Static task
static1
Behavioral task
behavioral1
Sample
8a916f9c06ea7998bd90d15171c497c9a293452cd15ed044a3424f290064abf6.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
8a916f9c06ea7998bd90d15171c497c9a293452cd15ed044a3424f290064abf6.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
8a916f9c06ea7998bd90d15171c497c9a293452cd15ed044a3424f290064abf6
-
Size
1.4MB
-
MD5
9074b0d1748695139c86d680325246f5
-
SHA1
342d9af64c8a391755bd83ace6eb33b56b4ff077
-
SHA256
8a916f9c06ea7998bd90d15171c497c9a293452cd15ed044a3424f290064abf6
-
SHA512
c87729765babf39bc160fa983e2e3a922ac7234b9a818fee3b9e23e5d9f508d014345fa3488a8b4573cb3fa7c1973308540da4c4c810528597f182093eb3ab27
-
SSDEEP
24576:zhgou+3L2KWBT7pR9Yos2eyrpH+5rruFkjRqA5:zhT3ib19Raos9yrpK10A
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8a916f9c06ea7998bd90d15171c497c9a293452cd15ed044a3424f290064abf6
Files
-
8a916f9c06ea7998bd90d15171c497c9a293452cd15ed044a3424f290064abf6.exe windows:5 windows x64 arch:x64
cceeb9a24400cba78a4be3bc644accbb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
eui
?GetRuntimeClass@CSkinTab@@UEBAPEAUCRuntimeClass@@XZ
?EnableMinBtn@CRYDialogEx@@QEAAXH@Z
?EnableSizeBtn@CRYDialogEx@@QEAAXH@Z
?SetMinWindowSize@CRYDialogEx@@QEAAXHH@Z
?SetBkColor@CRYDialogEx@@QEAAXK@Z
?SetTitlePostion@CRYDialogEx@@QEAAXI@Z
?SetTitleFont@CRYDialogEx@@QEAAXPEBDII@Z
?OnInitDialog@CRYDialogEx@@MEAAHXZ
?Load@CRYImage@@QEAAHPEBDI@Z
?SetTopLeftImage@CRYDialogEx@@QEAAXI@Z
?SetTopMidImage@CRYDialogEx@@QEAAXI@Z
?SetTopRightImage@CRYDialogEx@@QEAAXI@Z
?SetCenterLeftImage@CRYDialogEx@@QEAAXI@Z
?SetCenterMidImage@CRYDialogEx@@QEAAHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?SetCenterMidImage@CRYDialogEx@@QEAAXI@Z
?SetCenterRightImage@CRYDialogEx@@QEAAXI@Z
?SetBottomLeftImage@CRYDialogEx@@QEAAXI@Z
?SetBottomMidImage@CRYDialogEx@@QEAAXI@Z
?SetBottomRightImage@CRYDialogEx@@QEAAXI@Z
??0CSkinTab@@QEAA@XZ
?SetCount@CSkinTab@@QEAAXH@Z
?SetSkin@CSkinTab@@QEAAXHIII@Z
?SetRect@CSkinTab@@QEAAXHVCRect@@@Z
?SetBitmapList@CSkinTab@@QEAAXI@Z
?SetIcon@CSkinTab@@QEAAXHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PEBD@Z
?SetTextColor@CSkinTab@@QEAAXK@Z
?SetIcon@CSkinBtn@@QEAAXV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0@Z
?SetIconRect@CSkinBtn@@QEAAXHH@Z
?EnableHotRect@CSkinBtn@@QEAAXH@Z
?SetImgAlignMode@CSkinBtn@@QEAAXH@Z
?SetColor@CSkinBtn@@QEAAXKK@Z
?GetMessageMap@CSkinTab@@MEBAPEBUAFX_MSGMAP@@XZ
??0CRYDialogEx@@QEAA@IPEAVCWnd@@@Z
??0CSkinBtn@@QEAA@XZ
??0CRYImage@@QEAA@XZ
?SetImage@CSkinBtn@@QEAAXIIII@Z
?OnTimer@CRYDialogEx@@QEAAX_K@Z
?StretchBlt@CRYImage@@QEAAHPEAVCDC@@PEAUtagRECT@@@Z
