ProcessHacker.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c97b7fd07ee51e2e4d536269ca8c1dfb_JaffaCakes118.exe
Resource
win7-20240704-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
c97b7fd07ee51e2e4d536269ca8c1dfb_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
5 signatures
150 seconds
General
-
Target
c97b7fd07ee51e2e4d536269ca8c1dfb_JaffaCakes118
-
Size
3.9MB
-
MD5
c97b7fd07ee51e2e4d536269ca8c1dfb
-
SHA1
69827617d547509dea45c3634d370211fa51bbf8
-
SHA256
df499a859f0ae11f21f0b66306e63337bed8a2d8dd37b2e00ea4046a31737c9a
-
SHA512
28e2e31bfcf14476696c035714eb2813146d078e999b17f7517fc72593c4f47f02f0ff099321b901ad6e5439630e1e534efd1e60599ee68b03a6a8ffa14df9df
-
SSDEEP
49152:VaNOI1970jTXUg1k9XYfotOmrrE4bOC8rW7ZllB:sBbE4x3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c97b7fd07ee51e2e4d536269ca8c1dfb_JaffaCakes118
Files
-
c97b7fd07ee51e2e4d536269ca8c1dfb_JaffaCakes118.exe windows:6 windows x86 arch:x86
dfe1dbb9869fc727d35193a27f53cd65
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntdll
NtSetInformationToken
RtlFreeSid
NtPowerInformation
NtTestAlert
NtOpenThreadToken
RtlSecondsSince1980ToTime
RtlTimeToSecondsSince1980
NtIsProcessInJob
RtlAddAccessAllowedAce
RtlCreateAcl
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlSubAuthoritySid
RtlInitializeSid
NtReplyWaitReceivePort
NtCompleteConnectPort
NtAcceptConnectPort
NtCreatePort
RtlSelfRelativeToAbsoluteSD2
RtlValidRelativeSecurityDescriptor
RtlLengthRequiredSid
RtlValidSid
RtlAbsoluteToSelfRelativeSD
RtlLengthSid
NtRequestWaitReplyPort
NtConnectPort
NtCreateSection
RtlQueryElevationFlags
NtDeleteKey
NtQueryTimer
NtCancelTimer
NtQuerySemaphore
NtReleaseSemaphore
RtlSubAuthorityCountSid
RtlInterlockedPopEntrySList
NtDelayExecution
NtAllocateVirtualMemory
RtlUpcaseUnicodeChar
RtlMultiByteToUnicodeN
RtlMultiByteToUnicodeSize
RtlUnicodeToMultiByteN
RtlUnicodeToMultiByteSize
RtlCreateUserThread
RtlReAllocateHeap
RtlNtStatusToDosError
LdrLoadDll
LdrUnloadDll
LdrAccessResource
LdrFindResource_U
NtCreateDirectoryObject
RtlFreeUnicodeString
RtlStringFromGUID
RtlGUIDFromString
RtlLcidToLocaleName
NtSetHighEventPair
RtlDestroyProcessParameters
RtlCreateUserProcess
RtlExpandEnvironmentStrings_U
RtlGetFullPathName_U
RtlGetFullPathName_UEx
RtlDosPathNameToNtPathName_U_WithStatus
RtlFindMessage
RtlRandomEx
RtlTimeToTimeFields
RtlTimeFieldsToTime
RtlGetDaclSecurityDescriptor
RtlAddAce
RtlGetAce
NtDuplicateToken
NtFilterToken
RtlCreateTimerQueue
RtlGetVersion
NtFlushBuffersFile
NtQueryInformationFile
NtSetInformationFile
NtLockFile
NtUnlockFile
NtGetContextThread
NtCreateKeyedEvent
NtReleaseKeyedEvent
NtWaitForKeyedEvent
NtOpenSection
NtSetSecurityObject
NtQuerySecurityObject
NtOpenDirectoryObject
NtQueryDirectoryObject
NtOpenSymbolicLinkObject
NtQuerySymbolicLinkObject
NtOpenProcess
NtTerminateProcess
NtOpenThread
NtQueueApcThread
NtQueryInformationJobObject
NtCreateFile
NtCreateNamedPipeFile
NtOpenFile
NtQueryDirectoryFile
NtQueryEaFile
NtSetEaFile
