Static task
static1
Behavioral task
behavioral1
Sample
614d2640c5b9cf4ebbbd9974062b38b9_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
614d2640c5b9cf4ebbbd9974062b38b9_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
614d2640c5b9cf4ebbbd9974062b38b9_JaffaCakes118
-
Size
414KB
-
MD5
614d2640c5b9cf4ebbbd9974062b38b9
-
SHA1
89af84aa25119ce33d82be7569c22325c795ecaa
-
SHA256
182ee0939035dd12aba2f4665afd7eaa35aa3636007ca48c7ad2567b05cdf628
-
SHA512
ef72ac6d67c57f0f1a0a68a94cb3d7672586daa3f8364a41fb6c9fa5f784f7e11194f1112e33e1bb392503495f8db83b02aa6b60cdc02922c3a68b1a5ecb3fa0
-
SSDEEP
6144:RzFGyJsms6uK20Pcm7wvFclFu4UFEr9LxuY3bpVCUps5Sdy6UlFCPO2XI70:kmjuKlUX+84U+LxTTswdyQXII
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 614d2640c5b9cf4ebbbd9974062b38b9_JaffaCakes118
Files
-
614d2640c5b9cf4ebbbd9974062b38b9_JaffaCakes118.exe windows:4 windows x86 arch:x86
4b7cfedf372fe6c0ec879d5725db669e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
CreateTapePartition
GetEnvironmentStringsA
FreeEnvironmentStringsW
VirtualUnlock
EnumSystemLocalesA
SetLocaleInfoA
ExitThread
FlushInstructionCache
GetTempFileNameA
SetFileAttributesA
GetSystemPowerStatus
DuplicateHandle
SetThreadIdealProcessor
ExpandEnvironmentStringsA
GetThreadPriority
ContinueDebugEvent
GetNamedPipeHandleStateW
GlobalGetAtomNameW
GetThreadPriorityBoost
OpenFileMappingA
EnumResourceTypesW
GetFullPathNameW
GlobalLock
SearchPathW
WaitNamedPipeW
RemoveDirectoryW
DisconnectNamedPipe
WritePrivateProfileStructW
SetConsoleActiveScreenBuffer
ReadConsoleOutputAttribute
GetNumberFormatW
WriteFileEx
ReadFileScatter
InitAtomTable
GetNamedPipeHandleStateA
GetVolumeInformationA
FlushViewOfFile
CreateSemaphoreW
CreateProcessA
UnlockFile
HeapLock
GetPrivateProfileSectionNamesW
EraseTape
lstrcmp
GetTimeFormatA
FindResourceExA
GetStringTypeW
lstrcmpA
DebugBreak
VirtualAllocEx
GetLastError
ReadConsoleOutputW
SetConsoleCtrlHandler
CreateDirectoryA
HeapSize
OpenWaitableTimerA
ReadConsoleOutputA
BeginUpdateResourceW
DefineDosDeviceW
ReadProcessMemory
BeginUpdateResourceA
OpenProcess
CopyFileA
GetEnvironmentStringsW
CreateFileMappingW
EnumDateFormatsExW
EscapeCommFunction
EnumDateFormatsExA
GetLargestConsoleWindowSize
FreeEnvironmentStringsA
WriteConsoleOutputAttribute
lstrcpyA
lstrcmpi
WriteFileGather
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA
OpenMutexW
SetPriorityClass
SetConsoleCursorPosition
FileTimeToLocalFileTime
WriteConsoleOutputW
AddAtomW
SetFilePointer
GetSystemDirectoryA
CloseHandle
CreateNamedPipeA
GetHandleInformation
SetCriticalSectionSpinCount
GetComputerNameW
IsValidCodePage
OpenSemaphoreA
