Static task
static1
Behavioral task
behavioral1
Sample
4365ccdd9c538488e3a78e08f2ca0d03_JaffaCakes118.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
4365ccdd9c538488e3a78e08f2ca0d03_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
4365ccdd9c538488e3a78e08f2ca0d03_JaffaCakes118
-
Size
389KB
-
MD5
4365ccdd9c538488e3a78e08f2ca0d03
-
SHA1
35668b656986bb511e02882a2a8a57f53cb9ac39
-
SHA256
9fb6ada42f74f97ef204b0e1882888a0382c5c47ed4d7c6bbc51a15098cde0a2
-
SHA512
5744efc5c09f1c6fd8f3c2d4e0e00d28df1011a019e9b857f9ee87dff0618f8dc438bb503c2841edab565890c96a01704db9e8af8fa7ad4c7d092efc982bbeac
-
SSDEEP
6144:DiKSccSLrM5HaAtStm3ckeklEF6ngsTkWLHRH7Zf7jbJDdKP5uJsxo9dWD4YyM:D9c++HRAtm3ckZngXWLHRH75JdKPgYyM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4365ccdd9c538488e3a78e08f2ca0d03_JaffaCakes118
Files
-
4365ccdd9c538488e3a78e08f2ca0d03_JaffaCakes118.exe windows:4 windows x86 arch:x86
f6fc058a35a094b8cb4eea21168f136f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemTime
VirtualProtect
DebugBreak
GetOEMCP
GetStdHandle
ReleaseMutex
SetThreadExecutionState
VirtualUnlock
EscapeCommFunction
GetCommandLineA
GetLocaleInfoA
GetDefaultCommConfigW
GetCPInfoExA
SetConsoleTitleA
VirtualProtectEx
GetVersionExA
lstrlenA
VirtualQueryEx
_hwrite
CreateThread
FindFirstFileA
GetSystemInfo
GetConsoleTitleA
WritePrivateProfileStringA
PurgeComm
DefineDosDeviceA
SetConsoleCursorPosition
CreateMailslotA
BeginUpdateResourceW
SetConsoleScreenBufferSize
_lcreat
GenerateConsoleCtrlEvent
SetEndOfFile
GetStringTypeExW
GetTickCount
DuplicateHandle
CreateFileMappingA
SetHandleInformation
SetThreadPriority
CreateToolhelp32Snapshot
GetTapeParameters
LoadLibraryW
CopyFileW
GetEnvironmentStrings
IsDBCSLeadByte
SetErrorMode
lstrcatA
GetSystemDefaultLCID
TransactNamedPipe
UnlockFileEx
GetFileAttributesExW
ResumeThread
ExpandEnvironmentStringsW
GetFileInformationByHandle
GetWindowsDirectoryW
LocalLock
CallNamedPipeW
AddAtomW
QueryDosDeviceA
GetLargestConsoleWindowSize
FindResourceA
WritePrivateProfileStructA
lstrcmpA
GetTapeStatus
GetCompressedFileSizeA
SetSystemPowerState
Thread32First
LoadLibraryExA
QueryPerformanceCounter
GetModuleFileNameW
SearchPathA
DefineDosDeviceW
WriteFile
HeapWalk
FindFirstChangeNotificationW
GlobalGetAtomNameA
InterlockedIncrement
SetEnvironmentVariableW
Module32First
FreeLibraryAndExitThread
GetConsoleCursorInfo
GetConsoleCP
GetCalendarInfoW
GetConsoleTitleW
GetBinaryTypeA
FillConsoleOutputAttribute
CommConfigDialogA
TlsGetValue
DeleteAtom
GetSystemPowerStatus
ReadFileScatter
Beep
TerminateThread
ScrollConsoleScreenBufferA
IsBadStringPtrW
LocalReAlloc
FindClose
GetLogicalDrives
SetCurrentDirectoryA
GetProcessTimes
LoadModule
GetCurrencyFormatA
SetTimeZoneInformation