NtFsControlFile
NtQueryAttributesFile
NtQueryFullAttributesFile
NtUnloadDriver
NtCreateKey
NtOpenKey
NtDeleteValueKey
NtQueryKey
NtQueryValueKey
NtSetValueKey
NtEnumerateKey
NtEnumerateValueKey
NtLoadKeyEx
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlSetEnvironmentVariable
RtlQueryEnvironmentVariable_U
RtlCreateQueryDebugBuffer
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
RtlConvertSidToUnicodeString
RtlGetUnloadEventTraceEx
NtOpenProcessToken
NtAdjustGroupsToken
NtSetInformationObject
NtDeviceIoControlFile
NtClearEvent
NtQueryObject
NtCreateSemaphore
NtCreateTimer
NtSetTimer
NtAlertThread
RtlValidSecurityDescriptor
RtlLengthSecurityDescriptor
RtlGetControlSecurityDescriptor
RtlSetControlSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlGetOwnerSecurityDescriptor
RtlSetGroupSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlMapGenericMask
RtlNtStatusToDosErrorNoTeb
RtlUnwind
NtSetLowEventPair
NtQueryEvent
NtPulseEvent
NtResetEvent
RtlIpv6AddressToStringW
RtlIpv4AddressToStringW
RtlFirstEntrySList
NtQueryInformationToken
RtlInterlockedFlushSList
RtlInterlockedPushEntrySList
RtlInitializeSListHead
RtlSecondsSince1970ToTime
RtlFreeHeap
RtlAllocateHeap
RtlDestroyHeap
RtlCreateHeap
NtQueryVirtualMemory
NtProtectVirtualMemory
NtSetSystemInformation
NtWriteVirtualMemory
NtAdjustPrivilegesToken
RtlEqualSid
RtlSetCurrentDirectory_U
RtlExitUserProcess
NtOpenMutant
NtCreateMutant
NtSystemDebugControl
NtTerminateJobObject
NtAssignProcessToJobObject
NtQueryVolumeInformationFile
NtQueryMutant
NtQuerySection
NtMapViewOfSection
NtGetNextProcess
RtlDeleteTimer
RtlUpdateTimer
RtlCreateTimer
RtlSetHeapInformation
RtlDeleteCriticalSection
RtlInitializeCriticalSection
NtQueryPerformanceCounter
RtlDetermineDosPathNameType_U
RtlLeaveCriticalSection
RtlEnterCriticalSection
NtAlpcQueryInformation
NtWriteFile
NtReadFile
NtWaitForMultipleObjects
NtReadVirtualMemory
NtSetEvent
NtCreateEvent
NtQueryInformationThread
NtQuerySystemInformation
RtlRaiseStatus
NtInitiatePowerAction
NtSetInformationDebugObject
NtRemoveProcessDebug
NtSetInformationThread
NtResumeThread
NtSuspendThread
NtTerminateThread
NtSetInformationProcess
NtQueryInformationProcess
NtResumeProcess
NtSuspendProcess
NtClose
NtWaitForSingleObject
NtDuplicateObject
NtUnmapViewOfSection
NtFreeVirtualMemory
RtlCreateProcessParameters
NtShutdownSystem
kernel32
SetEndOfFile
FlushFileBuffers
HeapQueryInformation
HeapSize
HeapReAlloc
SetEnvironmentVariableW
GetCommandLineW
GetCommandLineA
FindNextFileW
FindFirstFileExW
FindClose
SetStdHandle
DecodePointer
GetOEMCP
GetACP
IsValidCodePage
GetCPInfo
GetStringTypeW
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
OutputDebugStringW
GetCurrentThread
HeapValidate
ExitProcess
GetConsoleOutputCP
WriteFile
ReadConsoleW
GetConsoleMode
ReadFile
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
TlsFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
GetModuleFileNameW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetProcessHeap
HeapFree
HeapAlloc
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
IsDebuggerPresent
GetCurrentThreadId
LoadLibraryExA
GetProcAddress
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
CloseHandle
GlobalSize
LocalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
GetNumberFormatW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
LoadLibraryExW
CreateProcessW
SearchPathW
RtlCaptureStackBackTrace
SetLastError
GetComputerNameW
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
TlsGetValue
TlsAlloc
LoadLibraryW
FreeLibrary
SetProcessShutdownParameters
TlsSetValue
GetConsoleWindow
SetConsoleCtrlHandler
FreeConsole
AllocConsole
LocalFree
GetLastError
CreateFileW
Exports
Exports
PhAddComboBoxStrings
PhAddElementAvlTree
PhAddEntryHashtable
PhAddEntryHashtableEx
PhAddItemArray
PhAddItemList
PhAddItemPointerList
PhAddItemSimpleHashtable
PhAddItemsArray
PhAddItemsList
PhAddJsonArrayObject
PhAddJsonObject
PhAddLayoutItem
PhAddLayoutItemEx
PhAddListViewColumn
PhAddListViewGroup
PhAddListViewGroupItem
PhAddListViewItem
PhAddSetting
PhAddSettings
PhAddTabControlTab
PhAdjustRectangleToBounds
PhAdjustRectangleToWorkingArea
PhAllocate
PhAllocateExSafe
PhAllocateFromFreeList
PhAllocatePage
PhAllocateSafe
PhAppResolverGetAppIdForWindow
PhAppendBytesBuilder
PhAppendBytesBuilder2
PhAppendBytesBuilderEx
PhAppendCharStringBuilder
PhAppendCharStringBuilder2
PhAppendFormatStringBuilder
PhAppendFormatStringBuilder_V
PhAppendStringBuilder
PhAppendStringBuilder2
PhAppendStringBuilderEx
PhApplicationFont
PhAutoDereferenceObject
PhBoostProvider
PhBufferToHexString
PhBufferToHexStringEx
PhCenterRectangle
PhCenterWindow
PhClearArray
PhClearCacheDirectory
PhClearCircularBuffer_FLOAT
PhClearCircularBuffer_PVOID
PhClearCircularBuffer_ULONG
PhClearCircularBuffer_ULONG64
PhClearHashtable
PhClearIgnoredSettings
PhClearList
PhCompareStringRef
PhCompareStringZNatural
PhCompareUnicodeStringZIgnoreMenuPrefix
PhConcatStringRef2
PhConcatStringRef3
PhConcatStrings
PhConcatStrings2
PhConcatStrings_V
PhConnectPipe
PhConvertIgnoredSettings
PhConvertMultiByteToUtf16
PhConvertMultiByteToUtf16Ex
PhConvertUtf16ToAsciiEx
PhConvertUtf16ToMultiByte
PhConvertUtf16ToMultiByteEx
PhConvertUtf16ToUtf8
PhConvertUtf16ToUtf8Buffer
PhConvertUtf16ToUtf8Ex
PhConvertUtf16ToUtf8Size
PhConvertUtf8ToUtf16
PhConvertUtf8ToUtf16Buffer
PhConvertUtf8ToUtf16Ex
PhConvertUtf8ToUtf16Size
PhCopyBytesZ
PhCopyCircularBuffer_FLOAT
PhCopyCircularBuffer_PVOID
PhCopyCircularBuffer_ULONG
PhCopyCircularBuffer_ULONG64
PhCopyStringZ
PhCopyStringZFromBytes
PhCopyStringZFromMultiByte
PhCountStringZ
PhCreateAlloc
PhCreateBytes
PhCreateBytesEx
PhCreateCacheFile
PhCreateDirectory
PhCreateEMenu
PhCreateEMenuItem
PhCreateFile
PhCreateFileStream
PhCreateFileStream2
PhCreateFileWin32
PhCreateFileWin32Ex
PhCreateHashtable
PhCreateJsonArray
PhCreateJsonObject
PhCreateJsonParser
PhCreateKey
PhCreateList
PhCreateNamedPipe
PhCreateObject
PhCreateObjectType
PhCreateObjectTypeEx
