtUserGetKeyboardLayoutList
NtUserGetInternalWindowPos
NtUserGetInteractiveCtrlSupportedWaveforms
NtUserGetInteractiveControlInfo
NtUserGetInteractiveControlDeviceInfo
NtUserGetInputLocaleInfo
NtUserGetInputContainerId
NtUserGetGuiResources
NtUserGetGestureConfig
NtUserGetGUIThreadInfo
NtUserGetForegroundWindow
NtUserGetExtendedPointerDeviceProperty
NtUserGetDoubleClickTime
NtUserGetDisplayAutoRotationPreferencesByProcessId
NtUserGetDisplayAutoRotationPreferences
NtUserGetDesktopID
NtUserGetDCEx
NtUserGetCursorInfo
NtUserGetCursor
NtUserGetCurrentInputMessageSource
NtUserGetComboBoxInfo
NtUserGetClipboardAccessToken
NtUserGetClipCursor
NtUserGetCaretPos
NtUserGetCaretBlinkTime
NtUserGetCIMSSM
NtUserGetAutoRotationState
NtUserGetAncestor
NtUserGetActiveProcessesDpis
NtUserFrostCrashedWindow
NtUserForceWindowToDpiForTest
NtUserFlashWindowEx
NtUserExcludeUpdateRgn
NtUserEnumDisplayMonitors
NtUserEndPaint
NtUserEndMenu
NtUserEndDeferWindowPosEx
NtUserEnableWindowResizeOptimization
NtUserEnableWindowGroupPolicy
NtUserEnableWindowGDIScaledDpiMessage
NtUserEnableTouchPad
NtUserEnableSoftwareCursorForScreenCapture
NtUserEnableResizeLayoutSynchronization
NtEnableOneCoreTransformMode
NtUserEnableNonClientDpiScaling
NtUserEnableMouseInputForCursorSuppression
NtUserEnableMouseInPointer
NtUserEnableIAMAccess
ntdll
LdrGetProcedureAddress
LdrGetDllHandle
toupper
_alldiv
_allmul
_aulldvrm
_chkstk
_ftol2_sse
memcmp
memset
RtlUnwind
RtlSetLastWin32Error
RtlImageNtHeader
NlsAnsiCodePage
RtlCaptureContext
_wtoi
NtPowerInformation
RtlMultiByteToUnicodeSize
LdrFlushAlternateResourceModules
RtlRaiseException
NtYieldExecution
NtDeleteValueKey
NtSetValueKey
NtCreateKey
wcstoul
RtlPcToFileHeader
NtVdmControl
RtlFreeUnicodeString
RtlCreateUnicodeStringFromAsciiz
NtOpenDirectoryObject
NtSetSecurityObject
NtQuerySecurityObject
NtQueryInformationProcess
wcstol
ZwQueryWnfStateData
wcsncmp
wcsnlen
RtlDeleteHashTable
RtlInitStrongEnumerationHashTable
RtlLookupEntryHashTable
RtlStronglyEnumerateEntryHashTable
strnlen
RtlInsertEntryHashTable
RtlInitEnumerationHashTable
RtlRemoveEntryHashTable
strncmp
RtlEndStrongEnumerationHashTable
RtlCreateHashTable
RtlEndEnumerationHashTable
RtlEnumerateEntryHashTable
RtlQueryPackageClaims
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlCompareUnicodeString
wcsrchr
wcsncpy_s
iswspace
qsort
NtRaiseHardError
NtCallbackReturn
wcsncat_s
RtlIsNameLegalDOS8Dot3
RtlRetrieveNtUserPfn
RtlInitializeNtUserPfn
NtProtectVirtualMemory
_stricmp
RtlGetIntegerAtom
RtlDeleteCriticalSection
RtlResetNtUserPfn
RtlQueryInformationActiveActivationContext
RtlQueryElevationFlags
NtQuerySystemInformation
RtlInitializeCriticalSection
RtlEqualUnicodeString
LdrQueryImageFileExecutionOptions
isspace
sscanf_s
strrchr
strcpy_s
RtlSizeHeap
RtlGetThreadLangIdByIndex
RtlRunEncodeUnicodeString
RtlRunDecodeUnicodeString
_wcsicmp
RtlReAllocateHeap
RtlNtStatusToDosError
RtlGetActiveConsoleId
CsrFreeCaptureBuffer
CsrClientCallServer
CsrAllocateMessagePointer
CsrAllocateCaptureBuffer
NtOpenProcessToken
NtOpenThreadToken
RtlFreeSid
NtQueryInformationToken
RtlAllocateAndInitializeSid
NtQueryVirtualMemory
_vsnwprintf
RtlUnicodeToMultiByteSize
RtlIsThreadWithinLoaderCallout
RtlReleaseActivationContext
RtlFindActivationContextSectionString
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeN
RtlEnterCriticalSection
RtlLeaveCriticalSection
wcscat_s
wcscpy_s
NtQueryValueKey
