Static task
static1
Behavioral task
behavioral1
Sample
b27eccb6ba04bb021df69025ae0e9c16_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
b27eccb6ba04bb021df69025ae0e9c16_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
b27eccb6ba04bb021df69025ae0e9c16_JaffaCakes118
-
Size
324KB
-
MD5
b27eccb6ba04bb021df69025ae0e9c16
-
SHA1
ac94b1ab246ad77b9c99e33fa7a7a60909304d85
-
SHA256
3866c3fa90b10d06cc817435b540e50d7b0b19e723641843ac40bc78e2d94a7d
-
SHA512
d11d3e41d0bb992adfebf24d4ee9dc8f9b43b4e64f71d2c322f8f63513ec73c206a50fd7562fa1492b730beb10473b2c814b7436b47302e4fe2f20af952d5dd2
-
SSDEEP
6144:VKqrLwZvecbv1+2xHGKAGOeVrvZBmo4nXLacyVg4H01xh:VJ4LbzxHGKAHErvCL7Py2Jxh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b27eccb6ba04bb021df69025ae0e9c16_JaffaCakes118
Files
-
b27eccb6ba04bb021df69025ae0e9c16_JaffaCakes118.exe windows:4 windows x86 arch:x86
a658683de168edbdaeb36091154dcbc8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCPInfoExW
GetCommMask
DebugActiveProcess
OpenMutexA
FillConsoleOutputCharacterA
IsDBCSLeadByte
DuplicateHandle
IsBadStringPtrW
GetOEMCP
OpenEventA
GetCurrencyFormatA
GetConsoleCursorInfo
Thread32Next
SetConsoleTitleA
CancelIo
SetCommTimeouts
WaitNamedPipeA
HeapDestroy
LocalReAlloc
SetMailslotInfo
SetFileApisToOEM
Heap32ListFirst
MoveFileExW
GetNamedPipeHandleStateW
SystemTimeToFileTime
GetModuleHandleA
FindResourceW
WritePrivateProfileStructA
lstrcatW
WriteProfileStringW
GetStartupInfoW
SetTimeZoneInformation
HeapValidate
GetCurrencyFormatW
SystemTimeToTzSpecificLocalTime
CreateFileMappingA
BuildCommDCBA
GlobalUnWire
CloseHandle
WaitForMultipleObjectsEx
LocalUnlock
GlobalFindAtomA
CreateSemaphoreW
InterlockedCompareExchange
GetTempFileNameW
SetFileAttributesA
GetSystemDefaultLCID
DeleteCriticalSection
GetQueuedCompletionStatus
SetFileTime
BackupRead
GetVolumeInformationA
FindResourceA
BackupSeek
GetVersionExA
GetComputerNameA
CommConfigDialogW
GetThreadPriority
WideCharToMultiByte
_lclose
VirtualFreeEx
GetFileAttributesExA
BeginUpdateResourceW
GetTimeFormatW
GetStringTypeW
GetFileAttributesExW
SetCommMask
CreateRemoteThread
GetProfileStringA
GetCommProperties
GetFileAttributesW
FoldStringA
GetLogicalDrives
GetNumberOfConsoleInputEvents
MultiByteToWideChar
GetTapePosition
Sleep
WriteConsoleW
GetBinaryTypeW
OpenFileMappingA
GetDiskFreeSpaceW
CompareFileTime
WaitForSingleObject
Module32Next
SetEnvironmentVariableW
CreateDirectoryExW
BeginUpdateResourceA
GetStdHandle
GetProcessHeap
TerminateThread
LocalShrink
GetProcessHeaps
ExpandEnvironmentStringsW
IsValidLocale
WriteProfileSectionW
GetCommConfig
SetConsoleCP
EnumResourceLanguagesA
LCMapStringA
ResetEvent
BuildCommDCBW
WriteFileGather
IsBadHugeReadPtr
SetVolumeLabelA
SetHandleCount
SetStdHandle
GetProfileSectionA
SetTapeParameters
