Static task
static1
Behavioral task
behavioral1
Sample
de3b7120b3500eddd909d2553d573fdd_JaffaCakes118.exe
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral2
Sample
de3b7120b3500eddd909d2553d573fdd_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
de3b7120b3500eddd909d2553d573fdd_JaffaCakes118
-
Size
340KB
-
MD5
de3b7120b3500eddd909d2553d573fdd
-
SHA1
e4cd1b18b09b13c8b624d5becb1bdfaea8cabb58
-
SHA256
2ec3c14674338a5d16389e85e879b8cca7bb6894aa3b321c48e9876ee8a82860
-
SHA512
748ba03b391e4958abddeeeaf6bb9f04d2c8be6615c83ff40593d188ab32359596de8fb6d85227ebf770941776a98602ab8af57dd38f4113d67dc43137f8d614
-
SSDEEP
6144:Zn5gqFyJWMbbVVqhjn6mefTZsx5/DOzNens+99F+QiFp9b44mmQ2OXqtN3xZSjNc:ZpFcHVVqd6meLZsWzAseMJb4tm9OXqbN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource de3b7120b3500eddd909d2553d573fdd_JaffaCakes118
Files
-
de3b7120b3500eddd909d2553d573fdd_JaffaCakes118.exe windows:4 windows x86 arch:x86
c0500fd9e1a5e39ab0c51f2035b97c73
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetPrivateProfileIntA
GetProcessPriorityBoost
FindCloseChangeNotification
MapViewOfFileEx
GetFileAttributesExA
GetBinaryTypeW
ExitProcess
SuspendThread
GetFileAttributesExW
SetCalendarInfoW
GetCurrentProcessId
SetHandleCount
OpenEventA
GetModuleFileNameA
_lopen
EnumSystemLocalesA
LocalAlloc
GetThreadTimes
TransmitCommChar
GenerateConsoleCtrlEvent
VirtualUnlock
lstrcatW
GetNamedPipeHandleStateW
WriteConsoleInputW
ReadFileEx
GlobalCompact
GetCommandLineA
FindAtomW
WaitForSingleObject
GetCommTimeouts
SetFileApisToANSI
WaitNamedPipeA
EnumResourceNamesA
GlobalReAlloc
FileTimeToDosDateTime
SetLocaleInfoW
EscapeCommFunction
CreateDirectoryExW
GetSystemTimeAdjustment
MoveFileW
InitializeCriticalSection
Beep
GetPrivateProfileIntW
CreateProcessA
UpdateResourceW
BackupSeek
GetTapeParameters
LCMapStringA
SystemTimeToFileTime
EnumTimeFormatsW
FormatMessageA
ReleaseSemaphore
GetDevicePowerState
EnumCalendarInfoW
GlobalAddAtomW
lstrcmpiA
GetWindowsDirectoryA
SetProcessShutdownParameters
FoldStringA
BuildCommDCBAndTimeoutsA
CreateSemaphoreW
VirtualAllocEx
ConnectNamedPipe
GetCurrentDirectoryW
EnumSystemCodePagesA
GetStringTypeA
CompareFileTime
FillConsoleOutputAttribute
SetThreadLocale
GetShortPathNameA
TlsGetValue
CreateDirectoryW
WaitForMultipleObjects
GetTempFileNameA
ExpandEnvironmentStringsA
GetDiskFreeSpaceExA
SetTimeZoneInformation
GetThreadLocale
GetSystemDirectoryA
GetNumberOfConsoleMouseButtons
FindResourceA
lstrcmpW
GetVersion
FindFirstChangeNotificationW
LoadLibraryA
GetProcessHeaps
SearchPathA
GetStringTypeExA
IsBadStringPtrW
CreateThread
GetProcessTimes
GetSystemDefaultLCID