LeaveCriticalSection
CreateFileMappingA
lstrlenW
DeviceIoControl
GetACP
InterlockedCompareExchange
GlobalFree
FlushConsoleInputBuffer
GetPrivateProfileStructW
WriteConsoleInputW
ReleaseSemaphore
UnmapViewOfFile
FormatMessageA
GlobalWire
GetProcessHeap
LocalHandle
TransmitCommChar
PulseEvent
GetPriorityClass
MultiByteToWideChar
GetNumberFormatA
SetVolumeLabelW
CreatePipe
GetConsoleCP
WriteProfileSectionW
Thread32Next
FreeLibrary
lstrcpy
WaitForSingleObjectEx
LockResource
OpenFile
GetPrivateProfileSectionNamesA
FindFirstChangeNotificationA
WriteConsoleOutputCharacterW
GetProcessTimes
GetNumberOfConsoleInputEvents
WaitNamedPipeA
VirtualProtectEx
GetConsoleCursorInfo
SetEvent
GetPrivateProfileSectionA
RtlMoveMemory
LocalReAlloc
SetThreadExecutionState
lstrlen
GlobalCompact
ReadConsoleOutputCharacterA
EnumTimeFormatsW
GetStartupInfoW
EnumResourceNamesW
GetCalendarInfoA
RemoveDirectoryA
RtlZeroMemory
Heap32Next
CopyFileExA
GetPrivateProfileStringA
ResumeThread
EnumSystemCodePagesW
WriteProfileSectionA
GetProcessVersion
lstrcatA
ResetWriteWatch
SetThreadPriorityBoost
WriteProfileStringA
GlobalReAlloc
WriteProfileStringW
Heap32ListNext
GetLongPathNameW
SetConsoleOutputCP
GetFileAttributesExA
GetCurrentThread
WritePrivateProfileStructA
GetNamedPipeInfo
GetProfileStringW
WaitCommEvent
GetMailslotInfo
GetQueuedCompletionStatus
EnumSystemLocalesW
lstrcat
GetStringTypeA
GetDateFormatW
FindFirstFileExW
WriteConsoleW
CreateEventW
GetThreadTimes
SetSystemTimeAdjustment
GetSystemTime
SetComputerNameW
GetCommandLineA
EnumResourceLanguagesW
lstrcpynA
OutputDebugStringA
WinExec
FindNextFileW
GetAtomNameA
GetModuleHandleW
GetStartupInfoA
TransactNamedPipe
CreateConsoleScreenBuffer
GetLocalTime
GetCommandLineW
FormatMessageW
GetCurrentDirectoryW
GetPrivateProfileStructA
GetShortPathNameW
HeapDestroy
lstrcpynW
OpenMutexA
GetPrivateProfileSectionW
GetFileAttributesA
SetFileAttributesW
EnumResourceTypesA
SetFileTime
WritePrivateProfileSectionA
GetDiskFreeSpaceA
CreateWaitableTimerA
GetLogicalDriveStringsW
GetConsoleTitleW
GetFileType
GetProcessShutdownParameters
DisableThreadLibraryCalls
HeapCompact
lstrcmpiA
MapViewOfFileEx
GetDiskFreeSpaceExA
WaitForSingleObject
FillConsoleOutputAttribute
UpdateResourceW
WriteConsoleA
WaitForMultipleObjectsEx
LoadResource
TryEnterCriticalSection
LocalFlags
HeapCreate
ReadConsoleA
FileTimeToDosDateTime
CreateFileA
CommConfigDialogW
SystemTimeToTzSpecificLocalTime
FindAtomW
GetSystemDefaultLCID
GetFileInformationByHandle
LocalSize
OpenEventW
CompareStringA
TlsGetValue
VirtualFree
SetThreadLocale
EnumDateFormatsA
GetCompressedFileSizeA
GetFileAttributesExW