EnumDateFormatsW
SetCurrentDirectoryW
GetDateFormatA
GetFileAttributesExA
GetUserDefaultLangID
CreateFileA
CreateSemaphoreA
VirtualAllocEx
GetPrivateProfileIntW
SetThreadPriorityBoost
CloseHandle
ReadConsoleOutputW
GetDriveTypeW
GetCurrentThreadId
HeapUnlock
ReadFile
ExitThread
GlobalFree
MulDiv
WriteConsoleInputA
SetMessageWaitingIndicator
MoveFileW
SetSystemTimeAdjustment
CreateMutexA
EnumResourceNamesW
Thread32Next
EndUpdateResourceW
_lread
GetProcessShutdownParameters
WriteProfileStringA
ScrollConsoleScreenBufferW
lstrcmpiA
WritePrivateProfileStringW
IsValidLocale
FlushConsoleInputBuffer
ConnectNamedPipe
GetFullPathNameA
WriteProfileSectionW
HeapValidate
GetComputerNameA
GlobalHandle
GlobalReAlloc
GetStringTypeA
HeapFree
GetStringTypeExA
FindNextFileA
_lwrite
LocalFree
FatalAppExitW
CreateProcessA
GetCommTimeouts
GetTempPathW
SetConsoleCtrlHandler
LockFile
DeleteFileA
GetConsoleScreenBufferInfo
CreateDirectoryA
lstrcpynA
OpenSemaphoreW
TlsSetValue
FileTimeToLocalFileTime
CreateEventW
UpdateResourceW
DebugActiveProcess
GlobalLock
GetCurrentThread
FormatMessageW
GetPrivateProfileStructA
IsSystemResumeAutomatic
GetTempPathA
CreateDirectoryExW
GetFileType
GetVersionExW
GetNamedPipeHandleStateW
LocalFileTimeToFileTime
GetEnvironmentStringsW
GetCPInfo
GetCommandLineW
OpenSemaphoreA
UnhandledExceptionFilter
GetThreadSelectorEntry
FlushInstructionCache
lstrcatW
GetLocalTime
GetHandleInformation
OpenFileMappingA
GetDiskFreeSpaceA
PulseEvent
SetCommConfig
OpenEventW
WaitForSingleObject
_llseek
SetThreadAffinityMask
GlobalWire
Toolhelp32ReadProcessMemory
SetStdHandle
RequestWakeupLatency
GetPrivateProfileStructW
FindNextFileW
GetModuleHandleW
SetLocaleInfoW
EnumCalendarInfoW
SetProcessPriorityBoost
WriteConsoleOutputCharacterA
Module32Next
BuildCommDCBAndTimeoutsA
GetThreadPriority
ResetEvent
WritePrivateProfileSectionA
GetNumberFormatA
GetProcessPriorityBoost
SetComputerNameA
WinExec
FindResourceW
SuspendThread
SetupComm
SetComputerNameW
MoveFileExW
CompareStringA
LoadLibraryA
GetConsoleMode
FindResourceExW
IsDBCSLeadByteEx
ExitProcess
GetSystemTimeAsFileTime
BackupRead
WriteConsoleOutputA
CreateFileW
OpenMutexW
WideCharToMultiByte
FindFirstChangeNotificationA
MapViewOfFileEx
TerminateProcess
GlobalMemoryStatus
CreateProcessW
ReadConsoleOutputAttribute
VirtualLock
LocalFlags
_lopen
QueryPerformanceFrequency
lstrcpynW
GetACP
GetAtomNameA
HeapSize
SetConsoleCP
GetCurrentDirectoryA
FileTimeToDosDateTime
CreateMailslotW
GetModuleHandleA
GetDefaultCommConfigA
GlobalFlags
SetConsoleCursorInfo
GetProfileStringA
DisconnectNamedPipe
GetPrivateProfileSectionNamesW
EnumSystemCodePagesW
GlobalUnWire
FatalExit
IsBadReadPtr
GetThreadLocale
GetNamedPipeInfo
SetFileAttributesW