Heap32ListNext
SetProcessAffinityMask
InterlockedExchange
SetConsoleTitleA
GetEnvironmentVariableA
SetConsoleScreenBufferSize
IsBadHugeWritePtr
LockFileEx
SetSystemTimeAdjustment
GetProfileSectionW
SetComputerNameA
ExitThread
SetFileTime
GetNumberFormatW
CreateFileMappingW
GetEnvironmentStrings
LocalFree
SetPriorityClass
HeapValidate
WaitForDebugEvent
FileTimeToSystemTime
WriteFileGather
VirtualFreeEx
LockFile
GlobalFix
SetCommConfig
GetModuleHandleW
InitAtomTable
IsBadHugeReadPtr
OpenEventW
DeleteFileA
ReadFileScatter
GetConsoleOutputCP
_hread
FindResourceExA
SetEnvironmentVariableW
GetCPInfoExA
GetPriorityClass
EnumTimeFormatsA
GetLogicalDriveStringsA
GetSystemDefaultLangID
DisableThreadLibraryCalls
CommConfigDialogA
SetConsoleActiveScreenBuffer
ReadConsoleOutputW
ContinueDebugEvent
ScrollConsoleScreenBufferA
GetNumberFormatA
GetSystemTime
lstrcpyA
GetLocaleInfoA
OutputDebugStringA
_lcreat
QueryPerformanceFrequency
CreateNamedPipeA
GetPrivateProfileStringW
GetConsoleTitleW
FindFirstFileA
LocalSize
QueryDosDeviceA
_hwrite
WaitCommEvent
CreateDirectoryExA
RemoveDirectoryW
EndUpdateResourceW
FlushConsoleInputBuffer
GetFileSize
ScrollConsoleScreenBufferW
GetCommMask
GlobalLock
OpenProcess
SetCalendarInfoA
RequestWakeupLatency
PurgeComm
GetLongPathNameA
FoldStringW
GetCommandLineW
CreateFileMappingA
FormatMessageW
ReadConsoleOutputA
GetStartupInfoW
GetThreadSelectorEntry
SetFileAttributesA
OpenFile
LocalHandle
IsDBCSLeadByte
WriteProfileStringW
GlobalMemoryStatus
_lclose
UpdateResourceA
GetSystemPowerStatus
Process32Next
GetStartupInfoA
FindNextFileW
QueryPerformanceCounter
AddAtomA
PeekConsoleInputW
CommConfigDialogW
GetComputerNameA
InterlockedDecrement
GetLocalTime
PeekConsoleInputA
ReadConsoleOutputAttribute
GetProcessShutdownParameters
GetThreadPriorityBoost
SetFileApisToOEM
GlobalGetAtomNameW
VirtualLock
GetDiskFreeSpaceA
WriteProcessMemory
DebugActiveProcess
WriteConsoleOutputW
GetDiskFreeSpaceExW
GetStdHandle
ReadConsoleInputA
ResetWriteWatch
SetConsoleMode
FindResourceW
GetPrivateProfileSectionNamesA
GetFullPathNameW
GetDefaultCommConfigA
GetFileInformationByHandle
OpenMutexA
CreateToolhelp32Snapshot
CompareStringW
IsValidLocale
IsBadStringPtrA
OpenFileMappingW
EnumSystemLocalesW
GetTapeStatus
EnterCriticalSection
IsValidCodePage
LoadModule
FreeEnvironmentStringsW
EnumResourceNamesW
ReadProcessMemory
GetShortPathNameW
GetCurrentDirectoryA
LoadLibraryW
GetProfileSectionA
GetSystemDirectoryW
SetConsoleTextAttribute
SetConsoleOutputCP
GetProcessVersion
GetTimeFormatW
SetNamedPipeHandleState
GetConsoleCP
ResetEvent
ResumeThread
GetNumberOfConsoleInputEvents