EnumResourceTypesW
ScrollConsoleScreenBufferW
GetDateFormatA
SetConsoleTitleW
GetDateFormatW
GetWindowsDirectoryW
GetCurrentThreadId
FindFirstChangeNotificationW
GetSystemTimeAsFileTime
GlobalUnlock
IsBadHugeWritePtr
_hread
GetConsoleOutputCP
GetBinaryTypeA
HeapWalk
IsValidCodePage
GetUserDefaultLangID
LockFile
GlobalLock
GetPrivateProfileSectionNamesA
FindCloseChangeNotification
GetProcessVersion
GetPrivateProfileSectionW
UnlockFileEx
OutputDebugStringW
EnumResourceLanguagesW
SetCurrentDirectoryA
GetOverlappedResult
LocalHandle
ReadFileEx
FlushFileBuffers
LoadLibraryA
SetThreadContext
ReadConsoleInputA
GenerateConsoleCtrlEvent
ExitThread
SetProcessWorkingSetSize
GlobalFlags
AreFileApisANSI
WaitCommEvent
SetLocalTime
HeapCompact
ConnectNamedPipe
SetThreadExecutionState
SetupComm
GetLogicalDriveStringsA
GetTimeFormatA
HeapLock
GlobalDeleteAtom
EraseTape
EnumResourceNamesW
GetPrivateProfileSectionNamesW
GetProcessWorkingSetSize
GetShortPathNameA
WaitForMultipleObjects
LoadLibraryW
SetConsoleCursorInfo
GetEnvironmentStrings
SetThreadPriorityBoost
QueryDosDeviceW
FreeLibrary
SetFilePointer
WriteConsoleOutputCharacterA
FatalAppExitW
PeekConsoleInputA
GetTapeParameters
WriteConsoleOutputA
SetCurrentDirectoryW
CreateDirectoryExA
FindAtomA
FatalAppExitA
LoadLibraryExW
InitAtomTable
GetTimeZoneInformation
_lwrite
SetLocaleInfoW
DefineDosDeviceA
LocalAlloc
DeleteFileW
FillConsoleOutputAttribute
GetSystemPowerStatus
MapViewOfFile
SetConsoleTextAttribute
GetHandleInformation
ReadConsoleOutputA
GlobalFix
lstrcmpiA
GetPrivateProfileIntW
GetStartupInfoA
Heap32Next
WriteConsoleA
ReadConsoleOutputW
GetCommModemStatus
GetDefaultCommConfigW
SetLastError
SetEndOfFile
GetThreadLocale
GetCurrentProcessId
lstrcpyW
LocalSize
GetCurrentProcess
SearchPathA
ReleaseMutex
GetCommandLineW
FileTimeToSystemTime
GetFileInformationByHandle
VirtualLock
GetConsoleTitleA
CreateNamedPipeW
GetEnvironmentVariableA
GetTempPathA
MoveFileExA
VirtualQueryEx
LockResource
FlushConsoleInputBuffer
LocalCompact
GetAtomNameW
TlsGetValue
_hwrite
GetProcessPriorityBoost
SetConsoleOutputCP
FindNextFileA
OpenEventW
VirtualAllocEx
lstrcatA
GetCurrentDirectoryW
SetEvent
Toolhelp32ReadProcessMemory
GetConsoleMode
LeaveCriticalSection
WriteConsoleInputA
GetLocaleInfoA
IsBadWritePtr
OpenProcess
PrepareTape
GetNumberFormatW
SetConsoleActiveScreenBuffer
SetProcessShutdownParameters
GetFileAttributesA
GetThreadContext
Thread32First
LocalLock
ReadConsoleOutputCharacterW
LocalFlags
DefineDosDeviceW
CancelDeviceWakeupRequest
SetHandleInformation
SetErrorMode
OpenFile
CreateFileA
SetLocaleInfoA
GetCompressedFileSizeW
GetMailslotInfo
VirtualQuery
HeapUnlock
DosDateTimeToFileTime
TlsAlloc
FreeResource
GlobalFindAtomW
VerLanguageNameW
GetLongPathNameW
GetFullPathNameA