GetWindowsDirectoryA
SystemTimeToTzSpecificLocalTime
InterlockedCompareExchange
GetVolumeInformationW
GetDiskFreeSpaceW
GetEnvironmentVariableA
Heap32Next
EnumResourceLanguagesA
CreateRemoteThread
CreateEventA
FreeConsole
FillConsoleOutputCharacterA
EnumSystemLocalesW
MoveFileExA
FindResourceExA
LocalHandle
LCMapStringA
ConvertDefaultLocale
EnumDateFormatsA
WriteFileGather
EnumTimeFormatsW
FindFirstFileW
SetLocaleInfoA
lstrcmpW
ReadConsoleInputA
GetPriorityClass
GlobalFix
SetLastError
GetProfileSectionW
WriteProfileStringW
FoldStringW
GetLogicalDriveStringsW
lstrcpyW
SetCommMask
WriteConsoleOutputAttribute
SetThreadContext
GetTimeFormatW
GetCurrentProcessId
GetLocaleInfoW
PeekNamedPipe
LoadLibraryExW
LocalUnlock
GetProfileSectionA
GetLongPathNameW
EndUpdateResourceA
GetCompressedFileSizeW
GetStartupInfoA
Sleep
GetCommProperties
lstrcpyA
ExpandEnvironmentStringsA
GlobalUnfix
GetTimeFormatA
AddAtomA
SystemTimeToFileTime
GetThreadTimes
GetStringTypeW
WriteConsoleW
GetSystemDefaultLangID
LocalCompact
ReadConsoleInputW
SetHandleCount
FindAtomA
VirtualFreeEx
HeapLock
EnterCriticalSection
GetProcessHeap
GetThreadContext
GetProfileStringW
InterlockedExchangeAdd
GetDevicePowerState
GetSystemTimeAdjustment
CreateSemaphoreW
Heap32First
CreateTapePartition
SetTapeParameters
WriteConsoleA
GetProcessWorkingSetSize
ReadProcessMemory
MultiByteToWideChar
HeapDestroy
user32
CopyRect
ScrollWindowEx
SetWindowPos
GetClientRect
IsWindowEnabled
SetMessageExtraInfo
MessageBoxIndirectW
GetWindowWord
CreateDesktopW
FillRect
TranslateMDISysAccel
GetDesktopWindow
DrawCaption
SetPropA
IsCharLowerA
IsIconic
SendNotifyMessageW
SetSystemCursor
GetDCEx
EnumWindowStationsW
SetCursor
SetFocus
CloseClipboard
GetMessageExtraInfo
WinHelpA
FindWindowExA
GetClassInfoW
EmptyClipboard
ClipCursor
IsCharAlphaA
GetParent
WaitMessage
DestroyAcceleratorTable
OemToCharBuffW
SetScrollInfo
DrawMenuBar
SetCapture
LoadCursorW
ChangeDisplaySettingsExW
LoadImageA
CharNextW
IsRectEmpty
DialogBoxIndirectParamA
CreateDialogParamA
TabbedTextOutW
RegisterWindowMessageA
CreateMDIWindowA
CreateWindowStationW
ChangeMenuA
GetPropW
LockWindowUpdate
GetScrollRange
SetWindowTextA
CopyAcceleratorTableW
DestroyIcon
GetWindowThreadProcessId
ReleaseCapture
SetDlgItemTextA
LoadAcceleratorsW
DefMDIChildProcA
GetClassNameA
GetCaretPos
GetMenuItemRect
MapDialogRect
ChangeDisplaySettingsW
GetClassNameW
GetKeyboardType
RegisterClassW
SetForegroundWindow
EnumPropsW
IsCharAlphaNumericA
mouse_event
GetShellWindow
GetActiveWindow
CheckMenuItem
OffsetRect
SetMenuContextHelpId
SetParent
TabbedTextOutA
CreateCaret
LoadAcceleratorsA
ShowScrollBar
EnumThreadWindows
GetDoubleClickTime
DrawStateW
UnregisterHotKey
TrackPopupMenuEx
LoadMenuA