PhCreateOpenFileDialog
PhCreatePipe
PhCreatePointerList
PhCreateProcess
PhCreateProcessAsUser
PhCreateProcessWin32
PhCreateProcessWin32Ex
PhCreateSaveFileDialog
PhCreateSecurityPage
PhCreateSimpleHashtable
PhCreateString
PhCreateStringEx
PhCreateSymbolProvider
PhCreateThread
PhCreateThread2
PhCreateThreadEx
PhCreateXmlNode
PhCreateXmlOpaqueNode
PhDecodeUnicodeDecoder
PhDelayExecution
PhDeleteArray
PhDeleteAutoPool
PhDeleteBytesBuilder
PhDeleteCacheFile
PhDeleteCallback
PhDeleteCircularBuffer_FLOAT
PhDeleteCircularBuffer_PVOID
PhDeleteCircularBuffer_ULONG
PhDeleteCircularBuffer_ULONG64
PhDeleteDirectory
PhDeleteFastLock
PhDeleteFileWin32
PhDeleteFreeList
PhDeleteGraphState
PhDeleteImageVersionInfo
PhDeleteLayoutManager
PhDeleteProviderThread
PhDeleteStringBuilder
PhDeleteWorkQueue
PhDereferenceObject
PhDereferenceObjectDeferDelete
PhDereferenceObjectEx
PhDereferenceObjects
PhDestroyEMenu
PhDestroyEMenuItem
PhDetermineDosPathNameType
PhDisconnectNamedPipe
PhDivideSinglesBySingle
PhDnsFree
PhDnsQuery
PhDnsQuery2
PhDoesFileExists
PhDoesFileExistsWin32
PhDosErrorToNtStatus
PhDrainAutoPool
PhDrawGraphDirect
PhDrawTrayIconText
PhDuplicateBytesZ
PhDuplicateBytesZSafe
PhDuplicateStringZ
PhEditSecurity
PhEllipsisString
PhEllipsisStringPath
PhEncodeUnicode
PhEnumAvlTree
PhEnumChildWindows
PhEnumDirectoryFile
PhEnumDirectoryObjects
PhEnumFileStreams
PhEnumGenericModules
PhEnumHandles
PhEnumHandlesEx
PhEnumHandlesEx2
PhEnumHashtable
PhEnumKernelModules
PhEnumObjectTypes
PhEnumPagefiles
PhEnumPointerListEx
PhEnumProcessEnvironmentVariables
PhEnumProcessModules
PhEnumProcessModules32
PhEnumProcessModules32Ex
PhEnumProcessModulesEx
PhEnumProcesses
PhEnumProcessesEx
PhEnumProcessesForSession
PhEnumServices
PhEnumWindows
PhEnumerateKey
PhEnumerateValueKey
PhEqualStringRef
PhEscapeCommandLinePart
PhEscapeStringForMenuPrefix
PhExpandEnvironmentStrings
PhExponentiate
PhExponentiate64
PhExtractIcon
PhExtractIconEx
PhFillMemoryUlong
PhFinalArrayItems
PhFinalBytesBuilderBytes
PhFinalHash
PhFinalStringBuilderString
PhFindCharInStringRef
PhFindEMenuItem
PhFindElementAvlTree
PhFindEntryHashtable
PhFindIntegerSiKeyValuePairs
PhFindItemList
PhFindItemPointerList
PhFindItemSimpleHashtable
PhFindLastCharInStringRef
PhFindListViewItemByFlags
PhFindListViewItemByParam
PhFindLoaderEntry
PhFindProcessInformation
PhFindProcessInformationByImageName
PhFindStringInStringRef
PhFindStringSiKeyValuePairs
PhFlushFileStream
PhFormat
PhFormatBytes
PhFormatBytes_V
PhFormatDate
PhFormatDateTime
PhFormatDecimal
PhFormatGuid
PhFormatImageVersionInfo
PhFormatNativeKeyName
PhFormatSize
PhFormatString
PhFormatString_V
PhFormatTime
PhFormatTimeSpan
PhFormatTimeSpanRelative
PhFormatToBuffer
PhFormatUInt64
PhFree
PhFreeFileDialog
PhFreeJsonParser
PhFreePage
PhFreeToFreeList
PhFreeXmlObject
PhGenerateGuid
PhGenerateGuidFromName
PhGenerateRandomAlphaString
PhGetAccessEntries
PhGetAccessString
PhGetApplicationDirectory
PhGetApplicationFileName
PhGetBaseDirectory
PhGetBaseName