NtEnumerateKey
NtClose
NtOpenKey
RtlOpenCurrentUser
RtlUnicodeStringToInteger
RtlInitUnicodeString
swprintf_s
RtlFreeHeap
RtlAllocateHeap
memmove
memcpy
api-ms-win-core-localization-l1-2-0
GetSystemDefaultLangID
IsDBCSLeadByteEx
GetThreadLocale
IsValidLocale
ConvertDefaultLocale
GetACP
GetOEMCP
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoW
IsDBCSLeadByte
api-ms-win-core-registry-l1-1-0
RegQueryValueExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegGetValueW
RegDeleteKeyExW
RegCloseKey
api-ms-win-core-heap-l2-1-0
LocalLock
GlobalFree
GlobalAlloc
LocalFree
LocalAlloc
LocalReAlloc
LocalUnlock
api-ms-win-core-libraryloader-l1-2-0
GetModuleHandleExW
GetModuleFileNameA
DisableThreadLibraryCalls
GetModuleHandleW
FindResourceExW
LoadLibraryExW
GetProcAddress
LoadResource
EnumResourceNamesExW
GetModuleHandleA
FreeLibrary
GetModuleFileNameW
SizeofResource
api-ms-win-eventing-provider-l1-1-0
EventProviderEnabled
EventSetInformation
EventActivityIdControl
EventUnregister
EventRegister
EventWriteTransfer
api-ms-win-core-processthreads-l1-1-0
GetCurrentThreadId
GetCurrentProcessId
GetCurrentThread
TerminateProcess
ExitThread
ProcessIdToSessionId
GetCurrentProcess
CreateThread
OpenProcessToken
CreateProcessW
GetExitCodeThread
OpenThreadToken
api-ms-win-core-synch-l1-1-0
WaitForMultipleObjectsEx
ReleaseSRWLockExclusive
LeaveCriticalSection
EnterCriticalSection
AcquireSRWLockShared
ReleaseSRWLockShared
AcquireSRWLockExclusive
InitializeSRWLock
SetEvent
OpenEventW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
CompareStringW
FoldStringW
CompareStringOrdinal
api-ms-win-core-sysinfo-l1-1-0
GetVersionExW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetSystemDirectoryW
api-ms-win-security-base-l1-1-0
GetTokenInformation
CheckTokenMembership
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-string-l2-1-0
CharUpperW
IsCharAlphaW
CharPrevW
CharLowerBuffW
CharNextW
CharUpperBuffW
CharLowerW
IsCharLowerW
IsCharAlphaNumericW
IsCharUpperW
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
SearchPathW
GetCurrentDirectoryW
SetCurrentDirectoryW
api-ms-win-core-file-l1-1-0
ReadFile
SetFileTime
CreateFileW
GetFileSize
FindFirstFileW
FindClose
GetLogicalDrives
FindNextFileW
api-ms-win-core-processthreads-l1-1-1
GetProcessMitigationPolicy
api-ms-win-core-memory-l1-1-0
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
QueryPerformanceFrequency
api-ms-win-core-heap-l1-1-0
GetProcessHeap
HeapFree
api-ms-win-core-memory-l1-1-3
SetProcessValidCallTargets
api-ms-win-core-privateprofile-l1-1-0
GetPrivateProfileStringW
WritePrivateProfileStringW
api-ms-win-core-atoms-l1-1-0
GlobalFindAtomA
GlobalAddAtomW
GetAtomNameW
DeleteAtom
AddAtomA
GlobalDeleteAtom
GlobalFindAtomW
GlobalGetAtomNameW
GlobalGetAtomNameA
GlobalAddAtomA
AddAtomW
GetAtomNameA
api-ms-win-core-heap-obsolete-l1-1-0
GlobalSize
LocalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFlags
GlobalHandle
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
lstrlenW
lstrlenA
api-ms-win-core-localization-obsolete-l1-2-0
GetStringTypeA
api-ms-win-core-stringansi-l1-1-0
CharPrevA
CharNextExA
CharNextA
CharPrevExA
IsCharUpperA
IsCharAlphaNumericA
IsCharLowerA
CharUpperBuffA
CharLowerBuffA
IsCharAlphaA
CharUpperA
CharLowerA
api-ms-win-core-sidebyside-l1-1-0
QueryActCtxSettingsW
api-ms-win-core-kernel32-private-l1-1-0
RegisterWaitForInputIdle
kernelbase
WTSGetServiceSessionId
LoadStringBaseExW