?OnEraseBkgnd@CRYDialogEx@@QEAAHPEAVCDC@@@Z
?SetButtonText@CSkinBtn@@QEAAXPEBDPEAVCFont@@UtagPOINT@@I@Z
?OnPaint@CRYDialogEx@@QEAAXXZ
?GetWorkArea@CRYDialogEx@@QEAAHPEAUtagRECT@@@Z
?IsNull@CRYImage@@QEAAHXZ
?GetWidth@CRYImage@@QEAAHXZ
?GetHeight@CRYImage@@QEAAHXZ
?TransparentBlt@CRYImage@@QEAAHPEAUHDC__@@HHHHK@Z
??1CRYHeaderCtrlEx@@UEAA@XZ
?DoDataExchange@CRYDialogEx@@MEAAXPEAVCDataExchange@@@Z
??1CRYImage@@UEAA@XZ
??1CSkinBtn@@UEAA@XZ
?OnDestroy@CRYDialogEx@@QEAAXXZ
??1CRYDialogEx@@UEAA@XZ
?EnableMoveWnd@CRYDialogEx@@QEAAXH@Z
?ReDrawCrl@CRYDialogEx@@MEAAXPEAVCDC@@@Z
?DefWindowProcA@CRYDialogEx@@MEAA_JI_K_J@Z
?DestroyWindow@CRYDialogEx@@UEAAHXZ
?SetIconText@CRYDialogEx@@QEAAPEAUHICON__@@PEAU2@PEBDK@Z
?EnableMultiLine@CHotTxtctrl@@QEAAXH@Z
??1CRYEditEx@@UEAA@XZ
??0CRYEditEx@@QEAA@XZ
??1CHotTxtctrl@@UEAA@XZ
??0CHotTxtctrl@@QEAA@XZ
??1CXPButton@@UEAA@XZ
??0CXPButton@@QEAA@XZ
?PreSubclassWindow@CSkinTab@@MEAAXXZ
?PreTranslateMessage@CSkinTab@@UEAAHPEAUtagMSG@@@Z
??1CSkinTab@@UEAA@XZ
?Attach@CRYImage@@QEAAHPEAUHBITMAP__@@@Z
?GetThisMessageMap@CRYDialogEx@@KAPEBUAFX_MSGMAP@@XZ
?EnableClsBtn@CRYDialogEx@@QEAAXH@Z
?EableAllSubWnd@CRYDialogEx@@QEAAXH@Z
?DrawDialog@CRYDialogEx@@QEAAXAEAVCDC@@@Z
?GetWorkArea2@CRYDialogEx@@QEAAHPEAUtagRECT@@@Z
?OnSize@CRYDialogEx@@QEAAXIHH@Z
??0CRYHeaderCtrlEx@@QEAA@XZ
?OnLButtonDown@CRYDialogEx@@QEAAXIVCPoint@@@Z
?SetBkImage@CRYDialogEx@@QEAAXI@Z
??1CRYProgressCtrlEx@@UEAA@XZ
??0CRYProgressCtrlEx@@QEAA@XZ
?EnableDrawCenter@CRYDialogEx@@QEAAXH@Z
??0CGroupStatic@@QEAA@XZ
??0CXPComboBox@@QEAA@XZ
??1CGroupStatic@@UEAA@XZ
??1CXPComboBox@@UEAA@XZ
dpm
?VT_UpdateInkCurve@CKeObj@@QEAAHXZ
?VT_UpdateStdVoltage@CKeObj@@QEAAHXZ
?SetChannalFireWidth@CKeObj@@QEAAHXZ
?GetMaterialPosition@CKeObj@@QEAAIXZ
?SS_UpdateLic@CDPM@@QEAAHPEBD@Z
?SS_UpdateKeyLic@CDPM@@QEAAHPEBD@Z
?ChangePrtOffset@CDPM@@QEAAXHHHH@Z
?SaveParamToDevice@CDPM@@QEAAHPEAUtag_EPROM_DATA@@@Z
?ResetInkCycleCtl@CKeObj@@QEAAXXZ
?MOV_EnableYStart@CKeObj@@QEAAXHH@Z
?CalculateXMoveModules@CKeObj@@QEAAHPEAM@Z
?PH_UpdateTemprature@CKeObj@@QEAAHXZ
?GenerateRegValReport@CKeObj@@QEAAHAEAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?SS_VerifyStagePwd@CDPM@@QEAAHPEAK@Z
?SS_ExitTryMode@CDPM@@QEAAHXZ
?SS_ActiveSystem@CDPM@@QEAAHPEAK@Z
?LoadParamFromDevice@CDPM@@QEAAHPEAUtag_EPROM_DATA@@@Z
?CarriageInSpecPosition@CKeObj@@QEAAHI@Z
?IsYSyncOccurError@CKeObj@@QEAAHXZ
?EnterIdleMode@CKeObj@@QEAAHM@Z
?ResetCarMovEmgengcy@CKeObj@@QEAAHXZ
?GetInputDevState@CKeObj@@QEAAIXZ
?GetInkException@CKeObj@@QEAAHXZ
?SetErrorOutput@CKeObj@@QEAAXH@Z
?GetCarriagePosition@CKeObj@@QEAAIXZ