MoveFileExW
FindFirstFileW
LocalCompact
GetThreadSelectorEntry
UnhandledExceptionFilter
IsDebuggerPresent
FillConsoleOutputCharacterW
Module32Next
GlobalFindAtomW
EnumSystemCodePagesA
CreateMutexA
PeekConsoleInputA
GetDiskFreeSpaceExW
Heap32First
GlobalAddAtomW
GetVolumeInformationW
SetHandleCount
GetThreadLocale
GetFileAttributesW
InterlockedExchangeAdd
SetConsoleWindowInfo
SetCurrentDirectoryW
GetVersionExW
SetLastError
FindFirstFileA
OpenFileMappingW
InterlockedDecrement
EnumDateFormatsW
GetSystemInfo
GetExitCodeProcess
FoldStringA
lstrcmpiW
OpenSemaphoreW
InterlockedIncrement
WideCharToMultiByte
LoadLibraryExA
GetDriveTypeA
GetProcessPriorityBoost
SetConsoleScreenBufferSize
FindFirstFileExA
GetProfileIntA
HeapWalk
GetWindowsDirectoryW
GetNumberOfConsoleMouseButtons
LoadLibraryExW
SetLocalTime
GetComputerNameA
SystemTimeToFileTime
FreeLibraryAndExitThread
SetConsoleTextAttribute
TlsFree
DebugActiveProcess
SetConsoleTitleW
ReadConsoleOutputCharacterW
FindAtomA
SetConsoleCP
InitializeCriticalSection
RtlFillMemory
GlobalFix
EnumCalendarInfoW
SetWaitableTimer
PeekNamedPipe
FindFirstChangeNotificationW
EnumCalendarInfoExA
UnlockFileEx
GetLocaleInfoA
CreateMailslotW
SetThreadPriority
GetEnvironmentVariableW
GetProcessHeaps
GetConsoleScreenBufferInfo
FreeResource
LocalLock
WritePrivateProfileStringW
DeleteFileW
EnumResourceNamesA
GetDiskFreeSpaceW
ReleaseMutex
DeleteFiber
CommConfigDialogA
SetComputerNameA
LockFileEx
GetLogicalDrives
FindNextFileA
GlobalAlloc
EnterCriticalSection
GetLongPathNameA
FreeConsole
DosDateTimeToFileTime
FindCloseChangeNotification
ReadFile
MoveFileW
WriteFile
LocalFileTimeToFileTime
EnumTimeFormatsA
GetAtomNameW
GlobalUnWire
GetEnvironmentVariableA
CreateToolhelp32Snapshot
GlobalMemoryStatus
GetVersion
FillConsoleOutputCharacterA
GlobalFlags
ExpandEnvironmentStringsW
IsValidLocale
AddAtomA
MulDiv
Process32Next
SetSystemTime
CreateEventA
GetConsoleTitleA
GetDateFormatA
GetCurrencyFormatA
FlushFileBuffers
Module32First
GetFileTime
VirtualQueryEx
Thread32First
CreateRemoteThread
WriteConsoleInputA
GetProfileSectionW
SetVolumeLabelA
CreateDirectoryExA
DeleteCriticalSection
VirtualFreeEx
SleepEx
GetWindowsDirectoryA
GetConsoleMode
SuspendThread
GetProfileSectionA
GetCurrentDirectoryA
GetTempPathA
ReadConsoleW
GlobalFindAtomA
SetConsoleTitleA
WriteProcessMemory
LockFile
GlobalHandle
GetProcAddress
Toolhelp32ReadProcessMemory
ReadFileEx
GetLogicalDriveStringsA
GetStringTypeExA
GetSystemTimeAdjustment
lstrcmpW
ResetEvent
GetProfileStringA
GetThreadContext
WaitForDebugEvent
FoldStringW
WriteConsoleOutputA
LocalUnlock
EnumCalendarInfoExW