WriteConsoleA
GetProcAddress
SetConsoleTitleW
GlobalDeleteAtom
GetConsoleTitleA
GetFileAttributesW
GetNamedPipeHandleStateA
GetTimeZoneInformation
GetWriteWatch
SetStdHandle
LocalLock
CancelDeviceWakeupRequest
GetTapePosition
SetTapeParameters
GetNamedPipeInfo
GetLargestConsoleWindowSize
GetCPInfoExW
FindFirstChangeNotificationA
GetSystemInfo
EnumDateFormatsW
DisconnectNamedPipe
IsDBCSLeadByteEx
EraseTape
SetSystemTime
IsBadWritePtr
SetEndOfFile
SetupComm
SetCurrentDirectoryW
CallNamedPipeW
LeaveCriticalSection
GetQueuedCompletionStatus
CreateIoCompletionPort
AddAtomW
GlobalAddAtomA
GetModuleHandleA
QueryDosDeviceW
GetCommProperties
GetPrivateProfileSectionNamesW
GlobalGetAtomNameA
Toolhelp32ReadProcessMemory
CreateMutexA
UnmapViewOfFile
lstrlenA
SetCommBreak
GetTickCount
DefineDosDeviceW
CallNamedPipeA
SetProcessWorkingSetSize
SetThreadPriority
lstrcmpA
GetPrivateProfileSectionA
WriteConsoleW
GlobalFree
lstrlenW
ReadConsoleInputW
lstrcatA
CreateProcessW
lstrcpynA
DosDateTimeToFileTime
BeginUpdateResourceA
VirtualProtect
CancelIo
VerLanguageNameW
WriteProfileSectionA
HeapUnlock
DuplicateHandle
WriteFile
GetCompressedFileSizeW
PrepareTape
SetCurrentDirectoryA
EnumResourceTypesW
GetCurrentThread
GetCurrentThreadId
DeleteCriticalSection
SetConsoleCursorInfo
GetExitCodeThread
IsSystemResumeAutomatic
GetProcessWorkingSetSize
SetUnhandledExceptionFilter
SetMessageWaitingIndicator
AreFileApisANSI
SetErrorMode
GetStringTypeExW
TlsSetValue
SetEnvironmentVariableA
GetPrivateProfileStructW
VirtualQuery
_lread
FatalExit
GlobalFindAtomW
SetThreadAffinityMask
EnumResourceTypesA
GetExitCodeProcess
FindAtomA
RemoveDirectoryA
MoveFileExW
GetProfileStringW
SetVolumeLabelW
TerminateThread
TlsAlloc
SetFilePointer
DeviceIoControl
BackupWrite
GetSystemTimeAsFileTime
ClearCommBreak
LoadLibraryExA
GetTimeFormatA
GetAtomNameA
HeapDestroy
Sleep
WinExec
BuildCommDCBW
SetThreadContext
GetLogicalDrives
CloseHandle
DefineDosDeviceA
WriteProfileSectionW
HeapWalk
IsBadReadPtr
GetVersionExA
user32
VkKeyScanW
GetClassInfoA
IsCharAlphaA
GetUpdateRect
ReleaseCapture
SetWindowWord
IsWindowVisible
RegisterClipboardFormatW
DlgDirListComboBoxA
GetClassNameW
GetMessagePos
ChangeDisplaySettingsW
GetMenuItemRect
SetWindowTextA
GetScrollRange
GetWindowLongW
GetShellWindow
LoadCursorW
EnumDesktopsW
SetPropW
GetIconInfo
FlashWindow
GetWindowTextLengthW
CharUpperBuffA
GetCursor
SetScrollRange
GetDlgItemTextA
CopyRect
IsDlgButtonChecked
LoadMenuIndirectW
GetMenuContextHelpId
PostMessageA
SetTimer
DefWindowProcW
ToAsciiEx
CreateDesktopW
GetTabbedTextExtentA
GetMessageW
IsWindow
LoadAcceleratorsA