?GetAxisYPosition@CKeObj@@QEAAHAEAH0H@Z
?GetCurYPosition@CKeObj@@QEAAHXZ
?GetFlashPrintState@CKeObj@@QEAAHXZ
?QueryMovIsEmgency@CKeObj@@QEAAHXZ
?SS_AssertTimeValid@CDPM@@QEAAHXZ
?GetMediaException@CKeObj@@QEAAHXZ
?GetRollMode@CKeObj@@QEAAHXZ
?SetRollOrFlatMode@CKeObj@@QEAAHH@Z
?GoProtectedPos@CKeObj@@QEAAHXZ
?IsFiberConnected@CKeObj@@QEAAHXZ
?CMH_GetModuleState@CKeObj@@QEAAIAEAI@Z
?SecurityExit@CDPM@@QEAAHXZ
?TstUVLamp@CKeObj@@QEAAXHH@Z
?BackYZeroPos@CKeObj@@QEAAHPEAH@Z
?DeviceIsConnected@CKeObj@@QEAAHXZ
?ConnectDevice@CKeObj@@QEAAHPEAXHPEBD@Z
?GetCappingState@CKeObj@@QEAAHXZ
?CheckHomePosition@CKeObj@@QEAAHXZ
?GetMotionState@CKeObj@@QEAAIXZ
?GetExtKeyState@CKeObj@@QEAAHAEAG@Z
?CMH_SetDetectorPos@CKeObj@@QEAAHH@Z
?SetMsgHandle@CDPM@@QEAAXPEAUHWND__@@KP6AXHH@Z@Z
?GenerateAdjFile@CDPM@@QEAAHAEAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@IHIH@Z
?PrintPHStatus@CDPM@@QEAAHHHH@Z
?GetCurOutputArea@CDPM@@QEAAMPEAM@Z
?GetCompletePrintArea@CDPM@@QEAAMPEAM@Z
?GetLastError@CDPM@@QEAAHXZ
?GetPrintParameter@CDPM@@QEAAXPEAUtag_PRINT_PARAM@@@Z
?CMH_GetCarVMHPos@CKeObj@@QEAAMXZ
?PrintTask@CDPM@@QEAAHPEAUtag_PRINT_TASKITEM@@@Z
??0CDPM@@QEAA@XZ
??1CDPM@@UEAA@XZ
?MeasureMaterial@CKeObj@@QEAAHPEAUtag_MATERIAL_INFO@@HH@Z
?StopPrint@CDPM@@QEAAXXZ
?Initialize@CDPM@@QEAAHPEBDIHPEAUtag_PrintHeadOpt@@P6APEADI@Z@Z
?SetRicohVoltageOffset@CKeObj@@QEAAXPEAUtag_WaveVolAdjLKT@@@Z
?SetPhGrayMode@CKeObj@@QEAAHIHH@Z
?ShoveInk@CKeObj@@QEAAHPEAHH@Z
?EnableInkSupply@CKeObj@@QEAAXHI@Z
?SetFlashPrint@CKeObj@@QEAAXH@Z
?EnableRollMode@CKeObj@@QEAAXH@Z
?IsFirstPowerOn@CKeObj@@QEAAHXZ
?CarriageIsInHome@CKeObj@@QEAAHH@Z
?VT_RefreshData@CKeObj@@QEAAHXZ
?GetCurPrinterInfo@CDPM@@QEAAPEAUtag_Printer_Info@@XZ
?ResetUvOrigin@CKeObj@@QEAAHXZ
?ResetMecOrigin@CKeObj@@QEAAHXZ
?ResetCarriage@CKeObj@@QEAAHXZ
?ResetXMotionEncoder@CKeObj@@QEAAHXZ
?SetPrintParameter@CDPM@@QEAAHPEAUtag_PRINT_PARAM@@H@Z
?SS_GetLicSecInfo@CDPM@@QEAAPEAUtag_LIC_SEC_INFO@@XZ
?CMH_CarVHMovDest@CKeObj@@QEAAHPEAHM@Z
?CalMovMaxRange@CKeObj@@QEAAMIPEAH@Z
?CleanHead@CKeObj@@QEAAHPEAHHI@Z
?ExtDoCaping@CKeObj@@QEAAHHPEAH@Z
?CMH_CarMoveTo@CKeObj@@QEAAHMPEAH@Z
?MoveCMVToSpecialPos@CKeObj@@QEAAHHHHHPEAH@Z
?CMH_CarVHBackZero@CKeObj@@QEAAHPEAH@Z
?CMH_AutoDetected@CKeObj@@QEAAHPEAHH@Z
?ManualMove@CKeObj@@QEAAHIHIIII@Z
?ManualStopMove@CKeObj@@QEAAXIH@Z
?GetMotionSwitchState@CKeObj@@QEAAIXZ
?CarInPrintHeigtht@CKeObj@@QEAAHXZ
?CheckCapingHeightIsSecurity@CKeObj@@QEAAHXZ
?SetShoveInk@CKeObj@@QEAAHHIPEAH@Z
?IsWorkReady@CKeObj@@QEAAHXZ
?Pause@CDPM@@QEAAXXZ
?Continue@CDPM@@QEAAXXZ
?GetPrintStatus@CDPM@@QEAAHXZ