api-ms-win-core-kernel32-legacy-l1-1-0
FindResourceExA
MulDiv
api-ms-win-core-appinit-l1-1-0
LoadAppInitDlls
gdi32
SaveDC
CreateBitmap
DeleteObject
SetBkMode
SelectObject
IntersectClipRect
SetTextAlign
GetTextAlign
GetStockObject
SetBkColor
SetTextColor
GetObjectW
GetBkColor
GetLayout
GdiGetBitmapBitsSize
GetDIBColorTable
GetDeviceCaps
StretchDIBits
CreateCompatibleDC
GetMapMode
GetHFONT
ExtSelectClipRgn
GetClipRgn
SetGraphicsMode
GetDCOrgEx
GdiTrackHDelete
GdiFixUpHandle
GdiPrinterThunk
GdiLoadType1Fonts
GdiAddFontResourceW
GetRgnBox
ExtCreateRegion
GetRegionData
EnableEUDC
TextOutA
GdiReleaseDC
GdiConvertBitmapV5
GdiConvertToDevmodeW
GetClipBox
MirrorRgn
OffsetRgn
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateRectRgn
GetBoundsRect
SetLayout
PlayEnhMetaFile
ExcludeClipRect
StretchBlt
Ellipse
CreateEllipticRgn
Rectangle
CreatePen
CreateBrushIndirect
PolyPatBlt
SetViewportOrgEx
GetViewportOrgEx
GetCurrentObject
GetTextCharacterExtra
SetTextCharacterExtra
SetLayoutWidth
GdiConvertAndCheckDC
SetBoundsRect
CreateSolidBrush
GdiProcessSetup
GdiDllInitialize
CopyEnhMetaFileW
CopyMetaFileW
SetPaletteEntries
CreatePalette
GetPaletteEntries
DeleteEnhMetaFile
DeleteMetaFile
GetPixel
GetTextCharsetInfo
QueryFontAssocStatus
ExtTextOutA
GetCharWidthInfo
GetCharWidthA
GetTextExtentPointA
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsA
SetBrushOrgEx
GetDCDpiScaleValue
GetTextFaceAliasW
EnumFontsW
CreateFontIndirectW
TranslateCharsetInfo
GdiCreateLocalEnhMetaFile
GdiCreateLocalMetaFilePict
GdiConvertEnhMetaFile
GdiConvertMetaFilePict
GetTextColor
GetTextMetricsW
TextOutW
GetWindowExtEx
GetViewportExtEx
GetBkMode
GdiGetCharDimensions
GetTextCharset
GdiGetCodePage
GetTextExtentPointW
ExtTextOutW
RestoreDC
OffsetWindowOrgEx
BitBlt
GetObjectType
GetDIBits
SetDIBits
RealizePalette
SelectPalette
SetStretchBltMode
CreateDIBSection
PatBlt
SetBitmapBits
CreateCompatibleBitmap
CreateDIBitmap
CreateDCW
GdiTrackHCreate
DeleteDC
GdiValidateHandle
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
ResolveDelayLoadsFromDll
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
Exports
Exports
ActivateKeyboardLayout
AddClipboardFormatListener
AddVisualIdentifier
AdjustWindowRect
AdjustWindowRectEx
AdjustWindowRectExForDpi
AlignRects
AllowForegroundActivation
AllowSetForegroundWindow
AnimateWindow
AnyPopup
AppendMenuA
AppendMenuW
AreDpiAwarenessContextsEqual
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BlockInput
BringWindowToTop
BroadcastSystemMessage
BroadcastSystemMessageA
BroadcastSystemMessageExA
BroadcastSystemMessageExW
BroadcastSystemMessageW
BuildReasonArray
CalcMenuBar
CalculatePopupWindowPosition
CallMsgFilter
CallMsgFilterA
CallMsgFilterW
CallNextHookEx
CallWindowProcA
CallWindowProcW
CancelShutdown
CascadeChildWindows
CascadeWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
ChangeWindowMessageFilter
ChangeWindowMessageFilterEx
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckBannedOneCoreTransformApi
CheckDBCSEnabledExt
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckProcessForClipboardAccess
CheckProcessSession
CheckRadioButton
CheckWindowThreadDesktop
ChildWindowFromPoint
ChildWindowFromPointEx
CliImmSetHotKey
ClientThreadSetup
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CloseGestureInfoHandle
CloseTouchInputHandle
CloseWindow
CloseWindowStation
ConsoleControl
ControlMagnification
CopyAcceleratorTableA