CascadeWindows
IsDialogMessageA
DrawFocusRect
DragDetect
DefMDIChildProcW
SetClassWord
SetScrollPos
CreateAcceleratorTableA
RegisterClassExA
DrawTextA
DefDlgProcW
SetCaretPos
MessageBoxExA
GetMenuStringW
SetWindowsHookA
GetMessageTime
EnableScrollBar
SetMenuItemInfoA
TrackPopupMenu
SetClipboardViewer
DrawFrameControl
SetMessageQueue
GetTabbedTextExtentA
MessageBeep
MessageBoxW
DlgDirSelectComboBoxExW
GetScrollPos
DestroyCaret
BeginPaint
LoadCursorFromFileA
GetKeyboardState
GetCursorPos
GetKeyboardLayoutList
GetWindowDC
CharToOemBuffW
SendNotifyMessageA
RemovePropW
GetDlgItemInt
GetFocus
InsertMenuA
SetMenuDefaultItem
RegisterHotKey
wsprintfA
GetNextDlgGroupItem
DestroyMenu
SetThreadDesktop
MapVirtualKeyA
GetInputState
GetMenuItemInfoW
GetForegroundWindow
SubtractRect
CharUpperA
EndPaint
SetMenu
DlgDirListComboBoxA
GetClassLongA
SetWindowsHookExW
GetMenuItemInfoA
FrameRect
ModifyMenuA
SetMenuItemInfoW
CopyImage
GetMenuStringA
DialogBoxIndirectParamW
GetClipboardViewer
GetMenuState
EnumDesktopsW
IsCharUpperW
LoadImageW
DeleteMenu
GetUserObjectInformationW
GetWindowLongW
CloseWindow
SetDlgItemInt
WinHelpW
SetUserObjectSecurity
SetWindowsHookExA
IsCharAlphaW
CallWindowProcA
SetRectEmpty
WindowFromPoint
ScreenToClient
AppendMenuA
PostThreadMessageW
DefWindowProcA
DrawIcon
CreateCursor
SendMessageTimeoutA
EnumWindowStationsA
CreateIconFromResourceEx
MsgWaitForMultipleObjects
GetIconInfo
BringWindowToTop
DlgDirListW
MenuItemFromPoint
GetClassInfoExW
EnumWindows
CreateAcceleratorTableW
ShowCaret
CharPrevExA
EndDeferWindowPos
SendMessageTimeoutW
IsCharAlphaNumericW
GetKeyboardLayoutNameA
CharUpperBuffW
ToUnicode
EnumDesktopWindows
ArrangeIconicWindows
VkKeyScanExA
MapVirtualKeyExA
OpenInputDesktop
SetSysColors
CheckMenuRadioItem
GetUserObjectInformationA
SetWindowLongA
DrawEdge
SetClipboardData
GetWindowPlacement
wvsprintfW
ActivateKeyboardLayout
CreateDialogIndirectParamA
SetWindowsHookW
SetRect
SwitchDesktop
GetUpdateRect
CharLowerBuffW
GetCursor
GetScrollInfo
SetScrollRange
DrawStateA
EnumPropsExW
LoadMenuW
CallMsgFilterA
RegisterClassA
IsWindow
MessageBoxIndirectA
CharPrevA
ChildWindowFromPointEx
CharLowerBuffA
UnhookWindowsHook
RegisterClassExW
SendMessageA
InflateRect
DispatchMessageW
GetCapture
ExitWindowsEx
DlgDirListA
IsClipboardFormatAvailable
RemovePropA
ShowCursor
GetClassInfoA
EnumDesktopsA
IsZoomed
GetKeyNameTextA
GetKeyNameTextW
GetKeyboardLayoutNameW
RegisterClipboardFormatA
MapWindowPoints
keybd_event
SetUserObjectInformationA
DialogBoxParamW
LoadCursorFromFileW
GetMenuDefaultItem
wvsprintfA
UnloadKeyboardLayout
GetClipboardFormatNameW
GetTopWindow
SystemParametersInfoW
CallMsgFilterW
GetKeyboardLayout
GetWindowContextHelpId
DrawTextW
UnionRect