?GetCurrentParameter@CDPM@@QEAAPEAUtag_PRINT_PARAM@@XZ
?CalculateYMoveModules@CKeObj@@QEAAHPEAM@Z
dsrc
?InsertRsp@CRipManager@@QEAAPEAUtag_RIPITEM@@PEBDH@Z
?GetDataSize@CImgDataSrc@@QEAA_JXZ
?GetImageRipItem@CImgDataSrc@@QEAAPEAUtag_RIPITEM@@XZ
?GetLineData@CImgDataSrc@@QEAAHPEAEHHH@Z
??0CImgDataSrc@@QEAA@XZ
?Init@CImgDataSrc@@QEAAXPEAD@Z
?OpenImg@CImgDataSrc@@QEAAHPEADI@Z
?GetImageInfo@CImgDataSrc@@QEAAPEAUtag_PRT_IMAGE_INFO@@XZ
?Close@CImgDataSrc@@QEAAXXZ
?GetRipItemBySignature@CRipManager@@QEAAPEAUtag_RIPITEM@@I@Z
?SetSystemEncDPI@CImgDataSrc@@QEAAXM@Z
?GetRipMan@CImgDataSrc@@QEAAPEAVCRipManager@@XZ
?GetRipItemCount@CRipManager@@QEAAHXZ
?GetRipItemByIndex@CRipManager@@QEAAPEAUtag_RIPITEM@@H@Z
??1CImgDataSrc@@QEAA@XZ
mfc100
ord409
ord4108
ord12938
ord265
ord2538
ord12679
ord305
ord5035
ord266
ord1905
ord12427
ord957
ord2441
ord7033
ord4743
ord4050
ord4034
ord411
ord12974
ord5769
ord2018
ord10961
ord12936
ord4162
ord12752
ord7539
ord1266
ord876
ord5871
ord4895
ord11470
ord10840
ord10871
ord9145
ord7063
ord3934
ord10867
ord10859
ord5031
ord3288
ord13107
ord13110
ord13108
ord13111
ord13106
ord13109
ord6868
ord11099
ord12808
ord10609
ord13700
ord1709
ord6823
ord11489
ord3477
ord3535
ord8182
ord12925
ord6806
ord12927
ord11107
ord11106
ord2116
ord4555
ord13393
ord11410
ord7213
ord7286
ord12758
ord3991
ord10984
ord12955
ord2725
ord6580
ord9095
ord982
ord262
ord11100
ord12872
ord11472
ord11473
ord12311
ord1951
ord1863
ord5963
ord2652
ord10593
ord1236
ord2452
ord11633
ord2540
ord848
ord2426
ord4123
ord956
ord5406
ord3480
ord410
ord2676
ord3071
ord445
ord12930
ord11062
ord1477
ord12932
ord7576
ord3961
ord307
ord311
ord1986
ord896
ord2435
ord324
ord990
ord5617
ord5094
ord7924
ord3603
ord12098
ord6364
ord10745
ord4188
ord354
ord8017
ord2284
ord5886
ord10711
ord7141
ord9947
ord9950
ord8291
ord8306
ord8296
ord8726
ord8730
ord8308
ord9803
ord9207
ord7727
ord7717
ord10391
ord9807
ord7805
ord9828
ord8789
ord8790
ord914
ord2485
ord12764
ord6575
ord2138
ord1458
ord6368
ord10746
ord918
ord2037
ord12358
ord11775
ord405
ord5586
ord4687
ord4689
ord11331
ord5835
ord2733
ord1222
ord2561
ord3660
ord1767
ord7873
ord4808
ord4810
ord1217
ord5819
ord2726
ord2839
ord1202
ord319
ord12377
ord2524
ord1165
ord1245
ord1262
ord2217
ord729
ord857
ord872
ord3359
ord8249
ord6619
ord12725
ord3464
ord11770
ord7534
ord3804
ord6576
ord8133
ord3235
ord5558
ord2658
ord12433
ord357
ord8250
ord3254
ord906
ord5550
ord7920
ord2655
ord3600
ord7561
ord2526
ord3303
ord4738
ord5616
ord7923
ord2683
ord3602
ord7562
ord2527
ord3305
ord12906
ord2345
ord6012
ord2677
ord6374
ord3142
ord3242
ord6090
ord963
ord421