PhGetClassObject
PhGetComboBoxString
PhGetDialogItemValue
PhGetDllFileName
PhGetDllHandle
PhGetDrawInfoGraphBuffers
PhGetEnabledProvider
PhGetEtwPublisherName
PhGetFileDialogFileName
PhGetFileDialogFilterIndex
PhGetFileDialogOptions
PhGetFileName
PhGetFilePosition
PhGetFileShellIcon
PhGetFileSize
PhGetFileVersionFixedInfo
PhGetFileVersionInfo
PhGetFileVersionInfoLangCodePage
PhGetFileVersionInfoString
PhGetFileVersionInfoString2
PhGetFullPath
PhGetGenericTreeNewLines
PhGetGlobalTimerQueue
PhGetGlobalWorkQueue
PhGetHandleInformation
PhGetHandleInformationEx
PhGetIntegerPairSetting
PhGetIntegerSetting
PhGetJobProcessIdList
PhGetJsonArrayIndexObject
PhGetJsonArrayLength
PhGetJsonArrayLong64
PhGetJsonArrayString
PhGetJsonObject
PhGetJsonObjectAsArrayList
PhGetJsonObjectBool
PhGetJsonObjectLength
PhGetJsonObjectType
PhGetJsonValueAsLong64
PhGetJsonValueAsString
PhGetKernelFileName
PhGetKnownLocation
PhGetLineFromAddress
PhGetListBoxString
PhGetListViewItemImageIndex
PhGetListViewItemParam
PhGetListViewItemText
PhGetMappedImageCfg
PhGetMappedImageCfgEntry
PhGetMappedImageExportFunction
PhGetMappedImageExports
PhGetMappedImageLoadConfig32
PhGetMappedImageLoadConfig64
PhGetMessage
PhGetModuleFromAddress
PhGetModuleProcAddress
PhGetNamedPipeClientComputerName
PhGetNamedPipeClientProcessId
PhGetNamedPipeServerProcessId
PhGetNtMessage
PhGetObjectSecurity
PhGetObjectType
PhGetObjectTypeInformation
PhGetOpaqueXmlNodeText
PhGetOwnTokenAttributes
PhGetPositionFileStream
PhGetPrimeNumber
PhGetProcedureAddress
PhGetProcedureAddressRemote
PhGetProcessCommandLine
PhGetProcessDepStatus
PhGetProcessDeviceMap
PhGetProcessEnvironment
PhGetProcessImageFileName
PhGetProcessImageFileNameByProcessId
PhGetProcessImageFileNameWin32
PhGetProcessIsDotNet
PhGetProcessIsDotNetEx
PhGetProcessMappedFileName
PhGetProcessPebString
PhGetProcessUnloadedDlls
PhGetProcessWindowTitle
PhGetProcessWorkingSetInformation
PhGetProcessWsCounters
PhGetScalableIntegerPairSetting
PhGetSeObjectSecurity
PhGetSelectedListViewItemParam
PhGetSelectedListViewItemParams
PhGetServiceConfig
PhGetServiceDelayedAutoStart
PhGetServiceDescription
PhGetServiceDllParameter
PhGetServiceErrorControlInteger
PhGetServiceErrorControlString
PhGetServiceNameFromTag
PhGetServiceStartTypeInteger
PhGetServiceStartTypeString
PhGetServiceStateString
PhGetServiceTypeInteger
PhGetServiceTypeString
PhGetSidFullName
PhGetStatusMessage
PhGetStockApplicationIcon
PhGetStringSetting
PhGetSymbolFromAddress
PhGetSymbolFromName
PhGetSystemDirectory
PhGetSystemRoot
PhGetThreadServiceTag
PhGetTokenGroups
PhGetTokenIntegrityLevel
PhGetTokenIntegrityLevelRID
PhGetTokenOwner
PhGetTokenPrimaryGroup
PhGetTokenPrivileges
PhGetTokenUser
PhGetTreeNewText
PhGetWin32Message
PhGetWindowContext
PhGetWindowText
PhGetWindowTextEx
PhGetXmlNodeAttributeByIndex
PhGetXmlNodeAttributeCount
PhGetXmlNodeAttributeText
PhGetXmlNodeElementText
PhGetXmlNodeFirstChild
PhGetXmlNodeNextChild
PhGlobalDpi
PhGraphStateGetDrawInfo