FindClose
GetFileSize
FindResourceExW
ReadDirectoryChangesW
GetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryA
GetLocaleInfoW
GetShortPathNameA
SignalObjectAndWait
GetFullPathNameA
FindResourceW
LocalShrink
ReadConsoleInputA
GetProcessAffinityMask
LocalAlloc
AllocConsole
CreateMailslotA
OutputDebugStringW
GetCalendarInfoW
GetTempFileNameW
DeleteFileA
GetCompressedFileSizeW
ReadConsoleInputW
OpenEventA
EnumResourceLanguagesA
GlobalSize
CreateMutexW
SearchPathA
CreateWaitableTimerW
Heap32ListFirst
shell32
SHFileOperationW
SHAppBarMessage
SHGetSpecialFolderPathA
SHGetDiskFreeSpaceA
ExtractIconW
SHEmptyRecycleBinW
DragQueryFileW
DragQueryFileAorW
ExtractIconExW
SHGetDataFromIDListA
ShellHookProc
ExtractAssociatedIconW
InternalExtractIconListW
SHGetSpecialFolderLocation
DragQueryPoint
SHFormatDrive
ShellExecuteEx
DragAcceptFiles
SHGetInstanceExplorer
ShellAboutW
ExtractAssociatedIconExA
SHLoadInProc
CommandLineToArgvW
SheChangeDirExW
SHGetMalloc
ExtractIconEx
SHGetFileInfo
DoEnvironmentSubstA
DoEnvironmentSubstW
DragQueryFileA
DuplicateIcon
SHEmptyRecycleBinA
ShellExecuteA
ShellAboutA
SHFileOperation
SHAddToRecentDocs
SheGetDirA
DragFinish
SHGetDesktopFolder
RealShellExecuteExA
SHGetFileInfoA
SHGetFileInfoW
CheckEscapesW
RealShellExecuteW
SHBrowseForFolderW
SHGetNewLinkInfo
ShellExecuteExW
SheChangeDirA
RealShellExecuteExW
ShellExecuteW
FreeIconList
ExtractAssociatedIconExW
FindExecutableA
SHFileOperationA
SHGetPathFromIDListW
ShellExecuteExA
SHFreeNameMappings
ExtractIconA
ExtractIconExA
InternalExtractIconListA
SHChangeNotify
SHBrowseForFolder
RealShellExecuteA
SHUpdateRecycleBinIcon
SHGetSpecialFolderPathW
SHInvokePrinterCommandW
SHInvokePrinterCommandA
wininet
UpdateUrlCacheContentPath
InternetCombineUrlA
FtpDeleteFileW
RetrieveUrlCacheEntryFileW
FindFirstUrlCacheEntryW
InternetAutodialHangup
InternetGoOnline
DeleteUrlCacheGroup
InternetCreateUrlW
GopherGetLocatorTypeA
ShowCertificate
RetrieveUrlCacheEntryFileA
UnlockUrlCacheEntryFile
FindNextUrlCacheEntryA
GetUrlCacheGroupAttributeA
InternetOpenW
CommitUrlCacheEntryW
InternetTimeFromSystemTimeA
ShowX509EncodedCertificate
FreeUrlCacheSpaceA
IsUrlCacheEntryExpiredW
DeleteUrlCacheEntry
UnlockUrlCacheEntryFileA
FtpDeleteFileA
InternetTimeToSystemTime
HttpAddRequestHeadersW
InternetOpenUrlA
InternetQueryOptionA
FtpFindFirstFileA
HttpSendRequestExA
GopherOpenFileA
SetUrlCacheEntryInfoA
InternetGetLastResponseInfoW
FtpGetFileSize
InternetSetDialState
GopherCreateLocatorA
IsHostInProxyBypassList
InternetShowSecurityInfoByURL
InternetSetOptionExW
InternetSetCookieA
CreateUrlCacheContainerA
InternetGetCertByURLA