ord8004
ord5045
ord12135
ord8028
ord2168
ord3843
ord10799
ord10704
ord7056
ord2669
ord7222
ord4273
ord4274
ord5237
ord11035
ord1502
ord12144
ord5050
ord12142
ord5049
ord10089
ord5066
ord7640
ord10445
ord10440
ord4561
ord3280
ord3932
ord10153
ord9118
ord6435
ord10725
ord1862
ord5361
ord4186
ord12004
ord11776
ord4106
ord3550
ord12716
ord6790
ord11919
ord12319
ord6439
ord11579
ord5552
ord5073
ord9700
ord7832
ord11565
ord4999
ord3481
ord416
ord5857
ord5224
ord7930
ord2748
ord2846
ord3617
ord1249
ord12681
ord4811
ord11846
ord3143
ord6116
ord5326
ord10728
ord7925
ord3604
ord12096
ord4971
ord5298
ord7589
ord6440
ord1415
ord2684
ord4393
ord5845
ord9870
ord9981
ord9717
ord7695
ord8056
ord7964
ord2545
ord11065
ord11650
ord10872
ord9445
ord2309
ord6347
ord3697
ord6565
ord1239
ord851
ord5848
ord8045
ord9687
ord2744
ord3089
ord3103
ord11057
ord9225
ord13604
ord3083
ord3330
ord12624
ord12622
ord3317
ord3291
ord4278
ord11749
ord2295
ord1508
ord3476
ord3523
ord3524
ord6791
ord4888
ord4829
ord12724
ord12717
ord3556
ord12366
ord12635
ord12647
ord7177
ord4739
ord3153
ord3136
ord6115
ord6775
ord2808
ord3302
ord4746
ord7071
ord6062
ord5003
ord10964
ord2440
ord955
ord2028
ord2022
ord2024
ord7283
ord4340
ord2530
ord856
ord10602
ord11005
ord3990
ord7190
ord4341
ord11125
ord11147
ord2454
ord1244
ord4308
ord11465
ord1179
ord749
ord341
ord3729
ord1953
ord6417
ord8977
ord1969
ord4858
ord905
ord6046
ord6380
ord6387
ord946
ord5580
ord1291
ord6581
ord9141
ord5892
ord12333
ord10546
ord3554
ord310
ord12334
ord340
ord904
ord3980
ord5876
ord1270
ord776
ord1188
ord11622
ord11807
ord7622
ord7194
ord2666
ord300
ord362
ord337
ord11620
ord11621
ord3299
ord921
ord902
ord3597
ord2653
ord7918
ord5543
ord4185
ord5002
ord11605
ord2136
ord5829
ord5542
ord5813
ord1461
ord1457
ord6706
ord3152
ord3243
ord3150
ord6060
ord1831
ord1865
ord3270
ord6896
ord3835
ord12503
ord7628
ord11312
ord11953
ord1241
ord3614
ord2745
ord5321
ord12185
ord2354
ord7927
ord10841
ord5236
ord8000
ord5849
ord883
ord2137
ord12680
ord6697
ord12500
ord2342
ord12597
ord7038
ord12722
ord3246
ord3155
ord3156
ord1294
ord4190
ord1872
ord4189
ord2140
ord3346
ord7563
ord3605
ord5634
ord5540
ord5589
ord5596
ord3313
ord4124
ord1426
ord1948
ord1895
msvcr100
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__getmainargs
_amsg_exit
_onexit
_lock
__dllonexit
_unlock
memset
memcpy
atof
atoi
atol
?terminate@@YAXXZ
strncmp
strstr
__CxxFrameHandler3
strncpy
pow
ceil
memmove_s
free
malloc
__C_specific_handler
_time64
srand
_setmbcp
rand
_localtime64_s
memcpy_s
kernel32
FindFirstFileA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