SetFileAttributesW
GetLastError
DisableThreadLibraryCalls
GetFileTime
WaitForSingleObjectEx
GetCommState
GetModuleHandleW
TransactNamedPipe
EnumTimeFormatsA
Beep
MulDiv
DisconnectNamedPipe
Process32Next
FlushViewOfFile
GetDiskFreeSpaceExW
WaitNamedPipeW
ResumeThread
GetProcAddress
GetFileType
lstrcmpiW
GetProcessTimes
LCMapStringW
GlobalGetAtomNameA
GetPriorityClass
CreateMailslotA
VirtualUnlock
AddAtomW
UnmapViewOfFile
GlobalFree
SizeofResource
GetStringTypeExA
SetFileApisToANSI
HeapAlloc
WriteConsoleOutputCharacterW
EnumCalendarInfoA
WriteConsoleOutputAttribute
GlobalReAlloc
GetSystemTimeAdjustment
CreateEventW
GetNumberOfConsoleMouseButtons
MapViewOfFileEx
GetComputerNameW
VerLanguageNameA
GlobalAlloc
SetConsoleCursorPosition
TransmitCommChar
RemoveDirectoryW
AllocConsole
GetThreadPriorityBoost
CallNamedPipeW
CreateMutexW
RequestWakeupLatency
SetConsoleMode
UnhandledExceptionFilter
lstrcmpW
RemoveDirectoryA
GetThreadSelectorEntry
SetConsoleCtrlHandler
GetPrivateProfileStructA
EnumSystemCodePagesA
VirtualAlloc
GetAtomNameA
GetLocalTime
_lread
FindFirstFileA
DeleteAtom
ReadFileScatter
FindResourceExW
SetCalendarInfoW
SetMessageWaitingIndicator
WritePrivateProfileStringA
GetCalendarInfoA
GetLocaleInfoW
GetProfileSectionW
SetDefaultCommConfigA
EnumSystemLocalesA
GlobalGetAtomNameW
RequestDeviceWakeup
OutputDebugStringA
EnumSystemCodePagesW
FillConsoleOutputCharacterW
HeapFree
ClearCommError
EnterCriticalSection
SetDefaultCommConfigW
lstrcpyA
GetModuleFileNameW
GetCompressedFileSizeA
GetLargestConsoleWindowSize
MoveFileW
Module32First
CreateMailslotW
InterlockedExchangeAdd
GetExitCodeThread
IsDBCSLeadByteEx
GetDiskFreeSpaceExA
SetCommBreak
InitializeCriticalSection
CreateTapePartition
UnlockFile
FileTimeToDosDateTime
CreatePipe
ReadProcessMemory
ExpandEnvironmentStringsA
GetDefaultCommConfigA
DeviceIoControl
IsBadStringPtrA
GetPrivateProfileStringA
ClearCommBreak
GetVersion
GetSystemDefaultLangID
GetVersionExW
lstrcpynA
EndUpdateResourceA
BackupWrite
user32
MapVirtualKeyExW
TabbedTextOutA
TrackPopupMenuEx
KillTimer
AttachThreadInput
ChangeDisplaySettingsExA
GetMenuDefaultItem
GetDialogBaseUnits
CloseClipboard
DialogBoxIndirectParamA
SetWindowWord
wsprintfA
IsDlgButtonChecked
CallMsgFilterW
wsprintfW
UnloadKeyboardLayout
GetClipboardViewer
GetClassNameW
GetClipboardFormatNameW
CreateWindowExW
VkKeyScanW
SetMenuContextHelpId
SetScrollRange
InsertMenuA
CreateIconFromResourceEx
DestroyMenu
OemKeyScan
DefMDIChildProcW
GetWindowTextLengthA
GetDoubleClickTime
OemToCharBuffA
CreateWindowStationA
GetClipboardOwner
GetMenuStringW
GetKeyboardLayoutNameA
RegisterClassExW
SetClipboardViewer
SetClassLongW
MoveWindow
DefWindowProcA
GetScrollPos
LoadKeyboardLayoutW
GetParent
GetShellWindow
GetDCEx
InternalGetWindowText