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateCaret
CreateCursor
CreateDCompositionHwndTarget
CreateDesktopA
CreateDesktopExA
CreateDesktopExW
CreateDesktopW
CreateDialogIndirectParamA
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
CreateIcon
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMDIWindowA
CreateMDIWindowW
CreateMenu
CreatePopupMenu
CreateSyntheticPointerDevice
CreateSystemThreads
CreateWindowExA
CreateWindowExW
CreateWindowInBand
CreateWindowInBandEx
CreateWindowIndirect
CreateWindowStationA
CreateWindowStationW
CsrBroadcastSystemMessageExW
CtxInitUser32
DdeAbandonTransaction
DdeAccessData
DdeAddData
DdeClientTransaction
DdeCmpStringHandles
DdeConnect
DdeConnectList
DdeCreateDataHandle
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeDisconnect
DdeDisconnectList
DdeEnableCallback
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeGetQualityOfService
DdeImpersonateClient
DdeInitializeA
DdeInitializeW
DdeKeepStringHandle
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeSetQualityOfService
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefDlgProcA
DefDlgProcW
DefFrameProcA
DefFrameProcW
DefMDIChildProcA
DefMDIChildProcW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeferWindowPosAndBand
DelegateInput
DeleteMenu
DeregisterShellHookWindow
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyDCompositionHwndTarget
DestroyIcon
DestroyMenu
DestroyReasons
DestroySyntheticPointerDevice
DestroyWindow
DialogBoxIndirectParamA
DialogBoxIndirectParamAorW
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DisableProcessWindowsGhosting
DispatchMessageA
DispatchMessageW
DisplayConfigGetDeviceInfo
DisplayConfigSetDeviceInfo
DisplayExitWindowsWarnings
DlgDirListA
DlgDirListComboBoxA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExA
DlgDirSelectComboBoxExW
DlgDirSelectExA
DlgDirSelectExW
DoSoundConnect
DoSoundDisconnect
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawCaptionTempA
DrawCaptionTempW
DrawEdge
DrawFocusRect
DrawFrame
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawMenuBarTemp
DrawStateA
DrawStateW
DrawTextA
DrawTextExA
DrawTextExW
DrawTextW
DwmGetDxRgn
DwmGetDxSharedSurface
DwmGetRemoteSessionOcclusionEvent
DwmGetRemoteSessionOcclusionState
DwmKernelShutdown
DwmKernelStartup
DwmLockScreenUpdates
DwmValidateWindow
EditWndProc
EmptyClipboard
EnableMenuItem
EnableMouseInPointer
EnableNonClientDpiScaling
EnableOneCoreTransformMode
EnableScrollBar
EnableSessionForMMCSS
EnableWindow
EndDeferWindowPos
EndDeferWindowPosEx
EndDialog
EndMenu
EndPaint
EndTask
EnterReaderModeHelper
EnumChildWindows
EnumClipboardFormats
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesA
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsA
EnumWindowStationsW
EnumWindows
EqualRect
EvaluateProximityToPolygon
EvaluateProximityToRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
FlashWindow
FlashWindowEx
FrameRect
FreeDDElParam
FrostCrashedWindow
GetActiveWindow
GetAltTabInfo
GetAltTabInfoA
GetAltTabInfoW
GetAncestor
GetAppCompatFlags
GetAppCompatFlags2
GetAsyncKeyState
GetAutoRotationState
GetAwarenessFromDpiAwarenessContext
GetCIMSSM
GetCapture
GetCaretBlinkTime
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClassNameW
GetClassWord
GetClientRect
GetClipCursor
GetClipboardAccessToken
GetClipboardData
GetClipboardFormatNameA
GetClipboardFormatNameW
GetClipboardOwner