SetCursorPos
LookupIconIdFromDirectory
IsDlgButtonChecked
DialogBoxParamA
LookupIconIdFromDirectoryEx
DefWindowProcW
KillTimer
GetClipboardOwner
InsertMenuItemW
MapVirtualKeyExW
VkKeyScanExW
LoadMenuIndirectA
DrawAnimatedRects
LoadKeyboardLayoutA
CountClipboardFormats
TranslateAcceleratorW
GetNextDlgTabItem
CallNextHookEx
CloseWindowStation
FindWindowW
SetUserObjectInformationW
MapVirtualKeyW
FlashWindow
EndDialog
EqualRect
GetKBCodePage
GetClipboardData
GetAsyncKeyState
CreateIconIndirect
SwapMouseButton
HideCaret
InvertRect
MessageBoxExW
SendMessageCallbackW
CharNextExA
SetWindowTextW
ScrollDC
GetUpdateRgn
IsChild
ValidateRgn
GetWindowTextLengthA
SetDlgItemTextW
OemKeyScan
gdi32
GetRasterizerCaps
PtInRegion
GetTextMetricsA
CreateDIBPatternBrush
TextOutA
CreateMetaFileW
CreateRoundRectRgn
SelectClipRgn
CreateScalableFontResourceW
DeleteMetaFile
DeleteObject
CreateDiscardableBitmap
CreateDCW
ExtTextOutA
InvertRgn
EnumFontFamiliesW
FlattenPath
TextOutW
GetTextMetricsW
CreateBitmap
SelectClipPath
CreateSolidBrush
DescribePixelFormat
SetPolyFillMode
CreatePatternBrush
CreateCompatibleBitmap
EnumFontsW
GetLogColorSpaceW
GetTextExtentPointW
GetMetaFileW
DeleteColorSpace
UpdateColors
IntersectClipRect
GetViewportExtEx
SetMetaRgn
GetMiterLimit
EnumFontFamiliesA
PlayEnhMetaFileRecord
GetOutlineTextMetricsW
GetSystemPaletteEntries
EnumICMProfilesA
UpdateICMRegKeyW
StrokeAndFillPath
Escape
SetSystemPaletteUse
PlayMetaFileRecord
CreatePalette
EqualRgn
CreateEnhMetaFileW
SetBkColor
CreatePen
PlgBlt
CloseFigure
EnumObjects
GetDIBColorTable
PolyTextOutA
GetTextCharsetInfo
GetCharABCWidthsFloatW
CreateEllipticRgn
GetEnhMetaFileW
CreateRectRgn
BitBlt
CreateBitmapIndirect
GetBkColor
GetTextExtentExPointA
GetPath
GetColorSpace
EnumICMProfilesW
GetCharacterPlacementW
AngleArc
GetDeviceGammaRamp
MoveToEx
GetKerningPairsA
LineDDA
EnumFontFamiliesExA
PlayEnhMetaFile
SwapBuffers
CreateEllipticRgnIndirect
RestoreDC
SetViewportOrgEx
SetWinMetaFileBits
CreateDIBPatternBrushPt
Polyline
LineTo
SetMiterLimit
CancelDC
SetDIBColorTable
CopyEnhMetaFileA
GetKerningPairsW
GetCurrentObject
CheckColorsInGamut
GetMetaRgn
GetPixelFormat
SetEnhMetaFileBits
SetDIBits
CreateFontIndirectA
RoundRect
UnrealizeObject
CreateColorSpaceW
CreatePenIndirect
SetDeviceGammaRamp
GetWinMetaFileBits
SetTextAlign
GetPaletteEntries
CreateDIBitmap
Pie
GetEnhMetaFilePaletteEntries
GetNearestPaletteIndex
FillRgn
PolyBezier
GetCharWidthFloatW
CopyMetaFileW
FloodFill
GetBitmapDimensionEx
GetDIBits
DPtoLP
GetGlyphOutlineW
SetViewportExtEx
GetDCOrgEx
GdiFlush
OffsetRgn
UpdateICMRegKeyA
GdiSetBatchLimit
GetFontLanguageInfo
SetICMProfileW
SetBrushOrgEx
SetBitmapBits
GetAspectRatioFilterEx
Polygon
ColorMatchToTarget
Ellipse