CreateIcon
MsgWaitForMultipleObjects
keybd_event
SetParent
EnableScrollBar
DrawIconEx
CheckRadioButton
SetMenuItemBitmaps
CallMsgFilterA
ToUnicodeEx
SetClassLongA
GetClientRect
WindowFromDC
PostMessageA
CharToOemW
EqualRect
GetClassLongA
ChangeDisplaySettingsExW
OpenDesktopA
LoadStringW
CharNextExA
GetKeyboardLayoutNameW
AdjustWindowRectEx
GetDlgItemInt
BringWindowToTop
CallNextHookEx
DestroyAcceleratorTable
SetDlgItemTextW
SetPropA
InvalidateRect
SetWindowsHookW
IsCharUpperA
SetMenuItemInfoW
EnumDisplaySettingsA
TranslateAcceleratorW
CreateCursor
ShowCursor
GetMenu
SetSystemCursor
GetSubMenu
CountClipboardFormats
SetClassWord
CharLowerBuffW
SetWindowContextHelpId
DefDlgProcA
GetNextDlgGroupItem
GetDC
SendMessageCallbackW
HiliteMenuItem
GetKeyboardType
LoadKeyboardLayoutA
ClipCursor
IsCharLowerW
CharLowerA
GetMenuItemCount
ReplyMessage
MenuItemFromPoint
DrawFocusRect
EnumDesktopsW
EnumWindowStationsA
IsWindowEnabled
GetMessageA
ShowOwnedPopups
CascadeWindows
SetRect
OpenClipboard
WinHelpA
GetClassInfoA
GetTabbedTextExtentA
LoadMenuA
IsCharAlphaA
CharUpperBuffW
CharLowerBuffA
MapVirtualKeyW
ArrangeIconicWindows
wvsprintfA
BeginPaint
DlgDirListComboBoxA
DrawAnimatedRects
WaitMessage
UnhookWindowsHookEx
SetCursorPos
UnregisterClassA
CreateMDIWindowW
CharLowerW
ChangeMenuW
DrawTextA
RemoveMenu
PostThreadMessageW
GrayStringW
PeekMessageW
SetFocus
SetForegroundWindow
IsZoomed
IsClipboardFormatAvailable
GetInputState
DestroyCaret
GetWindowContextHelpId
GetMenuStringA
ExcludeUpdateRgn
GetMenuItemInfoA
CreateWindowStationW
DefFrameProcA
GetWindowRgn
AdjustWindowRect
DlgDirListComboBoxW
SetUserObjectInformationA
EnumChildWindows
EnumWindows
EnumDisplaySettingsW
GetWindowTextLengthW
GetClipboardData
ToAsciiEx
SetTimer
BeginDeferWindowPos
IsDialogMessageA
DrawFrameControl
DefWindowProcW
EndPaint
EnumThreadWindows
ActivateKeyboardLayout
GetWindowWord
SystemParametersInfoA
DlgDirSelectExA
TranslateMDISysAccel
GetCaretBlinkTime
CheckDlgButton
OffsetRect
GetSysColorBrush
ScrollWindowEx
GrayStringA
UpdateWindow
LoadBitmapA
SetDebugErrorLevel
CallWindowProcW
CharPrevA
UnionRect
TranslateAcceleratorA
GetDlgItemTextA
RegisterHotKey
DrawTextExA
GetKeyboardState
InvalidateRgn
DeferWindowPos
CloseDesktop
IsCharAlphaNumericW
GetMessageTime
CallWindowProcA
CreateAcceleratorTableA
DrawStateW
GetWindow
EnumPropsExW
GetMessageExtraInfo
CheckMenuRadioItem
CharUpperW
OemToCharW
DestroyIcon
LoadBitmapW
CreateMDIWindowA
SetRectEmpty
GetMenuCheckMarkDimensions
SwapMouseButton
ToAscii
PostQuitMessage
SetWindowPlacement
InvertRect
MapWindowPoints
GetCursorPos
VkKeyScanA
SendNotifyMessageW
DragDetect
GetDesktopWindow
GetMenuItemID
CreateIconIndirect
UnregisterClassW
wvsprintfW
FindWindowExW
GetWindowTextA
GetIconInfo
GetThreadDesktop
LoadIconA