DecodePointer
EncodePointer
CopyFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
UnmapViewOfFile
EnterCriticalSection
FindClose
FindNextFileA
GlobalLock
GlobalUnlock
GetSystemTime
GlobalFree
GlobalAlloc
GetFileTime
lstrcpyA
ResetEvent
SetEvent
CreateEventA
ResumeThread
SetThreadPriority
ActivateActCtx
DeactivateActCtx
SetLastError
GetModuleHandleA
Beep
lstrcmpiA
WaitForSingleObject
LeaveCriticalSection
CreateFileMappingA
OutputDebugStringA
Sleep
CloseHandle
MapViewOfFile
OpenFileMappingA
GetProcAddress
LoadLibraryA
FreeLibrary
GetLastError
CreateMutexA
GetTickCount
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetTempPathA
DeleteFileA
SetFileAttributesA
DeleteCriticalSection
WinExec
GetSystemDefaultLangID
GetModuleFileNameA
InitializeCriticalSection
user32
LoadIconA
DrawFrameControl
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
IsWindowVisible
EnableScrollBar
SetCapture
ShowScrollBar
SetRect
ReleaseCapture
GetSystemMetrics
SetForegroundWindow
GetLastActivePopup
ShowWindow
IsIconic
GetPropA
GetWindow
GetDesktopWindow
LoadImageA
GetAsyncKeyState
MessageBeep
DrawIcon
DeleteMenu
GetMenuItemCount
SendMessageA
GetSystemMenu
RedrawWindow
SetTimer
KillTimer
LoadBitmapW
PostThreadMessageA
LoadIconW
LoadCursorA
AnimateWindow
SetCursor
CopyRect
PtInRect
SetRectEmpty
FillRect
CheckMenuItem
LoadBitmapA
GetKeyState
IsRectEmpty
IntersectRect
DrawEdge
GetSysColor
SetActiveWindow
SetWindowPos
PeekMessageA
PostQuitMessage
ClipCursor
GetParent
GetWindowRect
LoadMenuW
ModifyMenuA
GetSubMenu
EnableMenuItem
AppendMenuA
CreatePopupMenu
GetClassNameA
GetWindowLongA
GetForegroundWindow
EnumChildWindows
GetDlgCtrlID
SetWindowTextA
EnableWindow
PostMessageA
GetClientRect
gdi32
CreateFontA
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
BitBlt
CreateSolidBrush
CreateBitmap
CreateDCA
GetStockObject
SelectObject
CreatePatternBrush
StretchBlt
DeleteObject
GetObjectA
CreateRoundRectRgn
FillRgn
FrameRgn
SetBitmapBits
CreatePen
shell32
DragQueryPoint
DragQueryFileA
DragFinish
DragAcceptFiles
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
ole32
CoLockObjectExternal
oleaut32
RegisterActiveObject
RevokeActiveObject
wsock32
gethostbyname
WSAStartup
listen
getpeername
Sections
.text Size: 431KB - Virtual size: 430KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 239KB - Virtual size: 239KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 62KB - Virtual size: 70.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 127KB - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 540KB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