PhHashBytes
PhHashStringRef
PhHexStringToBuffer
PhHexStringToBufferEx
PhHttpDnsQuery
PhHttpSocketAddRequestHeaders
PhHttpSocketBeginRequest
PhHttpSocketConnect
PhHttpSocketCreate
PhHttpSocketDestroy
PhHttpSocketDownloadString
PhHttpSocketEndRequest
PhHttpSocketGetErrorMessage
PhHttpSocketParseUrl
PhHttpSocketQueryHeaderString
PhHttpSocketQueryHeaderUlong
PhHttpSocketQueryHeaders
PhHttpSocketQueryOptionString
PhHttpSocketReadData
PhHttpSocketReadDataToBuffer
PhHttpSocketSendRequest
PhHttpSocketSetCredentials
PhHttpSocketSetFeature
PhHttpSocketSetSecurity
PhHttpSocketWriteData
PhHungWindowFromGhostWindow
PhIconToBitmap
PhImpersonateClientOfNamedPipe
PhIndexOfEMenuItem
PhInitializeArray
PhInitializeAutoPool
PhInitializeAvlTree
PhInitializeBytesBuilder
PhInitializeCallback
PhInitializeCircularBuffer_FLOAT
PhInitializeCircularBuffer_PVOID
PhInitializeCircularBuffer_ULONG
PhInitializeCircularBuffer_ULONG64
PhInitializeFastLock
PhInitializeFreeList
PhInitializeGraphState
PhInitializeHash
PhInitializeImageVersionInfo
PhInitializeLayoutManager
PhInitializeMappedImage
PhInitializeProviderThread
PhInitializeStringBuilder
PhInitializeThemeWindowHeader
PhInitializeWindowTheme
PhInitializeWindowThemeRebar
PhInitializeWindowThemeStatusBar
PhInitializeWorkQueue
PhInitializeWorkQueueEnvironment
PhInsertEMenuItem
PhInsertItemList
PhInsertItemsList
PhInsertStringBuilder
PhInsertStringBuilder2
PhInsertStringBuilderEx
PhIntegerToString64
PhInvokeCallback
PhIsExecutablePacked
PhIsExecutingInWow64
PhLargeIntegerToLocalSystemTime
PhLargeIntegerToSystemTime
PhLayoutManagerLayout
PhListenNamedPipe
PhLoadAppKey
PhLoadIcon
PhLoadIndirectString
PhLoadListViewColumnSettings
PhLoadListViewColumnsFromSetting
PhLoadListViewGroupStatesFromSetting
PhLoadListViewSortColumnsFromSetting
PhLoadMappedImage
PhLoadMappedImageEx
PhLoadModuleSymbolProvider
PhLoadModulesForProcessSymbolProvider
PhLoadResource
PhLoadResourceEMenuItem
PhLoadSettings
PhLoadWindowPlacementFromSetting
PhLoadXmlObjectFromFile
PhLocalTimeToSystemTime
PhLockFileStream
PhLookupName
PhLookupPrivilegeDisplayName
PhLookupPrivilegeName
PhLookupPrivilegeValue
PhLookupSid
PhLowerBoundElementAvlTree
PhLowerDualBoundElementAvlTree
PhMainWndHandle
PhMapFlags1
PhMapFlags2
PhMappedImageRvaToVa
PhMatchWildcards
PhMaximumElementAvlTree
PhMinimumElementAvlTree
PhModalPropertySheet
PhModifyEMenuItem
PhNtStatusFileNotFound
PhNtStatusToDosError
PhOpenKey
PhOpenLsaPolicy
PhOpenProcess
PhOpenProcessToken
PhOpenService
PhOpenThread
PhOpenThreadProcess
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 677KB - Virtual size: 676KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 30KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.giats Size: 512B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 265B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 252KB - Virtual size: 251KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 112KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