GetClassLongA
CharLowerBuffW
EnumDesktopWindows
CreateWindowExW
SetWindowLongA
DlgDirSelectExW
InsertMenuItemW
PeekMessageA
DestroyCursor
CreateWindowStationA
GrayStringA
CreateIconFromResource
SetActiveWindow
SetUserObjectSecurity
GetClassWord
SetMenu
SetCapture
IntersectRect
LockWindowUpdate
SetMenuDefaultItem
InSendMessage
SetLastErrorEx
FindWindowExW
SetWindowsHookExW
OpenWindowStationW
LoadIconA
SetCaretBlinkTime
IsIconic
CharPrevW
SetDlgItemTextW
LoadMenuIndirectA
TranslateAcceleratorW
RemoveMenu
ChangeMenuA
MessageBoxExA
OffsetRect
IsChild
GetTopWindow
RegisterClassW
CharNextExA
OemToCharA
FindWindowA
RegisterWindowMessageA
GetDesktopWindow
TabbedTextOutA
GetMenuDefaultItem
GetQueueStatus
ValidateRgn
ExitWindowsEx
DrawIconEx
CreateCaret
DialogBoxParamW
GetNextDlgTabItem
CheckDlgButton
DispatchMessageW
SetDoubleClickTime
GetDlgItemTextW
PostThreadMessageA
LoadImageA
OemKeyScan
CharPrevExA
LoadKeyboardLayoutW
AdjustWindowRectEx
LoadAcceleratorsW
TabbedTextOutW
LoadStringW
DefDlgProcA
CallNextHookEx
GetCaretBlinkTime
GetMenuStringW
DlgDirSelectComboBoxExW
GetWindow
DrawIcon
EndPaint
IsCharUpperA
GetMenuState
DlgDirListComboBoxW
FrameRect
WinHelpW
TranslateAcceleratorA
GetClipCursor
TrackPopupMenuEx
AdjustWindowRect
IsRectEmpty
SetWindowLongW
DialogBoxIndirectParamA
LoadKeyboardLayoutA
CharLowerW
SendNotifyMessageW
GetPropW
RegisterClassExW
SetMenuItemBitmaps
IsCharAlphaNumericA
DefFrameProcW
UnregisterHotKey
UnregisterClassW
CreateAcceleratorTableW
VkKeyScanA
LoadBitmapW
SetClassWord
GetProcessWindowStation
TranslateMessage
GetWindowThreadProcessId
ToUnicode
SetSystemCursor
OpenClipboard
SetMenuItemInfoA
MapVirtualKeyExW
DrawMenuBar
MessageBoxIndirectA
GetMenu
AppendMenuA
EnumWindowStationsW
DestroyIcon
SetClassLongA
WaitMessage
IsCharAlphaNumericW
CreateIcon
InvertRect
CloseDesktop
GetKeyboardState
CloseClipboard
CharLowerA
EnableMenuItem
MapVirtualKeyA
SendNotifyMessageA
SendDlgItemMessageA
EndDialog
CopyIcon
AnyPopup
DefDlgProcW
UnhookWindowsHookEx
DlgDirSelectComboBoxExA
GetWindowWord
GetDialogBaseUnits
EnumThreadWindows
GetClassNameA
DialogBoxIndirectParamW
SendMessageW
InflateRect
CreateMDIWindowA
GetClientRect
SendMessageCallbackA
SendMessageTimeoutA
PtInRect
DrawFocusRect
PostMessageW
GetMenuItemID
ActivateKeyboardLayout
SetWindowPlacement
InsertMenuItemA
GetWindowRgn
GetNextDlgGroupItem
CreateIconFromResourceEx
GetMessageTime
LoadBitmapA
SubtractRect
RegisterClassA
CascadeWindows
ReleaseDC
OpenDesktopW
DestroyCaret
SetCursorPos
SendMessageTimeoutW
GetSysColor
ModifyMenuA
UnregisterClassA
LoadMenuA
TrackPopupMenu
IsDialogMessageW
EnumDesktopsA