GdiComment
CreateFontW
StretchBlt
CreateColorSpaceA
PolyBezierTo
EnumFontsA
CreatePolygonRgn
CreateDCA
GetPixel
GetEnhMetaFileA
Arc
GetCurrentPositionEx
SetWindowOrgEx
ExtCreatePen
GetMetaFileA
EndDoc
AddFontResourceW
EnumMetaFile
GdiGetBatchLimit
GetTextAlign
GetSystemPaletteUse
GetObjectA
SetPixelV
GetCharWidthFloatA
ScaleWindowExtEx
GetStockObject
GetROP2
PathToRegion
GetBoundsRect
ExcludeClipRect
OffsetClipRgn
FrameRgn
StrokePath
GetWorldTransform
RemoveFontResourceW
SetROP2
GetStretchBltMode
GetCharacterPlacementA
GetTextExtentPoint32W
Rectangle
GetDeviceCaps
OffsetWindowOrgEx
PolyTextOutW
LPtoDP
SaveDC
GetCharWidthW
GetRegionData
PatBlt
GetBitmapBits
TranslateCharsetInfo
PlayMetaFile
PolyPolyline
CreateHatchBrush
SelectPalette
ScaleViewportExtEx
AbortDoc
DeleteDC
PolyPolygon
GetEnhMetaFileBits
GetGlyphOutlineA
SetColorSpace
CreateCompatibleDC
CloseMetaFile
comdlg32
GetSaveFileNameW
ReplaceTextA
GetOpenFileNameW
ChooseFontW
PrintDlgW
PageSetupDlgW
ChooseColorA
ReplaceTextW
advapi32
RegSaveKeyW
RegQueryMultipleValuesW
QueryServiceConfigA
RevertToSelf
LookupPrivilegeDisplayNameW
GetAce
RegSetValueA
GetTrusteeTypeA
OpenSCManagerW
ObjectPrivilegeAuditAlarmW
DeleteAce
GetSecurityDescriptorLength
SetKernelObjectSecurity
ObjectOpenAuditAlarmA
FreeSid
SetTokenInformation
SetNamedSecurityInfoA
StartServiceCtrlDispatcherW
SetServiceBits
GetAuditedPermissionsFromAclA
RegEnumValueW
AddAccessDeniedAce
BuildImpersonateTrusteeW
CryptGetDefaultProviderA
ClearEventLogW
DuplicateTokenEx
GetServiceKeyNameW
AddAccessAllowedAce
BuildExplicitAccessWithNameA
MapGenericMask
RegOpenKeyW
EnumServicesStatusW
ClearEventLogA
CryptDuplicateKey
CreateProcessAsUserA
CreatePrivateObjectSecurity
LookupPrivilegeValueW
RegEnumKeyA
RegQueryMultipleValuesA
GetServiceDisplayNameA
GetServiceDisplayNameW
GetMultipleTrusteeOperationA
GetNamedSecurityInfoA
GetSecurityDescriptorControl
CryptAcquireContextW
CryptDuplicateHash
GetAuditedPermissionsFromAclW
GetSecurityInfo
GetTrusteeNameW
LogonUserW
CryptGenRandom
RegSetValueExW
CryptVerifySignatureW
AreAnyAccessesGranted
CreateServiceA
GetExplicitEntriesFromAclW
SetSecurityDescriptorSacl
EnumDependentServicesW
CryptEnumProvidersA
DuplicateToken
BuildTrusteeWithNameA
ImpersonateNamedPipeClient
RegFlushKey
BuildTrusteeWithSidA
AddAce
CreateProcessAsUserW
AdjustTokenPrivileges
GetMultipleTrusteeA
CryptSetKeyParam
CryptGetProvParam
MakeSelfRelativeSD
CryptGetHashParam
IsValidSid
SetEntriesInAclA
SetSecurityInfo
GetSidSubAuthorityCount
QueryServiceLockStatusA
CryptDestroyKey
CryptGetUserKey
StartServiceA
ObjectCloseAuditAlarmW
SetFileSecurityA
InitializeSecurityDescriptor
CryptGenKey
GetTrusteeNameA
IsTextUnicode
IsValidAcl
AdjustTokenGroups