RegisterClassA
GetDlgItemTextW
CreateDesktopA
GetPropW
SendNotifyMessageA
GetPropA
EnumPropsA
ShowScrollBar
WindowFromPoint
ValidateRgn
UnhookWindowsHook
DrawTextW
LookupIconIdFromDirectoryEx
GetCapture
ModifyMenuA
WinHelpW
GetClassNameA
GetDlgItem
SetWindowRgn
CharToOemBuffW
DlgDirListW
PaintDesktop
CopyImage
MapDialogRect
SendDlgItemMessageW
FindWindowExA
LoadAcceleratorsW
GetWindowDC
CharToOemA
GetClipboardFormatNameA
DeleteMenu
LoadMenuIndirectA
AppendMenuA
CharNextA
CreateDialogParamA
GetKeyState
IsWindowVisible
GetUpdateRgn
ChangeDisplaySettingsA
GetMenuContextHelpId
PostMessageW
CreatePopupMenu
RemovePropW
GetWindowTextW
FillRect
ValidateRect
LoadCursorW
EndDialog
CopyAcceleratorTableW
GetClassInfoExW
DialogBoxParamA
CharPrevExA
FlashWindow
DialogBoxIndirectParamW
DlgDirSelectComboBoxExA
GetClassInfoExA
SetDlgItemInt
GetWindowLongW
ChangeClipboardChain
LoadImageA
IsCharUpperW
MapVirtualKeyA
CreateCaret
TabbedTextOutW
HideCaret
GetPriorityClipboardFormat
EnableMenuItem
TrackPopupMenu
CharUpperBuffA
MessageBoxExA
DialogBoxParamW
ScrollDC
CopyRect
ChildWindowFromPointEx
ChangeMenuA
CreateAcceleratorTableW
DlgDirSelectExW
gdi32
GetWindowOrgEx
PtInRegion
GetPath
SelectClipRgn
CreateBitmap
GetTextCharacterExtra
ExtTextOutW
GetCharacterPlacementA
CreatePenIndirect
SetBrushOrgEx
GetBoundsRect
StartDocW
GetAspectRatioFilterEx
SetArcDirection
GetDCOrgEx
SetGraphicsMode
CreateDiscardableBitmap
GetEnhMetaFileDescriptionA
ResetDCW
CreateRectRgn
UpdateColors
EndPage
DeleteObject
CreateDCW
GetBkColor
IntersectClipRect
ColorMatchToTarget
CreateFontIndirectW
SetMetaFileBitsEx
Escape
CreateDIBPatternBrush
CreateEnhMetaFileA
CreateSolidBrush
SetPixel
GdiComment
CreatePalette
GetDeviceGammaRamp
GetCurrentObject
PolyPolyline
GetPolyFillMode
Polygon
BitBlt
MaskBlt
StrokePath
GetBrushOrgEx
SetColorSpace
SetBkMode
GetCharABCWidthsFloatA
EnumFontsW
ResizePalette
PlayMetaFile
DeleteDC
CreateColorSpaceW
GetTextCharset
SetMetaRgn
EnumEnhMetaFile
EnumFontFamiliesExW
CreateDIBPatternBrushPt
GetRegionData
CreateBrushIndirect
GetGlyphOutlineW
InvertRgn
GetWinMetaFileBits
SetMiterLimit
ModifyWorldTransform
Chord
EnumICMProfilesA
GetFontData
GetTextExtentPoint32W
DPtoLP
PlgBlt
MoveToEx
GetGlyphOutlineA
GetStretchBltMode
SetROP2
ArcTo
EnumICMProfilesW
EnumFontsA
SetWorldTransform
GetKerningPairsW
SetWinMetaFileBits
ResetDCA
SetAbortProc
TextOutA
SetPolyFillMode
StretchDIBits
GetCurrentPositionEx
GetDeviceCaps
SetBkColor
AddFontResourceW
RoundRect
GetFontLanguageInfo
SetBitmapDimensionEx
CreateScalableFontResourceW
ExtTextOutA
TranslateCharsetInfo
PolyBezier
StretchBlt
SetTextJustification
GetCharWidthA
GetEnhMetaFileBits
OffsetViewportOrgEx
CopyEnhMetaFileA
SetTextColor
LPtoDP
GetObjectA
FloodFill
SetICMMode
GetBkMode
GetTextFaceA