MsgWaitForMultipleObjectsEx
EnumDisplaySettingsA
GetMessageExtraInfo
ChangeClipboardChain
GetKBCodePage
IsWindowEnabled
keybd_event
CreateDialogIndirectParamW
WindowFromPoint
CheckMenuRadioItem
EnumPropsExW
SendDlgItemMessageW
ChangeMenuW
mouse_event
ToAscii
BringWindowToTop
RegisterWindowMessageW
CallWindowProcW
ChangeDisplaySettingsExW
ChangeDisplaySettingsExA
ReplyMessage
GetLastActivePopup
LoadCursorFromFileA
EnumDisplaySettingsW
CharToOemBuffW
MessageBoxW
HiliteMenuItem
DrawTextA
RegisterClassExA
InvalidateRect
CreateDesktopA
ToUnicodeEx
SetWindowPos
ScreenToClient
GetMenuItemInfoW
OemToCharW
GetCursorPos
IsCharAlphaW
CreateMDIWindowW
InsertMenuA
MapDialogRect
ModifyMenuW
EnableScrollBar
GetMenuItemInfoA
EnumWindowStationsA
IsDialogMessageA
GetKeyboardLayout
FindWindowW
ChildWindowFromPointEx
WaitForInputIdle
RegisterClipboardFormatA
GetAsyncKeyState
ScrollWindowEx
ShowWindowAsync
GetWindowPlacement
GetParent
SetParent
VkKeyScanExA
DragObject
AppendMenuW
CharToOemW
ValidateRect
SetClipboardData
ClipCursor
RegisterHotKey
GetKeyboardLayoutNameW
SetDebugErrorLevel
ExcludeUpdateRgn
GetFocus
UnloadKeyboardLayout
SystemParametersInfoW
GetKeyboardLayoutNameA
IsWindowUnicode
LookupIconIdFromDirectory
CloseWindowStation
SetUserObjectInformationW
CharUpperW
DefWindowProcA
ScrollDC
UnionRect
BeginDeferWindowPos
SetMenuContextHelpId
SetWindowRgn
GetSystemMetrics
gdi32
RemoveFontResourceW
CreateCompatibleBitmap
GetCharacterPlacementW
GetFontData
AnimatePalette
RemoveFontResourceA
SetPaletteEntries
DeleteMetaFile
DeleteDC
CreateFontIndirectW
GetTextCharacterExtra
SetPixel
Polyline
TextOutA
AngleArc
ExtSelectClipRgn
GetRegionData
FlattenPath
CreateFontA
GetWorldTransform
CopyEnhMetaFileW
SetEnhMetaFileBits
GetArcDirection
GetOutlineTextMetricsW
PlayMetaFile
CreateColorSpaceW
GdiGetBatchLimit
RectInRegion
LPtoDP
GetTextCharsetInfo
UpdateICMRegKeyW
GetEnhMetaFileDescriptionW
GetEnhMetaFileA
GetEnhMetaFileBits
CreateCompatibleDC
SetStretchBltMode
DPtoLP
SetPixelFormat
GetEnhMetaFileHeader
GetEnhMetaFileW
ScaleWindowExtEx
GetClipBox
SetBoundsRect
GetEnhMetaFilePaletteEntries
ExtCreateRegion
FillPath
SelectPalette
CreateFontIndirectA
GetColorAdjustment
SwapBuffers
GetGraphicsMode
AbortPath
SetRectRgn
ExtEscape
SetSystemPaletteUse
OffsetWindowOrgEx
GetBrushOrgEx
PolylineTo
CreateScalableFontResourceA
DescribePixelFormat
GetTextExtentPoint32W
SetBrushOrgEx
GetBkMode
SetPolyFillMode
GetCharABCWidthsW
LineTo
EnumICMProfilesA
CreatePen
CreateSolidBrush
WidenPath
CreateICA
StartDocA
GetDCOrgEx
PtVisible
CreatePolygonRgn
SetBkColor
RealizePalette
ExtCreatePen
CreateRectRgn
GetMiterLimit