LookupSecurityDescriptorPartsW
CryptSignHashA
GetLengthSid
RegDeleteValueA
DeleteService
CryptDeriveKey
RegCreateKeyExW
BuildImpersonateExplicitAccessWithNameA
CryptEnumProviderTypesA
ChangeServiceConfigA
AccessCheckAndAuditAlarmA
RegSetValueExA
BuildImpersonateExplicitAccessWithNameW
BuildSecurityDescriptorA
CryptSetProviderA
CryptSetProviderExW
GetFileSecurityA
GetUserNameA
AreAllAccessesGranted
ObjectDeleteAuditAlarmW
InitiateSystemShutdownW
ChangeServiceConfigW
ControlService
StartServiceW
QueryServiceObjectSecurity
QueryServiceLockStatusW
AccessCheck
EqualSid
InitiateSystemShutdownA
GetSecurityDescriptorGroup
GetEffectiveRightsFromAclW
RegEnumValueA
LookupSecurityDescriptorPartsA
SetAclInformation
LookupAccountSidW
RegLoadKeyA
RegQueryValueExA
OpenServiceW
PrivilegeCheck
LogonUserA
BuildTrusteeWithNameW
LookupPrivilegeNameW
GetTrusteeTypeW
AccessCheckAndAuditAlarmW
ReportEventA
CryptEnumProviderTypesW
SetServiceStatus
BackupEventLogA
CryptSetProviderW
OpenEventLogA
UnlockServiceDatabase
RegConnectRegistryW
GetSecurityDescriptorSacl
OpenBackupEventLogW
GetAclInformation
OpenBackupEventLogA
GetSidLengthRequired
RegEnumKeyExA
GetPrivateObjectSecurity
SetThreadToken
GetSecurityDescriptorDacl
CryptSetProvParam
IsValidSecurityDescriptor
LookupPrivilegeValueA
ImpersonateSelf
RegEnumKeyExW
ReadEventLogA
SetSecurityDescriptorGroup
ObjectPrivilegeAuditAlarmA
CryptVerifySignatureA
CryptReleaseContext
GetFileSecurityW
CryptDecrypt
RegSetValueW
RegDeleteValueW
BuildImpersonateTrusteeA
RegReplaceKeyA
RegSetKeySecurity
RegGetKeySecurity
BuildExplicitAccessWithNameW
RegUnLoadKeyW
LookupPrivilegeNameA
LookupAccountSidA
BuildSecurityDescriptorW
BackupEventLogW
OpenProcessToken
RegisterEventSourceW
AllocateAndInitializeSid
AbortSystemShutdownW
shell32
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetDataFromIDListA
ShellExecuteExW
SHLoadInProc
FindExecutableW
ShellExecuteExA
Shell_NotifyIconA
DragQueryFileA
SHInvokePrinterCommandA
Shell_NotifyIconW
SHGetPathFromIDListA
SHQueryRecycleBinA
ExtractIconExW
SHChangeNotify
SHGetSpecialFolderPathA
DoEnvironmentSubstW
SHGetSpecialFolderPathW
ExtractIconExA
DragQueryPoint
DragAcceptFiles
SHEmptyRecycleBinA
SHGetSettings
CommandLineToArgvW
SHGetFileInfoA
ExtractAssociatedIconExW
DoEnvironmentSubstA
ShellExecuteW
SHGetDesktopFolder
SHFormatDrive
FindExecutableA
ShellAboutW
SHGetMalloc
SHBrowseForFolderA
ord179
msvcrt
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
Sections
.text Size: 291KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 29KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wag0ir2. Size: 44KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
6atahw22 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