SetEnhMetaFileBits
GetPixelFormat
RestoreDC
EndDoc
EndPath
CreateMetaFileW
GetMapMode
BeginPath
SetViewportExtEx
SetPaletteEntries
GetClipBox
GetClipRgn
RemoveFontResourceW
GetSystemPaletteEntries
Ellipse
CreateDIBSection
ExtSelectClipRgn
ExtEscape
SwapBuffers
GetDIBits
CreateFontA
GetCharWidthW
PolyDraw
SetStretchBltMode
ScaleViewportExtEx
SetViewportOrgEx
GetTextMetricsA
GetTextAlign
CreateBitmapIndirect
AnimatePalette
DeleteColorSpace
PathToRegion
GetStockObject
GetWindowExtEx
GetMetaRgn
GdiSetBatchLimit
Arc
GetEnhMetaFileW
FrameRgn
GetCharABCWidthsA
GetViewportOrgEx
SetDIBitsToDevice
CopyEnhMetaFileW
CreatePolygonRgn
DescribePixelFormat
GetGraphicsMode
CreateFontIndirectA
GetPaletteEntries
CreateEnhMetaFileW
SetMapMode
CopyMetaFileW
SetBitmapBits
OffsetRgn
CreateICW
StartPage
GetKerningPairsA
SetICMProfileA
AbortPath
GetRasterizerCaps
GetTextExtentPointA
CreateHatchBrush
LineTo
AngleArc
GetMetaFileA
PolyTextOutA
GetEnhMetaFileDescriptionW
GetBitmapDimensionEx
StartDocA
GdiFlush
GetNearestPaletteIndex
EnumFontFamiliesA
GetCharWidth32W
DeleteEnhMetaFile
CloseFigure
StrokeAndFillPath
comdlg32
GetSaveFileNameW
ReplaceTextA
ReplaceTextW
FindTextA
PrintDlgA
ChooseColorA
ChooseColorW
GetFileTitleW
GetFileTitleA
ChooseFontA
advapi32
SetSecurityInfo
RegCreateKeyA
ChangeServiceConfigA
CryptGetUserKey
CryptDuplicateHash
CryptDestroyKey
GetSidLengthRequired
SetPrivateObjectSecurity
RegGetKeySecurity
GetSecurityDescriptorGroup
RegOpenKeyExW
CryptReleaseContext
PrivilegedServiceAuditAlarmW
GetSidIdentifierAuthority
OpenEventLogW
RegDeleteValueW
GetMultipleTrusteeA
RegEnumKeyA
GetSidSubAuthority
ReadEventLogW
CloseServiceHandle
CryptSetProviderA
FindFirstFreeAce
UnlockServiceDatabase
AdjustTokenPrivileges
CreateProcessAsUserW
RegisterEventSourceA
LookupPrivilegeDisplayNameA
CreateServiceW
GetServiceKeyNameA
GetOldestEventLogRecord
CryptSetProvParam
GetServiceKeyNameW
FreeSid
RegCreateKeyExW
CryptVerifySignatureA
BuildImpersonateTrusteeA
InitializeAcl
BuildSecurityDescriptorA
LookupSecurityDescriptorPartsA
ObjectPrivilegeAuditAlarmA
ClearEventLogA
AddAccessDeniedAce
EnumServicesStatusA
EqualPrefixSid
AddAce
BuildImpersonateExplicitAccessWithNameA
LookupAccountNameW
GetMultipleTrusteeW
CreateProcessAsUserA
OpenServiceW
SetKernelObjectSecurity
RegQueryMultipleValuesW
SetNamedSecurityInfoA
RegCreateKeyW
RegisterEventSourceW
CryptGenKey
SetTokenInformation
CryptAcquireContextW
RevertToSelf
BuildExplicitAccessWithNameW
RegLoadKeyW
GetServiceDisplayNameW
AddAuditAccessAce
RegCloseKey
SetSecurityDescriptorSacl
GetNamedSecurityInfoA
StartServiceA
ObjectDeleteAuditAlarmA
SetServiceObjectSecurity
EnumDependentServicesW
AbortSystemShutdownA
GetEffectiveRightsFromAclW
GetSecurityDescriptorDacl
CryptAcquireContextA
LogonUserA
QueryServiceConfigW
QueryServiceLockStatusW
BuildTrusteeWithSidW
RegDeleteValueA
RegEnumKeyExW
LookupAccountNameA
OpenThreadToken
SetSecurityDescriptorGroup
RegDeleteKeyW
CryptHashSessionKey
RegSaveKeyW
OpenBackupEventLogA
AddAccessAllowedAce
GetExplicitEntriesFromAclW
CryptDuplicateKey
SetSecurityDescriptorOwner
RegFlushKey
RegEnumKeyExA
GetAuditedPermissionsFromAclW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
InitiateSystemShutdownW
BuildTrusteeWithNameA
ControlService
CopySid
RegConnectRegistryA
RegQueryInfoKeyA
SetFileSecurityW
GetTokenInformation
GetUserNameW
ReportEventA
CryptDestroyHash
BackupEventLogA
SetServiceStatus
GetMultipleTrusteeOperationW
AccessCheckAndAuditAlarmW
GetSecurityInfo
CryptContextAddRef
CryptEnumProviderTypesA
ObjectPrivilegeAuditAlarmW
NotifyChangeEventLog
CryptGetDefaultProviderA
InitializeSecurityDescriptor
CreatePrivateObjectSecurity
BuildTrusteeWithNameW
GetTrusteeNameA
RegisterServiceCtrlHandlerW
DeleteService
RegSetValueA
CryptGetDefaultProviderW
ReadEventLogA
BackupEventLogW
EnumDependentServicesA
ChangeServiceConfigW
SetEntriesInAclA
AreAllAccessesGranted
CryptSignHashW
IsValidSid
LookupPrivilegeValueA
OpenSCManagerW
CryptImportKey
CreateServiceA
RegReplaceKeyA
StartServiceCtrlDispatcherA
GetKernelObjectSecurity
ReportEventW
GetEffectiveRightsFromAclA
CryptEnumProvidersW
ObjectDeleteAuditAlarmW
IsValidSecurityDescriptor
ObjectCloseAuditAlarmW
QueryServiceStatus
RegRestoreKeyW
AreAnyAccessesGranted
EnumServicesStatusW
CryptSetProviderExA
CryptGetKeyParam
ImpersonateSelf
RegUnLoadKeyW
RegQueryValueA
IsValidAcl
InitializeSid
RegSetValueW
ObjectCloseAuditAlarmA
RegUnLoadKeyA
LookupPrivilegeDisplayNameW
OpenBackupEventLogW
GetExplicitEntriesFromAclA
DuplicateToken
AccessCheckAndAuditAlarmA
RegReplaceKeyW
SetEntriesInAclW
RegSetKeySecurity
ClearEventLogW
OpenServiceA
shell32
ExtractAssociatedIconExA
SHInvokePrinterCommandA
SHGetSpecialFolderLocation
SHGetMalloc
ExtractAssociatedIconExW
SHQueryRecycleBinW
FindExecutableW
ExtractAssociatedIconW
ExtractAssociatedIconA
DoEnvironmentSubstW
DragAcceptFiles
SHGetSpecialFolderPathW
SHGetFileInfoA
SHGetDesktopFolder
SHFileOperationA
Shell_NotifyIconA
SHGetSpecialFolderPathA
DragQueryPoint
SHBrowseForFolderW
SHChangeNotify
ExtractIconExW
SHGetPathFromIDListA
DoEnvironmentSubstA
DuplicateIcon
ord179
ShellExecuteExA
DragQueryFileA
SHGetPathFromIDListW
SHGetDataFromIDListA
SHFileOperationW
CommandLineToArgvW
SHEmptyRecycleBinW
SHAddToRecentDocs
msvcrt
_initterm
_acmdln
exit
_XcptFilter
_exit
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 272KB - Virtual size: 271KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 32KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 484B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