InternetCanonicalizeUrlW
SetUrlCacheEntryGroup
GopherCreateLocatorW
HttpSendRequestA
UnlockUrlCacheEntryFileW
InternetQueryOptionW
InternetGetLastResponseInfoA
HttpOpenRequestW
HttpQueryInfoW
InternetAlgIdToStringA
InternetConnectA
FtpCommandW
SetUrlCacheGroupAttributeA
FindNextUrlCacheGroup
InternetDialW
FtpGetFileW
InternetShowSecurityInfoByURLW
InternetAutodial
ShowSecurityInfo
DeleteIE3Cache
InternetCrackUrlA
GopherGetAttributeW
InternetGetConnectedState
InternetTimeFromSystemTimeW
InternetWriteFileExA
FtpPutFileA
InternetGoOnlineW
IsUrlCacheEntryExpiredA
InternetSetDialStateA
SetUrlCacheConfigInfoW
ShowClientAuthCerts
FtpFindFirstFileW
FindFirstUrlCacheContainerW
HttpAddRequestHeadersA
InternetSetOptionW
RunOnceUrlCache
InternetConfirmZoneCrossing
FindNextUrlCacheEntryExA
InternetSetDialStateW
DetectAutoProxyUrl
HttpEndRequestW
FtpPutFileW
FindNextUrlCacheEntryExW
InternetTimeToSystemTimeA
InternetCombineUrlW
DeleteUrlCacheContainerW
GetUrlCacheEntryInfoExA
FindNextUrlCacheContainerA
ResumeSuspendedDownload
IncrementUrlCacheHeaderData
FindFirstUrlCacheEntryExA
CommitUrlCacheEntryA
InternetShowSecurityInfoByURLA
FreeUrlCacheSpaceW
GetUrlCacheEntryInfoExW
comdlg32
GetSaveFileNameW
PrintDlgA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
FindTextW
GetFileTitleA
ChooseColorA
gdi32
GdiPlayScript
GetClipRgn
GetRegionData
CreateDIBSection
SetPixelV
GetCharABCWidthsA
LineTo
ResetDCW
StretchBlt
GetTextExtentExPointW
EnumObjects
DPtoLP
CombineRgn
StrokeAndFillPath
CopyMetaFileW
SetTextJustification
AngleArc
AbortPath
GetTextExtentExPointA
EqualRgn
CreatePenIndirect
Rectangle
GetGraphicsMode
SetBkMode
GdiPlayDCScript
StrokePath
GetRgnBox
AnimatePalette
OffsetWindowOrgEx
CreateMetaFileW
CreateCompatibleBitmap
CreatePalette
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetCharWidthFloatW
DeleteObject
ColorCorrectPalette
SetEnhMetaFileBits
SelectPalette
EnumFontsA
GdiPlayJournal
GetWinMetaFileBits
MaskBlt
SetColorAdjustment
GetMetaRgn
SetBitmapBits
PolyBezier
GetCharABCWidthsW
GetPath
ExtSelectClipRgn
CreateMetaFileA
GetEnhMetaFileA
GetBitmapBits
StretchDIBits
GetStockObject
PolyTextOutW
GetTextExtentPointA
StartDocA
SetPixel
ExtFloodFill
GetTextColor
GetSystemPaletteUse
ExtCreatePen
SetMapperFlags
CreateCompatibleDC
CreateColorSpaceW
CreateFontA
StartDocW
GetTextExtentPoint32A
FillPath
FixBrushOrgEx
SelectClipRgn
TranslateCharsetInfo
CreateEllipticRgnIndirect
GetCharWidthA
GetROP2
GetDIBits
GetMapMode
GetTextAlign
SetMiterLimit
CreateEnhMetaFileW
GetKerningPairs
CheckColorsInGamut
WidenPath
GetObjectType
SetWinMetaFileBits
TextOutW
SetBitmapDimensionEx
