Static task
static1
Behavioral task
behavioral1
Sample
46514139c0a0061708e2ce18ad87eb62_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
46514139c0a0061708e2ce18ad87eb62_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
46514139c0a0061708e2ce18ad87eb62_JaffaCakes118
-
Size
340KB
-
MD5
46514139c0a0061708e2ce18ad87eb62
-
SHA1
e5f9c19cd36894fba18518863b5b233d126c581e
-
SHA256
36137b4829d319ce8fcedfc92aba1ad340f7af46c32367982a45457ed9dd74c6
-
SHA512
b7c6c5157cb3da90259f9abfe09c9ecf1b9112a6c12d26185ed3489ce512e28d303358295bb9e114a6806a024ae346839d3ebb6e3227a5fae5cef2548f9870d5
-
SSDEEP
6144:KCYlzU5ExA1XSVC5Z0o8YIbPtMSGAmKe3f8X1OJYEsK6tvDGVhGlaHmMO44:bYlzxA1XwC70lPKvAmKev8FCYEuqVvC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 46514139c0a0061708e2ce18ad87eb62_JaffaCakes118
Files
-
46514139c0a0061708e2ce18ad87eb62_JaffaCakes118.exe windows:4 windows x86 arch:x86
7addc94353bb2b87d3216582c76b2309
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetPriorityClass
SetFileApisToOEM
SetEnvironmentVariableW
QueryDosDeviceA
GetStringTypeExA
GetTimeZoneInformation
ResumeThread
CopyFileW
GetSystemDirectoryW
lstrcmpiW
FindFirstFileW
InitializeCriticalSection
HeapWalk
SetConsoleOutputCP
GetProfileStringW
PeekNamedPipe
GetPrivateProfileSectionW
ConnectNamedPipe
BeginUpdateResourceA
GlobalAddAtomA
UnmapViewOfFile
WaitForMultipleObjects
GetPrivateProfileSectionNamesW
EnumSystemCodePagesW
CreateMailslotW
GetEnvironmentStrings
GetVolumeInformationW
CreateDirectoryA
GlobalLock
EnumResourceLanguagesW
WriteConsoleInputA
FindResourceExW
WriteProfileStringA
ExitThread
GetLocalTime
Process32First
SetUnhandledExceptionFilter
Module32Next
GlobalUnWire
SetHandleInformation
PostQueuedCompletionStatus
Toolhelp32ReadProcessMemory
GetAtomNameA
GetLocaleInfoW
GetFullPathNameA
MulDiv
OutputDebugStringW
InterlockedExchangeAdd
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterW
EndUpdateResourceW
LocalLock
HeapAlloc
GetACP
GetLogicalDriveStringsW
SetFileApisToANSI
IsBadStringPtrW
GlobalFindAtomA
GetComputerNameW
lstrcmpW
GetTapePosition
GetCurrencyFormatA
GetDevicePowerState
LocalSize
SetLocalTime
EnumSystemLocalesA
SetComputerNameW
GlobalHandle
MoveFileExW
FreeConsole
GlobalCompact
EnumResourceNamesW
GetThreadSelectorEntry
CancelDeviceWakeupRequest
InterlockedExchange
GetFileSize
GetCurrentProcessId
CreateFileA
VirtualFree
QueryPerformanceCounter
EnumCalendarInfoA
SetCurrentDirectoryA
lstrcatA
GetCurrencyFormatW
GetVersionExA
InterlockedDecrement
HeapValidate
FlushConsoleInputBuffer
GlobalAlloc
BuildCommDCBW
GetFullPathNameW
FreeEnvironmentStringsW
LocalShrink
lstrlenA
CreateRemoteThread
MapViewOfFile
EnumSystemCodePagesA
GetFileTime
RemoveDirectoryA
GetQueuedCompletionStatus
FindClose
WaitForSingleObjectEx
PulseEvent
GetProcessAffinityMask
UnlockFile
SetFileAttributesA
SearchPathW
IsBadCodePtr
GetPrivateProfileSectionA
lstrcpynW
SetCommMask
SetConsoleScreenBufferSize
GetTimeFormatA
GetConsoleTitleA
PurgeComm
OpenFileMappingW
GetCalendarInfoW
CancelIo
WaitCommEvent
ReleaseSemaphore
TransmitCommChar
GetCurrentThreadId
CallNamedPipeA
GetProcessPriorityBoost
GetCommMask
AddAtomW
EnumDateFormatsA
Heap32First
CompareStringW
GetTickCount
GlobalAddAtomW
WriteConsoleA
CommConfigDialogA
SetThreadAffinityMask
HeapDestroy
ReadFileEx
CreateIoCompletionPort
InterlockedIncrement
GetLastError
WritePrivateProfileSectionW
lstrcpyW
WriteFileGather
IsBadStringPtrA
HeapUnlock
FillConsoleOutputAttribute
DefineDosDeviceA
CreateSemaphoreA
FreeLibraryAndExitThread
GetDateFormatW
ContinueDebugEvent
LocalCompact
GetStartupInfoA
SetMessageWaitingIndicator
Sleep
SetFileTime
OpenSemaphoreA
AreFileApisANSI
GetTempFileNameW
DisableThreadLibraryCalls
LocalReAlloc
FlushFileBuffers
GetSystemDefaultLCID
GetDiskFreeSpaceA
Module32First
GetStringTypeExW
EnumSystemLocalesW
FindAtomA
TlsFree
GetFileAttributesExA
HeapSize
Process32Next
lstrcpyA
DeleteCriticalSection
WriteFile
SetThreadLocale
WriteTapemark
WaitNamedPipeA
BuildCommDCBAndTimeoutsA
GetConsoleCursorInfo
_lwrite
PrepareTape
RequestDeviceWakeup
WriteProfileSectionW
IsDBCSLeadByte
SetDefaultCommConfigA
GetProcessHeap
SystemTimeToTzSpecificLocalTime
WriteProcessMemory
CreatePipe
BuildCommDCBAndTimeoutsW
GetNumberOfConsoleMouseButtons
GetCommModemStatus
Heap32ListNext
FindFirstChangeNotificationA
GetCalendarInfoA
WritePrivateProfileStringA
GetProfileSectionW
SetConsoleCursorInfo
DisconnectNamedPipe
GetConsoleScreenBufferInfo
LCMapStringW
ReadConsoleA
CreateThread
WriteConsoleInputW
GetModuleHandleA
ReadConsoleOutputA
GetCompressedFileSizeW
GetProcessHeaps
OpenMutexW
GetBinaryTypeA
SetConsoleWindowInfo
FormatMessageW
GetPrivateProfileStringW
HeapReAlloc
GetNamedPipeHandleStateA
SetupComm
FreeLibrary
GetSystemTime
GetFileAttributesExW
ReadFile
ReadConsoleInputA
GetDefaultCommConfigA
GetUserDefaultLCID
SetSystemTimeAdjustment
OpenSemaphoreW
SetProcessShutdownParameters
SetConsoleTitleA
GetPrivateProfileIntA
DeviceIoControl
GetProfileSectionA
LocalHandle
GetCommandLineA
GetCurrentThread
_lclose
DefineDosDeviceW
AllocConsole
FillConsoleOutputCharacterA
FileTimeToSystemTime
WriteProfileStringW
VirtualProtect
GetProcAddress
GetEnvironmentVariableA
WriteProfileSectionA
WriteConsoleW
GetSystemPowerStatus
WaitForDebugEvent
CreateFileMappingW
SetEvent
HeapCreate
LockFile
GetConsoleMode
GetMailslotInfo
_hread
CreateNamedPipeA
FindCloseChangeNotification
SetMailslotInfo
GetStringTypeA
GetConsoleCP
GetModuleFileNameW
GetDiskFreeSpaceExA
SetTimeZoneInformation
FindFirstChangeNotificationW
LocalFree
WaitForSingleObject
SetConsoleCP
SetConsoleTextAttribute
GlobalFree
GetVolumeInformationA
GetDiskFreeSpaceExW
FoldStringW
GetModuleHandleW
EscapeCommFunction
lstrlenW
FreeResource
WriteConsoleOutputCharacterW
EnumCalendarInfoW
lstrcmpiA
VerLanguageNameA
GetHandleInformation
SetComputerNameA
WritePrivateProfileStructA
GetCPInfoExW
WaitForMultipleObjectsEx
LoadLibraryA
SleepEx
GlobalSize
CreateProcessA
WriteFileEx
FlushInstructionCache
GetNamedPipeHandleStateW
DosDateTimeToFileTime
HeapCompact
SetSystemTime
LocalFlags
CreateMutexW
WritePrivateProfileSectionA
FindNextFileW
ReadConsoleInputW
GlobalWire
IsBadWritePtr
GlobalReAlloc
GetExitCodeThread
WaitNamedPipeW
lstrcmpA
GlobalFlags
GetCPInfo
EndUpdateResourceA
DebugBreak
VirtualQuery
GetNumberFormatW
TlsGetValue
TransactNamedPipe
GetStdHandle
OpenEventA
SetCommBreak
DebugActiveProcess
GetThreadPriorityBoost
VirtualFreeEx
ExpandEnvironmentStringsA
Thread32First
MapViewOfFileEx
CreateConsoleScreenBuffer
GetFileAttributesW
SetLastError
BackupRead
LockResource
CreateEventA
SetConsoleTitleW
InitAtomTable
_lread
LoadModule
FindNextFileA
IsProcessorFeaturePresent
ExitProcess
GetProfileIntA
IsDBCSLeadByteEx
FormatMessageA
CreateMailslotA
EnumResourceLanguagesA
VirtualLock
WritePrivateProfileStringW
CreateDirectoryW
MoveFileW
SetLocaleInfoA
SetTapeParameters
ReleaseMutex
IsBadHugeWritePtr
FileTimeToLocalFileTime
GetPrivateProfileSectionNamesA
SetTapePosition
GetCommandLineW
GetNumberOfConsoleInputEvents
GetModuleFileNameA
CreateSemaphoreW
GetAtomNameW
BackupWrite
SearchPathA
SetProcessPriorityBoost
GetThreadLocale
GetLargestConsoleWindowSize
_lcreat
SetConsoleCursorPosition
SetConsoleMode
OpenFileMappingA
VirtualAlloc
SetStdHandle
GetDefaultCommConfigW
LocalUnlock
GetCurrentDirectoryA
user32
TabbedTextOutA
SetWindowRgn
GetWindowPlacement
CharToOemW
GetKeyNameTextW
ChangeMenuA
RegisterHotKey
GetKeyboardLayoutNameA
AnyPopup
GetWindowContextHelpId
SetWindowLongW
EnumPropsExW
LoadBitmapW
GetNextDlgGroupItem
OpenInputDesktop
RemovePropA
MapVirtualKeyExA
SetWindowTextA
CharUpperBuffW
CreateDesktopA
SetCursorPos
MessageBeep
CharUpperBuffA
DialogBoxParamA
SetForegroundWindow
InsertMenuItemA
SetClassLongW
GetWindowTextA
DrawTextExA
CheckMenuItem
EndDialog
RegisterClassExW
EnumClipboardFormats
LoadIconA
SetDoubleClickTime
UpdateWindow
CheckMenuRadioItem
GetMenuState
GetDlgItemTextW
OpenWindowStationW
DestroyIcon
ShowCaret
DrawIcon
EnumDisplaySettingsW
DialogBoxIndirectParamA
ScreenToClient
DefFrameProcA
GetKeyboardLayoutNameW
WinHelpA
SetRectEmpty
SetWindowTextW
DrawStateW
CopyAcceleratorTableA
AppendMenuA
DragObject
GetMenuItemInfoW
GetClassLongW
SetSysColors
GetDlgItem
GetPriorityClipboardFormat
GetCapture
MessageBoxExA
InflateRect
SwitchToThisWindow
IsCharUpperA
RegisterClipboardFormatW
GetWindowRgn
LoadKeyboardLayoutA
OpenWindowStationA
GetMessageExtraInfo
EnumChildWindows
SystemParametersInfoA
ScrollWindow
CreateIconIndirect
FillRect
InvalidateRect
EmptyClipboard
MapVirtualKeyW
CharLowerW
SubtractRect
CharPrevA
CharNextW
RedrawWindow
FlashWindow
SetDlgItemTextA
CharToOemBuffA
GetMenu
CharUpperA
DefMDIChildProcA
GetSystemMenu
SwitchDesktop
CreateDesktopW
wvsprintfW
GetForegroundWindow
UnionRect
CallNextHookEx
DrawTextExW
GetClassInfoW
GetWindowThreadProcessId
MapDialogRect
CreateCaret
DispatchMessageA
IsWindow
GetSysColor
LoadMenuA
DestroyAcceleratorTable
WinHelpW
ShowScrollBar
SetPropW
ExitWindowsEx
GetThreadDesktop
DlgDirSelectExA
EnableWindow
GetClassNameA
ClipCursor
VkKeyScanExW
DefFrameProcW
FindWindowExA
DialogBoxIndirectParamW
CallWindowProcW
DlgDirListW
GetDlgItemTextA
CreateDialogIndirectParamA
ShowOwnedPopups
DrawMenuBar
DrawIconEx
GetMessageA
ChangeClipboardChain
LoadMenuIndirectW
SetUserObjectInformationA
GetKBCodePage
SetWindowPos
GetMenuItemInfoA
CallMsgFilterA
LoadAcceleratorsA
GetMenuContextHelpId
CreateWindowStationA
mouse_event
ChangeDisplaySettingsA
MsgWaitForMultipleObjects
GetDialogBaseUnits
DestroyMenu
EndDeferWindowPos
UnhookWindowsHook
GetAsyncKeyState
SetCursor
IsCharUpperW
EndPaint
DlgDirSelectComboBoxExW
GetWindowTextLengthA
IsCharAlphaNumericA
TrackPopupMenuEx
EnumWindowStationsA
ActivateKeyboardLayout
OpenClipboard
CheckRadioButton
CreateDialogIndirectParamW
GetUserObjectSecurity
OffsetRect
IsIconic
KillTimer
LoadCursorFromFileW
SendMessageTimeoutA
CreateWindowExW
GetClassLongA
InternalGetWindowText
CharLowerA
IsWindowVisible
ClientToScreen
GetClipboardFormatNameW
GetWindowLongW
SetDebugErrorLevel
DrawCaption
SetLastErrorEx
GetDesktopWindow
GetMenuStringA
OpenDesktopW
GetProcessWindowStation
FindWindowA
GetLastActivePopup
InvertRect
EnumThreadWindows
IsWindowUnicode
ToUnicode
CharPrevExA
SwapMouseButton
OemToCharBuffA
wsprintfA
keybd_event
GetDlgItemInt
SetMenuItemBitmaps
GetWindowWord
DispatchMessageW
SendMessageW
SetWindowsHookExA
PostMessageW
SetClipboardData
GetClassInfoExA
CreateAcceleratorTableW
DlgDirSelectExW
CharPrevW
MessageBoxExW
SetWindowsHookW
RegisterClassW
GetClassInfoExW
IsDlgButtonChecked
GetWindowTextLengthW
GetWindowDC
SetSystemCursor
VkKeyScanW
ChildWindowFromPointEx
HideCaret
CreatePopupMenu
ShowWindow
CloseWindowStation
DlgDirSelectComboBoxExA
GetClassInfoA
HiliteMenuItem
RemovePropW
SetClassWord
GetMenuCheckMarkDimensions
DlgDirListComboBoxA
EnumDisplaySettingsA
DlgDirListA
MessageBoxA
LookupIconIdFromDirectoryEx
CloseDesktop
EnumDesktopWindows
GetMenuDefaultItem
SendNotifyMessageW
InsertMenuItemW
LoadMenuW
GetShellWindow
CascadeWindows
EnumWindows
IntersectRect
PostThreadMessageW
ScrollDC
GetClipboardData
ExcludeUpdateRgn
LoadCursorW
ChangeDisplaySettingsExW
RegisterClipboardFormatA
DefWindowProcW
GetClassWord
OemToCharW
SetWindowsHookA
GetPropW
GetQueueStatus
MapVirtualKeyA
GetPropA
CreateWindowStationW
GetTopWindow
SetMenu
GetCaretBlinkTime
ArrangeIconicWindows
ReplyMessage
PaintDesktop
CreateDialogParamA
SetActiveWindow
PostMessageA
SetWindowLongA
GetUserObjectInformationW
GetDoubleClickTime
GetKeyState
ValidateRect
SendMessageA
BringWindowToTop
EnumPropsW
SetMenuItemInfoA
SetMenuDefaultItem
MessageBoxIndirectA
TranslateAcceleratorA
IsCharLowerA
SetUserObjectSecurity
GetKeyNameTextA
DeleteMenu
SetCaretPos
OpenDesktopA
PeekMessageA
GetInputState
TrackPopupMenu
InSendMessage
GetKeyboardLayoutList
SetWindowPlacement
IsDialogMessageA
SetMenuItemInfoW
LoadAcceleratorsW
GetUserObjectInformationA
DefDlgProcW
RegisterClassExA
ToAsciiEx
MoveWindow
PostQuitMessage
wvsprintfA
TranslateMessage
GetWindow
InsertMenuW
DrawAnimatedRects
GetFocus
OemToCharBuffW
gdi32
UpdateICMRegKeyW
GetClipBox
TextOutW
GetEnhMetaFileHeader
CreateEllipticRgn
CreateCompatibleDC
CreateFontA
OffsetClipRgn
ScaleWindowExtEx
BeginPath
Ellipse
CopyEnhMetaFileA
GetCurrentObject
CreateColorSpaceA
Polygon
GetDIBits
DrawEscape
SetTextAlign
SetICMMode
SetDIBColorTable
CreateDiscardableBitmap
GetCharWidthFloatW
GetWindowExtEx
PlayMetaFile
Rectangle
GetRegionData
GetTextMetricsW
PolylineTo
OffsetViewportOrgEx
GetRandomRgn
GetGraphicsMode
GetPaletteEntries
CreateDIBPatternBrush
PtVisible
CreatePolygonRgn
CreateFontIndirectW
GetGlyphOutlineA
SetPolyFillMode
IntersectClipRect
SetMapMode
SetBoundsRect
PtInRegion
GetBitmapDimensionEx
WidenPath
GetWorldTransform
CreateICW
GetNearestPaletteIndex
LineDDA
GetCharWidth32W
GetTextFaceA
EnumObjects
SetWorldTransform
GetBoundsRect
CreatePalette
GetROP2
SetICMProfileW
EnumFontFamiliesExA
EnumFontFamiliesExW
GetEnhMetaFilePaletteEntries
SwapBuffers
SetMapperFlags
CombineTransform
SetRectRgn
SetTextColor
GetCharWidthW
GdiComment
PolyPolyline
EndPage
GdiGetBatchLimit
GetLogColorSpaceW
RoundRect
ExtTextOutW
GetCharWidth32A
GetDeviceGammaRamp
GetMetaRgn
FrameRgn
SetBitmapBits
PlayEnhMetaFile
CancelDC
CreateRectRgn
TranslateCharsetInfo
CreateScalableFontResourceA
Escape
CreateICA
GetTextExtentPoint32A
ArcTo
AnimatePalette
PolyBezierTo
StrokeAndFillPath
CreateRectRgnIndirect
StretchBlt
GetStretchBltMode
EnumFontFamiliesW
AbortPath
ScaleViewportExtEx
SelectClipPath
GetRgnBox
GetCharABCWidthsFloatA
GetMiterLimit
CombineRgn
DescribePixelFormat
GetBkColor
GetTextCharacterExtra
Chord
CloseEnhMetaFile
GetTextExtentExPointA
SetMetaFileBitsEx
AngleArc
PolyPolygon
SetPixel
ResetDCA
GetTextExtentExPointW
EqualRgn
GetKerningPairsW
SetMetaRgn
ExcludeClipRect
SetBrushOrgEx
CreateRoundRectRgn
EndDoc
GetPolyFillMode
FloodFill
GetDCOrgEx
GetCharABCWidthsW
SetMiterLimit
CreateHatchBrush
GetDIBColorTable
PathToRegion
ResizePalette
OffsetWindowOrgEx
GetTextCharsetInfo
SetDIBitsToDevice
GetColorSpace
SetColorAdjustment
SetColorSpace
CreateDCW
CreateMetaFileW
RemoveFontResourceW
SetTextCharacterExtra
CreateSolidBrush
GetLogColorSpaceA
InvertRgn
RemoveFontResourceA
GetMetaFileBitsEx
GetColorAdjustment
CreatePen
SetROP2
UnrealizeObject
SetPixelV
SetDIBits
CopyMetaFileA
SetDeviceGammaRamp
ColorMatchToTarget
CreateDCA
GetCharABCWidthsFloatW
GetViewportExtEx
GetFontData
FixBrushOrgEx
AddFontResourceA
PaintRgn
GetSystemPaletteUse
MoveToEx
CreatePenIndirect
RectInRegion
GetTextExtentPointA
CreateFontW
DPtoLP
PolyDraw
CreateBitmap
GetEnhMetaFileDescriptionA
GetTextCharset
SetGraphicsMode
SetWinMetaFileBits
LPtoDP
SetWindowExtEx
Polyline
FillRgn
EnumMetaFile
StretchDIBits
GetMetaFileW
ExtFloodFill
SetWindowOrgEx
PlayMetaFileRecord
SetAbortProc
GetTextMetricsA
RestoreDC
GetTextExtentPointW
StartPage
EnumEnhMetaFile
comdlg32
PrintDlgW
GetFileTitleW
ChooseFontA
PageSetupDlgA
FindTextW
GetFileTitleA
GetSaveFileNameW
ReplaceTextW
PageSetupDlgW
GetOpenFileNameW
CommDlgExtendedError
GetOpenFileNameA
advapi32
RegDeleteValueA
ReadEventLogA
GetNamedSecurityInfoW
RegNotifyChangeKeyValue
BuildSecurityDescriptorW
GetSecurityDescriptorLength
RegRestoreKeyA
BuildExplicitAccessWithNameA
RegisterServiceCtrlHandlerA
AreAnyAccessesGranted
RegSetValueA
CryptExportKey
LookupAccountNameA
RegQueryInfoKeyA
GetMultipleTrusteeA
GetEffectiveRightsFromAclW
NotifyChangeEventLog
BuildTrusteeWithSidW
ObjectCloseAuditAlarmA
CryptEnumProviderTypesW
QueryServiceLockStatusA
ObjectPrivilegeAuditAlarmA
BuildImpersonateExplicitAccessWithNameW
CryptGetProvParam
BackupEventLogW
GetServiceKeyNameW
SetNamedSecurityInfoA
GetFileSecurityA
CryptDuplicateKey
UnlockServiceDatabase
BackupEventLogA
LookupAccountNameW
CreateServiceW
RegQueryValueW
RegDeleteKeyA
SetServiceStatus
RegisterServiceCtrlHandlerW
GetServiceKeyNameA
EqualPrefixSid
ControlService
AddAccessDeniedAce
RegReplaceKeyW
RegSaveKeyW
SetAclInformation
SetEntriesInAclW
BuildTrusteeWithNameA
PrivilegedServiceAuditAlarmA
OpenSCManagerA
GetMultipleTrusteeOperationW
CryptHashData
InitializeSecurityDescriptor
RegUnLoadKeyW
SetSecurityDescriptorSacl
LookupPrivilegeNameA
AddAccessAllowedAce
StartServiceCtrlDispatcherA
RegQueryValueExW
AccessCheck
QueryServiceConfigA
OpenEventLogW
GetSecurityInfo
CreateServiceA
SetNamedSecurityInfoW
CreatePrivateObjectSecurity
RegLoadKeyW
CryptEnumProvidersA
CryptSetProvParam
GetSidLengthRequired
SetPrivateObjectSecurity
GetTrusteeNameW
RegSetValueW
GetServiceDisplayNameA
EnumDependentServicesW
SetSecurityInfo
AdjustTokenGroups
BuildExplicitAccessWithNameW
InitializeSid
EnumServicesStatusW
RegFlushKey
MakeSelfRelativeSD
RegSetKeySecurity
ReportEventW
OpenThreadToken
LookupPrivilegeDisplayNameA
OpenProcessToken
LookupSecurityDescriptorPartsW
CryptSignHashA
GetSidSubAuthority
ObjectCloseAuditAlarmW
CryptSetProviderExA
BuildImpersonateTrusteeA
RegDeleteKeyW
ReportEventA
AddAce
RegOpenKeyExW
CreateProcessAsUserW
CryptSetKeyParam
RegSetValueExA
PrivilegedServiceAuditAlarmW
AccessCheckAndAuditAlarmW
EnumServicesStatusA
ObjectDeleteAuditAlarmW
MapGenericMask
FindFirstFreeAce
CryptCreateHash
CryptAcquireContextA
RegConnectRegistryW
RegCreateKeyExA
OpenBackupEventLogA
OpenServiceA
AdjustTokenPrivileges
InitiateSystemShutdownW
RegCreateKeyA
RegEnumKeyExA
SetTokenInformation
GetSidIdentifierAuthority
GetNumberOfEventLogRecords
CryptSignHashW
OpenEventLogA
QueryServiceLockStatusW
CryptEncrypt
QueryServiceConfigW
SetThreadToken
GetExplicitEntriesFromAclA
GetAuditedPermissionsFromAclW
CryptVerifySignatureA
ImpersonateLoggedOnUser
ObjectPrivilegeAuditAlarmW
RevertToSelf
LookupSecurityDescriptorPartsA
CryptGetUserKey
CryptImportKey
OpenServiceW
CryptGetKeyParam
CryptDecrypt
LookupAccountSidW
CryptSetProviderA
GetAce
CryptGenRandom
BuildTrusteeWithSidA
AllocateAndInitializeSid
CryptGenKey
BuildImpersonateExplicitAccessWithNameA
RegGetKeySecurity
RegConnectRegistryA
RegQueryMultipleValuesW
StartServiceA
SetFileSecurityW
GetMultipleTrusteeOperationA
OpenSCManagerW
RegOpenKeyExA
GetNamedSecurityInfoA
GetUserNameW
AreAllAccessesGranted
LookupPrivilegeDisplayNameW
GetExplicitEntriesFromAclW
GetAuditedPermissionsFromAclA
LookupPrivilegeNameW
RegOpenKeyA
DeleteService
GetFileSecurityW
CopySid
ClearEventLogW
CryptSetProviderW
CryptHashSessionKey
LockServiceDatabase
RegUnLoadKeyA
SetEntriesInAclA
ImpersonateNamedPipeClient
CryptEnumProvidersW
GetServiceDisplayNameW
GetTokenInformation
RegQueryInfoKeyW
RegLoadKeyA
CryptDestroyHash
RegQueryMultipleValuesA
RegQueryValueA
CryptDestroyKey
CryptEnumProviderTypesA
QueryServiceStatus
GetTrusteeTypeW
shell32
ord179
ExtractAssociatedIconExW
ShellAboutW
Shell_NotifyIconA
SHGetFileInfoW
ShellExecuteExA
DuplicateIcon
SHInvokePrinterCommandW
SHGetSpecialFolderPathA
ShellAboutA
CommandLineToArgvW
SHFileOperationA
ShellExecuteExW
SHGetDataFromIDListA
SHGetFileInfoA
ExtractAssociatedIconExA
ExtractIconExW
ExtractIconA
ExtractIconExA
SHLoadInProc
SHGetPathFromIDListW
DragQueryFileA
SHBrowseForFolderW
SHInvokePrinterCommandA
DoEnvironmentSubstA
SHGetMalloc
SHGetInstanceExplorer
SHGetPathFromIDListA
DragFinish
DragQueryFileW
SHEmptyRecycleBinW
msvcrt
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
Sections
.text Size: 280KB - Virtual size: 278KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