GetClipboardSequenceNumber
GetClipboardViewer
GetComboBoxInfo
GetCurrentInputMessageSource
GetCursor
GetCursorFrameInfo
GetCursorInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopID
GetDesktopWindow
GetDialogBaseUnits
GetDialogControlDpiChangeBehavior
GetDialogDpiChangeBehavior
GetDisplayAutoRotationPreferences
GetDisplayConfigBufferSizes
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetDpiAwarenessContextForProcess
GetDpiForMonitorInternal
GetDpiForSystem
GetDpiForWindow
GetDpiFromDpiAwarenessContext
GetExtendedPointerDeviceProperty
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGestureConfig
GetGestureExtraArgs
GetGestureInfo
GetGuiResources
GetIconInfo
GetIconInfoExA
GetIconInfoExW
GetInputDesktop
GetInputLocaleInfo
GetInputState
GetInternalWindowPos
GetKBCodePage
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetListBoxInfo
GetMagnificationDesktopColorEffect
GetMagnificationDesktopMagnification
GetMagnificationDesktopSamplingMode
GetMagnificationLensCtxInformation
GetMenu
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoA
GetMonitorInfoW
GetMouseMovePointsEx
GetNextDlgGroupItem
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPhysicalCursorPos
GetPointerCursorId
GetPointerDevice
GetPointerDeviceCursors
GetPointerDeviceOrientation
GetPointerDeviceProperties
GetPointerDeviceRects
GetPointerDevices
GetPointerFrameArrivalTimes
GetPointerFrameInfo
GetPointerFrameInfoHistory
GetPointerFramePenInfo
GetPointerFramePenInfoHistory
GetPointerFrameTimes
GetPointerFrameTouchInfo
GetPointerFrameTouchInfoHistory
GetPointerInfo
GetPointerInfoHistory
GetPointerInputTransform
GetPointerPenInfo
GetPointerPenInfoHistory
GetPointerTouchInfo
GetPointerTouchInfoHistory
GetPointerType
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetProcessDpiAwarenessInternal
GetProcessUIContextInformation
GetProcessWindowStation
GetProgmanWindow
GetPropA
GetPropW
GetQueueStatus
GetRawInputBuffer
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetRawPointerDeviceData
GetReasonTitleFromReasonCode
GetRegisteredRawInputDevices
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetSendMessageReceiver
GetShellChangeNotifyWindow
GetShellWindow
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemDpiForProcess
GetSystemMenu
GetSystemMetrics
GetSystemMetricsForDpi
GetTabbedTextExtentA
GetTabbedTextExtentW
GetTaskmanWindow
GetThreadDesktop
GetThreadDpiAwarenessContext
GetThreadDpiHostingBehavior
GetTitleBarInfo
GetTopLevelWindow
GetTopWindow
GetTouchInputInfo
GetUnpredictedMessagePos
GetUpdateRect
GetUpdateRgn
GetUpdatedClipboardFormats
GetUserObjectInformationA
GetUserObjectInformationW
GetUserObjectSecurity
GetWinStationInfo
GetWindow
GetWindowBand
GetWindowCompositionAttribute
GetWindowCompositionInfo
GetWindowContextHelpId
GetWindowDC
GetWindowDisplayAffinity
GetWindowDpiAwarenessContext
GetWindowDpiHostingBehavior
GetWindowFeedbackSetting
GetWindowInfo
GetWindowLongA
GetWindowLongW
GetWindowMinimizeRect
GetWindowModuleFileName
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowProcessHandle
GetWindowRect
GetWindowRgn
GetWindowRgnBox
GetWindowRgnEx
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
Sections
.text Size: 642KB - Virtual size: 641KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 33KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 900KB - Virtual size: 900KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