IntersectClipRect
GetCharWidth32W
PatBlt
CreateRoundRectRgn
ScaleViewportExtEx
GdiFlush
RectInRegion
GetColorSpace
DeleteColorSpace
PlayEnhMetaFileRecord
SetTextAlign
SetColorSpace
GetPaletteEntries
GetTextFaceW
SetLayout
AddFontResourceW
CreateEllipticRgn
Ellipse
PolyDraw
GetICMProfileA
SetMagicColors
ExtTextOutA
CreateSolidBrush
ExtEscape
UpdateICMRegKeyA
SetSystemPaletteUse
PolyPolyline
SetTextCharacterExtra
GetObjectW
SetROP2
SetPixelFormat
Polygon
CreateScalableFontResourceW
GetOutlineTextMetricsW
EnumFontsW
GetMetaFileW
SetICMProfileW
GetPolyFillMode
CreateScalableFontResourceA
CreateRectRgn
PaintRgn
GetCurrentPositionEx
CreateDIBPatternBrush
SetArcDirection
ChoosePixelFormat
BeginPath
EnumMetaFile
GetTextMetricsA
EnumICMProfilesA
GetCurrentObject
CreatePatternBrush
EndPage
GetBkMode
ResetDCA
GetSystemPaletteEntries
OffsetViewportOrgEx
OffsetClipRgn
UpdateICMRegKeyW
GetCharABCWidthsFloatA
LPtoDP
GdiGetBatchLimit
PolyTextOutA
GetTextCharsetInfo
GetRandomRgn
ExcludeClipRect
CombineTransform
DeviceCapabilitiesExA
ExtCreateRegion
GetCharABCWidthsFloatW
CreateFontW
SetMetaFileBitsEx
GetLogColorSpaceW
GetCharacterPlacementW
GetTextExtentPoint32W
PathToRegion
GetStretchBltMode
DeleteMetaFile
GetCharWidthW
GetLogColorSpaceA
PlayMetaFileRecord
EnumEnhMetaFile
SelectClipPath
CreateICW
CreateDCW
GetDeviceCaps
GetKerningPairsW
GetDIBColorTable
ModifyWorldTransform
GetPixel
DrawEscape
EnumFontFamiliesExW
PlgBlt
GetBkColor
SetViewportOrgEx
SetICMMode
ScaleWindowExtEx
FrameRgn
OffsetRgn
CreateHalftonePalette
AbortDoc
GetViewportExtEx
CreateDIBitmap
RealizePalette
CreateColorSpaceA
GetMiterLimit
PlayEnhMetaFile
GetLayout
GetPixelFormat
SaveDC
PolyBezierTo
CopyEnhMetaFileA
GetEnhMetaFileDescriptionA
GetFontData
CreateDCA
GetTextFaceA
EnumICMProfilesW
Polyline
GetNearestPaletteIndex
GetFontLanguageInfo
CopyMetaFileA
GetMetaFileA
CreateEnhMetaFileA
LineDDA
GetTextMetricsW
SetTextColor
ColorMatchToTarget
CreateBitmap
CreateBitmapIndirect
GetTextCharset
GetCharWidthFloatA
EnumFontFamiliesW
GetBoundsRect
Escape
GetWindowOrgEx
UpdateColors
SetBrushOrgEx
SetICMProfileA
CreateFontIndirectW
GetEnhMetaFileDescriptionW
CreateDiscardableBitmap
SetDIBColorTable
GetKerningPairsA
SetAbortProc
GetWindowExtEx
GetAspectRatioFilterEx
SelectObject
SetBoundsRect
CreatePen
CopyEnhMetaFileW
EndPath
Arc
StartPage
Pie
CreateRectRgnIndirect
DescribePixelFormat
RestoreDC
ResizePalette
CreateHatchBrush
CreateBrushIndirect
CloseFigure
RemoveFontResourceW
GetBitmapDimensionEx
PtInRegion
GdiSetBatchLimit
GetMetaFileBitsEx
TextOutA
CreateFontIndirectA
GetWorldTransform
PolyPolygon
ExtTextOutW