GetFontLanguageInfo
GetROP2
ModifyWorldTransform
GetTextCharset
CreateDIBitmap
GetTextMetricsW
OffsetClipRgn
GetPath
SetDIBColorTable
GetTextAlign
DeleteObject
PolyTextOutW
ArcTo
FloodFill
CreateDCA
RestoreDC
CreateBitmap
IntersectClipRect
SetAbortProc
GetNearestPaletteIndex
UpdateColors
EnumFontFamiliesExA
CreatePalette
GetAspectRatioFilterEx
GetCharWidth32W
TranslateCharsetInfo
SetMapperFlags
GetCharABCWidthsFloatW
GetCurrentObject
SetWindowExtEx
TextOutW
GetCharWidthFloatW
CreateMetaFileW
SetMetaRgn
GetTextColor
InvertRgn
EnumFontFamiliesW
Ellipse
GetRgnBox
SetICMProfileW
GetCharABCWidthsFloatA
GetTextExtentPointA
GetWindowExtEx
GetCurrentPositionEx
CreateColorSpaceA
AddFontResourceW
SetROP2
PlayEnhMetaFile
SetTextCharacterExtra
CheckColorsInGamut
CreateFontW
GetObjectW
Pie
SetArcDirection
CreateRectRgnIndirect
SetDeviceGammaRamp
CreateDIBPatternBrush
SetTextJustification
EnumICMProfilesW
GetBitmapBits
DrawEscape
GetICMProfileA
GetRasterizerCaps
SetICMProfileA
CreateMetaFileA
Polygon
BitBlt
CreateEllipticRgn
EndPath
SetMiterLimit
GetGlyphOutlineW
GetPolyFillMode
SetDIBitsToDevice
PolyBezierTo
PolyPolyline
SetTextColor
CreateEnhMetaFileW
PolyPolygon
GetBitmapDimensionEx
CreateICW
PlayMetaFileRecord
GetMetaFileW
GetPixel
CreatePenIndirect
DeleteColorSpace
GetTextExtentExPointW
CreatePatternBrush
ResetDCA
CreateEllipticRgnIndirect
GetCharWidthW
OffsetRgn
EndPage
GetRandomRgn
CombineTransform
GetMapMode
EnumMetaFile
EnumEnhMetaFile
GetDeviceGammaRamp
SetDIBits
SetBitmapBits
GetCharWidthA
ResetDCW
GdiComment
EqualRgn
comdlg32
PageSetupDlgW
GetOpenFileNameW
PrintDlgA
ChooseFontA
FindTextA
GetSaveFileNameW
advapi32
AllocateAndInitializeSid
ReportEventW
CryptSignHashA
LookupPrivilegeValueW
AddAccessAllowedAce
AddAccessDeniedAce
RegGetKeySecurity
GetAce
EqualSid
RegSetKeySecurity
GetAuditedPermissionsFromAclA
CryptReleaseContext
QueryServiceLockStatusW
RegSaveKeyA
GetServiceKeyNameW
CryptGetDefaultProviderA
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
CryptEncrypt
RegRestoreKeyA
GetTrusteeNameA
CryptAcquireContextA
RegisterServiceCtrlHandlerW
GetFileSecurityA
CryptEnumProviderTypesA
BackupEventLogW
DeleteAce
GetEffectiveRightsFromAclW
EqualPrefixSid
StartServiceW
GetSecurityDescriptorControl
LookupPrivilegeDisplayNameA
CryptSignHashW
UnlockServiceDatabase
CreateProcessAsUserW
CryptDuplicateHash
InitializeSid
RegCreateKeyExW
FreeSid
CloseServiceHandle
RegQueryMultipleValuesW
RegQueryValueW
NotifyBootConfigStatus
RegQueryValueExA
GetSidLengthRequired
RegEnumKeyW
RegSetValueExA
SetKernelObjectSecurity
GetOldestEventLogRecord
ControlService
GetExplicitEntriesFromAclA
SetNamedSecurityInfoW
CryptGetUserKey
ObjectDeleteAuditAlarmA
RegSetValueExW
RegDeleteKeyW
RegOpenKeyW
StartServiceA
StartServiceCtrlDispatcherA
RegFlushKey
LookupAccountNameW
RegCloseKey
CryptSetProviderW
CryptEnumProvidersA
RegRestoreKeyW
FindFirstFreeAce
RevertToSelf
RegOpenKeyExA
CryptVerifySignatureW
LogonUserA
GetTrusteeTypeW
GetServiceDisplayNameW
LookupPrivilegeNameA
GetTrusteeNameW
LookupPrivilegeNameW
RegConnectRegistryA
RegNotifyChangeKeyValue
OpenSCManagerW
AccessCheckAndAuditAlarmW
SetAclInformation
OpenSCManagerA
GetNumberOfEventLogRecords
RegSetValueW
RegDeleteValueW
CryptGetDefaultProviderW
QueryServiceStatus
RegLoadKeyA
AddAce
ChangeServiceConfigW
PrivilegeCheck
InitializeAcl
CryptGetHashParam
LookupPrivilegeDisplayNameW
RegEnumValueW
SetTokenInformation
LookupAccountSidW
DuplicateTokenEx
LookupSecurityDescriptorPartsW
GetSecurityDescriptorGroup
CryptCreateHash
LookupSecurityDescriptorPartsA
CryptSetProviderExA
OpenProcessToken
PrivilegedServiceAuditAlarmA
GetAclInformation
ClearEventLogW
GetMultipleTrusteeOperationA
SetSecurityDescriptorGroup
BackupEventLogA
RegQueryValueA
CryptDestroyHash
OpenEventLogA
CloseEventLog
BuildSecurityDescriptorA
MapGenericMask
SetSecurityInfo
SetSecurityDescriptorOwner
RegDeleteValueA
BuildImpersonateTrusteeW
CryptGenKey
RegUnLoadKeyA
ReadEventLogA
LookupAccountNameA
RegisterEventSourceA
OpenBackupEventLogW
ImpersonateNamedPipeClient
ReportEventA
AbortSystemShutdownA
ObjectOpenAuditAlarmA
ObjectPrivilegeAuditAlarmA
GetSecurityDescriptorDacl
CryptContextAddRef
RegQueryMultipleValuesA
GetSecurityInfo
StartServiceCtrlDispatcherW
CryptSetHashParam
RegEnumKeyA
GetTrusteeTypeA
SetThreadToken
GetServiceDisplayNameA
SetEntriesInAclW
RegEnumValueA
CryptImportKey
GetSidSubAuthorityCount
CryptSetProviderExW
GetMultipleTrusteeA
LogonUserW
CreateServiceA
GetPrivateObjectSecurity
ChangeServiceConfigA
GetAuditedPermissionsFromAclW
RegEnumKeyExA
GetSidSubAuthority
RegConnectRegistryW
NotifyChangeEventLog
shell32
SHAppBarMessage
CommandLineToArgvW
SHGetDataFromIDListW
FindExecutableW
DuplicateIcon
SHQueryRecycleBinW
DoEnvironmentSubstA
SHGetPathFromIDListA
ShellAboutA
ShellExecuteA
SHGetInstanceExplorer
DoEnvironmentSubstW
DragQueryFileA
ExtractAssociatedIconExA
SHGetMalloc
SHAddToRecentDocs
Shell_NotifyIconA
DragQueryFileW
DragAcceptFiles
SHInvokePrinterCommandA
SHGetPathFromIDListW
ShellExecuteExA
SHEmptyRecycleBinW
ExtractIconA
DragFinish
ord179
ExtractAssociatedIconW
SHGetFileInfoA
msvcrt
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 280KB - Virtual size: 279KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