RectVisible
PolylineTo
RoundRect
CancelDC
CreatePolyPolygonRgn
FlattenPath
GetColorAdjustment
GetCharWidth32A
SetStretchBltMode
UnrealizeObject
GetEnhMetaFileHeader
GetTextExtentPointW
gdiPlaySpoolStream
GetNearestColor
CreateDIBPatternBrushPt
GetGlyphOutline
SetPaletteEntries
EndDoc
CloseMetaFile
RemoveFontResourceA
CreatePolygonRgn
GetClipBox
SetWindowOrgEx
GetEnhMetaFileW
SwapBuffers
GetGlyphOutlineW
SetWindowExtEx
DeviceCapabilitiesExW
GetCharacterPlacementA
PlayMetaFile
GetEnhMetaFileBits
SetWorldTransform
Chord
SetBkColor
DeleteDC
EnumFontFamiliesExA
SetDIBits
SetPolyFillMode
SetGraphicsMode
EnumFontFamiliesA
SetDeviceGammaRamp
AddFontResourceA
PtVisible
GetEnhMetaFilePaletteEntries
SetMapMode
GetDeviceGammaRamp
GetTextCharacterExtra
FloodFill
GetRasterizerCaps
GetBrushOrgEx
FillRgn
GetArcDirection
SetRectRgn
SetFontEnumeration
MoveToEx
InvertRgn
GetObjectA
SetViewportExtEx
GetICMProfileW
SetDIBitsToDevice
GetOutlineTextMetricsA
EnableEUDC
GetDCOrgEx
advapi32
CryptDuplicateHash
RegQueryMultipleValuesW
CryptSetProviderA
CryptGetUserKey
DuplicateTokenEx
LookupSecurityDescriptorPartsW
CryptSetProviderExA
RegEnumValueA
LookupPrivilegeValueW
RegQueryMultipleValuesA
RegConnectRegistryW
InitializeSecurityDescriptor
CryptSetProvParam
RegFlushKey
CryptSetProviderExW
CryptDestroyHash
RegSaveKeyW
RegRestoreKeyA
CryptSetHashParam
RegOpenKeyExA
CryptGetKeyParam
LookupAccountSidW
RegQueryInfoKeyA
RegCreateKeyExA
RegCreateKeyExW
RegQueryValueExW
CryptDeriveKey
RegRestoreKeyW
LookupPrivilegeNameA
RegEnumKeyExW
RegEnumKeyA
CryptDestroyKey
LogonUserW
RegLoadKeyA
RegQueryValueW
CryptSetKeyParam
LookupSecurityDescriptorPartsA
CryptAcquireContextW
RegDeleteKeyA
AbortSystemShutdownW
RegOpenKeyA
CryptVerifySignatureW
GetUserNameW
CryptSignHashA
CreateServiceW
LookupAccountSidA
CryptExportKey
CryptGetProvParam
CryptDecrypt
CryptEncrypt
InitiateSystemShutdownA
RegCloseKey
LookupAccountNameW
StartServiceW
RegNotifyChangeKeyValue
RegOpenKeyW
CryptHashData
RegOpenKeyExW
RegDeleteValueW
RegSaveKeyA
CryptSignHashW
CryptDuplicateKey
RegEnumKeyExA
CreateServiceA
LogonUserA
CryptEnumProviderTypesW
DuplicateToken
InitiateSystemShutdownW
CryptImportKey
RegEnumValueW
RegCreateKeyA
CryptEnumProviderTypesA
ReportEventA
LookupPrivilegeDisplayNameA
LookupPrivilegeNameW
RegLoadKeyW
RegSetValueA
GetUserNameA
RegDeleteValueA
LookupAccountNameA
CryptGenRandom
LookupPrivilegeValueA
CryptCreateHash
LookupPrivilegeDisplayNameW
CryptHashSessionKey
Sections
.text Size: 96KB - Virtual size: 95KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 298KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE